Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 671986

Summary: net-libs/srt-1.3.1 version bump
Product: Gentoo Linux Reporter: Craig Andrews <candrews>
Component: Current packagesAssignee: Luca Barbato <lu_zero>
Status: RESOLVED FIXED    
Severity: normal CC: candrews
Priority: Normal Keywords: PullRequest
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://github.com/gentoo/gentoo/pull/10491
Whiteboard:
Package list:
Runtime testing required: ---

Description Craig Andrews gentoo-dev 2018-11-26 17:22:16 UTC 
srt 1.3.1 was released June 15, 2018: https://github.com/Haivision/srt/releases/tag/v1.3.1
Comment 1 Nate Edel 2018-11-26 21:26:40 UTC 
Pulled the patch on my system, required disabling sandbox and 

scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH '.:../lib64' in /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-multiplex
scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH '../lib64' in /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-multiplex
scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH '.:../lib64' in /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-file-transmit
scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH '../lib64' in /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-file-transmit
scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH '.:../lib64' in /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-live-transmit
scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH '../lib64' in /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-live-transmit

Still, it unblocks the present ffmpeg.
Comment 2 Craig Andrews gentoo-dev 2018-11-26 21:41:04 UTC 
(In reply to Nate Edel from comment #1)
> Pulled the patch on my system, required disabling sandbox and 
> 
> scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH
> '.:../lib64' in
> /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-multiplex
> scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH
> '../lib64' in /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-multiplex
> scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH
> '.:../lib64' in
> /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-file-transmit
> scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH
> '../lib64' in
> /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-file-transmit
> scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH
> '.:../lib64' in
> /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-live-transmit
> scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH
> '../lib64' in
> /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-live-transmit
> 
> Still, it unblocks the present ffmpeg.


Reported upstream at https://github.com/Haivision/srt/issues/499
Comment 3 Craig Andrews gentoo-dev 2018-11-27 02:58:41 UTC 
(In reply to Craig Andrews from comment #2)
> (In reply to Nate Edel from comment #1)
> > Pulled the patch on my system, required disabling sandbox and 
> > 
> > scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH
> > '.:../lib64' in
> > /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-multiplex
> > scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH
> > '../lib64' in /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-multiplex
> > scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH
> > '.:../lib64' in
> > /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-file-transmit
> > scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH
> > '../lib64' in
> > /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-file-transmit
> > scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH
> > '.:../lib64' in
> > /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-live-transmit
> > scanelf: rpath_security_checks(): Security problem with relative DT_RUNPATH
> > '../lib64' in
> > /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-live-transmit
> > 
> > Still, it unblocks the present ffmpeg.
> 
> 
> Reported upstream at https://github.com/Haivision/srt/issues/499

Updated the PR to fix this issue.
Comment 4 Larry the Git Cow gentoo-dev 2018-11-27 14:34:47 UTC 
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e85481619918ebda09deae2fedf46c5ded6665f8

commit e85481619918ebda09deae2fedf46c5ded6665f8
Author:     Craig Andrews <candrews@gentoo.org>
AuthorDate: 2018-11-26 17:49:51 +0000
Commit:     Craig Andrews <candrews@gentoo.org>
CommitDate: 2018-11-27 14:34:38 +0000

    net-libs/srt: 1.3.1 version bump
    
    Closes: https://bugs.gentoo.org/671986
    Package-Manager: Portage-2.3.52, Repoman-2.3.12
    Signed-off-by: Craig Andrews <candrews@gentoo.org>

 net-libs/srt/Manifest                              |  1 +
 net-libs/srt/files/srt-1.3.1-no-rpath.patch        | 28 +++++++++++++
 net-libs/srt/files/srt-always-GNUInstallDirs.patch | 25 +++++++++++
 net-libs/srt/srt-1.3.1.ebuild                      | 49 ++++++++++++++++++++++
 4 files changed, 103 insertions(+)
Comment 5 Denys Dmytriyenko 2018-12-09 19:26:53 UTC 
It seems to be trying to install a symlink outside of sandbox:

Install the project...
-- Install configuration: "Gentoo"
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/lib64/libsrt.so.1.3.1
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/lib64/libsrt.so.1
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/lib64/libsrt.so
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/lib64/libsrt.a
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/include/srt/version.h
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/include/srt/srt.h
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/include/srt/logging_api.h
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/include/srt/platform_sys.h
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/include/srt/udt.h
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/include/srt/srt4udt.h
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/lib64/pkgconfig/haisrt.pc
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/lib64/pkgconfig/srt.pc
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-live-transmit
-- Up-to-date: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-live-transmit
 * ACCESS DENIED:  symlink:      /usr/bin/stransmit
CMake Error: failed to create symbolic link '/usr/bin/stransmit': permission denied
-- Created symlink: /usr/bin/stransmit -> srt-live-transmit
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-file-transmit
-- Up-to-date: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-file-transmit
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-multiplex
-- Up-to-date: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-multiplex
-- Installing: /var/tmp/portage/net-libs/srt-1.3.1/image/usr/bin/srt-ffplay
>>> Completed installing srt-1.3.1 into /var/tmp/portage/net-libs/srt-1.3.1/image/

 * Final size of build directory: 8772 KiB (8.5 MiB)
 * Final size of installed tree:  3916 KiB (3.8 MiB)

 * --------------------------- ACCESS VIOLATION SUMMARY ---------------------------
 * LOG FILE: "/var/log/sandbox/sandbox-27315.log"