[Bug 1951108] [NEW] cnf db mode gets reset based on root umask each apt update

Dan Streetman 1951108 at bugs.launchpad.net
Tue Nov 16 13:28:46 UTC 2021 

Public bug reported:

[impact]

each time 'apt update' is run, the cnf db is recreated, and it replaces
the existing cnf db file. This resets its file mode based on the root
umask, since root is the user that runs 'apt update'. If the root umask
has the 'other' value set to 7 (e.g. umask 027), then the cnf db will
not be readable by non-root users, which breaks usage of cnf.

[test case]

set root umask to (e.g.) 027 in /etc/login.defs and run 'sudo apt
update', then check the mode of the cnf db (or try to use cnf as a non-
root user)

[regression potential]

failure to create or update the cnf db, or problems with users using cnf

[scope]

this is needed upstream and in all releases

[other info]

https://salsa.debian.org/jak/command-not-found/-/merge_requests/5

** Affects: command-not-found (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: sts

** Tags added: sts

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to command-not-found in Ubuntu.
https://bugs.launchpad.net/bugs/1951108

Title:
  cnf db mode gets reset based on root umask each  apt update

Status in command-not-found package in Ubuntu:
  New

Bug description:
  [impact]

  each time 'apt update' is run, the cnf db is recreated, and it
  replaces the existing cnf db file. This resets its file mode based on
  the root umask, since root is the user that runs 'apt update'. If the
  root umask has the 'other' value set to 7 (e.g. umask 027), then the
  cnf db will not be readable by non-root users, which breaks usage of
  cnf.

  [test case]

  set root umask to (e.g.) 027 in /etc/login.defs and run 'sudo apt
  update', then check the mode of the cnf db (or try to use cnf as a
  non-root user)

  [regression potential]

  failure to create or update the cnf db, or problems with users using
  cnf

  [scope]

  this is needed upstream and in all releases

  [other info]

  https://salsa.debian.org/jak/command-not-found/-/merge_requests/5

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1951108/+subscriptions

More information about the foundations-bugs mailing list