Ubuntu
ubuntuone-client package

Bug #407762
Comment #18

Comment 18 for bug 407762

Revision history for this message

GaryW (gnubyexample) wrote on 2010-05-30:

#18

I am confused here. Between comments #14 and #15 there appears to be 'Fix Released'

If Rubén is genuinely experiencing this bug today (and running the latest software), then it suggest the problem has not been fixed.

@Rubén:
If you could open a terminal and paste the following commands and attach your output then it will help confirm which
version of software you are running:

cat /etc/*release*

dpkg -l | egrep '(ubuntuone|u1sync)'

(If you prefer screenshots then the version number of ubuntu one might be shown in an 'About' section of the
ubuntuone applet and you could attach that screenshot instead)

Suggesting the user check ownership of files within a directory structure to ensure there is no 'root' ownership is
(1) a workaround
(2) unnecessary if the problem is fixed ... ?Fix Released?

Would be nice to have some feedback from a member of the paid canonical staff, regarding whether they
feel that the Ubuntu One product is production ready, if it indeed still contains such a basic fault.

I did use Ubuntu One, but have stayed away for the last six months, hoping that bugs such as
this would be ironed out.

Forget Maverick Meerkat, if Canonical are really pitching these (Ubuntu one) facilities at the enterprise, then bugs like
this need to be truly squashed and thoroughly tested.

Perhaps @Joshua Hoover
or @Facundo Batista
might have some details of whether the bug has a fix or if it is to be given developer time?

I have no interest in a re-reading any workaround (thank you in advance) but I do have some practical suggestions:
(1) give ubuntu one or syncdaemon (whatever) root privileges just temporarily whilst it does it remote hash fetching
( maybe some folks might not like that idea from a network security point of view but can perhaps be mitigated )

(2) check file permissions as it traverses directories of files and skip any files it doesn't have authority to hash check
( optional report to the user which files it skipped )

Perhaps if suggestion (1) was felt to be a candidate for a solution then something along the lines of
open network socket, fetch remote hashes, drop network socket, gain root privilege, compare hashes with local, drop root privilege, reopen network socket for syncing
...might be a way of mitigating security concerns, by only having root privilege during non networked mode of the daemon.

I am confused here. Between comments #14 and #15 there appears to be 'Fix Released'

If Rubén is genuinely experiencing this bug today (and running the latest software), then it suggest the problem has not been fixed.

@Rubén:
   If you could open a terminal and paste the following commands and attach your output then it will help confirm which
   version of software you are running:
       
       cat /etc/*release*

dpkg -l | egrep '(ubuntuone|u1sync)'

(If you prefer screenshots then the version number of ubuntu one might be shown in an 'About' section of the 
     ubuntuone applet and you could attach that screenshot instead)

Suggesting the user check ownership of files within a directory structure to ensure there is no 'root' ownership is
   (1) a workaround
   (2) unnecessary if the problem is fixed ... ?Fix Released?

I did use Ubuntu One, but have stayed away for the last six months, hoping that bugs such as
this would be ironed out.

Forget Maverick Meerkat, if Canonical are really pitching these (Ubuntu one) facilities at the enterprise, then bugs like
this need to be truly squashed and thoroughly tested.

Perhaps @Joshua Hoover
or @Facundo Batista
might have some details of whether the bug has a fix or if it is to be given developer time?

I have no interest in a re-reading any workaround (thank you in advance) but I do have some practical suggestions:
   (1) give ubuntu one or syncdaemon (whatever) root privileges just temporarily whilst it does it remote hash fetching
            ( maybe some folks might not like that idea from a network security point of view but can perhaps be mitigated )

(2) check file permissions as it traverses directories of files and skip any files it doesn't have authority to hash check
            ( optional report to the user which files it skipped )

Perhaps if suggestion (1) was felt to be a candidate for a solution then something along the lines of 
    open network socket, fetch remote hashes, drop network socket, gain root privilege, compare hashes with local, drop root privilege, reopen network socket for syncing
...might be a way of mitigating security concerns, by only having root privilege during non networked mode of the daemon.

Ubuntuubuntuone-client package

Comment 18 for bug 407762

Ubuntu
ubuntuone-client package