Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 44 - "apparent" sandbox violations when merging python modules
Summary: "apparent" sandbox violations when merging python modules
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Development (show other bugs)
Hardware: x86 Linux
: High normal (vote)
Assignee: Damon Conway (RETIRED)
Depends on:
Blocks: 16 21
  Show dependency tree
Reported: 2002-01-05 17:03 UTC by Tod M. Neidt
Modified: 2007-03-28 12:33 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

sandbox-PyXML-0.6.6-12713.log (sandbox-PyXML-0.6.6-12713.log,9.67 KB, text/plain)
2002-01-05 17:05 UTC, Tod M. Neidt
sandbox-gnome-python-1.4.1-r3-4971.log (sandbox-gnome-python-1.4.1-r3-4971.log,6.93 KB, text/plain)
2002-01-05 17:05 UTC, Tod M. Neidt
sandbox-Numeric-20.3-5079.log (sandbox-Numeric-20.3-5079.log,27.50 KB, text/plain)
2002-01-05 17:06 UTC, Tod M. Neidt

Note You need to log in before you can comment on or make changes to this bug.
Description Tod M. Neidt 2002-01-05 17:03:56 UTC

Python distutils (i.e. appears to do extensive probing of the python
installation when installing python modules.  This results in many "apparent"
sandbox (v0.2.2) violations when trying to merge a python module.  

This appears to be the case for all python modules that use distutils to install
(although I have only confirmed for gnome-python, PyXML, and Numeric so far) and
is true for a python-2.1.1 and python-2.2 installation.  I haven't tested
against python-2.0

I believe this is related to running automake to generate Makefile's
and calling some python code in the aclocal.m4 and acinclude.m4 files located in
the top directory of the modules source tree.

Unfortunately, I can't offer a solution at this time.  But I will attach a
couple example sandbox.logs to illustrate the problem.

Comment 1 Tod M. Neidt 2002-01-05 17:05:08 UTC
Created attachment 24 [details]
Comment 2 Tod M. Neidt 2002-01-05 17:05:47 UTC
Created attachment 25 [details]
Comment 3 Tod M. Neidt 2002-01-05 17:06:20 UTC
Created attachment 26 [details]
Comment 4 Geert Bevin 2002-01-14 13:21:51 UTC
I might work to try this by setting the SANDBOX_PREDICT variable. This prevents
write outside the allowed dirs, but doesn't make the sandbox to consider this as
errors. I don't know however if this doesn't interfere with the correct workings
of the python check. To make it easy, you can just use the 'addpredict' bach
function in your ebuild. If you're sure that it doesn't 'cause any unwanted
behaviour, I could add it to the default sandbox settings.
Comment 5 Geert Bevin 2002-01-15 06:44:52 UTC
I added the SANDBOX_PREDICT var entries and it seems to work well. All packages
compile and the few I tested ran well (XChat, 4Suite). Also integrating it into
portage 1.8.5-r2