Summary: | sys-fs/cryptsetup-1.1.0 fails tests as it reads/writes /dev/ (sandbox blocks) | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Patrick Lauer <patrick> |
Component: | New packages | Assignee: | Gentoo's Team for Core System packages <base-system> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | kanelxake |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Patrick Lauer
2010-02-20 12:03:38 UTC
I get this on my base system (hardened toolchain, not hardened kernel) as well. Portage 2.2_rc63 (hardened/linux/amd64/10.0, gcc-4.4.3, glibc-2.11-r1, 2.6.32-gentoo-r6 x86_64) ================================================================= System uname: Linux-2.6.32-gentoo-r6-x86_64-Intel-R-_Core-TM-_i7_CPU_920_@_2.67GHz-with-gentoo-2.0.1 Timestamp of tree: Tue, 23 Feb 2010 02:00:01 +0000 ccache version 2.4 [disabled] app-shells/bash: 4.1_p2 dev-java/java-config: 2.1.10 dev-lang/python: 2.6.4-r1, 3.1.1-r1 dev-python/pycrypto: 2.1.0 dev-util/ccache: 2.4-r8 dev-util/cmake: 2.8.0-r1 sys-apps/baselayout: 2.0.1 sys-apps/openrc: 0.6.0-r1 sys-apps/sandbox: 2.2 sys-devel/autoconf: 2.13, 2.65 sys-devel/automake: 1.9.6-r3, 1.10.3, 1.11.1 sys-devel/binutils: 2.20 sys-devel/gcc: 4.4.3-r1 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.32 ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="*" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=native -O2 -pipe -ggdb -mtune=native -floop-interchange -floop-strip-mine -floop-block" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/splash /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-march=native -O2 -pipe -ggdb -mtune=native -floop-interchange -floop-strip-mine -floop-block" DISTDIR="/var/portage/distfiles" FEATURES="assume-digests distlocks fixpackages metadata-transfer news parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict test unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://ftp.sunet.se/pub/os/Linux/distributions/gentoo" LANG="sv_SE.UTF-8" LDFLAGS="-Wl,--as-needed -Wl,-O1 -Wl,--sort-common -Wl,--warn-once,--hash-style=gnu" LINGUAS="sv" MAKEOPTS="-j15 -l10" PKGDIR="/var/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/var/portage" PORTDIR_OVERLAY="/var/overlays/layman/java-overlay /var/overlays/layman/hardened-development /var/overlays/layman/gnome /var/overlays/layman/x11 /var/overlays/mine" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="X a52 aac accessibility acl acpi alsa amd64 amr amrnb amrwb applet archive avahi bash-completion bluetooth branding bzip2 cairo ccache cdaudio cdda cdr cleartype cli consolekit cracklib crypt cups cxx dbus device-mapper devicekit devkit dhcpcd digitalradio dirac djvu dmraid dri dts dvd dvdr dvi eds encode eselect evo exif faac faad fat fbcondecor ffmpeg fftw flac fontconfig fuse gdbm gdm gdu gif gimp glib gmp gnome gnome-keyring gnutls gphoto2 gpm grammar graphite gsf gsm gstreamer gtk gudev hal hardened ical iconv iconvacl icu id3tag idn ieee1394 iptc jabber java6 jingle jpeg jpeg2k justify kate kvm lcms libffi libnotify libsamplerate logrotate lvm lzma mad maps math matroska mdadm mktemp mms mmx mmxext mng moonlight mp2 mp3 mpeg mpi msn mtp mudflap multilib musepack musicbrainz nautilus ncurses network-cron networkmanager nfs nls nptl nptlonly ntfs offensive ogg openal opencore-amr opengl openmp openntpd ots pam pango parted pcre pdf perl pic pidgin png policykit pppd pulseaudio python quicktime raw readline reflection rrdcgi samba sensord session smp sms speex spell spl sse sse2 ssl ssse3 startup-notification subversion svg sysfs test tex theora thesaurus threads tiff totem truetype udev unicode upnp urandom usb userlocales v4l v4l2 vdpau vhook videos vim-syntax vorbis webkit wmf x264 xcb xcomposite xmp xmpp xorg xrandr xscreensaver xulrunner xv xvid xvmc zeroconf zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="sv" QEMU_SOFTMMU_TARGETS="i386 x86_64" QEMU_USER_TARGETS="i386 x86_64" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="nouveau nvidia" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS This is related to root vs. user. For portage FEATURES="userpriv usersandbox" and it emerges. This also holds true for the source itself, if you do "./configure && make && sudo make check" in a clean source tree it will fail, but if you remove "sudo" it will pass. (In reply to comment #2) > This is related to root vs. user. > > For portage FEATURES="userpriv usersandbox" and it emerges. > > This also holds true for the source itself, if you do "./configure && make && > sudo make check" in a clean source tree it will fail, but if you remove "sudo" > it will pass. > Or rather it skip those tests that fails. FEATURES="-sandbox" is the deal. Seems like sandbox prevents it from accessing /dev/loop[56] which the tests is hardcoded to use. It also prevents access to /dev/mapper/control. This is understandable as cryptsetup do test what it is supposed to do. But the question is if we want to allow this kind of device-node-mockery in portage, or if we should somehow skip all tests except align-test which seems to pass fine. the tests only run as root ... it doesnt "skip failures" |