[Bug 2061017] Re: lxd-installer: permission error not handled and lxd snap not installed
Simon Déziel
2061017 at bugs.launchpad.net
Wed May 22 14:25:06 UTC 2024
Thanks Phil for pointing out that there is some `dpkg-divert` at play
(https://git.launchpad.net/livecd-rootfs/tree/live-build/ubuntu-
server/hooks/01-unminimize.chroot_early?h=ubuntu/noble).
I think the issue is due to the `dpkg-diversion` being done prior to
upgrading the `lxd-installer` package and the diversion is presumably
not respected due to confusion between `/usr/sbin/lxd` and `/sbin/lxd`.
Here's the reproducer:
```
$ lxc launch ubuntu-minimal-daily:24.04 c1
$ lxc shell c1
root at c1:~# dpkg-divert --add --divert /usr/sbin/lxd.REAL --rename /usr/sbin/lxd
Adding 'local diversion of /usr/sbin/lxd to /usr/sbin/lxd.REAL'
root at c1:~# ln -s /bin/true /usr/sbin/lxd
root at c1:~# ll /sbin/lxd* /usr/sbin/lxd*
lrwxrwxrwx 1 root root 9 May 22 14:20 /sbin/lxd -> /bin/true*
-rwxr-xr-x 1 root root 372 Jan 11 16:58 /sbin/lxd.REAL*
lrwxrwxrwx 1 root root 9 May 22 14:20 /usr/sbin/lxd -> /bin/true*
-rwxr-xr-x 1 root root 372 Jan 11 16:58 /usr/sbin/lxd.REAL*
root at c1:~# sed -i 's/noble-backports/noble-proposed/' /etc/apt/sources.list.d/ubuntu.sources
root at c1:~# apt-get -qq update
root at c1:~# apt-get install lxd-installer -t noble-proposed
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages will be upgraded:
lxd-installer
1 upgraded, 0 newly installed, 0 to remove and 24 not upgraded.
Need to get 3926 B of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu noble-proposed/main amd64 lxd-installer all 4ubuntu0.1 [3926 B]
Fetched 3926 B in 0s (106 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
(Reading database ... 12555 files and directories currently installed.)
Preparing to unpack .../lxd-installer_4ubuntu0.1_all.deb ...
Unpacking lxd-installer (4ubuntu0.1) over (4) ...
Setting up lxd-installer (4ubuntu0.1) ...
root at c1:~# ll /sbin/lxd* /usr/sbin/lxd*
-rwxr-xr-x 1 root root 589 May 7 23:33 /sbin/lxd*
-rwxr-xr-x 1 root root 372 Jan 11 16:58 /sbin/lxd.REAL*
-rwxr-xr-x 1 root root 589 May 7 23:33 /usr/sbin/lxd*
-rwxr-xr-x 1 root root 372 Jan 11 16:58 /usr/sbin/lxd.REAL*
```
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to lxd-installer in Ubuntu.
https://bugs.launchpad.net/bugs/2061017
Title:
lxd-installer: permission error not handled and lxd snap not installed
Status in lxd-installer package in Ubuntu:
Fix Released
Status in lxd-installer source package in Noble:
Fix Committed
Bug description:
[ Impact ]
* If the LXD group is not pre-created and/or the primary user isn't
member of it, lxd-installer will fail to install LXD with a cryptic
permission denied error and a long delay before complaining the
command is not found.
[ Test Plan ]
Create a test instance:
$ lxc launch ubuntu-minimal-daily:24.04 u1
Make sure LXD snap is not installed:
$ ! lxc exec u1 -- snap list lxd || false
error: no matching snaps installed
Remove the LXD group:
$ lxc exec u1 -- delgroup lxd
warn: The group `lxd' does not exist.
Check lxd-installer version (update to -proposed package if needed):
$ lxc exec u1 -- dpkg -l | grep lxd-installer
ii lxd-installer 4 all Wrapper to install lxd snap on demand
Trigger lxd-installer as the regular user not a member of the lxd
group:
$ lxc exec --user 1000 --group 1000 --env HOME=/home/ubuntu u1 -- lxc list
Installing LXD snap, please be patient.
Traceback (most recent call last):
File "<string>", line 1, in <module>
PermissionError: [Errno 13] Permission denied
/usr/sbin/lxc: 12: exec: /snap/bin/lxc: not found
Error: Command not found
The output above is the cryptic error that should not be displayed if
the updated package is installed. Instead, a user not in the lxd group
that would trigger the lxd-installer, should immediately receive this
nicer error message:
$ lxc exec --user 1000 --group 1000 --env HOME=/home/ubuntu u1 -- lxc list
Unable to trigger the installation of the LXD snap.
Please make sure you're a member of the 'lxd' system group.
And the return code should be 1 to indicate an error.
[ Where problems could occur ]
The proposed fix is to check if the /run/lxd-installer.socket socket
is writable and if not, report a nicer error and exist with an error
before trying to do the installation and eventually error out.
It is possible for this socket to either be missing or not be writable
for a reason different than the invoking user not being in the lxd
group.
If that's the case, the hint to verify the group membership would be
misleading.
[Original description]
On a fresh install of 24.04 server on Raspberry Pi, I ran 'lxc list'
without having the lxd snap installed already. There was an attempt to
install the snap, but it failed, and the snap needed to be manually
installed:
nr at pi5:~$ lxc list
Installing LXD snap, please be patient.
Traceback (most recent call last):
File "<string>", line 1, in <module>
PermissionError: [Errno 13] Permission denied
/usr/sbin/lxc: 12: exec: /snap/bin/lxc: not found
More details:
nr at pi5:~$ cat /etc/os-release
PRETTY_NAME="Ubuntu Noble Numbat (development branch)"
NAME="Ubuntu"
VERSION_ID="24.04"
VERSION="24.04 LTS (Noble Numbat)"
VERSION_CODENAME=noble
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=noble
LOGO=ubuntu-logo
nr at pi5:~$ apt policy lxd-installer
lxd-installer:
Installed: 4
Candidate: 4
Version table:
*** 4 500
500 http://ports.ubuntu.com/ubuntu-ports noble/main arm64 Packages
100 /var/lib/dpkg/status
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lxd-installer/+bug/2061017/+subscriptions
More information about the foundations-bugs
mailing list