notified of crash reports which you do not have permission to read and submit

Bug #1193509 reported by ill
12
This bug affects 1 person
Affects Status Importance Assigned to Milestone
update-notifier (Ubuntu)
Fix Released
High
Brian Murray
Saucy
Fix Released
High
Brian Murray

Bug Description

Impact:
Users are notified of crash files for which they do not have permission to read, subsequently they can see odd "permission denied" dialogs which creates an unpleasant experience.

Test Case:
1) Create a second user
2) Log out as your regular user
3) Login as this second user
4) In a terminal run 'xeyes &'
5) In a terminal run 'pkill -11 xeyes'
6) Close resulting crash dialog (do not send it)
7) Log out as second user
8) Log in as your regular user
9) As your regular user install d-feet
10) In a terminal run 'd-feet &'
11) In a terminal run 'pkill -11 d-feet'
12) Close resulting crash dialog (do not send it)
13) Log out
14) In a virtual terminal modify both crash files (xeyes and d-feet) in
/var/crash by adding a second to the Date: field in each crash file. This
causes the upstart job to think they are new again.
15) Log in as your regular user and observe two crash notifications, one will
be for d-feet the other will be a "Permission denied" dialog.

With the package version from -proposed you will only receive one crash
dialog.

Regression Potential:
As this changes the upstart job for crash notification's a fair bit its possible that some crashes will not be reported.

A dialoge message is constantly coming up saying that a problem with ubuntu has occured. When I click send details, another error comes up saying: This problem report is damaged and cannot be processed.

PermissionError(13, 'Permission denied')

No other information is given.

Related branches

Revision history for this message
Ubuntu Foundations Team Bug Bot (crichton) wrote :

Thank you for taking the time to report this bug and helping to make Ubuntu better. It seems that your bug report is not filed about a specific source package though, rather it is just filed against Ubuntu in general. It is important that bug reports be filed about source packages so that people interested in the package can find the bugs about it. You can find some hints about determining what package your bug might be about at https://wiki.ubuntu.com/Bugs/FindRightPackage. You might also ask for help in the #ubuntu-bugs irc channel on Freenode.

To change the source package that this bug is filed about visit https://bugs.launchpad.net/ubuntu/+bug/1193509/+editstatus and add the package name in the text box next to the word Package.

[This is an automated message. I apologize if it reached you inappropriately; please just reply to this message indicating so.]

tags: added: bot-comment
affects: ubuntu → apport (Ubuntu)
Revision history for this message
Daniel Letzeisen (dtl131) wrote :

I guess this is specifically whoopsie error tracker...
I would delete the crash reports, since you may have a corrupted one.

sudo rm /var/crash/*

More info about whoopsie:
http://askubuntu.com/questions/135540/what-is-the-whoopsie-process-and-how-can-i-remove-it

affects: apport (Ubuntu) → whoopsie (Ubuntu)
Revision history for this message
Brian Murray (brian-murray) wrote :

It is actually apport that generates the crash report and sets the permissions for them, whoopsie just handles the sending of those reports to the Ubuntu error tracker. Its possible another package is involved in the issue, but its hard to be sure without knowing what release the original reporter is running.

affects: whoopsie (Ubuntu) → apport (Ubuntu)
Revision history for this message
Brian Murray (brian-murray) wrote :

In addition to knowing what release the original reporter is running an 'ls -alh' of /var/crash would be helpful.

Changed in apport (Ubuntu):
status: New → Incomplete
Revision history for this message
ill (illumilore) wrote :

$ ls -alh /var/crash/
total 8.2M
drwxrwxrwt 2 root root 4.0K Aug 1 14:08 .
drwxr-xr-x 12 root root 4.0K Jul 31 19:55 ..
-rw-rw---- 1 root root 0 Aug 1 14:08 .lock
-rw-r----- 1 ill ill 8.2M Aug 1 23:31 _usr_bin_keuphoria.kss.1000.crash

Changed in apport (Ubuntu):
status: Incomplete → New
Revision history for this message
Brian Murray (brian-murray) wrote :

The crash reports in my /var/crash directory are owned by the group whoopsie and not my user, perhaps that is the problem. Try 'chown ill.whoopsie /var/crash/_usr_bin_keuphoria.kss.1000.crash' and see if that resolves the issue.

Revision history for this message
asala (asala) wrote :
Download full text (3.3 KiB)

Well, I have a similar issue on "permission denied"... look what happened when logging in as administrator in the attached screenshot: 10 "permiso denegado" (permission denied in English) windows and two "ubuntu has experienced an internal error (it was hud-service and indicator-application-service). This happens "from time to time", not in every login, fortunately.

Other people complains about "permission denied" in:
http://askubuntu.com/questions/363461/bootup-errors-on-13-10

This is my info:
I'm running ubuntu 13.10 64 bit.

> dpkg -s apport
Package: apport
Status: install ok installed
Priority: optional
Section: utils
Installed-Size: 1244
Maintainer: Martin Pitt <email address hidden>
Architecture: all
Version: 2.12.5-0ubuntu2.1

> dpkg -s whoopsie
Package: whoopsie
Status: install ok installed
Priority: optional
Section: utils
Installed-Size: 112
Maintainer: Evan Dandrea <email address hidden>
Architecture: amd64
Version: 0.2.24.1

user@pitblau4:~$ ls -alh /var/crash
total 87M
drwxrwsrwt 2 root whoopsie 4,0K nov 6 10:10 .
drwxr-xr-x 13 root root 4,0K oct 24 12:46 ..
-rw-rw---- 1 root whoopsie 0 nov 6 10:10 .lock
-rw-r----- 1 asala whoopsie 69K nov 5 17:15 _opt_extras.ubuntu.com_calendar-indicator_bin_calendar-indicator.1001.crash
-rw-r--r-- 1 asala whoopsie 0 nov 5 09:52 _opt_extras.ubuntu.com_calendar-indicator_bin_calendar-indicator.1001.upload
-rw-r----- 1 asala whoopsie 8,7M nov 5 09:32 _usr_bin_compiz.1001.crash
-rw-r--r-- 1 asala whoopsie 0 oct 29 10:40 _usr_bin_compiz.1001.upload
-rw-r----- 1 asala whoopsie 60M oct 30 13:49 _usr_bin_duplicity.1001.crash
-rw-r--r-- 1 asala whoopsie 0 oct 30 13:49 _usr_bin_duplicity.1001.upload
-rw-r----- 1 asala whoopsie 9,9M nov 4 14:19 _usr_bin_everpad-provider.1001.crash
-rw-r--r-- 1 asala whoopsie 0 oct 31 09:27 _usr_bin_everpad-provider.1001.upload
-rw-r----- 1 asala whoopsie 2,2M nov 5 17:15 _usr_bin_kded4.1001.crash
-rw-r--r-- 1 asala whoopsie 0 nov 4 14:19 _usr_bin_kded4.1001.upload
-rw-r----- 1 asala whoopsie 2,4M oct 30 14:19 _usr_lib_firefox_plugin-container.1001.crash
-rw-r--r-- 1 asala whoopsie 0 oct 30 14:19 _usr_lib_firefox_plugin-container.1001.upload
-rw-r----- 1 asala whoopsie 369K oct 29 17:32 _usr_lib_telepathy_telepathy-rakia.1001.crash
-rw-r--r-- 1 asala whoopsie 0 oct 29 17:32 _usr_lib_telepathy_telepathy-rakia.1001.upload
-rw-r----- 1 asala whoopsie 1,6M oct 29 10:42 _usr_lib_x86_64-linux-gnu_bamf_bamfdaemon.1001.crash
-rw-r--r-- 1 asala whoopsie 0 oct 29 10:43 _usr_lib_x86_64-linux-gnu_bamf_bamfdaemon.1001.upload
-rw-r----- 1 user whoopsie 659K oct 30 14:09 _usr_lib_x86_64-linux-gnu_hud_hud-service.1000.crash
-rw-r----- 1 asala whoopsie 738K oct 30 09:58 _usr_lib_x86_64-linux-gnu_hud_hud-service.1001.crash
-rw-r--r-- 1 asala whoopsie 0 oct 30 09:58 _usr_lib_x86_64-linux-gnu_hud_hud-service.1001.upload
-rw-r----- 1 user whoopsie 466K oct 30 09:50 _usr_lib_x86_64-linux-gnu_indicator-application-service.1000.crash
-rw-r--r-- 1 user whoopsie 0 oct 30 09:50 _usr_lib_x86_64-linux-gnu_indicator-application-service.1000.upload
-rw-r----- 1 asala whoopsie 466K nov 5 09:50 _usr_lib_x86_64-linux-gnu_indicator-...

Read more...

Revision history for this message
Brian Murray (brian-murray) wrote :

Ah, I think this can happen on a multi-user system where .crash files owned by a user other than the logged in user exist. In asala's /var/crash directory we can see .crash files owned by asala and by user.

We can get the same permission denied error by running the following on a crash file we don't own:

/usr/share/apport/apport-gtk /var/crash/_usr_bin_compiz.1000.crash

However, running /usr/share/apport/apport-checkreports does not return 0 indicating that there is a new crash for us....

summary: - invalid problem report
+ notified of crash reports which you do not have permission to read and
+ submit
affects: apport (Ubuntu) → update-notifier (Ubuntu)
Changed in update-notifier (Ubuntu):
status: New → Triaged
importance: Undecided → High
Changed in update-notifier (Ubuntu):
assignee: nobody → Brian Murray (brian-murray)
status: Triaged → In Progress
Changed in update-notifier (Ubuntu Saucy):
status: New → Triaged
importance: Undecided → High
description: updated
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package update-notifier - 0.148

---------------
update-notifier (0.148) trusty; urgency=low

  [ Iain Lane ]
  * data/update-motd-updates-available: Update the stamp file atomically.
    Thanks to Marius Gedminas! (LP: #1146170)

  [ Brian Murray ]
  * In the upstart crash notification job fix the path for watershed.
  * debian/update-notifier-crash.conf: check that we have read permission on
    the crash file before launching apport-gtk, additionally just launch
    apport-gtk or system-crash-notification as they will check for new crashes
    and start bug filing for each one (LP: #1193509)
  * data/update-motd-fsck-at-reboot: Update the stamp file atomically.
    Thanks to Marius Gedminas! (LP: #1240549)
 -- Brian Murray <email address hidden> Fri, 08 Nov 2013 15:32:25 -0800

Changed in update-notifier (Ubuntu):
status: In Progress → Fix Released
description: updated
Changed in update-notifier (Ubuntu Saucy):
status: Triaged → In Progress
assignee: nobody → Brian Murray (brian-murray)
Revision history for this message
Stéphane Graber (stgraber) wrote : Please test proposed package

Hello ill, or anyone else affected,

Accepted update-notifier into saucy-proposed. The package will build now and be available at http://launchpad.net/ubuntu/+source/update-notifier/0.147.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in update-notifier (Ubuntu Saucy):
status: In Progress → Fix Committed
tags: added: verification-needed
tags: added: verification-done
removed: verification-needed
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package update-notifier - 0.147.1

---------------
update-notifier (0.147.1) saucy-proposed; urgency=low

  * debian/update-notifier-crash.conf: check that we have read permission on
    the crash file before launching apport-gtk, additionally just launch
    apport-gtk or system-crash-notification as they will check for new crashes
    and start bug filing for each one (LP: #1193509)
 -- Brian Murray <email address hidden> Fri, 08 Nov 2013 16:01:44 -0800

Changed in update-notifier (Ubuntu Saucy):
status: Fix Committed → Fix Released
Revision history for this message
Brian Murray (brian-murray) wrote : Update Released

The verification of the Stable Release Update for update-notifier has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regresssions.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.