--- Begin Message ---
Package: apt
Version: 1.0.5
Severity: important
(warning: attached patch is not a solution, it is just intended to show
the problem)
Setting Dir::Cache::archives and Dir::Cache to the empty string (as
instructed by man 5 apt.conf) do NOT disable cache but set it to '/'.
Consequence: apt-get clean then effectively cleans '/' and removes all
files here.
Not true anymore but even worse, on squeeze it also removes the '/lib64'
symlink, breaking the loader and preventing any new dynamically linked
binary to be launched.
- - -
all following tests done on debian testing, up to date on 2014-07-02
current result:
debdev# cat apt.conf
Dir::Cache "";
Dir::Cache::archives "";
debdev# touch /VERY_SECRET
debdev# ls /
bin boot dev etc home initrd.img initrd.img.old lib lib64 lost+found media mnt opt proc root run sbin srv sys tmp usr var VERY_SECRET vmlinuz vmlinuz.old
debdev# apt-get clean
debdev# ls /
bin boot dev etc home lib lib64 lock lost+found media mnt opt proc root run sbin srv sys tmp usr var
reading source code (contrib/configuration.cc) instead of the man page of apt.conf:
debdev# cat apt.conf
Dir::Cache "/dev/null";
Dir::Cache::archives "/dev/null";
debdev# touch /VERY_SECRET
debdev# ls /
bin boot dev etc home lib lib64 lock lost+found media mnt opt proc root run sbin srv sys tmp usr var VERY_SECRET
debdev# apt-get clean
debdev# ls /
bin boot dev etc home lib lib64 lock lost+found media mnt opt proc root run sbin srv sys tmp usr var VERY_SECRET
expected result, BUT BUT BUT its not a good idea at all :
debdev# cat /etc/apt/apt.conf
Dir::Cache "/dev/null";
Dir::Cache::archives "/dev/null";
debdev# ls -l /dev/null
crw-rw-rw- 1 root root 1, 3 Jul 2 20:11 /dev/null
debdev# apt-get install libcaca
Reading package lists... Error!
E: Write error - write (28: No space left on device)
E: Can't mmap an empty file
E: Failed to truncate file - ftruncate (9: Bad file descriptor)
E: The package lists or status file could not be parsed or opened.
debdev# ls -l /dev/null
-rw-r--r-- 1 root root 0 Jul 2 20:17 /dev/null
debdev# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/debdev-root 95G 5.0G 85G 6% /
udev 10M 10M 0 100% /dev
tmpfs 202M 200K 201M 1% /run
tmpfs 5.0M 0 5.0M 0% /run/lock
tmpfs 403M 0 403M 0% /run/shm
/dev/sda1 228M 80M 137M 37% /boot
none 4.0K 0 4.0K 0% /sys/fs/cgroup
and finally with attached patch (built without "make test" because it has other side-effects):
debdev# cat /etc/apt/apt.conf
Dir::Cache "";
Dir::Cache::archives "";
debdev# touch /MYTRALALA
debdev# ls /
bin dev home lib64 lost+found mnt opt root sbin sys usr
boot etc lib lock media MYTRALALA proc run srv tmp var
debdev# apt-get clean
E: Ignored empty string directory configuration (would have been expanded to '/' otherwise)
debdev# ls /
bin dev home lib64 lost+found mnt opt root sbin sys usr
boot etc lib lock media MYTRALALA proc run srv tmp var
diff --git a/apt-pkg/contrib/configuration.cc b/apt-pkg/contrib/configuration.cc
index 00f6ad0..3dd63aa 100644
--- a/apt-pkg/contrib/configuration.cc
+++ b/apt-pkg/contrib/configuration.cc
@@ -240,6 +240,11 @@ string Configuration::FindFile(const char *Name,const char *Default) const
string Configuration::FindDir(const char *Name,const char *Default) const
{
string Res = FindFile(Name,Default);
+ if (Res == "")
+ {
+ _error->Error(_("Ignored empty string directory configuration (would have been expanded to '/' otherwise)"));
+ return Res;
+ }
if (Res.end()[-1] != '/')
{
size_t const found = Res.rfind("/dev/null");
diff --git a/doc/apt.conf.5.xml b/doc/apt.conf.5.xml
index fcbf20d..e30898c 100644
--- a/doc/apt.conf.5.xml
+++ b/doc/apt.conf.5.xml
@@ -607,8 +607,8 @@ DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt";};
<para><literal>Dir::Cache</literal> contains locations pertaining to local cache
information, such as the two package caches <literal>srcpkgcache</literal> and
<literal>pkgcache</literal> as well as the location to place downloaded archives,
- <literal>Dir::Cache::archives</literal>. Generation of caches can be turned off
- by setting their names to the empty string. This will slow down startup but
+ <literal>Dir::Cache::archives</literal>. Generation of caches CANNOT BE TURNED OFF.
+ This would slow down startup but could
save disk space. It is probably preferable to turn off the pkgcache rather
than the srcpkgcache. Like <literal>Dir::State</literal> the default
directory is contained in <literal>Dir::Cache</literal></para>
--- End Message ---
--- Begin Message ---
Source: apt
Source-Version: 1.0.6
We believe that the bug you reported is fixed in the latest version of
apt, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 753531@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Vogt <mvo@debian.org> (supplier of updated apt package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 10 Jul 2014 11:46:07 +0200
Source: apt
Binary: apt libapt-pkg4.12 libapt-inst1.5 apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https
Architecture: source all amd64
Version: 1.0.6
Distribution: unstable
Urgency: medium
Maintainer: APT Development Team <deity@lists.debian.org>
Changed-By: Michael Vogt <mvo@debian.org>
Description:
apt - commandline package manager
apt-doc - documentation for APT
apt-transport-https - https download transport for APT
apt-utils - package management related utility programs
libapt-inst1.5 - deb package format runtime library
libapt-pkg-dev - development files for APT's libapt-pkg and libapt-inst
libapt-pkg-doc - documentation for APT development
libapt-pkg4.12 - package management runtime library
Closes: 753297 753531 753941 753979
Changes:
apt (1.0.6) unstable; urgency=medium
.
[ Chris Leick ]
* German translation reviewed by Erik Pfannenstein
.
[ Michael Vogt ]
* methods/http.cc: use Req.str() in debug output
* Do not try to parse invalid translation files (LP: #756317)
* Do not clean "/" in pkgAcquire::Clean/pkgArchiveCleaner (Closes: #753531)
* Only show packages as upgradable if the have a CandidateVer != 0
(Closes: #753297)
.
[ Trần Ngọc Quân ]
* l10n: vi.po: Update 3 new messages
.
[ Joe Hansen ]
* Danish program translation update (Closes: 753979)
.
[ David Kalnischkies ]
* handle moved mmap after UniqFindTagWrite call (Closes: #753941)
.
[ Michele Orrù ]
* use printf instead of echo in testing framework
.
[ Cédric Barboiron ]
* Improve description how to turn off the caches (Closes: #753531)
.
[ Guillem Jover ]
* po: Fill or add missing Language field
* po: Remove fuzzy from file msgid header
* po: Fill Project-Id-Version with correct project id and version
* po: Fix Plural-Forms fields
* po: Fix or add missing email addresses
* po: Fix encoding issues
* po: Fix format specifier order in translation
* build: Set the XSL parameter through the command line instead of sed
* build: Convert from DebianDoc SGML to DocBook XML
* doc: Convert from DebianDoc SGML to DocBook XML
* doc: Unfuzzy DocBook translations
Checksums-Sha1:
375b36f7e431b9107cd0e29cba4d50ccdba58b76 1705 apt_1.0.6.dsc
fc34dc6fe17030828a65ac5ddc806a6759a923ab 1783308 apt_1.0.6.tar.xz
d451d8cf8707749ddeebdad147c59dd1734adbb9 275034 apt-doc_1.0.6_all.deb
52ba68b426ce7874c989d759542e6102e3c4193a 773144 libapt-pkg-doc_1.0.6_all.deb
8b1a16e336d96ceedef431c134b2a3e5cadae47f 766594 libapt-pkg4.12_1.0.6_amd64.deb
2a9214479a45fc39e5b2619fd14eae32803f9351 165624 libapt-inst1.5_1.0.6_amd64.deb
6273b8a80ca3684f8103b83346267255eed1bb73 1076374 apt_1.0.6_amd64.deb
f4c790202e84fd901b399da541eb1e6ff1166c14 189822 libapt-pkg-dev_1.0.6_amd64.deb
4b90a8d93020d4be16da8164065036b24409f021 356744 apt-utils_1.0.6_amd64.deb
71c00e4aac3798fbbee15d816775e443bdbd8592 132154 apt-transport-https_1.0.6_amd64.deb
Checksums-Sha256:
4243e86c995d60e4bfbde6bd8b56ae71a6bf6dad8a1edb9fef7a746ab4ad5116 1705 apt_1.0.6.dsc
d2dcb33583ecf27b7116734833e69d7854ac9ca87e88842e15d89f97a2f783cb 1783308 apt_1.0.6.tar.xz
9aa9f3b6cbe26c290d9d9df8ddba091d366f3c7f6caced18cbde37ed5c800131 275034 apt-doc_1.0.6_all.deb
73b12e7ef98008e704bcadfd68ea1260d429977d786ee6c5762f113ce6a05cfe 773144 libapt-pkg-doc_1.0.6_all.deb
b289d1db68a0ad65a06cb7c03aa7862c9cd47a3e0a9c6992e3990a1da2a90f39 766594 libapt-pkg4.12_1.0.6_amd64.deb
87d068a75ba37a43797d2af95453ec0dd9d7cd7d5cb620f3936595ecb6b5c9ec 165624 libapt-inst1.5_1.0.6_amd64.deb
f9613b58e597e42e8ee34cbc8570c15b7b4094c6300e9ac16d78baf29c4ae300 1076374 apt_1.0.6_amd64.deb
8ec4b61eec21bba324b3827629cf412600a7117de41deb18ad3ee75b9d5acca7 189822 libapt-pkg-dev_1.0.6_amd64.deb
39925eb637fc08deed6cbab8d9a9ed1c1b7748e703dd56f73a4a7dc0a3be57c9 356744 apt-utils_1.0.6_amd64.deb
7abd52f4f749f6d5e55a13733cfb238764e0ad5a95e9caccf2d1b7226a382c9e 132154 apt-transport-https_1.0.6_amd64.deb
Files:
24235f873ba3368a9e20359679839967 275034 doc optional apt-doc_1.0.6_all.deb
13d28d74ac92ef6f7c274dcc7f3616ac 773144 doc optional libapt-pkg-doc_1.0.6_all.deb
d6afcdbeb04febfb4a87b4e3718d70c4 766594 libs important libapt-pkg4.12_1.0.6_amd64.deb
567cf9ce659ec62d1ba830f0c081222c 165624 libs important libapt-inst1.5_1.0.6_amd64.deb
4a1d939ef0c17bf0fcffdff149de91e6 1076374 admin important apt_1.0.6_amd64.deb
73965bfff073355c28b7911ea5887d81 189822 libdevel optional libapt-pkg-dev_1.0.6_amd64.deb
f052f33f850c82f79ffbfc550b121cfa 356744 admin important apt-utils_1.0.6_amd64.deb
d355c255d4aea376d19c41565db6f70a 132154 admin optional apt-transport-https_1.0.6_amd64.deb
f424553cd0610f15989bbbe7f490221b 1705 admin important apt_1.0.6.dsc
acea09bc9da77fe746157670304c8396 1783308 admin important apt_1.0.6.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iEYEARECAAYFAlO+dGMACgkQliSD4VZixzTpIwCeOIIoYax+rCn0sxO6kA3QdLdl
pmYAn0gLT91UdwDr3NFqPQNCnu/26N4l
=epUT
-----END PGP SIGNATURE-----
--- End Message ---