[GH-ISSUE #52] Can't exec within /tmp while running script #22

New issue

Closed

opened 2026-03-03 13:58:26 +03:00 by kerem · 4 comments

kerem commented 2026-03-03 13:58:26 +03:00

Owner

Copy link

Originally created by @onsetsoftware on GitHub (Oct 14, 2019).
Original GitHub issue: https://github.com/konstruktoid/hardening/issues/52

Periodically within the script I get:

Preconfiguring packages ...
Can't exec "/tmp/<SOME-FILENAMEHERE>": Permission denied at /usr/share/perl/5.26/IPC/Open3.pm line 178.
open2: exec of /tmp/<SOME-FILENAMEHERE> configure  failed: Permission denied at /usr/share/perl5/Debconf/ConfModule.pm line 59.

It is not always the same file within the tmp directory, but it is always the same 2 perl scripts. Presumably this is because the noexec flag is set on the tmp partition. Is this correct?

Originally created by @onsetsoftware on GitHub (Oct 14, 2019). Original GitHub issue: https://github.com/konstruktoid/hardening/issues/52 Periodically within the script I get: ``` Preconfiguring packages ... Can't exec "/tmp/<SOME-FILENAMEHERE>": Permission denied at /usr/share/perl/5.26/IPC/Open3.pm line 178. open2: exec of /tmp/<SOME-FILENAMEHERE> configure failed: Permission denied at /usr/share/perl5/Debconf/ConfModule.pm line 59. ``` It is not always the same file within the `tmp` directory, but it is always the same 2 perl scripts. Presumably this is because the `noexec` flag is set on the `tmp` partition. Is this correct?

kerem closed this issue 2026-03-03 13:58:26 +03:00

kerem commented 2026-03-03 13:58:27 +03:00

Author

Owner

Copy link

@konstruktoid commented on GitHub (Oct 14, 2019):

Hi @onsetsoftware, that's correct. Afaik, this hasn't really affected things and after apt has been setup /tmp should remount properly.

<!-- gh-comment-id:541824151 --> @konstruktoid commented on GitHub (Oct 14, 2019): Hi @onsetsoftware, that's correct. Afaik, this hasn't really affected things and after apt has been setup `/tmp` should remount properly.

kerem commented 2026-03-03 13:58:27 +03:00

Author

Owner

Copy link

@onsetsoftware commented on GitHub (Oct 15, 2019):

Hi @konstruktoid, thanks for your reply. So should I assume this is actually not an issue at all? It appears that perhaps packages are not being installed properly?

<!-- gh-comment-id:542105306 --> @onsetsoftware commented on GitHub (Oct 15, 2019): Hi @konstruktoid, thanks for your reply. So should I assume this is actually not an issue at all? It appears that perhaps packages are not being installed properly?

kerem commented 2026-03-03 13:58:27 +03:00

Author

Owner

Copy link

@konstruktoid commented on GitHub (Oct 15, 2019):

That's correct and future packages that need exec on /tmp is remedied by https://github.com/konstruktoid/hardening/blob/master/scripts/10_aptget#L72-L86

<!-- gh-comment-id:542106887 --> @konstruktoid commented on GitHub (Oct 15, 2019): That's correct and future packages that need exec on /tmp is remedied by https://github.com/konstruktoid/hardening/blob/master/scripts/10_aptget#L72-L86

kerem commented 2026-03-03 13:58:28 +03:00

Author

Owner

Copy link

@onsetsoftware commented on GitHub (Oct 15, 2019):

Wonderful. Thanks very much indeed.

<!-- gh-comment-id:542107308 --> @onsetsoftware commented on GitHub (Oct 15, 2019): Wonderful. Thanks very much indeed.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

renovate/github-codeql-action-4.x

v2.2.0

v2.1.0

v2.0.0

v1.0.0

v1.0

Labels

Clear labels   

Stale

  

bug

  

bug

  

bug

  

pull-request

Mirrored from GitHub Pull Request

No labels

Stale

bug

bug

bug

pull-request

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/hardening#22

No description provided.