Summary: | using sys-libs/nss-db causes access violations | ||
---|---|---|---|
Product: | Portage Development | Reporter: | Robin Johnson <robbat2> |
Component: | Sandbox | Assignee: | Sandbox Maintainers <sandbox> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | High | ||
Version: | 2.0 | ||
Hardware: | All | ||
OS: | All | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: | Patch for sandbox.c to add items to PREDICT list. |
Description
Robin Johnson
2005-05-09 23:47:16 UTC
Can't nss-db just add a /etc/env.d/ file that have those two added to SANDBOX_PREDICT? ---- echo SANDBOX_PREDICT="/var/db/protocols.db:/var/db/services.db" > $T/90nss-db newenvd $T/90nss-db ---- azarah: unfortunetly that breaks when multiple files in env.d start using it (unless it gets special handling like LDPATH etc). easy enough to treat SANDBOX_PREDICT as a special var ... but if we put it into env.d, that pollutes a user's normal env ... Ok, I was tracing this down in nss-db. Basically, the db_upgrade method (from sys-libs/db) is called, and it opens the database as read-write. possible solutions: 1. block the db_upgrade in nss-db - upgrades might get nasty then 2. change the db_upgrade method in db to check while read-only. 3. add all db files to the predict list in sandbox (easiest to do): /var/db/aliases.db:/var/db/netgroup.db:/var/db/netmasks.db:/var/db/ethers.db:/va r/db/rpc.db:/var/db/protocols.db:/var/db/services.db:/var/db/networks.db:/var/db /hosts.db:/var/db/group.db:/var/db/passwd.db ok, #1 and #2 don't fly. please add all db files to the predict list in our upstream sandbox: /var/db/aliases.db:/var/db/netgroup.db:/var/db/netmasks.db:/var/db/ethers.db:/va r/db/rpc.db:/var/db/protocols.db:/var/db/services.db:/var/db/networks.db:/var/db /hosts.db:/var/db/group.db:/var/db/passwd.db Created attachment 62516 [details, diff]
Patch for sandbox.c to add items to PREDICT list.
Released 1.2.10 which should fix this, thanks. |