group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 2084677] Re: apt upgrade --simulate prints permission denied because ubuntu-advantage-apt-hook.log ist not accessible

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <2084677@xxxxxxxxxxxxxxxxxx>
Date: Wed, 30 Apr 2025 08:46:16 -0000
Reply-to: Bug 2084677 <2084677@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx
This bug was fixed in the package ubuntu-advantage-tools -
35.1ubuntu0~24.04

---------------
ubuntu-advantage-tools (35.1ubuntu0~24.04) noble; urgency=medium

  * Backport 35.1ubuntu0 to noble (LP: #2106660)

ubuntu-advantage-tools (35.1ubuntu0) plucky; urgency=medium

  * apt: support ESM snapshots by adding snapshot URLs for ESM repositories
    to the authentication file (released in version 35)
  * lxd: store the configuration in /var/lib/ubuntu-advantage instead of
    /var/lib/ubuntu-pro (LP: #2106660)

ubuntu-advantage-tools (35) plucky; urgency=medium

  * d/tests/usage: add more scenarios to dep8 tests
  * d/control: drop strict dependency on python3-pkg-resources (LP: #2083665)
  * d/rules: add conditional python3-pkg-resources dependency up to noble
  * d/ubuntu-pro-client.postrm: remove /var/lib/ubuntu-pro cache dir on purge
  * New upstream release 35: (LP: #2083973)
    - api:
      + new endpoints:
        * u.pro.attach.guest.get_guest_token.v1: Get the Pro client guest
          token
        * u.pro.security.cves.v1: List the fixable CVEs that affect the system
      + u.pro.packages.updates.v1: create new package status:
        upgrade_available_not_preferred (GH: #3184)
      + fixes for u.unattended_upgrades.status.v1:
        * do not crash when a Unattended-Upgrade config is missing
        * do not report unattended-upgrade disabled if any config is false
        * report missing Unattended-Upgrade configs as turned off
    - apt:
      + always ensure the ESM cache is present (GH: #3132)
      + fix permission warning when fetching apt-news (GH: #3209, LP: #2070095)
      + update logging for apt errors (GH: #3299)
      + only run the apt upgrade hook when run as root (LP: #2084677)
    - auto-attach:
      + aws: skip operation if no product codes found
      + gcp: add minimal image license codes
    - cli:
      + add support for vulnerability commands:
        * pro cves: List cves in the machine
        * pro cve: Show information about a specific cve
      + deduplicate entries in 'pro help' output (LP: #2091327)
    - config: add option lxd_guest_attach to control LXD integration with Pro
    - contract:
      + check onlySeries on reboot (GH: #3189)
      + collect cpu type for activity info
    - landscape:
      + update message if service not available through Pro (GH: #3331)
    - livepatch: do not enable livepatch on wsl (GH: #3156)
    - lxd: allow pro auto-attach to work on a LXD container

ubuntu-advantage-tools (34.1.3) plucky; urgency=medium

  * apt-hook: set C++ standards version to c++17 for APT 2.9.30 compatibility
    (LP: #2098862)
  * tests: remove argparse error tests from unit tests (LP: #2098862)

ubuntu-advantage-tools (34.1.2build1) plucky; urgency=high

  * No change rebuild against libapt-pkg7.0.

ubuntu-advantage-tools (34.1.2) oracular; urgency=medium

  * check-versions-are-consistent.py: fix regexp to cope with X.Y.Z version
    formats
  * version.py: bump to 34.1.2

ubuntu-advantage-tools (34.1.1) oracular; urgency=medium

  * Bump version.py.

ubuntu-advantage-tools (34.1) oracular; urgency=medium

  * Drop direct dependency on python3-pkg-resources to resolve priority
    mismatch (LP: #2083665)

 -- Renan Rodrigo <renanrodrigo@xxxxxxxxxxxxx>  Thu, 10 Apr 2025
10:38:41 -0300

** Changed in: ubuntu-advantage-tools (Ubuntu Noble)
       Status: Fix Committed => Fix Released

** Changed in: ubuntu-advantage-tools (Ubuntu Jammy)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/2084677

Title:
  apt upgrade --simulate prints permission denied because ubuntu-
  advantage-apt-hook.log ist not accessible

Status in ubuntu-advantage-tools package in Ubuntu:
  Fix Released
Status in ubuntu-advantage-tools source package in Xenial:
  Fix Released
Status in ubuntu-advantage-tools source package in Bionic:
  Fix Released
Status in ubuntu-advantage-tools source package in Focal:
  Fix Released
Status in ubuntu-advantage-tools source package in Jammy:
  Fix Released
Status in ubuntu-advantage-tools source package in Noble:
  Fix Released
Status in ubuntu-advantage-tools source package in Oracular:
  Fix Released

Bug description:
  [ Impact ]
  The Pro Client apt-hook which runs after `apt upgrade` needs root permissions to write the logs to /var/log.
  That is generally not a problem, as `apt` commands like `upgrade` need to be executed with root permissions.
  However, when doing a dry run using the `--simulate` flag, the hook will execute, generating errors when trying to access the logs.

  The fix consists in only running the hook when the `apt` command is
  executed as root.

  [ Test Plan ]
  This is covered by the Pro Client acceptance tests, which will be executed as part of the validation of LP#2083973

  [ Where problems could occur ]
  Implementation mistakes could lead to the problem not being fixed - we could be running as non-root in other situations. We do a strict check on root permissions to try to avoid unknown scenarios.

  A caveat is that the hook will not be executed - which means the
  package counts for Pro updates will not show as part of the `apt
  upgrade` output. For instance, if an esm-apps update would be
  installed, the user would see

  5 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
  1 esm-apps security update

  With this fix, that second line in the output will not be shown when running as non root (like the --simulate scenario).
  Although this may be considered a bug, this is not a regression, as the script execution is not currently working anyway. We consider getting rid of the error messages is already an improvement. If this happens to be reported as a problem in the future, the team will be happy to take a better look into it.

  [ Original Description ]
  After the most recent upgrade of ubuntu-advantage-tools/ubuntu-pro-client (34~22.04), running apt upgrade --simulate (as non-root) prints the following:

  ```
  NOTE: This is only a simulation!
        apt needs root privileges for real execution.
        Keep also in mind that locking is deactivated,
        so don't depend on the relevance to the real current situation!
  Reading package lists... Done
  Building dependency tree... Done
  Reading state information... Done
  Calculating upgrade... Done
  /bin/sh: 1: cannot create /var/log/ubuntu-advantage-apt-hook.log: Permission denied
  /bin/sh: 1: cannot create /var/log/ubuntu-advantage-apt-hook.log: Permission denied
  0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
  /bin/sh: 1: cannot create /var/log/ubuntu-advantage-apt-hook.log: Permission denied
  /bin/sh: 1: cannot create /var/log/ubuntu-advantage-apt-hook.log: Permission denied
  ```

  It appears to be caused by `/etc/apt/apt.conf.d/20apt-esm-hook.conf`,
  which indiscriminately tries to write to the log file. This is not
  critical, but clutters the output of the command. Please get rid of
  this.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2084677/+subscriptions