couldn’t be accessed by user ‘_apt’.
What does this apt error message (“Download is performed unsandboxed as root…”) mean?
Download is performed unsandboxed as root as file ‘/root/*.deb’ couldn’t be accessed by user ‘_apt’.
Clearly huge numbers of people have been having trouble with the apt tools ever since it was changed to use _apt for it’s sand-boxed, secure operations.
新版本apt-get程序开始使用_apt用户确安全。apt程序一般使用_apt用户进行软件包下载,这个提示是_apt用户没有相应文件和目录的写权限,此时文件为红色,非可执行状态。
通过如下命令确保_apt用户对/var/cache/apt/archives/partial/目录及其内含的文件具备写入权限。
sudo chown -Rv _apt:root /root/download/sudo chmod -Rv 700 /root/download/
此后apt download生效,但是仅一次。
什么是沙盒用户(sandbox user)?
在Ubuntu中,“sandbox user”(沙盒用户)是指一个受限制的用户账户,用于运行不受信任的程序或应用程序。沙盒用户是为了增加系统安全性而设计的,它们被限制在一个受控的环境中,无法访问敏感文件或系统资源。
当你运行一个程序时,尤其是来自不受信任的来源或具有潜在安全风险的应用程序时,将其运行在沙盒用户账户下可以提供额外的保护。沙盒用户通常被配置为拥有较少的权限,限制其对系统文件和设置的访问权限。这样,即使程序被攻击或存在漏洞,攻击者也无法访问系统的关键部分。
通过将程序运行在沙盒用户账户下,可以减轻潜在的安全风险,保护系统和用户的数据免受恶意软件或攻击的影响。
博文背景
ubuntu@shanghai:~ $ sudo apt install ./jenkins_2.254_all.deb Reading package lists... Done Building dependency tree Reading state information... Done Note, selecting 'jenkins' instead of './jenkins_2.254_all.deb'The following additional packages will be installed: daemon The following NEW packages will be installed: daemon jenkins0 upgraded, 2 newly installed, 0 to remove and 182 not upgraded. Need to get 99.5 kB/66.0 MB of archives. After this operation, 67.4 MB of additional disk space will be used. Do you want to continue? [Y/n] Y Get:1 http://mirrors.tencentyun.com/ubuntu bionic/universe amd64 daemon amd64 0.6.4-1build1 [99.5 kB]Get:2 /home/ubuntu/jenkins_2.254_all.deb jenkins all 2.254 [65.9 MB]Fetched 99.5 kB in 1s (105 kB/s)Selecting previously unselected package daemon.(Reading database ... 77822 files and directories currently installed.)Preparing to unpack .../daemon_0.6.4-1build1_amd64.deb ... Unpacking daemon (0.6.4-1build1) ... Selecting previously unselected package jenkins. Preparing to unpack .../ubuntu/jenkins_2.254_all.deb ... Unpacking jenkins (2.254) ... Processing triggers for ureadahead (0.100.0-21) ... Processing triggers for systemd (237-3ubuntu10.38) ... Processing triggers for man-db (2.8.3-2ubuntu0.1) ... Setting up daemon (0.6.4-1build1) ... Setting up jenkins (2.254) ... Processing triggers for systemd (237-3ubuntu10.38) ... Processing triggers for ureadahead (0.100.0-21) ... N: Download is performed unsandboxed as root as file '/home/ubuntu/jenkins_2.254_all.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)ubuntu@shanghai:~ $ echo $?0
在最后显示N: Download is performed unsandboxed as root as file ‘/home/ubuntu/jenkins_2.254_all.deb’ couldn’t be accessed by user ‘_apt’. - pkgAcquire::Run (13: Permission denied)
解决办法
网上很多搜到的都是使用chown给_apt用户授予某些文件的权限,但是在我这里我都是以失败告终,我已经考虑了尽可能多的情况,进行了最充分的授权,但是都是失败的。所以在其他博主提出建设性的解决方案和实例之前我不会再对此问题进行研究。我的解决办法是把要安装的文件移动到/tmp目录下再进行安装工作,示例如下:
ubuntu@shanghai:~ $ sudo cp ./jenkins_2.254_all.deb /tmp ubuntu@shanghai:~ $ sudo apt install /tmp/jenkins_2.254_all.deb Reading package lists... Done Building dependency tree Reading state information... Done Note, selecting 'jenkins' instead of '/tmp/jenkins_2.254_all.deb'The following additional packages will be installed: daemon The following NEW packages will be installed: daemon jenkins0 upgraded, 2 newly installed, 0 to remove and 182 not upgraded. Need to get 99.5 kB/66.0 MB of archives. After this operation, 67.4 MB of additional disk space will be used. Do you want to continue? [Y/n] Y Get:1 http://mirrors.tencentyun.com/ubuntu bionic/universe amd64 daemon amd64 0.6.4-1build1 [99.5 kB]Get:2 /tmp/jenkins_2.254_all.deb jenkins all 2.254 [65.9 MB]
推荐本站淘宝优惠价购买喜欢的宝贝:
本文链接:https://zblog.hqyman.cn/post/9511.html 非本站原创文章欢迎转载,原创文章需保留本站地址!
微信支付宝扫一扫,打赏作者吧~休息一下~~
萌ICP备20248119号
