Debian Bug report logs - #995793
exim4-base: /tmp partition has noexec mount option; exim4-base fails

version graph

Package: apt; Maintainer for apt is APT Development Team <[email protected]>; Source for apt is src:apt (PTS, buildd, popcon).

Reported by: Steve Egbert <[email protected]>

Date: Tue, 5 Oct 2021 19:27:01 UTC

Severity: normal

Merged with 546911

Found in versions apt/1.8.1, apt/0.7.23.1

Full log

Message #5 received at [email protected] (full text, mbox, reply):

Received: (at submit) by bugs.debian.org; 5 Oct 2021 19:22:59 +0000
From [email protected] Tue Oct 05 19:22:59 2021
X-Spam-Checker-Version: SpamAssassin 3.4.2-bugs.debian.org_2005_01_02
	(2018-09-13) on buxtehude.debian.org
X-Spam-Level: 
X-Spam-Status: No, score=-13.6 required=4.0 tests=BAYES_00,FOURLA,HAS_PACKAGE,
	KHOP_HELO_FCRDNS,PDS_RDNS_DYNAMIC_FP,RCVD_IN_PBL,RCVD_IN_SORBS_DUL,
	RDNS_DYNAMIC,SPF_HELO_NONE,SPF_NONE,TXREP,XMAILER_REPORTBUG
	autolearn=ham autolearn_force=no
	version=3.4.2-bugs.debian.org_2005_01_02
X-Spam-Bayes: score:0.0000 Tokens: new, 10; hammy, 150; neutral, 64; spammy,
	0. spammytokens: hammytokens:0.000-+--X-Debbugs-Cc,
	0.000-+--XDebbugsCc, 0.000-+--H*M:reportbug, 0.000-+--H*MI:reportbug,
	0.000-+--sk:taint_u
Return-path: <[email protected]>
Received: from pool-71-121-183-2.bltmmd.fios.verizon.net ([71.121.183.2]:48948 helo=circa.leo)
	by buxtehude.debian.org with esmtp (Exim 4.92)
	(envelope-from <[email protected]>)
	id 1mXq1i-0006ep-Ln
	for [email protected]; Tue, 05 Oct 2021 19:22:59 +0000
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Steve Egbert <[email protected]>
To: Debian Bug Tracking System <[email protected]>
Subject: exim4-base: /tmp partition has noexec mount option; exim4-base fails
Message-ID: <[email protected]>
X-Mailer: reportbug 7.10.3
Date: Tue, 05 Oct 2021 15:22:56 -0400
Delivered-To: [email protected]

Package: exim4-base
Version: 4.94.2-7
Severity: grave
Justification: renders package unusable
X-Debbugs-Cc: [email protected]

Dear Maintainer,

Tried to installed 'exim4-base' after its most recent update and failed.


Implemented a rough draft of CIS Security Debian 11.

The portion about /tmp mount partition having that 'noexec' mount
option.

Well, we will not be able to install exim4-base package anymore 
if this hardening effort continues.

Besides, who is still trying execute a script in /tmp directory.

Correct action is to do 'bash /tmp/your-script' or 'perl
/tmp/your-script'.

Not to execute directly from '/tmp/your-script'.

Best action is not to execute that script directly in /tmp.



-- System Information:
Debian Release: 11.0
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 5.10.46 (SMP w/4 CPU threads)
Kernel taint flags: TAINT_UNSIGNED_MODULE
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

-- no debconf information

Send a report that this bug log contains spam.

Debian bug tracking system administrator <[email protected]>. Last modified: Tue May 13 11:31:26 2025; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU General Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.