Ubuntu
amanda package

Getting rid of /bin has broken amgtar

Bug #1838155 reported by Ian Turner
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
amanda (Debian)
New
Unknown
amanda (Ubuntu)
New
Undecided
Unassigned

Bug Description

amgtar checks the realpath (i.e., resolving symlinks) before running sensitive binaries such as /bin/tar with elevated privileges. Moving the tar binary from /bin/tar to /usr/bin/tar breaks this check.

This results in the following error when trying to run /bin/tar under privilege:
amgtar: '/bin/tar' binary is not secure

The obvious fix is to change the compiled-in tar path to /usr/bin/tar instead of /bin/tar. This can be done by passing the GNUTAR environment variable to the configure script.

As a workaround, one may update /etc/amanda-security.conf file to whitelist /usr/bin/tar.

ProblemType: Bug
DistroRelease: Ubuntu 19.04
Package: amanda-common 1:3.5.1-2build2
ProcVersionSignature: Ubuntu 5.0.0-21.22-generic 5.0.15
Uname: Linux 5.0.0-21-generic x86_64
ApportVersion: 2.20.10-0ubuntu27.1
Architecture: amd64
CurrentDesktop: KDE
Date: Sat Jul 27 16:52:58 2019
SourcePackage: amanda
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.amandahosts: [inaccessible: [Errno 13] Permission denied: '/etc/amandahosts']

Revision history for this message
Ian Turner (vectro) wrote :
Bug Watch Updater (bug-watch-updater)
Changed in amanda (Debian):
status: Unknown → New
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.