expiration task fails

Bug #1086253 reported by Rolf Leggewie
16
This bug affects 3 people
Affects Status Importance Assigned to Milestone
apt-cacher-ng (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

the expiration task http://localhost:3142/acng-report.html?abortOnErrors=aOe&doExpire=Start+Scan+and%2For+Expiration&calcSize=cs&asNeeded=an#bottom fails in precise. I get a bunch of entries like " Checking/Updating security.ubuntu.com/ubuntu/dists/lucid-security/restricted/debian-installer/binary-sparc/Packages.bz2... 500 Missing Content-Length Tag" but tagging the file for removal does not work. "Not Authorized. To start this action, an administrator password must be set and you must be logged in."

ll /var/cache/apt-cacher-ng/security.ubuntu.com/ubuntu/dists/lucid-security/restricted/debian-installer/binary-sparc/
total 4
-rw-r--r-- 200 apt-cacher-ng apt-cacher-ng 14 Dez 4 06:24 Packages.bz2

Tags: precise
Revision history for this message
Rolf Leggewie (r0lf) wrote :

going by http://www.tenschert.net/wordpress/linux/2011/05/06/ubuntu-apt-cacher-ng-fehlende-admin-rechte/ this might be intended behaviour but then the error message needs to be much more verbose, with details what needs to be done.

Xavier L. (xav0989)
Changed in apt-cacher-ng (Ubuntu):
status: New → Invalid
Rolf Leggewie (r0lf)
Changed in apt-cacher-ng (Ubuntu):
status: Invalid → New
Revision history for this message
Ken Sharp (kennybobs) wrote :

Do as it says: set an admin password.

Changed in apt-cacher-ng (Ubuntu):
status: New → Invalid
Revision history for this message
Rolf Leggewie (r0lf) wrote :

This is easy enough to fix. Change the error message to "an administrator password must be set in the security.conf file". I thought this was plainly obvious.

Would have saved me half a year.

Changed in apt-cacher-ng (Ubuntu):
status: Invalid → New
Revision history for this message
Eduard Bloch (edi-gmx) wrote :

Well... there is this section in README.Debian, is it not good enough?

SECURITY
--------

See apt-cacher-ng manual for details. On Debian systems, the file
/etc/apt-cacher-ng/security.conf is installed which contains security related
options (but it can be in any other *.conf file as well). Currently it sets the
"AdminAuth: user:pass" option to protect some action triggers in the web user
interface against unauthorized use. The permissions of security.conf file
itself are chosen in a way to allowing apt-cacher-ng daemon to use it but not
letting every local user read it.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in apt-cacher-ng (Ubuntu):
status: New → Confirmed
Revision history for this message
Sean Palmer (sean-palmer) wrote :

I'd appreciate something in the docs served at localhost:3142/acng-doc/html/ about it. Currently there's nothing at all about the AdminAuth setting. I agree the error message should also be explicit about it, or at least give something to grep for in the docs!

Revision history for this message
Eduard Bloch (edi-gmx) wrote :

I could change the current description text (the auth realm), replacing
"Apt-Cacher NG administration area"
with
"Restricted Activity, read the docs about AdminAuth".

Would this help?

But I am not sure whether browsers would display this text correctly, the password prompt window might be not big enough.

Additionally, a hint like that could be displayed on the entry webpage itself.

Revision history for this message
Rolf Leggewie (r0lf) wrote :

I like the idea of adding a hint in the auth realm. How about "Access restricted by security.conf" instead?

Revision history for this message
Lewis Balentine (lewis-s) wrote :

"I thought this was plainly obvious." to who ???

Ken Sharp (kennybobs)
Changed in apt-cacher-ng (Ubuntu):
status: Confirmed → Invalid
Rolf Leggewie (r0lf)
Changed in apt-cacher-ng (Ubuntu):
status: Invalid → Confirmed
Revision history for this message
Ken Sharp (kennybobs) wrote :

"Not Authorized. To start this action, an administrator password must be set and you must be logged in."

It's even in the OP's description!

Changed in apt-cacher-ng (Ubuntu):
status: Confirmed → Invalid
Revision history for this message
Rolf Leggewie (r0lf) wrote :

Ken, upstream and I apparently consider this an area with potential to improve. Please stop interfering.

Changed in apt-cacher-ng (Ubuntu):
status: Invalid → Confirmed
Revision history for this message
Ken Sharp (kennybobs) wrote :

Apparently "interfering" is the only way to get any update from you.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.