F: unlink S: deny P: /usr/share/fonts/urw-fonts/.uuid A: /usr/share/fonts/urw-fonts/.uuid R: /usr/share/fonts/urw-fonts/.uuid C: dot /var/tmp/portage/app-crypt/gpgme-1.24.2/work/gpgme-1.24.2_build/lang/qt/doc/gener * -------------------------------------------------------------------------------- >>> Failed to emerge app-crypt/gpgme-1.24.2, Log file: >>> '/var/log/portage/app-crypt:gpgme-1.24.2:20250211-211605.log' * Messages for package app-crypt/gpgme-1.24.2: * Log file: /var/log/portage/app-crypt:gpgme-1.24.2:20250211-211605.log Reproducible: Always emerge --info Portage 3.0.67 (python 3.12.9-final-0, default/linux/amd64/23.0/desktop/plasma/systemd, gcc-14, glibc-2.41, 6.13.2-gentoo x86_64) ================================================================= System uname: Linux-6.13.2-gentoo-x86_64-AMD_Ryzen_9_5900X_12-Core_Processor-with-glibc2.41 KiB Mem: 65778572 total, 14699716 free KiB Swap: 12582908 total, 12519028 free Timestamp of repository gentoo: Tue, 11 Feb 2025 21:03:38 +0000 Head commit of repository gentoo: 7f64b9c467dbe13151346542492f724304c3f594 Head commit of repository audio-overlay: 20bf7b1970d2e2e20ed33f6b9563a659190ae368 Head commit of repository brave-overlay: 24796daf8bf423c21c06ca6b4db8e8f67075629c sh bash 5.2_p37 ld GNU ld (Gentoo 2.44 p1) 2.44.0 app-misc/pax-utils: 1.3.8::gentoo app-shells/bash: 5.2_p37::gentoo dev-build/autoconf: 2.72-r1::gentoo dev-build/automake: 1.17-r1::gentoo dev-build/cmake: 3.31.5::gentoo dev-build/libtool: 2.5.4::gentoo dev-build/make: 4.4.1-r100::gentoo dev-build/meson: 1.7.0::gentoo dev-java/java-config: 2.3.4::gentoo dev-lang/perl: 5.40.0-r1::gentoo dev-lang/python: 3.12.9::gentoo, 3.13.2::gentoo dev-lang/rust: 1.84.1-r1::gentoo llvm-core/clang: 19.1.7::gentoo llvm-core/llvm: 19.1.7::gentoo sys-apps/baselayout: 2.17::gentoo sys-apps/sandbox: 2.43::gentoo sys-apps/systemd: 257.2::gentoo sys-devel/binutils: 2.44::gentoo sys-devel/binutils-config: 5.5.2::gentoo sys-devel/gcc: 14.2.1_p20241221::gentoo sys-devel/gcc-config: 2.12.1::gentoo sys-kernel/linux-headers: 6.13::gentoo (virtual/os-headers) sys-libs/glibc: 2.41::gentoo Repositories: gentoo location: /var/db/repos/gentoo sync-type: git sync-uri: https://anongit.gentoo.org/git/repo/sync/gentoo.git priority: -1000 volatile: False audio-overlay location: /var/db/repos/audio-overlay sync-type: git sync-uri: https://github.com/gentoo-audio/audio-overlay.git masters: gentoo volatile: False brave-overlay location: /var/db/repos/brave-overlay sync-type: git sync-uri: https://gitlab.com/jason.oliveira/brave-overlay.git masters: gentoo volatile: False local location: /var/db/repos/local masters: gentoo volatile: False Binary Repositories: binhost priority: 9999 sync-uri: https://distfiles.gentoo.org/releases/amd64/binpackages/23.0/x86-64-v3 ACCEPT_KEYWORDS="amd64 ~amd64" ACCEPT_LICENSE="* -@EULA" AR="ar" CBUILD="x86_64-pc-linux-gnu" CC="gcc" CFLAGS="-O2 -march=native -fomit-frame-pointer -pipe" CHOST="x86_64-pc-linux-gnu" CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt /var/bind" CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d" CXX="g++" CXXFLAGS="-O2 -march=native -fomit-frame-pointer -pipe" DISTDIR="/var/cache/distfiles" EMERGE_DEFAULT_OPTS="--with-bdeps y --autounmask-keep-masks" ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GDK_PIXBUF_MODULE_FILE GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR XDG_STATE_HOME" FCFLAGS="-O2 -pipe" FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs binpkg-request-signature buildpkg-live clean-logs config-protect-if-modified distlocks ebuild-locks fixlafiles ipc-sandbox merge-sync merge-wait multilib-strict network-sandbox news parallel-fetch pid-sandbox pkgdir-index-trusted preserve-libs protect-owned qa-unresolved-soname-deps sandbox strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr" FFLAGS="-O2 -pipe" GENTOO_MIRRORS="http://gentoo.osuosl.org/" LANG="en_US.utf8" LDFLAGS="-Wl,-O2 -Wl,--as-needed" LEX="flex" LINGUAS="en_US en" MAKEOPTS="V=1 -j1" NM="nm" PKGDIR="/var/cache/binpkgs" PORTAGE_CONFIGROOT="/" PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git" PORTAGE_TMPDIR="/var/tmp" RANLIB="ranlib" SHELL="/bin/zsh" USE="10bit 12bit X a52 aac aacs aalib acl acpi activities alsa amd64 amr aom apache2 aspell audiofile bash-completion bluray branding btrfs bzip2 cairo caps cdda cddb cdparanoia cdr cet chm chromecast cleartype colord corefonts crypt cups curl dbus declarative djvu dri dssi dts dv dvb dvd dvdr ebook egl encode exif fam fdk ffmpeg flac gdbm gif gles2 gmp google gphoto2 gpm gstreamer gtk gtk3 gtk4 gui iconv icu imagemagick imap imlib introspection ipv6 java jpeg jpeg2k kde kf6compat kvm kwallet ladspa lame lash lcms libffi libinput libnotify libtirpc linguas_en_US lm-sensors lvm lzma mad midi mmap mng mp3 mp4 mpeg mtp multimedia musicbrainz ncurses network networkmanager nftables nls numa ofx ogg opencl openexr opengl openmp opus pam pango pcre pdf pipewire pipewire-alsa plasma png policykit ppds pulseaudio qemu qml qt5 qt6 readline rtmp rust sasl scanner screencast sdl seccomp semantic-desktop sndfile sound speex spell ssl startup-notification subversion svg systemd test-rust theora threads tiff tk truetype udev udisks unicode upower usb v4l vaapi vcd vdpau vim-syntax vorbis vpx vst vulkan wav wavpack wayland webp widgets wmf wxwidgets x264 x265 xattr xcb xcomposite xft xine xkb xml xscreensaver xv xvid zlib" ABI_X86="64" ADA_TARGET="gcc_13" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_anon authn_dbm authn_file authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" CAMERAS="*" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx avx2 f16c fma3 mmx mmxext pclmul popcnt rdrand sha sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax navcom oceanserver oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 tsip tripmate tnt ublox" GRUB_PLATFORMS="efi-64" GUILE_SINGLE_TARGET="3-0" GUILE_TARGETS="3-0" INPUT_DEVICES="libinput wacom" KERNEL="linux" L10N="en_US.utf8" LCD_DEVICES="bayrad cfontz glk hd44780 lb216 lcdm001 mtxorb text" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" NGINX_MODULES_HTTP="autoindex fancyindex fastcgi gzip" OFFICE_IMPLEMENTATION="libreoffice" PERL_FEATURES="ithreads" PHP_TARGETS="php8-2" POSTGRES_TARGETS="postgres16" PYTHON_SINGLE_TARGET="python3_12" PYTHON_TARGETS="python3_12" QEMU_SOFTMMU_TARGETS="x86_64" QEMU_USER_TARGETS="x86_64" RUBY_TARGETS="ruby33" SANE_BACKENDS="epson epson2" VIDEO_CARDS="amdgpu radeonsi" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipp2p iface geoip fuzzy condition tarpit sysrq proto logmark ipmark dhcpmac delude chaos account" Unset: ADDR2LINE, ARFLAGS, AS, ASFLAGS, CCLD, CONFIG_SHELL, CPP, CPPFLAGS, CTARGET, CXXFILT, ELFEDIT, EXTRA_ECONF, F77FLAGS, FC, GCOV, GPROF, INSTALL_MASK, LC_ALL, LD, LFLAGS, LIBTOOL, MAKE, MAKEFLAGS, OBJCOPY, OBJDUMP, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PYTHONPATH, READELF, RUSTFLAGS, SIZE, STRINGS, STRIP, YACC, YFLAGS
Created attachment 918792 [details] build log
Have you installed some fonts manually?
(In reply to Sam James from comment #2) > Have you installed some fonts manually? No, have not. However this package has now emerged succesfully. Maybe it was updated or something else in the meantime that affected this.
I have installed fonts manually and am getting this same error. But every directory it's claiming "ACCESS DENIED" for is owned by root with rwx permission.
Should also mention that as far as I can determine there are, or were, no .uuid files or links in that directory tree.
(In reply to Stephen Ramsay from comment #4) > I have installed fonts manually and am getting this same error. But every > directory it's claiming "ACCESS DENIED" for is owned by root with rwx > permission. It's being denied because Doxygen is trying to regenerate the cache and the sandbox is stopping it. The issue is that your own fonts have been installed without generating the cache after, so the next time something tries to use the fonts, the cache gets regenerated at that point.
> The issue is that your own fonts have been installed without generating the > cache after, so the next time something tries to use the fonts, the cache > gets regenerated at that point. That seems to it. Regenerated the cache manually (fc-cache -f -v) and gpgme built without errors.
Created attachment 918896 [details, diff] check-uuid-exists-before-unlinking.patch I ran into this too. It happens because media-libs/fontconfig (in FcDirCacheDeleteUUID of src/fccache.c) attempts to unlink a ".uuid" file without first checking whether such file actually exists. It only does this if no cache exists in the font directory in question, but since it does not attempt to create a cache, it also should not be attempting to unlink a non-existent ".uuid" file. A fix is simply to check for the existence of a ".uuid" file before attempting to unlink it. The attached patch for media-libs/fontconfig fixes the issue for me. (Yes, I know I could (re)generate fontconfig caches in my custom font directories, but the point is that I shouldn't *need* to do that.)
The sandbox should probably not complain about unlinking a file that does not exist. I believe this issue will be fixed in the next version of sandbox I release.
Comment on attachment 918896 [details, diff] check-uuid-exists-before-unlinking.patch I actually disagree with making this change. Under normal circumstances, there is no reason to check if a file exists before attempting to unlink it. Changing this behavior because of the sandbox does not make sense.
*** Bug 949555 has been marked as a duplicate of this bug. ***
*** Bug 950213 has been marked as a duplicate of this bug. ***
Is there a way to identify which font files were manually installed, outside of those in /usr/local ?
(In reply to Nuitari from comment #13) > Is there a way to identify which font files were manually installed, outside > of those in /usr/local ? find /usr/share/fonts -type f \ -exec qfile -o {} + That would list all orphan (not tracked by the package manager) files beneath /usr/share/fonts, assuming you have app-portage/portage-utils installed.
Should be fixed in >=sys-apps/sandbox-2.44.
