#19131 closed defect (fixed)
ruby fails to build with MacPorts trunk (1.8.0) on 10.4
| Reported by: | dbevans (David B. Evans) | Owned by: | kimuraw (kimura wataru) |
|---|---|---|---|
| Priority: | Normal | Milestone: | MacPorts 1.8.0 |
| Component: | base | Version: | 1.8.0 |
| Keywords: | ruby | Cc: | febeling@… |
| Port: |
Description
10.4.11 ppc XCode 2.5
DEBUG: Executing org.macports.build (ruby) DEBUG: Environment: MACOSX_DEPLOYMENT_TARGET='10.4' DEBUG: Assembled command: 'cd "/opt/local/var/macports/build/_opt_macports_trunk_dports_lang_ruby/work/ruby-1.8.7-p72" && make all' ... ar rcu libruby-static.a array.o bignum.o class.o compar.o dir.o dln.o enum.o enumerator.o error.o eval.o file.o gc.o hash.o inits.o io.o marshal.o math.o numeric.o object.o pack.o parse.o process.o prec.o random.o range.o re.o regex.o ruby.o signal.o sprintf.o st.o string.o struct.o time.o util.o variable.o version.o alloca.o dmyext.o /usr/bin/gcc-4.0 -O2 -fno-common -pipe -fno-common -DRUBY_EXPORT -I. -I. -I/opt/local/include -D_XOPEN_SOURCE -D_DARWIN_C_SOURCE -c main.c /usr/bin/gcc-4.0 -O2 -fno-common -pipe -fno-common -DRUBY_EXPORT -I. -I. -I/opt/local/include -D_XOPEN_SOURCE -D_DARWIN_C_SOURCE -c dmydln.c /usr/bin/gcc-4.0 -O2 -fno-common -pipe -fno-common -DRUBY_EXPORT -L. -L/opt/local/lib main.o dmydln.o libruby-static.a -lpthread -ldl -lobjc -o miniruby ./miniruby: no -I allowed while running setgid (SecurityError) make: *** [.rbconfig.time] Error 1
Change History (9)
comment:1 Changed 16 years ago by kimuraw (kimura wataru)
| Status: | new → assigned |
|---|
comment:2 Changed 16 years ago by dbevans (David B. Evans)
| Summary: | ruby: build fails upgrading from 1.8.7-p72_2 -> 1.8.7-p72_3 → ruby: build fails upgrading from 1.8.7-p72_2 -> 1.8.7-p72_3 when using MacPorts trunk (1.8.0) |
|---|
I thought that perhaps there was some issue with group ids on my system and have been looking at that but that hasn't panned out.
Note that I am using the trunk version of MacPorts
% port version Version: 1.8.0 % uname -r 8.11.0
the debug output says
DEBUG: changing euid/egid - current euid: 0 - current egid: -1 DEBUG: egid changed to: -1 DEBUG: euid changed to: 0 ---> Building ruby DEBUG: Executing org.macports.build (ruby) DEBUG: Environment: MACOSX_DEPLOYMENT_TARGET='10.4' DEBUG: Assembled command: 'cd "/opt/local/var/macports/build/_opt_macports_trunk_dports_lang_ruby/work/ruby-1.8.7-p72" && make all' /usr/bin/gcc-4.0 -O2 -fno-common -pipe -fno-common -DRUBY_EXPORT -I. -I. -I/opt/local/include -D_XOPEN_SOURCE -D_DARWIN_C_SOURCE -c array.c /usr/bin/gcc-4.0 -O2 -fno-common -pipe -fno-common -DRUBY_EXPORT -I. -I. -I/opt/local/include -D_XOPEN_SOURCE -D_DARWIN_C_SOURCE -c bignum.c ... /usr/bin/gcc-4.0 -O2 -fno-common -pipe -fno-common -DRUBY_EXPORT -I. -I. -I/opt/local/include -D_XOPEN_SOURCE -D_DARWIN_C_SOURCE -c main.c /usr/bin/gcc-4.0 -O2 -fno-common -pipe -fno-common -DRUBY_EXPORT -I. -I. -I/opt/local/include -D_XOPEN_SOURCE -D_DARWIN_C_SOURCE -c dmydln.c /usr/bin/gcc-4.0 -O2 -fno-common -pipe -fno-common -DRUBY_EXPORT -L. -L/opt/local/lib main.o dmydln.o libruby-static.a -lpthread -ldl -lobjc -o miniruby ./miniruby: no -I allowed while running setgid (SecurityError) make: *** [.rbconfig.time] Error 1
so it looks like MacPorts 1.8.0 IS running setgid and miniruby thinks that is a security error.
Reverting to MacPorts 1.710, there is no setgid activity in MacPorts and the build completes without error.
Changing summary to reflect these findings.
comment:3 Changed 16 years ago by kimuraw (kimura wataru)
That error means ruby(miniruby) do not allow "-I" option under egid != gid.
see ruby.c
static void
forbid_setid(s)
const char *s;
{
if (euid != uid)
rb_raise(rb_eSecurityError, "no %s allowed while running setuid", s);
if (egid != gid)
rb_raise(rb_eSecurityError, "no %s allowed while running setgid", s);
if (rb_safe_level() > 0)
rb_raise(rb_eSecurityError, "no %s allowed in tainted mode", s);
}
macports trunk has dropPrivileges and elevateToRoot mechanism. I think this tiket maybe for macports base componet, not ruby ports...
comment:4 Changed 16 years ago by kimuraw (kimura wataru)
I reproduced this problem on ppc 10.4.11 and macports trunk r49611.
but I cannot the problem on ppc 10.5.3 and i386 10.5.6.
I posted macports-dev about the detail of this problem.
http://lists.macosforge.org/pipermail/macports-dev/2009-April/008261.html
comment:7 Changed 16 years ago by dbevans (David B. Evans)
| Component: | ports → base |
|---|---|
| Keywords: | ruby added |
| Milestone: | → MacPorts 1.8.0 |
| Port: | ruby removed |
| Summary: | ruby: build fails upgrading from 1.8.7-p72_2 -> 1.8.7-p72_3 when using MacPorts trunk (1.8.0) → when using MacPorts trunk (1.8.0) ruby fails to build upgrading from 1.8.7-p72_2 -> 1.8.7-p72_3 |
Modified summary and component to reflect that this is really a trunk base issue
comment:8 Changed 15 years ago by pguyot (Paul Guyot)
| Summary: | when using MacPorts trunk (1.8.0) ruby fails to build upgrading from 1.8.7-p72_2 -> 1.8.7-p72_3 → ruby fails to build with MacPorts trunk (1.8.0) on 10.4 |
|---|
The problem is not related to upgrading ruby (as it also occurs when installing lang/ruby or lang/ruby186). However, it is related to 10.4 and trunk.
comment:9 Changed 15 years ago by pguyot (Paul Guyot)
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
The culprit is a call to getgrnam(2) with $macportsuser as the parameter (which typically is "root"). This function takes a group name, not a user name. Under 10.5, however, there is a group called "root", and therefore it works. A fix was committed in r51522.
I cannot reproduce this problem on my Mac (10.4.11 ppc + Xcode 2.5).
Please try "port clean ruby" && "port build ruby".
I tested:
% port version Version: 1.710 % uname -r 8.11.0 % port info ruby ruby @1.8.7-p72, Revision 3 (lang, ruby) :