| 2016-05-25 17:21:17 |
Ryan MacDonell |
description |
In Ubuntu 14.04 (and Linux Mint 17), /etc/bash.bashrc handles "command not found" with the function command_not_found_handle, which contains the line:
/usr/bin/python /usr/lib/command-not-found -- $1
However, /usr/lib/command-not-found was rewritten for Python 3. To handle this, /usr/lib/command-not-found has (line:
if sys.version < '3':
# We might end up being executed with Python 2 due to an old
# /etc/bash.bashrc.
import os
if "COMMAND_NOT_FOUND_FORCE_PYTHON2" not in os.environ:
os.execvp("python3", [sys.argv[0]] + sys.argv)
This catches old versions of python and re-runs command-not-found with python3 from the path. If a local version of Python (such as Anaconda) is installed, command-not-found will try to execute with the local python3 and gives:
Could not find platform independent libraries <prefix>
Could not find platform dependent libraries <exec_prefix>
Consider setting $PYTHONHOME to <prefix>[:<exec_prefix>]
Fatal Python error: Py_Initialize: Unable to get the locale encoding
ImportError: No module named 'encodings'
Current thread 0x00007f04862de740 (most recent call first):
Aborted
This can be solved by replacing line 22 of /usr/lib/command-not-found with:
os.execv("/usr/bin/python3", [sys.argv[0]] + sys.argv)
Searching for "os.execvp", it doesn't appear that the same error occurs for any other scripts in /usr/lib/. Any script using os.execvp with the correct permissions is a potential security vulnerability if the path is changed to contain a malicious script under the correct name. Fortunately this is not the case for command-not-found. |
In Ubuntu 14.04 (and Linux Mint 17), /etc/bash.bashrc handles "command not found" with the function command_not_found_handle, which contains the line:
/usr/bin/python /usr/lib/command-not-found -- $1
However, /usr/lib/command-not-found was rewritten for Python 3. To handle this, /usr/lib/command-not-found has (lines 17-22):
if sys.version < '3':
# We might end up being executed with Python 2 due to an old
# /etc/bash.bashrc.
import os
if "COMMAND_NOT_FOUND_FORCE_PYTHON2" not in os.environ:
os.execvp("python3", [sys.argv[0]] + sys.argv)
This catches old versions of python and re-runs command-not-found with python3 from the path. If a local version of Python (such as Anaconda) is installed, command-not-found will try to execute with the local python3 and gives:
Could not find platform independent libraries <prefix>
Could not find platform dependent libraries <exec_prefix>
Consider setting $PYTHONHOME to <prefix>[:<exec_prefix>]
Fatal Python error: Py_Initialize: Unable to get the locale encoding
ImportError: No module named 'encodings'
Current thread 0x00007f04862de740 (most recent call first):
Aborted
This can be solved by replacing line 22 of /usr/lib/command-not-found with:
os.execv("/usr/bin/python3", [sys.argv[0]] + sys.argv)
Searching for "os.execvp", it doesn't appear that the same error occurs for any other scripts in /usr/lib/. Any script using os.execvp with the correct permissions is a potential security vulnerability if the path is changed to contain a malicious script under the correct name. Fortunately this is not the case for command-not-found. |
|
