Package: tmpreaper Version: 1.6.13+nmu1+deb9u1+b1 Severity: normal Tags: d-i patch
Dear Maintainer, current version od /etc/cron.daily/tmpreaper shell-expands TMPREAPER_PROTECT_EXTRA content before passing it to /usr/sbin/tmpreaper using "--protect" option. This may cause some patterns to be ignored by tmpreaper when using *relative* paths, if they happen to match any file in the current working directory (/root if run by cron). A quick fix would be ton add a "set -o noglob" a the proper place in the script (as in suggested patch). A better way would be to use a shell array to declare TMPREAPER_PROTECT_EXTRA items, but this beaks compatibility. Suggested patch: --- /etc/cron.daily/tmpreaper.orig 2008-05-26 18:39:01.000000000 +0200 +++ /etc/cron.daily/tmpreaper 2019-05-22 16:17:53.571043378 +0200 @@ -95,6 +95,7 @@ TMPREAPER_PROTECT_EXTRA=${TMPREAPER_PROTECT_EXTRA:-''} TMPREAPER_DIRS=${TMPREAPER_DIRS:-'/tmp/.'} +set -o noglob nice -n10 tmpreaper --delay=$TMPREAPER_DELAY --mtime-dir --symlinks $TMPREAPER_TIME \ $TMPREAPER_ADDITIONALOPTIONS \ --ctime \ -- System Information: Debian Release: 9.9 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-042stab136.1 (SMP w/8 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: sysvinit (via /sbin/init) Versions of packages tmpreaper depends on: ii debconf [debconf-2.0] 1.5.61 ii libc6 2.24-11+deb9u4 ii libmount1 2.29.2-1+deb9u1 tmpreaper recommends no packages. tmpreaper suggests no packages. -- Configuration Files: /etc/tmpreaper.conf changed: TMPREAPER_PROTECT_EXTRA='/tmp/systemd-private-*/* /var/tmp/systemd-private-*/*' TMPREAPER_DIRS='/tmp/. /var/tmp/.' TMPREAPER_DELAY='256' TMPREAPER_ADDITIONALOPTIONS='--runtime=7200' -- debconf information: * tmpreaper/readsecurity_upgrading: tmpreaper/readsecurity: * tmpreaper/TMPREAPER_TIME: * tmpreaper/confignowexists: