Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 512382 - =dev-lang/ekopath-5.0.1_pre20131115 on x32 - sandbox violations in {libdir} by .../image/opt/ekopath/lib/5.0.1/x8664/ldfe
Summary: =dev-lang/ekopath-5.0.1_pre20131115 on x32 - sandbox violations in {libdir} b...
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: [OLD] Development (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Science Related Packages
Depends on:
Blocks: x32
  Show dependency tree
Reported: 2014-06-04 13:06 UTC by Bertrand Jacquin
Modified: 2015-04-22 12:48 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

build.log (build.log,81.60 KB, text/x-log)
2014-06-04 13:11 UTC, Bertrand Jacquin
emerge --info (info.log,16.38 KB, text/x-log)
2014-06-04 13:11 UTC, Bertrand Jacquin
patch to ekopath-5.0.1_pre20131115.ebuild (ekopath-5.0.1_pre20131115-x32.diff,1.35 KB, patch)
2014-06-04 13:12 UTC, Bertrand Jacquin
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Bertrand Jacquin 2014-06-04 13:06:47 UTC
This is not duplicate of bug #511016 but an extension when using ABI=x32.

Commit fix the sandbox violation by using addpredict based on $(get_libdir) while this is not fully true while ekopath is containing elf64-x86-64 and then using libraries in lib64.

The ekopath run binary also try to open(O_RDWR) not only files in $(get_libdir) directory.

The attached patch fix this by addpredict'ing any open(O_RDWR)'ed file in any lib* directory.

Full build log attached and emerge --info

Reproducible: Always
Comment 1 Bertrand Jacquin 2014-06-04 13:11:34 UTC
Created attachment 378230 [details]
Comment 2 Bertrand Jacquin 2014-06-04 13:11:46 UTC
Created attachment 378232 [details]
emerge --info
Comment 3 Bertrand Jacquin 2014-06-04 13:12:07 UTC
Created attachment 378234 [details, diff]
patch to ekopath-5.0.1_pre20131115.ebuild
Comment 4 Bertrand Jacquin 2014-06-04 13:14:03 UTC
(In reply to Bertrand Jacquin from comment #3)
> Created attachment 378234 [details, diff] [details, diff]
> patch to ekopath-5.0.1_pre20131115.ebuild

This patch also include some file missing in addpredict (/usr/lib*/libc.a, /usr/lib*/libdl.a, /usr/lib*/libm.a) and split the original form.

Sorry to have not noticed in first comment
Comment 5 Michał Górny archtester Gentoo Infrastructure gentoo-dev Security 2015-04-22 12:48:27 UTC
This should be fixed in 6.0.329_p20150418. Upstream has fixed the lazy coding not to open files O_RDWR unnecessarily.