Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

FEATURES=usersync does NOT drop to portage user for sync
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Portage & Programming
View previous topic :: View next topic  
Author Message
bender86
Guru
Guru


Joined: 18 Mar 2005
Posts: 484
PostPosted: Wed Jul 07, 2010 7:04 pm    Post subject: FEATURES=usersync does NOT drop to portage user for sync Reply with quote
Hi
I am using usersync and userfetch in my FEATURES to have the emerge operations run by portage user, but this seems to work only partially. I setted these iptables rules:
Code:
iptables -A OUTPUT -m owner --uid-owner portage -p tcp --dport http -d $GENTOO_MIRROR -s $MY_IP -j ACCEPT
iptables -A OUTPUT -m owner --uid-owner portage -p tcp --dport rsync -d rsync.gentoo.org -s $MY_IP -j ACCEPT

The former allows only portage user to download sources from the mirror (and this works). The latter allows only portage user to execute emerge --sync. If I cut off -m owner --uid-owner portage the sync runs fine, otherwise I get a timeout. During timeout I checked with ps aux and I found out that
Code:
...
root      9778  1.0  0.2   4144  1176 pts/1    S+   20:56   0:00 rsync --recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --verbose rsync://91.186.30.235/gentoo-portage/metadata/timestamp.chk /tmp/tmp39GzjS
...

rsync is called by root! (and of course is blocked by firewall)

(note: as said in documentation, portage user is the owner of PORTDIR)

If I cut off the user constrain and I do a ps aux while syncing I get
Code:
...
portage   9913 28.7  0.4   8136  2312 pts/1    D+   20:57   0:01 rsync --recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --verbose rsync://134.68.240.40/gentoo-portage/ /usr/portage
portage   9916  7.6  0.8  49064  4136 pts/1    S+   20:57   0:00 rsync --recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages --verbose rsync://134.68.240.40/gentoo-portage/ /usr/portage
...


So it seems that emerge drops to portage user only after syncing the timestamp file.
Is this behaviour correct? I can't see any reason why this happens.
Back to top
View user's profile Send private message
Genone
Retired Dev
Retired Dev


Joined: 14 Mar 2003
Posts: 9532
Location: beyond the rim
PostPosted: Thu Jul 08, 2010 1:43 am    Post subject: Reply with quote
Yeah, looks like the code simply doesn't pass the uid (and other stuff) to the first rsync call. Probably an oversight when that feature was added, file a bug about it and it should get fixed very quickly.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Portage & Programming All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy