Gentoo Archives: gentoo-alt

From: Steven Trogdon <strogdon@×××××.edu>
To: gentoo-alt@l.g.o
Subject: Re: [gentoo-alt] rap prefix - glibc-2.26-r3
Date: Thu, 30 Nov 2017 16:42:35
Message-Id: 20171130103957.0ccdc762.strogdon@d.umn.edu
In Reply to: Re: [gentoo-alt] rap prefix - glibc-2.26-r3 by Benda Xu
1 Thanks Benda for the suggestions. However, to get things to work here I had to
2 get the system admin to modify the host /etc/{group, passwd} files and that
3 enabled me to emerge sys-libs/glibc with your prefixify changes through
4 modification to linux-standalone/profile.bashrc. Things seem to be 'good' now.
5 By the way, I'm just over the border relative to kernels on the host
6
7 uname -a
8 Linux blitzen 3.2.0-4-amd64 #1 SMP Debian 3.2.88-1 x86_64 Intel(R) Xeon(R) CPU
9 E5-1650 0 @ 3.20GHz GenuineIntel GNU/Linux
10
11 Steve
12
13 On Wed, 29 Nov 2017 13:11:05 +0900
14 Benda Xu <heroxbd@g.o> wrote:
15
16 > Hi Steven,
17 >
18 > Steven Trogdon <strogdon@×××××.edu> writes:
19 >
20 > > Upgraded my prefix rap today doing:
21 > >
22 > > emerge -1 portage
23 > > emerge -uDN system
24 > >
25 > > I don't think the portage upgrade is the issue since the system proceeded to
26 > > upgrade, although with numerous warnings like:
27 > >
28 > > portage: 'portage' user or group missing.
29 > > For the defaults, line 1 goes into passwd, and 2 into group.
30 > > portage:x:250:250:portage:/var/tmp/portage:/bin/false
31 > > portage::250:portage
32 > > *** WARNING *** For security reasons, only system administrators should be
33 > > *** WARNING *** allowed in the portage group. Untrusted users or processes
34 > > *** WARNING *** can potentially exploit the portage group for attacks such
35 > > as *** WARNING *** local privilege escalation.
36 >
37 > The two seem to be related.
38 >
39 > > I'm now unable to emerge anything. I think the culprit is the upgrade
40 > > of glibc from 2.25-r9 -> 2.26-r3 although it could be something else. Prior
41 > > to the upgrade getent <group | passwd> was parsing EPREFIX/etc/<group |
42 > > passwd> for group and passwd info. It clearly is now parsing /etc/<group |
43 > > passwd> passwd>. And I
44 > > have no control over what is under /etc.
45 >
46 > Do you have a binary backup of glibc-2.25 to rollback? If so, it can be
47 > used to rollback. Otherwise another possible fix is available below.
48 >
49 > > In fact the host getent parses db files in a non-standard location to
50 > > get group/passwd info. When I attempt to emerge I get things like
51 > >
52 > > !!! Directory initialization failed:
53 > > '/storage/strogdon/gentoo-rap/var/lib/portage' !!!
54 > > chown('/storage/strogdon/gentoo-rap/var/lib/portage', -1, 0) !!! Directory
55 > > initialization failed: '/storage/strogdon/gentoo-rap/var/cache/edb' !!!
56 > > chown('/storage/strogdon/gentoo-rap/var/cache/edb', -1, 0) [Errno 1]
57 > > Operation not permitted:
58 > > [...]
59 > > done!
60 > >
61 > > and the emerge fails.
62 > >
63 > > From within prefix
64 > > id
65 > > uid=105600 gid=925 groups=925
66 > >
67 > > From the host
68 > > id
69 > > uid=105600(strogdon) gid=925(math) groups=925(math)
70 > >
71 > > Looking for things to try without re-installing prefix[rap].
72 >
73 > From glibc-2.26, the path /etc/passwd is handled by another file. I
74 > have just made a fix at
75 >
76 > https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ab2e3a4026e093e0cf17b46b5bcc308a861f93c8
77 >
78 > To recover with the fixed glibc-2.26, one solution has been explored in the
79 > IRC:
80 >
81 > export PORTAGE_INST_UID=105600 PORTAGE_INST_GID=925 PORTAGE_GRPNAME=math
82 > emerge --oneshot sys-libs/glibc
83 >
84 > Yours,
85 > Benda

Replies

Subject Author
Re: [gentoo-alt] rap prefix - glibc-2.26-r3 Benda Xu <heroxbd@g.o>