Unpacking a snap with mode-555 top-level squashfs-root in a subdirectory of a subdirectory of /tmp fails
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Click Reviewers tools (obsolete) |
Fix Released
|
Undecided
|
Jamie Strandboge |
Bug Description
Given the attached evil snap (whose only evilness is that its top-level squashfs-root directory is mode 555), this works:
PYTHONPATH=
Successfully unpacked to '/tmp/top-level-1'
But this fails (notice the extra directory level):
mkdir /tmp/top-level-2
PYTHONPATH=
Traceback (most recent call last):
File "/usr/lib/
os.rename(src, real_dst)
PermissionError: [Errno 13] Permission denied: '/tmp/review-
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/
common.
File "/home/
return _unpack_
File "/home/
return _unpack_cmd(cmd, d, dest)
File "/home/
shutil.move(d, dest)
File "/usr/lib/
rmtree(src)
File "/usr/lib/
_rmtree_
File "/usr/lib/
onerror(
File "/usr/lib/
os.unlink(name, dir_fd=topfd)
PermissionError: [Errno 13] Permission denied: 'command-
This is a minimal snap that reproduces the issue but we've managed to repro this with any snap whose squashfs-root is not writable by the owner (mode 555 is the reason we've encountered). This is rare but has happened with manually-created snaps that result when squashfs'ing a whole filesystem whose root (/) is mode 555. Ubuntu doesn't have this, but some other distros do.
Changed in click-reviewers-tools: | |
status: | New → In Progress |
assignee: | nobody → Jamie Strandboge (jdstrand) |
This is fix in r1152.