[Bug 1960864] Re: [MIR] plocate
Steve Beattie
1960864 at bugs.launchpad.net
Tue Mar 8 06:42:48 UTC 2022
I reviewed plocate 1.1.15-1ubuntu2 as checked into jammy. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
plocate is a locate implementation based on posting lists and io_uring,
intended as a drop-in replacement for mlocate.
- No CVE History.
- Build-Depends on liburing and libzstd
- The pre/post inst/rm scripts adds a plocate group, sets up
alternatives to place it as the locate, and sets up the systemd timer.
Things are cleaned up in the pre/post-rm scripts.
- No init scripts.
- One systemd timer and service to run updatedb
- No dbus services
- No setuid binaries, plocate binary is setgid.
- binaries in PATH: plocate, plocate-build, and updatedb.plocate
- No sudo fragments
- No polkit files
- No udev rules
- test
- no unit or other build-time tests
- autopkgtests: a basic test plus a more complex test that tests
visibility across differing users.
- One cron job that exits immediately because systemd timers are available.
- No build warnings or errors, lintian with one minor warning:
command-with-path-in-maintainer-script
- No processes spawned.
- Memory management is okay, generally uses C++ style
allocations / deallocations.
- File IO is mostly performed on static names or parsed out of
/proc/self/mountinfo. The exception is the db argument to plocate;
however, if alternate db files are passed, a child process that drops
privilege is forked to search the passed db file.
- Logging is mostly done by perror, and is done safely.
- Environment variable usage is okay.
- Privileged functions (setgid) are used to drop privs and are okay
(returned errors are checked for).
- No use of cryptography / random number sources.
- Sole use of temp files in database-builder is okay, uses O_TMPFILE if
available.
- No use of networking.
- No use of WebKit.
- No use of PolicyKit.
- No significant cppcheck results.
- No significant Coverity results, a couple of issues that could possibly
warrant further investigation. Recommend upstream project make use of
the public https://scan.coverity.com service.
Code generally feels modern and readable.
Security team ACK for promoting plocate to main.
** Changed in: plocate (Ubuntu Jammy)
Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to plocate in Ubuntu.
https://bugs.launchpad.net/bugs/1960864
Title:
[MIR] plocate
Status in plocate package in Ubuntu:
New
Status in plocate source package in Jammy:
New
Bug description:
[Availability]
The package plocate is already in Ubuntu universe.
The package plocate builds for the architectures it is designed to work on.
It currently builds and works for architetcures: amd64, arm64, armhf, ppc64el, s390x
Link to package [[https://launchpad.net/ubuntu/+source/plocate|plocate]]
[Rationale]
- The package plocate will generally be useful for a large part of
our user base
- Package plocate covers the same use case as mlocate, but is better
because it is a faster implementation. From the package description:
"plocate is a locate(1) based on posting lists, giving much faster
searches on a much smaller index. It is a drop-in replacement for mlocate in
nearly all aspects, and is fast on SSDs and non-SSDs alike."
- Additional reasons: Debian has removed mlocate in favor of plocate.
[Security]
- No CVEs/security issues in this software in the past
http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=plocate
https://ubuntu.com/security/cve?package=plocate
- /usr/bin/plocate binary is sgid
- There are binaries in sbin
/usr/sbin/plocate-build
/usr/sbin/updatedb.plocate
- Package does install services, timers or recurring jobs
/lib/systemd/system/plocate-updatedb.service
/lib/systemd/system/plocate-updatedb.timer
$ cat /lib/systemd/system/plocate-updatedb.service
[Unit]
Description=Update the plocate database
ConditionACPower=true
[Service]
Type=oneshot
ExecStart=/usr/sbin/updatedb.plocate
LimitNOFILE=131072
IOSchedulingClass=idle
PrivateTmp=true
PrivateDevices=true
PrivateNetwork=true
$ cat /lib/systemd/system/plocate-updatedb.timer
[Unit]
Description=Update the plocate database daily
[Timer]
OnCalendar=daily
RandomizedDelaySec=12h
AccuracySec=20min
Persistent=true
[Install]
WantedBy=timers.target
- Packages does not open privileged ports (ports < 1024)
- Packages does not contain extensions to security-sensitive software
(filters, scanners, plugins, UI skins, ...)
[Quality assurance - function/usage]
- The package works well right after install. One must run
`updatedb` after install to do initial indexing, and can
then easily use `locate`.
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu and has not too many
and long term critical bugs open
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/plocate/+bug
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=plocate
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package does not run a test at build time.
- The package runs an autopkgtest, and is currently passing on
amd64, arm64, armhf, ppc64el, s390x: https://autopkgtest.ubuntu.com/packages/plocate
- The package does have failing autopkgtests tests right now on i386,
but this package is not supported for i386
[Quality assurance - packaging]
- debian/watch is not present
- This package does not yield massive lintian Warnings, Errors
$ lintian --pedantic -I
I: plocate source: debian-watch-file-is-missing
I: plocate source: out-of-date-standards-version 4.5.0 (released 2020-01-20) (current is 4.5.1)
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/.ninja_deps
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/meson-private/build.dat
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/meson-private/coredata.dat
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/meson-private/install.dat
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/meson-private/sanitycheckcpp.exe
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/plocate
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/plocate-build
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/plocate-build.p/database-builder.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/plocate-build.p/plocate-build.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/plocate.p/access_rx_cache.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/plocate.p/complete_pread.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/plocate.p/io_uring_engine.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/plocate.p/needle.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/plocate.p/parse_trigrams.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/plocate.p/plocate.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/plocate.p/serializer.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/plocate.p/turbopfor.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/updatedb.plocate
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/updatedb.plocate.p/bind-mount.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/updatedb.plocate.p/complete_pread.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/updatedb.plocate.p/conf.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/updatedb.plocate.p/database-builder.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/updatedb.plocate.p/lib.cpp.o
I: plocate source: unused-entry-in-debian-source-include-binaries obj-x86_64-linux-gnu/updatedb.plocate.p/updatedb.cpp.o
P: plocate source: spelling-error-in-patch-description debian/patches/locate-add-ignore-spaces-option-to-ignore-word-separ.patch "allows to" "allows one to"
P: plocate source: trailing-whitespace debian/changelog (line 208)
P: plocate source: trailing-whitespace debian/changelog (line 226)
P: plocate source: trailing-whitespace debian/changelog (line 313)
P: plocate source: trailing-whitespace debian/changelog (line 320)
P: plocate source: trailing-whitespace debian/control (line 22)
- Lintian overrides are not present
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will not be installed by default
- Packaging and build is easy
[UI standards]
- Application is not end-user facing (does not need translation)
[Dependencies]
- No further depends or recommends dependencies that are not yet in main
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- Upstream is active, the package is maintained in Debian and in sync for Ubuntu
- This does not use static builds
- This does not use vendored code
[Background information]
The Package description explains the package well
https://plocate.sesse.net/
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/plocate/+bug/1960864/+subscriptions
More information about the foundations-bugs
mailing list