Getting rid of /bin has broken amgtar
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
amanda (Debian) |
New
|
Unknown
|
|||
amanda (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
amgtar checks the realpath (i.e., resolving symlinks) before running sensitive binaries such as /bin/tar with elevated privileges. Moving the tar binary from /bin/tar to /usr/bin/tar breaks this check.
This results in the following error when trying to run /bin/tar under privilege:
amgtar: '/bin/tar' binary is not secure
The obvious fix is to change the compiled-in tar path to /usr/bin/tar instead of /bin/tar. This can be done by passing the GNUTAR environment variable to the configure script.
As a workaround, one may update /etc/amanda-
ProblemType: Bug
DistroRelease: Ubuntu 19.04
Package: amanda-common 1:3.5.1-2build2
ProcVersionSign
Uname: Linux 5.0.0-21-generic x86_64
ApportVersion: 2.20.10-0ubuntu27.1
Architecture: amd64
CurrentDesktop: KDE
Date: Sat Jul 27 16:52:58 2019
SourcePackage: amanda
UpgradeStatus: No upgrade log present (probably fresh install)
modified.
Changed in amanda (Debian): | |
status: | Unknown → New |