Re: update issue when /tmp is noexec

[Russell Gadd <russ.mail.lists@googlemail.com>]

Thanks Boyd. I've created a file as you suggest. Is there anywhere I can inspect the messages that are generated during an update? I've looked in /var/log and couldn't find anything there, although I may have missed it. It would be nice to see this now working.

Can you answer the other question I asked: is my system likely to need some attention due to not having allowed scripts to execute in /tmp since I installed Lenny? If so what do I need to do (apart from reinstalling from scratch)?

Russell

2009/6/3 Boyd Stephen Smith Jr. <bss@iguanasuicide.net>

In <[🔎] 779b039a0906030932kd76aed9n8692ec6aaef88068@mail.gmail.com">[🔎] 779b039a0906030932kd76aed9n8692ec6aaef88068@mail.gmail.com>, Russell

Gadd wrote:
>For some time now, in order to add a bit of security I have made /tmp
>noexec. However I noticed recently looking at the messages scrolling up
> the screen that some update configuration scripts were failing as they
> were trying to be executed in /tmp. After googling I found this article:
>
>http://www.debian-administration.org/articles/57
>
>Which said to fix this do the following:
>
>Add the following to the file /etc/apt/apt.conf:
>
>  DPkg::Pre-Invoke{"mount -o remount,exec /tmp";};
>  DPkg::Post-Invoke {"mount -o remount /tmp";};
>

>Unfortunately this article was written in 2004, and it seems that there's
> no longer a file /etc/apt/apt.conf

Create a file under the /etc/apt/apt.conf.d directory.

Similar to sources.list, apt.conf can be broken into a base file
/etc/apt/apt.conf and supplementary files in /etc/apt/apt.conf.d; unlike
sources.list, this is the default for apt.conf.

That's what the first paragraph of 'man 5 apt.conf' is trying to say.
--
Boyd Stephen Smith Jr.                   ,= ,-_-. =.
bss@iguanasuicide.net                   ((_/)o o(\_))
ICQ: 514984 YM/AIM: DaTwinkDaddy         `-'(. .)`-'
http://iguanasuicide.net/                    \_/