--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: initramfs-tools: breaks but continues if /tmp is mounted with noexec option
- From: Axel Beckert <abe@debian.org>
- Date: Tue, 6 Apr 2010 15:08:00 +0200 (CEST)
- Message-id: <20100406130800.601201A4B8@nemo.ontheroad.deuxchevaux.org>
Package: initramfs-tools
Version: 0.94
Severity: normal
/tmp on my EeePC is mounted as follows:
tmpfs on /tmp type tmpfs (rw,noexec,nosuid,nodev)
Starting with initramfs-tools 0.94, mkinitramfs throws a lot of error
messages about without neither stopping nor declaring the packages
which triggered that as being not successfully installed:
[…]
Setting up initramfs-tools (0.94) ...
Installing new version of config file /etc/kernel/postrm.d/initramfs-tools ...
Installing new version of config file /etc/kernel/postinst.d/initramfs-tools ...
Installing new version of config file /etc/initramfs-tools/initramfs.conf ...
Installing new version of config file /etc/initramfs-tools/update-initramfs.conf ...
update-initramfs: deferring update (trigger activated)
[…]
Processing triggers for initramfs-tools ...
update-initramfs: Generating /boot/initrd.img-2.6.33-2-686
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-top/all_generic_ide: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-top/blacklist: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-top/keymap: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-bottom/dropbear: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-bottom/udev: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/local-bottom/cryptopensc: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-premount/devpts: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-premount/dropbear: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/init-premount/udev: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/local-premount/resume: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/local-top/cryptopensc: Permission denied
/usr/sbin/mkinitramfs: 276: /tmp/mkinitramfs_Ck5cpl/scripts/local-top/cryptroot: Permission denied
localepurge: Disk space freed in /usr/share/locale: 0 KiB
[…]
This are possibly two bugs:
1) Fails to stop package installation as well as to mark packages as
not successfully installed if initramfs generation failed. I regard
this as bug with at least severity normal.
2) Breaks if /tmp is mounted noexec. Since caring about a noexec
mounted /tmp is not required by policy, but quite some people use
it, I regard it as bug with severity minor or wishlist. Possibly
related to http://bugs.debian.org/567540.
Feel free to clone this bug into two seperate bugs if you intend to
fix both bugs.
For 2) I suggest to allow the administrator to configure an
alternative temporary directory to use. Another possibility would be
to temporarily remount /tmp with exec. This is how I solved the issue
manually for now, but doing this automatically with scripts feels like
circumventing a possibly deliberately made decision of the local
administrator.
-- Package-specific info:
-- /proc/cmdline
BOOT_IMAGE=/boot/vmlinuz-2.6.33-2-686 root=UUID=75818c63-d8e5-4f92-9e2a-b35221e4076b ro quiet
-- /proc/filesystems
ext3
fuseblk
-- lsmod
Module Size Used by
tcp_diag 612 0
aes_i586 6816 0
aes_generic 25738 1 aes_i586
sco 5889 2
bridge 32977 0
stp 996 1 bridge
bnep 7591 2
rfcomm 24502 1
l2cap 22430 4 bnep,rfcomm
crc16 1027 1 l2cap
bluetooth 35663 6 sco,bnep,rfcomm,l2cap
inet_diag 5938 2 tcp_diag
tun 8955 2
fuse 43964 1
arc4 974 2
ecb 1405 2
ath5k 106605 0
mac80211 125802 1 ath5k
ath 6234 1 ath5k
cfg80211 90741 3 ath5k,mac80211,ath
dm_crypt 9156 0
dm_mod 47420 1 dm_crypt
snd_hda_codec_realtek 168375 1
snd_hda_intel 16923 0
joydev 6778 0
snd_hda_codec 48763 2 snd_hda_codec_realtek,snd_hda_intel
snd_hwdep 4082 1 snd_hda_codec
snd_pcm_oss 28722 0
snd_mixer_oss 10490 1 snd_pcm_oss
snd_pcm 47219 3 snd_hda_intel,snd_hda_codec,snd_pcm_oss
snd_seq_midi 3600 0
snd_rawmidi 12652 1 snd_seq_midi
snd_seq_midi_event 3672 1 snd_seq_midi
snd_seq 35421 2 snd_seq_midi,snd_seq_midi_event
eeepc_laptop 10004 0
sparse_keymap 1767 1 eeepc_laptop
snd_timer 12349 2 snd_pcm,snd_seq
snd_seq_device 3673 3 snd_seq_midi,snd_rawmidi,snd_seq
rfkill 10320 4 bluetooth,cfg80211,eeepc_laptop
uvcvideo 45623 0
snd 34703 11 snd_hda_codec_realtek,snd_hda_intel,snd_hda_codec,snd_hwdep,snd_pcm_oss,snd_mixer_oss,snd_pcm,snd_rawmidi,snd_seq,snd_timer,snd_seq_device
serio_raw 3104 0
led_class 1753 2 ath5k,eeepc_laptop
videodev 27068 1 uvcvideo
tpm_tis 5496 0
v4l1_compat 10314 2 uvcvideo,videodev
tpm 8129 1 tpm_tis
soundcore 3642 1 snd
tpm_bios 3557 1 tpm
psmouse 38755 0
rng_core 2350 0
ac 1640 0
battery 3782 0
pci_hotplug 18127 1 eeepc_laptop
atl2 17852 0
snd_page_alloc 5097 2 snd_hda_intel,snd_pcm
processor 25817 1
evdev 5629 15
ext3 93823 1
jbd 32613 1 ext3
mbcache 3762 1 ext3
usb_storage 30441 0
sd_mod 26607 2
crc_t10dif 1012 1 sd_mod
i915 217679 2
ata_generic 2043 0
drm_kms_helper 18257 1 i915
ahci 27102 0
drm 112447 3 i915,drm_kms_helper
ata_piix 17149 1
i2c_algo_bit 3497 1 i915
uhci_hcd 16149 0
libata 115325 3 ata_generic,ahci,ata_piix
ehci_hcd 27870 0
i2c_core 12265 5 videodev,i915,drm_kms_helper,drm,i2c_algo_bit
intel_agp 20257 1
scsi_mod 102273 3 usb_storage,sd_mod,libata
video 15053 1 i915
usbcore 100734 5 uvcvideo,usb_storage,uhci_hcd,ehci_hcd
nls_base 4541 1 usbcore
output 1196 1 video
button 3598 1 i915
agpgart 19551 2 drm,intel_agp
thermal 9405 0
fan 2506 0
thermal_sys 9402 4 processor,video,thermal,fan
-- /etc/kernel-img.conf
# Kernel image management overrides
# See kernel-img.conf(5) for details
do_symlinks = yes
relative_links = yes
do_bootloader = no
do_bootfloppy = no
do_initrd = yes
link_in_boot = no
postinst_hook = update-grub
postrm_hook = update-grub
-- /etc/initramfs-tools/initramfs.conf
MODULES=most
BUSYBOX=y
KEYMAP=n
COMPRESS=gzip
BOOT=local
DEVICE=eth0
NFSROOT=auto
-- /etc/crypttab
# <target name> <source device> <key file> <options>
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (990, 'unstable'), (600, 'stable'), (500, 'testing'), (110, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.33-2-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages initramfs-tools depends on:
ii cpio 2.11-1 GNU cpio -- a program to manage ar
ii findutils 4.4.2-1 utilities for finding files--find,
ii klibc-utils 1.5.17-4 small utilities built with klibc f
ii module-init-tools 3.12~pre2-2 tools for managing Linux kernel mo
ii udev 151-3 /dev/ and hotplug management daemo
Versions of packages initramfs-tools recommends:
ii busybox 1:1.15.3-2 Tiny utilities for small and embed
initramfs-tools suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Source: initramfs-tools
Source-Version: 0.96.1
We believe that the bug you reported is fixed in the latest version of
initramfs-tools, which is due to be installed in the Debian FTP archive:
initramfs-tools_0.96.1.dsc
to main/i/initramfs-tools/initramfs-tools_0.96.1.dsc
initramfs-tools_0.96.1.tar.gz
to main/i/initramfs-tools/initramfs-tools_0.96.1.tar.gz
initramfs-tools_0.96.1_all.deb
to main/i/initramfs-tools/initramfs-tools_0.96.1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 576678@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Prokop <mika@debian.org> (supplier of updated initramfs-tools package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 08 Jun 2010 15:59:08 +0200
Source: initramfs-tools
Binary: initramfs-tools
Architecture: source all
Version: 0.96.1
Distribution: unstable
Urgency: low
Maintainer: Debian kernel team <debian-kernel@lists.debian.org>
Changed-By: Michael Prokop <mika@debian.org>
Description:
initramfs-tools - tools for generating an initramfs
Closes: 439846 514756 549680 566056 576678 584520
Changes:
initramfs-tools (0.96.1) unstable; urgency=low
.
* hook-functions: Make sure copy_exec hook function does not
exit with a non-zero return value in non-verbose mode.
[Closes: #584520]
* docs/framebuffer: Document mode vs. mode_option option in
framebuffer example script. [Closes: #439846]
* hook-functions: make device name handling for /proc/mdstat
more flexible for MODULES=dep. [Closes: #549680, #514756]
* mkinitramfs / scripts/functions + initramfs-tools.8:
Support dashes inside scripts names. [Closes: #566056]
* hook-functions: handle ubifs in dep_add_modules() and return
since ubifs root is a char device, (see issue #582858).
* mkinitramfs: warn if TMPDIR is mounted noexec + fall back
to not cache run scripts then. [Closes: #576678]
* Add myself to uploaders.
Checksums-Sha1:
d2ca68eba46f9c1b657f2c548ad40dc22072ae95 956 initramfs-tools_0.96.1.dsc
65f8e68b47df99d07bf05bf8fdd0bfcd538d59ff 72727 initramfs-tools_0.96.1.tar.gz
55072e505650c0899721fbb27ec864ce13544338 78782 initramfs-tools_0.96.1_all.deb
Checksums-Sha256:
b3f0e77371a4024514debbb85208143b84622eee098d378be19f2f7bc44779ab 956 initramfs-tools_0.96.1.dsc
70354f9716a402cd3976db9b6dcc47c930283b936bd3b4488cf29d7bee06428e 72727 initramfs-tools_0.96.1.tar.gz
a71d6c1853e82f0077034af1b8cc83f28795d8e353bf391b92be2a49655d7dcf 78782 initramfs-tools_0.96.1_all.deb
Files:
840e650183a79a09e71ffc323190a14a 956 utils optional initramfs-tools_0.96.1.dsc
e9beb8eba07bfaa83f526fdf9dbcd4f3 72727 utils optional initramfs-tools_0.96.1.tar.gz
dc7f9fc53f2ca3eb8e09415c5d961641 78782 utils optional initramfs-tools_0.96.1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iD8DBQFMDl3z2N9T+zficugRAq9kAJ9pZi/7CxyL6pp4CPbsdX3wJycdeQCfbyGy
Auc4PISNwUlPG//g0FK3BKs=
=swkl
-----END PGP SIGNATURE-----
--- End Message ---