[gentoo-commits] repo/gentoo:master commit in: sys-libs/glibc/

Sergei Trofimovich Fri, 27 Mar 2020 17:30:09 -0700

commit:     3aa558e231d4721b384f4239b23b793253be2f42
Author:     Sergei Trofimovich <slyfox <AT> gentoo <DOT> org>
AuthorDate: Sat Mar 28 00:29:16 2020 +0000
Commit:     Sergei Trofimovich <slyfox <AT> gentoo <DOT> org>
CommitDate: Sat Mar 28 00:29:16 2020 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3aa558e2


sys-libs/glibc: drop devpts mount checks, bug #704780

USE=-suid is a defaut for a while. The check made sense
when transition from USE=suid -> USE=-suid was happening.

Should not be needed nowadays.

The check fails in private-users containers where devpts
is mounted as a private group:

  # systemd-nspawn --private-users=65536 -D amd64-stable-glibc-2.30
  Selected user namespace base 65536 and range 65536
  amd64-stable-glibc-2.30 # fgrep pts /proc/mounts
  devpts /dev/pts devpts
    rw,nosuid,noexec,relatime,gid=65541,mode=620,ptmxmode=666 0 0

PTYs still work in that setup. I guess due to ptmxmode=666
broad permissions. Let's drop the old check and allow more
pts configurations.

Reported-by: Kai Krakow
Closes: https://bugs.gentoo.org/704780
Package-Manager: Portage-2.3.96, Repoman-2.3.22
Signed-off-by: Sergei Trofimovich <slyfox <AT> gentoo.org>

 sys-libs/glibc/glibc-2.31-r2.ebuild | 24 ------------------------
 sys-libs/glibc/glibc-9999.ebuild    | 24 ------------------------
 2 files changed, 48 deletions(-)

diff --git a/sys-libs/glibc/glibc-2.31-r2.ebuild 
b/sys-libs/glibc/glibc-2.31-r2.ebuild
index e180533f0fc..a46143ef0a5 100644
--- a/sys-libs/glibc/glibc-2.31-r2.ebuild
+++ b/sys-libs/glibc/glibc-2.31-r2.ebuild
@@ -494,27 +494,6 @@ glibc_banner() {
        echo "${b}"
 }
 
-check_devpts() {
-       # Make sure devpts is mounted correctly for use w/out setuid pt_chown.
-
-       # If merely building the binary package, then there's nothing to verify.
-       [[ ${MERGE_TYPE} == "buildonly" ]] && return
-
-       # Only sanity check when installing the native glibc.
-       [[ -n ${ROOT} ]] && return
-
-       # If they're opting in to the old suid code, then no need to check.
-       use suid && return
-
-       if awk '$3 == "devpts" && $4 ~ /[, ]gid=5[, ]/ { exit 1 }' /proc/mounts 
; then
-               eerror "In order to use glibc with USE=-suid, you must make 
sure that"
-               eerror "you have devpts mounted at /dev/pts with the gid=5 
option."
-               eerror "Openrc should do this for you, so you should check 
/etc/fstab"
-               eerror "and make sure you do not have any invalid settings 
there."
-               die "mount & fix your /dev/pts settings"
-       fi
-}
-
 # The following Kernel version handling functions are mostly copied from 
portage
 # source. It's better not to use linux-info.eclass here since a) it adds too
 # much magic, see bug 326693 for some of the arguments, and b) some of the
@@ -584,9 +563,6 @@ get_kheader_version() {
 # pkg_ and src_ phases, so we call this function both in pkg_pretend and in
 # src_unpack.
 sanity_prechecks() {
-       # Make sure devpts is mounted correctly for use w/out setuid pt_chown
-       check_devpts
-
        # Prevent native builds from downgrading
        if [[ ${MERGE_TYPE} != "buildonly" ]] && \
           [[ -z ${ROOT} ]] && \

diff --git a/sys-libs/glibc/glibc-9999.ebuild b/sys-libs/glibc/glibc-9999.ebuild
index 1bc1d7e7ec8..38268c5f937 100644
--- a/sys-libs/glibc/glibc-9999.ebuild
+++ b/sys-libs/glibc/glibc-9999.ebuild
@@ -493,27 +493,6 @@ glibc_banner() {
        echo "${b}"
 }
 
-check_devpts() {
-       # Make sure devpts is mounted correctly for use w/out setuid pt_chown.
-
-       # If merely building the binary package, then there's nothing to verify.
-       [[ ${MERGE_TYPE} == "buildonly" ]] && return
-
-       # Only sanity check when installing the native glibc.
-       [[ -n ${ROOT} ]] && return
-
-       # If they're opting in to the old suid code, then no need to check.
-       use suid && return
-
-       if awk '$3 == "devpts" && $4 ~ /[, ]gid=5[, ]/ { exit 1 }' /proc/mounts 
; then
-               eerror "In order to use glibc with USE=-suid, you must make 
sure that"
-               eerror "you have devpts mounted at /dev/pts with the gid=5 
option."
-               eerror "Openrc should do this for you, so you should check 
/etc/fstab"
-               eerror "and make sure you do not have any invalid settings 
there."
-               die "mount & fix your /dev/pts settings"
-       fi
-}
-
 # The following Kernel version handling functions are mostly copied from 
portage
 # source. It's better not to use linux-info.eclass here since a) it adds too
 # much magic, see bug 326693 for some of the arguments, and b) some of the
@@ -583,9 +562,6 @@ get_kheader_version() {
 # pkg_ and src_ phases, so we call this function both in pkg_pretend and in
 # src_unpack.
 sanity_prechecks() {
-       # Make sure devpts is mounted correctly for use w/out setuid pt_chown
-       check_devpts
-
        # Prevent native builds from downgrading
        if [[ ${MERGE_TYPE} != "buildonly" ]] && \
           [[ -z ${ROOT} ]] && \

[gentoo-commits] repo/gentoo:master commit in: sys-libs/glibc/

Reply via email to