Debian Bug report logs -
#18567
dpkg: clean environment (PATH, etc) for maintainer scripts
Reply or subscribe to this bug.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Klee Dienes and Ian Jackson <dpkg-maint@chiark.greenend.org.uk>
:
Bug#18567
; Package dpkg
.
(full text, mbox, link).
Acknowledgement sent to vojta@math.berkeley.edu (Paul Vojta)
:
New bug report received and forwarded. Copy sent to Klee Dienes and Ian Jackson <dpkg-maint@chiark.greenend.org.uk>
.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: dpkg
Version: 1.4.0.19
The dpkg program does not set the PATH variable before running installation
scripts.
The way it affected me is as follows:
I installed version 0.9 beta of teTeX from its source (not the Debian package),
and put its binary directory early in my search path. A little while later
I tried to install sharutils:
dpkg --install sharutils-*.deb
It could not install, because the install script for sharutils invoked
install-info, and got the teTeX version of this command instead of the
system version.
IMHO, failure to initialize the environment correctly is a bug waiting
to happen, whether from my situation or from any number of other causes.
Sincerely,
Paul Vojta
vojta@math.berkeley.edu
Information forwarded to debian-bugs-dist@lists.debian.org, Dpkg Development <debian-dpkg@lists.debian.org>, dpkg@packages.qa.debian.org
:
Bug#18567
; Package dpkg
.
(full text, mbox, link).
Acknowledgement sent to Thomas Hood <jdthood@yahoo.co.uk>
:
Extra info received and forwarded to list. Copy sent to Dpkg Development <debian-dpkg@lists.debian.org>, dpkg@packages.qa.debian.org
.
(full text, mbox, link).
Message #10 received at 18567@bugs.debian.org (full text, mbox, reply):
Being able to set the PATH for dpkg might be considered
a feature, not a bug.
--
Thomas Hood
Message sent on to vojta@math.berkeley.edu (Paul Vojta)
:
Bug#18567.
(full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Dpkg Development <debian-dpkg@lists.debian.org>, dpkg@packages.qa.debian.org
:
Bug#18567
; Package dpkg
.
(full text, mbox, link).
Acknowledgement sent to Paul Vojta <vojta@Math.Berkeley.EDU>
:
Extra info received and forwarded to list. Copy sent to Dpkg Development <debian-dpkg@lists.debian.org>, dpkg@packages.qa.debian.org
.
(full text, mbox, link).
Message #18 received at 18567@bugs.debian.org (full text, mbox, reply):
> Being able to set the PATH for dpkg might be considered
> a feature, not a bug.
Only if it's done intentionally.
E.g.:
bash% DPKG_PATH=... dpkg -i foobar.deb
--Paul Vojta, vojta@math.berkeley.edu
Information forwarded to dpkg@packages.qa.debian.org
:
Bug#18567
; Package dpkg
.
(full text, mbox, link).
Acknowledgement sent to Paul Vojta <vojta@Math.Berkeley.EDU>
:
Extra info received and filed, but not forwarded. Copy sent to dpkg@packages.qa.debian.org
.
(full text, mbox, link).
Information forwarded to debian-bugs-dist@lists.debian.org, Dpkg Development <debian-dpkg@lists.debian.org>, dpkg@packages.qa.debian.org
:
Bug#18567
; Package dpkg
.
(full text, mbox, link).
Acknowledgement sent to Thomas Hood <jdthood@yahoo.co.uk>
:
Extra info received and forwarded to list. Copy sent to Dpkg Development <debian-dpkg@lists.debian.org>, dpkg@packages.qa.debian.org
.
(full text, mbox, link).
Message #28 received at 18567@bugs.debian.org (full text, mbox, reply):
On Wed, 2002-10-09 at 20:17, Paul Vojta wrote:
> > Being able to set the PATH for dpkg might be considered
> > a feature, not a bug.
>
> Only if it's done intentionally.
> E.g.: bash% DPKG_PATH=... dpkg -i foobar.deb
dpkg can't know how the path was set.
Still, I think you are right that the packaging system
should be able to find its own components when the
user sets the PATH.
Information forwarded to debian-bugs-dist@lists.debian.org, Dpkg Development <debian-dpkg@lists.debian.org>, dpkg@packages.qa.debian.org
:
Bug#18567
; Package dpkg
.
(full text, mbox, link).
Acknowledgement sent to Paul Vojta <vojta@Math.Berkeley.EDU>
:
Extra info received and forwarded to list. Copy sent to Dpkg Development <debian-dpkg@lists.debian.org>, dpkg@packages.qa.debian.org
.
(full text, mbox, link).
Message #33 received at 18567@bugs.debian.org (full text, mbox, reply):
> Subject: Re: Bug#18567: 18567 -- bug or feature?
> From: Thomas Hood <jdthood@yahoo.co.uk>
> To: Paul Vojta <vojta@Math.Berkeley.EDU>
> Cc: 18567@bugs.debian.org
> Date: 10 Oct 2002 09:54:58 +0200
>
> On Wed, 2002-10-09 at 20:17, Paul Vojta wrote:
> > > Being able to set the PATH for dpkg might be considered
> > > a feature, not a bug.
> >
> > Only if it's done intentionally.
> > E.g.: bash% DPKG_PATH=... dpkg -i foobar.deb
>
> dpkg can't know how the path was set.
Please look at my example again. Of course, dpkg can't know how the
environment variable DPKG_PATH was set, either, but it's more forgivable
for dpkg to act on environment variables if they begin with the characters
DPKG_.
IMHO, it would be better for dpkg to set its own path. If people want
to set the path for dpkg to use (e.g., for testing), then dpkg should
provide a way to do this, such as:
(1) a command-line option,
(2) an environment variable *specific to dpkg*, or
(3) a configuration file.
> Still, I think you are right that the packaging system
> should be able to find its own components when the
> user sets the PATH.
--Paul Vojta, vojta@math.berkeley.edu
Information forwarded to debian-bugs-dist@lists.debian.org, Dpkg Development <debian-dpkg@lists.debian.org>, dpkg@packages.qa.debian.org
:
Bug#18567
; Package dpkg
.
(full text, mbox, link).
Acknowledgement sent to Graham Wilson <bob@decoy.wox.org>
:
Extra info received and forwarded to list. Copy sent to Dpkg Development <debian-dpkg@lists.debian.org>, dpkg@packages.qa.debian.org
.
(full text, mbox, link).
Message #38 received at 18567@bugs.debian.org (full text, mbox, reply):
On Thu, Oct 10, 2002 at 09:54:58AM +0200, Thomas Hood wrote:
> On Wed, 2002-10-09 at 20:17, Paul Vojta wrote:
> > > Being able to set the PATH for dpkg might be considered
> > > a feature, not a bug.
> >
> > Only if it's done intentionally.
> > E.g.: bash% DPKG_PATH=... dpkg -i foobar.deb
>
> dpkg can't know how the path was set.
>
> Still, I think you are right that the packaging system
> should be able to find its own components when the
> user sets the PATH.
why does dpkg not use absolute pathnames?
--
gram
Information forwarded to debian-bugs-dist@lists.debian.org, Dpkg Development <debian-dpkg@lists.debian.org>, dpkg@packages.qa.debian.org
:
Bug#18567
; Package dpkg
.
(full text, mbox, link).
Acknowledgement sent to Adam Heath <doogie@debian.org>
:
Extra info received and forwarded to list. Copy sent to Dpkg Development <debian-dpkg@lists.debian.org>, dpkg@packages.qa.debian.org
.
(full text, mbox, link).
Message #43 received at 18567@bugs.debian.org (full text, mbox, reply):
On Fri, 11 Oct 2002, Graham Wilson wrote:
> On Thu, Oct 10, 2002 at 09:54:58AM +0200, Thomas Hood wrote:
> > On Wed, 2002-10-09 at 20:17, Paul Vojta wrote:
> > > > Being able to set the PATH for dpkg might be considered
> > > > a feature, not a bug.
> > >
> > > Only if it's done intentionally.
> > > E.g.: bash% DPKG_PATH=... dpkg -i foobar.deb
> >
> > dpkg can't know how the path was set.
> >
> > Still, I think you are right that the packaging system
> > should be able to find its own components when the
> > user sets the PATH.
>
> why does dpkg not use absolute pathnames?
So the admin can control what dpkg calls. Also, maintainer scripts don't
hard-code paths.
Information forwarded to dpkg@packages.qa.debian.org
:
Bug#18567
; Package dpkg
.
(full text, mbox, link).
Acknowledgement sent to Thomas Hood <jdthood@yahoo.co.uk>
:
Extra info received and filed, but not forwarded. Copy sent to dpkg@packages.qa.debian.org
.
(full text, mbox, link).
Message #48 received at 18567-quiet@bugs.debian.org (full text, mbox, reply):
Walter Tautz <wtautz@math.uwaterloo.ca> wrote on debian-devel:
> on our systems we sometime have local software that may have commands
> with the same name as debian commands....i.e. I have noticed that
> certain packages fail to install if they rely on the external
> PATH settings...granted on most pure debian systems this is not
> a problem but....shouldn't the post install scripts set the PATH or
> better yet dpkg?
This issue was raised in bug report #18567 (4 years and 238 days old).
--
Thomas Hood
Tags added: wontfix
Request was from Thomas Hood <jdthood@yahoo.co.uk>
to control@bugs.debian.org
.
(full text, mbox, link).
Information forwarded to dpkg@packages.qa.debian.org
:
Bug#18567
; Package dpkg
.
(full text, mbox, link).
Acknowledgement sent to Thomas Hood <jdthood@yahoo.co.uk>
:
Extra info received and filed, but not forwarded. Copy sent to dpkg@packages.qa.debian.org
.
(full text, mbox, link).
Message #55 received at 18567-quiet@bugs.debian.org (full text, mbox, reply):
tags 18567 wontfix
thanks
Brian May wrote on debian-devel:
> I am not about to provide any solutions here
The most recent discussion starts at
http://marc.theaimsgroup.com/?l=debian-devel&m=103470858629390&w=2
or
http://lists.debian.org/debian-devel/2002/debian-devel-200210/msg00941.html
Forcibly Merged 18567 631081.
Request was from Guillem Jover <guillem@debian.org>
to control@bugs.debian.org
.
(Sun, 26 Jun 2011 23:03:08 GMT) (full text, mbox, link).
Changed Bug title to 'dpkg: clean environment (PATH, etc) for maintainer scripts' from 'dpkg doesn't set PATH for running scripts'
Request was from Guillem Jover <guillem@debian.org>
to control@bugs.debian.org
.
(Sun, 26 Jun 2011 23:03:09 GMT) (full text, mbox, link).
Information forwarded
to debian-bugs-dist@lists.debian.org, Dpkg Developers <debian-dpkg@lists.debian.org>
:
Bug#18567
; Package dpkg
.
(Sat, 06 Apr 2019 05:00:03 GMT) (full text, mbox, link).
Acknowledgement sent
to MK <phyre@rogers.com>
:
Extra info received and forwarded to list. Copy sent to Dpkg Developers <debian-dpkg@lists.debian.org>
.
(Sat, 06 Apr 2019 05:00:03 GMT) (full text, mbox, link).
Message #64 received at 18567@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
I know this is a wontfix, but maybe this should be reconsidered in light of buster’s changes?
With the switch of su as referenced here: https://sources.debian.org/src/util-linux/2.33.1-0.1/debian/util-linux.NEWS , there is no reason why dpkg shouldn’t add /sbin and /usr/sbin to the back of the path, after any other user-defined path entries which would override it.
Supposedly “dpkg ensures that the PATH is set to a reasonable value” but it’s certainly failing in this case. No harm is done- only benefit. With the new ‘su’ as people get used to it, we’re going to see lots of failures. Failures that could incorrectly configure packages and lead to more bugs due to configuration issues. Bugs like this one ( https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926449 )
> Upgrading from 3.4.4 to 3.4.5-1, I see the following messages after a 'su'
> to root Preconfiguring packages ...
> Can't exec "postconf": No such file or directory at
> /tmp/postfix.config.swGX60 line 220, <STDIN> line 14. Can't exec
> "postconf": No such file or directory at /tmp/postfix.config.swGX60 line
> 284, <STDIN> line 16. Can't exec "postconf": No such file or directory at
> /tmp/postfix.config.swGX60 line 386, <STDIN> line 21.
Scott Kitterman’s comment when this bug was reported I think accurately points to this bug (thank you Scott)
“If there is a bug here, it's probably in dpkg. I think that the postfix package is aligned to policy and Debian best practices. See below. Please review and consider if this should be reassigned.
Here's an extract from policy 6.1:
Programs called from maintainer scripts should not normally have a path prepended to them. Before installation is started, the package management system checks to see if the programs ldconfig, start-stop-daemon, and update-rc.d can be found via the PATH environment variable. Those programs, and any other program that one would expect to be in the PATH, should thus be invoked
without an absolute pathname. Maintainer scripts should also not reset the
PATH, though they might choose to modify it by prepending or appending
package-specific directories. These considerations really apply to all shell
scripts.
There is a related lintian [1] check which says, in part:
Programs called from maintainer scripts normally should not have a path
prepended. dpkg ensures that the PATH is set to a reasonable value, and
prepending a path may prevent the local administrator from using a replacement
version of a command for some local reason.
[1] https://lintian.debian.org/tags/command-with-path-in-maintainer-script.html
[Message part 2 (text/html, inline)]
Marked as found in versions dpkg/1.19.7.
Request was from Guillem Jover <guillem@debian.org>
to control@bugs.debian.org
.
(Sat, 15 Oct 2022 13:57:04 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Fri Apr 19 01:16:34 2024;
Machine Name:
bembo
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.