Marco Moreno <> changed:

           What    |Removed                     |Added
                 CC|                            |
             Status|RESOLVED                    |REOPENED
         Resolution|WORKSFORME                  |---

--- Comment #40 from Marco Moreno <> ---
This issue is NOT fixed in 17.05.  I'm seeing this now after having upgraded
from 16.11.  However, I've discovered some things that might be helpful.

As Chris mentioned, this appears to be a bug with (IMO).  Perhaps it's
behavior has changed due to this security resolution that forces Perl to die if
a required module is cannot be read when traversing @INC:

According to this post, may attempt to require a module that does not
exist and traverse the entire @INC array:
Evidently, it dies as soon as it encounters a directory it cannot read.

Avoiding '.' in PERL5LIB doesn't really help since Perl already includes '.' in
@INC (also a security concern???).  Working around this means either ensuring
that '.' points to a directory that can be read (e.g. "cd /tmp") or modifying
the @INC array to remove '.' from it.

The latter seems better so I modified the BEGIN block in
/usr/share/koha/bin/ like this:

use strict;
#use warnings; FIXME - Bug 2505

my $module_dir;
    $module_dir = '/usr/share/koha/lib';
    die if $module_dir =~ /^[_]{2}PERL_MODULE_DIR[_]{2}$/;
    @INC = grep {$_ ne '.'} @INC;

use lib $module_dir;


This also allows the change to be in one place and avoid having to insert a 'cd
/tmp' for each cron job.

I'm running Perl 5.22 - I wonder if it's fixed in 5.24.

You are receiving this mail because:
You are watching all bug changes.
Koha-bugs mailing list
website :
git :
bugs :

Reply via email to