From 02b2febd0a927a4ee1ca837599b307b0bd6fdb7c Mon Sep 17 00:00:00 2001 From: Olivier Gayot Date: Fri, 3 Mar 2023 11:25:22 +0100 Subject: [PATCH] apt: force downloads to be unsandboxed when running mirror testing When apt is run as root, APT tries to drop privileges by setuid-ing to the APT::Sandbox::User user (i.e., _apt by default). This does not work for us when doing mirror testing because the default sandbox user does not have access to the overlay. Therefore, APT produces a warning and reverts to unsandboxed downloads. Let's force apt to use unsandboxed downloads by setting root as the sandbox user. This has the same result but avoids showing a warning in the APT output during mirror testing. Signed-off-by: Olivier Gayot --- subiquity/server/apt.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/subiquity/server/apt.py b/subiquity/server/apt.py index 8c6087ae..3f871ea9 100644 --- a/subiquity/server/apt.py +++ b/subiquity/server/apt.py @@ -168,7 +168,13 @@ class AptConfigurer: except (PermissionError, LookupError) as exc: log.warning("could to set owner of file %s: %r", partial_dir, exc) - apt_cmd = ["apt-get", "update", "-oAPT::Update::Error-Mode=any"] + apt_cmd = [ + "apt-get", "update", + "-oAPT::Update::Error-Mode=any", + # Workaround because the default sandbox user (i.e., _apt) does not + # have access to the overlay. + "-oAPT::Sandbox::User=root", + ] for key, path in apt_dirs.items(): value = "" if path is None else str(path)