Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 865749 - sys-apps/toybox-0.8.9 sandbox violation
Summary: sys-apps/toybox-0.8.9 sandbox violation
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Patrick Lauer
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: CVE-2022-32298
  Show dependency tree
 
Reported: 2022-08-19 07:01 UTC by Agostino Sarubbo
Modified: 2023-02-08 08:13 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
build.log (build.log,128.47 KB, text/plain)
2022-08-19 07:02 UTC, Agostino Sarubbo
Details
1-sandbox.log (1-sandbox.log,1.40 KB, text/plain)
2022-08-19 07:02 UTC, Agostino Sarubbo
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2022-08-19 07:01:58 UTC
https://blogs.gentoo.org/ago/2020/07/04/gentoo-tinderbox/

Issue: sys-apps/toybox-0.8.8 sandbox violation.
Discovered on: amd64 (internal ref: ci)
Comment 1 Agostino Sarubbo gentoo-dev 2022-08-19 07:02:00 UTC
Created attachment 800087 [details]
build.log

build log and emerge --info
Comment 2 Agostino Sarubbo gentoo-dev 2022-08-19 07:02:01 UTC
Created attachment 800089 [details]
1-sandbox.log

1-sandbox.log
Comment 3 Agostino Sarubbo gentoo-dev 2022-08-19 07:02:02 UTC
Error(s) that match a know pattern:


login.c:(.text+0x138): undefined reference to `crypt'
md5sum.c:(.text+0x100c): undefined reference to `sin'
mkpasswd.c:(.text+0x10d): undefined reference to `crypt'
passwd.c:(.text+0x26b): undefined reference to `crypt'
scripts/make.sh: line 88: /dev/stderr: Permission denied
su.c:(.text+0x107): undefined reference to `crypt'
/usr/lib/gcc/x86_64-pc-linux-gnu/12.1.1/../../../../x86_64-pc-linux-gnu/bin/ld: passwd.c:(.text+0x2ed): undefined reference to `crypt'
collect2: error: ld returned 1 exit status
Comment 4 Patrick Lauer gentoo-dev 2022-08-20 17:51:26 UTC
 * ACCESS DENIED:  open_wr:       /dev/stderr
scripts/make.sh: line 88: /dev/stderr: Permission denied

... why is /dev/stderr not available/accessible?
Comment 5 Ionen Wolkens gentoo-dev 2022-08-20 18:26:41 UTC
I can reproduce with FEATURES=pid-sandbox (/dev/stderr -> /proc/self/fd/2's self likely related) and not with -pid-sandbox -- but seems not everyone is getting the same results, unsure what's up with this exactly.

meh workarounds that work for me would be to either remove V=1 (makes it use /dev/null instead), or patch/sed -i 's/&>$X/>\&2/' scripts/make.sh

on a side-note there's also:
 * QA Notice: Files built without respecting LDFLAGS have been detected
 *  Please include the following list of files in your report:
 * /usr/bin/toybox
 * QA Notice: Pre-stripped files found:
 * /usr/bin/toybox
Comment 6 Ionen Wolkens gentoo-dev 2022-08-20 18:31:09 UTC
(In reply to Ionen Wolkens from comment #5)
> on a side-note there's also:
>  * QA Notice: Files built without respecting LDFLAGS have been detected
>  *  Please include the following list of files in your report:
>  * /usr/bin/toybox
>  * QA Notice: Pre-stripped files found:
>  * /usr/bin/toybox
Well, LDFLAGS is fine, it's caused by the stripping, could:

dobin generated/unstripped/toybox
Comment 7 Agostino Sarubbo gentoo-dev 2023-02-08 08:13:19 UTC
ci has reproduced this issue with version 0.8.9 - Updating summary.