Bug#764066: fails download when running a stable kernel: PR_SET_NO_NEW_PRIVS failed with -1
Package: apt
Version: 1.1~exp3
Severity: important
After updating apt to experimental in a chroot running on a stable
machine, download operations fail. Example output:
# apt-get source glibc
Reading package lists...
Building dependency tree...
Reading state information...
NOTICE: 'glibc' packaging is maintained in the 'Svn' version control system at:
svn://svn.debian.org/pkg-glibc/glibc-package/
Need to get 13.4 MB of source archives.
Err http://ftp2.de.debian.org/debian/ sid/main glibc 2.19-11 (dsc)
PR_SET_NO_NEW_PRIVS failed with -1
Err http://ftp2.de.debian.org/debian/ sid/main glibc 2.19-11 (tar)
Could not open file glibc_2.19.orig.tar.xz - open (13: Permission denied)
Err http://ftp2.de.debian.org/debian/ sid/main glibc 2.19-11 (diff)
Could not open file glibc_2.19-11.debian.tar.xz - open (13: Permission denied)
E: Failed to fetch http://ftp2.de.debian.org/debian/pool/main/g/glibc/glibc_2.19-11.dsc PR_SET_NO_NEW_PRIVS failed with -1
E: Failed to fetch http://ftp2.de.debian.org/debian/pool/main/g/glibc/glibc_2.19.orig.tar.xz Could not open file glibc_2.19.orig.tar.xz - open (13: Permission denied)
E: Failed to fetch http://ftp2.de.debian.org/debian/pool/main/g/glibc/glibc_2.19-11.debian.tar.xz Could not open file glibc_2.19-11.debian.tar.xz - open (13: Permission denied)
E: Failed to fetch some archives.
#
Apt should degrade gracefully to the unavailability of the
PR_SET_NO_NEW_PRIVS prctl on older kernels. After all this is "only" a
hardening measure.
Helmut
Reply to: