Re: Bug#179125: maintainer scripts tries to exec script in /tmp
On Tue, 2003-02-04 at 09:08, Christian Kurz wrote:
> Hi Oliver,
>
> On [03/02/03 11:00], Oliver Elphick wrote:
> > Explanation: the postinst generates a temporary script for use during
> > installation. Its name is generated with mktemp and it is stored in
> > /tmp; it is deleted by a trap when the postinst terminates.
>
> > On Fri, 2003-01-31 at 00:22, Jamie Wilkinson wrote:
>
> > > Preconfiguring packages ...
> > > Can't exec "/tmp/config.151751": Permission denied at
> > > /usr/share/perl/5.8.0/IPC/Open3.pm line 159.
> > ...
> > > I have /tmp mounted noexec for security reasons.
> > > none on /tmp type tmpfs (rw,noexec,nosuid,nodev,size=500m)
>
> > > You shouldn't rely on being able to execute scripts in /tmp.
>
> I just finished reading the discussion on -devel and somehow had to
> again look at this bug. I was concerned that something obvious might
> have been missed in this discussion. After staring at the transcript for
> some minutes, I think I found it. Look at the first line, it says this:
>
> |Preconfiguring packages ...
>
> As far as I know the postinst script is never called when a package is
> preconfigured but when the installation is finished. So in this case I
> guess it's not your postinst that generates this error. So I guess that
> this message was generated by something else:
>
> |Can't exec "/tmp/config.151751": Permission denied at /usr/share/perl/5.8.0/IPC/Open3.pm line 159.
How easy it is for me to see what I expect to see! Not that the past
discussion has been wasted, because if he hadn't fallen over this, he
would have fallen over the postinst one later.
> Then I remember that I've seen this message in the past and took a look
> at the manpage of apt-extracttemplates. There I found this information:
>
> | template-file and config-script are written to the temporary directory
> | specified by the -t or --tempdir (APT::ExtractTemplates::TempDir>)
> | directory, with filenames of the form template.XXXX and config.XXXX
>
> So I guess that the error message above was generated by debconf which
> wanted to configure the package. I think I've seen the same error
> message, when I had once mounted tmp with noexec on a machine. I might
> be wrong about supposing that it's debconf that fails, but at least I'm
> pretty sure that it's not the postinst. Otherwise I would ask you or
> somebody else to explain to me since when the postinst is run at
> preconfiguration time. Maybe this helps you a bit finding the real
> mistake, since I'm having the feeling that the discussion on -devel
> centered around the wrong assumption.
I'm surprised that he hasn't been bitten by this before, but it is
obviously debconf that is doing it.
> If you want to quote parts of this e-Mail on -devel for the other people
> discussing the issue, I'll give you permission. If I made some mistake
> and my whole analyzation of the situation is false, then I apologize for
> my mistake and accept that I was wrong.
You seem to be entirely correct.
--
Oliver Elphick Oliver.Elphick@lfix.co.uk
Isle of Wight, UK http://www.lfix.co.uk/oliver
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839 932A 614D 4C34 3E1D 0C1C
========================================
"That at the name of Jesus every knee should bow, of
things in heaven, and things in earth, and things
under the earth; And that every tongue should confess
that Jesus Christ is Lord, to the glory of God the
Father." Philippians 2:10,11
Reply to: