I followed this guide: http://gentoo-wiki.com/TIP_speed_up_portage_with_sqlite. Becouse in this guide says "the code of the module is maintained by gentoo developers" i think that i need to post bug to bugzilla. With pysqlite module many packges(but not all) gives strange sandbox errors: --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/var/log/sandbox/sandbox-dev-util_-_cvs-1.12.12-r4-2251.log open_wr: /var/cache/edb/dep/usr/portage.sqlite open_wr: /var/cache/edb/dep/usr/local/overlays/conrad.sqlite open_wr: /var/cache/edb/dep/usr/local/portage.sqlite open_wr: /var/cache/edb/dep/usr/portage/local/layman/java-gcj-overlay.sqlite open_wr: /var/cache/edb/dep/usr/portage/local/layman/java-migration-packages.sqlite open_wr: /var/cache/edb/dep/usr/portage/local/layman/kpex-media.sqlite -------------------------------------------------------------------------------- This for cvs but i can give many other packges logs. My emerge --info: Portage 2.1.1_pre5-r1 (default-linux/amd64/2006.0, gcc-4.1.1/amd64-vanilla, glibc-2.4-r4, 2.6.17-no5 x86_64) ================================================================= System uname: 2.6.17-no5 x86_64 AMD Athlon(tm) 64 Processor 3000+ Gentoo Base System version 1.12.4 Last Sync: Tue, 15 Aug 2006 12:20:01 +0000 ccache version 2.4 [enabled] app-admin/eselect-compiler: 2.0.0_rc2-r1 dev-lang/python: 2.4.3-r1 dev-python/pycrypto: 2.0.1-r5 dev-util/ccache: 2.4-r2 dev-util/confcache: 0.4.2-r1 sys-apps/sandbox: 1.2.18.1 sys-devel/autoconf: 2.13, 2.60 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2 sys-devel/binutils: 2.17-r4 sys-devel/gcc-config: 1.3.13-r3 sys-devel/libtool: 1.5.22 virtual/os-headers: 2.6.17 ACCEPT_KEYWORDS="amd64 ~amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=k8 -fomit-frame-pointer -pipe -fno-ident -frename-registers -msse3" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/eselect/compiler /etc/gconf /etc/java-config/vms/ /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O2 -march=k8 -fomit-frame-pointer -pipe -fno-ident -frename-registers -msse3 -fvisibility-inlines-hidden" DISTDIR="/usr/portage/distfiles" FEATURES="autoconfig ccache confcache distlocks metadata-transfer parallel-fetch sandbox sfperms strict" GENTOO_MIRRORS="http://gentoo.te.ua http://ftp.club-internet.fr/pub/mirrors/gentoo http://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/ ftp://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/ http://gentoo.osuosl.org http://www.ibiblio.org/pub/Linux/distributions/gentoo" LANG="uk_UA.UTF-8" LC_ALL="uk_UA.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,--hash-style=both" LINGUAS="uk" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude='/distfiles' --exclude='/local' --exclude='/packages'" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/overlays/conrad /usr/local/portage /usr/portage/local/layman/java-gcj-overlay /usr/portage/local/layman/java-migration-packages /usr/portage/local/layman/kpex-media" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="amd64 X aac acpi amr apache apache2 avi berkdb bitmap-fonts bzip2 cairo ccache cdr cli crypt cups customlog dbus dlloader elibc_glibc emboss encode fbcon ffmpeg firefox flac follow-xff fontconfig foomaticdb fortran gcj gd gd2 gif glibc-omitfp glitz glut gpg2-experimental gpm gtk gtk2 hal imlib input_devices_keyboard input_devices_mouse ipv6 isdnlog java jpeg kde kdeenablefinal kdehiddenvisibility kernel_linux kqemu linguas_uk live lm_sensors logrotate lzo lzw lzw-tiff mbox mozdevelop mp3 mpeg mpm-worker musepack mysql ncurses nls nptl nptlonly nvidia opengl oss pam pcre pdflib perl png ppds pppd python qr qt3 qt4 quicktime readline reflection sdl session spell spl sse3 ssl tcpd teamarena threads tiff truetype truetype-fonts type1-fonts unicode usb userland_GNU vcd video_cards_nv video_cards_nvidia video_cards_vesa vim vim-pager xft xinerama xml xorg xpm xv xvid xvmc zero-penalty-hit zlib" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, PORTAGE_RSYNC_EXTRA_OPTS
Something like a portageq call in the ebuild might be able to trigger something like that. What was the ebuild doing at the time when the sandbox violation occurred? Compile phase or what?
All time it's different. Most in install phase, sometimes on compile, and very rarely on unpack
I wouldn't call this critical, considering that the default cache module is available. I'll do my next update with the sqlite module to see if I can reproduce the problem. Does it happen reliably in the same place for a given ebuild, or intermittently for a given ebuild?
Yes. For CVS, xterm, wine, many other this bug is reproduced all times. On other packages(usually very little) this bug don't reproduce never
Can you attach the output of some builds leading up to the sandbox violation? I tried building cvs-1.12.12-r4 with the sqlite cache module enabled and there was no sandbox violation. I'm updating my system now and so far it's built 7 other packages with no problems.
I also have this problem with some ebuilds, always after compilation. E.g. from sys-libs/glibc-2.4-r3: make[2]: Leaving directory `/home/portage/portage/glibc-2.4-r3/work/glibc-2.4/elf' make[1]: Leaving directory `/home/portage/portage/glibc-2.4-r3/work/glibc-2.4' >>> Source compiled. --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/var/log/sandbox/sandbox-sys-libs_-_glibc-2.4-r3-10923.log" open_wr: /var/cache/edb/dep/usr/portage.sqlite open_wr: /var/cache/edb/dep/usr/local/portage.sqlite open_wr: /var/cache/edb/dep/usr/portage.sqlite open_wr: /var/cache/edb/dep/usr/local/portage.sqlite -------------------------------------------------------------------------------- I've also seen this with app-admin/webapp-config-1.50.15 and x11-drivers/nvidia-drivers-1.0.8774. I don't know enough about portage or python to be able to work out exactly where this is happening, but I guess it's to do with sqlite always opening the database for read-write, even when it only needs to be read. If it's relevant, I'm also on amd64 and have ccache enabled (version 2.3).
I'm able to reproduce this on my amd64 system as well. It happens consistently when I run the install phase of cvs-1.12.12-r4 with USE="pam" enabled. It seems that there is a has_version call in pam.eclass which leads to a portageq call. I'll see about modifying the sqlite cache module to open in readonly mode by default and then reopen in write mode if necessary.
Unfortunately, I don't see a readonly connection parameter for pysqlite. It's interesting that this bug doesn't manifest itself on x86 considering that I have sqlite-3.3.6 and pysqlite-2.3.1 on both x86 and amd64.
Having had a quick look through the sqlite source, it doesn't look like it's possible to open the database read-only, at least not without significantly changing the sqlite code itself. My temporary fix is to add /var/cache/edb/dep to SANDBOX_PREDICT in ebuild.sh, it's fairly ugly but I've emerge a couple of things since then and it seems to be working.
You can use /etc/portage/bashrc to modify SANDBOX_PREDICT (instead of editing ebuild.sh directly). The best solution would be to service portageq calls via a pipe between the bash side of portage and the python side of portage (the python side will be outside of the sandbox). That way, portageq calls would work even if they need to trigger a write (can happen if cache generation is triggered).
In svn r4425, the cache directory is automatically added to SANDBOX_PREDICT.
This has been released in 2.1.1_rc1-r7.
Thank you! i'm very happy that my bug-report help you :)
