[Resolvconf-devel] Bug#832394: Broken $PATH is propagated to hook scripts
Robert Edmonds
edmonds at debian.org
Mon Jul 25 00:45:15 UTC 2016
Package: resolvconf
Version: 1.79
Severity: important
The /sbin/resolvconf script resets the PATH environment variable to
"/sbin:/bin" before running update scripts. This breaks at least the
postfix package's update-libc.d script:
==> /etc/resolvconf/update-libc.d/postfix <==
#!/bin/sh -e
# we only need to copy this in if the service is already running.
# if it's not running, it'll get picked up by the init script on start.
service postfix status >/dev/null 2>&1 || exit 0
QUEUEDIR="$(/usr/sbin/postconf -h queue_directory 2>/dev/null || true)"
if [ -n "$QUEUEDIR" ]; then
cp /etc/resolv.conf ${QUEUEDIR}/etc/resolv.conf
service postfix reload >/dev/null 2>&1 || exit 0
fi
exit 0
The 'service' command is located in /usr/sbin, so it isn't found when
the update-libc.d script runs under resolvconf. The script silently
exits instead without executing its update of the postfix chroot's copy
of /etc/resolv.conf.
On an up-to-date sid system with unbound 1.5.9-1, postfix 3.1.0-4, and
resolvconf 1.79, I get the following resolv.conf file contents after
booting the system:
root at unbound:~# head -9999 /etc/resolv.conf /var/spool/postfix/etc/resolv.conf
==> /etc/resolv.conf <==
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
==> /var/spool/postfix/etc/resolv.conf <==
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
root at unbound:~#
--
Robert Edmonds
edmonds at debian.org
More information about the Resolvconf-devel
mailing list