Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 315615

Summary: sys-apps/portage should warn/abort when make.conf is unreadable
Product: Portage Development Reporter: Jimmy.Jazz
Component: Core - ConfigurationAssignee: Portage team <dev-portage>
Status: RESOLVED FIXED    
Severity: normal CC: esigra
Priority: High Keywords: InVCS
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 335925    

Description Jimmy.Jazz 2010-04-16 15:11:42 UTC
If I understand this correctly, when using 'userpriv' in make.conf, ebuild lowers the access level right to portage user.
But some ebuilds continue to access to /etc/make.conf after right access has been lowered (with right access of portage). If the package cannot access to it the ebuild will failed with an error like
Cannot access to /etc/portage/profile/packages.
portageq exit code: 13

Portage should check if /etc/make.conf belongs to group/user portage to avoid that issue.

The control could be extended as well to,
$PORTDIR
$PORTDIR_OVERLAY
/var/lib/layman

Reproducible: Always




# emerge --info
Portage 2.2_rc67 (default/linux/amd64/10.0, gcc-4.4.3, glibc-2.11-r1, 2.6.34-rc4-radeon x86_64)
=================================================================
System uname: Linux-2.6.34-rc4-radeon-x86_64-AMD_Phenom-tm-_9500_Quad-Core_Processor-with-gentoo-2.0.1
Timestamp of tree: Fri, 16 Apr 2010 06:15:01 +0000
distcc 3.1 x86_64-pc-linux-gnu [enabled]
app-shells/bash:     4.1_p5
dev-java/java-config: 2.1.10
dev-lang/python:     2.6.5-r1, 3.1.2-r2
dev-python/pycrypto: 2.1.0
dev-util/cmake:      2.8.1-r1
sys-apps/baselayout: 2.0.1
sys-apps/openrc:     0.6.1-r1
sys-apps/sandbox:    2.2
sys-devel/autoconf:  2.13, 2.65
sys-devel/automake:  1.8.5-r3, 1.9.6-r3, 1.10.3, 1.11.1
sys-devel/binutils:  2.20.1
sys-devel/gcc:       4.4.3
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6b
virtual/os-headers:  2.6.33
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA MIT GPL-3 PSF-2.2 X11 GPL-2 ETQW RTCW-ETEULA ut2003"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=barcelona -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /etc/env.d/02distcc /etc/splash/livecd-2007.0/1280x1024.cfg /lib/rcscripts/addons /sbin/rc /sbin/splash-functions-bl1.sh /sbin/splash-functions.sh /usr/local/share/cursors/xorg-x11/default/index.theme /usr/share/X11/xkb /usr/share/hddtemp/hddtemp.db /usr/src/linux/.config /var/bind /var/lib/hsqldb"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/eselect/postgresql /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/splash /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-march=barcelona -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests collision-protect distcc distlocks fixpackages metadata-transfer news parallel-fetch preserve-libs protect-owned sandbox sfperms splitdebug strict unmerge-logs unmerge-orphans userfetch userpriv"
GENTOO_MIRRORS="ftp://ftp.free.fr/mirrors/ftp.gentoo.org/ http://linux.rz.ruhr-uni-bochum.de/download/gentoo-mirror/ http://mirrors.sec.informatik.tu-darmstadt.de/gentoo/"
LANG="fr_FR.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="fr"
MAKEOPTS="-j8 -l5"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/var/lib/layman/science /var/lib/layman/x11 /var/lib/layman/sunrise /var/lib/layman/gnome /usr/local/portage/java /usr/local/portage/overlay"
SYNC="rsync://.../gentoo-portage"
USE="3dnow 3dnowext acl amd64 avahi bindist bzip2 cli cracklib crypt cups cxx dbus dri expat gdbm gpm iconv latex logrotate maildir mmx mmxext modules mudflap multilib ncurses nls nptl nptlonly ogg openmp pam pcre perl pppd pulseaudio python readline reflection session spl sse sse2 ssl ssse3 sysfs tcpd threads udev unicode userlocales vorbis xinetd xorg xulrunner zlib" ALSA_CARDS="hda-intel usb-audio virmidi" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic auth_digest authn_anon authn_dbd authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock dbd deflate dir disk_cache env expires ext_filter file_cache filter headers ident imagemap include info log_config logio mem_cache mime mime_magic negotiation proxy proxy_ajp proxy_balancer proxy_connect proxy_http rewrite setenvif so speling status unique_id userdir usertrack vhost_alias" APACHE2_MPMS="worker" CAMERAS="ptp2" DVB_CARDS="usb-wt220u" ELIBC="glibc" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="fr" LIRC_DEVICES="devinput userspace" QEMU_SOFTMMU_TARGETS="i386 x86_64" QEMU_USER_TARGETS="i386 x86_64" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="radeonhd" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Comment 1 SpanKY gentoo-dev 2010-04-19 23:40:22 UTC
portage merely needs read access.  no reason to require ownership.

also, how exactly does userpriv get into FEATURES if portage cant read its original make.conf file ? :p
Comment 2 Jimmy.Jazz 2010-04-20 13:54:29 UTC
(In reply to comment #1)
> portage merely needs read access.  no reason to require ownership.

Indeed, portage make.conf is world readable. I have changed it to 0640 to increase security. I missed it when I opened the bug report. Someone else on the forum had the same issue because he wanted to protect his proxy password.
See http://forums.gentoo.org/viewtopic-p-6092656.html

(Also, I dropped eix-sync privileges as well.)

> also, how exactly does userpriv get into FEATURES if portage cant read its
> original make.conf file ? :p
> 
I run portage emerge as root :). I expected portage to drop root privileges to user portage after reading make.conf userpriv feature and let user portage read make.conf straight afterwards.

Anyway, portageq exit code 13 is quite difficult to understand because /etc/portage/profile/packages neither exists nor is declared in /etc/make.conf
Moreover, the message isn't reported in /var/log/ebuild/ log file

I forgot to mention /etc/portage in the list of directories in my first comment.

I hope the above points help clarify things.
Comment 3 Zac Medico gentoo-dev 2010-04-21 04:00:07 UTC
I plan to fix this by making the portageq process use pipe or socket IPC to delegate the query to the parent python process which hasn't dropped privileges (we have a poll/select loop in emerge's scheduler which can be used handle the IPC).
Comment 4 Zac Medico gentoo-dev 2010-08-13 19:20:40 UTC
(In reply to comment #3)
> I plan to fix this by making the portageq process use pipe or socket IPC to
> delegate the query to the parent python process which hasn't dropped privileges
> (we have a poll/select loop in emerge's scheduler which can be used handle the
> IPC).

This is in git now:

http://git.overlays.gentoo.org/gitweb/?p=proj/portage.git;a=commit;h=612a8abf9995c593101b8344fda15acd8267c5e3
Comment 5 Zac Medico gentoo-dev 2010-08-23 06:18:42 UTC
This is in 2.2_rc68, but I'll leave this bug open until it's in an unmasked version.
Comment 6 Zac Medico gentoo-dev 2010-09-04 08:22:07 UTC
This is fixed in 2.1.9.
Comment 7 Zac Medico gentoo-dev 2010-10-20 15:30:59 UTC
NOTE: The fix for this bug only works when USE=ipc is enabled (it is
enabled automatically by IUSE default).
Comment 8 Jimmy.Jazz 2010-10-22 10:37:58 UTC
(In reply to comment #7)
> NOTE: The fix for this bug only works when USE=ipc is enabled (it is
> enabled automatically by IUSE default).
> 
It works with the last portage 2.2_rc98. USE='ipc' flag is enabled

Thx

Jj