--------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE "/var/log/sandbox/sandbox-15773.log" VERSION 1.0 FORMAT: F - Function called FORMAT: S - Access Status FORMAT: P - Path as passed to function FORMAT: A - Absolute Path (not canonical) FORMAT: R - Canonical Path FORMAT: C - Command Line F: mkdir S: deny P: /root/.gnome2 A: /root/.gnome2 R: /home/.root/.gnome2 C: /usr/bin/gst-inspect-0.10 playbin -------------------------------------------------------------------------------- >>> Failed to emerge media-video/totem-2.24.3 this is NOT a dupe of http://bugs.gentoo.org/255110 . USE=-tracker is set, and i'm running gnome-base/gconf-2.24.0 as well. the directory in question doesn't exist, and i'm running as root who has never logged into X. i also tried using emerge using sudo while logged in as a user account that already has X. this was a part of an emerge -eav world after upgrading to gcc 4.3.2 on amd64.
Created attachment 191703 [details] emerge --info emerge --info
this seems related to http://bugs.gentoo.org/262731 , but this is involving the .gnome2 subdir, not the .gconf stuff...
actually.. i found http://bugs.gentoo.org/126667 what i'm experiencing is the fact that i've relocated root's homedir to somewhere else (/home/.root specifically), and used a symlink at /root for backwards compatibility. however, i didn't update the /etc/passwd entry to reflect the new home. having updated root's homedir in /etc/passwd, it installed fine w/o the sandbox violation.... however, it still stands that addpredict should handle symlink and absolute paths that it should be watching for.... i guess this has become a feature/bug for ebuilds....
re-assigning to portage devs since addpredict is a portage feature.
I'm not sure why sandbox doesn't handle this already. To summarize, we have: addpredict /root/.gnome2 And /root is a symlink to /home/.root/.gnome2.
(1) i thought portage set $HOME already to some tmp dir ? (2) are some stupid gnome utils not respecting that $HOME ? (3) symlinks for important dirs are known to not work with sandbox (3a) that'd make this a dupe of Bug 80085 (3b) use `mount --bind` as symlinks across symlinks are also known to break in general with *nix systems
(In reply to comment #6) > (1) i thought portage set $HOME already to some tmp dir ? probably > (2) are some stupid gnome utils not respecting that $HOME ? indeed, I just checked that both gconf and gstreamer do not read $HOME but actually refer to /etc/passwd. I guess that's why we added so many addpredicts all over the place. Must squash'em all now.
*** Bug 302551 has been marked as a duplicate of this bug. ***
Since glib-2.30 we patched glib to support G_HOME which is used to override default glib behavior. Eclass was adapted to export that to $T so that tests should run fine. Since then, glib upstream saw the light and patch next glib release (most likely 2.36) to respect HOME so this should be the end of our problems here. Last but not least, I set totem to simply not use gst-inspect as we already check dependencies when bumping.
