Public bug reported:

[Impact]
If a non-default umask is set for the root user, then the database created by 
cnf-update-db is not readable by users.

This fix ensures databases are created with the correct permissions, but
it does not automatically reset permissions for broken databases.

[Test plan]
The umask changes have little regression potential, are tested in a smoke test, 
and there is a larger test suite that ensures it does not regress other bits 
(which again, it really shouldn't)

[Where problems could occur]
We could have the wrong umask? Admins actually liked c-n-f to crash on them?

** Affects: command-not-found (Ubuntu)
     Importance: Undecided
         Status: Fix Committed

** Affects: command-not-found (Ubuntu Bionic)
     Importance: Undecided
         Status: New

** Affects: command-not-found (Ubuntu Focal)
     Importance: Undecided
         Status: New

** Affects: command-not-found (Ubuntu Impish)
     Importance: Undecided
         Status: New

** Affects: command-not-found (Ubuntu Jammy)
     Importance: Undecided
         Status: Fix Committed

** Changed in: command-not-found (Ubuntu)
       Status: New => Fix Committed

** Also affects: command-not-found (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: command-not-found (Ubuntu Jammy)
   Importance: Undecided
       Status: Fix Committed

** Also affects: command-not-found (Ubuntu Focal)
   Importance: Undecided
       Status: New

** Also affects: command-not-found (Ubuntu Impish)
   Importance: Undecided
       Status: New

** Also affects: command-not-found (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** No longer affects: command-not-found (Ubuntu Xenial)

** Description changed:

  [Impact]
  If a non-default umask is set for the root user, then the database created by 
cnf-update-db is not readable by users.
+ 
+ This fix ensures databases are created with the correct permissions, but
+ it does not automatically reset permissions for broken databases.
  
  [Test plan]
  The umask changes have little regression potential, are tested in a smoke 
test, and there is a larger test suite that ensures it does not regress other 
bits (which again, it really shouldn't)
  
  [Where problems could occur]
  We could have the wrong umask? Admins actually liked c-n-f to crash on them?

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1953610

Title:
  cnf-update-db creates unreadable database if wrong umask

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/command-not-found/+bug/1953610/+subscriptions


-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to