500804 – Parallels Desktop 9 for Mac has sandbox violations in /proc/driver/prl_vtg

Bug 500804 - Parallels Desktop 9 for Mac has sandbox violations in /proc/driver/prl_vtg

Summary: Parallels Desktop 9 for Mac has sandbox violations in /proc/driver/prl_vtg

Status:	RESOLVED NEEDINFO

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	Current packages (show other bugs)
Hardware:	All Linux

Importance:	Normal normal
Assignee:	Gentoo Linux bug wranglers

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-02-09 19:15 UTC by Ihar Hrachyshka
Modified:	2014-07-19 06:11 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
emerge --info (emerge-info,4.63 KB, text/plain) 2014-02-09 19:16 UTC, Ihar Hrachyshka	Details
sandbox.log (sandbox.log,1.88 KB, text/plain) 2014-02-09 19:16 UTC, Ihar Hrachyshka	Details
build.log (build.log,28.02 KB, text/plain) 2014-02-09 19:18 UTC, Ihar Hrachyshka	Details
build.log (build.log.bz2,365.62 KB, application/x-bzip) 2014-02-10 11:56 UTC, Ihar Hrachyshka	Details
gtk+ sandbox violation (sandbox.log,1.30 KB, text/plain) 2014-02-10 12:00 UTC, Ihar Hrachyshka	Details
gtk+ build.log (build.log.bz2,33.30 KB, application/x-bzip) 2014-02-10 12:00 UTC, Ihar Hrachyshka	Details
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Ihar Hrachyshka 2014-02-09 19:15:50 UTC

I'm using Gentoo Linux installed into Parallels Desktop 9 for Mac (build: 9.0.24172). I'm trying to emerge firefox, but it fails with a sandbox violation error (attached).

It seems that firefox build system attempts to access /proc/driver/prl_vtg which is a driver file for Parallels Tools installed into Gentoo system. My assumption is that /proc/driver/prl_vtg belongs to 'prlvideo' x11 driver (not available from Gentoo portage). I've tried to build both stable (24.0) and testing (27.0) firefox versions, both of them fail with the same error.

Both build attempts were issued from gnome-terminal running in X11 session. I'll try to build firefox from Linux console and see whether it helps.

Comment 1 Ihar Hrachyshka 2014-02-09 19:16:10 UTC

Created attachment 369968 [details]
emerge --info

Comment 2 Ihar Hrachyshka 2014-02-09 19:16:28 UTC

Created attachment 369970 [details]
sandbox.log

Comment 3 Ihar Hrachyshka 2014-02-09 19:18:07 UTC

Created attachment 369972 [details]
build.log

Comment 4 Jeroen Roovers (RETIRED) gentoo-dev

2014-02-10 00:30:27 UTC

Comment on attachment 369972 [details]
build.log

Please attach the entire build log to this bug report.

Comment 5 Ihar Hrachyshka 2014-02-10 11:11:48 UTC

The build.log file is too large, so it's not allowed to attach it here. Any suggestions on where to put the file?

Comment 6 Ihar Hrachyshka 2014-02-10 11:13:17 UTC

Yesterday I've tried to build firefox from Linux console, and it still failed with violation. Then I've temporarily unloaded prl_tg kernel module and repeated emerge attempt. It succeeded.

Comment 7 Jeroen Roovers (RETIRED) gentoo-dev

2014-02-10 11:28:22 UTC

(In reply to Ihar Hrachyshka from comment #5)
> The build.log file is too large, so it's not allowed to attach it here. Any
> suggestions on where to put the file?

Compress the file (like with `bzip2 <file>' and then attach it.

Comment 8 Ihar Hrachyshka 2014-02-10 11:56:17 UTC

Created attachment 370022 [details]
build.log

Comment 9 Ihar Hrachyshka 2014-02-10 11:59:24 UTC

It turned out that similar failure occurs for other packages too. F.e. gtk+. Attaching both build.log and sandbox.log.

Comment 10 Ihar Hrachyshka 2014-02-10 12:00:01 UTC

Created attachment 370024 [details]
gtk+ sandbox violation

Comment 11 Ihar Hrachyshka 2014-02-10 12:00:27 UTC

Created attachment 370026 [details]
gtk+ build.log

Comment 12 Ihar Hrachyshka 2014-02-10 12:05:19 UTC

prlvideo_drv.so file provided by Parallels Tools indeed contains the following string inside:

booxter@localhost ~/bugs/gtk+ $ strings /usr/lib64/xorg/modules/drivers/prlvideo_drv.so|grep prl_vtg
/proc/driver/prl_vtg

Probably it's related.

Comment 13 Jeroen Roovers (RETIRED) gentoo-dev

2014-02-10 19:11:33 UTC

Comment on attachment 370026 [details]
gtk+ build.log

What does this have to do with firefox?

Comment 14 Jeroen Roovers (RETIRED) gentoo-dev

2014-02-10 19:14:27 UTC

What ebuild installs /usr/lib64/xorg/modules/drivers/prlvideo_drv.so?

Comment 15 Alex Xu (Hello71) 2014-02-11 00:56:19 UTC

(In reply to Jeroen Roovers from comment #14)
> What ebuild installs /usr/lib64/xorg/modules/drivers/prlvideo_drv.so?

pretty sure it's manually installed. we don't support that on IRC, and I'm moderately certain that in this case, we can't support it here either.

Comment 16 Ihar Hrachyshka 2014-02-11 15:44:24 UTC

> What does this have to do with firefox?
It shows that the problem is more wide, not firefox only. Gtk+ package fails too.

> What ebuild installs /usr/lib64/xorg/modules/drivers/prlvideo_drv.so?
It does not come from portage. It belongs to Parallels Tools for Mac.

> we don't support that on IRC, and I'm moderately certain that in this case, we can't support it here either.
I understand your point. If you're not going to support it, then ok.

Comment 17 Ihar Hrachyshka 2014-02-11 16:21:35 UTC

For those of you interested in workaround. Just add the following to your /etc/sandbox.conf: SANDBOX_WRITE="/proc/driver/prl_vtg"