Comment 7 for bug 2024204

I downloaded

ubuntu-advantage-tools (29.1) mantic; urgency=medium

and several of these races are still present:

uaclient/files/files.py UAFile::write():

    def write(self, content: str):
        file_mode = (
            defaults.ROOT_READABLE_MODE
            if self.is_private
            else defaults.WORLD_READABLE_MODE
        )
        if not os.path.exists(self._directory):
            os.makedirs(self._directory)
            if os.path.basename(self._directory) == defaults.PRIVATE_SUBDIR:
                os.chmod(self._directory, 0o700)
        system.write_file(self.path, content, file_mode)

uaclient/system.py

def write_file(
    filename: str, content: str, mode: Optional[int] = None
) -> None:

    [...]

    try:
        os.makedirs(os.path.dirname(filename), exist_ok=True)
        tmpf = tempfile.NamedTemporaryFile(
            mode="wb", delete=False, dir=os.path.dirname(filename)
        )
        LOG.debug(
            "Writing file %s atomically via tempfile %s", filename, tmpf.name
        )
        tmpf.write(content.encode("utf-8"))
        tmpf.flush()
        tmpf.close()
        os.chmod(tmpf.name, mode)
        if is_file_present:
            os.chown(tmpf.name, file_stat.st_uid, file_stat.st_gid)
        os.rename(tmpf.name, filename)

I think Robie's discovery was fixed with https://github.com/canonical/ubuntu-pro-client/commit/605f80639a69bf789612b7a9a1e0c5e40a1b1ae4 but it's possible it was fixed earlier. I didn't see it in 29.1, anyway.

Thanks