Ticket #249 (closed defect: invalid)

Opened 10 years ago

Last modified 9 years ago

paludis uses shell -> errors in /etc/profile and slows down paludis

Reported by: deac Owned by: ciaranm
Priority: Sometime Milestone:
Component: clients/paludis Version: 0.24.2
Keywords: Cc: flo@…
Blocked By: Blocking:
Distribution: Gentoo

Description

paludis uses a shell, which loads /etc/profile. in my /etc/profile there're some settings, which needs a home-directory, like keychain and gnustep. both failes because the shell, which paludis loads doesn't know the right home-dir of user paludis and tries to write in ~xyz. this isn't so bad, but this produce unreadable output:

2007-05-21 11:27:35.634 make_services[13231] couldn't create /dev/null/GNUstep/Library/Services
 * Warning: removing empty lock file
rm: cannot remove `/home/deac/.keychain/Cuprum-lockf': Permission denied
 * Error: failed to remove empty lock file
 * Error: failed to get the lock: /usr/bin/keychain: line 332: /home/deac/.keychain/Cuprum-lockf: Permission denied

Change History

comment:1 follow-up: ↓ 3 Changed 10 years ago by ciaranm

  • Status changed from new to closed
  • Resolution set to invalid

You shouldn't include anything in /etc/profile that is required to work for users with home directories, nor anything that might produce output.

comment:2 Changed 10 years ago by Hypnos

deac,

GNUstep, at least, now has a workaround in the overlay.

Discussed here:

 http://forums.gentoo.org/viewtopic-p-4101368.html#4101368

comment:3 in reply to: ↑ 1 Changed 10 years ago by deac

  • Status changed from closed to reopened
  • Resolution invalid deleted
  • Summary changed from paludis uses shell -> errors in /etc/profile to paludis uses shell -> errors in /etc/profile and slows down paludis

Replying to ciaranm:

You shouldn't include anything in /etc/profile that is required to work for users with home directories, nor anything that might produce output.

I NEVER put something to /etc/profile, which produces output or something else. This is the default settings by gentoo. /etc/profile.d/* will be included, and there are something like keychain of course. This produce errors, if there's an error, so it's right.

I think you don't load /etc/profile, because you needn't it. this needs many time, but hasn't any reason. If you want speed up paludis, don't load /etc/profile so much times.

comment:4 follow-up: ↓ 5 Changed 10 years ago by ciaranm

  • Status changed from reopened to closed
  • Resolution set to invalid

Then this is a bug with keychain. Paludis requires a clean shell, and a clean shell will load /etc/profile.

comment:5 in reply to: ↑ 4 ; follow-up: ↓ 6 Changed 10 years ago by deac

  • Status changed from closed to reopened
  • Resolution invalid deleted

Replying to ciaranm:

Then this is a bug with keychain. Paludis requires a clean shell, and a clean shell will load /etc/profile.

If you really needs a clean shell, then you aren't allowed to load any shellscripts! This is a security issue and a performance issue. I think, you haven't tried it, that paludis uses a clean shell.

Why there's /etc/paludis/bashrc? You don't need it, because you load /etc/profile all the time when you start a small script.

Why paludis load /etc/profile, portage don't? Portage needn't it, why you need it?

There's no reason to load it all the time. It's enough, if you load it ONE time, if you really need it.

comment:6 in reply to: ↑ 5 Changed 10 years ago by ciaranm

  • Status changed from reopened to closed
  • Resolution set to invalid

Replying to deac:

Replying to ciaranm: If you really needs a clean shell, then you aren't allowed to load any shellscripts! This is a security issue and a performance issue. I think, you haven't tried it, that paludis uses a clean shell.

Paludis uses a clean shell. A clean shell uses /etc/profile. When initialised, shells always use a collection of shell scripts to set up basic environment; /etc/profile is part of this.

Why there's /etc/paludis/bashrc?

That's used later on for user settings. System settings are taken from the standard shell startup routine.

You don't need it, because you load /etc/profile all the time when you start a small script.

/etc/profile shouldn't be polluted with application or user specific data. /etc/profile is suitable only for system configuration data.

Why paludis load /etc/profile, portage don't? Portage needn't it, why you need it?

Portage doesn't use a clean shell. This leads to nasty environment leakage and huge breakages on correctly configured systems.

There's no reason to load it all the time. It's enough, if you load it ONE time, if you really need it.

Paludis uses one shell instance per shell-using command. Again, this is to avoid environment leakage.

The only issue here is that you're including things in /etc/profile that shouldn't be there.

comment:7 Changed 10 years ago by deac

  • Status changed from closed to reopened
  • Resolution invalid deleted

That's totaly wrong! /etc/profile is the main LOGIN-script. Every known shells use it for some settings on login. Every script, which isn't a login-script, shouldn't use it. some examples:  http://docs.hp.com/en/A2615-90003/ch16s09.html

For people, who can read german:  http://www.willemer.de/informatik/unix/shell.htm This page is very interesting, it describe it very detailed:  http://archiv.tu-chemnitz.de/pub/2002/0055/data/bash_struktur.html

This should be enough. Now you should see, that paludis shouldn't load /etc/profile. It's only for login shells, not for anything else.

comment:8 Changed 10 years ago by ciaranm

  • Status changed from reopened to closed
  • Resolution set to invalid

You should fix your system's sandbox.bashrc then.

comment:9 Changed 9 years ago by fscan

  • Cc flo@… added
  • Distribution set to Gentoo

some ebuilds set/unset environment variables. importing /etc/profile overwrites those to their default values.

eg: icedtea6 does not build if JAVA_HOME is set. the ebuild unsets this evironment variable, but build still fails because paludis sources /etc/profile. JAVA_HOME is set on gentoo by java-config.

needless to say, i spent some time until i realized what was going on..

Note: See TracTickets for help on using tickets.