Public bug reported:
The /usr/share/polkit-1/actions/com.ubuntu.apport.policy policykit
actions file does not validate against the provided
/usr/share/polkit-1/policyconfig-1.dtd.
See this:
$ xmllint --noout --nonet --dtdvalid
/usr/share/polkit-1/policyconfig-1.dtd
/usr/share/polkit-1/actions/com.ubuntu.apport.policy
/usr/share/polkit-1/actions/com.ubuntu.apport.policy:10: element
action: validity error : Element action content does not follow the DTD,
expecting (vendor? , vendor_url? , description+ , message+ , icon_name?
, defaults , annotate*), got (description message annotate defaults )
/usr/share/polkit-1/actions/com.ubuntu.apport.policy:22: element
action: validity error : Element action content does not follow the DTD,
expecting (vendor? , vendor_url? , description+ , message+ , icon_name?
, defaults , annotate*), got (description message annotate annotate
defaults )
Document /usr/share/polkit-1/actions/com.ubuntu.apport.policy does not
validate against /usr/share/polkit-1/policyconfig-1.dtd
Moving some annotations around fixes it:
--- /usr/share/polkit-1/actions/com.ubuntu.apport.policy 2024-10-10
13:33:34.259771648 +0000
+++ /tmp/com.ubuntu.apport.policy.new 2024-10-10 13:34:05.959942011 +0000
@@ -10,25 +10,24 @@
<action id="com.ubuntu.apport.root-info">
<description gettext-domain="apport">Collect system
information</description>
<message gettext-domain="apport">Authentication is required to collect
system information for this problem report</message>
- <annotate
key="org.freedesktop.policykit.exec.path">/usr/share/apport/root_info_wrapper</annotate>
-
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
<allow_active>auth_admin</allow_active>
</defaults>
+ <annotate
key="org.freedesktop.policykit.exec.path">/usr/share/apport/root_info_wrapper</annotate>
</action>
<action id="com.ubuntu.apport.apport-gtk-root">
<description gettext-domain="apport">System problem reports</description>
<message gettext-domain="apport">Please enter your password to access
problem reports of system programs</message>
- <annotate
key="org.freedesktop.policykit.exec.path">/usr/share/apport/apport-gtk</annotate>
- <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
<allow_active>auth_admin</allow_active>
</defaults>
+ <annotate
key="org.freedesktop.policykit.exec.path">/usr/share/apport/apport-gtk</annotate>
+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
</action>
</policyconfig>
Note that this applies not just to the apport actions. There are plenty
of other actions files that fail the dtdvalid check.
This one has a semi-proper DOCTYPE:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd";>
The live URL is actually
https://specifications.freedesktop.org/PolicyKit/1.0/policyconfig.dtd
but the title matches the title in
/usr/share/polkit-1/policyconfig-1.dtd (from polkitd), so xmllint
doesn't try to download another DTD (which inevitably fails because the
URLs are bad).
For instance:
/usr/share/polkit-1/actions$ head -n3 com.mesonbuild.install.policy
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD polkit Policy
Configuration 1.0//EN"
"https://specifications.freedesktop.org/PolicyKit/1.0/policyconfig.dtd";>
^- should be "-//freedesktop//DTD PolicyKit Policy Configuration
1.0//EN"
And these all fail for one reason or the other:
/usr/share/polkit-1/actions$ for x in *; do
xmllint --noout --dtdvalid /usr/share/polkit-1/policyconfig-1.dtd "$x"
2>/dev/null ||
echo "$x"
done
com.ubuntu.apport.policy
com.ubuntu.release-upgrader.policy
com.ubuntu.update-notifier.policy
net.fiasko-nw.needrestart.policy
And then there are more on my Jammy desktop. Don't feel like filing a
separate bug report for each one, but I might link to this one.
Cheers,
Walter Doekes
OSSO B.V.
** Affects: apport (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/2084152
Title:
/usr/share/polkit-1/actions/com.ubuntu.apport.policy in Noble invalid
dtd
Status in apport package in Ubuntu:
New
Bug description:
The /usr/share/polkit-1/actions/com.ubuntu.apport.policy policykit
actions file does not validate against the provided
/usr/share/polkit-1/policyconfig-1.dtd.
See this:
$ xmllint --noout --nonet --dtdvalid
/usr/share/polkit-1/policyconfig-1.dtd
/usr/share/polkit-1/actions/com.ubuntu.apport.policy
/usr/share/polkit-1/actions/com.ubuntu.apport.policy:10: element
action: validity error : Element action content does not follow the
DTD, expecting (vendor? , vendor_url? , description+ , message+ ,
icon_name? , defaults , annotate*), got (description message annotate
defaults )
/usr/share/polkit-1/actions/com.ubuntu.apport.policy:22: element
action: validity error : Element action content does not follow the
DTD, expecting (vendor? , vendor_url? , description+ , message+ ,
icon_name? , defaults , annotate*), got (description message annotate
annotate defaults )
Document /usr/share/polkit-1/actions/com.ubuntu.apport.policy does
not validate against /usr/share/polkit-1/policyconfig-1.dtd
Moving some annotations around fixes it:
--- /usr/share/polkit-1/actions/com.ubuntu.apport.policy 2024-10-10
13:33:34.259771648 +0000
+++ /tmp/com.ubuntu.apport.policy.new 2024-10-10 13:34:05.959942011 +0000
@@ -10,25 +10,24 @@
<action id="com.ubuntu.apport.root-info">
<description gettext-domain="apport">Collect system
information</description>
<message gettext-domain="apport">Authentication is required to collect
system information for this problem report</message>
- <annotate
key="org.freedesktop.policykit.exec.path">/usr/share/apport/root_info_wrapper</annotate>
-
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
<allow_active>auth_admin</allow_active>
</defaults>
+ <annotate
key="org.freedesktop.policykit.exec.path">/usr/share/apport/root_info_wrapper</annotate>
</action>
<action id="com.ubuntu.apport.apport-gtk-root">
<description gettext-domain="apport">System problem reports</description>
<message gettext-domain="apport">Please enter your password to access
problem reports of system programs</message>
- <annotate
key="org.freedesktop.policykit.exec.path">/usr/share/apport/apport-gtk</annotate>
- <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
<defaults>
<allow_any>auth_admin</allow_any>
<allow_inactive>auth_admin</allow_inactive>
<allow_active>auth_admin</allow_active>
</defaults>
+ <annotate
key="org.freedesktop.policykit.exec.path">/usr/share/apport/apport-gtk</annotate>
+ <annotate key="org.freedesktop.policykit.exec.allow_gui">true</annotate>
</action>
</policyconfig>
Note that this applies not just to the apport actions. There are
plenty of other actions files that fail the dtdvalid check.
This one has a semi-proper DOCTYPE:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
"http://www.freedesktop.org/standards/PolicyKit/1.0/policyconfig.dtd";>
The live URL is actually
https://specifications.freedesktop.org/PolicyKit/1.0/policyconfig.dtd
but the title matches the title in
/usr/share/polkit-1/policyconfig-1.dtd (from polkitd), so xmllint
doesn't try to download another DTD (which inevitably fails because
the URLs are bad).
For instance:
/usr/share/polkit-1/actions$ head -n3 com.mesonbuild.install.policy
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD polkit Policy
Configuration 1.0//EN"
"https://specifications.freedesktop.org/PolicyKit/1.0/policyconfig.dtd";>
^- should be "-//freedesktop//DTD PolicyKit Policy Configuration
1.0//EN"
And these all fail for one reason or the other:
/usr/share/polkit-1/actions$ for x in *; do
xmllint --noout --dtdvalid /usr/share/polkit-1/policyconfig-1.dtd "$x"
2>/dev/null ||
echo "$x"
done
com.ubuntu.apport.policy
com.ubuntu.release-upgrader.policy
com.ubuntu.update-notifier.policy
net.fiasko-nw.needrestart.policy
And then there are more on my Jammy desktop. Don't feel like filing a
separate bug report for each one, but I might link to this one.
Cheers,
Walter Doekes
OSSO B.V.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/2084152/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
