My workaround uses a dedicated directory for apt that is noexec as well
but becomes temporally during installs:
/etc/fstab:
tmpfs /tmp tmpfs defaults,noatime,nosuid,nodev,noexec,mode=1777,size=512M 0 0
tmpfs /var/tmp/apt tmpfs
defaults,noatime,nosuid,nodev,noexec,mode=1777,size=512M 0 0
/etc/apt/apt.conf.d/71tmpapt (or whatever):
DPkg
{
Pre-Invoke { "mount /var/tmp/apt -o remount,exec" };
Post-Invoke { "mount /var/tmp/apt -o remount,noexec" };
};
APT::ExtractTemplates::TempDir "/var/tmp/apt";
Since the mount point must(?) exist for any mount point specified in
/etc/fstab I put the apt dir into /var/tmp because its contents are
persistent (unlike /tmp's). It's not very throughly tested yet... ymmv.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to debconf in Ubuntu.
https://bugs.launchpad.net/bugs/90085
Title:
When /tmp is mounted noexec, preconfigure fails
Status in debconf package in Ubuntu:
Triaged
Status in debconf package in Debian:
Confirmed
Bug description:
Binary package hint: mysql-server
/tmp mounted noexec, this ensues:
Preconfiguring packages ...
Can't exec "/tmp/mysql-server-5.0.config.89611": Permission denied at
/usr/share/perl/5.8/IPC/Open3.pm line 168.
open2: exec of /tmp/mysql-server-5.0.config.89611 configure failed at
/usr/share/perl5/Debconf/ConfModule.pm line 57
mysql-server-5.0 failed to preconfigure, with exit status 2
ace
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/debconf/+bug/90085/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
