emerge fails when /var/tmp is empty. Perhaps because /var/tmp/ccache does not exist. Insisting a 2nd. time works fine. Example: >>> Emerging (1 of 1) games-simulation/micropolis-1.0 * Adjusting permissions for FEATURES=userpriv: '/var/tmp/.distcc' * Adjusting permissions for FEATURES=userpriv: '/var/tmp/.distcc/lock' * Adjusting permissions for FEATURES=userpriv: '/var/tmp/.distcc/state' * Adjusting permissions for FEATURES=userpriv: '/var/tmp/ccache' * micropolis-activity-source.tgz RMD160 SHA1 SHA256 size ;-) ... [ ok ] * micropolis_git.patch RMD160 SHA1 SHA256 size ;-) ... [ ok ] >>> Unpacking source... >>> Unpacking micropolis-activity-source.tgz to /var/tmp/portage/games-simulation/micropolis-1.0/work * Applying micropolis_git.patch ... [ ok ] >>> Source unpacked in /var/tmp/portage/games-simulation/micropolis-1.0/work >>> Compiling source in /var/tmp/portage/games-simulation/micropolis-1.0/work/micropolis-activity ... make -j9 -C src make: Entering directory `/var/tmp/portage/games-simulation/micropolis-1.0/work/micropolis-activity/src' cd tcl ; make all make[1]: Entering directory `/var/tmp/portage/games-simulation/micropolis-1.0/work/micropolis-activity/src/tcl' make[1]: warning: jobserver unavailable: using -j1. Add `+' to parent make rule. gcc -march=nocona -O2 -pipe -fomit-frame-pointer -I. -DTCL_LIBRARY=\"/usr/local/lib/tcl\" -DIS_LINUX -c -o regexp.o regexp.c ccache: FATAL: Failed to create /var/tmp/ccache/b/e: Permission denied make[1]: *** [regexp.o] Error 1 make[1]: Leaving directory `/var/tmp/portage/games-simulation/micropolis-1.0/work/micropolis-activity/src/tcl' make: *** [all] Error 2 make: Leaving directory `/var/tmp/portage/games-simulation/micropolis-1.0/work/micropolis-activity/src' emake failed * ERROR: games-simulation/micropolis-1.0::gentoo failed (compile phase): * (no error message) * * Call stack: * ebuild.sh, line 93: Called src_compile * environment, line 2491: Called die * The specific snippet of code: * emake -C src || die * * If you need support, post the output of `emerge --info '=games-simulation/micropolis-1.0::gentoo'`, * the complete build log and the output of `emerge -pqv '=games-simulation/micropolis-1.0::gentoo'`. * The complete build log is located at '/var/log/portage/games-simulation:micropolis-1.0:20131129-232505.log'. * For convenience, a symlink to the build log is located at '/var/tmp/portage/games-simulation/micropolis-1.0/temp/build.log'. * The ebuild environment file is located at '/var/tmp/portage/games-simulation/micropolis-1.0/temp/environment'. * Working directory: '/var/tmp/portage/games-simulation/micropolis-1.0/work/micropolis-activity' * S: '/var/tmp/portage/games-simulation/micropolis-1.0/work/micropolis-activity/' >>> Failed to emerge games-simulation/micropolis-1.0, Log file: >>> '/var/log/portage/games-simulation:micropolis-1.0:20131129-232505.log' emerge --info Portage 2.2.7 (default/linux/amd64/13.0/desktop/kde, gcc-4.7.3, glibc-2.15-r3, 3.10.17-gentoo x86_64) ================================================================= System uname: Linux-3.10.17-gentoo-x86_64-Intel-R-_Core-TM-2_Duo_CPU_T7700_@_2.40GHz-with-gentoo-2.2 KiB Mem: 4054968 total, 311332 free KiB Swap: 20971512 total, 20844840 free Timestamp of tree: Sun, 24 Nov 2013 17:45:01 +0000 ld GNU ld (GNU Binutils) 2.23.1 distcc 3.1 x86_64-pc-linux-gnu [enabled] ccache version 3.1.9 [enabled] app-shells/bash: 4.2_p45 dev-java/java-config: 2.1.12-r1 dev-lang/python: 2.7.5-r3, 3.2.5-r3 dev-util/ccache: 3.1.9 dev-util/cmake: 2.8.11.2 dev-util/pkgconfig: 0.28 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.12.4 sys-apps/sandbox: 2.6-r1 sys-devel/autoconf: 2.13, 2.69 sys-devel/automake: 1.11.6, 1.12.6, 1.13.4 sys-devel/binutils: 2.23.1 sys-devel/gcc: 4.7.3-r1 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4.2 sys-devel/make: 3.82-r4 sys-kernel/linux-headers: 3.9 (virtual/os-headers) sys-libs/glibc: 2.15-r3 Repositories: gentoo psergio Installed sets: @system ACCEPT_KEYWORDS="amd64" ACCEPT_LICENSE="* -@EULA PUEL dlj-1.1 googleearth skype-4.0.0.7-copyright Oracle-BCLA-JavaSE AdobeFlash-11.x" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/splash /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c" CXXFLAGS="-march=nocona -O2 -pipe -fomit-frame-pointer" DISTDIR="/GentooPalma/PKGS/distfiles" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs ccache config-protect-if-modified distcc distlocks ebuild-locks fixlafiles merge-sync news parallel-fetch preserve-libs protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="pt_PT.UTF-8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j9" PKGDIR="/GentooPalma/PKGS/packages64" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="/usr/local/portage" SYNC="rsync://rsync.europe.gentoo.org/gentoo-portage" USE="X Xaw3d a52 aac acpi alsa amd64 apm arts audiofile berkdb bidi bluetooth bzip2 cairo cdda cdparanoia cdr cli consolekit cracklib crypt css cups curl cxx dbus declarative dga doc dri dts dvd dvdr dvdread embedded emboss encode exif fam fbcon ffmpeg firefox flac foomaticdb fortran g3dvl gdbm gif gphoto2 gpm gstreamer gtk iconv imagemagick imlib ipv6 java java5 java6 jpeg kde kipi lcms libnotify libwww mad midi mikmod mmx mng modules motif mozilla mp3 mp4 mpeg mplayer msn mudflap multilib musepack mysql nas ncurses net nls nptl nptlonly nsplugin nvidia ogg opengl openmp pam pango pcmcia pcre pdf phonon pic plasma png policykit ppds python qt3support qt4 quicktime readline rtc scanner sdl semantic-desktop session snmp socks5 speex spell sqlite sqlite3 sse sse2 ssl startup-notification subversion svg tcl tcpd tetex threads tiff timidity tk truetype udev udisks unicode upower usb userlocales v4l v4l2 vcd videos vorbis webkit wifi win32codecs wxwidgets wxwindows x264 xcb xcomposite xine xml xprint xscreensaver xulrunner xv xvid xvmc zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="keyboard mouse synaptics evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LINGUAS="pt pt_PT pt_BR en" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_2" RUBY_TARGETS="ruby19 ruby18" USERLAND="GNU" VIDEO_CARDS="nv nvidia vesa fbdev" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON
I can confirm behaviour, only way to fix it is manually. chown portage:portage /var/tmp/ccache/ -R
I can confirm behaviour too. When using ebuild command(but not when using emerge command). It works without userpriv, but not with both ccache userpriv FEATURES this fails: # time ebuild /usr/portage/sys-boot/grub/grub-9999-r1.ebuild compile * Adjusting permissions for FEATURES=userpriv: '/var/tmp/ccache' basically because ccache isn't allowed to create directory eg. /var/tmp/ccache/5/8 ... drwxrwsr-x 18 portage portage 400 Feb 12 17:00 4 drwxrwsr-x 2 root portage 60 Feb 12 17:02 5 drwxrwsr-x 15 portage portage 340 Feb 12 17:00 6 ... eg. ccache: error: Failed to create directory /var/tmp/ccache/f/f: Permission denied ccache: error: Failed to create directory /var/tmp/ccache/f/c: Permission denied # ls -la /var/tmp/ccache/ total 4 drwxrwsr-x 19 root portage 400 Feb 12 17:31 . drwxrwxrwt 6 root root 120 Feb 12 17:30 .. drwxr-sr-x 14 portage portage 320 Feb 12 17:33 0 drwxr-sr-x 17 portage portage 380 Feb 12 17:33 1 drwxr-sr-x 16 portage portage 360 Feb 12 17:33 2 drwxr-sr-x 16 portage portage 360 Feb 12 17:33 3 drwxr-sr-x 16 portage portage 360 Feb 12 17:33 4 drwxr-sr-x 17 portage portage 380 Feb 12 17:33 5 drwxr-sr-x 17 portage portage 380 Feb 12 17:33 6 drwxr-sr-x 2 root portage 60 Feb 12 17:30 7 drwxr-sr-x 16 portage portage 360 Feb 12 17:33 8 drwxr-sr-x 15 portage portage 340 Feb 12 17:33 9 drwxr-sr-x 17 portage portage 380 Feb 12 17:33 a drwxr-sr-x 16 portage portage 360 Feb 12 17:33 b drwxr-sr-x 15 portage portage 340 Feb 12 17:33 c -rw-r--r-- 1 root portage 14 Feb 12 17:30 ccache.conf drwxr-sr-x 16 portage portage 360 Feb 12 17:33 d drwxr-sr-x 15 portage portage 340 Feb 12 17:33 e drwxr-sr-x 2 root portage 60 Feb 12 17:30 f drwxr-sr-x 2 portage portage 40 Feb 12 17:33 tmp # ls -la /var/tmp/ccache/f total 4 drwxr-sr-x 2 root portage 60 Feb 12 17:30 . drwxrwsr-x 19 root portage 400 Feb 12 17:31 .. -rw-r--r-- 1 root portage 58 Feb 12 17:30 stats this works: # time FEATURES="-userpriv" ebuild /usr/portage/sys-boot/grub/grub-9999-r1.ebuild compile * Adjusting permissions for FEATURES=ccache: '/var/tmp/ccache' Looks like adjusting permissions for userpriv takes precedence over ccache when both are enabled. With emerge(with userpriv and ccache enabled) this issue doesn't happen(for unknown reasons) and thus it works even though the permissions message looks the same: # time emerge -av \>=sys-boot/grub-9999 ... >>> Emerging (1 of 1) sys-boot/grub-9999-r1::gentoo * Adjusting permissions for FEATURES=userpriv: '/var/tmp/ccache' ... Here's my # emerge --info '=sys-boot/grub-9999-r1::gentoo' Portage 2.2.14 (python 2.7.9-final-0, hardened/linux/amd64/no-multilib, gcc-4.8.3, glibc-2.20-r1, 3.16.5-gentoo x86_64) ================================================================= System Settings ================================================================= System uname: Linux-3.16.5-gentoo-x86_64-AMD_A6-3400M_APU_with_Radeon-tm-_HD_Graphics-with-gentoo-2.2 KiB Mem: 8185076 total, 7586904 free KiB Swap: 0 total, 0 free Timestamp of tree: Wed, 11 Feb 2015 00:45:01 +0000 ld GNU ld (Gentoo 2.24 p1.4) 2.24 ccache version 3.2.1 [enabled] app-shells/bash: 4.3_p33-r1 dev-lang/perl: 5.18.2-r2 dev-lang/python: 2.7.9-r1, 3.3.5-r1 dev-util/ccache: 3.2.1-r1 dev-util/pkgconfig: 0.28-r1 sys-apps/baselayout: 2.2 sys-apps/openrc: 0.12.4 sys-apps/sandbox: 2.6-r1 sys-devel/autoconf: 2.69 sys-devel/automake: 1.13.4 sys-devel/binutils: 2.24-r3 sys-devel/gcc: 4.8.3 sys-devel/gcc-config: 1.7.3 sys-devel/libtool: 2.4.2-r1 sys-devel/make: 4.0-r1 sys-kernel/linux-headers: 3.16 (virtual/os-headers) sys-libs/glibc: 2.20-r1 Repositories: gentoo ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-O2 -pipe -march=native -Wstack-protector -fstack-protector-all" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-O2 -pipe -march=native -Wstack-protector -fstack-protector-all" DISTDIR="/usr/portage/distfiles" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-logs ccache cgroup collision-protect config-protect-if-modified distlocks downgrade-backup ebuild-locks fakeroot fixlafiles force-mirror ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch parallel-install prelink-checksums preserve-libs sandbox sfperms split-elog split-log strict stricter unknown-features-warn unmerge-backup unmerge-logs userfetch userpriv usersandbox webrsync-gpg" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="ftp://ftp.spline.inf.fu-berlin.de/mirrors/gentoo/" INSTALL_MASK="/lib/systemd /lib32/systemd /lib64/systemd /usr/lib/systemd /usr/lib32/systemd /usr/lib64/systemd /etc/systemd" LANG="en_US.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j4" PKGDIR="/usr/portage/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages" PORTAGE_TMPDIR="/var/tmp" PORTDIR="/usr/portage" PORTDIR_OVERLAY="" SYNC="rsync://127.0.0.3/" USE="3dnow 3dnowext X acl amd64 berkdb bindist btrfs bzip2 cli cracklib crypt cryptsetup cscope cxx device-mapper dri gdbm gpm hardened iconv justify libav mmx mmxext modules mosh-hardening ncurses nptl openmp pam pax_kernel pcre pie readline session sse sse2 sse3 ssl ssp strong-security tcpd urandom xattr xtpax zlib" ABI_X86="64" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="kexi words flow plan sheets stage tables krita karbon braindump author" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="3dnow 3dnowext mmx mmxext sse sse2 sse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="pc" INPUT_DEVICES="keyboard virtualbox evdev" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php5-5" PYTHON_SINGLE_TARGET="python2_7" PYTHON_TARGETS="python2_7 python3_3" RUBY_TARGETS="ruby19 ruby20" USERLAND="GNU" VIDEO_CARDS="virtualbox" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" Unset: CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, USE_PYTHON ================================================================= Package Settings ================================================================= sys-boot/grub-9999-r1 was built with the following: USE="debug device-mapper mount multislot -doc -efiemu -fonts -libzfs -nls -sdl -static -test -themes -truetype" GRUB_PLATFORMS="pc -coreboot -efi-32 -efi-64 -emu -ieee1275 -loongson -multiboot -qemu -qemu-mips -xen" CFLAGS="" LDFLAGS="" and /etc/fstab tmpfs /tmp tmpfs rw,nosuid,relatime,nodev,size=7G,mode=1777 0 0 tmpfs /var/tmp tmpfs rw,nosuid,relatime,nodev,size=7G,mode=1777 0 0 tmpfs /var/tmp/portage tmpfs rw,nosuid,relatime,nodev,size=7G,mode=775,uid=portage,gid=portage,x-mount.mkdir=775 0 0
You should be able to solve this by using a CCACHE_UMASK="0002" setting. We should update the documentation to suggest this. It's not feasible for portage to adjust the permissions itself, because that would cause performance issues.
(In reply to Zac Medico from comment #3) > You should be able to solve this by using a CCACHE_UMASK="0002" setting. We > should update the documentation to suggest this. > > It's not feasible for portage to adjust the permissions itself, because that > would cause performance issues. Confirmed, that solved it. Thank you Zac. # time CCACHE_UMASK="0002" ebuild /usr/portage/sys-boot/grub/grub-9999-r1.ebuild compile ... >>> Source compiled. real 4m38.091s user 5m7.570s sys 1m14.050s # ls -la /var/tmp/ccache/ total 4 drwxrwsr-x 19 root portage 400 Feb 12 19:05 . drwxrwxrwt 6 root root 120 Feb 12 19:04 .. drwxrwsr-x 18 portage portage 400 Feb 12 19:08 0 drwxrwsr-x 18 portage portage 400 Feb 12 19:08 1 drwxrwsr-x 18 portage portage 400 Feb 12 19:08 2 drwxrwsr-x 18 portage portage 400 Feb 12 19:08 3 drwxrwsr-x 18 portage portage 400 Feb 12 19:08 4 drwxrwsr-x 18 portage portage 400 Feb 12 19:08 5 drwxrwsr-x 18 portage portage 400 Feb 12 19:08 6 drwxrwsr-x 18 portage portage 400 Feb 12 19:08 7 drwxrwsr-x 18 portage portage 400 Feb 12 19:08 8 drwxrwsr-x 18 portage portage 400 Feb 12 19:08 9 drwxrwsr-x 18 root portage 400 Feb 12 19:08 a drwxrwsr-x 18 portage portage 400 Feb 12 19:08 b drwxrwsr-x 18 root portage 400 Feb 12 19:08 c -rw-rw-r-- 1 root portage 14 Feb 12 19:04 ccache.conf drwxrwsr-x 18 portage portage 400 Feb 12 19:08 d drwxrwsr-x 18 portage portage 400 Feb 12 19:08 e drwxrwsr-x 18 portage portage 400 Feb 12 19:08 f drwxrwsr-x 2 portage portage 40 Feb 12 19:08 tmp (chroot1) livecd portage # ls -la /var/tmp/ccache/a total 8 drwxrwsr-x 18 root portage 400 Feb 12 19:08 . drwxrwsr-x 19 root portage 400 Feb 12 19:05 .. drwxrwsr-x 2 portage portage 260 Feb 12 19:08 0 drwxrwsr-x 2 portage portage 280 Feb 12 19:08 1 drwxrwsr-x 2 portage portage 180 Feb 12 19:08 2 drwxrwsr-x 2 portage portage 160 Feb 12 19:08 3 drwxrwsr-x 2 portage portage 200 Feb 12 19:08 4 drwxrwsr-x 2 portage portage 180 Feb 12 19:08 5 drwxrwsr-x 2 portage portage 160 Feb 12 19:08 6 drwxrwsr-x 2 portage portage 140 Feb 12 19:08 7 drwxrwsr-x 2 portage portage 160 Feb 12 19:08 8 drwxrwsr-x 2 portage portage 140 Feb 12 19:08 9 drwxrwsr-x 2 portage portage 180 Feb 12 19:08 a drwxrwsr-x 2 portage portage 200 Feb 12 19:08 b drwxrwsr-x 2 portage portage 180 Feb 12 19:08 c -rw-rw-r-- 1 portage portage 190 Feb 12 19:05 CACHEDIR.TAG drwxrwsr-x 2 portage portage 200 Feb 12 19:08 d drwxrwsr-x 2 portage portage 220 Feb 12 19:08 e drwxrwsr-x 2 portage portage 160 Feb 12 19:08 f -rw-rw-r-- 1 portage portage 67 Feb 12 19:08 stats Does the fact that root is owner on some ccache subfolders suggest that ccache is ran as root at some point(s) ? (or maybe it's just due to fakeroot or similar?) Hopefuly it's not a security issue. In other words, is using CCACHE_UMASK just a workaround? Note that I rm -rf /var/tmp/ccache ; rm -rf /var/tmp/portage/sys-boot/grub-9999-r1 before running the above ebuild command.
(In reply to EmanueL Czirai from comment #4) > Does the fact that root is owner on some ccache subfolders suggest that > ccache is ran as root at some point(s) ? (or maybe it's just due to fakeroot > or similar?) It definitely ran as root. With FEATURES=userpriv, some phases (such as pkg_setup) still run as root, so it looks like one of these other phases called the compiler. > Hopefuly it's not a security issue. In other words, is using > CCACHE_UMASK just a workaround? Well, you can't stop the compiler from being called during phases that run as root. Therefore, CCACHE_UMASK seems like the simplest solution. I doubt that ccache has any other built-in means to accomplish what you need. It should not be a security issue, as long as you don't grant "portage" group access to untrusted users.
Could this be handled finally? (It's still valid :))
I suppose we could make FEATURES="ccache userpriv" set CCACHE_UMASK automatically if it's not already set.
(In reply to Zac Medico from comment #7) > I suppose we could make FEATURES="ccache userpriv" set CCACHE_UMASK > automatically if it's not already set. Looks like it's not being set indeed as we still need to remember to run chown to unbreak it :/
ping!
I also fell into this after deleting /var/tmp/ccache ls -la /var/tmp/ccache/d/ insgesamt 80 drwxrwsr-x 18 portage portage 4096 20. Okt 13:47 . drwxrwsr-x 19 root portage 4096 20. Okt 13:46 .. drwxrwsr-x 2 portage portage 4096 20. Okt 13:46 0 drwxrwsr-x 2 portage portage 4096 20. Okt 13:46 1 drwxrwsr-x 2 portage portage 4096 20. Okt 13:45 2 drwxrwsr-x 2 portage portage 4096 20. Okt 13:46 3 drwxrwsr-x 2 portage portage 4096 20. Okt 13:46 4 drwxrwsr-x 2 portage portage 4096 20. Okt 13:45 5 drwxr-sr-x 2 root portage 4096 20. Okt 13:34 6 drwxrwsr-x 2 portage portage 4096 20. Okt 13:47 7 drwxrwsr-x 2 portage portage 4096 20. Okt 13:45 8 drwxrwsr-x 2 portage portage 4096 20. Okt 13:47 9 drwxrwsr-x 2 portage portage 4096 20. Okt 13:47 a drwxrwsr-x 2 portage portage 4096 20. Okt 13:47 b drwxrwsr-x 2 portage portage 4096 20. Okt 13:45 c -rw-rw-r-- 1 portage portage 190 20. Okt 13:27 CACHEDIR.TAG drwxrwsr-x 2 portage portage 4096 20. Okt 13:43 d drwxrwsr-x 2 portage portage 4096 20. Okt 13:46 e drwxrwsr-x 2 portage portage 4096 20. Okt 13:46 f -rw-r--r-- 1 portage portage 71 20. Okt 13:47 stats ccache: error: Failed to create temporary file for /var/tmp/ccache/d/6/19o0rdu9bdfsmr5j4cdff3od72g7i6gR.tmp.72pKWm: Permission denied make: *** [/var/tmp/portage/media-libs/freetype-2.10.4/work/freetype-2.10.4/src/base/rules.mk:105: /var/tmp/portage/media-libs/freetype-2.10.4/work/freetype-2.10.4-abi_x86_32.x86/ftsynth.lo] Error 1 make: *** Waiting for unfinished jobs.... * ERROR: media-libs/freetype-2.10.4::gentoo failed (compile phase): * emake failed ls -la /var/tmp/ccache/d/6/ insgesamt 12 drwxr-sr-x 2 root portage 4096 20. Okt 13:34 . drwxrwsr-x 18 portage portage 4096 20. Okt 13:47 .. -rw-r--r-- 1 root portage 133 20. Okt 13:34 31eec3qsdk52f27qcnveot685ifabckM The file and folder was created while emerging portage-9999. emerge --info|grep -i userpriv FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs ccache config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" I will try next with the CCACHE_UMASK thing. https://wiki.gentoo.org/wiki/Ccache says to set umask = 002 in ccache/ccache.conf but also says it is since portage-2.3.79 optional. Is it the same as adding CCACHE_UMASK="0002" in make.conf?
After adding CCACHE_UMASK="0002" in make.conf and deleting /var/tmp/ccache/ it looks different now but still a bit inconsistent. Seems to work with emerge. ls -la /var/tmp/ccache/d/6/ insgesamt 32 drwxrwsr-x 2 root portage 4096 22. Okt 02:55 . drwxrwsr-x 18 root portage 4096 22. Okt 02:55 .. -rw-rw-r-- 1 portage portage 1156 22. Okt 02:55 19o0rdu9bdfsmr5j4cdff3od72g7i6gR -rw-rw-r-- 1 root portage 133 22. Okt 02:44 31eec3qsdk52f27qcnveot685ifabckM -rw-rw-r-- 1 portage portage 4297 22. Okt 02:53 37au051qqlhurn45vaioooi80l1c5q2R -rw-rw-r-- 1 portage portage 3179 22. Okt 02:55 4cpokk8e2adh90lt6lk5fhaomst3o9cM -rw-rw-r-- 1 portage portage 133 22. Okt 02:53 685h7kvb4kv5vp1s6vfsj86jitbq72kM joerg@jlgentoo ~ $ ls -la /var/tmp/ccache/d/ insgesamt 80 drwxrwsr-x 18 root portage 4096 22. Okt 02:58 . drwxrwsr-x 19 root portage 4096 22. Okt 02:56 .. drwxrwsr-x 2 portage portage 4096 22. Okt 02:55 0 drwxrwsr-x 2 root portage 4096 22. Okt 02:58 1 drwxrwsr-x 2 portage portage 4096 22. Okt 02:53 2 drwxrwsr-x 2 portage portage 4096 22. Okt 02:53 3 drwxrwsr-x 2 root portage 4096 22. Okt 02:55 4 drwxrwsr-x 2 portage portage 4096 22. Okt 02:54 5 drwxrwsr-x 2 root portage 4096 22. Okt 02:58 6 drwxrwsr-x 2 root portage 4096 22. Okt 02:54 7 drwxrwsr-x 2 root portage 4096 22. Okt 02:55 8 drwxrwsr-x 2 portage portage 4096 22. Okt 02:54 9 drwxrwsr-x 2 portage portage 4096 22. Okt 02:55 a drwxrwsr-x 2 root portage 4096 22. Okt 02:55 b drwxrwsr-x 2 root portage 4096 22. Okt 02:55 c -rw-rw-r-- 1 root portage 190 22. Okt 02:44 CACHEDIR.TAG drwxr-sr-x 2 portage portage 4096 22. Okt 02:58 d drwxr-sr-x 2 portage portage 4096 22. Okt 02:54 e drwxr-sr-x 2 portage portage 4096 22. Okt 02:55 f -rw-rw-r-- 1 portage portage 70 22. Okt 02:58 stats
It's 2022 and this still happens! Here's a workaround by pre-creating ccache's directory structure ahead of time (assuming default cache_dir_levels): ( cd /var/tmp/ccache chmod -R portage:portage . chown g+s . digits="0 1 2 3 4 5 6 7 8 9 a b c d e f" for d1 in $digits; do for d2 in $digits; do install --owner portage --group portage --directory ./$d1/$d2 done done ) p.s. is there a bug for FEATURES=userpriv being useless security theatre? This ought to depend on that one.
(In reply to Enne Eziarc from comment #12) > chmod -R portage:portage . > chown g+s . I think the commands were swapped with each other by mistake. It should rather be: chown -R portage:portage . chmod g+s .
