>>> Emerging (1 of 1) app-cdr/cdrtools-3.01_alpha17 >>> Failed to emerge app-cdr/cdrtools-3.01_alpha17, Log file: >>> '/var/tmp/portage/app-cdr/cdrtools-3.01_alpha17/temp/build.log' * Package: app-cdr/cdrtools-3.01_alpha17 * Repository: gentoo * Maintainer: billie@gentoo.org media-optical@gentoo.org * USE: acl amd64 elibc_glibc filecaps kernel_linux nls unicode userland_GNU * FEATURES: preserve-libs sandbox userpriv usersandbox RULES/rules.top:43: RULES/ldummy.lnk: No such file or directory RULES/rules1.top:261: incs/Dnull: No such file or directory RULES/rules1.top:268: incs/Dcc.amd64-linux: No such file or directory RULES/rules.top:70: RULES/x86_64-linux-cc.rul: No such file or directory RULES/rules.cnf:68: incs/amd64-linux-cc/Inull: No such file or directory RULES/rules.cnf:69: incs/amd64-linux-cc/rules.cnf: No such file or directory ==> MAKING DIRECTORY "incs/amd64-linux-cc/Inull" ==> CONFIGURING RULES "incs/amd64-linux-cc/rules.cnf" using x86_64-pc-linux-gnu-gcc as compiler creating cache ./config.cache checking host system type... ../../autoconf/config.guess: line 690: ./dummy: Permission denied ../../autoconf/config.guess: line 971: ./dummy: Permission denied Invalid configuration `unknownCPU-unknownMFR-unknownOS': machine `unknownCPU-unknownMFR' not recognized Reproducible: Always Portage 2.2.1 (hardened/linux/amd64, gcc-4.7.3, glibc-2.15-r3, 3.10.1-hardened-r1 x86_64) ================================================================= System uname: Linux-3.10.1-hardened-r1-x86_64-Intel-R-_Core-TM-_i7-3770_CPU_@_3.40GHz-with-gentoo-2.2 KiB Mem: 10220956 total, 3822308 free KiB Swap: 19335164 total, 19335164 free Timestamp of tree: Tue, 01 Oct 2013 07:00:01 +0000 ld GNU ld (GNU Binutils) 2.23.1 app-shells/bash: 4.2_p45 dev-java/java-config: 2.1.12-r1 dev-lang/python: 2.7.5-r2, 3.2.5-r2 dev-util/cmake: 2.8.10.2-r2 dev-util/pkgconfig: 0.28 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.11.8 sys-apps/sandbox: 2.6-r1 sys-devel/autoconf: 2.13, 2.69 sys-devel/automake: 1.11.6, 1.12.6, 1.13.4 sys-devel/binutils: 2.23.1 sys-devel/gcc: 4.7.3-r1 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4.2 sys-devel/make: 3.82-r4 sys-kernel/linux-headers: 3.9 (virtual/os-headers) sys-libs/glibc: 2.15-r3 Repositories: gentoo ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -march=native -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -march=native -pipe" DISTDIR="/usr/portage/distfiles" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j7" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="" USE="X acl amd64 avahi berkdb bzip2 cli cracklib crypt cscope cxx dbus dri gdbm gtk hardened iconv ipv6 jpeg justify lock lvm mmx modules mudflap multilib ncurses nls nptl nvidia openmp pam pax_kernel pcre qemu readline session sse sse2 ssl startup-nitification symlink tcpd thunar tls udev unicode urandom virt-network xinerama xulrunner zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LINGUAS="en" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_2" RUBY_TARGETS="ruby19 ruby18" USERLAND="GNU" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, SYNC, USE_PYTHON
Please attach the entire build log to this bug report.
Created attachment 359982 [details] app-cdr/cdrtools-3.01_alpha17 build log
configure believes to be in a cross compile environment when the simplest possible C program does not result in runnable core: main(){} This could be a result of a defective compiler installation. The fact that config.guess reports a permission problem leads to the assumption that the caller did set up a non working compile environment, e.g. by using a pathologigal umask value.
Other packages emerge normally.
Attach config.log that is generated by the ./configure from the /var/tmp/portage/app-cdr/cdrtools-3.01_alpha17/work/cdrtools-3.01 directory
Created attachment 360328 [details] /var/tmp/portage/app-cdr/cdrtools-3.01_alpha17/work/cdrtools-3.01//incs/amd64-linux-cc/config.log
from grsec.log: Oct 7 12:19:04 localhost kernel: [608348.353457] grsec: denied untrusted exec (due to file in group-writable directory) of /var/tmp/portage/app-cdr/cdrtools-3.01_alpha17/work/cdrtools-3.01/incs/amd64-linux-cc/conftest by /var/tmp/portage/app-cdr/cdrtools-3.01_alpha17/work/cdrtools-3.01/incs/amd64-linux-cc/conftest[sh:11260] uid/euid:250/250 gid/egid:250/250, parent /bin/bash[sh:11259] uid/euid:250/250 gid/egid:250/250
grsec & hardened related error, then
(In reply to Samuli Suominen from comment #8) > grsec & hardened related error, then Hum, there is little we can do here except recommending the user to temporarily disable grsec's tpe restrict all feature. The issue is in portage itself, or whomever is leaving folders group writable in the build system. In particular the tmp folder is one such directory. As of now there is little that can be done other than recommending developers to place the programs to be run somewhere other than tmp.
(In reply to Francisco Blas Izquierdo Riera from comment #9) > (In reply to Samuli Suominen from comment #8) > > grsec & hardened related error, then > > Hum, there is little we can do here except recommending the user to > temporarily disable grsec's tpe restrict all feature. > > The issue is in portage itself, or whomever is leaving folders group > writable in the build system. In particular the tmp folder is one such > directory. > > As of now there is little that can be done other than recommending > developers to place the programs to be run somewhere other than tmp. Add portage to the wheel group: gpasswd -a portage wheel and see if that helps
portage is already in the wheel group: nshulman@nvshp:~ $ grep wheel /etc/group wheel:x:10:root,nshulman,portage
It may be that the system in question is doing too much because it is not checking all security relevant constraints. A group writable directory is e.g. not a problem at all if there is only one person in that group or if the directory in question is below a directory that does not let others pass. On the other side, returning EACCESS is definitely a bug, as this is not the result of a native UNIX restriction caused by UNIX compliant interpretation of file permissions. Better would be to return something else - well Linux uses a missleading text for EPERM. Better would be the text "Not owner" as used on Solaris. In general, it seems that this system was written by people that did make their life easy instead of doing things right. In addition to the cases I already mentioned, there are other secure cases, that apply in our case: If an executable is only writable by the owner and if this is the same owner as the owner of the directory it is located in, there was no attack. The right way would be to check for real problems instead of trying to prevent execution of binaries that are at places that might be used for attacks but actually are not.
You can always JUST disable TPE, you don't even have to recompile the kernel to do that if you enabled /proc configuration: echo 0 > /proc/sys/kernel/grsecurity/tpe_restrict_all And BTW, good luck trying to check who are the users in a group from kernel space as this is done from userspace. Also try to efficiently check all the directory chain permissions for a file. Now do it for every file you execute and enjoy the slowdown.
As you see, you currently enjoy problems because there is something that makes its life easy, prevents execution of a secure binary. On the other side, a halfway clever implemented algorithm of course can do a much better check even from kernel space.
Why not run dummy in the same place as all the other autoconfig test files?
the gnuconfig files need updating so i've done that automatically: http://sources.gentoo.org/app-cdr/cdrtools/cdrtools-3.01_alpha21.ebuild?r1=1.1&r2=1.2 i added cross-compiler logic for caching vars: http://sources.gentoo.org/app-cdr/cdrtools/cdrtools-3.01_alpha21.ebuild?r1=1.2&r2=1.3 there are a lot of tests in this configure script that are run based when they don't need to be. let's ignore the minor_t checking for now. ac_cv_c_bitfields_htol can be checked simply by: cat <<-EOF >test.c struct { char start[6]; unsigned char x1:4; unsigned char x2:4; char end[5]; } a = { .start = {'S', 't', 'A', 'r', 'T', '_'}, .x1 = 5, .x2 = 4, .end = {'_', 'e', 'N', 'd', 'X'}, }; EOF gcc -c test.c -o test.o if grep -q 'StArT_E_eNdX' test.o ; then ac_cv_c_bitfields_htol="no" elif grep -q 'StArT_T_eNdX' test.o ; then ac_cv_c_bitfields_htol="yes" fi all of the tests that do sizeof() can be calculated by compiling only. autoconf has done this for over a decade. it also supports calculating alignments of types. basically it does: ac_sizeof_func() { cat <<-EOF >test.c int main () { static int test_array [1 - 2 * !((sizeof(TYPE)) == LEN)]; test_array [0] = 0; return test_array [0]; } EOF i=1 while [ $i -lt 60 ]; do if gcc -c test.c -DTYPE="$1" -DLEN=$i 2>/dev/null; then echo $i return 0 fi : $(( i += 1 )) done return 1 } ac_cv_sizeof_char=$(ac_sizeof_func "char") ac_cv_sizeof_int=$(ac_sizeof_func "int") ac_cv_sizeof_unsigned_short=$(ac_sizeof_func "unsigned short") in reality the code uses a binary search to speed things up, but you get the basic idea of how it works. for cases where you know the answer the majority of the time, you should just add a fallback. like for the mlock/mlockall cases, check $host_os and set it to no if it's hpux, else set it to yes. for cases where the code has builtin fallbacks, just use them. so for ecvt/fcvt/gcvt/dtoa_r, default to "no" when cross-compiling. the code base already has code that should work fine. there seems like there's some dead tests in here too -- cases where the computed define isn't actually used in the code base. like HAVE_SYS_SIGLIST, HAVE_SYS_SIGLIST_DEF, HAVE_PRINTF_J, HAVE_PRINTF_LL, HAVE_REALLOC_NULL, NO_USER_MALLOC, HAVE_VAR_TIMEZONE, HAVE_HARD_SYMLINKS, HAVE_LINK_NOFOLLOW, . if, for some weird reason, you want to keep all these things, then you could at least mitigate it by setting the cache vars at the top of the configure script or elsewhere in the build system.
(In reply to SpanKY from comment #16) > the gnuconfig files need updating so i've done that automatically: > http://sources.gentoo.org/app-cdr/cdrtools/cdrtools-3.01_alpha21.ebuild?r1=1. > 1&r2=1.2 Why did you make the change to the removal of the profiled make files? The new command does not delete anything. So if anything is wrong with deleting the files the command could be removed completely.
(In reply to Daniel Pielmeier from comment #17) i don't know what you're talking about. what are "profiled make files" ?
(In reply to SpanKY from comment #18) > (In reply to Daniel Pielmeier from comment #17) > > i don't know what you're talking about. what are "profiled make files" ? Actually I don't know either. However in commit http://sources.gentoo.org/app-cdr/cdrtools/cdrtools-3.01_alpha21.ebuild?r1=1.1&r2=1.2 you made the following change: - rm -f $(find ./ -name '*_p.mk') || die "rm profiled" + rm -f *_p.mk || die "rm profiled" This makes the rm command remove nothing at all as none of these files are in the base directory. The removal of these "*_p.mk" files was added about more than five years ago by Peter Alfredsen (loki_val) in commit: http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/app-cdr/cdrtools/cdrtools-2.01.01_alpha50.ebuild?hideattic=0&revision=1.1&view=markup Later he added a comment to this line stating "#Remove profiled make files" As I did not know if these files do any good or bad I left this command in the ebuild.
(In reply to Daniel Pielmeier from comment #19) thanks, i misread that line. should be fixed now: http://sources.gentoo.org/app-cdr/cdrtools/cdrtools-3.01_alpha17.ebuild?r1=1.14&r2=1.15 http://sources.gentoo.org/app-cdr/cdrtools/cdrtools-3.01_alpha21.ebuild?r1=1.5&r2=1.6 http://sources.gentoo.org/app-cdr/cdrtools/cdrtools-3.01_alpha22.ebuild?r1=1.1&r2=1.2
(In reply to Francisco Blas Izquierdo Riera from comment #13) > You can always JUST disable TPE, you don't even have to recompile the kernel > to do that if you enabled /proc configuration: > echo 0 > /proc/sys/kernel/grsecurity/tpe_restrict_all I just had to use this workaround to be able to install catalyst in our new releng build box for amd64/x86.
I have fixed this properly in alpha17+alpha24 because it was holding up some infra work. Specifically, I changed DEFUMASK in the build system, so that it didn't make group-writable directories (which trip grsec TPE).
