Detected unsafe path transition

greenleafvolatile · 2020-11-19 13:09:50

Hi,

I keep getting "Detected unsafe path transition [...]" warnings when pacman tries to create temporary files.

I did some googling, and came across some cases where the directories in question were not owned by root but by the user. That is not the case here.

Any idea what might be causing this?

Cheers,

 ~ $ sudo pacman -S tomcat8 
resolving dependencies...
looking for conflicting packages...

Package (4)                New Version  Net Change  Download Size

extra/eclipse-ecj          4.6.3-2        1.65 MiB       1.53 MiB
extra/java-commons-daemon  1.2.3-1        0.02 MiB       0.02 MiB
extra/java-jsvc            1.2.3-1        0.06 MiB       0.02 MiB
extra/tomcat8              8.5.60-1       9.71 MiB       5.49 MiB

Total Download Size:    7.07 MiB
Total Installed Size:  11.44 MiB

:: Proceed with installation? [Y/n] Y
:: Retrieving packages...
 java-commons-daemon-1.2.3-1-x86_64               24.6 KiB  0.00   B/s 00:00 [###########################################]   0%
 java-jsvc-1.2.3-1-x86_64                         49.7 KiB  2.43 MiB/s 00:00 [###########################################]   0%
 eclipse-ecj-4.6.3-2-any                        1616.2 KiB  4.34 MiB/s 00:00 [###########################################]  22%
 tomcat8-8.5.60-1-any                              7.1 MiB  5.12 MiB/s 00:01 [###########################################] 100%
(4/4) checking keys in keyring                                               [###########################################] 100%
(4/4) checking package integrity                                             [###########################################] 100%
(4/4) loading package files                                                  [###########################################] 100%
(4/4) checking for file conflicts                                            [###########################################] 100%
(4/4) checking available disk space                                          [###########################################] 100%
:: Processing package changes...
(1/4) installing java-commons-daemon                                         [###########################################] 100%
(2/4) installing java-jsvc                                                   [###########################################] 100%
(3/4) installing eclipse-ecj                                                 [###########################################] 100%
(4/4) installing tomcat8                                                     [###########################################] 100%
Optional dependencies for tomcat8
    tomcat-native: to allow optimal performance in production environments
:: Running post-transaction hooks...
(1/4) Creating system user accounts...
Creating group tomcat8 with gid 57.
Creating user tomcat8 (Tomcat 8 user) with uid 57 and gid 57.
(2/4) Reloading system manager configuration...
(3/4) Creating temporary files...
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /etc during canonicalization of /etc.
Detected unsafe path transition / → /var during canonicalization of /var.
Detected unsafe path transition / → /var during canonicalization of /var/lib.
Detected unsafe path transition / → /var during canonicalization of /var/lib/colord.
Detected unsafe path transition / → /var during canonicalization of /var/lib.
Detected unsafe path transition / → /dev during canonicalization of /dev.
Detected unsafe path transition / → /dev during canonicalization of /dev.
Detected unsafe path transition / → /run during canonicalization of /run.
Detected unsafe path transition / → /run during canonicalization of /run/lock.
Detected unsafe path transition / → /var during canonicalization of /var.
Detected unsafe path transition / → /var during canonicalization of /var/cache.
Detected unsafe path transition / → /run during canonicalization of /run.
Detected unsafe path transition / → /run during canonicalization of /run.
Detected unsafe path transition / → /run during canonicalization of /run.
Detected unsafe path transition / → /var during canonicalization of /var/lib.
Detected unsafe path transition / → /var during canonicalization of /var.
Detected unsafe path transition / → /dev during canonicalization of /dev.
Detected unsafe path transition / → /dev during canonicalization of /dev.
Detected unsafe path transition / → /dev during canonicalization of /dev.
Detected unsafe path transition / → /dev during canonicalization of /dev.
Detected unsafe path transition / → /run during canonicalization of /run.
Detected unsafe path transition / → /run during canonicalization of /run/sudo.
Detected unsafe path transition / → /var during canonicalization of /var/lib.
Detected unsafe path transition / → /var during canonicalization of /var/lib.
Detected unsafe path transition / → /var during canonicalization of /var/lib/systemd.
Detected unsafe path transition / → /run during canonicalization of /run.
Detected unsafe path transition / → /run during canonicalization of /run/systemd.
Detected unsafe path transition / → /run during canonicalization of /run/systemd.
Detected unsafe path transition / → /run during canonicalization of /run/systemd.
Detected unsafe path transition / → /run during canonicalization of /run/systemd.
Detected unsafe path transition / → /run during canonicalization of /run/systemd.
Detected unsafe path transition / → /run during canonicalization of /run/systemd.
Detected unsafe path transition / → /run during canonicalization of /run/systemd.
Detected unsafe path transition / → /run during canonicalization of /run/systemd/netif.
Detected unsafe path transition / → /run during canonicalization of /run/systemd/netif.
Detected unsafe path transition / → /run during canonicalization of /run/systemd/netif.
Detected unsafe path transition / → /run during canonicalization of /run.
Detected unsafe path transition / → /var during canonicalization of /var/lib/systemd.
Detected unsafe path transition / → /var during canonicalization of /var/lib.
Detected unsafe path transition / → /var during canonicalization of /var.
Detected unsafe path transition / → /var during canonicalization of /var/log.
Detected unsafe path transition / → /var during canonicalization of /var/cache.
Detected unsafe path transition / → /var during canonicalization of /var.
Detected unsafe path transition / → /var during canonicalization of /var/tmp/tomcat8.
Detected unsafe path transition / → /var during canonicalization of /var/tmp/tomcat8.
Detected unsafe path transition / → /var during canonicalization of /var/lib.
Detected unsafe path transition / → /var during canonicalization of /var/lib/tomcat8.
Detected unsafe path transition / → /var during canonicalization of /var/log.
Detected unsafe path transition / → /var during canonicalization of /var/log.
Detected unsafe path transition / → /var during canonicalization of /var/log.
Detected unsafe path transition / → /var during canonicalization of /var/log.
Detected unsafe path transition / → /var during canonicalization of /var.
Detected unsafe path transition / → /etc during canonicalization of /etc/brlapi.key.
Detected unsafe path transition / → /var during canonicalization of /var/log/journal.
Detected unsafe path transition / → /var during canonicalization of /var/log/journal.
Detected unsafe path transition / → /var during canonicalization of /var/log/journal.
Detected unsafe path transition / → /var during canonicalization of /var/log/journal/84b561e5ef7f4ace91b837f528877573.
Detected unsafe path transition / → /var during canonicalization of /var/log/journal/84b561e5ef7f4ace91b837f528877573.
Detected unsafe path transition / → /var during canonicalization of /var/log/journal/84b561e5ef7f4ace91b837f528877573.
Detected unsafe path transition / → /var during canonicalization of /var/log/journal/remote.
Detected unsafe path transition / → /var during canonicalization of /var/lib/libvirt/qemu.
Detected unsafe path transition / → /sys during canonicalization of /sys/devices/system/cpu/microcode.
Detected unsafe path transition / → /dev during canonicalization of /dev/snd/timer.
Detected unsafe path transition / → /dev during canonicalization of /dev/fuse.
Detected unsafe path transition / → /dev during canonicalization of /dev/kvm.
Detected unsafe path transition / → /sys during canonicalization of /sys/module/kernel/parameters.
Detected unsafe path transition / → /run during canonicalization of /run/log/journal.
Detected unsafe path transition / → /run during canonicalization of /run/log/journal.
Detected unsafe path transition / → /var during canonicalization of /var/log/journal/84b561e5ef7f4ace91b837f528877573/system.journal.
Detected unsafe path transition / → /var during canonicalization of /var/log/journal/84b561e5ef7f4ace91b837f528877573/system.journal.
error: command failed to execute correctly
(4/4) Arming ConditionNeedsUpdate...

Last edited by greenleafvolatile (2020-11-19 13:13:38)

Zod · 2020-11-19 13:19:09

greenleafvolatile wrote:

I did some googling, and came across some cases where the directories in question were not owned by root but by the user. That is not the case here.

Well, prove it, who owns /

Don't forget [ code ] [ /code ] tags.

Trilby · 2020-11-19 14:05:56

And show some of the targets. Specifically the output of `stat / /etc` could be useful.

greenleafvolatile · 2020-11-19 14:16:12

I was mistaken.

Apparently / is owned by me (what dumb thing did I do to cause that, lol!?).

 /var/log $ ls -ld /
Permissions Size User Group Date Modified Name
drwxr-xr-x     - daan root  13 Nov 10:03  /

Well, problem diagnosed. Now to find a cure.

Can I just change ownership to root (sudo chown root:root /)? Or could that have other consequences?

Last edited by greenleafvolatile (2020-11-19 14:25:52)

Trilby · 2020-11-19 14:20:53

I'd not call that a problem diagnosed, just a symptom identified. Changing the ownership to root would treat the symptom. But how / why did it get that way in the first place, and what other ownership is off?

greenleafvolatile · 2020-11-19 14:24:46

Trilby wrote:

I'd not call that a problem diagnosed, just a symptom identified. Changing the ownership to root would treat the symptom. But how / why did it get that way in the first place, and what other ownership is off?

/ $ ls
Permissions Size User Group Date Modified Name
lrwxrwxrwx     7 root root   3 Sep  0:30  bin -> usr/bin
drwxr-xr-x     - root root   1 Jan  1970  boot
drwxr-xr-x     - root root  19 Nov  8:34  dev
drwxr-xr-x     - root root  19 Nov 15:11  etc
drwxr-xr-x     - root root   3 Sep 10:32  home
lrwxrwxrwx     7 root root   3 Sep  0:30  lib -> usr/lib
lrwxrwxrwx     7 root root   3 Sep  0:30  lib64 -> usr/lib
drwx------     - root root   1 Sep  9:39  lost+found
drwxrwxrwx     - root root  10 Nov 20:07  mnt
drwxr-xr-x     - root root   8 Sep 12:58  opt
dr-xr-xr-x     - root root  18 Nov 11:21  proc
drwxr-x---     - root root  18 Nov 17:10  root
drwxr-xr-x     - root root  18 Nov 11:24  run
lrwxrwxrwx     7 root root   3 Sep  0:30  sbin -> usr/bin
drwxr-xr-x     - root root   1 Sep  9:51  srv
dr-xr-xr-x     - root root  19 Nov 14:01  sys
drwxrwxrwt     - root root  19 Nov 14:43  tmp
.rw-r--r--     8 daan daan  24 Sep 14:41  tmpjcef-p917_scheme.tmp
.rw-r--r--     8 daan daan  13 Nov 10:03  tmpjcef-p956_scheme.tmp
drwxr-xr-x     - root root  19 Nov 13:58  usr
drwxr-xr-x     - root root  17 Nov 13:22  var

The other ownerships seem ok at first glance.

Scimmia · 2020-11-19 14:28:49

Is there anything in those .tmp files? They definitely shouldn't be there, and couldn't be there if the permissions on / were correct.

greenleafvolatile · 2020-11-19 15:12:18

Scimmia wrote:

Is there anything in those .tmp files? They definitely shouldn't be there, and couldn't be there if the permissions on / were correct.

You mean these?

.rw-r--r--     8 daan daan  24 Sep 14:41  tmpjcef-p917_scheme.tmp
.rw-r--r--     8 daan daan  13 Nov 10:03  tmpjcef-p956_scheme.tmp

/ $ cat tmpjcef-p917_scheme.tmp 
source,3/ $ 

/ $ cat tmpjcef-p956_scheme.tmp 
source,3/ $

You reckon I can rm them?

As an aside, step 3/4 (creating temporary files) ended with error: command failed to execute correctly. Does that mean that pacman was unable to create the temp files?

Last edited by greenleafvolatile (2020-11-19 15:17:21)

Bronze · 2020-12-22 03:56:28

Except for the tmp files (I didn't have the tmp files), I had the same problem. Somehow my /var /etc /usr /var/lib /var/log where no longer owned by root.

Solution:

chmod root:root /var /etc /usr /var/lib /var/log

However, I have no idea why the ownership for those folders changed ...

Last edited by Bronze (2020-12-22 04:00:04)

Archer73 · 2021-01-23 09:59:40

chown root:root /var /etc /usr /var/lib /var/log

twelveeighty · 2021-01-23 15:52:27

greenleafvolatile wrote:

.rw-r--r--     8 daan daan  24 Sep 14:41  tmpjcef-p917_scheme.tmp
.rw-r--r--     8 daan daan  13 Nov 10:03  tmpjcef-p956_scheme.tmp

Those look like temp files for MatLab. How did you install and/or run MatLab? Did you run matlab as root or even login as root, perhaps? That wouldn't explain the permissions be set to 'daan', but it could explain a lot of weirdness.

Arch Linux

#1 2020-11-19 13:09:50

Detected unsafe path transition

#2 2020-11-19 13:19:09

Re: Detected unsafe path transition

#3 2020-11-19 14:05:56

Re: Detected unsafe path transition

#4 2020-11-19 14:16:12

Re: Detected unsafe path transition

#5 2020-11-19 14:20:53

Re: Detected unsafe path transition

#6 2020-11-19 14:24:46

Re: Detected unsafe path transition

#7 2020-11-19 14:28:49

Re: Detected unsafe path transition

#8 2020-11-19 15:12:18

Re: Detected unsafe path transition

#9 2020-12-22 03:56:28

Re: Detected unsafe path transition

#10 2021-01-23 09:59:40

Re: Detected unsafe path transition

#11 2021-01-23 15:52:27

Re: Detected unsafe path transition

Board footer