Bug#1055569: apt: StateDir variable may not be initialized in apt daily (ineffective lock)
Package: apt
Version: 2.6.1
Severity: normal
X-Debbugs-Cc: benoit.sibaud@orange.com
Dear Maintainer,
in /usr/lib/apt/apt.systemd.daily all vars defined by eval + apt-config
shell are pre-initialized, except the one used for daily_lock file.
Cache="/var/cache/apt/archives/"
eval $(apt-config shell Cache Dir::Cache::archives/d)
versus
eval $(apt-config shell StateDir Dir::State/d)
exec 3>${StateDir}/daily_lock
So if apt-config shell fails, $StateDir is undefined, daily_lock is
created in / instead of /var/lib/apt/
so you can have something like that:
-rw-r--r-- 1 root root 0 Nov 6 12:47 /daily_lock
-rw-r--r-- 1 root root 0 Nov 7 14:33 /var/lib/apt/daily_lock
ie. ineffective lock at some point and remaining useless file in /
An easy way to trigger the issue is to bork a bit apt configuration...
like a wrong instruction in /etc/apt/apt.conf.d/99bork for example.
# apt-config shell StateDir Dir::State/d
E: Syntax error /etc/apt/apt.conf:4: Extra junk at end of file
Probable fix: add a StateDir="/var/lib/apt" before (and/or activate set
-e to only use defined variables)
-- Package-specific info:
-- (no /etc/apt/preferences present) --
-- (no /etc/apt/preferences.d/* present) --
-- (no /etc/apt/sources.list present) --
-- (/etc/apt/sources.list.d/debian.sources present, but not submitted) --
-- System Information:
Debian Release: 12.2
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500,
'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 6.2.0-36-generic (SMP w/20 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect
Versions of packages apt depends on:
ii adduser 3.134
ii debian-archive-keyring 2023.3+deb12u1
ii gpgv 2.2.40-1.1
ii libapt-pkg6.0 2.6.1
ii libc6 2.36-9+deb12u3
ii libgcc-s1 12.2.0-14
ii libgnutls30 3.7.9-2
ii libseccomp2 2.5.4-1+b3
ii libstdc++6 12.2.0-14
ii libsystemd0 252.17-1~deb12u1
Versions of packages apt recommends:
ii ca-certificates 20230311
Versions of packages apt suggests:
pn apt-doc <none>
pn aptitude | synaptic | wajig <none>
pn dpkg-dev <none>
pn gnupg | gnupg2 | gnupg1 <none>
pn powermgmt-base <none>
-- no debconf information
____________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
This message and its attachments may contain confidential or privileged information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete this message and its attachments.
As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
Thank you.
Reply to: