| View previous topic :: View next topic |
| Author |
Message |
Princess Nell
l33t
Joined: 15 Apr 2005
Posts: 916
|
 Posted: Wed Jul 07, 2021 6:44 pm Post subject: Why again do I need this? |
 |
|
| Code: |
emerge --sync
...
emerge --upDN world
...
[ebuild N ] sys-apps/systemd-tmpfiles-246 USE="(-selinux) -test"
...
|
make.conf has the "-systemd" use flag set. That is a pretty clear signal of intent Why does a portage update force this ebuild onto my system?
Masking this specific package breaks emerge in unexpected ways.
| Code: |
emerge -upDN world
These are the packages that would be merged, in order:
Calculating dependencies... done!
The following USE changes are necessary to proceed:
(see "package.use" in the portage(5) man page for more details)
# required by sys-apps/systemd-248.3-r1::gentoo
# required by virtual/tmpfiles-0-r1::gentoo
# required by app-admin/logrotate-3.18.0::gentoo
# required by @selected
# required by @world (argument)
>=sys-apps/dbus-1.12.20-r1 systemd
!!! The ebuild selected to satisfy ">=sys-apps/dbus-1.9.8[systemd]" has unmet requirements.
- sys-apps/dbus-1.12.20-r1::gentoo USE="X elogind -debug -doc (-selinux) -static-libs -systemd -test -user-session" ABI_X86="(64) -32 (-x32)"
The following REQUIRED_USE flag constraints are unsatisfied:
at-most-one-of ( elogind systemd )
(dependency required by "sys-apps/systemd-248.3-r1::gentoo" [ebuild])
(dependency required by "virtual/tmpfiles-0-r1::gentoo" [installed])
(dependency required by "app-admin/logrotate-3.18.0::gentoo" [installed])
(dependency required by "@selected" [set])
(dependency required by "@world" [argument])
|
I don't get it. The way I look at it, "at-most-one-of ( elogind systemd )" is satisfied, as the lines just above it show.
| Code: |
emerge --info
Portage 3.0.20 (python 3.9.5-final-0, default/linux/amd64/17.1/desktop, gcc-10.3.0, glibc-2.33, 5.10.27-gentoo x86_64)
=================================================================
System uname: Linux-5.10.27-gentoo-x86_64-Intel-R-_Core-TM-_i7-6600U_CPU_@_2.60GHz-with-glibc2.33
KiB Mem: 16257416 total, 4367084 free
KiB Swap: 18874364 total, 18874200 free
Timestamp of repository gentoo: Wed, 07 Jul 2021 18:00:01 +0000
Head commit of repository gentoo: fbe4c9d5c5dcfb678b256741f158e02aa785ba2c
Head commit of repository palemoon: cf24c832f3d59c42e7dfc68fd65b282e410da80e
sh bash 5.1_p8
ld GNU ld (Gentoo 2.35.2 p1) 2.35.2
app-shells/bash: 5.1_p8::gentoo
dev-java/java-config: 2.3.1::gentoo
dev-lang/perl: 5.32.1::gentoo
dev-lang/python: 2.7.18_p10::gentoo, 3.8.10_p2::gentoo, 3.9.5_p2::gentoo
dev-lang/rust-bin: 1.52.1::gentoo
dev-util/cmake: 3.18.5::gentoo
sys-apps/baselayout: 2.7::gentoo
sys-apps/openrc: 0.42.1-r1::gentoo
sys-apps/sandbox: 2.24::gentoo
sys-devel/autoconf: 2.13-r1::gentoo, 2.69-r5::gentoo
sys-devel/automake: 1.16.3-r1::gentoo
sys-devel/binutils: 2.35.2::gentoo
sys-devel/gcc: 9.3.0-r2::gentoo, 10.3.0::gentoo
sys-devel/gcc-config: 2.4::gentoo
sys-devel/libtool: 2.4.6-r6::gentoo
sys-devel/make: 4.3::gentoo
sys-kernel/linux-headers: 5.10::gentoo (virtual/os-headers)
sys-libs/glibc: 2.33::gentoo
Repositories:
gentoo
location: /var/db/repos/gentoo
sync-type: rsync
sync-uri: rsync://rsync.gentoo.org/gentoo-portage
priority: -1000
sync-rsync-verify-max-age: 24
sync-rsync-verify-metamanifest: yes
sync-rsync-extra-opts:
sync-rsync-verify-jobs: 1
local_overlay
location: /usr/local/portage
masters: gentoo
priority: 0
palemoon
location: /var/lib/layman/palemoon
sync-type: git
sync-uri: https://github.com/deu/palemoon-overlay.git
masters: gentoo
priority: 50
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="@FREE"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-O2 -march=native -fomit-frame-pointer -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/lib64/libreoffice/program/sofficerc /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/dconf /etc/env.d /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo /etc/texmf/language.dat.d /etc/texmf/language.def.d /etc/texmf/updmap.d /etc/texmf/web2c"
CXXFLAGS="-O2 -march=native -fomit-frame-pointer -pipe"
DISTDIR="/var/cache/distfiles"
ENV_UNSET="CARGO_HOME DBUS_SESSION_BUS_ADDRESS DISPLAY GOBIN GOPATH PERL5LIB PERL5OPT PERLPREFIX PERL_CORE PERL_MB_OPT PERL_MM_OPT XAUTHORITY XDG_CACHE_HOME XDG_CONFIG_HOME XDG_DATA_HOME XDG_RUNTIME_DIR"
FCFLAGS="-O2 -march=native -fomit-frame-pointer -pipe"
FEATURES="assume-digests binpkg-docompress binpkg-dostrip binpkg-logs config-protect-if-modified distlocks downgrade-backup ebuild-locks fixlafiles ipc-sandbox merge-sync multilib-strict network-sandbox news parallel-fetch pid-sandbox protect-owned qa-unresolved-soname-deps sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch userpriv usersandbox usersync xattr"
FFLAGS="-O2 -march=native -fomit-frame-pointer -pipe"
GENTOO_MIRRORS="http://distfiles.gentoo.org"
LANG="en_IE.utf8"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="en"
MAKEOPTS="-j4"
PKGDIR="/var/cache/binpkgs"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --omit-dir-times --compress --force --whole-file --delete --stats --human-readable --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --exclude=/.git"
PORTAGE_TMPDIR="/var/tmp"
USE="X a52 aac acl acpi alsa amd64 bluetooth branding bzip2 cairo cdda cdr cleartype cli corefonts crypt curl dbus dri dts dvd dvdr elogind emboss encode exif expat ffmpeg flac gd gdbm gif gnome-keyring gphoto2 gpm gstreamer gtk gui iconv icu ieee1394 imagemagick imlib initramfs jack java javascript jpeg lame lcms libglvnd libnotify libtirpc lm_sensors lock mad mmap mng mp3 mp4 mpeg multilib ncurses netwprkmanager nls nptl ogg opengl openmp pam pango pcre pdf png policykit ppds readline sdl seccomp spell split-usr ssl startup-notification svg tcpd theora tiff truetype udev udisks unicode upower usb v4l vorbis x264 xattr xcb xinerama xml xv xvid zlib" ABI_X86="64" ADA_TARGET="gnat_2018" ALSA_CARDS="ali5451 als4000 atiixp atiixp-modem bt87x ca0106 cmipci emu10k1x ens1370 ens1371 es1938 es1968 fm801 hda-intel intel8x0 intel8x0m maestro3 trident usb-audio via82xx via82xx-modem ymfpci" APACHE2_MODULES="authn_core authz_core socache_shmcb unixd actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="karbon sheets words" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" CPU_FLAGS_X86="aes avx avx2 f16c fma3 mmx mmxext pclmul popcnt rdrand sse sse2 sse3 sse4_1 sse4_2 ssse3" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock greis isync itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf skytraq superstar2 timing tsip tripmate tnt ublox ubx" GRUB_PLATFORMS="efi-64" INPUT_DEVICES="libinput" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LIBREOFFICE_EXTENSIONS="presenter-console presenter-minimizer" LUA_SINGLE_TARGET="lua5-1" LUA_TARGETS="lua5-1" OFFICE_IMPLEMENTATION="libreoffice" PHP_TARGETS="php7-3 php7-4" POSTGRES_TARGETS="postgres10 postgres11" PYTHON_SINGLE_TARGET="python3_9" PYTHON_TARGETS="python3_9" RUBY_TARGETS="ruby26" USERLAND="GNU" VIDEO_CARDS="intel i965 iris modesetting" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq proto steal rawnat logmark ipmark dhcpmac delude chaos account"
Unset: CC, CPPFLAGS, CTARGET, CXX, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LC_ALL, PORTAGE_BINHOST, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, RUSTFLAGS
|
|
|
| Back to top |
|
 |
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 30909
Location: here
|
| Posted: Wed Jul 07, 2021 6:58 pm Post subject: |
|
|
It's the alternative to sys-apps/opentmpfiles that has been masked for security bug
_________________
Questions are guaranteed in life; Answers aren't. |
|
| Back to top |
|
|
Zucca
Moderator
Joined: 14 Jun 2007
Posts: 3343
Location: Rasi, Finland
|
| Posted: Wed Jul 07, 2021 7:12 pm Post subject: |
|
|
systemd-tmpfiles is a temporary replacement for now.
It does not require systemd. In fact it's one of the few systemd-* packages that can function without systemd.
_________________
..: Zucca :..
Gentoo IRC channels reside on Libera.Chat.
--
| Quote: | | I am NaN! I am a man! |
|
|
| Back to top |
|
|
freke
l33t
Joined: 23 Jan 2003
Posts: 977
Location: Somewhere in Denmark
|
| Posted: Wed Jul 07, 2021 10:45 pm Post subject: |
|
|
sys-apps/opentmpfiles-0.2 should be able to satisfy the need for virtual/tmpfiles-0-r1 ?
It does on my systems. |
|
| Back to top |
|
|
Princess Nell
l33t
Joined: 15 Apr 2005
Posts: 916
|
| Posted: Wed Jul 07, 2021 10:50 pm Post subject: |
|
|
| Orlitzky's comments don't leave much space for the "temporary" bit ... |
|
| Back to top |
|
|
figueroa
Advocate
Joined: 14 Aug 2005
Posts: 2964
Location: Edge of marsh USA
|
| Posted: Thu Jul 08, 2021 4:04 am Post subject: |
|
|
This would have been GREAT subject for news item.
_________________
Andy Figueroa
hp pavilion hpe h8-1260t/2AB5; spinning rust x3
i7-2600 @ 3.40GHz; 16 gb; Radeon HD 7570
amd64/23.0/split-usr/desktop (stable), OpenRC, -systemd -pulseaudio -uefi |
|
| Back to top |
|
|
dmpogo
Advocate
Joined: 02 Sep 2004
Posts: 3267
Location: Canada
|
| Posted: Thu Jul 08, 2021 4:35 am Post subject: |
|
|
| fedeliallalinea wrote: | | It's the alternative to sys-apps/opentmpfiles that has been masked for security bug |
That bug is discussed like 10 months ago, what happened now ? |
|
| Back to top |
|
|
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 30909
Location: here
|
| Posted: Thu Jul 08, 2021 5:51 am Post subject: |
|
|
| dmpogo wrote: | | That bug is discussed like 10 months ago, what happened now ? |
See https://github.com/OpenRC/opentmpfiles/issues/4
_________________
Questions are guaranteed in life; Answers aren't. |
|
| Back to top |
|
|
snIP3r
l33t
Joined: 21 May 2004
Posts: 853
Location: germany
|
| Posted: Thu Jul 08, 2021 5:52 am Post subject: |
|
|
| dmpogo wrote: | | fedeliallalinea wrote: | | It's the alternative to sys-apps/opentmpfiles that has been masked for security bug |
That bug is discussed like 10 months ago, what happened now ? |
can i savely uninstall opentmpfiles and install systemd-tmpfiles?
_________________
Intel i3-4130T on ASUS P9D-X
Kernel 5.15.88-gentoo SMP
-----------------------------------------------
if your problem is fixed please add something like [solved] to the topic! |
|
| Back to top |
|
|
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 30909
Location: here
|
| Posted: Thu Jul 08, 2021 5:54 am Post subject: |
|
|
| snIP3r wrote: | | can i savely uninstall opentmpfiles and install systemd-tmpfiles? |
It's not necessary a normal update already proposes it as a change without you having to do anything
_________________
Questions are guaranteed in life; Answers aren't. |
|
| Back to top |
|
|
snIP3r
l33t
Joined: 21 May 2004
Posts: 853
Location: germany
|
| Posted: Thu Jul 08, 2021 5:57 am Post subject: |
|
|
| fedeliallalinea wrote: | | snIP3r wrote: | | can i savely uninstall opentmpfiles and install systemd-tmpfiles? |
It's not necessary a normal update already proposes it as a change without you having to do anything |
but here i get this:
| Quote: |
[blocks B ] sys-apps/opentmpfiles ("sys-apps/opentmpfiles" is blocking sys-apps/systemd-tmpfiles-246)
Total: 17 packages (11 upgrades, 1 new, 5 in new slots), Size of downloads: 143,838 KiB
Conflict: 1 block (1 unsatisfied)
* Error: The above package list contains packages which cannot be
* installed at the same time on the same system.
(sys-apps/opentmpfiles-0.2:0/0::gentoo, installed) pulled in by
sys-apps/opentmpfiles required by @selected
(sys-apps/systemd-tmpfiles-246:0/0::gentoo, ebuild scheduled for merge) pulled in by
sys-apps/systemd-tmpfiles required by (virtual/tmpfiles-0-r1:0/0::gentoo, installed) USE="" ABI_X86="(64)"
For more information about Blocked Packages, please refer to the following
section of the Gentoo Linux x86 Handbook (architecture is irrelevant):
|
so for me it looks like i have to uninstall opentmpfiles and install systemd-tmpfiles.
_________________
Intel i3-4130T on ASUS P9D-X
Kernel 5.15.88-gentoo SMP
-----------------------------------------------
if your problem is fixed please add something like [solved] to the topic! |
|
| Back to top |
|
|
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 30909
Location: here
|
| Posted: Thu Jul 08, 2021 6:01 am Post subject: |
|
|
Try to deselect sys-apps/opentmpfiles with emerge --deselect sys-apps/opentmpfiles and re-run update.
_________________
Questions are guaranteed in life; Answers aren't. |
|
| Back to top |
|
|
Josef.95
Advocate
Joined: 03 Sep 2007
Posts: 4553
Location: Germany
|
| Posted: Thu Jul 08, 2021 6:05 am Post subject: |
|
|
snIP3r,
"sys-apps/opentmpfiles required by @selected"
^ this meant it is in world file
| Code: | | emerge --deselect sys-apps/opentmpfiles |
first should help. |
|
| Back to top |
|
|
snIP3r
l33t
Joined: 21 May 2004
Posts: 853
Location: germany
|
| Posted: Thu Jul 08, 2021 6:06 am Post subject: |
|
|
| fedeliallalinea wrote: | | Try to deselect sys-apps/opentmpfiles with emerge --deselect sys-apps/opentmpfiles and re-run update. |
thx. this works.
on another (test-)machine, it works as you first posted - there was nothing to do.... strange...
_________________
Intel i3-4130T on ASUS P9D-X
Kernel 5.15.88-gentoo SMP
-----------------------------------------------
if your problem is fixed please add something like [solved] to the topic! |
|
| Back to top |
|
|
fedeliallalinea
Administrator
Joined: 08 Mar 2003
Posts: 30909
Location: here
|
| Posted: Thu Jul 08, 2021 6:12 am Post subject: |
|
|
| snIP3r wrote: | | on another (test-)machine, it works as you first posted - there was nothing to do.... strange... |
Probably in the first system at some point you rebuilded sys-apps/opentmpfiles without use --onesshot and this caused it to be written in the world file
_________________
Questions are guaranteed in life; Answers aren't. |
|
| Back to top |
|
|
pjp
Administrator
Joined: 16 Apr 2002
Posts: 20067
|
| Posted: Thu Jul 08, 2021 4:34 pm Post subject: |
|
|
| Zucca wrote: | | systemd-tmpfiles is a temporary replacement for now. |
It's been a known issue since 2017, and the "easy" fix would seem to be not making changes automatically. That it is left in this state for so long with the most recent activity in April isn't a particularly strong indicator that this is temporary. Very disappointing. I guess I have to come up with my own patch or solution to a "feature" I never wanted in the first place.
_________________
Quis separabit? Quo animo? |
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6098
Location: Dallas area
|
| Posted: Thu Jul 08, 2021 5:02 pm Post subject: |
|
|
If you really don't like this direction, I suppose you could always do
| Code: | $ cat /etc/portage/profile/package.mask
sys-apps/systemd-tmpfiles
-sys-apps/opentmpfiles |
that should undo their override
To be safe, I'd put copies of virtual/tmpfiles and sys-apps/opentmpfiles in your local repo.
_________________
PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
| Back to top |
|
|
Zucca
Moderator
Joined: 14 Jun 2007
Posts: 3343
Location: Rasi, Finland
|
| Posted: Thu Jul 08, 2021 5:53 pm Post subject: |
|
|
| Anon-E-moose wrote: | | To be safe |
... you'd wait for a fix (which seems long overdue, sadly), or wait for a fork...
But then again: | Michael Orlitzky wrote: | Mitigation
There is no good way to mitigate this as an end user, except to disable opentmpfiles and ensure that your OpenRC service scripts create the directories they need themselves. In particular, the Linux kernel's fs.protected_symlinks sysctl does not prevent this attack.
There is a fundamentally insurmountable problem here: there is no safe, POSIX-compatible API that lets root change the attributes of user-controlled data. As a result, the tmpfiles.d specification can only be implemented safely on recent Linux systems, where systemd's own tmpfiles program is intended to run. On a POSIX system, if you want to modify user-owned files in a user-owned directory, then you must drop privileges to that user before proceeding. This is at odds with the design of tmpfiles.d, making a POSIX-compatible implementation a quixotic endeavor. |
Emphasis on: | Quote: | | you must drop privileges to that user before proceeding |
There's something I don't understand here. Looks like it's not possible, but is still possible. 
_________________
..: Zucca :..
Gentoo IRC channels reside on Libera.Chat.
--
| Quote: | | I am NaN! I am a man! |
|
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6098
Location: Dallas area
|
| Posted: Thu Jul 08, 2021 6:05 pm Post subject: |
|
|
Quite frankly opentmpfiles is perfectly fine on my single user system which is a large percentage of all linux system.
The "attack example" is quite convoluted.
1. they symlink /etc/passwd or /etc/shadow to something else
2. then they run opentmpfile and "wow" a problem 
If #1 can happen then I got bigger problems than opentmpfiles, the priorities are a tad skewed.
_________________
PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
| Back to top |
|
|
pjp
Administrator
Joined: 16 Apr 2002
Posts: 20067
|
| Posted: Thu Jul 08, 2021 8:18 pm Post subject: |
|
|
| Anon-E-moose wrote: | | If you really don't like this direction, I suppose you could always do |
That only solves the issue of it being masked and possibly removed. Which I will probably do. But it doesn't address the vulnerability.
| Anon-E-moose wrote: | | If #1 can happen then I got bigger problems than opentmpfiles, the priorities are a tad skewed. |
I thought that too at first, but since /etc/passwd is readable by everyone, everyone can create a symlink to it. The example shows a tempfiles.d configuration that sets up a directory owned by a normal user and a file within that directory owned by the normal user. Because the configuration file informs what permissions and ownership should be, the effect is to allow for root to change ownership of the linked passwd file to the normal user. That behavior is normal. Other than the nature of how chown type commands work, I don't see the bigger problem. It's somewhat like not running random scripts as root.
The github bug references a similar problem having been sovled with checkpath (C code), and in those comments, I agree with revo^W comment #9: | Quote: | In general, I think blind recursive changes of file ownership are a mistake, and "fixup" code like the checkpath stuff in the sks pre_start initscript is most likely just papering over problems that exist elsewhere.
You could replace checkpath with a message that warns/fails hard if the expected ownership/permissions are not correct, so that the admin gets an immediate and clear explanation of the problem. Or maybe you could even quarantine the files or something and go through an automated rebuild so that the service can restart? But charging ahead and changing ownership without human intervention seems like a mistake to me. |
I gave a quick look at tmpfiles, and it seemed a bit cumbersome. My first thought was to create a _chown function which would perform checks and fail rather than make any changes. The real command would only be executed after those tests didn't fail. But that seems to perpetuate the "cumbersomeness," so I set it aside for now. Then there is the matter of other commands (chmod, chgrp, mk..., rm..., touch, restorecon). rm would certainly need to be addressed.
To some extent my concern is as much about unintended outcomes as it is malicious outcomes. One solution of course is to not allow normal users to create entries. But that only reduces the chance of a malicious instance and doesn't address the potentially disastrous accidental situation that remains.
| Zucca wrote: | | Quote: | | you must drop privileges to that user before proceeding |
There's something I don't understand here. Looks like it's not possible, but is still possible. |
Since the script is running as root, issuing sudo -u USER -g GROUP /bin/sh -c "CMD ..." should work. But that creates a dependency on sudo. Maybe it works with su as well (provided by sys-apps/shadow).
_________________
Quis separabit? Quo animo? |
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6098
Location: Dallas area
|
| Posted: Thu Jul 08, 2021 8:49 pm Post subject: |
|
|
| pjp wrote: | | Anon-E-moose wrote: | | If you really don't like this direction, I suppose you could always do |
That only solves the issue of it being masked and possibly removed. Which I will probably do. But it doesn't address the vulnerability. |
I'm not too terribly worried on my single user system.
I actually ran for a couple of years with no tmpfiles working (disabled by accident) and my system ran fine with the defaults for root setting things up on /run.
I personally think they should have left /var/run as a separate dir not a symlink, so that semi-permanent things wouldn't need to be recreated every boot.
Yes, I do remember having to, every once in a while delete a socket (usually left over from a program crashing) was never a big deal.
_________________
PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
| Back to top |
|
|
pjp
Administrator
Joined: 16 Apr 2002
Posts: 20067
|
| Posted: Thu Jul 08, 2021 9:37 pm Post subject: |
|
|
On my combined systems, I have 13 files in /usr/lib/tmpfiles.d/ and I have no idea how many would have problems without a tmpfiles implementation.
I've considered linking run to /var/run, but I'm near exhausted from dealing with general OS maintenance and "improvements." I've been putting off an HDD replacement and now I'm wondering if the Neutrinos are trying to communicate.
_________________
Quis separabit? Quo animo? |
|
| Back to top |
|
|
Princess Nell
l33t
Joined: 15 Apr 2005
Posts: 916
|
| Posted: Thu Jul 08, 2021 11:45 pm Post subject: |
|
|
| Anon-E-moose: I'm with you on the single user system aspect. But see my initial posting on how everything falls apart in strange ways when I masked sys-apps/systemd-tmpfiles (although I did not have the -sys-apps/opentmpfiles part - how does that make a difference?) |
|
| Back to top |
|
|
Anon-E-moose
Watchman
Joined: 23 May 2008
Posts: 6098
Location: Dallas area
|
| Posted: Fri Jul 09, 2021 12:00 am Post subject: |
|
|
what does "emerge -pv opentmpfiles" return
_________________
PRIME x570-pro, 3700x, 6.1 zen kernel
gcc 13, profile 17.0 (custom bare multilib), openrc, wayland |
|
| Back to top |
|
|
figueroa
Advocate
Joined: 14 Aug 2005
Posts: 2964
Location: Edge of marsh USA
|
| Posted: Fri Jul 09, 2021 2:13 am Post subject: |
|
|
Here, the conversion from opentmpfiles to systemd-tmpfiles was a non event. The portage elog informed me that it had automatically added stmpfiles-dev stmpfiles-setu to sysinit and boot startlevels, they were not automatically started. opentmpfiles was automatically removed. It caused me a moment's anxiety but everything seems fine.
_________________
Andy Figueroa
hp pavilion hpe h8-1260t/2AB5; spinning rust x3
i7-2600 @ 3.40GHz; 16 gb; Radeon HD 7570
amd64/23.0/split-usr/desktop (stable), OpenRC, -systemd -pulseaudio -uefi |
|
| Back to top |
|
|
|
Portage & Programming
