Bug#860738: apt changes to current directory
Package: apt
Version: 1.4
User: selinux-devel@lists.alioth.debian.org
Usertags: selinux
When running `apt update`, apt changes his working directory to the
current directory.
This causes some trouble in correlation with SELinux when not running
the command in the users home directory:
root@server /lib/systemd/system # apt update
Hit:1 http://ftp.de.debian.org/debian unstable InRelease
[...]
Reading package lists... Done
E: Unable to change to /lib/systemd/system/ - chdir (13: Permission denied)
type=PROCTITLE msg=audit(04/19/17 15:47:25.787:887) :
proctitle=/bin/sh /usr/bin/apt-key --quiet --readonly verify
--status-fd 3 /tmp/apt.sig.UgYsLd /tmp/apt.data.S6DCAl
type=PATH msg=audit(04/19/17 15:47:25.787:887) : item=0 name=.
nametype=UNKNOWN
type=CWD msg=audit(04/19/17 15:47:25.787:887) : cwd=/lib/systemd/system
type=SYSCALL msg=audit(04/19/17 15:47:25.787:887) : arch=x86_64
syscall=stat success=no exit=EACCES(Permission denied) a0=0x7780a6de3d
a1=0x385e17bea10 a2=0x385e17bea10 a3=0x778345f160 items=1 ppid=20684
pid=20685 auid=root uid=_apt gid=
nogroup euid=_apt suid=_apt fsuid=_apt egid=nogroup sgid=nogroup
fsgid=nogroup tty=pts1 ses=1 comm=apt-key exe=/bin/dash
subj=root:sysadm_r:apt_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(04/19/17 15:47:25.787:887) : avc: denied { search
} for pid=20685 comm=apt-key name=system dev="sda1" ino=262743
scontext=root:sysadm_r:apt_t:s0-s0:c0.c1023
tcontext=system_u:object_r:systemd_unit_t:s0 tclass=dir pe
rmissive=0
Maybe apt could changes his working directory to ~ (the users home
root) or / (the root node)?
Reply to: