Bug 217390 - ports-mgmt/pkg error when running pkg audit in unprivileged directory
Summary: ports-mgmt/pkg error when running pkg audit in unprivileged directory
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: freebsd-pkg mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-02-27 13:05 UTC by bugzilla@logicalsolutns.com
Modified: 2017-03-26 21:29 UTC (History)
10 users (show)

See Also:
bugzilla: maintainer-feedback+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description bugzilla@logicalsolutns.com 2017-02-27 13:05:54 UTC
Possibly related to 213599..

Running 'pkg audit -F' from inside a directory without world-execute privilege causes sqlite to fail.

(this is the second time that 'pkg running as a reduced privilege user' has caused problems. Why are we doing that?)



[root]:[~]# pwd
/root

[root]:[~]# ls -ald .
drwxr-x---  6 root  wheel  512 Feb 27 04:43 .

[root]:[~]# pkg audit -F
vulnxml file up-to-date
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file

[root]:[~]# chmod o+x .

[root]:[~]# pwd
/root

[root]:[~]# ls -ald .
drwxr-x--x  6 root  wheel  512 Feb 27 04:43 .


[root]:[~]# pkg audit -F
vulnxml file up-to-date
0 problem(s) in the installed packages found.
Comment 1 bugzilla@logicalsolutns.com 2017-02-27 13:21:02 UTC
pkg-1.10.0_1
Name           : pkg
Version        : 1.10.0_1
Installed on   : Mon Feb 27 04:30:45 2017 PST
Origin         : ports-mgmt/pkg
Architecture   : freebsd:10:x86:64
Prefix         : /usr/local
Categories     : ports-mgmt
Licenses       : BSD2CLAUSE
Maintainer     : pkg@FreeBSD.org
WWW            : http://wiki.freebsd.org/pkgng
Comment        : Package manager
Shared Libs provided:
        libpkg.so.4
Annotations    :
Flat size      : 10.7MiB
Description    :
Package management tool

WWW: http://wiki.freebsd.org/pkgng




[root]:[~]# uname -a
FreeBSD Staminus1FreeBSDMaster.sh0w.biz 10.3-RELEASE-p16 FreeBSD 10.3-RELEASE-p16 #0 r312386M: Wed Jan 18 22:28:18 PST 2017     root@Staminus1FreeBSDMaster.sh0w.biz:/usr/obj/usr/src/sys/GENERIC  amd64
Comment 2 bugzilla@logicalsolutns.com 2017-02-28 10:50:52 UTC
The problem still persists in the overnight update of the pkg port


[root]:[~]# chmod o-x .
[root]:[~]# pkg audit -F
vulnxml file up-to-date
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file

pkg-1.10.0_2
Name           : pkg
Version        : 1.10.0_2
Installed on   : Tue Feb 28 02:33:29 2017 PST
Origin         : ports-mgmt/pkg
Architecture   : freebsd:10:x86:64
Prefix         : /usr/local
Categories     : ports-mgmt
Licenses       : BSD2CLAUSE
Maintainer     : pkg@FreeBSD.org
WWW            : http://wiki.freebsd.org/pkgng
Comment        : Package manager
Shared Libs provided:
        libpkg.so.4
Annotations    :
Flat size      : 10.7MiB
Description    :
Package management tool

WWW: http://wiki.freebsd.org/pkgng
Comment 3 bugzilla@logicalsolutns.com 2017-03-01 13:32:42 UTC
It appears this also impacts the server's monthly security reports:


Subject: Server monthly security run output 


Checking for packages with security vulnerabilities:
Database fetched: Wed Mar  1 03:03:41 PST 2017
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file


-- End of security output --
Comment 4 Johan Ström 2017-03-06 06:54:47 UTC
Got the same issue on all of my servers, nightly security runs fails audit since some time back. Happens both inside and outside jails.

Heard similar reports from others as well.
Comment 5 bugzilla@logicalsolutns.com 2017-03-09 16:04:19 UTC
Copied this report to
https://github.com/freebsd/pkg/issues/1552
Comment 6 Johan Ström 2017-03-18 10:09:26 UTC
Hopefully fixed in https://github.com/freebsd/pkg/pull/1553
Comment 7 Baptiste Daroussin freebsd_committer 2017-03-26 21:29:57 UTC
Fixed in 1.10.1