gpgme master build sandbox violations

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

gpgme master build sandbox violations

Alon Bar-Lev-3
Hi,
While waiting ages for gpgme-1.9.1 release, I checked master and noticed the following sandbox violations.
It tries to create /run/user/XXX while it should use either TMPDIR or the builddir.
Thanks,
Alon

---

Making all in tests
make[2]: Entering directory '/var/tmp/portage/app-crypt/gpgme-1.9.1/work/gpgme-1.9.1-beta43/tests'
Making all in gpg
make[3]: Entering directory '/var/tmp/portage/app-crypt/gpgme-1.9.1/work/gpgme-1.9.1-beta43/tests/gpg'
echo no-force-v3-sigs > ./gpg.conf
echo pinentry-program /var/tmp/portage/app-crypt/gpgme-1.9.1/work/gpgme-1.9.1-beta43/tests/gpg/pinentry > ./gpg-agent.conf
gpgconf --kill all
 * ACCESS DENIED:  mkdir:        /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
 * ACCESS DENIED:  mkdir:        /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
 * ACCESS DENIED:  mkdir:        /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
/bin/mkdir -p ./private-keys-v1.d
for k in 13CD0F3BDF24BE53FE192D62F18737256FF6E4FD 76F7E2B35832976B50A27A282D9B87E44577EB66 A0747D5F9425E6664F4FFBEED20FBCA79FDED2BD 13CBE3758AFE42B5E5E2AE4CED27AFA455E3F87F 7A030357C0F253A5BBCD282FFC4E521B37558F5C; do \
          cp ./$k private-keys-v1.d/$k.key; \
        done
echo x > ./private-keys-v1.d/gpg-sample.stamp
gpg --batch --no-permission-warning \
               --import ./pubdemo.asc
gpg: keybox '/var/tmp/portage/app-crypt/gpgme-1.9.1/work/gpgme-1.9.1-beta43/tests/gpg/pubring.kbx' created
gpg: /var/tmp/portage/app-crypt/gpgme-1.9.1/work/gpgme-1.9.1-beta43/tests/gpg/trustdb.gpg: trustdb created
gpg: key 2D727CC768697734: public key "Alfa Test (demo key) <[hidden email]>" imported
 * ACCESS DENIED:  mkdir:        /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
 * ACCESS DENIED:  mkdir:        /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
gpg: key FE180B1DA9E3B0B2: public key "Bob (demo key)" imported
<snip>
gpg: key 9EEF34CD4B11B25F: public key "Yankee Test (demo key) <[hidden email]>" imported
gpg: key 6BC4778054ACD246: public key "Zulu Test (demo key) <[hidden email]>" imported
gpg: Total number processed: 26
gpg:               imported: 26
gpg --batch --no-permission-warning \
        --import ./secdemo.asc
gpg: key 2D727CC768697734: "Alfa Test (demo key) <[hidden email]>" 1 new signature
 * ACCESS DENIED:  mkdir:        /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
gpg: key 2D727CC768697734: secret key imported
make[3]: Entering directory '/var/tmp/portage/app-crypt/gpgme-1.9.1/work/gpgme-1.9.1-beta43/tests/gpgsm'
echo disable-crl-checks > ./gpgsm.conf
echo faked-system-time 1008241200 >> ./gpgsm.conf
echo 32100C27173EF6E9C4E9A25D3D69F86D37A4F939 > ./trustlist.txt
echo >> ./trustlist.txt
echo "# CN=test cert 1,OU=Aegypten Project,O=g10 Code GmbH,L=Düsseldorf,C=DE" >> ./trustlist.txt
echo "3CF405464F66ED4A7DF45BBDD1E4282E33BDB76E S" >> ./trustlist.txt
gpgconf --kill all
 * ACCESS DENIED:  mkdir:        /run/user/1000/gnupg/d.51ih5c4sxjgpci4ftrcx8c49
 * ACCESS DENIED:  mkdir:        /run/user/1000/gnupg/d.51ih5c4sxjgpci4ftrcx8c49
 * ACCESS DENIED:  mkdir:        /run/user/1000/gnupg/d.51ih5c4sxjgpci4ftrcx8c49
/bin/mkdir -p ./private-keys-v1.d
cp ./32100C27173EF6E9C4E9A25D3D69F86D37A4F939 private-keys-v1.d/32100C27173EF6E9C4E9A25D3D69F86D37A4F939.key
echo x > ./private-keys-v1.d/gpg-sample.stamp

FORMAT: F - Function called
FORMAT: S - Access Status
FORMAT: P - Path as passed to function
FORMAT: A - Absolute Path (not canonical)
FORMAT: R - Canonical Path
FORMAT: C - Command Line

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
A: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
R: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
C: gpg-connect-agent --no-autostart KILLAGENT

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
A: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
R: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
C: gpg-connect-agent -s --no-autostart GETINFO scd_running /if ${! $?} scd killscd /end

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
A: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
R: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
C: gpg-connect-agent --no-autostart --dirmngr KILLDIRMNGR

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
A: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
R: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
C: gpg --batch --no-permission-warning --import ./pubdemo.asc

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
A: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
R: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
C: gpg-agent --homedir /var/tmp/portage/app-crypt/gpgme-1.9.1/work/gpgme-1.9.1-beta43/tests/gpg --use-standard-socket --daemon

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
A: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
R: /run/user/1000/gnupg/d.dn67o4dwds88dto43wzt7y31
C: gpg --batch --no-permission-warning --import ./secdemo.asc

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.51ih5c4sxjgpci4ftrcx8c49
A: /run/user/1000/gnupg/d.51ih5c4sxjgpci4ftrcx8c49
R: /run/user/1000/gnupg/d.51ih5c4sxjgpci4ftrcx8c49
C: gpg-connect-agent --no-autostart KILLAGENT

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.51ih5c4sxjgpci4ftrcx8c49
A: /run/user/1000/gnupg/d.51ih5c4sxjgpci4ftrcx8c49
R: /run/user/1000/gnupg/d.51ih5c4sxjgpci4ftrcx8c49
C: gpg-connect-agent -s --no-autostart GETINFO scd_running /if ${! $?} scd killscd /end

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.51ih5c4sxjgpci4ftrcx8c49
A: /run/user/1000/gnupg/d.51ih5c4sxjgpci4ftrcx8c49
R: /run/user/1000/gnupg/d.51ih5c4sxjgpci4ftrcx8c49
C: gpg-connect-agent --no-autostart --dirmngr KILLDIRMNGR

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
A: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
R: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
C: gpg-connect-agent --no-autostart KILLAGENT

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
A: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
R: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
C: gpg-connect-agent -s --no-autostart GETINFO scd_running /if ${! $?} scd killscd /end

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
A: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
R: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
C: gpg-connect-agent --no-autostart --dirmngr KILLDIRMNGR

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
A: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
R: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
C: gpg --no-permission-warning --import ../../../tests/gpg/pubdemo.asc

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
A: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
R: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
C: gpg-agent --homedir /var/tmp/portage/app-crypt/gpgme-1.9.1/work/gpgme-1.9.1-beta43/lang/qt/tests --use-standard-socket --daemon

F: mkdir
S: deny
P: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
A: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
R: /run/user/1000/gnupg/d.sapwjz18zz5c65r7ujpk4nyu
C: gpg --no-permission-warning --passphrase abc --import ../../../tests/gpg/secdemo.asc


_______________________________________________
Gnupg-devel mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-devel
Loading...