Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 327507 - sys-apps/portage- FEATURES=usersync does not drop to portage user for first invocation of rsync
Summary: sys-apps/portage- FEATURES=usersync does not drop to portage user for...
Alias: None
Product: Portage Development
Classification: Unclassified
Component: Core - Interface (emerge) (show other bugs)
Hardware: Sparc64 Linux
: High normal (vote)
Assignee: Portage team
Keywords: InVCS
Depends on:
Blocks: 335925
  Show dependency tree
Reported: 2010-07-08 16:31 UTC by account-removed
Modified: 2010-09-04 08:39 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description account-removed 2010-07-08 16:31:53 UTC
I added FEATURES="usersync" to make.conf and changed owner of $PORTDIR to portage, but emerge --sync still invokes rsync with root user the first time.

Reproducible: Always

Steps to Reproduce:
1. add FEATURES=usersync to make.conf
2. chown portage $PORTDIR
3. iptables -A OUTPUT -p tcp --dport rsync -m owner --uid-owner portage -j ACCEPT
4. emerge --sync

Actual Results:  
Emerge hangs. Doing a netstat shows the connection waiting on status SYN_SENT; doing a ps aux shows that rsync is invoked by root user instead of portage (and thus blocked by firewall). Sync can not complete.

Expected Results:  
rsync should be invoked as portage, and thus emerge --sync should complete fine.

If I remove the user constraint from firewall, emerge --sync completes fine. During sync, a ps aux shows that rsync is correctly invoked as portage user. It seems that only for initial invocation of rsync (the one for timestamp) root is used.
I could test only on a Sparc system, but I think it does not depend on the platform.

ps aux while hanging:
root      9778  1.0  0.2   4144  1176 pts/1    S+   20:56   0:00 rsync --recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --verbose rsync:// /tmp/tmp39GzjS 

ps aux while syncing when user constraint removed from firewall:
portage   9913 28.7  0.4   8136  2312 pts/1    D+   20:57   0:01 rsync --recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --verbose rsync:// /usr/portage 
portage   9916  7.6  0.8  49064  4136 pts/1    S+   20:57   0:00 rsync --recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --verbose rsync:// /usr/portage 

emerge --info:
Portage (default/linux/sparc/10.0/server, gcc-4.3.4, glibc-2.10.1-r1, 2.6.32-gentoo-r7 sparc64)
System uname: Linux-2.6.32-gentoo-r7-sparc64-sun4u-with-gentoo-1.12.13
Timestamp of tree: Wed, 07 Jul 2010 18:30:01 +0000
distcc 3.1 sparc-unknown-linux-gnu [disabled]
app-shells/bash:     4.0_p37
dev-lang/python:     2.6.4-r1
sys-apps/baselayout: 1.12.13
sys-apps/sandbox:    1.6-r2
sys-devel/autoconf:  2.65
sys-devel/automake:  1.11.1
sys-devel/binutils:  2.18-r3
sys-devel/gcc:       4.3.4
sys-devel/gcc-config: 1.4.1
sys-devel/libtool:   2.2.6b
virtual/os-headers:  2.6.30-r1
CFLAGS="-O2 -mcpu=ultrasparc -mtune=ultrasparc -mvis -pipe -Wa,-Av8plusa"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/php/apache2-php5/ext-active/ /etc/php/cgi-php5/ext-active/ /etc/php/cli-php5/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/udev/rules.d"
CXXFLAGS="-O2 -mcpu=ultrasparc -pipe"
EMERGE_DEFAULT_OPTS="--ask-enter-invalid --quiet-build"
FEATURES="assume-digests buildpkg candy distlocks fixpackages metadata-transfer news parallel-fetch protect-owned sandbox sfperms strict unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
USE="acl apache2 berkdb bzip2 cli cracklib crypt cxx dri gcc64 gdbm gpm iconv ipv6 modules mudflap mysql ncurses nls nptl nptlonly pam pcre perl pppd python readline reflection session snmp sparc spl ssl sysfs tcpd threads truetype unicode xml xorg zlib" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" ELIBC="glibc" INPUT_DEVICES="keyboard mouse evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="fbdev glint mach64 mga r128 radeon sunbw2 suncg14 suncg3 	suncg6 sunffb sunleo tdfx voodoo" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" 
Comment 1 Zac Medico gentoo-dev 2010-07-10 03:29:57 UTC
(In reply to comment #0)
> It seems that only for initial invocation of rsync (the one for timestamp)
> root is used.

It's writing to a temp file here, so we just need to ensure that the temp file is writable by the appropriate user before we drop privileges.
Comment 3 Zac Medico gentoo-dev 2010-08-23 06:27:17 UTC
This is in 2.2_rc68, but I'll leave this bug open until it's in an unmasked version.
Comment 4 Zac Medico gentoo-dev 2010-09-04 08:39:43 UTC
This is fixed in 2.1.9.