[Bug 1953610] Re: cnf-update-db creates unreadable database if wrong umask
Kellen Renshaw
1953610 at bugs.launchpad.net
Thu Mar 10 19:38:50 UTC 2022
Bionic verification
root at verify-lp1953610-bionic:~# ### Verification
root at verify-lp1953610-bionic:~# # Install updated command-not-found from -proposed
root at verify-lp1953610-bionic:~# # https://wiki.ubuntu.com/Testing/EnableProposed
root at verify-lp1953610-bionic:~# cat <<EOF >/etc/apt/sources.list.d/ubuntu-$(lsb_release -cs)-proposed.list
> # Enable Ubuntu proposed archive
> deb http://archive.ubuntu.com/ubuntu/ $(lsb_release -cs)-proposed restricted main multiverse universe
> EOF
root at verify-lp1953610-bionic:~# # Update command-not-found.
root at verify-lp1953610-bionic:~# apt update
Hit:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
Get:2 http://archive.ubuntu.com/ubuntu bionic InRelease [242 kB]
Hit:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
Hit:4 http://archive.ubuntu.com/ubuntu bionic-backports InRelease
Get:5 http://archive.ubuntu.com/ubuntu bionic-proposed InRelease [242 kB]
Hit:6 http://archive.ubuntu.com/ubuntu focal-backports InRelease
Get:7 http://archive.ubuntu.com/ubuntu bionic-proposed/restricted amd64 Packages [105 kB]
Get:8 http://archive.ubuntu.com/ubuntu bionic-proposed/restricted Translation-en [17.1 kB]
Get:9 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 Packages [163 kB]
Get:10 http://archive.ubuntu.com/ubuntu bionic-proposed/main Translation-en [33.5 kB]
Get:11 http://archive.ubuntu.com/ubuntu bionic-proposed/multiverse amd64 Packages [2216 B]
Get:12 http://archive.ubuntu.com/ubuntu bionic-proposed/multiverse Translation-en [788 B]
Get:13 http://archive.ubuntu.com/ubuntu bionic-proposed/universe amd64 Packages [11.6 kB]
Get:14 http://archive.ubuntu.com/ubuntu bionic-proposed/universe Translation-en [6332 B]
Fetched 824 kB in 2s (528 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
13 packages can be upgraded. Run 'apt list --upgradable' to see them.
root at verify-lp1953610-bionic:~# apt install command-not-found
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following package was automatically installed and is no longer required:
libfreetype6
Use 'apt autoremove' to remove it.
The following additional packages will be installed:
command-not-found-data python3-commandnotfound
The following packages will be upgraded:
command-not-found command-not-found-data python3-commandnotfound
3 upgraded, 0 newly installed, 0 to remove and 10 not upgraded.
Need to get 1023 kB of archives.
After this operation, 0 B of additional disk space will be used.
Do you want to continue? [Y/n] y
Get:1 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 command-not-found all 18.04.6 [5208 B]
Get:2 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 python3-commandnotfound all 18.04.6 [9032 B]
Get:3 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 command-not-found-data amd64 18.04.6 [1009 kB]
Fetched 1023 kB in 1s (785 kB/s)
(Reading database ... 29000 files and directories currently installed.)
Preparing to unpack .../command-not-found_18.04.6_all.deb ...
Unpacking command-not-found (18.04.6) over (18.04.5) ...
Preparing to unpack .../python3-commandnotfound_18.04.6_all.deb ...
Unpacking python3-commandnotfound (18.04.6) over (18.04.5) ...
Preparing to unpack .../command-not-found-data_18.04.6_amd64.deb ...
Unpacking command-not-found-data (18.04.6) over (18.04.5) ...
Setting up command-not-found-data (18.04.6) ...
Setting up python3-commandnotfound (18.04.6) ...
Setting up command-not-found (18.04.6) ...
root at verify-lp1953610-bionic:~# # Verify version
root at verify-lp1953610-bionic:~# dpkg -l | grep command-not-found
ii command-not-found 18.04.6 all Suggest installation of packages in interactive bash sessions
ii command-not-found-data 18.04.6 amd64 Set of data files for command-not-found.
ii python3-commandnotfound 18.04.6 all Python 3 bindings for command-not-found.
root at verify-lp1953610-bionic:~# # Force rebuild of DB
root at verify-lp1953610-bionic:~# rm -rf /var/lib/command-not-found/*
root at verify-lp1953610-bionic:~# apt update
Hit:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
Get:2 http://archive.ubuntu.com/ubuntu bionic InRelease [242 kB]
Hit:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease
Hit:4 http://archive.ubuntu.com/ubuntu bionic-backports InRelease
Hit:5 http://archive.ubuntu.com/ubuntu bionic-proposed InRelease
Hit:6 http://archive.ubuntu.com/ubuntu focal-backports InRelease
Fetched 242 kB in 1s (266 kB/s)
Reading package lists... Done
Building dependency tree
Reading state information... Done
10 packages can be upgraded. Run 'apt list --upgradable' to see them.
root at verify-lp1953610-bionic:~# ls -lah /var/lib/command-not-found/
total 28K
drwxr-xr-x 1 root root 62 Mar 10 19:36 .
drwxr-xr-x 1 root root 542 Mar 10 19:27 ..
-rw-r--r-- 1 root root 24K Mar 10 19:36 commands.db
-rw-r--r-- 1 root root 800 Mar 10 19:36 commands.db.metadata
root at verify-lp1953610-bionic:~# # Verify success
root at verify-lp1953610-bionic:~# su - ubuntu
ubuntu at verify-lp1953610-bionic:~$ lck
WARNING:root:could not open file '/etc/apt/sources.list.d/ubuntu-bionic-proposed.list'
lck: command not found
ubuntu at verify-lp1953610-bionic:~$ ack
WARNING:root:could not open file '/etc/apt/sources.list.d/ubuntu-bionic-proposed.list'
Command 'ack' not found, did you mean:
command 'act' from snap act (0.3.2)
command 'ark' from snap ark (21.12.2)
See 'snap info <snapname>' for additional versions.
ubuntu at verify-lp1953610-bionic:~$ exit
logout
root at verify-lp1953610-bionic:~# ## END Verification
** Tags removed: verification-needed verification-needed-bionic
** Tags added: verification-done verification-done-bionic
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to command-not-found in Ubuntu.
https://bugs.launchpad.net/bugs/1953610
Title:
cnf-update-db creates unreadable database if wrong umask
Status in command-not-found package in Ubuntu:
Fix Released
Status in command-not-found source package in Bionic:
Fix Committed
Status in command-not-found source package in Focal:
Fix Committed
Status in command-not-found source package in Impish:
Fix Committed
Status in command-not-found source package in Jammy:
Fix Released
Bug description:
[Impact]
If a non-default umask is set for the root user, then the database created by cnf-update-db is not readable by users. This causes exceptions when cnf is invoked.
This fix ensures databases are created with the correct permissions,
but it does not automatically reset permissions for broken databases.
[Test Plan]
To reproduce the issue, use the annotated steps below. Confirmed working as a reproducer for Bionic, Focal and Impish. Bionic appears to use a -data package instead of building the db on "apt update", however, adding a non-default repo with CNF metadata will also reproduce the issue. Bionic was tested by adding focal-updates to the APT configuration.
Notes:
1) The "ubuntu" user below is unprivileged, the result of the "adduser ubuntu" command being run and accepting defaults.
2) The "lck" and "ack" commands were randomly selected as commands that were unavailable on the default Ubuntu images used by LXD.
3) Bionic requires the addition of a non-default repo with CNF metadata. The focal-updates repo was used in my testing, any repo meeting the conditions should do.
### Reproduction
# Add repo with CNF metadata if testing Bionic
# Confirm UMASK
grep "^UMASK" /etc/login.defs
# Set /etc/login.defs to umask 027
sed -i -e 's/^UMASK\t\t022/UMASK\t\t027/' /etc/login.defs
# Confirm
grep "^UMASK" /etc/login.defs
# Log out and back in
exit
# Log back in
# Force rebuild of DB
rm -rf /var/lib/command-not-found/*
apt update
ls -lah /var/lib/command-not-found/
# Verify failure
su - ubuntu
lck
ack
exit
## END Reproduction
### Verification
# Install updated command-not-found from -proposed
# https://wiki.ubuntu.com/Testing/EnableProposed
# Update command-not-found.
apt upgrade command-not-found
# Verify version
dpkg -l | grep command-not-found
# Force rebuild of DB
rm -rf /var/lib/command-not-found/*
apt update
ls -lah /var/lib/command-not-found/
# Verify success
su - ubuntu
lck
ack
exit
## END Verification
The failures expected to be seen when running the "lck" and "ack" commands are similar to:
ubuntu at lp1953610-focal:~$ ack
Sorry, command-not-found has crashed! Please file a bug report at:
https://bugs.launchpad.net/command-not-found/+filebug
Please include the following information with the report:
command-not-found version: 0.3
Python version: 3.8.10 final 0
Distributor ID: Ubuntu
Description: Ubuntu 20.04.3 LTS
Release: 20.04
Codename: focal
Exception information:
unable to open database file
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/CommandNotFound/util.py", line 23, in crash_guard
callback()
File "/usr/lib/command-not-found", line 90, in main
cnf = CommandNotFound.CommandNotFound(options.data_dir)
File "/usr/lib/python3/dist-packages/CommandNotFound/CommandNotFound.py", line 79, in __init__
self.db = SqliteDatabase(dbpath)
File "/usr/lib/python3/dist-packages/CommandNotFound/db/db.py", line 12, in __init__
self.con = sqlite3.connect(filename)
sqlite3.OperationalError: unable to open database file
A successful run should look like:
ubuntu at lp1953610-focal:~$ lck
Command 'lck' not found, did you mean:
command 'ack' from deb ack (3.3.1-1)
command 'ick' from deb intercal (30:0.30-3)
command 'lcp' from deb lsh-client (2.1-12build3)
command 'lc' from deb mono-devel (6.8.0.105+dfsg-2)
command 'lcf' from deb ucf (3.0038+nmu1)
command 'ck' from deb python3-ck (1.9.4-1.1)
Try: apt install <deb name>
The umask changes have little regression potential, are tested in a
smoke test, and there is a larger test suite that ensures it does not
regress other bits (which again, it really shouldn't)
[Where problems could occur]
In general, regressions due to this bug would continue showing up as file access errors, either in automated tooling that currently works around the faulty database permissions, or in other packages relying on CNF.
Admins could be relying on the incorrect behavior for some reason
(e.g. security), and some users could have existing automation in
place to correct the issue manually. We'd expect the fix to have
little impact on such scenarios, and the patches have been tested for
these cases.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions
More information about the foundations-bugs
mailing list