This issue is forced at the tinderbox (pls see bug #567192 too) by setting: export XDG_DESKTOP_DIR="/root/Desktop" export XDG_DOCUMENTS_DIR="/root/Documents" export XDG_DOWNLOAD_DIR="/root/Downloads" export XDG_MUSIC_DIR="/root/Music" export XDG_PICTURES_DIR="/root/Pictures" export XDG_PUBLICSHARE_DIR="/root/Public" export XDG_TEMPLATES_DIR="/root/Templates" export XDG_VIDEOS_DIR="/root/Videos" export XDG_RUNTIME_DIR="/root/run" export XDG_CONFIG_HOME="/root/config" export XDG_CACHE_HOME="/root/cache" export XDG_DATA_HOME="/root/share" sandbox output: VERSION 1.0 FORMAT: F - Function called FORMAT: S - Access Status FORMAT: P - Path as passed to function FORMAT: A - Absolute Path (not canonical) FORMAT: R - Canonical Path FORMAT: C - Command Line F: mkdir S: deny ------------------------------------------------------------------- This is an unstable amd64 chroot image at a tinderbox (==build bot) name: 13.0-desktop_20170929-190915 ------------------------------------------------------------------- gcc-config -l: [1] x86_64-pc-linux-gnu-6.4.0 * Available Python interpreters, in order of preference: [1] python3.4 [2] python2.7 (fallback) Available Ruby profiles: [1] ruby22 (with Rubygems) * java-config: The following VMs are available for generation-2: *) IcedTea JDK 3.5.1 [icedtea-bin-8] Available Java Virtual Machines: [1] icedtea-bin-8 system-vm emerge -qpv app-admin/keepass [ebuild N ] app-admin/keepass-2.36 USE="-aot"
Created attachment 497738 [details] emerge-info.txt
Created attachment 497740 [details] app-admin:keepass-2.36:20171004-210010.log
Created attachment 497742 [details] emerge-history.txt
Created attachment 497744 [details] etc.portage.tbz2
Created attachment 497746 [details] sandbox-13047.log
I guess this is something to do with newer mono, it works for me on stable even with those directories forced.
Its not xdg related. I don't have these set and I get the same sandbox violations. Mono has a registry at /etc/mono/registry and it attempts writing to it. Last time I tried keepass I did not run into this. I'll try mono 4.x (fails building atm) and report if this changes things.
ignore me, there are additional sanbox violations when using mono 5. I'll open a separate bug for that. Sorry for the noise :-(
I can't reproduce this with =dev-lang/mono-5.14.0.177. Is setting those variables before calling emerge enough or should I force them through package.env? In both cases, can't reproduce. It might have been fixed in >dev-lang/mono-4.8.0.524 (the one employed for this bug).
XDG* issues should no longer be relevant in EAPI 7. Except for real corner cases.
It seems it's no longer possible to reproduce this, even with XDG directories forced like in comment #0. Please re-open if this crops up again.
