Opened 5 years ago

Closed 4 years ago

Last modified 4 years ago

#47592 closed defect (fixed)

rev-upgrade should use prefix_unwritable check

Reported by: mp@… Owned by: neverpanic (Clemens Lang)
Priority: Normal Milestone: MacPorts 2.4.0
Component: base Version: 2.3.99
Keywords: Cc: MarcusCalhoun-Lopez (Marcus Calhoun-Lopez)
Port:

Description

Running sudo port rev-upgrade gives these warnings:

--->  Scanning binaries for linking errors
Warning: Error parsing file /opt/local/libexec/dbus-daemon-launch-helper: Error opening or reading file
Warning: Error parsing file /opt/local/libexec/ssh-keysign: Error opening or reading file
Warning: Error parsing file /opt/local/bin/cdda2wav: Error opening or reading file
Warning: Error parsing file /opt/local/bin/cdrecord: Error opening or reading file
Warning: Error parsing file /opt/local/bin/readcd: Error opening or reading file
Warning: Error parsing file /opt/local/sbin/rscsi: Error opening or reading file

The files:

-rwxr-x---  1 root  messagebus  582372 Mar 28 17:17 /opt/local/libexec/dbus-daemon-launch-helper
-rws--x--x  1 root  admin       824984 Apr  7 11:07 /opt/local/libexec/ssh-keysign
-rws--x--x  1 root  admin       322776 Apr 24 11:30 /opt/local/bin/cdda2wav
-rws--x--x  1 root  admin       460536 Apr 24 11:30 /opt/local/bin/cdrecord
-rws--x--x  1 root  admin       280540 Apr 24 11:30 /opt/local/bin/readcd
-rws--x--x  1 root  admin        93520 Apr 24 11:30 /opt/local/sbin/rscsi

Not sure how long this has been going on – guessing somewhere between a fortnight and a month, but might be even older…

Attachments (1)

elevate-rev-upgrade-macports.tcl.diff (551 bytes) - added by mp@… 5 years ago.
elevate privileges for rev-upgrade

Download all attachments as: .zip

Change History (12)

comment:1 in reply to:  description Changed 5 years ago by ryandesign (Ryan Schmidt)

Cc: mcalhoun@… added

Replying to mp@…:

Running sudo port rev-upgrade gives these warnings:

--->  Scanning binaries for linking errors
Warning: Error parsing file /opt/local/libexec/dbus-daemon-launch-helper: Error opening or reading file
Warning: Error parsing file /opt/local/libexec/ssh-keysign: Error opening or reading file
Warning: Error parsing file /opt/local/bin/cdda2wav: Error opening or reading file
Warning: Error parsing file /opt/local/bin/cdrecord: Error opening or reading file
Warning: Error parsing file /opt/local/bin/readcd: Error opening or reading file
Warning: Error parsing file /opt/local/sbin/rscsi: Error opening or reading file

The files:

-rwxr-x---  1 root  messagebus  582372 Mar 28 17:17 /opt/local/libexec/dbus-daemon-launch-helper
-rws--x--x  1 root  admin       824984 Apr  7 11:07 /opt/local/libexec/ssh-keysign
-rws--x--x  1 root  admin       322776 Apr 24 11:30 /opt/local/bin/cdda2wav
-rws--x--x  1 root  admin       460536 Apr 24 11:30 /opt/local/bin/cdrecord
-rws--x--x  1 root  admin       280540 Apr 24 11:30 /opt/local/bin/readcd
-rws--x--x  1 root  admin        93520 Apr 24 11:30 /opt/local/sbin/rscsi

Not sure how long this has been going on – guessing somewhere between a fortnight and a month, but might be even older…

I imagine it has been going on as long as you've installed the ports that provide those unreadable files:

$ port provides /opt/local/libexec/dbus-daemon-launch-helper /opt/local/libexec/ssh-keysign /opt/local/bin/cdda2wav /opt/local/bin/cdrecord /opt/local/bin/readcd /opt/local/sbin/rscsi
/opt/local/libexec/dbus-daemon-launch-helper is provided by: dbus
/opt/local/libexec/ssh-keysign is provided by: openssh
/opt/local/bin/cdda2wav is provided by: cdrtools
/opt/local/bin/cdrecord is provided by: cdrtools
/opt/local/bin/readcd is provided by: cdrtools
/opt/local/sbin/rscsi is provided by: cdrtools

For each file, it can either be considered a bug that they are not world readable, or else possibly it is intentional. You would have to ask the developers of those programs. Cc'ing Marcus who maintains dbus.

If there is a base bug here at all, it is that "sudo port rev-upgrade", though invoked as root, drops privileges and therefore cannot read files that are not world-readable.

Changed 5 years ago by mp@…

elevate privileges for rev-upgrade

comment:2 Changed 5 years ago by mp@…

Replying to ryandesign@…:

For each file, it can either be considered a bug that they are not world readable, or else possibly it is intentional. You would have to ask the developers of those programs. Cc'ing Marcus who maintains dbus.

Can see no reason why MacPorts should complain if a port chooses to install files that are not world readable.

If there is a base bug here at all, it is that "sudo port rev-upgrade", though invoked as root, drops privileges and therefore cannot read files that are not world-readable.

Exactly.

Since macports::revupgrade_scanandrebuild is called after the privileges have been dropped (and then elevated for some actions),

    if {[getuid] == 0 && [geteuid] != 0} {
        seteuid 0; setegid 0
    }

at the beginning of macports::revupgrade_scanandrebuild solves it. Maybe the privileges should be dropped again at the end… So that it works even for sudo port upgrade outdated and such.

Last edited 5 years ago by mp@… (previous) (diff)

comment:3 in reply to:  2 ; Changed 5 years ago by larryv (Lawrence Velázquez)

Cc: cal@… added

Replying to mp@…:

Replying to ryandesign@…:

If there is a base bug here at all, it is that "sudo port rev-upgrade", though invoked as root, drops privileges and therefore cannot read files that are not world-readable.

Exactly.

Perhaps there’s a reason rev-upgrade runs without privileges?

comment:4 in reply to:  3 Changed 5 years ago by neverpanic (Clemens Lang)

Replying to larryv@…:

Perhaps there’s a reason rev-upgrade runs without privileges?

No, not any I am aware of, and I should know of all people, I guess.

comment:5 Changed 5 years ago by mp@…

This seems to have been fixed, so that when correctly invoked with

sudo port rev-upgrade

there are no complaints:

$ sudo port rev-upgrade
--->  Scanning binaries for linking errors
--->  No broken files found.                             

However, on a little side note, if one "accidentally" does only

port rev-upgrade

it naturally fails, but in a somewhat unfriendly way:

$ port rev-upgrade
--->  Scanning binaries for linking errors
Warning: Error parsing file /opt/local/libexec/dbus-daemon-launch-helper: Error opening or reading file
Warning: Error parsing file /opt/local/bin/cdda2wav: Error opening or reading file
Warning: Error parsing file /opt/local/bin/cdrecord: Error opening or reading file
Warning: Error parsing file /opt/local/bin/readcd: Error opening or reading file
Warning: Error parsing file /opt/local/sbin/rscsi: Error opening or reading file
Warning: Error parsing file /opt/local/lib/libADM6avcodec.56.dylib: Error opening or reading file
Warning: Error parsing file /opt/local/lib/libADM6avformat.56.dylib: Error opening or reading file
Warning: Error parsing file /opt/local/lib/libADM6avutil.54.dylib: Error opening or reading file
Warning: Error parsing file /opt/local/lib/libADM6postproc.53.dylib: Error opening or reading file
Warning: Error parsing file /opt/local/lib/libADM6swscale.3.dylib: Error opening or reading file
Warning: Error parsing file /opt/local/libexec/ssh-keysign: Error opening or reading file
--->  Found 101 broken file(s), matching files to ports
--->  Found 1 broken port(s), determining rebuild order
--->  Rebuilding in order
     avidemux @2.6.10 +aac+gettext+lame+sqlite+twolame+x264
Warning: MacPorts running without privileges. You may be unable to complete certain actions (e.g. install).
--->  Computing dependencies for avidemux
--->  Cleaning avidemux
Warning: Only cleaning in ~/.macports; insufficient privileges for standard locations
--->  Scanning binaries for linking errors
Warning: Error parsing file /opt/local/libexec/dbus-daemon-launch-helper: Error opening or reading file
Warning: Error parsing file /opt/local/bin/cdda2wav: Error opening or reading file
Warning: Error parsing file /opt/local/bin/cdrecord: Error opening or reading file
Warning: Error parsing file /opt/local/bin/readcd: Error opening or reading file
Warning: Error parsing file /opt/local/sbin/rscsi: Error opening or reading file
Warning: Error parsing file /opt/local/lib/libADM6avcodec.56.dylib: Error opening or reading file
Warning: Error parsing file /opt/local/lib/libADM6avformat.56.dylib: Error opening or reading file
Warning: Error parsing file /opt/local/lib/libADM6avutil.54.dylib: Error opening or reading file
Warning: Error parsing file /opt/local/lib/libADM6postproc.53.dylib: Error opening or reading file
Warning: Error parsing file /opt/local/lib/libADM6swscale.3.dylib: Error opening or reading file
Warning: Error parsing file /opt/local/libexec/ssh-keysign: Error opening or reading file
--->  Found 101 broken file(s), matching files to ports
--->  Found 1 broken port(s), determining rebuild order
--->  Rebuilding in order
     avidemux @2.6.10 +aac+gettext+lame+sqlite+twolame+x264
--->  Computing dependencies for avidemux
--->  Fetching distfiles for avidemux
--->  Attempting to fetch avidemux_2.6.10.tar.gz from http://osl.no.distfiles.macports.org/avidemux
--->  Verifying checksums for avidemux
--->  Extracting avidemux
--->  Applying patches to avidemux
--->  Configuring avidemux
--->  Building avidemux
--->  Staging avidemux into destroot
Error: org.macports.uninstall for port avidemux returned: MacPorts requires root privileges for this action
Warning: Failed to execute portfile from registry for avidemux @2.6.10_0+aac+gettext+lame+sqlite+twolame+x264
Error: org.macports.deactivate for port avidemux returned: MacPorts requires root privileges for this action
Warning: Failed to execute portfile from registry for avidemux @2.6.10_0+aac+gettext+lame+sqlite+twolame+x264
--->  Deactivating avidemux @2.6.10_0+aac+gettext+lame+sqlite+twolame+x264
Error: Uninstall avidemux 2.6.10_0+aac+gettext+lame+sqlite+twolame+x264 failed: sqlite error: attempt to write a readonly database (8)
Error rebuilding avidemux
    while executing
"error "Error rebuilding $portname""
    (procedure "revupgrade_scanandrebuild" line 395)
    invoked from within
"revupgrade_scanandrebuild broken_port_counts $opts"
    (procedure "macports::revupgrade" line 5)
    invoked from within
"macports::revupgrade $opts"
    (procedure "action_revupgrade" line 2)
    invoked from within
"$action_proc $action $portlist [array get global_options]"
    (procedure "process_cmd" line 103)
    invoked from within
"process_cmd $remaining_args"
    invoked from within
"if { [llength $remaining_args] > 0 } {

    # If there are remaining arguments, process those as a command
    set exit_status [process_cmd $remaining..."
    (file "/opt/local/bin/port" line 5268)

Would be really nice if it could end with

Error: org.macports.uninstall for port avidemux returned: MacPorts requires root privileges for this action

or maybe even better if it could stop with an informative error message before trying to rebuild in this particular case, or even before the actual scan.

Just an idea…

comment:6 Changed 5 years ago by neverpanic (Clemens Lang)

Cc: cal@… removed
Owner: changed from macports-tickets@… to cal@…
Status: newassigned

I agree.

comment:7 Changed 4 years ago by raimue (Rainer Müller)

Summary: File permissions causing warningsrev-upgrade should always require root privileges

comment:8 Changed 4 years ago by jmroot (Joshua Root)

Summary: rev-upgrade should always require root privilegesrev-upgrade should use prefix_unwritable check

Changing summary since MacPorts can be installed in a non-root-owned prefix, and in that case it can be run without root privileges and rev-upgrade should still work.

comment:9 Changed 4 years ago by jmroot (Joshua Root)

Resolution: fixed
Status: assignedclosed

In d4f4904/macports-base:

Avoid rev-upgrade permissions errors

Check that the prefix is writable when running rev-upgrade in rebuild
mode, and fail early with a good message if not.

Fixes: #47592

comment:10 Changed 4 years ago by jmroot (Joshua Root)

Milestone: MacPorts 2.4.0

comment:11 Changed 4 years ago by jmroot (Joshua Root)

Priority: Not setNormal
Note: See TracTickets for help on using tickets.