Bug#576678: initramfs-tools: breaks but continues if /tmp is mounted with noexec option
On Tue, Apr 06, 2010 at 03:08:00PM +0200, Axel Beckert wrote:
> Package: initramfs-tools
> Version: 0.94
> Severity: normal
>
> /tmp on my EeePC is mounted as follows:
>
> tmpfs on /tmp type tmpfs (rw,noexec,nosuid,nodev)
> Starting with initramfs-tools 0.94, mkinitramfs throws a lot of error
> messages about without neither stopping nor declaring the packages
> which triggered that as being not successfully installed:
>
> [???]
> Setting up initramfs-tools (0.94) ...
> Installing new version of config file /etc/kernel/postrm.d/initramfs-tools ...
> Installing new version of config file /etc/kernel/postinst.d/initramfs-tools ...
> Installing new version of config file /etc/initramfs-tools/initramfs.conf ...
> Installing new version of config file /etc/initramfs-tools/update-initramfs.conf ...
> update-initramfs: deferring update (trigger activated)
> [???]
> Processing triggers for initramfs-tools ...
> update-initramfs: Generating /boot/initrd.img-2.6.33-2-686
> /usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-top/all_generic_ide: Permission denied
> /usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-top/blacklist: Permission denied
> /usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-top/keymap: Permission denied
> /usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-bottom/dropbear: Permission denied
> /usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-bottom/udev: Permission denied
> /usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/local-bottom/cryptopensc: Permission denied
> /usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-premount/devpts: Permission denied
> /usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-premount/dropbear: Permission denied
> /usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-premount/udev: Permission denied
> /usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/local-premount/resume: Permission denied
> /usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/local-top/cryptopensc: Permission denied
> /usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/local-top/cryptroot: Permission denied
> localepurge: Disk space freed in /usr/share/locale: 0 KiB
> [???]
this is due to the new precache code,
that runs things so that they don't need to do so on every boot
for better bootspeed.
> This are possibly two bugs:
>
> 1) Fails to stop package installation as well as to mark packages as
> not successfully installed if initramfs generation failed. I regard
> this as bug with at least severity normal.
>
> 2) Breaks if /tmp is mounted noexec. Since caring about a noexec
> mounted /tmp is not required by policy, but quite some people use
> it, I regard it as bug with severity minor or wishlist. Possibly
> related to http://bugs.debian.org/567540.
guess to disable that feature on noexec /tmp and warn about it
is the way to go.
> Feel free to clone this bug into two seperate bugs if you intend to
> fix both bugs.
>
> For 2) I suggest to allow the administrator to configure an
> alternative temporary directory to use. Another possibility would be
> to temporarily remount /tmp with exec. This is how I solved the issue
> manually for now, but doing this automatically with scripts feels like
> circumventing a possibly deliberately made decision of the local
> administrator.
thanks for pointing it out.
mkinitramfs uses TMPDIR, do you have that variable set?
Reply to: