>>> Unpacking source... >>> Unpacking kaa-imlib2-0.2.1.tar.gz to /var/tmp/portage/dev-python/kaa-imlib2-0.2.1/work >>> Source unpacked. >>> Compiling source in /var/tmp/portage/dev-python/kaa-imlib2-0.2.1/work/kaa-imlib2-0.2.1 ... POSIX shared memory enabled running build running build_py creating build creating build/lib.linux-x86_64-2.4 creating build/lib.linux-x86_64-2.4/kaa creating build/lib.linux-x86_64-2.4/kaa/imlib2 copying src/__init__.py -> build/lib.linux-x86_64-2.4/kaa/imlib2 copying src/font.py -> build/lib.linux-x86_64-2.4/kaa/imlib2 copying src/image.py -> build/lib.linux-x86_64-2.4/kaa/imlib2 copying src/version.py -> build/lib.linux-x86_64-2.4/kaa/imlib2 running build_ext building 'kaa.imlib2._Imlib2module' extension creating build/temp.linux-x86_64-2.4 creating build/temp.linux-x86_64-2.4/src x86_64-pc-linux-gnu-gcc -pthread -fno-strict-aliasing -DNDEBUG -march=k8 -O2 -pipe -fPIC -I/usr/include/python2.4 -c src/imlib2.c -o build/temp.linux-x86_64-2 .4/src/imlib2.o -Wall x86_64-pc-linux-gnu-gcc -pthread -fno-strict-aliasing -DNDEBUG -march=k8 -O2 -pipe -fPIC -I/usr/include/python2.4 -c src/image.c -o build/temp.linux-x86_64-2. 4/src/image.o -Wall x86_64-pc-linux-gnu-gcc -pthread -fno-strict-aliasing -DNDEBUG -march=k8 -O2 -pipe -fPIC -I/usr/include/python2.4 -c src/font.c -o build/temp.linux-x86_64-2.4 /src/font.o -Wall x86_64-pc-linux-gnu-gcc -pthread -fno-strict-aliasing -DNDEBUG -march=k8 -O2 -pipe -fPIC -I/usr/include/python2.4 -c src/rawformats.c -o build/temp.linux-x86_ 64-2.4/src/rawformats.o -Wall x86_64-pc-linux-gnu-gcc -pthread -shared -march=k8 -O2 -pipe build/temp.linux-x86_64-2.4/src/imlib2.o build/temp.linux-x86_64-2.4/src/image.o build/temp.linux -x86_64-2.4/src/font.o build/temp.linux-x86_64-2.4/src/rawformats.o -L/usr/lib64 -lpng -lrt -lImlib2 -lfreetype -lz -lX11 -lXext -ldl -lm -o build/lib.linux-x 86_64-2.4/kaa/imlib2/_Imlib2module.so >>> Source compiled. >>> Test phase [not enabled]: dev-python/kaa-imlib2-0.2.1 >>> Install kaa-imlib2-0.2.1 into /var/tmp/portage/dev-python/kaa-imlib2-0.2.1/image/ category dev-python Traceback (most recent call last): File "setup.py", line 36, in ? from kaa.distribution import Extension, setup File "/usr/lib64/python2.4/site-packages/kaa/__init__.py", line 38, in ? from tmpfile import tempfile, TEMP File "/usr/lib64/python2.4/site-packages/kaa/tmpfile.py", line 16, in ? raise IOError('Security Error: %s has wrong permissions, aborted' % TEMP) IOError: Security Error: /var/tmp/portage/dev-python/kaa-imlib2-0.2.1/temp/kaa-0 has wrong permissions, aborted * * ERROR: dev-python/kaa-imlib2-0.2.1 failed. * Call stack: * ebuild.sh, line 1654: Called dyn_install * ebuild.sh, line 1089: Called qa_call 'src_install' * ebuild.sh, line 44: Called src_install * ebuild.sh, line 1334: Called distutils_src_install * distutils.eclass, line 61: Called die Reproducible: Always Steps to Reproduce: [user@heartofgold temp #2111]$ emerge --info /var/tmp/portage/dev-python/kaa-imlib2-0.2.1/temp Portage 2.1.3.5 (default-linux/amd64/2006.1/desktop, gcc-4.1.2, glibc-2.5-r3, 2.6.15-gentoo x86_64) ================================================================= System uname: 2.6.15-gentoo x86_64 AMD Athlon(tm) 64 Processor 3000+ Gentoo Base System release 1.12.10 Timestamp of tree: Mon, 13 Aug 2007 09:20:01 +0000 dev-java/java-config: 1.3.7, 2.0.33-r1 dev-lang/python: 2.3.6-r2, 2.4.4-r4 dev-python/pycrypto: 2.0.1-r6 sys-apps/sandbox: 1.2.18.1 sys-devel/autoconf: 2.13, 2.61 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17-r1 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.23b virtual/os-headers: 2.6.22-r2 ACCEPT_KEYWORDS="amd64 ~amd64" AUTOCLEAN="yes" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=k8 -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/X11/xkb /usr/share/config" CONFIG_PROTECT_MASK="/etc/env.d /etc/env.d/java/ /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/terminfo /etc/texmf/web2c" CXXFLAGS="-march=k8 -O2 -pipe" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks metadata-transfer sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://mirror.yandex.ru/gentoo-distfiles ftp://ftp.belnet.be/mirror/rsync.gentoo.org/gentoo/ http://distro.ibiblio.org/pub/linux/distributions/gentoo/ http://mirror.aiya.ru/pub/gentoo/ http://ftp.citkit.ru/pub/Linux/gentoo ftp://ftp.solnet.ch/mirror/Gentoo http://mirror.hamakor.org.il/pub/mirrors/gentoo/ http://gentoo.po.opole.pl/ http://gentoo.ynet.sk/pub http://open-systems.ufl.edu/mirrors/gentoo" LANG="en_US.UTF-8" LINGUAS="en ru" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/portage/local/layman/sunrise /usr/local/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="X alsa amd64 ansi apache2 arts berkdb bitmap-fonts cairo cdr cli cracklib crypt cups dbus dri dvd dvdr dvdread eds emboss encode esd exif fam firefox fortran gd gdbm gif gimp gnutls gpm gstreamer gtk gtk2 hal iconv ieee1394 ipv6 isdnlog jpeg kde ldap mad midi mikmod mono mozilla mp3 mpeg mudflap mysql ncurses nls nptl nptlonly nsplugin nvidia ogg opengl openmp oss pam pcre pdf perl plotutils png ppds pppd python qt3 qt4 quicktime readline reflection sdl session spell spl ssl tcltk tcpd theora threads tiff truetype truetype-fonts type1-fonts unicode vorbis xml xorg xv xvid zlib" ALSA_CARDS="intel8x0" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en ru" USERLAND="GNU" VIDEO_CARDS="nvidia nv vesa fbdev" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LDFLAGS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
This is probably related to permissions adjustments that portage makes in ${T} to help FEATURES=userpriv work smoothly. Portage doesn't do anything like that in ${WORKDIR} though, so maybe it should use that instead of ${T}.
I get the same results Portage 2.1.3.5 (default-linux/x86/2006.1, gcc-4.1.2, glibc-2.6.1-r0, 2.6.22-gentoo-r2 x86_64) ================================================================= System uname: 2.6.22-gentoo-r2 x86_64 unknown Gentoo Base System release 1.12.10 Timestamp of tree: Tue, 14 Aug 2007 20:00:02 +0000 dev-lang/python: 2.4.4-r4 dev-python/pycrypto: 2.0.1-r6 sys-apps/sandbox: 1.2.18.1 sys-devel/autoconf: 2.13, 2.61-r1 sys-devel/automake: 1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10 sys-devel/binutils: 2.17-r1 sys-devel/gcc-config: 1.3.16 sys-devel/libtool: 1.5.24 virtual/os-headers: 2.6.22-r2 ACCEPT_KEYWORDS="x86 ~x86" AUTOCLEAN="yes" CBUILD="i686-pc-linux-gnu" CFLAGS="-O3 -march=athlon-xp -pipe -fomit-frame-pointer" CHOST="i686-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/X11/xkb" CONFIG_PROTECT_MASK="/etc/env.d /etc/gconf /etc/revdep-rebuild /etc/terminfo" CXXFLAGS="-O3 -march=athlon-xp -pipe -fomit-frame-pointer" DISTDIR="/usr/portage/distfiles" FEATURES="distlocks metadata-transfer parallel-fetch sandbox sfperms strict unmerge-orphans userfetch" GENTOO_MIRRORS="http://distfiles.gentoo.org http://distro.ibiblio.org/pub/linux/distributions/gentoo" MAKEOPTS="-j2" PKGDIR="/usr/portage/packages" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --delete-after --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --filter=H_**/files/digest-*" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="3dnow 3dnowext X a52 aac alsa asf bitmap-fonts cli cracklib crypt dts dvd dvdnav dvdread dxr3 flac gpm iconv isdnlog jpeg lirc midi mmx mmxext mp2 mp3 mudflap ncurses nptl nptlonly nvidia openmp pam pcre perl png ppds pppd python quicktime readline real reflection rtc samba sdl session spl sse ssl tcpd theora truetype-fonts type1-fonts vcd vorbis win32codecs x264 x86 xml xorg xv xvid xvmc zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1 emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mulaw multi null plug rate route share shm softvol" ELIBC="glibc" INPUT_DEVICES="keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIRC_DEVICES="serial" USERLAND="GNU" VIDEO_CARDS="nvidia" Unset: CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, LDFLAGS, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
So, given that the ebuild's functionality is based almost entirely on the python eclass, what's the procedure here to fix it? Is this a bug in the python eclass then? Or do we need to patch the source package so that it plays nice with the python eclass?
(In reply to comment #1) > This is probably related to permissions adjustments that portage makes in ${T} > to help FEATURES=userpriv work smoothly. Portage doesn't do anything like that > in ${WORKDIR} though, so maybe it should use that instead of ${T}. It does not happen with portage versions 2.1.2.X. Looking at the python code, it creates direcotry in $TMPDIR in the compile phase and checks that permissions in the install phase again. In the meantime, it's not 0700, but 0770. I can't change that to use $WORKDIR though because the tempfile code is from an installed application (kaa-base), so it usually would use the /tmp.
Created attachment 128879 [details, diff] Don't adjust permissions in ${T} unless userpriv is enabled. It works for me with 2.1.3 when userpriv is enabled but not when it is disabled. I didn't bother to test with 2.1.2 (it should behave the same though since the code didn't change). This patch seems to solve the problem for me.
This has been released in 2.1.3.7.