Re: problems with _apt user privileges in upgrading from Jessie to Stretch [solved?]
- Date: Sun, 18 Jun 2017 23:26:37 +0200
- From: Sven Joachim <svenjoac@xxxxxx>
- Subject: Re: problems with _apt user privileges in upgrading from Jessie to Stretch [solved?]
On 2017-06-18 13:30 -0700, Jim McCloskey wrote:
> Posting here in case this might help others who may be encountering the
> same problem.
> I really appreciate the enhanced security provided for apt in the new
> release. But one of the changes caused me a small headache in upgrading.
> Following the upgrade, running `apt get update' resulted in this
> Reading package lists... Done
> W: Download is performed unsandboxed as root as file
> couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission
> which meant, I suppose, that I wasn't getting all the benefits of the new
> regime. After a bit of reading and a lot of trial and error I was able, I
> think, to resolve the issue by manually changing the owner attribute of
> the directory /var/lib/apt/lists/:
> chown -R _apt.root lists
> (executed in /var/lib/apt/ )
> It doesn't seem to be enough to have /var/lib/apt/lists set to rwxr_xr_x
> if it's owned by root.
> If anyone has a different or better solution, I'd be curious to hear about
On my system, only /var/lib/apt/lists/partial is owned by the _apt user,
and it's not word-readable:
| $ LANG=C ls -ld /var/lib/apt/lists/partial
| drwx------ 2 _apt root 16384 Jun 18 18:20 /var/lib/apt/lists/partial
All the regular files in /var/lib/apt/lists are owned by root:root and
have standard 0644 permissions.