[tahoe-lafs-trac-stream] [Tahoe-LAFS] #2217: SandboxViolation: mkdir('/usr/lib/python2.7/site-packages/cryptography/hazmat/bindings/__pycache__', 511) {}

[Tahoe-LAFS]

#2217: SandboxViolation: mkdir('/usr/lib/python2.7/site-
packages/cryptography/hazmat/bindings/__pycache__', 511) {}
-------------------------------------+-------------------------------------
     Reporter:  aredridel            |      Owner:  daira
         Type:  defect               |     Status:  closed
     Priority:  normal               |  Milestone:  undecided
    Component:  packaging            |    Version:  1.10.0
   Resolution:  somebody else's      |   Keywords:  setuptools distribute
  problem                            |  build cffi cryptography
Launchpad Bug:                       |
-------------------------------------+-------------------------------------

Comment (by daira):

 Replying to [comment:24 zooko]:
 > Replying to [comment:23 zooko]:
 > >
 > > 1. Why is it trying to write a cache file into your read-only system-
 wide filesystem if it is already installed?
 >
 > I suspect that this is because cffi tries to build hazmat as a side-
 effect of someone trying to import pyOpenSSL.

 No, the `OpenSSL` module is not imported at build time. (It would be easy
 to verify this.) The `OpenSSL` package is certainly imported by Tahoe-LAFS
 code at run-time (quite early, in order to check the version). I suspect
 it's because cffi installs some hook that is invoked when a package
 depending on it is built. But if that hook attempts to write to system
 areas of the filesystem, it is just completely broken and ''cannot'' work
 for builds done as an unprivileged user.

--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/2217#comment:32>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage