Many packages run latex (or pdflatex or something similar) when emerged, to compile their documentation (often with USE=doc). If a font is encountered which happens to be absent in /var/cache/fonts, metafont is called to generate it. If VARTEXFONTS is not set, this will lead to a sandbox violation (unless addwrite /var/cache/fonts is used). This was discussed in http://groups.google.com/group/linux.gentoo.dev/browse_thread/thread/bf2e58fe200c0676/b72be3596cd2eb31 and http://groups.google.com/group/linux.gentoo.dev/browse_thread/thread/1d67f8155c62098f# Typically, an ebuild says something like emake docs All such cases should be changed to something like VARTEXFONTS="${T}"/fonts emake docs Here is a list of packages. There might be some false positives; if your package does not call latex (or pdflatex or ...) at the build time, please, ignore this bug. app-backup@gentoo.org, wschlich@gentoo.org: app-backup/bacula emacs@gentoo.org, python@gentoo.org: app-emacs/pymacs emacs@gentoo.org, common-lisp@gentoo.org: app-emacs/slime cjk@gentoo.org: app-i18n/canna shell-tools@gentoo.org: app-misc/tdl [with USE=doc, dvi, ps, and pdf docs are installed, all gzipped. Isn't this too much? pdf should not be bzip2ed] kernel-misc@gentoo.org: app-misc/fdutils ada@gentoo.org: dev-ada/xmlada dev-ada/asis-gcc dev-ada/asis-gpl haskell@gentoo.org dev-util/bnfc [here dodoc is used to install a .pdf, and hence it's bzipped - not a good idea] haskell@gentoo.org, tex@gentoo.org: dev-haskell/lhs2tex [here a .pdf file is installed using dodoc, and hence will be bzip2ed - not a goog idea] ml@gentoo.org: dev-lang/mlton maintainer-needed@gentoo.org: dev-lang/mmix dev-libs/beecrypt dev-util/ragel [it's better to use insinto/doins for .pdf files] vapier@gentoo.org: dev-libs/libtomcrypt common-lisp@gentoo.org: dev-lisp/gcl dev-lisp/cl-cffi dev-lisp/cl-cgi-utils dev-lisp/cl-xml-psychiatrist [here latex is called directly; is 1 time enough? Also, .pdf is installed bzipped - better not to do this] dev-lisp/cl-tclink [here the only place where the doc USE flag is used is commented out. Then there is no need in this USE flag...] tcltk@gentoo.org: dev-tcltk/tkzinc dev-embedded@gentoo.org: dev-tinyos/tos haskell@gentoo.org dev-util/bnfc games@gentoo.org: games-board/freedoko sound@gentoo.org: media-sound/musescore [doc USE flag never used???] video@gentoo.org, media-video@gentoo.org: media-video/dirac netmon@gentoo.org, anant@gentoo.org: net-analyzer/ns [.pdf installed by dodoc and hence bzipped - not good] netmon@gentoo.org: net-analyzer/sonar net-dialup@gentoo.org net-dialup/mgetty [here font generation is suppressed; better set VARTEXFONTS and not do this] sci-biology@gentoo.org: sci-biology/wise [here .ps docs are installed unconditionally; it would be better to use the USE flag doc. Also, before latex and dvips, export VARTEXFONTS=...] sci@gentoo.org: sci-libs/netcdf sci-libs/pgplot sci-misc/gri sci-misc/nco sci-mathematics@gentoo.org: sci-mathematics/axiom sci-mathematics/ginac sci-mathematics/nusmv robbat2@gentoo.org: sys-block/btrace hp-cluster@gentoo.org, kanaka@gentoo.org: sys-cluster/mpich2 markusle@gentoo.org: sys-cluster/charm base-system@gentoo.org, tantive@gentoo.org: sys-power/apcupsd mobile@gentoo.org, genstef@gentoo.org: sys-power/powersave
> emacs@gentoo.org, python@gentoo.org: > app-emacs/pymacs > emacs@gentoo.org, common-lisp@gentoo.org: > app-emacs/slime Fixed. (False positives? Both are not accessing the font cache, even if it's empty. Anyway, the VARTEXFONTS assignment cannot harm.)
(In reply to comment #0) > video@gentoo.org, media-video@gentoo.org: > media-video/dirac fixed
net-dialup/mgetty has been fixed.
musescore needs doxygen/latex -foo to build documentation it is using at runtime, and I'm aware it's an automagic dep., but as nothing is linked and system is still functional (no revdep-rebuilding) if you unemerge them after I haven't bothered to patch it out _yet_ but sorry, i'm not adding anything unnecessary to any of my ebuilds (it doesn't fail)
(In reply to comment #4) > but sorry, i'm not adding anything unnecessary to any of my ebuilds (it doesn't > fail) taking that back, adding musescore 0.9.2 with vartexfonts.
One more package that doesn't ebuild, because of a sandbox violation: dev-tex/oesch
(In reply to comment #0) > ml@gentoo.org: > dev-lang/mlton done (In reply to comment #6) > One more package that doesn't ebuild, because of a sandbox violation: > > dev-tex/oesch fixed that a while ago but forgot to thank you, so here it is: thanks.
sci@gentoo.org should be done.
btrace is fixed.
genstef/mobile is done (sys-power/powersave isn't in portage anymore)
sci-mathematics done.
Please add media-gfx/sane-backends to the list of packages: * Messages for package media-gfx/sane-backends-1.0.19-r2: * ERROR: media-gfx/sane-backends-1.0.19-r2 failed: * (no error message) * * Call stack: * ebuild.sh, line 54: Called src_compile * environment, line 2697: Called die * The specific snippet of code: * emake VARTEXFONTS="${T}/fonts" || die; * # emerge --info Portage 2.1.8.3 (default/linux/amd64/10.0, gcc-4.3.4, glibc-2.10.1-r1, 2.6.31-gentoo-r10-04 x86_64) ================================================================= System uname: Linux-2.6.31-gentoo-r10-04-x86_64-Intel-R-_Core-TM-2_Duo_CPU_P9300_@_2.26GHz-with-gentoo-1.12.13 Timestamp of tree: Thu, 06 May 2010 13:15:02 +0000 app-shells/bash: 4.0_p37 dev-java/java-config: 2.1.10 dev-lang/python: 2.5.4-r3, 2.6.4-r1 dev-util/cmake: 2.6.4-r3 sys-apps/baselayout: 1.12.13 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.13, 2.63-r1 sys-devel/automake: 1.5, 1.7.9-r1, 1.8.5-r3, 1.9.6-r2, 1.10.3, 1.11.1 sys-devel/binutils: 2.18-r3 sys-devel/gcc: 4.3.4 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O3 -march=core2 -pipe -ggdb" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/lib64/fax /usr/share/X11/xkb /usr/share/config /var/spool/fax/etc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-O3 -march=core2 -pipe -ggdb" DISTDIR="/usr/portage/distfiles" FEATURES="assume-digests distlocks fixpackages news parallel-fetch protect-owned sandbox sfperms splitdebug strict unmerge-logs unmerge-orphans userfetch" GENTOO_MIRRORS="ftp://gentoo.arcticnetwork.ca/pub/gentoo/ http://gentoo.arcticnetwork.ca/ ftp://mirrors.tera-byte.com/pub/gentoo ftp://mirror.csclub.uwaterloo.ca/gentoo-distfiles/ ftp://mirror.switch.ch/mirror/gentoo/ http://mirror.switch.ch/mirror/gentoo/ " LANG="en_US.UTF-8" LDFLAGS="-Wl,-O1" MAKEOPTS="-j3" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage" USE="X X509 accessibility acl additions alsa amd64 amr apache2 authdaemond authfile ban bash-completion branding bzip2 cairo calendar cdb cdr cgi cjk cli consolekit context cracklib crypt ctype cups curl curlwrappers cxx dbus deflate dga directfb discard-path diskio dmx doc dri dvd dvdnav dvdr dvipdfm ebook elf emacs encode exif extra extras fam fbcon filter firefox fontconfig fontforge foomaticdb force-cgi-redirect fortran ftp fts3 fuse gadu gcj gd gdbm gif gimp gpg gphoto2 gpm graphics groupwise gstreamer hal hardened hash hfs history hpn iconv idn imagemagick imap imlib inifile ipv6 irc jadetex java java6 jce jms jmx jpeg kde kde4 kdm kerberos konqueror kontact kpathsea lame laptop latex latex3 lcms ldap ldap-sasl lm_sensors logrotate loop-aes mad mmap mmx mng modules mp2 mp3 mp3tunes mpeg mpeg2 mudflap multilib mysql mysqli ncurses nls nptl nptlonly nsplugin odbc ogg omega openexr opengl openmp openntpd openssl opensslcrypt oss pam parse-clocks pcre pdf perl png posix ppds pppd pstricks publishers pulseaudio python qt-static qt3support qt4 quicktime radius raw readline reflection reiserfs rpm rrdcgi rrdtool samba sametime sasl science sdk sdl semantic-desktop sensord session slp smp sms snmp soap sockets softquota spf spl sql sqlite sse sse2 ssl ssse3 stats svg svgz swat symlink sysfs sysvipc tcl tcpd texteffect theora tiff tk truetype unicode usb utempter v4l v4l2 vcd vhosts vorbis wavpack webkit wma wmf wmp xcomposite xetex xhtml xindy xine xinerama xml xmldoclet xmlreader xmlrpc xmlwriter xmp xorg xpm xscreensaver xsl xulrunner xv xvid xvmc yahoo zeroconf zip zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" RUBY_TARGETS="ruby18" SANE_BACKENDS="brother2" USERLAND="GNU" VIDEO_CARDS="intel fbdev" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
dev-embedded is done: dev-tinyos/ category was removed from tree (unrelated to this bug)
> haskell@gentoo.org > dev-util/bnfc Does not call latex. > [here dodoc is used to install a .pdf, and hence it's bzipped - not a good idea] Not an issue anymore as well.
> cjk@gentoo.org: > app-i18n/canna Fixed.
Both net-analyzer/ns and net-analyzer/sonar was removed from tree, so netmon are done here for now.
Changing this ticket to a tracker. We can close it as soon as the last linked ticket is closed.
Can you post example canonical fix as a comment here? If such examples exist in tree.
does not call latex or pdflatex. docs are prebuild
(In reply to Tupone Alfredo from comment #19) > does not call latex or pdflatex. docs are prebuild Sorry wrong place
Reassigning the TRACKER to the original poster Andrey. It would be great to have a link to a wiki page with some explanation for (proxied)maintainers what is exactly wrong and how to fix it. The wiki page should also answer "How can a dev see, if an ebuild is affected?"
spam removed