Hello Bob, hello list!
On Tue, Dec 21, 2004 at 03:21:00PM +0100, Bob Alexander wrote:
[...]
dpkg (subprocess): unable to execute post-removal script: Permission denied
dpkg: error processing gtkhtml3.2 (--remove):
subprocess post-removal script returned error exit status 2
[...]
/dev/hda10 /tmp ext3 rw,noexec,nosuid,nodev 0 0
"Be careful if setting /tmp noexec when you want to install new
software, since some programs might use it for installation. Apt is
one such program (see http://bugs.debian.org/116448) if not configured
properly APT::ExtractTemplates::TempDir (see apt-extracttemplates(1)).
You can set this variable in /etc/apt/apt.conf to another directory
with exec privileges other than /tmp."
/dev/hda8 /var ext3 rw,noexec,nosuid,nodev 0 0
"(dpkg's) installation (post,pre) and removal (post,pre) scripts are at
/var/lib/dpkg/", so better don't mount it noexec.
See
<http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html#s4.9>
for reference. BTW, the ld-linux trick to circumvent noexec won't work
anymore with recent kernels.
HTH,
Flo