[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#813786: Download is performed unsandboxed as root

It is seemed to 813786 resolved bug you can see:

From: Julian Andres Klode <jak@debian.org>

To: 813786-close@bugs.debian.org

Subject: Bug#813786: fixed in apt 1.4~beta3

Date: Thu, 05 Jan 2017 21:03:45 +0000

But now it is for local repository.

I install or update a packets on my local computer with Debian 64 8.6 Unstable through 2 stages.

At first, through apt-mirror (0.5.1-1 or 0.5.2-1) i update local repository on separated hard disk. At next, i install or update packets through apt, aptitude or synaptic from local repository. When i work in Debian Stable through apt (1.0.9.8.3), aptitude (0.6.11-1+b1) or synaptic (0.81.2) it is all right.

But if i use

Testing:

apt (1.4~beta2)

aptitude (0.8.4-1)

synaptic (0.83+nmu1)

For example:

root@A1:/home/u1# apt update

Rec:1 file:/media/u1/DebRepo/deb-repo/mirror/mirror.mephi.ru/debian sid InRelease [209 kB]

Rec:1 file:/media/u1/DebRepo/deb-repo/mirror/mirror.mephi.ru/debian sid InRelease [209 kB]

Read package lists… Ready

Building dependency tree

Read status information… Ready

Can be updated 1 package. Run "apt list --upgradable" for the show.

N: Can't drop privileges for downloading as file

«/media/u1/DebRepo/deb-repo/mirror/mirror.mephi.ru/debian/dists/sid/InRelease» couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission non accordée).

synaptic (0.83+nmu1), when access to the local repository, issue such reports "Cannot be reset rights for download" and failing to access the repository.

Aptitude (0.8.4-1), when we update packets list (press button «u») it is showed

file:/media/u1/Debian/deb-repo/mirror/mirror.mephi.ru/debian sid/main Translation.ru [Error]

file not found — file:/media/u1/Debian/deb-repo/mirror/mirror.mephi.ru/debian/dists/sid/main/i18n/Translation-ru (2: file not found)

file:/media/u1/Debian/deb-repo/mirror/mirror.mephi.ru/debian sid/main [Ignored]

Unstable:

apt (1.4~beta3)

synaptic (0.84.1)

For example:

root@A1:/home/u1# apt update

Rec:1 file:/media/u1/DebRepo/deb-repo/mirror/mirror.mephi.ru/debian sid InRelease [209 kB]

Rec:1 file:/media/u1/DebRepo/deb-repo/mirror/mirror.mephi.ru/debian sid InRelease [209 kB]

Read package lists… Ready

Building dependency tree

Read status information… Ready

Can be updated 1 package. Run "apt list --upgradable" for the show.

N: Download is performed unsandboxed as root as file '/media/u1/Debian/deb-repo/mirror/mirror.mephi.ru/debian/dists/sid/InRelease' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission non accordée)

By the way, if in sources.list specify a remote repository over http, then everything works.

It seems that these programs can't work with «file://» access.

Reply to: