[Bug 2075546] Re: Cannot install into target '/tmp/ubuntu-image-XXX/chroot' mounted with noexec or nodev
Paul Mars
2075546 at bugs.launchpad.net
Mon Aug 5 06:57:11 UTC 2024
I see several ways to solve/prevent from this:
- force users setting a workdir (not a great solution I think because it will break existing workflows)
- try to detect if the workdir we selected is unfit to build the image and properly stop the build to inform the user. This way it will keep working on older systems and will force users on newer ones to set a workdir.
- use another default workdir to build the image. Aside from the current working dir I do not see any great candidate we could rely on but maybe I am missing some.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to Ubuntu Image.
https://bugs.launchpad.net/bugs/2075546
Title:
Cannot install into target '/tmp/ubuntu-image-XXX/chroot' mounted with
noexec or nodev
Status in Ubuntu Image:
New
Bug description:
On a fresh oracular installation /tmp is a tmpfs mounted by systemd
tmp.mount which is mounted with nodev permissions. This leads to the
following error when trying to run ubuntu-image:
[0] prepare_gadget_tree
[1] load_gadget_yaml
[2] verify_artifact_names
[3] germinate
[4] create_chroot
Error: Error running debootstrap command "/snap/ubuntu-image/876/usr/sbin/debootstrap --arch arm64 --variant=minbase --include=ca-certificates --components=main,universe,multiverse,restricted oracular /tmp/ubuntu-
image-100185c6-1f8d-4d44-88e8-20fa8b330c1e/chroot http://ports.ubuntu.com/ubuntu-ports/". Error is "exit status 1". Output is:
/snap/ubuntu-image/876/usr/sbin/debootstrap: 1638: cannot create /tmp/ubuntu-image-100185c6-1f8d-4d44-88e8-20fa8b330c1e/chroot/test-dev-null: Permission denied
E: Cannot install into target '/tmp/ubuntu-image-100185c6-1f8d-4d44-88e8-20fa8b330c1e/chroot' mounted with noexec or nodev
Looking at mount this is confirmed:
$ mount | grep /tmp
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,nr_inodes=1048576,inode64)
The offender is the systemd tmp.mount target:
$ systemctl cat tmp.mount
# /usr/lib/systemd/system/tmp.mount
# SPDX-License-Identifier: LGPL-2.1-or-later
#
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
[Unit]
Description=Temporary Directory /tmp
Documentation=https://systemd.io/TEMPORARY_DIRECTORIES
Documentation=man:file-hierarchy(7)
Documentation=https://systemd.io/API_FILE_SYSTEMS
ConditionPathIsSymbolicLink=!/tmp
DefaultDependencies=no
Conflicts=umount.target
Before=local-fs.target umount.target
After=swap.target
[Mount]
What=tmpfs
Where=/tmp
Type=tmpfs
Options=mode=1777,strictatime,nosuid,nodev,size=50%%,nr_inodes=1m
Which is part of the systemd package in oracular:
$ dpkg -S /usr/lib/systemd/system/tmp.mount
systemd: /usr/lib/systemd/system/tmp.mount
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-image/+bug/2075546/+subscriptions
More information about the foundations-bugs
mailing list