Re: [gentoo-user] Music player being run from an emerge
On Tue, Jul 9, 2019 at 2:10 PM Andrew Lowe wrote: > > * ACCESS DENIED: open_wr: /dev/snd/controlC0 > * ACCESS DENIED: open_wr: /dev/snd/controlC0 This has nothing to do with permissions, and everything to do with the sandbox. Most emerge phases are sandboxed. This uses LD_PRELOAD to override glibc functions to intercept filesystem access, which is why you're also getting messages related to this (just going from memory so forgive me if I have a minor detail off here). If you want to override the sandbox behavior you need to stick a file in /etc/sandbox.d/ with your changes, such as adding SANDBOX_WRITE="/dev/snd" to your config. In general though portage is configured to lock down filesystem writes even as root so that build systems aren't dropping random files in random places, or wiping out your hard drives. We want the build system to stay in /var/tmp and stick its install files in the image directory, and then portage will catalog them and move them to your filesystem so that it can cleanly uninstall things later. You could also disable sandboxing entirely, but I would strongly recommend NOT doing this. -- Rich
Re: [gentoo-user] Music player being run from an emerge
Hello, On Wed, 10 Jul 2019, Andrew Lowe wrote: > If I log in as my usual user, alsaplayer will run the song. If I then > "su" >into root, I'm in wheel, alsaplayer will play the song. The problem is that >when the emerge runs, then fails, alsaplayer can't appear to fire up. When an >emerge fails, I get the usual error listings then the following: > > * ACCESS DENIED: open_wr: /dev/snd/controlC0 > * ACCESS DENIED: open_wr: /dev/snd/controlC0 >ALSA lib >/var/tmp/portage/media-libs/alsa-lib-1.1.9/work/alsa-lib-1.1.9/src/confmisc.c:674:(snd_determine_driver) >could not open control for card 0 >ALSA lib >/var/tmp/portage/media-libs/alsa-lib-1.1.9/work/alsa-lib-1.1.9/src/conf.c:3572:(snd_config_hooks_call) >function snd_config_hook_load_for_all_cards returned error: Permission denied You'd probably need to add portage to the "audio" group ... HTH, -dnh -- Sorry, I don't know how to help in this situation. Maybe you should try asking a human? -- a TeX message
Re: [gentoo-user] Music player being run from an emerge
On Tuesday, 9 July 2019 19:10:52 BST Andrew Lowe wrote: > Hi all, > This all happens on an up to date openrc machine with the profile > default/linux/amd64/17.0/desktop/plasma > > I've added a few hooks to the emerge process via the bashrc that is in > /etc/portage. One of the things I do upon emerge failure is kill vlc, > which would have been playing a random song, and then attempt to start > alsaplayer[1] with a specific song. This means that I can be pottering > around the house/shed and if the "failure song" starts playing, I know > something is up. The problem is getting the failure song to play. > > If I log in as my usual user, alsaplayer will run the song. If I then > "su" into root, I'm in wheel, alsaplayer will play the song. The problem > is that when the emerge runs, then fails, alsaplayer can't appear to > fire up. Is this because the emerge runs as portage:portage and it does not have access rights to alsaplayer? > When an emerge fails, I get the usual error listings then the > following: > > * ACCESS DENIED: open_wr: /dev/snd/controlC0 > * ACCESS DENIED: open_wr: /dev/snd/controlC0 > ALSA lib > /var/tmp/portage/media-libs/alsa-lib-1.1.9/work/alsa-lib-1.1.9/src/confmisc. > c:674:(snd_determine_driver) could not open control for card 0 > ALSA lib > /var/tmp/portage/media-libs/alsa-lib-1.1.9/work/alsa-lib-1.1.9/src/conf.c:35 > 72:(snd_config_hooks_call) function snd_config_hook_load_for_all_cards > returned error: Permission denied Unless the above output was from emerging alsa-lib, your hooks should not be looking in /var/tmp/portage/, but I may not have understood what your mechanism is for launching alsa correctly. Also the above could be a sandboxing limitation? > Amongst this stuff is a line: > > LOG FILE: "/var/log/sandbox/sandbox-20431.log" > > which I think confirms my suspicions that something is wrong with my > sandbox as I also get this error when the email fails and just before > the failure hook, running alsaplayer, is run: > > ERROR: ld.so: object 'libsandbox.so' from LD_PRELOAD cannot be preloaded > (cannot open shared object file): ignored. > > Are there any emerge/sandbox gurus out there who might have an idea as > to what's going on? Any thoughts are greatly apreciated, > > Andrew > > > [1] vlc won't play as root hence I tried alsaplayer I'm not versed in the the details of emerge - I just use it with my limited knowledge as a package manager. Nevertheles, here's some ideas others more knowledgeable could contributed to and correct as necessary: Your emerge hooks should 'sudo su - whatever_user' has access to cvlc and run that, instead of vlc, or even alsaplayer. If the emerge process is sandboxed, then the user access rights would be limited, therefore you'll need to expand these with sudo. Use full paths for executables in your hook commands and add some traps to see the step at which they fail. Running a script with conditionals may be a better way to run emerge and catch a failure code, which will then trigger cvlc. I would be reluctant to extend privileges to processes which were designed to do one thing (e.g. emerge) in order to do something else, e.g. read areas of the filesystem they're not meant to meddle in. Choose to use the lowest level of access rights necessary to perform what you're after and no higher. I hope the above leads you closer to what you want to achieve. -- Regards, Mick signature.asc Description: This is a digitally signed message part.
[gentoo-user] Music player being run from an emerge
Hi all, This all happens on an up to date openrc machine with the profile default/linux/amd64/17.0/desktop/plasma I've added a few hooks to the emerge process via the bashrc that is in /etc/portage. One of the things I do upon emerge failure is kill vlc, which would have been playing a random song, and then attempt to start alsaplayer[1] with a specific song. This means that I can be pottering around the house/shed and if the "failure song" starts playing, I know something is up. The problem is getting the failure song to play. If I log in as my usual user, alsaplayer will run the song. If I then "su" into root, I'm in wheel, alsaplayer will play the song. The problem is that when the emerge runs, then fails, alsaplayer can't appear to fire up. When an emerge fails, I get the usual error listings then the following: * ACCESS DENIED: open_wr: /dev/snd/controlC0 * ACCESS DENIED: open_wr: /dev/snd/controlC0 ALSA lib /var/tmp/portage/media-libs/alsa-lib-1.1.9/work/alsa-lib-1.1.9/src/confmisc.c:674:(snd_determine_driver) could not open control for card 0 ALSA lib /var/tmp/portage/media-libs/alsa-lib-1.1.9/work/alsa-lib-1.1.9/src/conf.c:3572:(snd_config_hooks_call) function snd_config_hook_load_for_all_cards returned error: Permission denied ... .. . Amongst this stuff is a line: LOG FILE: "/var/log/sandbox/sandbox-20431.log" which I think confirms my suspicions that something is wrong with my sandbox as I also get this error when the email fails and just before the failure hook, running alsaplayer, is run: ERROR: ld.so: object 'libsandbox.so' from LD_PRELOAD cannot be preloaded (cannot open shared object file): ignored. Are there any emerge/sandbox gurus out there who might have an idea as to what's going on? Any thoughts are greatly apreciated, Andrew [1] vlc won't play as root hence I tried alsaplayer
