I included mantic as well since it's technically affected, but I suspect it may go EOL before the fix lands there. Sponsoring for oracular in the meantime, and I'll paste Doug's SRU template in shortly (thanks very much for preparing that!)
** Summary changed: - gdebi-gtk calls pkexec inappropriately + [SRU] gdebi-gtk calls pkexec inappropriately ** Description changed: + [ Impact ] + + The bug causes GDebi to quit as soon as you click Install Package to try + to install a .deb package, which is confusing to newer Linux users who + might not know about alternative command-line options such as dpkg. + + In particular, this bug happens when you download a .deb using Google + Chrome (or other browsers that aren't installed through snap) and tell + it to open the .deb file. GDebi is the default GUI .deb installer for + Ubuntu flavors such as MATE and Xubuntu, so this is a common situation + for people to run into. + + This should be backported to the stable release because it fixes a + severe usability bug in Ubuntu MATE and Xubuntu. The system's default + package installer should not crash when you click the Install Package + button. + + The upload fixes the bug by changing the way GDebi launches pkexec. The + non-privileged instance of GDebi will stay open in the background so + that pkexec will always have a parent process. + + [ Test Plan ] + + Simple test to simulate the situation that Chrome creates: + + - Download a random .deb file you don't mind installing. In a terminal window, type: + setsid gdebi-gtk /path/to/the/deb/file/you/downloaded.deb + - Click Install Package. + + Prior to this bug fix, you will see an error "Refusing to render service to dead parents." in your terminal window. + With this fix applied, it will ask you for your password and then install properly. + + Longer test that actually demonstrates the bug as users experience it: + + - Start with a fresh install of Ubuntu MATE 24.04 or Xubuntu 24.04. + - Install Google Chrome from Google using their latest .deb file. + - Start with Chrome closed. + - If you're using MATE, drag the Google Chrome icon from the MATE menu to the top panel bar. The reason for this is because the problem doesn't happen if you launch Chrome from the MATE menu. + - Open Chrome by clicking the icon you dragged to the panel (or on Xubuntu, you can just launch it from the menu). + - In Chrome, download any .deb file that you don't mind installing. + - Open it from Chrome's downloads. If you are asked which program to use, choose GDebi (it will be the default). + - Click Install Package. + + Prior to this bug fix, GDebi will just disappear when you click Install Package. Nothing will be installed. + With this fix applied, it will ask you for your password and then install properly. + + [ Where problems could occur ] + + If there is a mistake in this change that breaks the GDebi GUI for other + users who currently don't experience this bug (because they use a + browser that isn't affected such as the firefox snap), it could cause + them to be unable to install downloaded .deb files easily through the + GUI. Essentially it would result in the existing problem widening its + scope to more users. + + [ Other Info ] + + This problem was originally introduced with Ubuntu 17.10 when GDebi + switched from using gksu to pkexec. Over the years it has become more + and more rare as browsers installed through snap became more popular, + but as you can see from the reproduction steps above, it's still pretty + easy for people to experience since Chrome is so popular. + + It has historically been difficult to reproduce (people will claim it's + already fixed or doesn't affect them anymore) because the behavior + depends on how the browser and GDebi are parented, which can vary based + on how the browser is launched. + + [ Original Description ] + Steps to reproduce: 1. Have Ubuntu with gdebi-gtk installed 2. Open Firefox 3. Visit some site with deb-package download link or use direct link like https://github.com/jgm/pandoc/releases/download/2.9.2.1/pandoc-2.9.2.1-1-amd64.deb 4. Proceed with file downloading 5. In Firefox select Library → Downloads, click on downloaded deb-file Expected results: * gdebi-gtk is opened, the package installs normally after users clicks Install button Actual results: * gdebi-gtk is opened, the package is not installed because of vanishing of gdebi-gtk window just after clicking Install button - ---- Before anyone says this bug already exists... it doesn't (at least as far as I can see). It's just that a lot of similar bugs do/did exist where people have also experienced the same symptoms (of gdebi-gtk vanishing upon clicking 'Install'). So yes this is the same symptoms, but it must be a different cause as the circumstances are different and doesn't have the same resolution. The meat of it... Basically on a fresh install of Ubuntu MATE 18.04.3 amd64... with Firefox (or with Chrome if you installed that) go to any site that offers a .deb package and either... a) choose to open it directly from the browser (rather than saving it to 'Downloads' folder) b) or... save the file (e.g. to the 'Downloads' folder), BUT!.. open that file from within the browser itself. You should find that gdebi-gtk appears but vanishes the moment you click 'Install' without a prompt for a password, an explanation or the package actually getting installed. This bug has existed since the beginning of Ubuntu 18.04 however it's been largely confused with other similar bugs. I've had it on half a dozen machines and confirmed it exists with IRC users on #ubuntu-mate of freenode. However with *this* bug (compared to others) gdebi-gtk works perfectly fine if you run it from the terminal or just double click the .deb package from your file manager. It's the kind of bug which if you're a hardened desktop Linux user, you'd just work around it... But if you're a novice and you can't get a simple thing like Teamviewer installed (which is a .deb, and a thing I might ask someone to do over the phone to try to help them) you likely get fed up and re-install Windows :S Any input on this would be brilliant as I can't seem to get any logs/output. ~lantizia ** Changed in: gdebi (Ubuntu Noble) Status: New => Confirmed ** Changed in: gdebi (Ubuntu Mantic) Status: New => Confirmed ** Changed in: gdebi (Ubuntu Jammy) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1854588 Title: [SRU] gdebi-gtk calls pkexec inappropriately To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdebi/+bug/1854588/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
