[MacPorts] #65331: sshuttle: destroot failure: git reporting unsafe repo caused by mismatching users

MacPorts noreply at macports.org
Sun Jun 12 01:15:44 UTC 2022 

#65331: sshuttle: destroot failure: git reporting unsafe repo caused by mismatching
users
------------------------+----------------------
 Reporter:  i0ntempest  |      Owner:  (none)
     Type:  defect      |     Status:  new
 Priority:  Normal      |  Milestone:
Component:  ports       |    Version:  2.7.2
 Keywords:              |       Port:  sshuttle
------------------------+----------------------
 Build process of this port depends on git to get its version, and because
 MP executes build and destroot as different users (macports/root), git
 will error out complaining about repo is not owned by the current user.
 After adding {{{destroot.env-append SETUPTOOLS_SCM_DEBUG=1}}} into
 portfile one may see:
 {{{
 :info:destroot finalize hook {'name': 'sshuttle', 'version': None,
 'author': 'Brian May', 'author_email': 'brian at linuxpenguins.xyz',
 'maintainer': None, 'maintainer_email': None, 'url':
 'https://github.com/sshuttle/sshuttle', 'license': 'LGPL2.1+',
 'description': 'Full-featured" VPN over an SSH tunnel',
 'long_description': "sshuttle: where transparent proxy meets VPN meets
 ssh\n=====================================================\n\nAs far as I
 know, sshuttle is the only program that solves the following\ncommon
 case:\n\n- Your client machine (or router) is Linux, FreeBSD, or
 MacOS.\n\n- You have access to a remote network via ssh.\n\n- You don't
 necessarily have admin access on the remote network.\n\n- The remote
 network has no VPN, or only stupid/complex VPN\n  protocols (IPsec, PPTP,
 etc). Or maybe you *are* the\n  admin and you just got frustrated with the
 awful state of\n  VPN tools.\n\n- You don't want to create an ssh port
 forward for every\n  single host/port on the remote network.\n\n- You hate
 openssh's port forwarding because it's randomly\n  slow and/or
 stupid.\n\n- You can't use openssh's PermitTunnel feature because\n  it's
 disabled by default on openssh servers; plus it does\n  TCP-over-TCP,
 which has `terrible performance`_.\n\n.. _terrible performance:
 https://sshuttle.readthedocs.io/en/stable/how-it-works.html\n\nObtaining
 sshuttle\n------------------\n\n- Ubuntu 16.04 or later::\n\n      apt-get
 install sshuttle\n\n- Debian stretch or later::\n\n      apt-get install
 sshuttle\n\n- Arch Linux::\n\n      pacman -S sshuttle\n\n- Fedora::\n\n
 dnf install sshuttle\n\n- openSUSE::\n\n      zypper in sshuttle\n\n-
 Gentoo::\n\n      emerge -av net-proxy/sshuttle\n\n- NixOS::\n\n      nix-
 env -iA nixos.sshuttle\n\n- From PyPI::\n\n      sudo pip install
 sshuttle\n\n- Clone::\n\n      git clone
 https://github.com/sshuttle/sshuttle.git\n      cd sshuttle\n      sudo
 ./setup.py install\n\n- FreeBSD::\n\n      # ports\n      cd
 /usr/ports/net/py-sshuttle && make install clean\n      # pkg\n      pkg
 install py36-sshuttle\n\n- macOS, via MacPorts::\n\n      sudo port
 selfupdate\n      sudo port install sshuttle\n\nIt is also possible to
 install into a virtualenv as a non-root user.\n\n- From PyPI::\n\n
 virtualenv -p python3 /tmp/sshuttle\n      . /tmp/sshuttle/bin/activate\n
 pip install sshuttle\n\n- Clone::\n\n      virtualenv -p python3
 /tmp/sshuttle\n      . /tmp/sshuttle/bin/activate\n      git clone
 https://github.com/sshuttle/sshuttle.git\n      cd sshuttle\n
 ./setup.py install\n\n- Homebrew::\n\n      brew install sshuttle\n\n-
 Nix::\n\n      nix-env -iA
 nixpkgs.sshuttle\n\n\nDocumentation\n-------------\nThe documentation for
 the stable version is available
 at:\nhttps://sshuttle.readthedocs.org/\n\nThe documentation for the latest
 development version is available
 at:\nhttps://sshuttle.readthedocs.org/en/latest/\n\n\nRunning as a
 service\n--------------------\nSshuttle can also be run as a service and
 configured using a config management
 system:\nhttps://medium.com/@mike.reider/using-sshuttle-as-a-service-
 bec2684a65fe\n", 'keywords': 'ssh vpn', 'platforms': None, 'classifiers':
 ['Development Status :: 5 - Production/Stable', 'Intended Audience ::
 Developers', 'Intended Audience :: End Users/Desktop', 'License :: OSI
 Approved :: GNU Lesser General Public License v2 or later (LGPLv2+)',
 'Operating System :: OS Independent', 'Programming Language :: Python ::
 3.6', 'Programming Language :: Python :: 3.7', 'Programming Language ::
 Python :: 3.8', 'Programming Language :: Python :: 3.9', 'Topic :: System
 :: Networking'], 'download_url': None, 'provides': None, 'requires': None,
 'obsoletes': None}
 :info:destroot version keyword {'name': 'sshuttle', 'version': None,
 'author': 'Brian May', 'author_email': 'brian at linuxpenguins.xyz',
 'maintainer': None, 'maintainer_email': None, 'url':
 'https://github.com/sshuttle/sshuttle', 'license': 'LGPL2.1+',
 'description': 'Full-featured" VPN over an SSH tunnel',
 'long_description': "sshuttle: where transparent proxy meets VPN meets
 ssh\n=====================================================\n\nAs far as I
 know, sshuttle is the only program that solves the following\ncommon
 case:\n\n- Your client machine (or router) is Linux, FreeBSD, or
 MacOS.\n\n- You have access to a remote network via ssh.\n\n- You don't
 necessarily have admin access on the remote network.\n\n- The remote
 network has no VPN, or only stupid/complex VPN\n  protocols (IPsec, PPTP,
 etc). Or maybe you *are* the\n  admin and you just got frustrated with the
 awful state of\n  VPN tools.\n\n- You don't want to create an ssh port
 forward for every\n  single host/port on the remote network.\n\n- You hate
 openssh's port forwarding because it's randomly\n  slow and/or
 stupid.\n\n- You can't use openssh's PermitTunnel feature because\n  it's
 disabled by default on openssh servers; plus it does\n  TCP-over-TCP,
 which has `terrible performance`_.\n\n.. _terrible performance:
 https://sshuttle.readthedocs.io/en/stable/how-it-works.html\n\nObtaining
 sshuttle\n------------------\n\n- Ubuntu 16.04 or later::\n\n      apt-get
 install sshuttle\n\n- Debian stretch or later::\n\n      apt-get install
 sshuttle\n\n- Arch Linux::\n\n      pacman -S sshuttle\n\n- Fedora::\n\n
 dnf install sshuttle\n\n- openSUSE::\n\n      zypper in sshuttle\n\n-
 Gentoo::\n\n      emerge -av net-proxy/sshuttle\n\n- NixOS::\n\n      nix-
 env -iA nixos.sshuttle\n\n- From PyPI::\n\n      sudo pip install
 sshuttle\n\n- Clone::\n\n      git clone
 https://github.com/sshuttle/sshuttle.git\n      cd sshuttle\n      sudo
 ./setup.py install\n\n- FreeBSD::\n\n      # ports\n      cd
 /usr/ports/net/py-sshuttle && make install clean\n      # pkg\n      pkg
 install py36-sshuttle\n\n- macOS, via MacPorts::\n\n      sudo port
 selfupdate\n      sudo port install sshuttle\n\nIt is also possible to
 install into a virtualenv as a non-root user.\n\n- From PyPI::\n\n
 virtualenv -p python3 /tmp/sshuttle\n      . /tmp/sshuttle/bin/activate\n
 pip install sshuttle\n\n- Clone::\n\n      virtualenv -p python3
 /tmp/sshuttle\n      . /tmp/sshuttle/bin/activate\n      git clone
 https://github.com/sshuttle/sshuttle.git\n      cd sshuttle\n
 ./setup.py install\n\n- Homebrew::\n\n      brew install sshuttle\n\n-
 Nix::\n\n      nix-env -iA
 nixpkgs.sshuttle\n\n\nDocumentation\n-------------\nThe documentation for
 the stable version is available
 at:\nhttps://sshuttle.readthedocs.org/\n\nThe documentation for the latest
 development version is available
 at:\nhttps://sshuttle.readthedocs.org/en/latest/\n\n\nRunning as a
 service\n--------------------\nSshuttle can also be run as a service and
 configured using a config management
 system:\nhttps://medium.com/@mike.reider/using-sshuttle-as-a-service-
 bec2684a65fe\n", 'keywords': 'ssh vpn', 'platforms': None, 'classifiers':
 ['Development Status :: 5 - Production/Stable', 'Intended Audience ::
 Developers', 'Intended Audience :: End Users/Desktop', 'License :: OSI
 Approved :: GNU Lesser General Public License v2 or later (LGPLv2+)',
 'Operating System :: OS Independent', 'Programming Language :: Python ::
 3.6', 'Programming Language :: Python :: 3.7', 'Programming Language ::
 Python :: 3.8', 'Programming Language :: Python :: 3.9', 'Topic :: System
 :: Networking'], 'download_url': None, 'provides': None, 'requires': None,
 'obsoletes': None}
 :info:destroot abs root {'root': '.', 'relative_to': None}
 :info:destroot root
 '/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_sshuttle/sshuttle/work/sshuttle-1.1.0'
 :info:destroot relative_to None
 :info:destroot dist name: sshuttle
 :info:destroot version_from_ep setuptools_scm.parse_scm
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_sshuttle/sshuttle/work/sshuttle-1.1.0
 :info:destroot looking for ep setuptools_scm.parse_scm
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_sshuttle/sshuttle/work/sshuttle-1.1.0
 :info:destroot found ep EntryPoint(name='.git',
 value='setuptools_scm.git:parse', group='setuptools_scm.parse_scm') in
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_sshuttle/sshuttle/work/sshuttle-1.1.0
 :info:destroot cmd 'git rev-parse --show-prefix'
 :info:destroot  in
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_sshuttle/sshuttle/work/sshuttle-1.1.0
 :info:destroot err b"fatal: unsafe repository
 ('/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_sshuttle/sshuttle/work/sshuttle-1.1.0'
 is owned by someone else)\nTo add an exception for this directory,
 call:\n\n\tgit config --global --add safe.directory
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_sshuttle/sshuttle/work/sshuttle-1.1.0\n"
 :info:destroot ret 128
 :info:destroot EntryPoint(name='.git', value='setuptools_scm.git:parse',
 group='setuptools_scm.parse_scm') None
 :info:destroot version_from_ep setuptools_scm.parse_scm_fallback
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_sshuttle/sshuttle/work/sshuttle-1.1.0
 :info:destroot looking for ep setuptools_scm.parse_scm_fallback
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_sshuttle/sshuttle/work/sshuttle-1.1.0
 :info:destroot found ep EntryPoint(name='setup.py',
 value='setuptools_scm.hacks:fallback_version',
 group='setuptools_scm.parse_scm_fallback') in
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_sshuttle/sshuttle/work/sshuttle-1.1.0
 :info:destroot EntryPoint(name='setup.py',
 value='setuptools_scm.hacks:fallback_version',
 group='setuptools_scm.parse_scm_fallback') None
 :info:destroot Traceback (most recent call last):
 :info:destroot   File
 "/opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_sshuttle/sshuttle/work/sshuttle-1.1.0/setup.py",
 line 29, in <module>
 :info:destroot     setup(
 :info:destroot   File
 "/opt/local/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10
 /site-packages/setuptools/__init__.py", line 87, in setup
 :info:destroot     return distutils.core.setup(**attrs)
 :info:destroot   File
 "/opt/local/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10
 /site-packages/setuptools/_distutils/core.py", line 109, in setup
 :info:destroot     _setup_distribution = dist = klass(attrs)
 :info:destroot   File
 "/opt/local/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10
 /site-packages/setuptools/dist.py", line 477, in __init__
 :info:destroot     _Distribution.__init__(
 :info:destroot   File
 "/opt/local/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10
 /site-packages/setuptools/_distutils/dist.py", line 293, in __init__
 :info:destroot     self.finalize_options()
 :info:destroot   File
 "/opt/local/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10
 /site-packages/setuptools/dist.py", line 901, in finalize_options
 :info:destroot     ep(self)
 :info:destroot   File
 "/opt/local/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10
 /site-packages/setuptools/dist.py", line 922, in _finalize_setup_keywords
 :info:destroot     ep.load()(self, ep.name, value)
 :info:destroot   File
 "/opt/local/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10
 /site-packages/setuptools_scm/integration.py", line 75, in version_keyword
 :info:destroot     _assign_version(dist, config)
 :info:destroot   File
 "/opt/local/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10
 /site-packages/setuptools_scm/integration.py", line 51, in _assign_version
 :info:destroot     _version_missing(config)
 :info:destroot   File
 "/opt/local/Library/Frameworks/Python.framework/Versions/3.10/lib/python3.10
 /site-packages/setuptools_scm/__init__.py", line 106, in _version_missing
 :info:destroot     raise LookupError(
 :info:destroot LookupError: setuptools-scm was unable to detect version
 for
 /opt/local/var/macports/build/_opt_local_var_macports_sources_rsync.macports.org_macports_release_tarballs_ports_net_sshuttle/sshuttle/work/sshuttle-1.1.0.
 :info:destroot Make sure you're either building from a fully intact git
 repository or PyPI tarballs. Most other sources (such as GitHub's
 tarballs, a git checkout without the .git folder) don't contain the
 necessary metadata and will not work.
 :info:destroot For example, if you're using pip, instead of
 https://github.com/user/proj/archive/master.zip use
 git+https://github.com/user/proj.git#egg=proj
 }}}
 One workaround would be:
 {{{
 pre-destroot {
     system -W ${worksrcpath} "chown -R $env(USER) ."
 }
 }}}

-- 
Ticket URL: <https://trac.macports.org/ticket/65331>
MacPorts <https://www.macports.org/>
Ports system for macOS

More information about the macports-tickets mailing list