Devuan bug report logs - #498
libc6: Permission denied, intermittent in execve

Package: libc6; Maintainer for libc6 is (unknown); Source for libc6 is src:glibc.

Reported by: Alessandro Vesely <>

Date: Mon, 27 Jul 2020 08:48:01 UTC

Severity: normal

Tags: debian

Merged with 497

Found in version 2.28-10

Forwarded to

Full log

🔗 View this message in rfc822 format

Subject: bug#498: Bug#966343: bug#498: libc6: Permission denied, intermittent in execve
Reply-To: Aurelien Jarno <>,
Resent-From: Aurelien Jarno <>
Resent-Date: Tue, 28 Jul 2020 22:33:02 +0000
Resent-Message-ID: <>
X-Devuan-PR-Message: followup 498
X-Devuan-PR-Package: libc6
X-Devuan-PR-Keywords: debian
References: <159583832778.5523.4267786497736057480.reportbug@pcale.tana> <> <> <> <> <20200727101344.wovj4a2l4g4xb2hk@function> <20200727101344.wovj4a2l4g4xb2hk@function> <> <> <>
Received: via spool by id=B498.15959748016097
          (code B ref 498); Tue, 28 Jul 2020 22:33:02 +0000
Received: (at 498) by; 28 Jul 2020 22:20:01 +0000
Received: from []
	by with IMAP (fetchmail-6.4.0.beta4)
	for <debbugs@localhost> (single-drop); Tue, 28 Jul 2020 22:20:01 +0000 (UTC)
Received: from ( [])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by (Postfix) with ESMTPS id E3FEEF608DA
	for <>; Wed, 29 Jul 2020 00:14:59 +0200 (CEST)
	dkim=pass (2048-bit key; secure) header.b="RzTXUsbY";
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
	; s=202004.hall; h=In-Reply-To:Content-Type:MIME-Version:References:
	bh=7Ksfl4NFsU2PVvrTieylN3C1A8tB6Y4MzI+HHhAGCVM=; b=RzTXUsbYTW6aIA37CKsfnDrhTI
Received: from ([2001:bc8:30d7:111::1000])
	by with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <>)
	id 1k0Xs9-0003eu-EP; Wed, 29 Jul 2020 00:14:57 +0200
Received: from aurel32 by with local (Exim 4.94)
	(envelope-from <>)
	id 1k0Xs6-0028Fv-Kv; Wed, 29 Jul 2020 00:14:54 +0200
Date: Wed, 29 Jul 2020 00:14:54 +0200
From: Aurelien Jarno <>
To: Alessandro Vesely <>,
Message-ID: <>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <>
User-Agent: Mutt/1.14.0 (2020-05-02)
X-Spam-Status: No, score=-0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on

On 2020-07-27 19:01, Alessandro Vesely wrote:
> On Mon, 27 Jul 2020 12:13:44 +0200 Samuel Thibault <> wrote:
> > Alessandro Vesely, le lun. 27 juil. 2020 11:47:34 +0200, a ecrit:
> > > So this turns out to be a documentation bug.  The execve man page should mention that EACCESS can result as an (unforeseen) apparmor impediment.
> > 
> > Well, basically all system calls would then need this...
> Yeah, likely.  How many man pages have snippets like "[...] denied for one of the directories in the path [...]"?
> Yet, considering the following examples, they seem to have been written manually rather than resorting to some sort of script:

There are many syscalls that might end up returning EACCESS. Mapping
them to the corresponding libc functions might not be always fully


> Philip Couling commented that the man page /could/ mention security extensions since they are prevelent. See:
> For execve, for example, one could add that permissions are not derived from file flags only.  For example:
> OLD:
>        EACCES Execute permission is denied for the file or a script or ELF interpreter.
> NEW:
>        EACCES Execute permission for the file or a script or ELF interpreter is denied either by flags or by security modules.
> Would that be correct?  Do all "DENIED" operations result in EACCES?  And what do other security modules do?  Hmm...  Starting to document that mess from the point of view of programs getting such failure codes would allow better logging and better troubleshooting.

That seems correct for apparmor (although it can also return ENOENT in
case of race condition), not sure about other security modules. seccomp
just kills the process, not sure you want to mention that in every
possible manpages.

In any case this is now out of scope for the glibc package, so I am
closing the bug. If you feel that the doc needs to be updated, please
open a bug against the corresponding package.


Aurelien Jarno                          GPG: 4096R/1DDD8C9B       

Send a report that this bug log contains spam.

Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.

Devuan Bugs Owner <>.
Last modified: Tue Oct 4 13:46:44 2022;