[MacPorts] #53629: Failure during destroot, due to not privs

classic Classic list List threaded Threaded
9 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[MacPorts] #53629: Failure during destroot, due to not privs

MacPorts
#53629: Failure during destroot, due to not privs
----------------------+----------------------
 Reporter:  cbarrett  |      Owner:
     Type:  defect    |     Status:  new
 Priority:  Normal    |  Milestone:
Component:  ports     |    Version:
 Keywords:            |       Port:  carthage
----------------------+----------------------
 When running `sudo port install carthage`:

 {{{
 :notice:destroot --->  Staging carthage into destroot
 :debug:destroot Can't run destroot under sudo without elevated privileges
 (due to mtree).
 :debug:destroot Run destroot without sudo to avoid root privileges.
 :debug:destroot Going to escalate privileges back to root.
 :debug:destroot euid changed to: 0. egid changed to: 0.
 }}}

 This causes the call to `:info:destroot git submodule update --init
 --recursive` to fail with, e.g.

 {{{
 :info:destroot Cloning into
 '/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_release_tarballs_ports_devel_carthage/carthage/work/Carthage-0.18.1/Carthage/Checkouts/Commandant'...
 :info:destroot fatal: unable to access
 'https://github.com/Carthage/Commandant.git/': SSL certificate problem:
 Couldn't understand the server certificate format
 }}}

 Sure enough, sandboxing violations like in #50469

 {{{
 default 15:09:52.374632 -0500   kernel  SandboxViolation: git-remote-
 http(70759) deny(1) file-write-data /private/var/db/mds/system/mds.lock
 }}}

 My config doesn't have `macportsuser root` in it, or anything like that
 from the other ticket.

 Perhaps whatever's causing ports to run mtree (I haven't looked in detail
 there yet) should drop privs afterwards? I'm going to keep digging—years
 and years ago I was a contributor! :)

--
Ticket URL: <https://trac.macports.org/ticket/53629>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53629: Failure during destroot, due to not privs

MacPorts
#53629: Failure during destroot, due to not privs
-----------------------+-----------------
  Reporter:  cbarrett  |      Owner:
      Type:  defect    |     Status:  new
  Priority:  Normal    |  Milestone:
 Component:  ports     |    Version:
Resolution:            |   Keywords:
      Port:  carthage  |
-----------------------+-----------------

Comment (by cbarrett):

 Oops, apologies, the title should be "due to not dropping privs"

--
Ticket URL: <https://trac.macports.org/ticket/53629#comment:1>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53629: carthage: Failure during destroot, due to not dropping privs (was: Failure during destroot, due to not privs)

MacPorts
In reply to this post by MacPorts
#53629: carthage: Failure during destroot, due to not dropping privs
-----------------------+------------------------
  Reporter:  cbarrett  |      Owner:  seanfarley
      Type:  defect    |     Status:  assigned
  Priority:  Normal    |  Milestone:
 Component:  ports     |    Version:
Resolution:            |   Keywords:
      Port:  carthage  |
-----------------------+------------------------
Changes (by mf2k):

 * status:  new => assigned
 * owner:   => seanfarley


Comment:

 In the future, please Cc the port maintainers ({{{port info --maintainers
 carthage}}}), if any.

--
Ticket URL: <https://trac.macports.org/ticket/53629#comment:2>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53629: carthage: Failure during destroot, due to not dropping privs

MacPorts
In reply to this post by MacPorts
#53629: carthage: Failure during destroot, due to not dropping privs
-----------------------+------------------------
  Reporter:  cbarrett  |      Owner:  seanfarley
      Type:  defect    |     Status:  assigned
  Priority:  Normal    |  Milestone:
 Component:  ports     |    Version:
Resolution:            |   Keywords:
      Port:  carthage  |
-----------------------+------------------------

Comment (by seanfarley):

 No idea. Sounds like this happens for any port that does a git clone?

--
Ticket URL: <https://trac.macports.org/ticket/53629#comment:3>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53629: carthage: Failure during destroot, due to not dropping privs

MacPorts
In reply to this post by MacPorts
#53629: carthage: Failure during destroot, due to not dropping privs
-----------------------+------------------------
  Reporter:  cbarrett  |      Owner:  seanfarley
      Type:  defect    |     Status:  assigned
  Priority:  Normal    |  Milestone:
 Component:  ports     |    Version:
Resolution:            |   Keywords:
      Port:  carthage  |
-----------------------+------------------------

Comment (by raimue):

 This report does not make a lot of sense to me and I cannot reproduce the
 problem. Why would base be fetching with 'git clone' during destroot?
 There is no indication of that in the port...

 Could you provide step by step instructions that show how to reproduce the
 problem?

--
Ticket URL: <https://trac.macports.org/ticket/53629#comment:4>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53629: carthage: Failure during destroot, due to not dropping privs

MacPorts
In reply to this post by MacPorts
#53629: carthage: Failure during destroot, due to not dropping privs
-----------------------+------------------------
  Reporter:  cbarrett  |      Owner:  seanfarley
      Type:  defect    |     Status:  assigned
  Priority:  Normal    |  Milestone:
 Component:  ports     |    Version:
Resolution:            |   Keywords:
      Port:  carthage  |
-----------------------+------------------------
Changes (by schwerdf):

 * Attachment "CarthageInstall_main.log" added.

 Log of unsuccessful Carthage install attempt.

--
Ticket URL: <https://trac.macports.org/ticket/53629>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53629: carthage: Failure during destroot, due to not dropping privs

MacPorts
In reply to this post by MacPorts
#53629: carthage: Failure during destroot, due to not dropping privs
-----------------------+------------------------
  Reporter:  cbarrett  |      Owner:  seanfarley
      Type:  defect    |     Status:  assigned
  Priority:  Normal    |  Milestone:
 Component:  ports     |    Version:
Resolution:            |   Keywords:
      Port:  carthage  |
-----------------------+------------------------

Comment (by schwerdf):

 I am getting a similar error when trying to install Carthage. I ran `sudo
 port install carthage` on an essentially clean installation of MacPorts
 under Sierra, and it failed on an attempt to clone a Git repository. I
 have attached the full log from the run.

--
Ticket URL: <https://trac.macports.org/ticket/53629#comment:5>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53629: carthage: Failure during destroot, due to not dropping privs

MacPorts
In reply to this post by MacPorts
#53629: carthage: Failure during destroot, due to not dropping privs
-----------------------+------------------------
  Reporter:  cbarrett  |      Owner:  seanfarley
      Type:  defect    |     Status:  assigned
  Priority:  Normal    |  Milestone:
 Component:  ports     |    Version:
Resolution:            |   Keywords:
      Port:  carthage  |
-----------------------+------------------------

Comment (by seanfarley):

 `fatal: unable to access 'https://github.com/thoughtbot/Argo.git/': SSL
 certificate problem: Couldn't understand the server certificate format`
 ... so something is off with certs?

--
Ticket URL: <https://trac.macports.org/ticket/53629#comment:6>
MacPorts <https://www.macports.org/>
Ports system for macOS
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: [MacPorts] #53629: carthage: Failure during destroot, due to not dropping privs

MacPorts
In reply to this post by MacPorts
#53629: carthage: Failure during destroot, due to not dropping privs
-----------------------+------------------------
  Reporter:  cbarrett  |      Owner:  seanfarley
      Type:  defect    |     Status:  assigned
  Priority:  Normal    |  Milestone:
 Component:  ports     |    Version:
Resolution:            |   Keywords:
      Port:  carthage  |
-----------------------+------------------------

Comment (by breun):

 I ran into that error message once and it ended up not having anything to
 do with certificates. Maybe you've got the same issue:
 https://trac.macports.org/ticket/50469

--
Ticket URL: <https://trac.macports.org/ticket/53629#comment:7>
MacPorts <https://www.macports.org/>
Ports system for macOS
Loading...