vagrant-lxc-wrapper fails when TMPDIR is not /tmp

Question

vagrant-lxc-wrapper fails when TMPDIR is not /tmp

eigengrau opened this issue 6 years ago · 2 comments

vagrant-lxc-wrapper currently expects that TMPDIR=/tmp. E.g., TMPDIR=/run/user/1000 vagrant up will fail, with no specific error message, since whitelist regexps only refer to /tmp, whereas any temporary files created will reside elsewhere.

Answer 1 · 2018-09-03T13:59:08.000Z

I'm not sure of the security implications of adding that kind of flexibility to a whitelist-based sudoers file. This whitelist already seems a bit fragile security-wise, it seems to me like it should be avoided in favor of unprivileged containers.

De-hardcoding /tmp looks like something that will have many side-effects and that will require bug squashing in many places (or widening the whitelist so much that it becomes even more insecure).

If you produce a patch, we can continue the conversation around a specific proposition.

Answer 2 · 2022-11-17T01:48:21.000Z

Hey, sorry for the silence here but this project is looking for maintainers 😅

As per #499, I've added the ignored label and will close this issue. Thanks for the interest in the project and LMK if you want to step up and take ownership of this project on that other issue 👋