[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#860738: marked as done (apt changes to current directory)

Your message dated Wed, 28 Jun 2017 19:19:56 +0000
with message-id <E1dQIVI-0003Jz-TE@fasolo.debian.org>
and subject line Bug#860738: fixed in apt 1.5~alpha1
has caused the Debian Bug report #860738,
regarding apt changes to current directory
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
860738: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860738
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: apt
Version: 1.4
User: selinux-devel@lists.alioth.debian.org
Usertags: selinux

When running `apt update`, apt changes his working directory to the
current directory.
This causes some trouble in correlation with SELinux when not running
the command in the users home directory:

root@server /lib/systemd/system # apt update
Hit:1 http://ftp.de.debian.org/debian unstable InRelease
[...]
Reading package lists... Done
E: Unable to change to /lib/systemd/system/ - chdir (13: Permission denied)

type=PROCTITLE msg=audit(04/19/17 15:47:25.787:887) :
proctitle=/bin/sh /usr/bin/apt-key --quiet --readonly verify
--status-fd 3 /tmp/apt.sig.UgYsLd /tmp/apt.data.S6DCAl
type=PATH msg=audit(04/19/17 15:47:25.787:887) : item=0 name=.
nametype=UNKNOWN
type=CWD msg=audit(04/19/17 15:47:25.787:887) : cwd=/lib/systemd/system
type=SYSCALL msg=audit(04/19/17 15:47:25.787:887) : arch=x86_64
syscall=stat success=no exit=EACCES(Permission denied) a0=0x7780a6de3d
a1=0x385e17bea10 a2=0x385e17bea10 a3=0x778345f160 items=1 ppid=20684
pid=20685 auid=root uid=_apt gid=
nogroup euid=_apt suid=_apt fsuid=_apt egid=nogroup sgid=nogroup
fsgid=nogroup tty=pts1 ses=1 comm=apt-key exe=/bin/dash
subj=root:sysadm_r:apt_t:s0-s0:c0.c1023 key=(null)
type=AVC msg=audit(04/19/17 15:47:25.787:887) : avc:  denied  { search
} for  pid=20685 comm=apt-key name=system dev="sda1" ino=262743
scontext=root:sysadm_r:apt_t:s0-s0:c0.c1023
tcontext=system_u:object_r:systemd_unit_t:s0 tclass=dir pe
rmissive=0

Maybe apt could changes his working directory to ~ (the users home
root) or / (the root node)?

--- End Message ---
--- Begin Message --- 
Source: apt
Source-Version: 1.5~alpha1

We believe that the bug you reported is fixed in the latest version of
apt, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 860738@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Julian Andres Klode <jak@debian.org> (supplier of updated apt package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 28 Jun 2017 19:52:24 +0200
Source: apt
Binary: apt libapt-pkg5.0 libapt-inst2.0 apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https
Architecture: source
Version: 1.5~alpha1
Distribution: experimental
Urgency: medium
Maintainer: APT Development Team <deity@lists.debian.org>
Changed-By: Julian Andres Klode <jak@debian.org>
Description:
 apt        - commandline package manager
 apt-doc    - documentation for APT
 apt-transport-https - https download transport for APT
 apt-utils  - package management related utility programs
 libapt-inst2.0 - deb package format runtime library
 libapt-pkg-dev - development files for APT's libapt-pkg and libapt-inst
 libapt-pkg-doc - documentation for APT development
 libapt-pkg5.0 - package management runtime library
Closes: 857885 860738 863635
Changes:
 apt (1.5~alpha1) experimental; urgency=medium
 .
   [ Julian Andres Klode ]
   * pkgcache: Bump major version to 12
   * Squashed 'triehash/' changes from 565fde4e7..0ca66b761
   * methods: Add HTTPS support to http method, using GnuTLS.
     The http method will eventually replace the curl-based
     https method, but for now, this is an opt-in experiment
     that can be enabled by setting Dir::Bin::Methods::https
     to "http".
     Known issues:
     - We do not support HTTPS proxies yet
     - We do not support proxying HTTPS connections yet (CONNECT)
     - IssuerCert and SslForceVersion are unsupported
   * Allow building without curl
   * Introduce Acquire::AllowTLS to turn off TLS support
   * Skip test-apt-download-progress
   * Strip 0: epochs from the version hash
 .
   [ David Kalnischkies ]
   * schedule the correct side of the conflict for removal.
     Thanks to Michael Biebl for helping find this with countless tests
   * don't show incorrect 'How odd' errror in no-download mode (Closes: 863635)
   * Show permission error if ProxyAutoDetect cmd can't be executed
     (Closes: 857885)
   * Avoid chdir in acquire clean with unlinkat (Closes: 860738)
   * ident a CD without changing directory
   * clean archives without changing directory
   * avoid changing directory in mirror method
   * warn if an expected file can't be acquired
   * show .diff/Index properly as ignored if we fallback
   * fail InRelease on non-404 HTTP errorcodes
   * deal with 3xx httpcodes as required by HTTP/1.1 spec
   * fail instead of warn on insecure repositories in apt-get
   * error in update on Release information changes
   * show a Release-Notes URI if infos were changed
   * allow frontends to override releaseinfo change behaviour
   * ask for releaseinfo change interactively in apt
Checksums-Sha1:
 1d0a0440888bb132f88a6e08f9cd51f4e353a6a3 2597 apt_1.5~alpha1.dsc
 dc1251d00928f3ae49a355a7ca3366b5bdfc9e6e 2087752 apt_1.5~alpha1.tar.xz
 fa8e66049c757ef2ace35ac61585d6263894e7af 7946 apt_1.5~alpha1_source.buildinfo
Checksums-Sha256:
 d2c3d5de6e28b0476459c53f4fcbd1137ab1f179474d85145a87e1575cd98d30 2597 apt_1.5~alpha1.dsc
 752d5d4acf942ee2ed3ea0ef40ef85433fcb4e472541555570fb92cbfb08496b 2087752 apt_1.5~alpha1.tar.xz
 ef7485df02e8f418153172cb3ed986fe9b3309e93df844c7ab8e3565e1dc0238 7946 apt_1.5~alpha1_source.buildinfo
Files:
 6e544005f9d9e7f2480c89bd03a473db 2597 admin important apt_1.5~alpha1.dsc
 57397f5d76c12c5d88c03ed4fb77423d 2087752 admin important apt_1.5~alpha1.tar.xz
 f402e3ce63177da9c99115ce53d6527f 7946 admin important apt_1.5~alpha1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJDBAEBCgAtFiEEzeVhi4gF/W4gLOnC1zw55WWAs4YFAllT7VcPHGpha0BkZWJp
YW4ub3JnAAoJENc8OeVlgLOGojoP/2wXmdCSiW/WOB0Tav+FYc5oEJnR//bou6+o
ZMWT0LnNj6zDrkhMSgfq8Itc8wuIovd/7gY+QHc3jV2T0EbR+bQfrUzHAWW2CP80
PG8dNVDMAiEkJRacEhEabJlJpL4Z87AT6U8FWNARnVqQ04Mklaxgf7yCEdefD4TN
D+lMJfRIEQ2GYfv8sboP6BTO/eXSDbdImVgU87YoHoZa4/v2I1Kk6gjc1NWCh/bc
pMAmszvp4kHmLzIh6YhDZGfbkG0onUnwI1whfy367HkZmAvmvVA28TJkBelCAcvG
VyC6wm9xqFvNvroABj2AoOCiFQRMKJvmGQBRhw8yNaCa4d4aFLMDYqIAYqzcmESo
NffKb4kYU6B0uhC8JFCD0mn+olFHTgYkjxjfg/yqHLMdb+906NtqwI0AoLrS5M7/
LB8adlIdoy8kj9WuOmNvDBbUqhC0tFCmfNSA6kzolDnKnK8+gLoR1A3FbfNj4FjO
0rRoOhquSmO/9qCvJ1oor97K3+qu1GcFd4j4lPqTltQLcXOHYGYrfdcwxuCc1zB7
Z+xPfs5mxtv2zJ7T1SCWUqdYHhN+yPs/Fj/X4uMt2H9gw9fWyfTmU5fBgcH461tK
llcEnSl4KUMZnw7srr10wWqG9Q+mZsfdWKX0QLkBYo1rq2E/wYDl3zyqlcjX4eW2
CL7TaRJc
=R0X4
-----END PGP SIGNATURE-----

--- End Message ---
Reply to: