Bug#919644: systemd: Postinstall script calls systemd-tmpfiles with absolute paths

Julian Dammann support at math.uni-bonn.de
Fri Jan 18 08:32:21 GMT 2019 

Package: systemd
Version: 232-25+deb9u8
Severity: important

Dear Maintainer,

The systemd postinstall script calls 'systemd-tmpfiles --create' with absolute paths, e.g. /usr/lib/tmpfiles.d/home.conf .
As absolute paths are used, the system administrator can not overrule those settings using config files in /etc/tmpfiles.d .

We noticed this behaviour, as systemd-tmpfiles tries to change permissions of /home, which fails in our case as it is an NFS mount.
So in our case our permission policy is not effectivly violated, however, other users might not be in this situation.

Using only basename filenames instead, e.g. 'systemd-tmpfiles --create home.conf [...]', would allow both the debian postinstall script to specify configuration files to be evaluated by systemd-tmpfiles,
as well as the administrator to override settings of those configuration files. See also 'man systemd-tmpfiles'.

-- Package-specific info:

-- System Information:
Debian Release: 9.6
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.124.wap (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages systemd depends on:
ii  adduser         3.115
ii  libacl1         2.2.52-3+b1
ii  libapparmor1    2.11.0-3+deb9u2
ii  libaudit1       1:2.6.7-2
ii  libblkid1       2.29.2-1+deb9u1
ii  libc6           2.24-11+deb9u4~mi
ii  libcap2         1:2.25-1
ii  libcryptsetup4  2:1.7.3-4
ii  libgcrypt20     1.7.6-2+deb9u3
ii  libgpg-error0   1.26-2
ii  libidn11        1.33-1
ii  libip4tc0       1.6.0+snapshot20161117-6
ii  libkmod2        23-2
ii  liblz4-1        0.0~r131-2+b1
ii  liblzma5        5.2.2-1.2+b1
ii  libmount1       2.29.2-1+deb9u1
ii  libpam0g        1.1.8-3.6
ii  libseccomp2     2.3.1-2.1+deb9u1
ii  libselinux1     2.6-3+b3
ii  libsystemd0     232-25+deb9u8
ii  mount           2.29.2-1+deb9u1
ii  procps          2:3.3.12-3+deb9u1
ii  util-linux      2.29.2-1+deb9u1

Versions of packages systemd recommends:
ii  dbus            1.10.26-0+deb9u1
ii  libpam-systemd  232-25+deb9u8

Versions of packages systemd suggests:
ii  policykit-1        0.105-18+deb9u1
pn  systemd-container  <none>
pn  systemd-ui         <none>

Versions of packages systemd is related to:
pn  dracut           <none>
ii  initramfs-tools  0.130
ii  udev             232-25+deb9u8

-- Configuration Files:
/etc/systemd/journald.conf changed [not included]
/etc/systemd/logind.conf changed [not included]

-- no debconf information

More information about the Pkg-systemd-maintainers mailing list