Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 272847 - media-tv/mythtv-0.21_p19961-r2 - sandbox violation of /etc/ld.so.cache~
Summary: media-tv/mythtv-0.21_p19961-r2 - sandbox violation of /etc/ld.so.cache~
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: AMD64 Linux
: High normal (vote)
Assignee: Doug Goldstein
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-06-06 01:17 UTC by Keith Harrison
Modified: 2009-07-20 00:08 UTC (History)
8 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
patch to compile mythtv (0.22-svn-r20677) with sandbox-2.0 (mythtv-sandbox.patch,475 bytes, patch)
2009-06-07 20:15 UTC, hirakendu
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Keith Harrison 2009-06-06 01:17:43 UTC
reinstalling mythtv-0.21_p19961 as requested by portage becuause of libraw1394 using emerge @preserved-rebuild causes a sandbox violation

Reproducible: Always

Steps to Reproduce:
1. emerge mythtv
2.
3.

Actual Results:  
make[2]: Entering directory `/var/tmp/portage/media-tv/mythtv-0.21_p19961-r2/work/mythtv-0.21_p19961/programs/mythtv'                                                                                              
cp -f "mythtv" "/var/tmp/portage/media-tv/mythtv-0.21_p19961-r2/image//usr/bin/mythtv"                                                                                                                             
make[2]: Leaving directory `/var/tmp/portage/media-tv/mythtv-0.21_p19961-r2/work/mythtv-0.21_p19961/programs/mythtv'                                                                                               
( [ -d mythfrontend ] && cd mythfrontend ; make -f Makefile install; ) || true                                                                                                                                     
make[2]: Entering directory `/var/tmp/portage/media-tv/mythtv-0.21_p19961-r2/work/mythtv-0.21_p19961/programs/mythfrontend'                                                                                        
cp -f "mythfrontend" "/var/tmp/portage/media-tv/mythtv-0.21_p19961-r2/image//usr/bin/mythfrontend"                                                                                                                 
ldconfig                                                                                                                                                                                                           
ACCESS DENIED  open_wr:      /etc/ld.so.cache~                                                                                                                                                                     
make[2]: [install_setting] Error 1 (ignored)                                                                                                                                                                       
( [ -d mythcommflag ] && cd mythcommflag ; make -f Makefile install; ) || true                                                                                                                                     
make[2]: Entering directory `/var/tmp/portage/media-tv/mythtv-0.21_p19961-r2/work/mythtv-0.21_p19961/programs/mythcommflag'                                                                                        
cp -f "mythcommflag" "/var/tmp/portage/media-tv/mythtv-0.21_p19961-r2/image//usr/bin/mythcommflag"                                                                                                                 
make[2]: Leaving directory `/var/tmp/portage/media-tv/mythtv-0.21_p19961-r2/work/mythtv-0.21_p19961/programs/mythcommflag'                                                                                         
( [ -d mythtvosd ] && cd mythtvosd ; make -f Makefile install; ) || true

...

make[1]: Leaving directory `/var/tmp/portage/media-tv/mythtv-0.21_p19961-r2/work/mythtv-0.21_p19961/config'
>>> Completed installing mythtv-0.21_p19961-r2 into /var/tmp/portage/media-tv/mythtv-0.21_p19961-r2/image/

--------------------------- ACCESS VIOLATION SUMMARY ---------------------------
LOG FILE "/var/log/sandbox/sandbox-19784.log"

VERSION 1.0
FORMAT: F - Function called
FORMAT: S - Access Status
FORMAT: P - Path as passed to function
FORMAT: A - Absolute Path (not canonical)
FORMAT: R - Canonical Path
FORMAT: C - Command Line

F: open_wr
S: deny
P: /etc/ld.so.cache~
A: /etc/ld.so.cache~
R: /etc/ld.so.cache~
C: ldconfig
--------------------------------------------------------------------------------



Expected Results:  
successful install

Portage 2.2_rc33 (default/linux/amd64/2008.0, gcc-4.3.3, glibc-2.10.1-r0, 2.6.28-gentoo-r6 x86_64)
=================================================================
System uname: Linux-2.6.28-gentoo-r6-x86_64-AMD_Athlon-tm-_X2_Dual_Core_Processor_BE-2400-with-gentoo-2.0.1
Timestamp of tree: Fri, 05 Jun 2009 22:15:01 +0000
app-shells/bash:     4.0_p24
dev-lang/python:     2.6.2-r1
dev-util/cmake:      2.6.4
sys-apps/baselayout: 2.0.1
sys-apps/openrc:     0.4.3-r2
sys-apps/sandbox:    2.0
sys-devel/autoconf:  2.63-r1
sys-devel/automake:  1.7.9-r1, 1.9.6-r2, 1.10.2, 1.11
sys-devel/binutils:  2.19.1-r1
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6a
virtual/os-headers:  2.6.29
ACCEPT_KEYWORDS="amd64 ~amd64"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -march=k8 -pipe -fomit-frame-pointer"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/3.5/env /usr/kde/3.5/share/config /usr/kde/3.5/shutdown /usr/share/config"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-O2 -march=k8 -pipe -fomit-frame-pointer"
DISTDIR="/usr/portage/distfiles"
FEATURES="distlocks fixpackages parallel-fetch preserve-libs protect-owned sandbox sfperms strict unmerge-orphans userfetch"
GENTOO_MIRRORS="http://gentoo.mirrors.tds.net/gentoo http://mirror.datapipe.net/gentoo http://gentoo.chem.wisc.edu/gentoo/ http://prometheus.cs.wmich.edu/gentoo http://gentoo.seren.com/gentoo http://mirror.datapipe.net/gentoo"
LDFLAGS="-Wl,-O1"
MAKEOPTS="-j3"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_EXTRA_OPTS="--progress"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.us.gentoo.org/gentoo-portage"
USE="3dnow 3dnowext X a52 aac acl acpi alsa amd64 apache2 avahi berkdb bindist branding bzip2 caps cddb cdio cdparanoia cdr cli cracklib crypt cups custom-cxxflags dbus dri dvd dvdr encode ffmpeg flac fortran gdbm gif git glibc-omitfp gmp gnutls gpm hal iconv ieee1394 ipv6 isdnlog ithreads ivtv jpeg jpeg2k kdehiddenvisibility lame laptop lcd libwww lirc logrotate mdnsresponder-compat midi mjpeg mmx mmxext mng mp2 mp3 mp4 mpeg mpeg2 mplayer mudflap multilib mysql ncurses nfs nls nptl nptlonly ogg opengl openmp pam pcre perl php png posix pppd python qt3 qt4 quicktime rar readline reflection rtc samba sdl session spell spl sse sse2 ssl subversion sysfs tcpd theora threads tiff truetype unicode usb v4l v4l2 vcd vnc vorbis x264 xine xml xorg xpm xv xvid zlib" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias auth_digest" ELIBC="glibc" INPUT_DEVICES="mouse keyboard evdev" KERNEL="linux" LCD_DEVICES="imonlcd" LIRC_DEVICES="imon_lcd" USERLAND="GNU" VIDEO_CARDS="vesa fglrx radeon radeonhd"
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, FFLAGS, INSTALL_MASK, LANG, LC_ALL, LINGUAS, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTDIR_OVERLAY
Comment 1 Genorax 2009-06-06 14:41:22 UTC
The fun part is when you realize that it its actually the new ieee1394 library that is causing the sandbox violation.  I just changed the use flag for mythtv since I don't actually use it with a cable box via ieee1394.  It built fine and I once again have a functional mythtv.
Comment 2 Keith Harrison 2009-06-06 23:19:58 UTC
(In reply to comment #1)
> The fun part is when you realize that it its actually the new ieee1394 library
> that is causing the sandbox violation.  I just changed the use flag for mythtv
> since I don't actually use it with a cable box via ieee1394.  It built fine and
> I once again have a functional mythtv.
> 

I tried USE="-ieee1394" emerge mythtv this morning and it gave me the same error.
Comment 3 Genorax 2009-06-06 23:37:20 UTC
(In reply to comment #2)
> (In reply to comment #1)
> > The fun part is when you realize that it its actually the new ieee1394 library
> > that is causing the sandbox violation.  I just changed the use flag for mythtv
> > since I don't actually use it with a cable box via ieee1394.  It built fine and
> > I once again have a functional mythtv.
> > 
> 
> I tried USE="-ieee1394" emerge mythtv this morning and it gave me the same
> error.
> 
Oh, you are correct, I forgot exactly what it was.  I had to do FEATURES=-sandbox USE=-ieee1394 emerge mythtv.  So, the ieee1394 part wasn't causing the sandbox violation.  I tried emerging with FEATURES=-sandbox and having ieee1394 still in my use flags.  somehow that didn't work.  But taking both out of the equation not only let me build but the program was usable after that. hooray.
Comment 4 hirakendu 2009-06-07 20:12:02 UTC
I have attached a patch to fix it. Strangely, a usual fix of not doing ldconfig by export LDCONFIG=/bin/true did not work in this case. And it turned out to be a somewhat tricky package to figure out where ldconfig is being called.

Note that the problem comes up apparently after an update from sandbox-1.9 to 2.0.
Comment 5 hirakendu 2009-06-07 20:15:16 UTC
Created attachment 193831 [details, diff]
patch to compile mythtv (0.22-svn-r20677) with sandbox-2.0

Apart from adding this patch to files/ folder, add this to ebuild in src_unpack (or src_prepre):
        # sandbox-2.0:
        cd "${S}"
        epatch ${FILESDIR}/${PN}-sandbox.patch
Comment 6 Per Öberg 2009-06-14 14:57:47 UTC
Patch works for me...
Comment 7 Brandon Penglase 2009-06-20 02:14:59 UTC
(In reply to comment #6)
> Patch works for me...
> 

Confirmed, patch working for me too. ~AMD64, sandbox 2.0, Portage 2.1.6.13 (default/linux/amd64/2008.0/desktop, gcc-4.3.3, glibc-2.10.1-r0, 2.6.30-rc7-zen0-0-08384-gce1adbc x86_64)
Comment 8 Michael Evans 2009-06-22 06:05:58 UTC
(In reply to comment #5)
> Created an attachment (id=193831) [edit]
> patch to compile mythtv (0.22-svn-r20677) with sandbox-2.0
> 
> Apart from adding this patch to files/ folder, add this to ebuild in src_unpack
> (or src_prepre):
>         # sandbox-2.0:
>         cd "${S}"
>         epatch ${FILESDIR}/${PN}-sandbox.patch
> 


I confirm that I too ran in to this issue for the same reasons listed above, and this patch applied to the ebuild in question with the file in the proper files/ subfolder and then an ebuild manifest (just to make sure), resulted in a properly installed mythtv.
Comment 9 Michael Evans 2009-06-29 20:29:26 UTC
I can also confirm that this is -not- http://bugs.gentoo.org/show_bug.cgi?id=240530 , which I found when I ran in to this again after I decided to rebuild, instead of copy, the gentoo install on the new root.
Comment 10 Keith Harrison 2009-07-19 20:44:25 UTC
I get the same sandbox violation when compiling mythtv-0.21_p20877
Comment 11 Keith Harrison 2009-07-19 21:44:53 UTC
(In reply to comment #10)
> I get the same sandbox violation when compiling mythtv-0.21_p20877
> 

mythtv-0.21_p20877 compiles and installs fine with the above mythtv-sandbox.patch.  Thanks for the patch.
Comment 12 Doug Goldstein gentoo-dev 2009-07-20 00:08:26 UTC
Fixed.