Date: Mon, 27 May 2013 16:19:05 -0500 From: sindrome <sindrome@gmail.com> To: Chris Rees <utisoft@gmail.com> Cc: Simon Wright <simon.wright@gmx.net>, FreeBSD Mailing List <freebsd-ports@freebsd.org> Subject: Re: Why does Samba requires 777 permissions on /tmp Message-ID: <CAFzAeSfYsD3ANp_wKFLAY5rG3=m0cjhbnstn6J%2BMaddRzMCnFw@mail.gmail.com> In-Reply-To: <CADLo838H0qN0r%2BhZd=Rs6AgXYFupv7uBzA85Z=3V6G11rQEJHw@mail.gmail.com> References: <CAFzAeSdgRotc34%2BeyfVHZBA-QGUCWJ1MZDYw1ysRxEV9MhG2BQ@mail.gmail.com> <8661yedqyy.wl%poyopoyo@puripuri.plala.or.jp> <CAFzAeSe4YTdUiqcxSDUGDf6fQEeDK_sDVYym1hsck8fms8kJqA@mail.gmail.com> <20130520143853.79242743@raksha.tavi.co.uk> <519A9C7D.3040101@gmx.net> <CAFzAeSd_LnkCSjzSyj8DJLNiDrSjma=vt4Jsbcmo5MFOKyZC8g@mail.gmail.com> <CADLo838H0qN0r%2BhZd=Rs6AgXYFupv7uBzA85Z=3V6G11rQEJHw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Chris,
That did it! Thanks so much for the help. Just in case if anyone else is
reading this long thread, you cannot have a colon period (:.) at the end of
your path....meaning do not include the current directory as part of the
$path
On Mon, May 27, 2013 at 3:54 PM, Chris Rees <utisoft@gmail.com> wrote:
>
> On 27 May 2013 20:45, "sindrome" <sindrome@gmail.com> wrote:
> >
> > Hi Guys,
> >
> > I just got home from being out of town and the problem still persists
> even
> > after I removed . from my path.
> >
> > echo $PATH
> >
> /bin:/usr/lib:/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/home/sindrome/.gnupg:/home/sindrome/bin:/home/sindrome/docs:/home/sindrome/docs/info:/home/sindrome/docs/config:/sbin:/bin:/etc:/usr/bin:/usr/games:/usr/local/sbin:/usr/local/bin:
>
> Remove the trailing : too?
>
> Chris
>
> > Here's what I get when I portupgrade an outdated port.
> >
> >
> > /usr/local/lib/ruby/site_ruby/1.8/pkgtools/pkgtools.rb:483: warning:
> > Insecure world writable dir /tmp/ in PATH, mode 041777
> > /usr/local/lib/ruby/site_ruby/1.8/pkgtools/pkgtools.rb:1170: warning:
> > Insecure world writable dir /tmp/ in PATH, mode 041777
> > /usr/local/lib/ruby/site_ruby/1.8/pkgtools/pkgmisc.rb:108: warning:
> > Insecure world writable dir /tmp/ in PATH, mode 041777
> > /usr/local/lib/ruby/site_ruby/1.8/pkgtools/pkgtools.rb:483: warning:
> > Insecure world writable dir /tmp/ in PATH, mode 041777
> >
> >
> >
> > On Mon, May 20, 2013 at 4:58 PM, Simon Wright <simon.wright@gmx.net>
> wrote:
> >
> > > On 20/05/2013 15:38, Bob Eager wrote:
> > >
> > >> On Mon, 20 May 2013 08:03:09 -0500
> > >> sindrome <sindrome@gmail.com> wrote:
> > >>
> > >> What I think is happening is that portupgrade is building and running
> > >> shell scripts in /tmp. It's running them with (in ruby):
> > >>
> > >> system('/tmp/script') [roughly]
> > >>
> > >> The ruby runtime is checking the *path-to-the-command* and THAT is
> what
> > >> it's complaining about.
> > >>
> > >> Try setting PKG_TMPDIR (in pkgtools.conf) to some suitable non world
> > >> writable temporary directory.
> > >>
> > >> I have an older ports tree on this machine or I'd try it myself. I had
> > >> to download the latest sources to check all this,
> > >>
> > >
> > > Trying to summarise what I've tested here with the results.
> > >
> > > My PKG_TMPDIR and TMPDIR are set to /var/tmp:
> > >
> > > pkgtools.conf:
> > >
> > > ENV['TMPDIR'] ||= '/var/tmp'
> > > ENV['PKG_TMPDIR'] ||= '/var/tmp'
> > > ENV['PORTSDIR'] ||= '/usr/ports'
> > > ENV['PACKAGES'] ||= ENV['PORTSDIR'] + '/packages'
> > >
> > > from /usr/local/etc/sudoers:
> > > # Uncomment if needed to preserve environmental variables related to
> the
> > > # FreeBSD pkg_* utilities and fetch.
> > > Defaults env_keep += "PKG_PATH PKG_DBDIR PKG_TMPDIR TMPDIR
> > > PACKAGEROOT PACKAGESITE PKGDIR FTP_PASSIVE_MODE"
> > >
> > > [simon@vmserver04 ~]$ ls -ld /var/tmp
> > > drwxrwxr-t 9 root wheel 33280 May 20 23:02 /var/tmp/
> > >
> > > Note: /var/tmp is not world writeable
> > >
> > > [simon@vmserver04 ~]$ echo $PATH
> > > /sbin:/bin:/usr/sbin:/usr/bin:**/usr/games:/usr/local/sbin:/**
> > > usr/local/bin:/usr/X11R6/bin:/**usr/local/scripts:
> > >
> > > root@vmserver04:/root # echo $PATH
> > > /sbin:/bin:/usr/sbin:/usr/bin:**/usr/games:/usr/local/sbin:/**
>
> > > usr/local/bin:/root/bin
> > >
> > > I run portupgrade via sudo but both $PATH's show no /tmp or .
> > >
> > > [simon@vmserver04 ~]$ ruby -v
> > > ruby 1.8.7 (2012-10-12 patchlevel 371) [amd64-freebsd9]
> > >
> > > portupgrade-2.4.10.5_1,2 FreeBSD ports/packages administration and
> > > management tool s
> > >
> > > Other (not likely) relevant stuff:
> > > - I have /usr/ports mounted rw with NFS
> > > - I have the packages directory mounted rw with NFS and amd then
> redefine
> > > $PACKAGES to point to the mount point
> > > This has been working for several years with no issues
> > >
> > > [simon@vmserver04 ~]$ sudo portupgrade -v portupgrade*
> > > ---> Reading default options: -v -D -l /var/tmp/portupgrade.results_
>
> > > 20130520-22:**56:25 -L /var/tmp/portupgrade/%s::%s.**log
> > > ---> Session started at: Mon, 20 May 2013 22:56:26 +0200
> > > ** None has been installed or upgraded.
> > > ---> Saving the results to '/var/tmp/portupgrade.results_20130520-22
> **
> > > :56:25'
> > > /usr/local/lib/ruby/site_ruby/**1.8/pkgtools/pkgtools.rb:483: warning:
>
> > > Insecure world writable dir /tmp/ in PATH, mode 041777
> > >
> > > Still the complaint about /tmp/
> > >
> > > [simon@vmserver04 ~]$ sudo chmod 1775 /tmp
> > >
> > > [simon@vmserver04 ~]$ ls -ld /tmp
> > > drwxrwxr-t 9 root wheel 1024 May 20 23:16 /tmp/
> > >
> > > [simon@vmserver04 ~]$ sudo portupgrade -v portupgrade*
> > > ---> Reading default options: -v -D -l /var/tmp/portupgrade.results_
>
> > > 20130520-23:**16:07 -L /var/tmp/portupgrade/%s::%s.**log
> > > ---> Session started at: Mon, 20 May 2013 23:16:07 +0200
> > > ** None has been installed or upgraded.
> > > ---> Saving the results to '/var/tmp
> > > /portupgrade.results_20130520-23:16:07'
> > > ---> Session ended at: Mon, 20 May 2013 23:16:08 +0200 (consumed
> 00:00:00)
> > >
> > > No more complaint.
> > >
> > > I can't read the portupgrade code well enough to see what it's doing
> with
> > > the script, but if Bob is right that Ruby is running the portupgrade
> > > commands from /tmp then the error is within the checks in Ruby which is
> > > saying the 777 permission on /tmp is not acceptable, 775 *is*
> acceptable.
> > > Which is strange since surely then everyone with 777 permissions on
> /tmp
> > > would be seeing this message? Does this get us any further?
> > >
> > > Thanks for all the input, it is appreciated.
> > >
> > > Cheers
> > >
> > > Simon.
> > >
> > > ______________________________**_________________
> > > freebsd-ports@freebsd.org mailing list
> > > http://lists.freebsd.org/**mailman/listinfo/freebsd-ports<;
> http://lists.freebsd.org/mailman/listinfo/freebsd-ports>;
> > > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@**
> freebsd.org<freebsd-ports-unsubscribe@freebsd.org>
>
> > > "
> > >
> > _______________________________________________
> > freebsd-ports@freebsd.org mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-ports
> > To unsubscribe, send any mail to "freebsd-ports-unsubscribe@freebsd.org"
> >
>
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFzAeSfYsD3ANp_wKFLAY5rG3=m0cjhbnstn6J%2BMaddRzMCnFw>