group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 1906565] Re: traceback when running apport as non-root user

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Brian Murray <1906565@xxxxxxxxxxxxxxxxxx>
Date: Wed, 02 Dec 2020 22:26:45 -0000
Reply-to: Bug 1906565 <1906565@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx
** Also affects: apport (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Also affects: apport (Ubuntu Groovy)
   Importance: Undecided
       Status: New

** Also affects: apport (Ubuntu Bionic)
   Importance: Undecided
       Status: New

** Also affects: apport (Ubuntu Focal)
   Importance: Undecided
       Status: New

** Tags added: fr-978

** Changed in: apport (Ubuntu)
     Assignee: (unassigned) => Brian Murray (brian-murray)

** Changed in: apport (Ubuntu)
       Status: New => In Progress

** Changed in: apport (Ubuntu)
   Importance: Undecided => High

** Changed in: apport (Ubuntu Bionic)
   Importance: Undecided => High

** Changed in: apport (Ubuntu Xenial)
   Importance: Undecided => High

** Changed in: apport (Ubuntu Focal)
   Importance: Undecided => High

** Changed in: apport (Ubuntu Bionic)
     Assignee: (unassigned) => Brian Murray (brian-murray)

** Changed in: apport (Ubuntu Focal)
     Assignee: (unassigned) => Brian Murray (brian-murray)

** Changed in: apport (Ubuntu Groovy)
     Assignee: (unassigned) => Brian Murray (brian-murray)

** Changed in: apport (Ubuntu Xenial)
     Assignee: (unassigned) => Brian Murray (brian-murray)

** Changed in: apport (Ubuntu Groovy)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1906565

Title:
  traceback when running apport as non-root user

Status in apport package in Ubuntu:
  In Progress
Status in apport source package in Xenial:
  New
Status in apport source package in Bionic:
  New
Status in apport source package in Focal:
  New
Status in apport source package in Groovy:
  New

Bug description:
  [Impact]
  The apport-test-crashes package, which is used to test the Error Tracker deployments, fails produce crash files for binary applications since "various security hardening fixes" were included in apport. The problematic change is the dropping of supplemental groups in data/apport. This results in a PermissionError as it is not the root user who is calling /usr/share/apport/apport.

  [Test Case]
  The least convulted test case involves using the generate-sigsegv-crash.py script from apport-test-crashes. This ends up using a command similar to '/usr/share/apport/apport -p 4077 -s 11 -E /usr/bin/gnome-calculator < /tmp/20.10-gnome-calculator.core' which then will encounter the Traceback.

  1) Comment out "check_lock()" in /usr/share/apport/apport (This is necessary as we are not running as root)
  2) Put a copy of generate-sigsegv-crash.py on disk.
  3) Run 'python3 /tmp/generate-sigsegv-crash.py cat'
  4) Observe the following Traceback:

  Traceback (most recent call last):
    File "/tmp/tmpvkt5d266/apport", line 599, in <module>
      drop_privileges(True)
    File "/tmp/tmpvkt5d266/apport", line 125, in drop_privileges
      os.setgroups([])
  PermissionError: [Errno 1] Operation not permitted

  With the version of apport from -proposed you'll receive no such
  Traceback.

  [Regression Potential]
  If there is an error in the python code we code see a new traceback for any and all crashes being generated, so ensure regular crash generation works too.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1906565/+subscriptions