Summary: | net-libs/nodejs: Gentoo-specific patch prevents using NPM in custom ebuilds (sandbox violation) | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Raphaël Barrois <gentoo> |
Component: | Current packages | Assignee: | William Hubbs <williamh> |
Status: | UNCONFIRMED --- | ||
Severity: | normal | CC: | jstein |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | Updated gentoo-specific NPM global config patch |
Description
Raphaël Barrois
2021-12-30 15:18:22 UTC
Created attachment 760857 [details, diff]
Updated gentoo-specific NPM global config patch
Alternate version of the Gentoo-specific NPM global config patch: don't try to create /etc/npm, which has already been created by the ebuild.
This allows ebuilds to call NPM without triggering an access violation.
(In reply to Raphaël Barrois from comment #0) > For custom ebuilds, I need to run `npm` commands. > However, this step fails with a sandbox access violation: > * ACCESS DENIED: mkdir: /etc/npm > > This comes from the custom patch "nodejs-10.3.0-global-npm-config.patch", > where NPM is modified to always create /etc/npm. Here's the patch: --- a/deps/npm/node_modules/@npmcli/config/lib/index.js +++ b/deps/npm/node_modules/@npmcli/config/lib/index.js @@ -275,8 +275,9 @@ // default the globalconfig file to that location, instead of the default // global prefix. It's weird that `npm get globalconfig --prefix=/foo` // returns `/foo/etc/npmrc`, but better to not change it at this point. + // gentoo deviates wrt global config; store in /etc/npm settableGetter(data, 'globalconfig', () => - resolve(this[_get]('prefix'), 'etc/npmrc')) + resolve('/etc', 'npmrc')) } loadHome () { That's not /etc/npm, but /etc/npmrc? > That folder is actually created by the ebuild ("dodir /etc/npm"); it > shouldn't be required to try to create it each time "npm" runs. > > I'm attaching a proposed alternate patch, which should fix the issue. > > Reproducible: Always > > Steps to Reproduce: > (As root) > 1. rmdir /etc/npm > 2. npm help > 3. ls -d /etc/npm > Actual Results: > The "/etc/npm" folder has been recreated > > Expected Results: > The "/etc/npm" doesn't exist I'm not sure how nodejs is the problem here. Your ebuilds seem to be calling mkdir on /etc/npm. (In reply to John Helmert III from comment #2) > (In reply to Raphaël Barrois from comment #0) > > For custom ebuilds, I need to run `npm` commands. > > However, this step fails with a sandbox access violation: > > * ACCESS DENIED: mkdir: /etc/npm > > > > This comes from the custom patch "nodejs-10.3.0-global-npm-config.patch", > > where NPM is modified to always create /etc/npm. > > Here's the patch: > > --- a/deps/npm/node_modules/@npmcli/config/lib/index.js > +++ b/deps/npm/node_modules/@npmcli/config/lib/index.js > @@ -275,8 +275,9 @@ > // default the globalconfig file to that location, instead of the > default > // global prefix. It's weird that `npm get globalconfig --prefix=/foo` > // returns `/foo/etc/npmrc`, but better to not change it at this point. > + // gentoo deviates wrt global config; store in /etc/npm > settableGetter(data, 'globalconfig', () => > - resolve(this[_get]('prefix'), 'etc/npmrc')) > + resolve('/etc', 'npmrc')) > } > > loadHome () { > > That's not /etc/npm, but /etc/npmrc? > > > That folder is actually created by the ebuild ("dodir /etc/npm"); it > > shouldn't be required to try to create it each time "npm" runs. > > > > I'm attaching a proposed alternate patch, which should fix the issue. > > > > Reproducible: Always > > > > Steps to Reproduce: > > (As root) > > 1. rmdir /etc/npm > > 2. npm help > > 3. ls -d /etc/npm > > Actual Results: > > The "/etc/npm" folder has been recreated > > > > Expected Results: > > The "/etc/npm" doesn't exist > > I'm not sure how nodejs is the problem here. Your ebuilds seem to be calling > mkdir on /etc/npm. You're looking at the patch for nodejs>=15.2.0, used in nodejs-16.x ebuilds — all are masked. The current patch has: + // gentoo deviates wrt global config; store in /etc/npm + var globalconfig = path.resolve('/etc', 'npm') + mkdirp(globalconfig, function () { + defaults.globalconfig = path.resolve(globalconfig, 'npmrc') + defaults.globalignorefile = path.resolve(globalconfig, 'npmignore') + }) Note the "mkdirp(globalconfig, ...)" |