From 3aa558e231d4721b384f4239b23b793253be2f42 Mon Sep 17 00:00:00 2001
From: Sergei Trofimovich <slyfox@gentoo.org>
Date: Sat, 28 Mar 2020 00:29:16 +0000
Subject: [PATCH] sys-libs/glibc: drop devpts mount checks, bug #704780

USE=-suid is a defaut for a while. The check made sense
when transition from USE=suid -> USE=-suid was happening.

Should not be needed nowadays.

The check fails in private-users containers where devpts
is mounted as a private group:

  # systemd-nspawn --private-users=65536 -D amd64-stable-glibc-2.30
  Selected user namespace base 65536 and range 65536
  amd64-stable-glibc-2.30 # fgrep pts /proc/mounts
  devpts /dev/pts devpts
    rw,nosuid,noexec,relatime,gid=65541,mode=620,ptmxmode=666 0 0

PTYs still work in that setup. I guess due to ptmxmode=666
broad permissions. Let's drop the old check and allow more
pts configurations.

Reported-by: Kai Krakow
Closes: https://bugs.gentoo.org/704780
Package-Manager: Portage-2.3.96, Repoman-2.3.22
Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org>
---
 sys-libs/glibc/glibc-2.31-r2.ebuild | 24 ------------------------
 sys-libs/glibc/glibc-9999.ebuild    | 24 ------------------------
 2 files changed, 48 deletions(-)

diff --git a/sys-libs/glibc/glibc-2.31-r2.ebuild b/sys-libs/glibc/glibc-2.31-r2.ebuild
index e180533f0fc2..a46143ef0a5d 100644
--- a/sys-libs/glibc/glibc-2.31-r2.ebuild
+++ b/sys-libs/glibc/glibc-2.31-r2.ebuild
@@ -494,27 +494,6 @@ glibc_banner() {
 	echo "${b}"
 }
 
-check_devpts() {
-	# Make sure devpts is mounted correctly for use w/out setuid pt_chown.
-
-	# If merely building the binary package, then there's nothing to verify.
-	[[ ${MERGE_TYPE} == "buildonly" ]] && return
-
-	# Only sanity check when installing the native glibc.
-	[[ -n ${ROOT} ]] && return
-
-	# If they're opting in to the old suid code, then no need to check.
-	use suid && return
-
-	if awk '$3 == "devpts" && $4 ~ /[, ]gid=5[, ]/ { exit 1 }' /proc/mounts ; then
-		eerror "In order to use glibc with USE=-suid, you must make sure that"
-		eerror "you have devpts mounted at /dev/pts with the gid=5 option."
-		eerror "Openrc should do this for you, so you should check /etc/fstab"
-		eerror "and make sure you do not have any invalid settings there."
-		die "mount & fix your /dev/pts settings"
-	fi
-}
-
 # The following Kernel version handling functions are mostly copied from portage
 # source. It's better not to use linux-info.eclass here since a) it adds too
 # much magic, see bug 326693 for some of the arguments, and b) some of the
@@ -584,9 +563,6 @@ get_kheader_version() {
 # pkg_ and src_ phases, so we call this function both in pkg_pretend and in
 # src_unpack.
 sanity_prechecks() {
-	# Make sure devpts is mounted correctly for use w/out setuid pt_chown
-	check_devpts
-
 	# Prevent native builds from downgrading
 	if [[ ${MERGE_TYPE} != "buildonly" ]] && \
 	   [[ -z ${ROOT} ]] && \
diff --git a/sys-libs/glibc/glibc-9999.ebuild b/sys-libs/glibc/glibc-9999.ebuild
index 1bc1d7e7ec82..38268c5f9372 100644
--- a/sys-libs/glibc/glibc-9999.ebuild
+++ b/sys-libs/glibc/glibc-9999.ebuild
@@ -493,27 +493,6 @@ glibc_banner() {
 	echo "${b}"
 }
 
-check_devpts() {
-	# Make sure devpts is mounted correctly for use w/out setuid pt_chown.
-
-	# If merely building the binary package, then there's nothing to verify.
-	[[ ${MERGE_TYPE} == "buildonly" ]] && return
-
-	# Only sanity check when installing the native glibc.
-	[[ -n ${ROOT} ]] && return
-
-	# If they're opting in to the old suid code, then no need to check.
-	use suid && return
-
-	if awk '$3 == "devpts" && $4 ~ /[, ]gid=5[, ]/ { exit 1 }' /proc/mounts ; then
-		eerror "In order to use glibc with USE=-suid, you must make sure that"
-		eerror "you have devpts mounted at /dev/pts with the gid=5 option."
-		eerror "Openrc should do this for you, so you should check /etc/fstab"
-		eerror "and make sure you do not have any invalid settings there."
-		die "mount & fix your /dev/pts settings"
-	fi
-}
-
 # The following Kernel version handling functions are mostly copied from portage
 # source. It's better not to use linux-info.eclass here since a) it adds too
 # much magic, see bug 326693 for some of the arguments, and b) some of the
@@ -583,9 +562,6 @@ get_kheader_version() {
 # pkg_ and src_ phases, so we call this function both in pkg_pretend and in
 # src_unpack.
 sanity_prechecks() {
-	# Make sure devpts is mounted correctly for use w/out setuid pt_chown
-	check_devpts
-
 	# Prevent native builds from downgrading
 	if [[ ${MERGE_TYPE} != "buildonly" ]] && \
 	   [[ -z ${ROOT} ]] && \
-- 
2.26.2