View previous topic :: View next topic |
Author |
Message |
gasc n00b
Joined: 16 Mar 2024 Posts: 6
|
Posted: Mon Oct 21, 2024 8:05 am Post subject: Cannot access /dev/dri/* when in chroot |
|
|
Hello,
I am updating an ebuild, and the tests need access to the video card. When running the tests in a chroot, they all fails with the error
Code: |
libEGL warning: failed to open /dev/dri/renderD128: Permission denied
libEGL warning: failed to open /dev/dri/renderD128: Permission denied
libEGL warning: failed to open /dev/dri/card0: Permission denied
|
It is a python ebuild, and I am using virtx to run the tests.
Everything should work but it does not, I am puzzled.
Do anyone has an idea ? |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 22887
|
Posted: Mon Oct 21, 2024 12:16 pm Post subject: |
|
|
Welcome to the forums. On its own, chroot should not cause this. However, some kernel hardening features may interpret chroot as a broader request to lock down the contained process. What is the output of emerge --info; namei -l /dev/dri/card0 while in the chroot? |
|
Back to top |
|
|
gasc n00b
Joined: 16 Mar 2024 Posts: 6
|
Posted: Mon Oct 21, 2024 3:08 pm Post subject: |
|
|
Code: |
# namei -l /dev/dri/card0
f: /dev/dri/card0
drwxr-xr-x root root /
drwxr-xr-x root root dev
drwxr-xr-x root root dri
crw-rw---- root video card0
|
I get the same output for namei when I run it out of the chroot
emerge --info: https://pastebin.com/9FrRRXaz |
|
Back to top |
|
|
lekto Apprentice
Joined: 20 Sep 2014 Posts: 213 Location: Ancient Rome
|
|
Back to top |
|
|
gasc n00b
Joined: 16 Mar 2024 Posts: 6
|
Posted: Mon Oct 21, 2024 7:52 pm Post subject: |
|
|
It is nice of you, but I do not use systemd-nspawn. Maybe it will help, so thank you.
And because the pastebin is expired:
Code: |
Portage 3.0.66.1 (python 3.13.0-final-0, default/linux/amd64/23.0/hardened/selinux, gcc-14, glibc-2.40-r5, 6.11.4-gentoo-hardened x86_64)
=================================================================
System uname: Linux-6.11.4-gentoo-hardened-x86_64-12th_Gen_Intel-R-_Core-TM-_i5-1230U-with-glibc2.40
KiB Mem: 15978528 total, 3412904 free
KiB Swap: 16777212 total, 16777212 free
Timestamp of repository gentoo: Sat, 19 Oct 2024 11:20:00 +0000
Head commit of repository gentoo: 8b1bd7edb097c50bfeef889c81350f746c83fd65
Timestamp of repository guru: Sat, 19 Oct 2024 00:18:16 +0000
Head commit of repository guru: e344dda63b0598ac594840f6198e411290978b89
sh bash 5.2_p37
ld GNU ld (Gentoo 2.43 p2) 2.43.1
app-misc/pax-utils: 1.3.8::gentoo
app-shells/bash: 5.2_p37::gentoo
dev-build/autoconf: 2.72-r1::gentoo
dev-build/automake: 1.17-r1::gentoo
dev-build/cmake: 3.30.5::gentoo
dev-build/libtool: 2.5.3::gentoo
dev-build/make: 4.4.1-r100::gentoo
dev-build/meson: 1.5.2::gentoo
dev-lang/perl: 5.40.0::gentoo
dev-lang/python: 3.10.15_p1::gentoo, 3.11.10_p1::gentoo, 3.12.7_p1::gentoo, 3.13.0::gentoo
sec-policy/selinux-base: 2.20240916-r1::gentoo
sys-apps/baselayout: 2.15::gentoo
sys-apps/openrc: 0.55.1::gentoo
sys-apps/sandbox: 2.39::gentoo
sys-devel/binutils: 2.43-r1::gentoo
sys-devel/binutils-config: 5.5.2::gentoo
sys-devel/gcc: 14.2.1_p20240921::gentoo
sys-devel/gcc-config: 2.11::gentoo
sys-devel/llvm: 18.1.8-r4::gentoo, 19.1.2::gentoo
sys-kernel/linux-headers: 6.11::gentoo (virtual/os-headers)
sys-libs/glibc: 2.40-r5::gentoo
sys-libs/libselinux: 3.7-r1::gentoo
Repositories:
gentoo
location: /var/db/repos/gentoo
sync-type: rsync
sync-uri: rsync://rsync.gentoo.org/gentoo-portage
priority: -1000
volatile: False
sync-rsync-verify-jobs: 1
sync-rsync-verify-metamanifest: yes
sync-rsync-extra-opts:
sync-rsync-verify-max-age: 3
guru
location: /var/db/repos/guru
sync-type: git
sync-uri: https://github.com/gentoo-mirror/guru.git
masters: gentoo
volatile: False
localrepo
location: /var/db/repos/localrepo
masters: gentoo
volatile: False
ABI="amd64"
ABI_X86="64"
ACCEPT_KEYWORDS="amd64 ~amd64"
ACCEPT_LICENSE="*"
ACCEPT_PROPERTIES="*"
ACCEPT_RESTRICT="*"
ADA_TARGET="gcc_12"
APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_anon authn_dbm authn_file authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias"
ARCH="amd64"
AUTOCLEAN="no"
BINPKG_COMPRESS="zstd"
BINPKG_FORMAT="gpkg"
BINPKG_GPG_SIGNING_BASE_COMMAND="/usr/bin/flock /run/lock/portage-binpkg-gpg.lock /usr/bin/gpg --sign --armor [PORTAGE_CONFIG]"
BINPKG_GPG_SIGNING_DIGEST="SHA512"
BINPKG_GPG_SIGNING_GPG_HOME="/root/.gnupg"
BINPKG_GPG_SIGNING_KEY="CF911BCC10362DF816A94E2449285B5A939AC57C"
BINPKG_GPG_VERIFY_BASE_COMMAND="/usr/bin/gpg --verify --batch --no-tty --no-auto-check-trustdb --status-fd 2 [PORTAGE_CONFIG] [SIGNATURE]"
BINPKG_GPG_VERIFY_GPG_HOME="/etc/portage/gnupg"
BOOTSTRAP_USE="unicode pkg-config split-usr xml python_targets_python3_12 python_single_target_python3_12 multilib zstd cet hardened pic xtpax -jit -orc curl_ssl_openssl jpeg ssl unconfined"
BROOT=""
CALLIGRA_FEATURES="karbon sheets words"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=alderlake -mabm -mno-cldemote -mno-kl -mno-pconfig -mno-sgx -mno-widekl -mshstk --param=l1-cache-line-size=64 --param=l1-cache-size=32 --param=l2-cache-size=12288 -O2 -pipe -flto -Werror=odr -Werror=lto-type-mismatch -Werror=strict-aliasing -fdiagnostics-color -frecord-gcc-switches -fhardened -Wno-hardened"
CFLAGS_amd64="-m64"
CFLAGS_x32="-mx32"
CFLAGS_x86="-m32 -mfpmath=sse"
CHOST="x86_64-pc-linux-gnu"
CHOST_amd64="x86_64-pc-linux-gnu"
CHOST_x32="x86_64-pc-linux-gnux32"
CHOST_x86="i686-pc-linux-gnu"
CLEAN_DELAY="5"
COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog"
COLLISION_IGNORE="/boot/dtbs/* /lib/modules/*"
COLORTERM="truecolor"
COMMON_FLAGS="-march=alderlake -mabm -mno-cldemote -mno-kl -mno-pconfig -mno-sgx -mno-widekl -mshstk --param=l1-cache-line-size=64 --param=l1-cache-size=32 --param=l2-cache-size=12288 -O2 -pipe -flto -Werror=odr -Werror=lto-type-mismatch -Werror=strict-aliasing -fdiagnostics-color -frecord-gcc-switches -fhardened -Wno-hardened"
CONFIG_PROTECT="/etc /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d"
CPU_FLAGS_X86="aes avx avx2 f16c fma3 mmx mmxext pclmul popcnt rdrand sha sse sse2 sse3 sse4_1 sse4_2 ssse3 vpclmulqdq"
CXXFLAGS="-march=alderlake -mabm -mno-cldemote -mno-kl -mno-pconfig -mno-sgx -mno-widekl -mshstk --param=l1-cache-line-size=64 --param=l1-cache-size=32 --param=l2-cache-size=12288 -O2 -pipe -flto -Werror=odr -Werror=lto-type-mismatch -Werror=strict-aliasing -fdiagnostics-color -frecord-gcc-switches -fhardened -Wno-hardened"
DEFAULT_ABI="amd64"
DISPLAY=":1"
DISTDIR="/var/cache/distfiles"
DISTUTILS_STRICT_ENTRY_POINTS="1"
ELIBC="glibc"
EMERGE_DEFAULT_OPTS="--jobs=12 --load-average=12 --verbose --tree --buildpkg-exclude='acct-*/* sys-kernel/* virtual/* */*-bin' --usepkg"
EMERGE_WARNING_DELAY="10"
ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GDK_PIXBUF_MODULE_FILE GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR XDG_STATE_HOME"
EPREFIX=""
EROOT="/"
ESYSROOT="/"
FCFLAGS="-march=alderlake -mabm -mno-cldemote -mno-kl -mno-pconfig -mno-sgx -mno-widekl -mshstk --param=l1-cache-line-size=64 --param=l1-cache-size=32 --param=l2-cache-size=12288 -O2 -pipe -flto -Werror=odr -Werror=lto-type-mismatch -Werror=strict-aliasing -fdiagnostics-color -frecord-gcc-switches -fhardened -Wno-hardened"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs binpkg-multi-instance binpkg-request-signature binpkg-signing buildpkg candy compressdebug config-protect-if-modified distlocks downgrade-backup ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pkgdir-index-trusted preserve-libs protect-owned qa-unresolved-soname-deps sandbox selinux sesandbox sfperms split-elog split-log splitdebug strict strict-keepdir suidctl unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync warn-on-large-env xattr"
FETCHCOMMAND="wget -t 3 -T 60 --passive-ftp -O "${DISTDIR}/${FILE}" "${URI}""
FETCHCOMMAND_RSYNC="rsync -LtvP "${URI}" "${DISTDIR}/${FILE}""
FETCHCOMMAND_SFTP="bash -c "x=\${2#sftp://} ; host=\${x%%/*} ; port=\${host##*:} ; host=\${host%:*} ; [[ \${host} = \${port} ]] && port= ; eval \"declare -a ssh_opts=(\${3})\" ; exec sftp \${port:+-P \${port}} \"\${ssh_opts[@]}\" \"\${host}:/\${x#*/}\" \"\$1\"" sftp "${DISTDIR}/${FILE}" "${URI}" "${PORTAGE_SSH_OPTS}""
FETCHCOMMAND_SSH="bash -c "x=\${2#ssh://} ; host=\${x%%/*} ; port=\${host##*:} ; host=\${host%:*} ; [[ \${host} = \${port} ]] && port= ; exec rsync --rsh=\"ssh \${port:+-p\${port}} \${3}\" -avP \"\${host}:/\${x#*/}\" \"\$1\"" rsync "${DISTDIR}/${FILE}" "${URI}" "${PORTAGE_SSH_OPTS}""
FFLAGS="-march=alderlake -mabm -mno-cldemote -mno-kl -mno-pconfig -mno-sgx -mno-widekl -mshstk --param=l1-cache-line-size=64 --param=l1-cache-size=32 --param=l2-cache-size=12288 -O2 -pipe -flto -Werror=odr -Werror=lto-type-mismatch -Werror=strict-aliasing -fdiagnostics-color -frecord-gcc-switches -fhardened -Wno-hardened"
GCC_SPECS=""
GENTOO_MIRRORS="http://tux.rainside.sk/gentoo/ ftp://tux.rainside.sk/gentoo/"
GPG_VERIFY_GROUP_DROP="nogroup"
GPG_VERIFY_USER_DROP="nobody"
GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax navcom oceanserver oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 tsip tripmate tnt ublox"
GRUB_PLATEFORMS="efi-64"
GRUB_PLATFORMS=""
GUILE_SINGLE_TARGET="3-0"
GUILE_TARGETS="3-0"
HOME="/root"
INFOPATH="/usr/share/gcc-data/x86_64-pc-linux-gnu/14/info:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.43/info:/usr/share/autoconf-2.72/info:/usr/share/automake-1.17/info:/usr/share/info"
INPUT_DEVICES="synaptics libinput"
IUSE_IMPLICIT="abi_x86_64 prefix prefix-guest prefix-stack"
IWDT_ALL="y"
KERNEL="linux"
LANG="C.utf8"
LCD_DEVICES="bayrad cfontz glk hd44780 lb216 lcdm001 mtxorb text"
LC_MESSAGES="C.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed -Wl,-z,pack-relative-relocs -Wl,--defsym=__gentoo_check_ldflags__=0"
LDFLAGS_amd64="-m elf_x86_64"
LDFLAGS_x32="-m elf32_x86_64"
LDFLAGS_x86="-m elf_i386"
LESS="-R -M --shift 5"
LESSOPEN="|lesspipe %s"
LEX="flex"
LIBDIR_amd64="lib64"
LIBDIR_x32="libx32"
LIBDIR_x86="lib"
LOGNAME="root"
LS_COLORS="rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33
;01:cd=40;33;01:or=01;05;37;41:mi=01;05;37;41:su=37;41:sg=30;43:ca=00:tw=30
;42:ow=34;42:st=37;44:ex=01;32:*.7z=01;31:*.ace=01;31:*.alz=01;31:*.apk=01;
31:*.arc=01;31:*.arj=01;31:*.bz=01;31:*.bz2=01;31:*.cab=01;31:*.cpio=01;31:
*.crate=01;31:*.deb=01;31:*.drpm=01;31:*.dwm=01;31:*.dz=01;31:*.ear=01;31:*
.egg=01;31:*.esd=01;31:*.gz=01;31:*.jar=01;31:*.lha=01;31:*.lrz=01;31:*.lz=
01;31:*.lz4=01;31:*.lzh=01;31:*.lzma=01;31:*.lzo=01;31:*.pyz=01;31:*.rar=01
;31:*.rpm=01;31:*.rz=01;31:*.sar=01;31:*.swm=01;31:*.t7z=01;31:*.tar=01;31:
*.taz=01;31:*.tbz=01;31:*.tbz2=01;31:*.tgz=01;31:*.tlz=01;31:*.txz=01;31:*.
tz=01;31:*.tzo=01;31:*.tzst=01;31:*.udeb=01;31:*.war=01;31:*.whl=01;31:*.
wim=01;31:*.xz=01;31:*.z=01;31:*.zip=01;31:*.zoo=01;31:*.zst=01;31:*.avif=
01;35:*.jpg=01;35:*.jpeg=01;35:*.mjpg=01;35:*.mjpeg=01;35:*.gif=01;35:*.bmp
=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01
;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;
35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35
:*.webm=01;35:*.webp=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35
:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.
rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=
01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.ogv=01;
35:*.ogx=01;35:*.cfg=00;32:*.conf=00;32:*.diff=00;32:*.doc=00;32:*.ini=00;
32:*.log=00;32:*.patch=00;32:*.pdf=00;32:*.ps=00;32:*.tex=00;32:*.txt=00;32
:*.aac=00;36:*.au=00;36:*.flac=00;36:*.m4a=00;36:*.mid=00;36:*.midi=00;36:*
.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=00;36:*.oga
=00;36:*.opus=00;36:*.spx=00;36:*.xspf=00;36:*~=00;90:*#=00;90:*.bak=00;90:
*.crdownload=00;90:*.dpkg-dist=00;90:*.dpkg-new=00;90:*.dpkg-old=00;90:*.
dpkg-tmp=00;90:*.old=00;90:*.orig=00;90:*.part=00;90:*.rej=00;90:*.rpmnew=
00;90:*.rpmorig=00;90:*.rpmsave=00;90:*.swp=00;90:*.tmp=00;90:*.ucf-dist=00
;90:*.ucf-new=00;90:*.ucf-old=00;90:"
LUA_SINGLE_TARGET="lua5-1"
LUA_TARGETS="lua5-1"
MAIL="/var/mail/root"
MAKEOPTS="-j12 -l12"
MANPAGER="manpager"
MANPATH="/usr/share/gcc-data/x86_64-pc-linux-gnu/14/man:/usr/share/binutils-data/x86_64-pc-linux-gnu/2.43/man:/usr/local/share/man:/usr/share/man:/usr/lib/llvm/19/share/man:/usr/lib/llvm/18/share/man"
MULTILIB_ABIS="amd64 x86"
MULTILIB_STRICT_DENY="64-bit.*shared object"
MULTILIB_STRICT_DIRS="/lib32 /lib /usr/lib32 /usr/lib /usr/kde/*/lib32 /usr/kde/*/lib /usr/qt/*/lib32 /usr/qt/*/lib /usr/X11R6/lib32 /usr/X11R6/lib"
MULTILIB_STRICT_EXEMPT="(perl5|gcc|binutils|eclipse-3|debug|portage|udev|systemd|clang|python-exec|llvm)"
NATIVE_FLAGS="-march=alderlake -mabm -mno-cldemote -mno-kl -mno-pconfig -mno-sgx -mno-widekl -mshstk --param=l1-cache-line-size=64 --param=l1-cache-size=32 --param=l2-cache-size=12288"
OFFICE_IMPLEMENTATION="libreoffice"
OTHER_FLAGS="-fdiagnostics-color -frecord-gcc-switches -fhardened -Wno-hardened"
PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin"
PAX_MARKINGS="none"
PHP_TARGETS="php8-2"
PKGDIR="/var/cache/binpkgs"
POLICY_TYPES="strict targeted"
PORTAGE_ARCHLIST="alpha amd64 amd64-linux arm arm-linux arm64 arm64-linux arm64-macos hppa loong m68k mips ppc ppc-macos ppc64 ppc64-linux riscv riscv-linux s390 sparc x64-macos x64-solaris x86 x86-linux x86-macos"
PORTAGE_BIN_PATH="/usr/lib/portage/python3.13"
PORTAGE_COMPRESS_EXCLUDE_SUFFIXES="css gif htm[l]? jp[e]?g js pdf png"
PORTAGE_CONFIGROOT="/"
PORTAGE_DEBUG="0"
PORTAGE_DEPCACHEDIR="/var/cache/edb/dep"
PORTAGE_ELOG_CLASSES="log warn error qa"
PORTAGE_ELOG_MAILFROM="portage@localhost"
PORTAGE_ELOG_MAILSUBJECT="[portage] ebuild log for ${PACKAGE} on ${HOST}"
PORTAGE_ELOG_MAILURI="root"
PORTAGE_ELOG_SYSTEM="echo save"
PORTAGE_FETCH_CHECKSUM_TRY_MIRRORS="5"
PORTAGE_FETCH_RESUME_MIN_SIZE="350K"
PORTAGE_FETCH_T="portage_fetch_t"
PORTAGE_GID="250"
PORTAGE_GPG_SIGNING_COMMAND="gpg --sign --digest-algo SHA256 --clearsign --yes --default-key "${PORTAGE_GPG_KEY}" --homedir "${PORTAGE_GPG_DIR}" "${FILE}""
PORTAGE_INST_GID="0"
PORTAGE_INST_UID="0"
PORTAGE_INTERNAL_CALLER="1"
PORTAGE_LOGDIR="/var/log/portage"
PORTAGE_LOGDIR_CLEAN="find "${PORTAGE_LOGDIR}" -type f ! -name "summary.log*" -mtime +7 -delete"
PORTAGE_NICENESS="1"
PORTAGE_OVERRIDE_EPREFIX=""
PORTAGE_PYM_PATH="/usr/lib/python3.13/site-packages"
PORTAGE_PYTHONPATH="/usr/lib/python3.13/site-packages"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_RSYNC_RETRIES="-1"
PORTAGE_SANDBOX_T="portage_sandbox_t"
PORTAGE_SYNC_STALE="30"
PORTAGE_T="portage_t"
PORTAGE_TMPDIR="/var/tmp"
PORTAGE_TRUST_HELPER="/usr/bin/getuto"
PORTAGE_VERBOSE="1"
PORTAGE_WORKDIR_MODE="0700"
PORTAGE_XATTR_EXCLUDE="bcachefs.* bcachefs_effective.* btrfs.* security.evm security.ima security.selinux system.nfs4_acl user.apache_handler user.Beagle.* user.dublincore.* user.mime_encoding user.xdg.*"
POSTGRES_TARGETS="postgres16"
PROFILE_IS_HARDENED="1"
PROFILE_ONLY_VARIABLES="ARCH ELIBC IUSE_IMPLICIT KERNEL USE_EXPAND_IMPLICIT USE_EXPAND_UNPREFIXED USE_EXPAND_VALUES_ARCH USE_EXPAND_VALUES_ELIBC USE_EXPAND_VALUES_KERNEL"
PWD="/"
PYTHONDONTWRITEBYTECODE="1"
PYTHON_SINGLE_TARGET="python3_12"
PYTHON_TARGETS="python3_10 python3_11 python3_12 python3_13 pypy3"
QA_CMP="y"
QA_CMP_ARGS="-xS --no-skip-large"
QA_SED="y"
QA_VDB="y"
QUICKPKG_DEFAULT_OPTS="--include-config y"
RESUMECOMMAND="wget -c -t 3 -T 60 --passive-ftp -O "${DISTDIR}/${FILE}" "${URI}""
RESUMECOMMAND_RSYNC="rsync -LtvP "${URI}" "${DISTDIR}/${FILE}""
RESUMECOMMAND_SSH="bash -c "x=\${2#ssh://} ; host=\${x%%/*} ; port=\${host##*:} ; host=\${host%:*} ; [[ \${host} = \${port} ]] && port= ; exec rsync --rsh=\"ssh \${port:+-p\${port}} \${3}\" -avP \"\${host}:/\${x#*/}\" \"\$1\"" rsync "${DISTDIR}/${FILE}" "${URI}" "${PORTAGE_SSH_OPTS}""
ROOT="/"
ROOTPATH="/usr/local/sbin:/usr/local/bin:/usr/bin:/opt/bin:/usr/lib/llvm/19/bin:/usr/lib/llvm/18/bin"
RPMDIR="/var/cache/rpm"
RUBY_TARGETS="ruby32"
SHELL="/bin/zsh"
SHELL_SETS_TITLE="0"
SHLVL="2"
SUDO_COMMAND="../../test_package.sh moderngl"
SUDO_GID="1000"
SUDO_UID="1000"
SUDO_USER="gasc"
SYMLINK_LIB="no"
SYSROOT="/"
TERM="xterm-kitty"
TWISTED_DISABLE_WRITING_OF_PLUGIN_CACHE="1"
UNINSTALL_IGNORE="/boot/dtbs/* /lib/modules/* /var/run /var/lock /bin /lib /lib32 /lib64 /libx32 /sbin /usr/sbin /usr/lib/modules/*"
USE="acl amd64 audit bzip2 caps cet crypt gdbm hardened iconv ipv6 libtirpc multilib ncurses nls openmp pam pcre pic pie readline seccomp selinux ssl ssp test-rust unicode verify-sig xattr xtpax zlib" ABI_X86="64" ADA_TARGET="gcc_12" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_anon authn_dbm authn_file authz_dbm authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir env expires ext_filter file_cache filter headers include info log_config logio mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx avx2 f16c fma3 mmx mmxext pclmul popcnt rdrand sha sse sse2 sse3 sse4_1 sse4_2 ssse3 vpclmulqdq" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax navcom oceanserver oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 tsip tripmate tnt ublox" GUILE_SINGLE_TARGET="3-0" GUILE_TARGETS="3-0" INPUT_DEVICES="synaptics libinput" KERNEL="linux" LCD_DEVICES="bayrad cfontz glk hd44780 lb216 lcdm001 mtxorb text" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php8-2" POSTGRES_TARGETS="postgres16" PYTHON_SINGLE_TARGET="python3_12" PYTHON_TARGETS="python3_10 python3_11 python3_12 python3_13 pypy3" RUBY_TARGETS="ruby32" VIDEO_CARDS="intel" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipp2p iface geoip fuzzy condition tarpit sysrq proto logmark ipmark dhcpmac delude chaos account"
USER="root"
USERLAND="GNU"
USE_EXPAND="ABI_MIPS ABI_S390 ABI_X86 ADA_TARGET ALSA_CARDS AMDGPU_TARGETS APACHE2_MODULES APACHE2_MPMS CALLIGRA_FEATURES CAMERAS COLLECTD_PLUGINS CPU_FLAGS_ARM CPU_FLAGS_PPC CPU_FLAGS_X86 CURL_QUIC CURL_SSL ELIBC FFTOOLS GPSD_PROTOCOLS GRUB_PLATFORMS GUILE_SINGLE_TARGET GUILE_TARGETS INPUT_DEVICES KERNEL L10N LCD_DEVICES LIBREOFFICE_EXTENSIONS LLVM_SLOT LLVM_TARGETS LUA_SINGLE_TARGET LUA_TARGETS NGINX_MODULES_HTTP NGINX_MODULES_MAIL NGINX_MODULES_STREAM OFFICE_IMPLEMENTATION OPENMPI_FABRICS OPENMPI_OFED_FEATURES OPENMPI_RM PERL_FEATURES PHP_TARGETS POSTGRES_TARGETS PYTHON_SINGLE_TARGET PYTHON_TARGETS QEMU_SOFTMMU_TARGETS QEMU_USER_TARGETS RUBY_TARGETS SANE_BACKENDS UWSGI_PLUGINS VIDEO_CARDS VOICEMAIL_STORAGE XTABLES_ADDONS"
USE_EXPAND_HIDDEN="ABI_MIPS ABI_S390 CPU_FLAGS_ARM CPU_FLAGS_PPC ELIBC KERNEL"
USE_EXPAND_IMPLICIT="ARCH ELIBC KERNEL"
USE_EXPAND_UNPREFIXED="ARCH"
USE_EXPAND_VALUES_ARCH="alpha amd64 amd64-linux arm arm64 arm64-macos hppa loong m68k mips ppc ppc64 ppc64-linux ppc-macos riscv s390 sparc x64-macos x64-solaris x86 x86-linux"
USE_EXPAND_VALUES_ELIBC="bionic Darwin glibc mingw musl SunOS"
USE_EXPAND_VALUES_KERNEL="Darwin linux SunOS"
USE_ORDER="env:pkg:conf:defaults:pkginternal:features:repo:env.d"
VIDEO_CARDS="intel"
WARNING_FLAGS="-Werror=odr -Werror=lto-type-mismatch -Werror=strict-aliasing"
XDG_CURRENT_DESKTOP="Hyprland"
XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipp2p iface geoip fuzzy condition tarpit sysrq proto logmark ipmark dhcpmac delude chaos account"
ac_cv_c_undeclared_builtin_options="none needed"
enable_year2038="no"
gl_cv_compiler_check_decl_option="-Werror=implicit-function-declaration"
gl_cv_func_getcwd_path_max="yes"
|
Cast word-wrap on a long line to make the forum layout behave. —Chiitoo |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 22887
|
Posted: Thu Oct 24, 2024 11:35 am Post subject: |
|
|
I am not familiar with exactly what -gentoo-hardened will do in this context, but as I mentioned, certain much older "hardened" kernels treated chroot as a request for broader lockdowns. Do you still see the denial when not using a hardened kernel, but keeping everything else the same? |
|
Back to top |
|
|
gasc n00b
Joined: 16 Mar 2024 Posts: 6
|
Posted: Thu Oct 24, 2024 1:05 pm Post subject: |
|
|
Hu wrote: | Do you still see the denial when not using a hardened kernel, but keeping everything else the same? |
Yep. I just tested using 6.6.57-gentoo-dist, and I get the same error |
|
Back to top |
|
|
Hu Administrator
Joined: 06 Mar 2007 Posts: 22887
|
Posted: Thu Oct 24, 2024 2:15 pm Post subject: |
|
|
Is Portage running with the video group during the test? As an aside, if you are using virtx, why is the program accessing a DRI device at all? I thought those would be for the real hardware. |
|
Back to top |
|
|
gasc n00b
Joined: 16 Mar 2024 Posts: 6
|
Posted: Thu Oct 24, 2024 3:01 pm Post subject: |
|
|
I have no why it does not work. I run the tests directly in the chroot and it worked perfectly well, despite the errors with emerge |
|
Back to top |
|
|
gasc n00b
Joined: 16 Mar 2024 Posts: 6
|
Posted: Thu Oct 24, 2024 5:17 pm Post subject: |
|
|
It seems to be a problem with libEGL.so, as using eglinfo -B (from x11-apps/mesa-progs) return eglinfo: eglInitialize failed for both Wayland and X11 plateforms. |
|
Back to top |
|
|
|