If you think a bug might affect users in the 57 release, please set the correct tracking and status flags for Release Management.

Auto-updates broken on Linux when /tmp is mounted noexec

RESOLVED FIXED in mozilla37

Status

()

Toolkit
Application Update
RESOLVED FIXED
3 years ago
2 years ago

People

(Reporter: francois, Assigned: rstrong)

Tracking

Trunk
mozilla37
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

3 years ago
I've been trying to find out why my Firefox updates weren't working for the last few months (on and off) and finally found the problem: my /tmp is mounted noexec.

If I "mount -o remount,exec /tmp" prior to starting Firefox then it all works fine.

Given that mounting /tmp in a non-executable way is a recommendation from opsec, I hope we can fix this.

I would recommend:

1. detecting this and issuing a warning to point to the cause of the update problems
2. taking advantage of the fact that the installation directory is already executable to run our executables there

#1 is important because I've spent months trying to figure out why I was the only one who's updates were broken.

#2 would be really nice, but I imagine it's not going to be a priority.

Updated

3 years ago
Component: General → Application Update
Product: Firefox → Toolkit
(Reporter)

Comment 1

3 years ago
Here's the opsec recommendation I was referring to:

  https://mana.mozilla.org/wiki/display/SECURITY/System+Security+Policy+Guidelines+for+Linux+systems#SystemSecurityPolicyGuidelinesforLinuxsystems-Mountsettings

(I don't know why it's locked away in Mana.)
This is due to the following and other associated code.
http://mxr.mozilla.org/mozilla-central/source/toolkit/xre/nsUpdateDriver.cpp#451

I never liked using tmp so I'll take this.
Assignee: nobody → robert.strong.bugs
Status: NEW → ASSIGNED
Blocks: 307181
Created attachment 8529292 [details] [diff] [review]
patch rev1

Pushed to try
https://treeherder.mozilla.org/ui/#/jobs?repo=try&revision=2fa5c125b097

I'm tempted to remove the removal of the MozUpdater-i dirs in temp but would prefer to do that in a separate bug.
Attachment #8529292 - Flags: review?(netzen)
Also tempted to just use the MozUpdater dir and just use Create instead of CreateUnique but I think this is safer since it should protect against file in use issues on Windows.
try looks good
Comment on attachment 8529292 [details] [diff] [review]
patch rev1

Review of attachment 8529292 [details] [diff] [review]:
-----------------------------------------------------------------

::: toolkit/mozapps/update/nsUpdateService.js
@@ +1235,5 @@
>      var tmpDir = Cc["@mozilla.org/file/directory_service;1"].
>                   getService(Ci.nsIProperties).
>                   get("TmpD", Ci.nsIFile);
>  
> +    // We used to store MozUpdater-i directories ins the temp directory.

*in the temp directory
Attachment #8529292 - Flags: review?(netzen) → review+
- Addressed nit.

Pushed here:
https://hg.mozilla.org/integration/mozilla-inbound/rev/e57c4cf44a6d
Target Milestone: --- → mozilla37
https://hg.mozilla.org/mozilla-central/rev/e57c4cf44a6d
Status: ASSIGNED → RESOLVED
Last Resolved: 3 years ago
Resolution: --- → FIXED
Francois, could you check that this is now fixed in Nightly? Thanks!
Flags: needinfo?(francois)
(Reporter)

Comment 10

3 years ago
I can confirm that it works: I successfully upgraded from 2014-12-07 to 2014-12-08 with a noexec /tmp.

Thanks Robert!
Flags: needinfo?(francois)
Duplicate of this bug: 791331
You need to log in before you can comment on or make changes to this bug.