Gentoo Archives: gentoo-user

From: Rich Freeman <rich0@g.o>
To: gentoo-user@l.g.o
Subject: Re: [gentoo-user] Music player being run from an emerge
Date: Wed, 10 Jul 2019 13:33:39
In Reply to: [gentoo-user] Music player being run from an emerge by Andrew Lowe
1 On Tue, Jul 9, 2019 at 2:10 PM Andrew Lowe <agl@×××××××.au> wrote:
2 >
3 > * ACCESS DENIED: open_wr: /dev/snd/controlC0
4 > * ACCESS DENIED: open_wr: /dev/snd/controlC0
6 This has nothing to do with permissions, and everything to do with the sandbox.
8 Most emerge phases are sandboxed. This uses LD_PRELOAD to override
9 glibc functions to intercept filesystem access, which is why you're
10 also getting messages related to this (just going from memory so
11 forgive me if I have a minor detail off here).
13 If you want to override the sandbox behavior you need to stick a file
14 in /etc/sandbox.d/ with your changes, such as adding
15 SANDBOX_WRITE="/dev/snd" to your config.
17 In general though portage is configured to lock down filesystem writes
18 even as root so that build systems aren't dropping random files in
19 random places, or wiping out your hard drives. We want the build
20 system to stay in /var/tmp and stick its install files in the image
21 directory, and then portage will catalog them and move them to your
22 filesystem so that it can cleanly uninstall things later.
24 You could also disable sandboxing entirely, but I would strongly
25 recommend NOT doing this.
27 --
28 Rich