Bug 374425

Summary:	gfind doesn't operate normally in sandbox
Product:	Gentoo/Alt	Reporter:	Yuta SATOH <nigoro.dev>
Component:	FreeBSD	Assignee:	Gentoo/BSD Team <bsd+disabled>
Status:	RESOLVED FIXED
Severity:	normal	CC:	base-system, ryao, sandbox
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	FreeBSD
See Also:	https://github.com/gentoo/gentoo/pull/7611
Whiteboard:
Package list:		Runtime testing required:	---

Description Yuta SATOH 2011-07-08 10:22:16 UTC

gfind doesn't operate normally on the system that sandbox installed.

example)
1. FEATURES="-sandbox" emerge sandbox findutils
2. FEATURES="sandbox" emerge grep
3. FEATURES="-sandbox" emerge grep

result of 2)
<snip>
>>> Source prepared.
gfind: `./src': No such file or directory
gfind: `./m4': No such file or directory
gfind: `./gnulib-tests': No such file or directory
gfind: `./build-aux': No such file or directory
gfind: `./lib': No such file or directory
gfind: `./po': No such file or directory
gfind: `./doc': No such file or directory
gfind: `./tests': No such file or directory
>>> Configuring source in /var/tmp/portage/sys-apps/grep-2.9/work/grep-2.9 ...
<snip>

result of 3)
<snip>
>>> Source prepared.
>>> Configuring source in /var/tmp/portage/sys-apps/grep-2.9/work/grep-2.9 ...
<snip>

Yes! when sandbox was disabled, freebsd-bin and other were able to be compiled. (first bug 374375) 


Reproducible: Always




# emerge --info
Portage 2.2.0_alpha43 (default/bsd/fbsd/x86/8.0, gcc-4.4.3, freebsd-lib-8.0-r0, 8.2-RELEASE i386)
=================================================================
System uname: FreeBSD-8.2-RELEASE-i386-32bit-ELF
Timestamp of tree: Fri, 08 Jul 2011 06:30:01 +0000
app-shells/bash:         4.1_p2-r1
dev-lang/python:         2.6.5, 3.1.2
sys-apps/baselayout:     2.0.1
sys-apps/openrc:         0.6.1-r1
sys-apps/sandbox:        1.6-r2
sys-devel/autoconf:      2.65
sys-devel/automake:      1.11.1
sys-devel/binutils:      2.20.1
sys-devel/gcc:           4.4.3
sys-devel/gcc-config:    1.4.1
sys-devel/libtool:       2.2.6b
sys-devel/make:          3.81-r1
sys-freebsd/freebsd-lib: 8.0 (virtual/os-headers)
Repositories: gentoo
Installed sets:
ACCEPT_KEYWORDS="x86-fbsd ~x86-fbsd"
ACCEPT_LICENSE="* -@EULA"
CBUILD="i686-gentoo-freebsd8.0"
CFLAGS="-O2 -march=i686 -mtune=i686 -pipe"
CHOST="i686-gentoo-freebsd8.0"
CONFIG_PROTECT="/etc"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-O2 -march=i686 -mtune=i686 -pipe"
DISTDIR="/var/tmp/distfiles"
FEATURES="assume-digests binpkg-logs chflags distlocks ebuild-locks fixlafiles fixpackages news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
FFLAGS=""
GENTOO_MIRRORS="http://ftp.iij.ad.jp/pub/linux/gentoo/ http://ftp.jaist.ac.jp/pub/Linux/Gentoo/"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="acl berkdb cli cracklib crypt cups cxx dri gdbm iconv ipv6 java5 java6 modules ncurses nls nptlonly oss pam pcre perl python readline session ssl tcpd unicode x86-fbsd xorg zlib" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="braindump flow karbon kexi kpresenter krita tables words" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="FreeBSD" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="keyboard mouse" KERNEL="FreeBSD" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="BSD" VIDEO_CARDS="apm ark chips cirrus cyrix dummy i128 intel mach64 mga neomagic nv r128 radeon rendition s3 s3virge savage siliconmotion sis tga trident tseng vmware fbdev" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS

Comment 1 Yuta SATOH 2011-07-08 15:17:44 UTC

result of find and gfind on sandbox. 

# sandbox
============================= Gentoo path sandbox ==============================
Detection of the support files.
Verification of the required files.
Setting up the required environment variables.
The protected environment has been started.
--------------------------------------------------------------------------------
Process being started in forked instance.

 * Loading sandboxed shell
 *  Log File:           /var/log/sandbox/sandbox-80830.log
 *  Debug Log File:     /var/log/sandbox/sandbox-debug-80830.log
 *  sandboxon:          turn sandbox on
 *  sandboxoff:         turn sandbox off
 *  addread <path>:     allow <path> to be read
 *  addwrite <path>:    allow <path> to be written
 *  adddeny <path>:     deny access to <path>
 *  addpredict <path>:  allow fake access to <path>
[s] # find / 
/
/stage3-i686-freebsd-8.0.tar.bz2
/bin
/bin/bunzip2
/bin/bzcat
/bin/rbash
/bin/rc-status
/bin/red
/bin/rnano
/bin/tar
/bin/uncompress
/bin/bash
/bin/[
/bin/domainname
/bin/bsdcpio
/bin/bsdtar
/bin/bzip2
/bin/cat
/bin/chflags
<snip>

[s] # gfind /
/
/stage3-i686-freebsd-8.0.tar.bz2
/bin
gfind: `/bin': No such file or directory
/dev
gfind: `/dev': No such file or directory
/tmp
gfind: `/tmp': No such file or directory
/boot
gfind: `/boot': No such file or directory
/etc
gfind: `/etc': No such file or directory
/home
gfind: `/home': No such file or directory
/lib
gfind: `/lib': No such file or directory
/libexec
gfind: `/libexec': No such file or directory
/mnt
gfind: `/mnt': No such file or directory
/proc
gfind: `/proc': No such file or directory
/root
gfind: `/root': No such file or directory
/sbin
gfind: `/sbin': No such file or directory
/usr
gfind: `/usr': No such file or directory
/var
gfind: `/var': No such file or directory

[s] # exit

Comment 2 Alexis Ballier gentoo-dev

2011-07-08 16:18:21 UTC

sandbox is heavily broken on fbsd afaik

Comment 3 Yuta SATOH 2011-07-08 17:29:18 UTC

(In reply to comment #2)
> sandbox is heavily broken on fbsd afaik

hmm...
is FEATURES="-sandbox" made effective again ?

profiles/default/bsd/fbsd/make.defaults
# Sandbox should work now, leaving commented for testing.
# FEATURES="-sandbox"

Comment 4 SpanKY gentoo-dev

2011-07-08 18:41:50 UTC

last i looked, sandbox passed tests on freebsd.  and no one has complained since.  so i wouldnt classify that as heavily broken :P.

i still ssh access to this "grafias" box, but it doesnt have `gfind` installed.

Comment 5 Alexis Ballier gentoo-dev

2011-07-09 21:17:35 UTC

(In reply to comment #4)
> last i looked, sandbox passed tests on freebsd.  and no one has complained
> since.  so i wouldnt classify that as heavily broken :P.
> 
> i still ssh access to this "grafias" box, but it doesnt have `gfind` installed.

dunno what this grafias box is but my bet is that the current status isnt what you may think:
2.5 doesnt build (bug #317341; hint: i didnt spend time writing this code just for the fun of it... i started this because i experienced problems...)
1.6-r2 fails tests and exhibits the problem described in this bug

Comment 6 Javier Villavicencio (RETIRED) gentoo-dev

2011-07-13 14:29:44 UTC

(In reply to comment #4)
> last i looked, sandbox passed tests on freebsd.  and no one has complained
> since.  so i wouldnt classify that as heavily broken :P.
> 
> i still ssh access to this "grafias" box, but it doesnt have `gfind` installed.

grafias is my router/firewall server, it's now a bit more "decent" (upgraded, and finally replaced the ide-80wire-dma-fail disks with sata) you can find gfind installed to test, it is still at sandbox-1.6-r2, and I can reproduce this bug there, feel free to break it.

Comment 7 Javier Villavicencio (RETIRED) gentoo-dev

2011-07-13 15:02:35 UTC

The "No such file or directory" error comes from readlink on these lines in libsandbox.c:

sprintf(at_file_buf, "/proc/%i/fd/%i", getpid(), dirfd);
ssize_t ret = readlink(at_file_buf, at_file_buf, at_len);

seems to be triggered by fstatat() called by gfind.

no /proc/pid/"fd" on bsd. bah, usually no /proc.

Comment 8 Richard Yao (RETIRED) gentoo-dev

2012-03-19 00:05:48 UTC

This affects dev-libs/glib-2.30.3, which has a build log for this issue in bug #408791.

Comment 9 Alexis Ballier gentoo-dev

2012-03-30 15:58:46 UTC

+  30 Mar 2012; Alexis Ballier <aballier@gentoo.org> sandbox-1.6-r2.ebuild:
+  keyword -x86-fbsd for bug #374425, sandbox is broken of fbsd and this leaves
+  us with nothing.
+

Comment 10 Larry the Git Cow gentoo-dev

2018-03-29 18:53:36 UTC

The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=56475a1baab800a0668d6464a698b06c48776d60

commit 56475a1baab800a0668d6464a698b06c48776d60
Author:     Yuta Satoh <nigoro.dev@gmail.com>
AuthorDate: 2018-03-25 12:28:37 +0000
Commit:     Michał Górny <mgorny@gentoo.org>
CommitDate: 2018-03-29 18:53:32 +0000

    sys-apps/sandbox: drop ~x86-fbsd keyword.
    
    Closes: https://bugs.gentoo.org/374425
    Closes: https://github.com/gentoo/gentoo/pull/7611
    Package-Manager: Portage-2.3.19, Repoman-2.3.6

 sys-apps/sandbox/sandbox-2.12.ebuild | 2 +-
 sys-apps/sandbox/sandbox-2.13.ebuild | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)