I added FEATURES="usersync" to make.conf and changed owner of $PORTDIR to portage, but emerge --sync still invokes rsync with root user the first time. Reproducible: Always Steps to Reproduce: 1. add FEATURES=usersync to make.conf 2. chown portage $PORTDIR 3. iptables -A OUTPUT -p tcp --dport rsync -m owner --uid-owner portage -j ACCEPT 4. emerge --sync Actual Results: Emerge hangs. Doing a netstat shows the connection waiting on status SYN_SENT; doing a ps aux shows that rsync is invoked by root user instead of portage (and thus blocked by firewall). Sync can not complete. Expected Results: rsync should be invoked as portage, and thus emerge --sync should complete fine. If I remove the user constraint from firewall, emerge --sync completes fine. During sync, a ps aux shows that rsync is correctly invoked as portage user. It seems that only for initial invocation of rsync (the one for timestamp) root is used. I could test only on a Sparc system, but I think it does not depend on the platform. ps aux while hanging: ... root 9778 1.0 0.2 4144 1176 pts/1 S+ 20:56 0:00 rsync --recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --verbose rsync://91.186.30.235/gentoo-portage/metadata/timestamp.chk /tmp/tmp39GzjS ... ps aux while syncing when user constraint removed from firewall: ... portage 9913 28.7 0.4 8136 2312 pts/1 D+ 20:57 0:01 rsync --recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --verbose rsync://134.68.240.40/gentoo-portage/ /usr/portage portage 9916 7.6 0.8 49064 4136 pts/1 S+ 20:57 0:00 rsync --recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --verbose rsync://134.68.240.40/gentoo-portage/ /usr/portage ... emerge --info: Portage 2.1.8.3 (default/linux/sparc/10.0/server, gcc-4.3.4, glibc-2.10.1-r1, 2.6.32-gentoo-r7 sparc64) ================================================================= System uname: Linux-2.6.32-gentoo-r7-sparc64-sun4u-with-gentoo-1.12.13 Timestamp of tree: Wed, 07 Jul 2010 18:30:01 +0000 distcc 3.1 sparc-unknown-linux-gnu [disabled] app-shells/bash: 4.0_p37 dev-lang/python: 2.6.4-r1 sys-apps/baselayout: 1.12.13 sys-apps/sandbox: 1.6-r2 sys-devel/autoconf: 2.65 sys-devel/automake: 1.11.1 sys-devel/binutils: 2.18-r3 sys-devel/gcc: 4.3.4 sys-devel/gcc-config: 1.4.1 sys-devel/libtool: 2.2.6b virtual/os-headers: 2.6.30-r1 ACCEPT_KEYWORDS="sparc" ACCEPT_LICENSE="* -@EULA" CBUILD="sparc-unknown-linux-gnu" CFLAGS="-O2 -mcpu=ultrasparc -mtune=ultrasparc -mvis -pipe -Wa,-Av8plusa" CHOST="sparc-unknown-linux-gnu" CONFIG_PROTECT="/etc" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d" CXXFLAGS="-O2 -mcpu=ultrasparc -pipe" DISTDIR="/home/gentoo/distfiles" EMERGE_DEFAULT_OPTS="--ask-enter-invalid --quiet-build" FEATURES="assume-digests buildpkg candy distlocks fixpackages metadata-transfer news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync" GENTOO_MIRRORS=" http://mirror.switch.ch/mirror/gentoo/" LANG="en_US" LDFLAGS="-Wl,-O2" LINGUAS="en" MAKEOPTS="-j2" PKGDIR="/home/gentoo/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_EXTRA_OPTS="--exclude-from=/home/gentoo/exclude.txt" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/home/gentoo/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/home/gentoo/overlay" SYNC="rsync://rsync.gentoo.org/gentoo-portage" USE="acl apache2 berkdb bzip2 cli cracklib crypt cxx dri gcc64 gdbm gpm iconv ipv6 modules mudflap mysql ncurses nls nptl nptlonly pam pcre perl pppd python readline reflection session snmp sparc spl ssl sysfs tcpd threads truetype unicode xml xorg zlib" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="fbdev glint mach64 mga r128 radeon sunbw2 suncg14 suncg3 suncg6 sunffb sunleo tdfx voodoo" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, FFLAGS, INSTALL_MASK, LC_ALL, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS
(In reply to comment #0) > It seems that only for initial invocation of rsync (the one for timestamp) > root is used. It's writing to a temp file here, so we just need to ensure that the temp file is writable by the appropriate user before we drop privileges.
This is fixed in git: http://git.overlays.gentoo.org/gitweb/?p=proj/portage.git;a=commit;h=2428b8cbc8f90415532a7777f70bbefeb3c1b8cc
This is in 2.2_rc68, but I'll leave this bug open until it's in an unmasked version.
This is fixed in 2.1.9.
