Public bug reported:

[Impact]
The apport-test-crashes package, which is used to test the Error Tracker 
deployments, fails produce crash files for binary applications since "various 
security hardening fixes" were included in apport. The problematic change is 
the dropping of supplemental groups in data/apport. This results in a 
PermissionError as it is not the root user who is calling 
/usr/share/apport/apport.

[Test Case]
The least convulted test case involves using the generate-sigsegv-crash.py 
script from apport-test-crashes. This ends up using a command similar to 
'/usr/share/apport/apport -p 4077 -s 11 -E /usr/bin/gnome-calculator < 
/tmp/20.10-gnome-calculator.core' which then will encounter the Traceback.

1) Comment out "check_lock()" in /usr/share/apport/apport (This is necessary as 
we are not running as root)
2) Put a copy of generate-sigsegv-crash.py on disk.
3) Run 'python3 /tmp/generate-sigsegv-crash.py cat'
4) Observe the following Traceback:

Traceback (most recent call last):
  File "/tmp/tmpvkt5d266/apport", line 599, in <module>
    drop_privileges(True)
  File "/tmp/tmpvkt5d266/apport", line 125, in drop_privileges
    os.setgroups([])
PermissionError: [Errno 1] Operation not permitted

With the version of apport from -proposed you'll receive no such
Traceback.

[Regression Potential]
If there is an error in the python code we code see a new traceback for any and 
all crashes being generated, so ensure regular crash generation works too.

** Affects: apport (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1906565

Title:
  traceback when running apport as non-root user

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1906565/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to