Bug#576678: initramfs-tools: breaks but continues if /tmp is mounted with noexec option
Package: initramfs-tools
Version: 0.94
Severity: normal
/tmp on my EeePC is mounted as follows:
tmpfs on /tmp type tmpfs (rw,noexec,nosuid,nodev)
Starting with initramfs-tools 0.94, mkinitramfs throws a lot of error
messages about without neither stopping nor declaring the packages
which triggered that as being not successfully installed:
[…]
Setting up initramfs-tools (0.94) ...
Installing new version of config file /etc/kernel/postrm.d/initramfs-tools ...
Installing new version of config file /etc/kernel/postinst.d/initramfs-tools ...
Installing new version of config file /etc/initramfs-tools/initramfs.conf ...
Installing new version of config file /etc/initramfs-tools/update-initramfs.conf ...
update-initramfs: deferring update (trigger activated)
[…]
Processing triggers for initramfs-tools ...
update-initramfs: Generating /boot/initrd.img-2.6.33-2-686
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-top/all_generic_ide: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-top/blacklist: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-top/keymap: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-bottom/dropbear: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-bottom/udev: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/local-bottom/cryptopensc: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-premount/devpts: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-premount/dropbear: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-premount/udev: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/local-premount/resume: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/local-top/cryptopensc: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/local-top/cryptroot: Permission denied
localepurge: Disk space freed in /usr/share/locale: 0 KiB
[…]
This are possibly two bugs:
1) Fails to stop package installation as well as to mark packages as
not successfully installed if initramfs generation failed. I regard
this as bug with at least severity normal.
2) Breaks if /tmp is mounted noexec. Since caring about a noexec
mounted /tmp is not required by policy, but quite some people use
it, I regard it as bug with severity minor or wishlist. Possibly
related to http://bugs.debian.org/567540.
Feel free to clone this bug into two seperate bugs if you intend to
fix both bugs.
For 2) I suggest to allow the administrator to configure an
alternative temporary directory to use. Another possibility would be
to temporarily remount /tmp with exec. This is how I solved the issue
manually for now, but doing this automatically with scripts feels like
circumventing a possibly deliberately made decision of the local
administrator.
-- Package-specific info:
-- /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-2.6.33-2-686 root=UUID=75818c63-d8e5-4f92-9e2a-b35221e4076b ro quiet
-- /proc/filesystems
ext3
fuseblk
-- lsmod
Module Size Used by
tcp_diag 612 0
aes_i586 6816 0
aes_generic 25738 1 aes_i586
sco 5889 2
bridge 32977 0
stp 996 1 bridge
bnep 7591 2
rfcomm 24502 1
l2cap 22430 4 bnep,rfcomm
crc16 1027 1 l2cap
bluetooth 35663 6 sco,bnep,rfcomm,l2cap
inet_diag 5938 2 tcp_diag
tun 8955 2
fuse 43964 1
arc4 974 2
ecb 1405 2
ath5k 106605 0
mac80211 125802 1 ath5k
ath 6234 1 ath5k
cfg80211 90741 3 ath5k,mac80211,ath
dm_crypt 9156 0
dm_mod 47420 1 dm_crypt
snd_hda_codec_realtek 168375 1
snd_hda_intel 16923 0
joydev 6778 0
snd_hda_codec 48763 2 snd_hda_codec_realtek,snd_hda_intel
snd_hwdep 4082 1 snd_hda_codec
snd_pcm_oss 28722 0
snd_mixer_oss 10490 1 snd_pcm_oss
snd_pcm 47219 3 snd_hda_intel,snd_hda_codec,snd_pcm_oss
snd_seq_midi 3600 0
snd_rawmidi 12652 1 snd_seq_midi
snd_seq_midi_event 3672 1 snd_seq_midi
snd_seq 35421 2 snd_seq_midi,snd_seq_midi_event
eeepc_laptop 10004 0
sparse_keymap 1767 1 eeepc_laptop
snd_timer 12349 2 snd_pcm,snd_seq
snd_seq_device 3673 3 snd_seq_midi,snd_rawmidi,snd_seq
rfkill 10320 4 bluetooth,cfg80211,eeepc_laptop
uvcvideo 45623 0
snd 34703 11 snd_hda_codec_realtek,snd_hda_intel,snd_hda_codec,snd_hwdep,snd_pcm_oss,snd_mixer_oss,snd_pcm,snd_rawmidi,snd_seq,snd_timer,snd_seq_device
serio_raw 3104 0
led_class 1753 2 ath5k,eeepc_laptop
videodev 27068 1 uvcvideo
tpm_tis 5496 0
v4l1_compat 10314 2 uvcvideo,videodev
tpm 8129 1 tpm_tis
soundcore 3642 1 snd
tpm_bios 3557 1 tpm
psmouse 38755 0
rng_core 2350 0
ac 1640 0
battery 3782 0
pci_hotplug 18127 1 eeepc_laptop
atl2 17852 0
snd_page_alloc 5097 2 snd_hda_intel,snd_pcm
processor 25817 1
evdev 5629 15
ext3 93823 1
jbd 32613 1 ext3
mbcache 3762 1 ext3
usb_storage 30441 0
sd_mod 26607 2
crc_t10dif 1012 1 sd_mod
i915 217679 2
ata_generic 2043 0
drm_kms_helper 18257 1 i915
ahci 27102 0
drm 112447 3 i915,drm_kms_helper
ata_piix 17149 1
i2c_algo_bit 3497 1 i915
uhci_hcd 16149 0
libata 115325 3 ata_generic,ahci,ata_piix
ehci_hcd 27870 0
i2c_core 12265 5 videodev,i915,drm_kms_helper,drm,i2c_algo_bit
intel_agp 20257 1
scsi_mod 102273 3 usb_storage,sd_mod,libata
video 15053 1 i915
usbcore 100734 5 uvcvideo,usb_storage,uhci_hcd,ehci_hcd
nls_base 4541 1 usbcore
output 1196 1 video
button 3598 1 i915
agpgart 19551 2 drm,intel_agp
thermal 9405 0
fan 2506 0
thermal_sys 9402 4 processor,video,thermal,fan
-- /etc/kernel-img.conf
# Kernel image management overrides
# See kernel-img.conf(5) for details
do_symlinks = yes
relative_links = yes
do_bootloader = no
do_bootfloppy = no
do_initrd = yes
link_in_boot = no
postinst_hook = update-grub
postrm_hook = update-grub
-- /etc/initramfs-tools/initramfs.conf
MODULES=most
BUSYBOX=y
KEYMAP=n
COMPRESS=gzip
BOOT=local
DEVICE=eth0
NFSROOT=auto
-- /etc/crypttab
# <target name> <source device> <key file> <options>
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (990, 'unstable'), (600, 'stable'), (500, 'testing'), (110, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.33-2-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages initramfs-tools depends on:
ii cpio 2.11-1 GNU cpio -- a program to manage ar
ii findutils 4.4.2-1 utilities for finding files--find,
ii klibc-utils 1.5.17-4 small utilities built with klibc f
ii module-init-tools 3.12~pre2-2 tools for managing Linux kernel mo
ii udev 151-3 /dev/ and hotplug management daemo
Versions of packages initramfs-tools recommends:
ii busybox 1:1.15.3-2 Tiny utilities for small and embed
initramfs-tools suggests no packages.
-- no debconf information
Reply to: