** Description changed:

  [Impact]
- If a non-default umask is set for the root user, then the database created by 
cnf-update-db is not readable by users.
+ If a non-default umask is set for the root user, then the database created by 
cnf-update-db is not readable by users. This causes exceptions when cnf is 
invoked.
  
  This fix ensures databases are created with the correct permissions, but
  it does not automatically reset permissions for broken databases.
  
- [Test plan]
- The umask changes have little regression potential, are tested in a smoke 
test, and there is a larger test suite that ensures it does not regress other 
bits (which again, it really shouldn't)
+ [Test Plan]
+ To reproduce the issue, use the annotated steps below. Confirmed working as a 
reproducer for Bionic, Focal and Impish. Bionic appears to use a -data package 
instead of building the db on "apt update", however, adding a non-default repo 
with CNF metadata will also reproduce the issue. Bionic was tested by adding 
focal-updates to the APT configuration.
+ 
+ Notes:
+ 1) The "ubuntu" user below is unprivileged, the result of the "adduser 
ubuntu" command being run and accepting defaults.
+ 2) The "lck" and "ack" commands were randomly selected as commands that were 
unavailable on the default Ubuntu images used by LXD.
+ 3) Bionic requires the addition of a non-default repo with CNF metadata. The 
focal-updates repo was used in my testing, any repo meeting the conditions 
should do.
+ 
+ ### Reproduction
+ # Add repo with CNF metadata if testing Bionic
+ # Confirm UMASK
+ grep "^UMASK" /etc/login.defs
+ # Set /etc/login.defs to umask 027
+ sed -i -e 's/^UMASK\t\t022/UMASK\t\t027/' /etc/login.defs
+ # Confirm
+ grep "^UMASK" /etc/login.defs
+ # Log out and back in
+ exit
+ 
+ # Log back in
+ # Force rebuild of DB
+ rm -rf /var/lib/command-not-found/*
+ apt update
+ ls -lah /var/lib/command-not-found/
+ # Verify failure
+ su - ubuntu
+ lck
+ ack
+ exit
+ ## END Reproduction
+ 
+ ### Verification
+ # Install updated command-not-found from -proposed
+ # https://wiki.ubuntu.com/Testing/EnableProposed
+ # Update command-not-found.
+ apt upgrade command-not-found
+ # Verify version
+ dpkg -l | grep command-not-found
+ # Force rebuild of DB
+ rm -rf /var/lib/command-not-found/*
+ apt update
+ ls -lah /var/lib/command-not-found/
+ # Verify success
+ su - ubuntu
+ lck
+ ack
+ exit
+ ## END Verification
+ 
+ The failures expected to be seen when running the "lck" and "ack" commands 
are similar to:
+ ubuntu@lp1953610-focal:~$ ack
+ Sorry, command-not-found has crashed! Please file a bug report at:
+ https://bugs.launchpad.net/command-not-found/+filebug
+ Please include the following information with the report:
+ 
+ command-not-found version: 0.3
+ Python version: 3.8.10 final 0
+ Distributor ID: Ubuntu
+ Description: Ubuntu 20.04.3 LTS
+ Release: 20.04
+ Codename: focal
+ Exception information:
+ 
+ unable to open database file
+ Traceback (most recent call last):
+   File "/usr/lib/python3/dist-packages/CommandNotFound/util.py", line 23, in 
crash_guard
+     callback()
+   File "/usr/lib/command-not-found", line 90, in main
+     cnf = CommandNotFound.CommandNotFound(options.data_dir)
+   File "/usr/lib/python3/dist-packages/CommandNotFound/CommandNotFound.py", 
line 79, in __init__
+     self.db = SqliteDatabase(dbpath)
+   File "/usr/lib/python3/dist-packages/CommandNotFound/db/db.py", line 12, in 
__init__
+     self.con = sqlite3.connect(filename)
+ sqlite3.OperationalError: unable to open database file
+ 
+ A successful run should look like:
+ ubuntu@lp1953610-focal:~$ lck
+ 
+ Command 'lck' not found, did you mean:
+ 
+   command 'ack' from deb ack (3.3.1-1)
+   command 'ick' from deb intercal (30:0.30-3)
+   command 'lcp' from deb lsh-client (2.1-12build3)
+   command 'lc' from deb mono-devel (6.8.0.105+dfsg-2)
+   command 'lcf' from deb ucf (3.0038+nmu1)
+   command 'ck' from deb python3-ck (1.9.4-1.1)
+ 
+ Try: apt install <deb name>
+ 
+ The umask changes have little regression potential, are tested in a
+ smoke test, and there is a larger test suite that ensures it does not
+ regress other bits (which again, it really shouldn't)
  
  [Where problems could occur]
- We could have the wrong umask? Admins actually liked c-n-f to crash on them?
+ Admins could rely on the incorrect behavior for some reason (security?).
+ Admins could have existing automation in place to correct the issue that
+ behaves incorrectly or unexpectedly once the behavior is corrected.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1953610

Title:
  cnf-update-db creates unreadable database if wrong umask

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions


-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to