[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
This bug was fixed in the package command-not-found - 18.04.6 --- command-not-found (18.04.6) bionic; urgency=medium [ Arnaud Rebillout ] * cnf: Bail out early if the database is not readable * cnf-update-db: Creates a world-readable database (Closes: #986461) * Add test to make sure that the database is world-readable [ Kellen Renshaw ] * Cherry-pick cnf-update-db umask fixes from 22.04 (LP: #1953610) -- Kellen Renshaw Mon, 14 Feb 2022 10:26:36 -0700 ** Changed in: command-not-found (Ubuntu Bionic) Status: Fix Committed => Fix Released ** Changed in: command-not-found (Ubuntu Impish) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
This bug was fixed in the package command-not-found - 21.10.1 --- command-not-found (21.10.1) impish; urgency=medium [ Arnaud Rebillout ] * cnf: Bail out early if the database is not readable * cnf-update-db: Creates a world-readable database (Closes: #986461) * Add test to make sure that the database is world-readable [ Kellen Renshaw ] * Cherry-pick cnf-update-db umask fixes from 22.04 (LP: #1953610) -- Kellen Renshaw Mon, 14 Feb 2022 10:23:14 -0700 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
This bug was fixed in the package command-not-found - 20.04.6 --- command-not-found (20.04.6) focal; urgency=medium [ Arnaud Rebillout ] * cnf: Bail out early if the database is not readable * cnf-update-db: Creates a world-readable database (Closes: #986461) * Add test to make sure that the database is world-readable [ Kellen Renshaw ] * Cherry-pick cnf-update-db umask fixes from 22.04 (LP: #1953610) -- Kellen Renshaw Mon, 14 Feb 2022 10:10:22 -0700 ** Changed in: command-not-found (Ubuntu Focal) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
Bionic verification root@verify-lp1953610-bionic:~# ### Verification root@verify-lp1953610-bionic:~# # Install updated command-not-found from -proposed root@verify-lp1953610-bionic:~# # https://wiki.ubuntu.com/Testing/EnableProposed root@verify-lp1953610-bionic:~# cat # Enable Ubuntu proposed archive > deb http://archive.ubuntu.com/ubuntu/ $(lsb_release -cs)-proposed restricted > main multiverse universe > EOF root@verify-lp1953610-bionic:~# # Update command-not-found. root@verify-lp1953610-bionic:~# apt update Hit:1 http://security.ubuntu.com/ubuntu bionic-security InRelease Get:2 http://archive.ubuntu.com/ubuntu bionic InRelease [242 kB] Hit:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease Hit:4 http://archive.ubuntu.com/ubuntu bionic-backports InRelease Get:5 http://archive.ubuntu.com/ubuntu bionic-proposed InRelease [242 kB] Hit:6 http://archive.ubuntu.com/ubuntu focal-backports InRelease Get:7 http://archive.ubuntu.com/ubuntu bionic-proposed/restricted amd64 Packages [105 kB] Get:8 http://archive.ubuntu.com/ubuntu bionic-proposed/restricted Translation-en [17.1 kB] Get:9 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 Packages [163 kB] Get:10 http://archive.ubuntu.com/ubuntu bionic-proposed/main Translation-en [33.5 kB] Get:11 http://archive.ubuntu.com/ubuntu bionic-proposed/multiverse amd64 Packages [2216 B] Get:12 http://archive.ubuntu.com/ubuntu bionic-proposed/multiverse Translation-en [788 B] Get:13 http://archive.ubuntu.com/ubuntu bionic-proposed/universe amd64 Packages [11.6 kB] Get:14 http://archive.ubuntu.com/ubuntu bionic-proposed/universe Translation-en [6332 B] Fetched 824 kB in 2s (528 kB/s) Reading package lists... Done Building dependency tree Reading state information... Done 13 packages can be upgraded. Run 'apt list --upgradable' to see them. root@verify-lp1953610-bionic:~# apt install command-not-found Reading package lists... Done Building dependency tree Reading state information... Done The following package was automatically installed and is no longer required: libfreetype6 Use 'apt autoremove' to remove it. The following additional packages will be installed: command-not-found-data python3-commandnotfound The following packages will be upgraded: command-not-found command-not-found-data python3-commandnotfound 3 upgraded, 0 newly installed, 0 to remove and 10 not upgraded. Need to get 1023 kB of archives. After this operation, 0 B of additional disk space will be used. Do you want to continue? [Y/n] y Get:1 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 command-not-found all 18.04.6 [5208 B] Get:2 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 python3-commandnotfound all 18.04.6 [9032 B] Get:3 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 command-not-found-data amd64 18.04.6 [1009 kB] Fetched 1023 kB in 1s (785 kB/s) (Reading database ... 29000 files and directories currently installed.) Preparing to unpack .../command-not-found_18.04.6_all.deb ... Unpacking command-not-found (18.04.6) over (18.04.5) ... Preparing to unpack .../python3-commandnotfound_18.04.6_all.deb ... Unpacking python3-commandnotfound (18.04.6) over (18.04.5) ... Preparing to unpack .../command-not-found-data_18.04.6_amd64.deb ... Unpacking command-not-found-data (18.04.6) over (18.04.5) ... Setting up command-not-found-data (18.04.6) ... Setting up python3-commandnotfound (18.04.6) ... Setting up command-not-found (18.04.6) ... root@verify-lp1953610-bionic:~# # Verify version root@verify-lp1953610-bionic:~# dpkg -l | grep command-not-found ii command-not-found 18.04.6 all Suggest installation of packages in interactive bash sessions ii command-not-found-data 18.04.6 amd64 Set of data files for command-not-found. ii python3-commandnotfound18.04.6 all Python 3 bindings for command-not-found. root@verify-lp1953610-bionic:~# # Force rebuild of DB root@verify-lp1953610-bionic:~# rm -rf /var/lib/command-not-found/* root@verify-lp1953610-bionic:~# apt update Hit:1 http://security.ubuntu.com/ubuntu bionic-security InRelease Get:2 http://archive.ubuntu.com/ubuntu bionic InRelease [242 kB] Hit:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease Hit:4 http://archive.ubuntu.com/ubuntu bionic-backports InRelease Hit:5 http://archive.ubuntu.com/ubuntu bionic-proposed InRelease Hit:6 http://archive.ubuntu.com/ubuntu focal-backports InRelease Fetched 242 kB in 1s (266 kB/s) Reading package lists... Done Building dependency tree Reading state information... Done 10 packages can be upgraded. Run 'apt list --upgradable' to see them. root@verify-lp1953610-bionic:~# ls -lah /var/lib/command-not-found/ total 28K drwxr-xr-x 1 root root 62 Mar 10 19:36 . drwxr-xr-x 1
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
Focal verification root@verify-lp1953610-focal:~# ### Verification root@verify-lp1953610-focal:~# # Install updated command-not-found from -proposed root@verify-lp1953610-focal:~# # https://wiki.ubuntu.com/Testing/EnableProposed root@verify-lp1953610-focal:~# # Update command-not-found. root@verify-lp1953610-focal:~# apt install command-not-found root@verify-lp1953610-focal:~# # Verify version root@verify-lp1953610-focal:~# dpkg -l | grep command-not-found ii command-not-found 20.04.6all Suggest installation of packages in interactive bash sessions ii python3-commandnotfound20.04.6all Python 3 bindings for command-not-found. root@verify-lp1953610-focal:~# # Force rebuild of DB root@verify-lp1953610-focal:~# rm -rf /var/lib/command-not-found/* root@verify-lp1953610-focal:~# apt update Hit:1 http://security.ubuntu.com/ubuntu focal-security InRelease Hit:2 http://archive.ubuntu.com/ubuntu focal InRelease Hit:3 http://archive.ubuntu.com/ubuntu focal-updates InRelease Hit:4 http://archive.ubuntu.com/ubuntu focal-backports InRelease Hit:5 http://archive.ubuntu.com/ubuntu focal-proposed InRelease Reading package lists... Done Building dependency tree Reading state information... Done All packages are up to date. root@verify-lp1953610-focal:~# ls -lah /var/lib/command-not-found/ total 3.2M drwxr-xr-x 1 root root 62 Mar 10 19:14 . drwxr-xr-x 1 root root 584 Mar 10 19:13 .. -rw-r--r-- 1 root root 3.2M Mar 10 19:14 commands.db -rw-r--r-- 1 root root 3.9K Mar 10 19:14 commands.db.metadata root@verify-lp1953610-focal:~# # Verify success root@verify-lp1953610-focal:~# su - ubuntu ubuntu@verify-lp1953610-focal:~$ lck WARNING:root:could not open file '/etc/apt/sources.list.d/ubuntu-focal-proposed.list' Command 'lck' not found, did you mean: command 'ack' from deb ack (3.3.1-1) command 'ick' from deb intercal (30:0.30-3) command 'lcf' from deb ucf (3.0038+nmu1) command 'ck' from deb python3-ck (1.9.4-1.1) command 'lc' from deb mono-devel (6.8.0.105+dfsg-2) command 'lcp' from deb lsh-client (2.1-12build3) Try: apt install ubuntu@verify-lp1953610-focal:~$ ack WARNING:root:could not open file '/etc/apt/sources.list.d/ubuntu-focal-proposed.list' Command 'ack' not found, but can be installed with: apt install ack Please ask your administrator. ubuntu@verify-lp1953610-focal:~$ exit logout root@verify-lp1953610-focal:~# ## END Verification ** Tags removed: verification-needed-focal verification-needed-impish ** Tags added: verification-done-focal verification-done-impish -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
Verification for Impish root@verify-lp1953610-impish:~# ### Verification # Install updated command-not-found from -proposed # https://wiki.ubuntu.com/Testing/EnableProposed cat
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
Hello Julian, or anyone else affected, Accepted command-not-found into impish-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/command- not-found/21.10.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed- impish to verification-done-impish. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification- failed-impish. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: command-not-found (Ubuntu Impish) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-impish ** Changed in: command-not-found (Ubuntu Focal) Status: In Progress => Fix Committed ** Tags added: verification-needed-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
** Description changed: [Impact] If a non-default umask is set for the root user, then the database created by cnf-update-db is not readable by users. This causes exceptions when cnf is invoked. This fix ensures databases are created with the correct permissions, but it does not automatically reset permissions for broken databases. [Test Plan] To reproduce the issue, use the annotated steps below. Confirmed working as a reproducer for Bionic, Focal and Impish. Bionic appears to use a -data package instead of building the db on "apt update", however, adding a non-default repo with CNF metadata will also reproduce the issue. Bionic was tested by adding focal-updates to the APT configuration. Notes: 1) The "ubuntu" user below is unprivileged, the result of the "adduser ubuntu" command being run and accepting defaults. 2) The "lck" and "ack" commands were randomly selected as commands that were unavailable on the default Ubuntu images used by LXD. 3) Bionic requires the addition of a non-default repo with CNF metadata. The focal-updates repo was used in my testing, any repo meeting the conditions should do. ### Reproduction # Add repo with CNF metadata if testing Bionic # Confirm UMASK grep "^UMASK" /etc/login.defs # Set /etc/login.defs to umask 027 sed -i -e 's/^UMASK\t\t022/UMASK\t\t027/' /etc/login.defs # Confirm grep "^UMASK" /etc/login.defs # Log out and back in exit # Log back in # Force rebuild of DB rm -rf /var/lib/command-not-found/* apt update ls -lah /var/lib/command-not-found/ # Verify failure su - ubuntu lck ack exit ## END Reproduction ### Verification # Install updated command-not-found from -proposed # https://wiki.ubuntu.com/Testing/EnableProposed # Update command-not-found. apt upgrade command-not-found # Verify version dpkg -l | grep command-not-found # Force rebuild of DB rm -rf /var/lib/command-not-found/* apt update ls -lah /var/lib/command-not-found/ # Verify success su - ubuntu lck ack exit ## END Verification The failures expected to be seen when running the "lck" and "ack" commands are similar to: ubuntu@lp1953610-focal:~$ ack Sorry, command-not-found has crashed! Please file a bug report at: https://bugs.launchpad.net/command-not-found/+filebug Please include the following information with the report: command-not-found version: 0.3 Python version: 3.8.10 final 0 Distributor ID: Ubuntu Description: Ubuntu 20.04.3 LTS Release: 20.04 Codename: focal Exception information: unable to open database file Traceback (most recent call last): - File "/usr/lib/python3/dist-packages/CommandNotFound/util.py", line 23, in crash_guard - callback() - File "/usr/lib/command-not-found", line 90, in main - cnf = CommandNotFound.CommandNotFound(options.data_dir) - File "/usr/lib/python3/dist-packages/CommandNotFound/CommandNotFound.py", line 79, in __init__ - self.db = SqliteDatabase(dbpath) - File "/usr/lib/python3/dist-packages/CommandNotFound/db/db.py", line 12, in __init__ - self.con = sqlite3.connect(filename) + File "/usr/lib/python3/dist-packages/CommandNotFound/util.py", line 23, in crash_guard + callback() + File "/usr/lib/command-not-found", line 90, in main + cnf = CommandNotFound.CommandNotFound(options.data_dir) + File "/usr/lib/python3/dist-packages/CommandNotFound/CommandNotFound.py", line 79, in __init__ + self.db = SqliteDatabase(dbpath) + File "/usr/lib/python3/dist-packages/CommandNotFound/db/db.py", line 12, in __init__ + self.con = sqlite3.connect(filename) sqlite3.OperationalError: unable to open database file A successful run should look like: ubuntu@lp1953610-focal:~$ lck Command 'lck' not found, did you mean: - command 'ack' from deb ack (3.3.1-1) - command 'ick' from deb intercal (30:0.30-3) - command 'lcp' from deb lsh-client (2.1-12build3) - command 'lc' from deb mono-devel (6.8.0.105+dfsg-2) - command 'lcf' from deb ucf (3.0038+nmu1) - command 'ck' from deb python3-ck (1.9.4-1.1) + command 'ack' from deb ack (3.3.1-1) + command 'ick' from deb intercal (30:0.30-3) + command 'lcp' from deb lsh-client (2.1-12build3) + command 'lc' from deb mono-devel (6.8.0.105+dfsg-2) + command 'lcf' from deb ucf (3.0038+nmu1) + command 'ck' from deb python3-ck (1.9.4-1.1) Try: apt install The umask changes have little regression potential, are tested in a smoke test, and there is a larger test suite that ensures it does not regress other bits (which again, it really shouldn't) [Where problems could occur] - Admins could rely on the incorrect behavior for some reason (security?). - Admins could have existing automation in place to correct the issue that - behaves incorrectly or unexpectedly once the behavior is corrected. + In general, regressions due to this bug would continue showing up as file access errors, either
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
** Tags added: sts ** Changed in: command-not-found (Ubuntu Bionic) Importance: Undecided => Medium ** Changed in: command-not-found (Ubuntu Impish) Importance: Undecided => Medium ** Changed in: command-not-found (Ubuntu Focal) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
** Description changed: [Impact] - If a non-default umask is set for the root user, then the database created by cnf-update-db is not readable by users. + If a non-default umask is set for the root user, then the database created by cnf-update-db is not readable by users. This causes exceptions when cnf is invoked. This fix ensures databases are created with the correct permissions, but it does not automatically reset permissions for broken databases. - [Test plan] - The umask changes have little regression potential, are tested in a smoke test, and there is a larger test suite that ensures it does not regress other bits (which again, it really shouldn't) + [Test Plan] + To reproduce the issue, use the annotated steps below. Confirmed working as a reproducer for Bionic, Focal and Impish. Bionic appears to use a -data package instead of building the db on "apt update", however, adding a non-default repo with CNF metadata will also reproduce the issue. Bionic was tested by adding focal-updates to the APT configuration. + + Notes: + 1) The "ubuntu" user below is unprivileged, the result of the "adduser ubuntu" command being run and accepting defaults. + 2) The "lck" and "ack" commands were randomly selected as commands that were unavailable on the default Ubuntu images used by LXD. + 3) Bionic requires the addition of a non-default repo with CNF metadata. The focal-updates repo was used in my testing, any repo meeting the conditions should do. + + ### Reproduction + # Add repo with CNF metadata if testing Bionic + # Confirm UMASK + grep "^UMASK" /etc/login.defs + # Set /etc/login.defs to umask 027 + sed -i -e 's/^UMASK\t\t022/UMASK\t\t027/' /etc/login.defs + # Confirm + grep "^UMASK" /etc/login.defs + # Log out and back in + exit + + # Log back in + # Force rebuild of DB + rm -rf /var/lib/command-not-found/* + apt update + ls -lah /var/lib/command-not-found/ + # Verify failure + su - ubuntu + lck + ack + exit + ## END Reproduction + + ### Verification + # Install updated command-not-found from -proposed + # https://wiki.ubuntu.com/Testing/EnableProposed + # Update command-not-found. + apt upgrade command-not-found + # Verify version + dpkg -l | grep command-not-found + # Force rebuild of DB + rm -rf /var/lib/command-not-found/* + apt update + ls -lah /var/lib/command-not-found/ + # Verify success + su - ubuntu + lck + ack + exit + ## END Verification + + The failures expected to be seen when running the "lck" and "ack" commands are similar to: + ubuntu@lp1953610-focal:~$ ack + Sorry, command-not-found has crashed! Please file a bug report at: + https://bugs.launchpad.net/command-not-found/+filebug + Please include the following information with the report: + + command-not-found version: 0.3 + Python version: 3.8.10 final 0 + Distributor ID: Ubuntu + Description: Ubuntu 20.04.3 LTS + Release: 20.04 + Codename: focal + Exception information: + + unable to open database file + Traceback (most recent call last): + File "/usr/lib/python3/dist-packages/CommandNotFound/util.py", line 23, in crash_guard + callback() + File "/usr/lib/command-not-found", line 90, in main + cnf = CommandNotFound.CommandNotFound(options.data_dir) + File "/usr/lib/python3/dist-packages/CommandNotFound/CommandNotFound.py", line 79, in __init__ + self.db = SqliteDatabase(dbpath) + File "/usr/lib/python3/dist-packages/CommandNotFound/db/db.py", line 12, in __init__ + self.con = sqlite3.connect(filename) + sqlite3.OperationalError: unable to open database file + + A successful run should look like: + ubuntu@lp1953610-focal:~$ lck + + Command 'lck' not found, did you mean: + + command 'ack' from deb ack (3.3.1-1) + command 'ick' from deb intercal (30:0.30-3) + command 'lcp' from deb lsh-client (2.1-12build3) + command 'lc' from deb mono-devel (6.8.0.105+dfsg-2) + command 'lcf' from deb ucf (3.0038+nmu1) + command 'ck' from deb python3-ck (1.9.4-1.1) + + Try: apt install + + The umask changes have little regression potential, are tested in a + smoke test, and there is a larger test suite that ensures it does not + regress other bits (which again, it really shouldn't) [Where problems could occur] - We could have the wrong umask? Admins actually liked c-n-f to crash on them? + Admins could rely on the incorrect behavior for some reason (security?). + Admins could have existing automation in place to correct the issue that + behaves incorrectly or unexpectedly once the behavior is corrected. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
MR for Bionic: https://code.launchpad.net/~krenshaw/ubuntu/+source/command-not-found/+git/command-not-found/+merge/415622 Testing info attached, uses https://launchpad.net/~krenshaw/+archive/ubuntu/lp1953610 to provide packages from the MR. ** Attachment added: "bionic_verify.txt" https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+attachment/5561036/+files/bionic_verify.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
** Merge proposal linked: https://code.launchpad.net/~krenshaw/ubuntu/+source/command-not-found/+git/command-not-found/+merge/415622 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
Bionic is affected if the system is configured with a non-default repository that provides CNF metadata. The same fix works for Bionic in this situation as well. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
** Tags added: sts-sponsor -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
** Tags removed: sts-sponsor ** Tags added: sts-sponsor-halves -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
MR for Impish: https://code.launchpad.net/~krenshaw/ubuntu/+source/command-not-found/+git/command-not-found/+merge/414979 Testing info attached. ** Attachment added: "impish_verify.txt" https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+attachment/5558770/+files/impish_verify.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
MR for Focal: https://code.launchpad.net/~krenshaw/ubuntu/+source/command-not-found/+git/command-not-found/+merge/414978 NOTE: the Focal packages in the PPA have a version ending in ubuntu2, this version is identical to the MR's version ubuntu1. Version was changed to allow PPA building of packages after an erroneous upload on my part. Testing info attached. ** Attachment added: "focal_verify.txt" https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+attachment/5558769/+files/focal_verify.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
The command-not-found-data package in Bionic appears to avoid this issue, since the script affected by the UMASK variable is not used to update the databases. Perhaps this bug doesn't apply to Bionic? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
[Test Plan] To reproduce the issue, use the annotated steps below. Confirmed working as a reproducer for Focal and Impish. Bionic appears to use a -data package instead of building the db on "apt update" Notes: 1) The "ubuntu" user below is unprivileged, the result of the "adduser ubuntu" command being run and accepting defaults. 2) The "lck" and "ack" commands were randomly selected as commands that were unavailable on the default Ubuntu images used by LXD. # Confirm UMASK grep "^UMASK" /etc/login.defs # Set /etc/login.defs to umask 027 sed -i -e 's/^UMASK\t\t022/UMASK\t\t027/' /etc/login.defs # Confirm grep "^UMASK" /etc/login.defs # Log out and back in exit # Log back in # Force rebuild of DB rm -rf /var/lib/command-not-found/* apt update ls -lah /var/lib/command-not-found/ # Verify failure su - ubuntu lck ack exit ## END repro The failures expected to be seen when running the "lck" and "ack" commands are similar to: ubuntu@lp1953610-focal:~$ ack Sorry, command-not-found has crashed! Please file a bug report at: https://bugs.launchpad.net/command-not-found/+filebug Please include the following information with the report: command-not-found version: 0.3 Python version: 3.8.10 final 0 Distributor ID: Ubuntu Description:Ubuntu 20.04.3 LTS Release:20.04 Codename: focal Exception information: unable to open database file Traceback (most recent call last): File "/usr/lib/python3/dist-packages/CommandNotFound/util.py", line 23, in crash_guard callback() File "/usr/lib/command-not-found", line 90, in main cnf = CommandNotFound.CommandNotFound(options.data_dir) File "/usr/lib/python3/dist-packages/CommandNotFound/CommandNotFound.py", line 79, in __init__ self.db = SqliteDatabase(dbpath) File "/usr/lib/python3/dist-packages/CommandNotFound/db/db.py", line 12, in __init__ self.con = sqlite3.connect(filename) sqlite3.OperationalError: unable to open database file A successful run should look like: ubuntu@lp1953610-focal:~$ lck Command 'lck' not found, did you mean: command 'ack' from deb ack (3.3.1-1) command 'ick' from deb intercal (30:0.30-3) command 'lcp' from deb lsh-client (2.1-12build3) command 'lc' from deb mono-devel (6.8.0.105+dfsg-2) command 'lcf' from deb ucf (3.0038+nmu1) command 'ck' from deb python3-ck (1.9.4-1.1) Try: apt install -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
** Merge proposal linked: https://code.launchpad.net/~krenshaw/ubuntu/+source/command-not-found/+git/command-not-found/+merge/414978 ** Merge proposal linked: https://code.launchpad.net/~krenshaw/ubuntu/+source/command-not-found/+git/command-not-found/+merge/414979 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: command-not-found (Ubuntu Impish) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: command-not-found (Ubuntu Focal) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: command-not-found (Ubuntu Bionic) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
** Tags added: fr-1949 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
** Changed in: command-not-found (Ubuntu Jammy) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953610 Title: cnf-update-db creates unreadable database if wrong umask To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs