Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 546208

Summary: net-misc/libreswan-3.10 CONDIR from tmux causes sandbox failure
Product: Gentoo Linux Reporter: Lars <gentoo>
Component: Current packagesAssignee: Mike Gilbert <floppym>
Status: RESOLVED INVALID    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Attachments: build.log
environment

Description Lars 2015-04-10 19:11:31 UTC
Somehow the environment variable CONFDIR is used to determine the destination of the ipsec.d directory. In case of a tmux session CONFDIR is set to the path containing the tmux configuration (in my case /home/lars/Projekte/sources/tmuxfiles). This results in a sandbox violation:

 * ACCESS DENIED:  mkdir:        /home/lars/Projekte/sources/tmuxfiles/ipsec.d
mkdir: cannot create directory ā€˜/home/lars/Projekte/sources/tmuxfiles/ipsec.dā€™: Permission denied

Reproducible: Always

Steps to Reproduce:
1. start tmux
2. emerge -av1 net-misc/libreswan

Actual Results:  

 * --------------------------- ACCESS VIOLATION SUMMARY ---------------------------
 * LOG FILE: "/var/log/sandbox/sandbox-30162.log"
 *
VERSION 1.0
FORMAT: F - Function called
FORMAT: S - Access Status
FORMAT: P - Path as passed to function
FORMAT: A - Absolute Path (not canonical)
FORMAT: R - Canonical Path
FORMAT: C - Command Line

F: mkdir
S: deny
P: ipsec.d
A: /home/lars/Projekte/sources/tmuxfiles/ipsec.d
R: /home/lars/Projekte/sources/tmuxfiles/ipsec.d
C: mkdir -p -m 700 /home/lars/Projekte/sources/tmuxfiles/ipsec.d
 * --------------------------------------------------------------------------------


The failure only occurs within tmux, not in a normal session.
Comment 1 Lars 2015-04-10 19:14:03 UTC
Created attachment 400990 [details]
build.log
Comment 2 Lars 2015-04-10 19:14:54 UTC
Created attachment 400992 [details]
environment
Comment 3 Mike Gilbert gentoo-dev 2015-04-17 18:52:57 UTC
My tmux sessions do not have CONFDIR set in the environment.

How may I reproduce this behavior?
Comment 4 Lars 2015-04-18 21:41:39 UTC
(In reply to Mike Gilbert from comment #3)
> My tmux sessions do not have CONFDIR set in the environment.

Yes, you're right. It was my fault. I set the CONFDIR variable myself in my ~/.tmux.conf. I did not expect that this variable is exported. However, it seems like this is the intended behaviour for variables defined in tmux config files.