emerge --info
Portage 2.2.0_alpha105 (default/linux/amd64/10.0/desktop, gcc-4.6.3, glibc-2.15-r1, 3.4.0-rc7 x86_64)
=================================================================
System uname: Linux-3.4.0-rc7-x86_64-Intel-R-_Core-TM-_i5_CPU_M_430_@_2.27GHz-with-gentoo-2.1
Timestamp of tree: Sun, 20 May 2012 00:00:01 +0000
distcc 3.1 x86_64-pc-linux-gnu [enabled]
ccache version 3.1.7 [enabled]
app-shells/bash:          4.2_p28
dev-java/java-config:     2.1.11-r3
dev-lang/python:          2.7.3-r2, 3.2.3-r1
dev-util/ccache:          3.1.7
dev-util/cmake:           2.8.8-r2
dev-util/pkgconfig:       0.26
sys-apps/baselayout:      2.1-r1
sys-apps/openrc:          0.9.9.3
sys-apps/sandbox:         2.5
sys-devel/autoconf:       2.13::<unknown repository>, 2.69
sys-devel/automake:       1.4_p6-r1, 1.5-r1, 1.7.9-r2, 1.8.5-r4, 1.11.5
sys-devel/binutils:       2.22-r1
sys-devel/gcc:            4.5.3-r2, 4.6.3
sys-devel/gcc-config:     1.7.1
sys-devel/libtool:        2.4.2
sys-devel/make:           3.82-r3
sys-kernel/linux-headers: 3.3 (virtual/os-headers)
sys-libs/glibc:           2.15-r1
Repositories: gentoo pcsx2 desktop-effects mozilla ladi x11 gamerlay-stable mysql emacs enlightenment gechi java-overlay pd-overlay webapp-experimental pok3d d-overlay oomidi-overlay subforge sunrise symix mpd proaudio keenblade keen-compiz crossdev
Installed sets: 
ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="* -@EULA Broadcom RTCW-ETEULA Oracle-BCLA-JavaSE AdobeFlash-10.3"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=core2 -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt /var/lib/hsqldb"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.3/ext-active/ /etc/php/apache2-php5.4/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cgi-php5.4/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/php/cli-php5.4/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-march=core2 -O2 -pipe"
DISTDIR="/run/media/keenblade/xs-2/usr/portage/distfiles"
EMERGE_DEFAULT_OPTS="--keep-going --quiet-build=n"
FEATURES="assume-digests binpkg-logs ccache collision-protect distcc distlocks ebuild-locks fail-clean fixlafiles news parallel-fetch parse-eapi-ebuild-head preserve-libs protect-owned sandbox sfperms sign strict unknown-features-warn unmerge-logs unmerge-orphans userfetch"
FFLAGS=""
GENTOO_MIRRORS="http://distfiles.gentoo.org"
LANG="tr_TR.UTF-8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="tr"
MAKEOPTS="-j8"
PKGDIR="/run/media/keenblade/xs-2/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/var/portage"
PORTDIR_OVERLAY="/var/lib/layman/pcsx2 /var/lib/layman/desktop-effects /var/lib/layman/mozilla /var/lib/layman/ladi /var/lib/layman/x11 /var/lib/layman/gamerlay /var/lib/layman/mysql /var/lib/layman/emacs /var/lib/layman/enlightenment /var/lib/layman/gechi /var/lib/layman/java-overlay /var/lib/layman/pd-overlay /var/lib/layman/webapps-experimental /var/lib/layman/pok3d /var/lib/layman/d /var/lib/layman/oomidi /var/lib/layman/subforge /var/lib/layman/sunrise /run/media/keenblade/xs-2/usr/local/overlays/symix /run/media/keenblade/xs-2/usr/local/overlays/mpd-gentoo-overlay /run/media/keenblade/xs-2/usr/local/overlays/proaudio/trunk/overlays/proaudio /run/media/keenblade/xs-2/usr/local/overlays/keenblade /run/media/keenblade/xs-2/usr/local/overlays/keen-compiz /usr/local/overlays/crossdev"
SYNC="rsync://achiko/gentoo-portage"
USE="X a52 aac acl acpi alsa amd64 apache2 berkdb bluetooth bzip2 cairo cdda cdr cli consolekit cracklib crypt cups cxx dbus dri dts dvd dvdr eds emboss encode evo exif fam ffmpeg firefox flac fortran gdbm gif glitz gnome gpm gstreamer gtk iconv ipv6 jack java jpeg kde ladspa lash lcms ldap libnotify lm_sensors mad midi mmx mng modules mp3 mp4 mpeg mudflap multilib mysql mysqli ncurses nls nptl nvidia ogg opengl openmp pam pango pcre pdf png policykit ppds pppd qt3support qt4 readline ruby19 sdl session spell sqlite3 sse sse2 ssl startup-notification svg tcpd theora tiff truetype udev udisks unicode upower usb vorbis wxwidgets x264 xcb xcomposite xinerama xml xorg xulrunner xv xvid xvmc zlib" ALSA_CARDS="hda-intel mpu401 usb-audio" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LINGUAS="tr" LIRC_DEVICES="alsa_usb" PHP_TARGETS="php5-3" PYTHON_TARGETS="python3_2 python2_7" RUBY_TARGETS="ruby18 ruby19" USERLAND="GNU" VIDEO_CARDS="r600 radeon intel vesa" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CPPFLAGS, CTARGET, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON

Comment 2 Samuli Suominen (RETIRED) 2012-05-20 12:20:04 UTC

UDisks2 is using ACL to setup /run/media/$user so only the user who mounted it can access it.
It seems to me you need to adjust permissions (chown and/or setfacl) for the directory so Portage can access it.
Or perhaps FEATURES="-userpriv" will help?

(In reply to comment #2)
> UDisks2 is using ACL to setup /run/media/$user so only the user who mounted
> it can access it.
> It seems to me you need to adjust permissions (chown and/or setfacl) for the
> directory so Portage can access it.
> Or perhaps FEATURES="-userpriv" will help?

FEATURES="-userpriv" does not work here. I also set it in make.conf but emerge fails exactly the same. The strange thing, whether I enable or disable "userpriv";
emerge --info | grep userpriv
returns nothing.

Also how to adjust permissions with chown and/or setfacl? 
(or like "chmod 755 /run/media/keenblade/xs-2/usr/portage/distfiles" )
currently permissions are:

ls -l /run/media/keenblade/xs-2/usr/portage/
drwxrwsr-x   9 root portage 553384 May 20 15:42 distfiles
drwxr-xr-x 115 root root      3344 May 20 15:42 packages

ls -l /run/media/keenblade
drwxr-xr-x 8 root root 176 May 20 16:34 xs-2

Comment 4 Samuli Suominen (RETIRED) 2012-05-20 14:20:14 UTC

From top of my head,

# info getfacl
# info setfacl
# getfacl /run/media/keenblade
# setfacl -R -m g:portage:rwx /run/media/keenblade

-R is recursive, g: means group and u: would be user, ...

Just read the info pages or google for those commands, plenty of examples around

But bugzilla is not really helpdisk, so I'm closing this bug. Hope you figure it out.

(In reply to comment #4)
> But bugzilla is not really helpdisk, so I'm closing this bug. Hope you
> figure it out.
I understand what you mean, but I think users should not have to use those command line tools, just because they use external storage for distfiles. Portage should be able to handle this with "-userpriv" or any other way.
Thanks, anyway.

Comment 6 Samuli Suominen (RETIRED) 2012-05-20 15:18:45 UTC

Well, let's get opinion from some other developers:

I'm reopening this so Portage developers, like Zac, can take a look too.

What do you think, would it be crazy to make Portage run something like `setfacl -R -m g:portage:rwx "${DISTDIR}"` to ensure access is available to distfiles directory?

(In reply to comment #6)
> Well, let's get opinion from some other developers:
> 
> I'm reopening this so Portage developers, like Zac, can take a look too.
> 
> What do you think, would it be crazy to make Portage run something like
> `setfacl -R -m g:portage:rwx "${DISTDIR}"` to ensure access is available to
> distfiles directory?

I think it is not crazy, because if a user defines DISTDIR, then this user surely wants portage to have necessarly permissions to work on the specified directories.
Btw, the problem is portage already has the necessary permissions but fails to operate:

getfacl /run/media/keenblade/xs-2/usr/portage/distfiles/
getfacl: Removing leading '/' from absolute path names
# file: run/media/keenblade/xs-2/usr/portage/distfiles/
# owner: root
# group: portage
# flags: -s-
user::rwx
group::rwx
other::r-x
 or 
ls -l /run/media/keenblade/xs-2/usr/portage/
drwxrwsr-x   9 root portage 553384 May 20 15:42 distfiles

Also setfacl gives "Operation not supported" with your command line:

setfacl -R -m g:portage:rwx /run/media/keenblade/xs-2/usr/portage/distfiles/
setfacl: /run/media/keenblade/xs-2/usr/portage/distfiles//lxrandr-0.1.2.tar.gz: Operation not supported
setfacl: /run/media/keenblade/xs-2/usr/portage/distfiles//libdiscid-0.2.2.tar.gz: Operation not supported

Comment 8 Samuli Suominen (RETIRED) 2012-05-20 15:52:45 UTC

(In reply to comment #7)
> (In reply to comment #6)
> > Well, let's get opinion from some other developers:
> > 
> > I'm reopening this so Portage developers, like Zac, can take a look too.
> > 
> > What do you think, would it be crazy to make Portage run something like
> > `setfacl -R -m g:portage:rwx "${DISTDIR}"` to ensure access is available to
> > distfiles directory?
> 
> I think it is not crazy, because if a user defines DISTDIR, then this user
> surely wants portage to have necessarly permissions to work on the specified
> directories.
> Btw, the problem is portage already has the necessary permissions but fails
> to operate:
> Also setfacl gives "Operation not supported" with your command line:

Your kernel might be miscompiled. 

`grep ACL /usr/src/linux/.config` or `zgrep ACL /proc/config.gz` should print at least following:

$ zgrep ACL /proc/config.gz 
CONFIG_EXT4_FS_POSIX_ACL=y
CONFIG_FS_POSIX_ACL=y
CONFIG_GENERIC_ACL=y
CONFIG_TMPFS_POSIX_ACL=y

I'm using EXT4.

When you emerge sys-fs/udisks:2 it at least is complaining if some of those are missing.

As in, ACL is a mandatory requirement of UDisks2.

(In reply to comment #8)
> Your kernel might be miscompiled. 
> 
> `grep ACL /usr/src/linux/.config` or `zgrep ACL /proc/config.gz` should
> print at least following:
> 
> $ zgrep ACL /proc/config.gz 
> CONFIG_EXT4_FS_POSIX_ACL=y
> CONFIG_FS_POSIX_ACL=y
> CONFIG_GENERIC_ACL=y
> CONFIG_TMPFS_POSIX_ACL=y
> 
> I'm using EXT4.
> 
I use reiserfs v3 for this usb disk and EXT4 for all others. ACL kernel setup seems fine:

zgrep ACL /proc/config.gz
CONFIG_EXT4_FS_POSIX_ACL=y
CONFIG_REISERFS_FS_POSIX_ACL=y
CONFIG_JFS_POSIX_ACL=y
CONFIG_XFS_POSIX_ACL=y
CONFIG_BTRFS_FS_POSIX_ACL=y
CONFIG_FS_POSIX_ACL=y
CONFIG_GENERIC_ACL=y
CONFIG_TMPFS_POSIX_ACL=y
# CONFIG_NFS_V3_ACL is not set
# CONFIG_NFSD_V3_ACL is not set

Comment 10 Zac Medico 2012-05-20 20:03:18 UTC

You want FEATURES="-userfetch" (which is a separate feature from userpriv).

Comment 11 Zac Medico 2012-05-20 20:09:35 UTC

(In reply to comment #6)
> What do you think, would it be crazy to make Portage run something like
> `setfacl -R -m g:portage:rwx "${DISTDIR}"` to ensure access is available to
> distfiles directory?

We can't run recursive commands like this for every emerge invocation, because due to "live" eclasses there can be *large* source trees in there that make it *very* slow. So, it's the user's responsibility to set this permission once if appropriate (or just set FEATURES="-userfetch").

(In reply to comment #10)
> You want FEATURES="-userfetch" (which is a separate feature from userpriv).
Setting FEATURES="-userfetch" works. But, I wonder why portage needs to be run as root, since portage user already has rwx permission on $DISTDIR ?
If you say this behaviour is the way supposed to be, I'll stop bugging.
Thanks.

Comment 13 Zac Medico 2012-05-20 20:35:57 UTC

(In reply to comment #12)
> But, I wonder why portage needs to be
> run as root, since portage user already has rwx permission on $DISTDIR ?

Usually, it's parent directory permissions that lead to confusion like this. For example, if $DISTDIR is /run/media/$USERNAME/$DEVICE, then the portage user is going to need rwx permission to the /run/media/$USERNAME parent directory.

Comment 14 Samuli Suominen (RETIRED) 2012-05-20 20:44:40 UTC

(In reply to comment #13)
> (In reply to comment #12)
> > But, I wonder why portage needs to be
> > run as root, since portage user already has rwx permission on $DISTDIR ?
> 
> Usually, it's parent directory permissions that lead to confusion like this.
> For example, if $DISTDIR is /run/media/$USERNAME/$DEVICE, then the portage
> user is going to need rwx permission to the /run/media/$USERNAME parent
> directory.

UDisks2 will create /run/media/$USERNAME/$DEVICE by g_mkdir() function if /run is present and then use ACL (libacl) to set strict permissions on it, and then mount the device there.

If there was some way for Portage to query the /run/media/$USERNAME part of the path from UDisks2 and then check existance of the `setfacl` command, and then run it for that part of the ${DISTDIR}... Well, as I'm typing it, it's already starting to sound too complex and not a job of Portage.

+1 for closing the bug as worksforme...

(In reply to comment #13)
> (In reply to comment #12)
> > But, I wonder why portage needs to be
> > run as root, since portage user already has rwx permission on $DISTDIR ?
> 
> Usually, it's parent directory permissions that lead to confusion like this.
> For example, if $DISTDIR is /run/media/$USERNAME/$DEVICE, then the portage
> user is going to need rwx permission to the /run/media/$USERNAME parent
> directory.

I gave the portage user all permissions for all the parent directories including /run/media. But it does not work.
Anyway, since FEATURES="-userfetch" works for me, I can live with that. If you want me to test or do something, I'll happily do. 
Otherwise you can close this as worksforme, since I can only close as resolved.

Comment 16 Zac Medico 2012-05-20 21:35:10 UTC

(In reply to comment #15)
> I gave the portage user all permissions for all the parent directories
> including /run/media. But it does not work.
> Anyway, since FEATURES="-userfetch" works for me, I can live with that.

Okay, then it must be the ACL thing, like Samuli mentioned in comment #14. Setting FEATURES="-userfetch" bypasses the ACL restriction since root can do anything.