Skip to content
GitLab
Projects Groups Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • F fontconfig
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 182
    • Issues 182
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 23
    • Merge requests 23
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Packages and registries
    • Packages and registries
    • Container Registry
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • fontconfig
  • fontconfig
  • Issues
  • #123
Closed
Open
Issue created Oct 10, 2018 by Arfrever Frehtes Taifersar Arahesis@Arfrever

Check directory permissions before creating / deleting .uuid files

Gentoo packages are built under dedicated non-root user and in an LD_PRELOAD-based sandbox which catches attempts to write outside of temporary build directory and stops build process.

Since Fontconfig 2.13.1, when some Fontconfig tool or library is used and empty directories in /usr/share/fonts exist which are not writable by non-root users, then Fontconfig will try to create and next delete .uuid files in these directories, which is not permitted by sandbox.

For example, output of building of libical with -DICAL_BUILD_DOCS=yes might contain:

...
Running dot...
Generating dot graphs using 3 parallel threads...
Running dot for graph 1/103
Running dot for graph 2/103
Running dot for graph 3/103
  * ACCESS DENIED:  mkostemp:     /usr/share/fonts/100dpi/.uuid.TMP-XXXXXX
 * ACCESS DENIED:  mkostemp:     /usr/share/fonts/100dpi/.uuid.TMP-XXXXXX
* ACCESS DENIED:  mkostemp:     /usr/share/fonts/100dpi/.uuid.TMP-XXXXXX
 * * ACCESS DENIED:  unlink:       /usr/share/fonts/100dpi/.uuid
 * ACCESS DENIED:  unlink:       /usr/share/fonts/100dpi/.uuid
 ACCESS DENIED:  unlink:       /usr/share/fonts/100dpi/.uuid
  * ACCESS DENIED:  mkostemp:     /usr/share/fonts/75dpi/.uuid.TMP-XXXXXX
 * ACCESS DENIED:  mkostemp:     /usr/share/fonts/75dpi/.uuid.TMP-XXXXXX
* ACCESS DENIED:  mkostemp:     /usr/share/fonts/75dpi/.uuid.TMP-XXXXXX
 * ACCESS DENIED:  unlink:       /usr/share/fonts/75dpi/.uuid
 * ACCESS DENIED:  unlink:       /usr/share/fonts/75dpi/.uuid
 * ACCESS DENIED:  unlink:       /usr/share/fonts/75dpi/.uuid
...

I think that the proper solution is to make Fontconfig check for writeability of directories before trying to create/delete .uuid files. Additionally there is no need to try to delete .uuid files when they do not exist.

I attach the patch which implements this solution in FcDirCacheCreateUUID() and FcDirCacheDeleteUUID() functions.

(Also I should mention that I have backported commits ff5b49be and 5f5ec567, but they do not help in this specific issue.)

Example Gentoo bug: https://bugs.gentoo.org/666540

Edited Oct 10, 2018 by Arfrever Frehtes Taifersar Arahesis
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking