Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 827884 - sys-block/gparted: could not find pkexec during emerge with FEATURES=usersandbox
Summary: sys-block/gparted: could not find pkexec during emerge with FEATURES=usersandbox
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Linux Gnome Desktop Team
URL: https://gitlab.freedesktop.org/polkit...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2021-11-30 09:20 UTC by BrianHsu
Modified: 2022-05-04 02:33 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
build.log (build.log,149.27 KB, text/x-log)
2021-11-30 09:20 UTC, BrianHsu
Details
the log of ./configure outside portage emerge (configure.log,8.75 KB, text/x-log)
2021-11-30 09:24 UTC, BrianHsu
Details

Note You need to log in before you can comment on or make changes to this bug.
Description BrianHsu 2021-11-30 09:20:42 UTC
Created attachment 757064 [details]
build.log

Expected Result:

  - When emerge sys-block/gparted-1.3.1::gentoo it should able to identify pkexec and build a gparted with policykit support and has policykit file org.gnome.gparted.policy installed.

Actual Result:

  - During emerge it could not find pkexec and ignore all policykit stuff.

Step to reproduce:

  - emerge -pv =sys-block/gparted-1.3.1::gentoo

Additional information:

  1. pkexec do exist on my system, and has correct version.

        RyzenDesktop ~ # which pkexec
        /usr/bin/pkexec
        RyzenDesktop ~ # pkexec --version
        pkexec version 0.120

  2. When run ./configure directly instead of using portage to emerge gparted-1.3.1, it could detect pkexec correctly.
Comment 1 BrianHsu 2021-11-30 09:21:08 UTC
RyzenDesktop ~ # emerge --info
Portage 3.0.28 (python 3.9.9-final-0, default/linux/amd64/17.1/desktop, gcc-11.2.0, glibc-2.34-r2, 5.15.5-gentoo-dist x86_64)
=================================================================
System uname: Linux-5.15.5-gentoo-dist-x86_64-AMD_Ryzen_9_5900X_12-Core_Processor-with-glibc2.34
KiB Mem:    32847748 total,  27291012 free
KiB Swap:          0 total,         0 free
Timestamp of repository gentoo: Sun, 28 Nov 2021 04:30:01 +0000
Head commit of repository gentoo: da8d9fcdeabfe36f4b093db7c65d90e306799beb
Timestamp of repository 4nykey: Thu, 25 Nov 2021 15:36:30 +0000
Head commit of repository 4nykey: 6091640dded5dfab2ad46c53b897eb7af31c5c91

Timestamp of repository gentoo-zh: Sat, 27 Nov 2021 22:07:31 +0000
Head commit of repository gentoo-zh: 363129ba54861b5554373cb9527a4c60c283981f

Timestamp of repository guru: Sat, 27 Nov 2021 22:07:34 +0000
Head commit of repository guru: bc0245354abfeb173c1a76d55329a8786edaac08

Timestamp of repository jorgicio: Thu, 25 Nov 2021 12:36:41 +0000
Head commit of repository jorgicio: f337d20afdf1ff277be551c428830caed68908cc

Timestamp of repository steam-overlay: Tue, 09 Nov 2021 10:53:07 +0000
Head commit of repository steam-overlay: b21d724e69a176a398cae2db70172cb9dfede48a

sh bash 5.1_p12
ld GNU ld (Gentoo 2.37_p1 p1) 2.37
app-shells/bash:          5.1_p12::gentoo
dev-java/java-config:     2.3.1::gentoo
dev-lang/perl:            5.34.0-r5::gentoo
dev-lang/python:          3.9.9::gentoo, 3.10.0_p1::gentoo
dev-lang/rust:            1.56.1::gentoo
dev-util/cmake:           3.22.0::gentoo
sys-apps/baselayout:      2.8::gentoo
sys-apps/openrc:          0.44.8::gentoo
sys-apps/sandbox:         2.29::gentoo
sys-devel/autoconf:       2.13-r1::gentoo, 2.71-r1::gentoo
sys-devel/automake:       1.16.5::gentoo
sys-devel/binutils:       2.37_p1-r1::gentoo
sys-devel/gcc:            11.2.0::gentoo
sys-devel/gcc-config:     2.5-r1::gentoo
sys-devel/libtool:        2.4.6-r6::gentoo
sys-devel/make:           4.3::gentoo
sys-kernel/linux-headers: 5.15::gentoo (virtual/os-headers)
sys-libs/glibc:           2.34-r2::gentoo
Repositories:

gentoo
    location: /var/db/repos/gentoo
    sync-type: rsync
    sync-uri: rsync://rsync.gentoo.org/gentoo-portage
    priority: -1000
    sync-rsync-verify-jobs: 1
    sync-rsync-verify-max-age: 24
    sync-rsync-extra-opts: 
    sync-rsync-verify-metamanifest: yes

4nykey
    location: /var/db/repos/4nykey
    sync-type: git
    sync-uri: https://github.com/gentoo-mirror/4nykey.git
    masters: gentoo

gentoo-zh
    location: /var/db/repos/gentoo-zh
    sync-type: git
    sync-uri: https://github.com/gentoo-mirror/gentoo-zh.git
    masters: gentoo

guru
    location: /var/db/repos/guru
    sync-type: git
    sync-uri: https://github.com/gentoo-mirror/guru.git
    masters: gentoo

jorgicio
    location: /var/db/repos/jorgicio
    sync-type: git
    sync-uri: https://github.com/gentoo-mirror/jorgicio.git
    masters: gentoo

steam-overlay
    location: /var/db/repos/steam-overlay
    sync-type: git
    sync-uri: https://github.com/gentoo-mirror/steam-overlay.git
    masters: gentoo

ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="*"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=native -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=native -O2 -pipe"
DISTDIR="/var/cache/distfiles"
ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR"
FCFLAGS="-march=native -O2 -pipe"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox preserve-libs protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-march=native -O2 -pipe"
GENTOO_MIRRORS="http://ftp.twaren.net/Linux/Gentoo http://distfiles.gentoo.org http://www.ibiblio.org/pub/Linux/distributions/gentoo"
LANG="zh_TW.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
MAKEOPTS="-j24"
PKGDIR="/var/cache/binpkgs"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
USE="X a52 aac acl acpi alsa amd64 bluetooth branding bzip2 cairo cdda cjk cli crypt cups dbus dri dts dvd dvdr elogind emboss encode exif ffmpeg flac fortran gdbm gif gtk gtk3 gui iconv icu ipv6 jpeg lcms libglvnd libnotify libtirpc mad mng mp3 mp4 mpeg mtp multilib ncurses networkmanager nls nptl ogg opengl openmp pam pango pcre pdf plymouth png policykit ppds pulseaudio readline sdl seccomp spell split-usr ssl startup-notification svg tiff truetype udev udisks unicode upower usb vaapi vorbis vulkan wxwidgets x264 xattr xcb xft xinerama xml xv xvid zlib" ABI_X86="64" ADA_TARGET="gnat_2020" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="mmx mmxext sse sse2 aes avx avx2 sse4_1 sse4_2 ssse3 sse3 f16c" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" INPUT_DEVICES="libinput joystick" KERNEL="linux" L10N="zh-CN ja ko zh-TW zh" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-3 php7-4" POSTGRES_TARGETS="postgres12 postgres13" PYTHON_SINGLE_TARGET="python3_9" PYTHON_TARGETS="python3_9" RUBY_TARGETS="ruby26 ruby27" USERLAND="GNU" VIDEO_CARDS="amdgpu radeonsi radeon" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq proto steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset:  CC, CPPFLAGS, CTARGET, CXX, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, LINGUAS, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, RUSTFLAGS
Comment 2 BrianHsu 2021-11-30 09:24:19 UTC
Created attachment 757065 [details]
the log of ./configure outside portage emerge

Please not the difference of the following line between this file and the build.log:

    checking for pkexec >= 0.102... 0.120 found
Comment 3 Matt Turner gentoo-dev 2022-03-29 00:21:46 UTC
This appears to be because we pass GKSUPROG=kdesu as a configure argument. It was added without explanation in https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fcfd176a0ebb96b43d221543edbfd2586d96f433

I think that was a mistake and the intention was to override GKSUPROG if USE=kde was set.
Comment 4 Matt Turner gentoo-dev 2022-03-29 00:24:20 UTC
Hm, but there's code in src_install that looks like it tries to sed out kdesu if USE=policykit:

	if ! use policykit; then
		if use kde; then
			cp "${_ddir}"/gparted{,-kde}.desktop || die
			cp "${_bdir}"/gparted{,-kde} || die
			sed -i -e '/Exec/ s:gparted:gparted-kde:' "${_ddir}"/gparted-kde.desktop || die
			echo 'OnlyShowIn=KDE;' >> "${_ddir}"/gparted-kde.desktop || die
		fi
	else
		sed -i -e 's:kdesu::' "${_bdir}"/gparted || die
	fi
Comment 5 Matt Turner gentoo-dev 2022-03-29 00:28:00 UTC
Huh. No, that's not it. Removing GKSUPROG=kdesu doesn't allow configure to detect pkexec. Weird.
Comment 6 Matt Turner gentoo-dev 2022-03-29 00:35:11 UTC
Ah, got it. When pkexec is run from configure via portage it fails with:

> pkexec must be setuid root
Comment 7 Matt Turner gentoo-dev 2022-03-29 00:38:08 UTC
FEATURES=-userpriv allows it to be detected.
Comment 8 Matt Turner gentoo-dev 2022-03-30 19:51:23 UTC
(In reply to Matt Turner from comment #7)
> FEATURES=-userpriv allows it to be detected.

which also disables usersandbox. FEATURES=-usersandbox is enough to allow it to be detected.
Comment 9 Matt Turner gentoo-dev 2022-03-30 20:11:46 UTC
Filed a merge request upstream with polkit to allow printing the version even when the pkexec binary is not setuid root.
Comment 10 Larry the Git Cow gentoo-dev 2022-05-04 02:33:03 UTC
The bug has been closed via the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7bb73255629cc4999ff198fda276d593657609b8

commit 7bb73255629cc4999ff198fda276d593657609b8
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2022-05-04 02:32:40 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2022-05-04 02:32:40 +0000

    sys-auth/polkit: backport pkexec help/version fix (fixes gparted)
    
    Closes: https://bugs.gentoo.org/827884
    Signed-off-by: Sam James <sam@gentoo.org>

 .../files/polkit-0.120_p20220221-pkexec-suid.patch |  67 +++++++++++
 sys-auth/polkit/polkit-0.120_p20220221-r1.ebuild   | 129 +++++++++++++++++++++
 2 files changed, 196 insertions(+)