1 |
On Monday 22 December 2008 11:40:32 pm Branko Badrljica wrote: |
2 |
> Duncan wrote: |
3 |
> > Branko Badrljica <brankob@××××××××××.com> posted |
4 |
> > 494F1518.2020109@××××××××××.com, excerpted below, on Mon, 22 Dec 2008 |
5 |
> > |
6 |
> > 05:18:32 +0100: |
7 |
> >> Maybe I should have filed this as a bug, but don't have a clue to which |
8 |
> >> package should I assign it, if any. |
9 |
> > |
10 |
> > FWIW, this would have been a perfect question for the gentoo-desktop |
11 |
> > list, but doesn't really belong on the -dev list. There's also the |
12 |
> > gentoo-user list, altho that one has very heavy volume so you might not |
13 |
> > wish to subscribe there. |
14 |
> |
15 |
> Well, regarding the actual error, i think it might interest someone |
16 |
> here, also. |
17 |
> Although I mentioned just baselayout and openrc, I did check ( end |
18 |
> reemerged etc) hal also, and it indeed emerged _without_ |
19 |
> /etc/init.d/hald. |
20 |
> |
21 |
> I tracked it down to root cause: Although I don't use it, I have |
22 |
> compiled-in selinux support ( and selinux=0 as kernel start parameter). |
23 |
> When I was makeconfiging my kernel, I saw also SMACK support, read info |
24 |
> and thought "what the heck, it can't hurt me, but I might want to play |
25 |
> with it", so I compiled-in that, too. |
26 |
> |
27 |
> Then after some time I realised that I never got to actually used all |
28 |
> that and changed my config file by cutting out that all that security |
29 |
> stuff. And recompiled all my kernels accordingly. |
30 |
> Around that time I saw people recommending using tmpfs for /var/tmp as |
31 |
> this would speed-up emerges etc, so I did that. |
32 |
> |
33 |
> I didn't know that while I was on SMACK (pun intended) , machine would |
34 |
> add extended attr to every file machine would write. ( It was SMACK64 in |
35 |
> security domain ). |
36 |
> |
37 |
> After cleaning my system, even though those attributes were still on all |
38 |
> files, everything was fine until I actually tried to copy something from |
39 |
> that FS to some other FS. |
40 |
> /bin/cp would realise that there are extra security attrs on a file and |
41 |
> would try to duplicate them on a copy. And since new kernel was without |
42 |
> SMACK support, it would fail. |
43 |
> |
44 |
> When emerging stuff with /var/tmp on tmpfs, /bin/cp seems to get rarely |
45 |
> used in such way when copying stuff into /var/tmp or maybe it was |
46 |
> because distfiles were without SMACK attrs- so most ebuilds would |
47 |
> seemingly sucseed. Most errors seem tho have been made when ebuild |
48 |
> needed some local data, usually in /etc that had SMACK64 attr. If |
49 |
> /bin/cp was used to get that data, it would fail, but this would not |
50 |
> stop the ebuild. It would usually finished its work just as if nothing |
51 |
> happened. |
52 |
> |
53 |
> Once I unmounted /var/tmp, ebuild could finish normally. Also, after |
54 |
> removing security attr from all files, ebuild has started working |
55 |
> normally from tmpfs partition again. |
56 |
> |
57 |
> It is also interesting that on 2.6.27* kernel ebuild fails sometimes |
58 |
> and when it fails, it does so silently most of the time. With newest |
59 |
> 2.6.28-rc9 i couldn't emerge a thing... |
60 |
> |
61 |
> Since I might not be the only tinkerer on Gentoo to try stuff like that |
62 |
> and since it took me a day to find this, maybe it wouldn't hurt to check |
63 |
> for this kind of thing in portage ? |
64 |
> At the very least failed cp should stop emerge... |
65 |
|
66 |
Very nice edge case and great work tracking down the cause. |