how to give _apt user permission to /var/lib/apt/lists?

Question

I am on Ubuntu 18.04. Every apt update && apt upgrade results in

W: Download is performed unsandboxed as root as file '/var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_bionic_InRelease' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)

I am aware that this has come up. My problem is that as per this answer, I already have

/var/lib/apt/lists

owned by _apt:root, recursively: I've already run

sudo chown -Rv _apt:root /var/lib/apt/lists

And /var/lib/apt/lists/partial is chmodded 700, so _apt should have write access fine.

Additional info:

This all started when I symlinked /var/lib elsewhere, to a directory under /root/.

I had to do this because although I have root access, the machine was set up by someone else at work with /var as a separate partition. It was too small and got full, so the move+symlinking was the solution at the time.

Edit

Following the accepted answer, I moved the symlink target from under /root/; the warning is gone.

score 2 · Accepted Answer · answered Apr 03 '21 at 01:00

The moment you symlink things, you have to do permissions analysis on the location that the symlink points to.

If you moved /var/... into /root then anything accessing /var/... needs to be able to read /root - which only root can do. Any chmodding you do on the symlink will do nothing.

You should move back your /var/... with the original permissions it had back to where it should be and not symlink it. This will break many potential things since by default only root can read /root.

You may want to consider expanding the /var partition rather than 'symlinking' stuff around, it's going to break the way you're doing things.

Thank you, I'll try to sort it out as you suggest. – grobber Apr 03 '21 at 01:07 — grobber, Apr 03 '21 at 01:07

how to give _apt user permission to /var/lib/apt/lists?

1 Answers1