Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 790029

Summary: sys-libs/ncurses-6.2_p20210123 causes sandbox access violation do_ptrace
Product: Gentoo Linux Reporter: mileikagooog
Component: Current packagesAssignee: Gentoo Linux bug wranglers <bug-wranglers>
Status: RESOLVED WORKSFORME    
Severity: normal CC: ionen, sam
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description mileikagooog 2021-05-13 20:09:31 UTC 
After switch to ~amd64 and doing 'emerge --ask --update --newuse --with-bdeps=y --deep @world'.

checking whether the C compiler works...  * /tmp/portage/sys-apps/sandbox-2.22/work/sandbox-2.22/libsandbox/trace.c:_do_ptrace():83: failure (Operation not permitted):
 * ISE:_do_ptrace: ptrace(PTRACE_TRACEME, ..., 0x0000000000000000, 0x0000000000000000): Operation not permitted

Reproducible: Always
Comment 1 mileikagooog 2021-05-13 20:17:07 UTC 
it's upstream? sandbox just protect us?! but why ncurses from amd64 to ~amd64 need ptrace in the newer version?
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2021-05-13 20:24:13 UTC 
Note that sandbox *always* needs the ability to use ptrace, even if it doesn't always make use of that ability.

Do not use random sysctls to disable it.

Anyway, the full build.log, emerge --info, and sandbox log is needed.
Comment 3 mileikagooog 2021-05-13 20:36:15 UTC 
Sorry i forgot about sysctl 'kernel.yama.ptrace_scope=2'

The current stable version of ncurses (sys-libs/ncurses-6.2-r1) work even with ptrace_scope=2.