Summary: | PermissionError when running emerge in a user namespace | ||
---|---|---|---|
Product: | Portage Development | Reporter: | Daan De Meyer <daan.j.demeyer> |
Component: | Core | Assignee: | Portage team <dev-portage> |
Status: | RESOLVED INVALID | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Daan De Meyer
2023-07-20 11:57:57 UTC
Features: ``` "getbinpkg", "-candy", "-sandbox", "-userfetch", "-userpriv", "-usersandbox", "-usersync", "-ebuild-locks", "parallel-install", ``` What's the use case here? > What's the use case here?
Unprivileged builds of gentoo images with mkosi of which I'm the maintainer.
Is there a reason you need /dev/pts from the host system? systemd-nspawn would mount a new devpts instance after unsharing the user namespace. I hesitate to just ignore the error; I presume we are doing this chown for a good reason. Turns out that setting FEATURES via the environment variable doesn't work for ebuilds when ROOT != SYSROOT. I switched to appending to etc/portage/make.conf and that allows me to disable userpriv which fixes this issue so closing. |