On Thu 24 Oct 2024 at 20:34:18 (-0400), e...@gmx.us wrote: > On 10/24/24 20:01, David Wright wrote: > > Because of the ownership: > > > > $ ls -l /var/cache/apt/archives/ > > total 4 > > -rw-r----- 1 root root 0 Apr 16 2022 lock > > drwx------ 2 _apt root 4096 Oct 22 19:00 partial > > $ > > > > we can assume that _apt is the user that actually downloads packages > > (into partial/) before APT installs them. But your assumption that > > tmp_sh can be read by any user (including _apt) is wrong: you need > > execute permission on all directories traversed along the path, even > > when you “know what you're looking for”.
Apologies ditto. > Fair enough. Should I chmod a+x /root/.synaptic/tmp then, or is there a > nicer way? Not using synaptic, I don't know why that path was chosen. But you'd need world-execute all the way down from /root itself. When I install yt-dlp, being lazy I download the package from packages.debian.org, choosing the most recent version, typically trixie's. I store it under /home/debian/trixie (or whatever), and # apt-get install full-path I consider this safe, and ignore the warning that's issued. IIRC, my warning starts with "N: Download is performed … ". I do this because I'm too lazy to change my sources.list, and that has the side-effect that I can't accidentally install any non-stable packages by way of Depends/Recommends/Suggests. In the past I have placed packages in /var/cache/apt/archives/, but I'm not sure whether I used apt-get with a full path, or dpkg -i; it was so long ago. > Also, I've been running synaptic as "sudo synaptic" and this is the first > time I've got that message. Well, I'll admit that I'm mystified as to what the 283682-byte file called tmp_sh actually is, and how it was obtained. > I used to do "synaptic-pkexec" but it would ask > me for my password each time I ran it, whereas with sudo if I ran it from > the same terminal again within a few minutes, my previous authentication was > good enough. What I've never resolved is under what circumstances does # apt-get install full-path copy full-path via /var/cache/apt/archives/partial/ into /var/cache/apt/archives/, leaving the copy in the cache, and install it from there; or just install it directly from full-path without all the copying. But I suspect that: . performing the copying step ⇒ no warning, . installing directly ⇒ warning issued. Cheers, David.
