disk space info inadvertently provides all installed snaps

Bug #1756595 reported by Andreas Hasenack on 2018-03-17
24
This bug affects 4 people
Affects Status Importance Assigned to Milestone
apt (Ubuntu)
Status tracked in Eoan
Bionic
Medium
Unassigned
Disco
Medium
Unassigned
Eoan
Medium
Unassigned

Bug Description

[Impact]
When apport is reporting a crash, it includes the output of the "df" utility, to list the free disk space information per mount point.

That output nowadays will inadvertently include all snaps that the user may have installed, including their revision numbers.

Here is a simple df output:
andreas@nsn7:~$ df
Filesystem 1K-blocks Used Available Use% Mounted on
udev 8119680 0 8119680 0% /dev
tmpfs 1630156 1828 1628328 1% /run
nsn7/ROOT/ubuntu 433084288 2500608 430583680 1% /
tmpfs 8150776 18888 8131888 1% /dev/shm
tmpfs 5120 4 5116 1% /run/lock
tmpfs 8150776 0 8150776 0% /sys/fs/cgroup
nsn7/var/log 430763136 179456 430583680 1% /var/log
nsn7/var/tmp 430583808 128 430583680 1% /var/tmp
/dev/sda2 1032088 160336 871752 16% /boot
/dev/sda1 523248 2720 520528 1% /boot/efi
nsn7/home 430651264 67584 430583680 1% /home
nsn7/var/cache 430653312 69632 430583680 1% /var/cache
nsn7/var/mail 430583808 128 430583680 1% /var/mail
nsn7/var/spool 430583808 128 430583680 1% /var/spool
tmpfs 1630152 16 1630136 1% /run/user/120
tmpfs 100 0 100 0% /var/lib/lxd/shmounts
tmpfs 100 0 100 0% /var/lib/lxd/devlxd
tmpfs 1630152 36 1630116 1% /run/user/1000
nsn7/lxd/containers/squid-ds216 431444096 860416 430583680 1% /var/lib/lxd/storage-pools/default/containers/squid-ds216
/dev/loop0 83712 83712 0 100% /snap/core/4206
/dev/loop1 102144 102144 0 100% /snap/git-ubuntu/402

You can see I have the core snap at revision 4206, and git-ubuntu at revision 402.

There are already many bug reports in launchpad where one can see this information.

Granted, the user can review it, refuse to send this data, etc. This bug is about the unexpectedness of having that information in the disk space data.

If the user sees a prompt like "Would you like to include disk free space information in your report?", or "Would you like to include the output of the df(1) command in your report?", that doesn't immediately translate to "Would you like to include disk free space information and a list of all installed snaps and their revision numbers in your report?".

[Test case]
Do something that triggers the apport hook and make sure you don't see snaps in there.

For example, install xterm, then add exit 1 to the start of the prerm, then run apt remove xterm, and investigate /var/crash/xterm.0.crash after that (delete before running apt).

[Regression potential]
Fix consists of adding -x squashfs to df output, so might hide other non-snap squashfs images.

summary: - disk space info inadvertently lists all installed snaps
+ disk space info inadvertently provides all installed snaps
tags: added: rls-bb-incoming
Brian Murray (brian-murray) wrote :

This actually comes from apt (apt-pkg/deb/dpkgpm.cc) and no filtering of the df output is done.

2272 // attach df -l log (to learn about filesystem status)
2273 if (FileExists("/bin/df"))
2274 {
2275
2276 fprintf(report, "Df:\n");
2277 FILE *log = popen("/bin/df -l","r");
2278 if(log != NULL)
2279 {
2280 char buf[1024];
2281 while( fgets(buf, sizeof(buf), log) != NULL)
2282 fprintf(report, " %s", buf);
2283 pclose(log);
2284 }
2285 }

Changed in apt (Ubuntu):
status: New → Triaged
importance: Undecided → Medium
Changed in apport (Ubuntu):
status: New → Invalid
tags: added: bionic
removed: rls-bb-incoming
tags: added: rls-bb-notfixing
tags: added: rls-dd-incoming
tags: added: rls-ee-incoming
removed: rls-dd-incoming
Brian Murray (brian-murray) wrote :

Just adding '-x squashfs' to the df command would fix this.

Changed in apt (Ubuntu):
status: Triaged → Fix Committed
Changed in apt (Ubuntu Disco):
status: New → Triaged
importance: Undecided → Medium
tags: removed: rls-ee-incoming
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 1.9.1

---------------
apt (1.9.1) experimental; urgency=medium

  * RFC1123StrToTime: Accept const std::string& as first argument
  * Fix pkg-config-test autopkgtest

 -- Julian Andres Klode <email address hidden> Thu, 20 Jun 2019 17:53:14 +0200

Changed in apt (Ubuntu Eoan):
status: Fix Committed → Fix Released
description: updated

Hello Andreas, or anyone else affected,

Accepted apt into disco-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.8.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-disco to verification-done-disco. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-disco. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in apt (Ubuntu Disco):
status: Triaged → Fix Committed
tags: added: verification-needed verification-needed-disco

All autopkgtests for the newly accepted apt (1.8.3) for disco have finished running.
The following regressions have been reported in tests triggered by the package:

auto-apt-proxy/11 (armhf)
reprotest/0.7.8 (amd64)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/disco/update_excuses.html#apt

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Changed in apt (Ubuntu Bionic):
status: Triaged → In Progress

Hello Andreas, or anyone else affected,

Accepted apt into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.6.12 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in apt (Ubuntu Bionic):
status: In Progress → Fix Committed
tags: added: verification-needed-bionic
description: updated
description: updated

All autopkgtests for the newly accepted apt (1.6.12) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:

sbuild/0.75.0-1ubuntu1 (ppc64el)
apport/2.20.9-0ubuntu7.7 (amd64, i386)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html#apt

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

no longer affects: apport (Ubuntu)
no longer affects: apport (Ubuntu Bionic)
no longer affects: apport (Ubuntu Disco)
no longer affects: apport (Ubuntu Eoan)
Julian Andres Klode (juliank) wrote :

I started some multipass VMs, installed the core snap in there, checked that the snap was mounted in df.

To verify the bug, I installed hello, added a prerm to fail removal, and then investigated the crash file:

== bionic 1.6.12: ==

=== normal df output ===
Filesystem 1K-blocks Used Available Use% Mounted on
udev 491808 0 491808 0% /dev
tmpfs 100908 868 100040 1% /run
/dev/sda1 4901996 1264364 3621248 26% /
tmpfs 504524 0 504524 0% /dev/shm
tmpfs 5120 0 5120 0% /run/lock
tmpfs 504524 0 504524 0% /sys/fs/cgroup
/dev/sda15 106858 3668 103190 4% /boot/efi
tmpfs 100904 0 100904 0% /run/user/1000
/dev/loop0 90880 90880 0 100% /snap/core/7396

=== crash file ===
Df:
 Filesystem 1K-blocks Used Available Use% Mounted on
 udev 491808 0 491808 0% /dev
 tmpfs 100908 872 100036 1% /run
 /dev/sda1 4901996 1264372 3621240 26% /
 tmpfs 504524 0 504524 0% /dev/shm
 tmpfs 5120 0 5120 0% /run/lock
 tmpfs 504524 0 504524 0% /sys/fs/cgroup
 /dev/sda15 106858 3668 103190 4% /boot/efi
 tmpfs 100904 0 100904 0% /run/user/1000

== disco 1.8.3 ==

multipass@disco:~$ df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/root 4901996 1323952 3561660 28% /
devtmpfs 499036 0 499036 0% /dev
tmpfs 503272 0 503272 0% /dev/shm
tmpfs 100656 864 99792 1% /run
tmpfs 5120 0 5120 0% /run/lock
tmpfs 503272 0 503272 0% /sys/fs/cgroup
/dev/sda15 106858 3686 103172 4% /boot/efi
tmpfs 100652 0 100652 0% /run/user/1000
/dev/loop0 90880 90880 0 100% /snap/core/7396
/dev/loop1 55808 55808 0 100% /snap/lxd/11595
multipass@disco:~$ sudo tail /var/crash/hello.0.crash
Df:
 Filesystem 1K-blocks Used Available Use% Mounted on
 /dev/root 4901996 1323956 3561656 28% /
 devtmpfs 499036 0 499036 0% /dev
 tmpfs 503272 0 503272 0% /dev/shm
 tmpfs 100656 868 99788 1% /run
 tmpfs 5120 0 5120 0% /run/lock
 tmpfs 503272 0 503272 0% /sys/fs/cgroup
 /dev/sda15 106858 3686 103172 4% /boot/efi
 tmpfs 100652 0 100652 0% /run/user/1000

--> both are fine

tags: added: verification-done verification-done-bionic verification-done-disco
removed: verification-needed verification-needed-bionic verification-needed-disco
Julian Andres Klode (juliank) wrote :

Oh, as I wrote on the other bug, autopkgtest regressions all went away, except for apport, which had the usual random failure also present in earlier failures.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 1.8.3

---------------
apt (1.8.3) unstable; urgency=medium

  [ Simon Körner ]
  * http: Fix Host header in proxied https connections (LP: #1838771)

  [ Brian Murray ]
  * Do not include squashfs file systems in df output. (LP: #1756595)

apt (1.8.2) unstable; urgency=medium

  [ Alwin Henseler ]
  * Flip /: in documented default value of DPkg::Path (Closes: #917986)

  [ TilmanK ]
  * Fix typo in German manpage translation

  [ Américo Monteiro ]
  * Portuguese manpages translation update (Closes: #926614)

  [ Jean-Pierre Giraud ]
  * French manpages translation update (Closes: #929290)

  [ Michael Zhivich ]
  * methods: https: handle requests for TLS re-handshake (LP: #1829861)

  [ Julian Andres Klode ]
  * Unlock dpkg locks in reverse locking order (LP: #1829860)

 -- Julian Andres Klode <email address hidden> Fri, 09 Aug 2019 11:16:15 +0200

Changed in apt (Ubuntu Disco):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for apt has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 1.6.12

---------------
apt (1.6.12) bionic; urgency=medium

  [ TilmanK ]
  * Fix typo in German manpage translation

  [ Michael Zhivich ]
  * methods: https: handle requests for TLS re-handshake (LP: #1829861)

  [ Julian Andres Klode ]
  * Unlock dpkg locks in reverse locking order (LP: #1829860)

  [ Simon Körner ]
  * http: Fix Host header in proxied https connections (LP: #1838771)

  [ Brian Murray ]
  * Do not include squashfs file systems in df output. (LP: #1756595)

 -- Julian Andres Klode <email address hidden> Tue, 03 Sep 2019 12:05:35 +0200

Changed in apt (Ubuntu Bionic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers