Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 41994

Summary: Xerces won't emerge if Java 1.5 is active: security violation
Product: Gentoo Linux Reporter: trejkaz
Component: [OLD] DevelopmentAssignee: Java team <java>
Status: RESOLVED FIXED    
Severity: normal CC: Martin.vGagern
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: Change php-sapi.eclass from JDKVER 1.4.* to 1.[4-9].*

Description trejkaz 2004-02-17 20:13:46 UTC 
Emerging Xerces dies as described below.  Only happens on Java 1.5, not on Java 1.4.

Reproducible: Always
Steps to Reproduce:
1. emerge xerces
2. wait
3. see

Actual Results:  
ACCESS DENIED  open_wr:   /dev/random


Expected Results:  
Emerged cleanly.

Workaround: java-config sun-jdk-1.4.2.03; etc-update; source /etc/profile

Nevertheless a workaround will have to be found at some point in the future
assuming the access to /dev/random isn't a Java bug.

raven root # java -version
java version "1.5.0-beta"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0-beta-b32c)
Java HotSpot(TM) Client VM (build 1.5.0-beta-b32c, mixed mode)

raven root # emerge info
Portage 2.0.50-r1 (default-x86-2004.0, gcc-3.3.2, glibc-2.3.2-r9, 2.6.2-love1)
=================================================================
System uname: 2.6.2-love1 i686 AMD Athlon(tm) XP 2500+
Gentoo Base System version 1.4.3.13
distcc 2.11.1 i386-pc-linux-gnu (protocols 1 and 2) (default port 3632) [disabled]
Autoconf: sys-devel/autoconf-2.58-r1
Automake: sys-devel/automake-1.7.7
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-O3 -fomit-frame-pointer -march=athlon-xp"
CHOST="i686-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /usr/X11R6/lib/X11/xkb /usr/kde/2/share/config
/usr/kde/3.2/share/config /usr/kde/3/share/config /usr/share/config
/var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-O3 -fomit-frame-pointer -march=athlon-xp"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoaddcvs ccache sandbox"
GENTOO_MIRRORS="ftp://mirror.pacific.net.au/linux/Gentoo
http://public.planetmirror.com/pub/gentoo http://gentoo.oregonstate.edu
http://www.ibiblio.org/pub/Linux/distributions/gentoo"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.au.gentoo.org/gentoo-portage"
USE="3dnow X aalib alsa apache2 apm arts avi berkdb bonobo cdr cdrw crypt cups
directfb dv dvd dvdr dvdrw encode esd fbcon flac flash foomaticdb gdbm gif gpm
gtk gtk2 gtkhtml guile imlib java javascript jikes jpeg kde libg++ libwww mad
mikmod mmx motif mozilla mpeg mysql ncurses nls offensive oggvorbis opengl oss
pam pdflib perl png postgres python qt quicktime readline ruby samba sdl slang
spell sse ssl svga tcpd tiff truetype x86 xml2 xmms xv zlib"
Comment 1 Adrian Almenar 2004-02-18 19:53:21 UTC 
Fixed in CVS. Thanks.
Comment 2 Martin von Gagern 2004-05-11 08:53:10 UTC 
I have the same thing trying to emerge php. First I had to tweak php-sapi.eclass to build using 1.5.0-beta (patch attached). Then I get the same result, a sanbox violation. I don't know much about sandbox configuration, maybe you could do the same changes there as well as you did for Xerces?
Comment 3 Martin von Gagern 2004-05-11 08:58:04 UTC 
Created attachment 31186 [details, diff]
Change php-sapi.eclass from JDKVER 1.4.* to 1.[4-9].*
Comment 4 trejkaz 2004-05-16 16:42:18 UTC 
Careful Martin, that looks irrelevant and this bug is already resolved.  Create a new one, perhaps?