Ubuntu
base-config package

base-config: late_command run with TMPDIR not world-writable

Bug #13034 reported by Debian Bug Importer
6
Affects Status Importance Assigned to Milestone
base-config (Debian)
Fix Released
Unknown
base-config (Ubuntu)
Fix Released
High
Colin Watson

Bug Description

Automatically imported from Debian bug report #295687 http://bugs.debian.org/295687

See original description
Revision history for this message
In , Joey Hess (joeyh) wrote : Re: Bug#295687: base-config: late_command run with TMPDIR not world-writable

severity 295687 serious
thanks

Peter Eisentraut wrote:
> Starting ClamAV daemon: LibClamAV Error: cli_cvdload(): Can't create temporary directory /tmp/base-config.1141/clamav-c72....
> [...]
> invoke-rc.d: initscript clamav-daemon action "start" failed.
>
> Although clamav fails to tell why it can't create that directory, I'm pretty
> sure it is because /tmp/base-config.1141 has mode 0755, not 1777 like /tmp
> normally has. ClamAV runs as its own user, so it can't access the TMPDIR,
> where it tries to create its temporary directory.

There's no reason for base-config to need to set TMPDIR, and it seems
that this could break task installation and aptitude runs as well as
preseeded commands, so I consider this bug RC.

--
see shy jo

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Automatically imported from Debian bug report #295687 http://bugs.debian.org/295687

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-Id: <email address hidden>
Date: Thu, 17 Feb 2005 15:02:02 +0100
From: Peter Eisentraut <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: base-config: late_command run with TMPDIR not world-writable

Package: base-config
Version: 2.53.5
Severity: normal

I'm building a custom Debian distribution based on the Debian installer.
I have preseeded a number of debconf settings amongst which
base-config/late_command is set to install some additional packages. It is
set to this value:

mount /cdrom; dpkg --set-selections < /cdrom/get-selections.txt; apt-get -y dselect-upgrade; eject /cdrom

One of the packages installed is clamav-daemon. When its postinst script runs
it tries to start the daemon (standard debhelper code), which fails like this:

Starting ClamAV daemon: LibClamAV Error: cli_cvdload(): Can't create temporary directory /tmp/base-config.1141/clamav-c72....
[...]
invoke-rc.d: initscript clamav-daemon action "start" failed.

Although clamav fails to tell why it can't create that directory, I'm pretty
sure it is because /tmp/base-config.1141 has mode 0755, not 1777 like /tmp
normally has. ClamAV runs as its own user, so it can't access the TMPDIR,
where it tries to create its temporary directory.

In any case, changing the value of base-config/late_command to

TMPDIR=/tmp; export TMPDIR; mount /cdrom; dpkg --set-selections < /cdrom/get-selections.txt; apt-get -y dselect-upgrade; eject /cdrom

makes the problem go away.

Please make sure that TMPDIR has the correct permissions at all times.

Revision history for this message
Debian Bug Importer (debzilla) wrote :

Message-ID: <email address hidden>
Date: Thu, 17 Feb 2005 11:45:31 -0500
From: Joey Hess <email address hidden>
To: Peter Eisentraut <email address hidden>, <email address hidden>,
 <email address hidden>
Subject: Re: Bug#295687: base-config: late_command run with TMPDIR not world-writable

--CE+1k2dSO48ffgeK
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

severity 295687 serious
thanks

Peter Eisentraut wrote:
> Starting ClamAV daemon: LibClamAV Error: cli_cvdload(): Can't create temp=
 orary directory /tmp/base-config.1141/clamav-c72....
> [...]
> invoke-rc.d: initscript clamav-daemon action "start" failed.
>=20
> Although clamav fails to tell why it can't create that directory, I'm pre=
 tty
> sure it is because /tmp/base-config.1141 has mode 0755, not 1777 like /tmp
> normally has. ClamAV runs as its own user, so it can't access the TMPDIR,
> where it tries to create its temporary directory.

There's no reason for base-config to need to set TMPDIR, and it seems
that this could break task installation and aptitude runs as well as
preseeded commands, so I consider this bug RC.

--=20
see shy jo

--CE+1k2dSO48ffgeK
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFCFMord8HHehbQuO8RAiDtAJ4xcuhNcWzHm1f5tHw1svhEriHNCACdG+4j
lYSiMLo/jTc6QPjW8F8e7sU=
=jrG2
-----END PGP SIGNATURE-----

--CE+1k2dSO48ffgeK--

Revision history for this message
In , Joey Hess (joeyh) wrote : Bug#295687: fixed in base-config 2.62
Download full text (3.6 KiB)

Source: base-config
Source-Version: 2.62

We believe that the bug you reported is fixed in the latest version of
base-config, which is due to be installed in the Debian FTP archive:

base-config_2.62.dsc
  to pool/main/b/base-config/base-config_2.62.dsc
base-config_2.62.tar.gz
  to pool/main/b/base-config/base-config_2.62.tar.gz
base-config_2.62_all.deb
  to pool/main/b/base-config/base-config_2.62_all.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Joey Hess <email address hidden> (supplier of updated base-config package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 17 Feb 2005 11:54:36 -0500
Source: base-config
Binary: base-config
Architecture: source all
Version: 2.62
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team <email address hidden>
Changed-By: Joey Hess <email address hidden>
Description:
 base-config - Debian base system configurator
Closes: 288059 291978 295687
Changes:
 base-config (2.62) unstable; urgency=medium
 .
   * Joey Hess
     - Add menu item text for debconf-seed. Closes: #288059
     - The TMPDIR exporting broke some packages like clamav that need it world
       writable. TMPDIR was exported because other base-config menu scripts
       used it, but this is no longer the case, so stop exporting it, and in
       fact, rename the variable to something more descriptive. Closes: #295687
   * Colin Watson
     - Pass 'new' argument to prep-menu after Changes-Menu: too, otherwise
       finish never gets run.
     - apt-setup: Don't fail if we aren't on a tty.
   * Debconf translations
     - French translation update
     - Dutch translation update by Bart Cornelis
     - Portuguese translation by Miguel Figueiredo
     - Danish translation updated by Claus Hindsgaul
     - Japanese translation by Kenshi Muto
     - Tagalog translation by Eric Pareja
     - Greek translation update for Greek by Konstantinos Margaritis
     - Albanian update by Elian Myftiu
     - Basque translation update by Piarres Beobide Egana
     - Ukrainian translation update by Eugeniy Meshcheryakov
     - Lithuanian translation update by Kęstutis biliÅ«nas
     - Russian translation update
     - Spanish translation update
     - Brazilian Portuguese update
     - Romanian update
     - German update
     - Finnish update. Closes: #291978
     - Norwegian Bokmal update.
     - Indonesian update.
     - Arabic updated from Arabeyes CVS
     - Korean update.
     - Traditional Chinese update.
     - Galician update by Jacobo Tarrio
   * Programs translations
     - Indonesian update (plural forms corrected)
     - Arabic updated from Arabeyes CVS
     - Romanian updated
     - Tagalog translation by Eric Pareja
     - Malagasy transl...

Read more...

Revision history for this message
Debian Bug Importer (debzilla) wrote :
Download full text (3.8 KiB)

Message-Id: <email address hidden>
Date: Thu, 17 Feb 2005 12:17:04 -0500
From: Joey Hess <email address hidden>
To: <email address hidden>
Subject: Bug#295687: fixed in base-config 2.62

Source: base-config
Source-Version: 2.62

We believe that the bug you reported is fixed in the latest version of
base-config, which is due to be installed in the Debian FTP archive:

base-config_2.62.dsc
  to pool/main/b/base-config/base-config_2.62.dsc
base-config_2.62.tar.gz
  to pool/main/b/base-config/base-config_2.62.tar.gz
base-config_2.62_all.deb
  to pool/main/b/base-config/base-config_2.62_all.deb

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Joey Hess <email address hidden> (supplier of updated base-config package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 17 Feb 2005 11:54:36 -0500
Source: base-config
Binary: base-config
Architecture: source all
Version: 2.62
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team <email address hidden>
Changed-By: Joey Hess <email address hidden>
Description:
 base-config - Debian base system configurator
Closes: 288059 291978 295687
Changes:
 base-config (2.62) unstable; urgency=medium
 .
   * Joey Hess
     - Add menu item text for debconf-seed. Closes: #288059
     - The TMPDIR exporting broke some packages like clamav that need it world
       writable. TMPDIR was exported because other base-config menu scripts
       used it, but this is no longer the case, so stop exporting it, and in
       fact, rename the variable to something more descriptive. Closes: #295687
   * Colin Watson
     - Pass 'new' argument to prep-menu after Changes-Menu: too, otherwise
       finish never gets run.
     - apt-setup: Don't fail if we aren't on a tty.
   * Debconf translations
     - French translation update
     - Dutch translation update by Bart Cornelis
     - Portuguese translation by Miguel Figueiredo
     - Danish translation updated by Claus Hindsgaul
     - Japanese translation by Kenshi Muto
     - Tagalog translation by Eric Pareja
     - Greek translation update for Greek by Konstantinos Margaritis
     - Albanian update by Elian Myftiu
     - Basque translation update by Piarres Beobide Egana
     - Ukrainian translation update by Eugeniy Meshcheryakov
     - Lithuanian translation update by Kęstutis biliūnas
     - Russian translation update
     - Spanish translation update
     - Brazilian Portuguese update
     - Romanian update
     - German update
     - Finnish update. Closes: #291978
     - Norwegian Bokmal update.
     - Indonesian update.
     - Arabic updated from Arabeyes CVS
     - Korean update.
     - Traditional Chinese update.
     - Galician update by Jacobo Tarrio
  ...

Read more...

Revision history for this message
Colin Watson (cjwatson) wrote :

Fixed in base-config 2.62 in Debian; merge uploaded to Ubuntu as 2.62ubuntu1.

Bug Watch Updater (bug-watch-updater)
Changed in base-config:
status: Unknown → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.