Public bug reported:
amgtar checks the realpath (i.e., resolving symlinks) before running
sensitive binaries such as /bin/tar with elevated privileges. Moving the
tar binary from /bin/tar to /usr/bin/tar breaks this check.
This results in the following error when trying to run /bin/tar under privilege:
amgtar: '/bin/tar' binary is not secure
The obvious fix is to change the compiled-in tar path to /usr/bin/tar
instead of /bin/tar. This can be done by passing the GNUTAR environment
variable to the configure script.
As a workaround, one may update /etc/amanda-security.conf file to
whitelist /usr/bin/tar.
ProblemType: Bug
DistroRelease: Ubuntu 19.04
Package: amanda-common 1:3.5.1-2build2
ProcVersionSignature: Ubuntu 5.0.0-21.22-generic 5.0.15
Uname: Linux 5.0.0-21-generic x86_64
ApportVersion: 2.20.10-0ubuntu27.1
Architecture: amd64
CurrentDesktop: KDE
Date: Sat Jul 27 16:52:58 2019
SourcePackage: amanda
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.amandahosts: [inaccessible: [Errno 13] Permission
denied: '/etc/amandahosts']
** Affects: amanda (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug disco
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1838155
Title:
Getting rid of /bin has broken amgtar
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/amanda/+bug/1838155/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
