On Nov 10, Robie Basak <robie.ba...@ubuntu.com> wrote: > Thank you for the report. Adding debian-devel@ and the libpam-tmpdir > maintainer for wider discussion. > > On Thu, Nov 10, 2022 at 12:54:34AM +0000, brian m. carlson wrote: > > On my systems, I use libpam-tmpdir, which provides each user with a > > private temporary directory owned and accessible only by them under > > /tmp/user/UID (e.g., /tmp/user/1000). PAM sets the TMPDIR variable to > > this value upon creating a session. > > > > When I upgrade mysql-server-8.0, it is obviously as root, so TMPDIR is > > set to /tmp/user/0. This value does not work since MySQL doesn't run as > > root, and so MySQL fails to start after upgrade in such a configuration, > > like so: > > I think I understand the problem. > > But are you in essence saying that libpam-tmpdir requires that *every > maintainer script* that runs things as non-root, or starts processes > that do that, unset TMPDIR first? This would not be right, because it is totally valid to set $TMPDIR for the root user too. The real issue here is that TMPDIR, like some other variables, should not be propagated when switching privileges from the user to root.
But here we have ANOTHER issue: whatever ends up initialising mysql does not run as root, but still uses $TMPDIR provided by the root environment. Since there is no guarantee at all that $TMPDIR can be accessed (not just be writeable!) by other users then in this case it is correct to request that the package ignores $TMPDIR. -- ciao, Marco
signature.asc
Description: PGP signature
