gnome-base/libgtop-2.40.0 sandbox violation * ACCESS DENIED: fchownat: /usr/bin/libgtop_server2 chown: changing ownership of '/usr/bin/libgtop_server2': Permission denied Reproducible: Always # emerge --info Portage 2.3.89 (python 3.7.6-final-0, default/linux/amd64/17.1/desktop/gnome/systemd, gcc-9.2.0, glibc-2.31-r1, 5.6.0-050600rc2-lowlatency x86_64) ================================================================= System uname: Linux-5.6.0-050600rc2-lowlatency-x86_64-AMD_Ryzen_Threadripper_2970WX_24-Core_Processor-with-gentoo-2.7 KiB Mem: 65892096 total, 44976364 free KiB Swap: 0 total, 0 free Head commit of repository qt: 95ccc0dd616df4d0b53d6bc152c5ad7fcb7e5c04 Head commit of repository gentoo: 4fab3f40bd16ceef33ab0978f709e894080f7290 sh bash 5.0_p16 ld GNU ld (Gentoo 2.34 p1) 2.34.0 app-shells/bash: 5.0_p16::gentoo dev-java/java-config: 2.2.0-r4::gentoo dev-lang/perl: 5.30.1::gentoo dev-lang/python: 2.7.17-r1::gentoo, 3.7.6::gentoo, 3.8.1::gentoo dev-util/cmake: 3.16.4::gentoo dev-util/pkgconfig: 0.29.2::gentoo sys-apps/baselayout: 2.7::gentoo sys-apps/openrc: 0.42.1::gentoo sys-apps/sandbox: 2.18::gentoo sys-devel/autoconf: 2.13-r1::gentoo, 2.69-r5::gentoo sys-devel/automake: 1.13.4-r2::gentoo, 1.16.1-r2::gentoo sys-devel/binutils: 2.34::gentoo sys-devel/gcc: 9.2.0-r4::gentoo sys-devel/gcc-config: 2.2.1::gentoo sys-devel/libtool: 2.4.6-r6::gentoo sys-devel/make: 4.3::gentoo sys-kernel/linux-headers: 5.5::gentoo (virtual/os-headers) sys-libs/glibc: 2.31-r1::gentoo Repositories: newstuff location: /mnt/repos/newstuff masters: gentoo priority: -1030 eclass-overrides: fixes redchillipadi location: /mnt/repos/redchillipadi masters: gentoo priority: -1029 eclass-overrides: fixes qt location: /mnt/repos/qt sync-type: git sync-uri: https://anongit.gentoo.org/git/proj/qt.git masters: gentoo priority: -1020 eclass-overrides: fixes gnomelive location: /mnt/repos/gnomelive masters: gentoo priority: -1010 eclass-overrides: fixes gentoo location: /mnt/repos/gentoo sync-type: git sync-uri: https://anongit.gentoo.org/git/repo/gentoo.git priority: -1000 eclass-overrides: fixes crossdev location: /mnt/repos/crossdev masters: gentoo eclass-overrides: fixes fixes location: /mnt/repos/fixes masters: gentoo priority: 10 eclass-overrides: fixes Installed sets: @clang, @system ACCEPT_KEYWORDS="* amd64 ~*" ACCEPT_LICENSE="@FREE" CBUILD="x86_64-pc-linux-gnu" CFLAGS="-march=nocona -O2 -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo" CXXFLAGS="-march=nocona -O2 -pipe" DISTDIR="/mnt/distfiles" ENV_UNSET="DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://distfiles.gentoo.org" LANG="en_US.utf8" LDFLAGS="-Wl,-O1 -Wl,--as-needed" MAKEOPTS="-j48" PKGDIR="/var/tmp/packages" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/tmp" USE="X a52 aac acl alsa amd64 berkdb bluetooth bluray boost bzip2 cairo caps cdr colord cpudetection cracklib css cups curl custom-cflags cxx dbus drm dts dvd eds egl encode exif expat fbcon ffmpeg flac flickr fontconfig gdbm gif glamor glib gnome gnome-keyring gpm graphite gssapi gstreamer gtk gtk3 harfbuzz ibus icu imagemagick introspection ipv6 jpeg kmod kms lcms libass libinput libnotify libsamplerate lzma mp3 nautilus ncurses networkmanager nls nptl nss numa ogg openexr opengl openmp openssl opus orc pam pango pcre pdf png policykit postproc postscript pulseaudio python readline samba speex spell split-usr ssl ssp static-analyzer svg systemd tcl theora threads tiff tk tools tracker truetype udev unicode upnp-av usb user-session utils v4l vala vorbis vpx vulkan wayland webp x264 x265 xcb xmp xscreensaver xv xvmc zlib zstd" ABI_X86="64" CPU_FLAGS_X86="mmx mmxext sse sse2 sse3" CURL_SSL="nss" ELIBC="glibc" INPUT_DEVICES="libinput wacom" KERNEL="linux" L10N="en" LLVM_TARGETS="AMDGPU BPF X86" PYTHON_SINGLE_TARGET="python3_7" PYTHON_TARGETS="python3_7" RUBY_TARGETS="ruby27" SANE_BACKENDS="*" USERLAND="GNU" VIDEO_CARDS="amdgpu intel nouveau radeon radeonsi" Unset: CC, CPPFLAGS, CTARGET, CXX, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS
Created attachment 615430 [details] build.log
d'oh, this explains why I set this bump aside long ago - to deal with this. Now when getting back to bumping this, forgot all about it :(
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=9feb8a12c671244c66086921c5f029f1ff763f40 commit 9feb8a12c671244c66086921c5f029f1ff763f40 Author: Mart Raudsepp <leio@gentoo.org> AuthorDate: 2020-03-21 16:52:05 +0000 Commit: Mart Raudsepp <leio@gentoo.org> CommitDate: 2020-03-21 16:52:15 +0000 gnome-base/libgtop: fix suid handling and reinstall sandbox violation Closes: https://bugs.gentoo.org/710628 Package-Manager: Portage-2.3.84, Repoman-2.3.20 Signed-off-by: Mart Raudsepp <leio@gentoo.org> gnome-base/libgtop/Manifest | 1 + .../libgtop/files/2.40.0-sandbox-workaround.patch | 27 +++++++++++++ gnome-base/libgtop/libgtop-2.40.0-r1.ebuild | 44 ++++++++++++++++++++++ 3 files changed, 72 insertions(+)