Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 574476

Summary: app-portage/gentoolkit-0.3.0.9-r2: QA warning on install
Product: Portage Development Reporter: Patrick Lauer <patrick>
Component: UnclassifiedAssignee: Portage Tools Team <tools-portage>
Status: CONFIRMED ---    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Patrick Lauer gentoo-dev 2016-02-11 19:45:34 UTC 
* QA Notice: This ebuild installs into paths that should be created at runtime.
 *  To fix, simply do not install into these directories.  Instead, your package
 *  should create dirs on the fly at runtime as needed via init scripts/etc...
 * 
 *   var/cache
 *   var/cache/revdep-rebuild
 *   var/cache/revdep-rebuild/.keep_app-portage_gentoolkit-0
Comment 1 Paul Varner (RETIRED) gentoo-dev 2016-02-12 19:29:42 UTC 
This is a duplicate that I can't find at the moment.
Comment 2 Paul Varner (RETIRED) gentoo-dev 2016-02-12 19:37:30 UTC 
With that said, gentoolkit-0.3.1 does install a tmpfiles.d directive to create the directory appropriately a boot.  What is still needed is a mechanism to create it manually if it is removed and the system has not been rebooted.

I've been thinking of using emerge --config for this and having revdep-rebuild print the command to run if the directory does not exist.
Comment 3 Patrick Lauer gentoo-dev 2016-02-14 16:48:29 UTC 
Why so much complexity?

Since r-r runs as root anyway it'd be easy to check-and-create the directory on startup, or abort if that fails. No need for external processes to manage that imo ...
Comment 4 Paul Varner (RETIRED) gentoo-dev 2016-02-15 17:17:43 UTC 
(In reply to Patrick Lauer from comment #3)
> Why so much complexity?
> 
> Since r-r runs as root anyway it'd be easy to check-and-create the directory
> on startup, or abort if that fails. No need for external processes to manage
> that imo ...

Because of security bug 203414, which basically boils down to there are race conditions that can potentially be exploited.  What that lead to was the ebuild creates the cache directories and revdep-rebuild just checks that they are appropriate and aborts if not.

Then it was decided that ebuilds should not create stuff in "runtime" directories which leads to the QA Notice that you are reporting.

At this point, I have put in having it created at boot using /etc/tmpfiles.d but was looking for a graceful/easy way to have someone create it without rebooting.  

Now with that said it is not that hard as root to run:

mkdir /var/cache/revdep-rebuild
chown 0700 /var/cache/revdep-rebuild