1

After using sudo apt install foobar.deb where foobar below is for installing proprietary zoom from the Zoom corporation public web site, I repeatedly get the diagnostic below:

N: Download is performed unsandboxed as root as file '/home/ykarant/Downloads/zoom_amd64.deb' couldn't be accessed by user '_apt'. - pkg Acquire::Run (13: Permission denied)

I have read What is the mean from "N: Can't drop privileges for downloading as file"? but the comments are from 2019 and things may have changed. I have never had this issue before. Note that this only happens now (never before as I have been using LTS since Ubuntu 18 when I switched from the defunct Scientific Linux) when I download a .deb file from the web but from what are assumed to be reliable sources (such as Zoom corporate above or UCSF Chimerax, etc).

Note that the packages seemed correctly to be installed and seem to execute (run) fine. What is causing the above and how does one "fix" it? Ubuntu 22.04.2 current.

Yasha Karant
  • 961
  • Does this answer your question? What does this apt error message ("Download is performed unsandboxed as root...") mean? – kanehekili Jun 18 '23 at 20:31
  • No it does not answer my question as it is the URL I posted in the question. In the answers to that question there is:
    It is known bug 1522675, after long discussion with developers it is fixed. Please wait some hours or one-two days. – N0rbert Mar 5, 2018 at 7:01 End answer. The answer is from 2018, 5 years ago. Supposedly the software defect was fixed then. If not, should it be re-reported as having re-emerged? Any insight would be appreciated. [This does not happen on several other 22.04 current machines, several of which require UEFI secure boot (some old ones do not).]     – Yasha Karant Jun 19 '23 at 22:26
  • It is not the same URL. (At least when i open both links) -but about the same age ;-). It could be some "EULA" problem, where you have to confirm soemthing. What happens if you use dpkg -i <nameofdeb> ? – kanehekili Jun 19 '23 at 22:33

1 Answers1

0

Posting a bit late, but this should be informational So after some searching on this issue myself it boils down to the _apt user not having read access to your local directory. So if you were to provide read access to the directories in question, the error will go away. The best way to do this without having to give up world read access to your Downloads directory is to use file acls.

In my particular case this is the output I get when the ACLs are not set:

Setting up rstudio (2023.09.0+463) ...
Processing triggers for mailcap (3.70+nmu1ubuntu1) ...
Processing triggers for desktop-file-utils (0.26-1ubuntu3) ...  
Processing triggers for hicolor-icon-theme (0.17-2) ...
Processing triggers for gnome-menus (3.36.0-1ubuntu3) ...
Processing triggers for shared-mime-info (2.1-2) ...
N: Download is performed unsandboxed as root as file 
'/home/kingjamm/Downloads/rstudio-2023.09.0-463-amd64.deb' couldn't be 
accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)

To fix this I used the following

setfacl -m u:_apt:rx /home/kingjamm
setfacl -m u:_apt:rw /home/kingjamm/Downloads

After doing this the error no longer occurs

Unpacking rstudio (2023.09.0+463) over (2023.09.0+463) ...
Setting up rstudio (2023.09.0+463) ...
Processing triggers for mailcap (3.70+nmu1ubuntu1) ...
Processing triggers for desktop-file-utils (0.26-1ubuntu3) ...
Processing triggers for hicolor-icon-theme (0.17-2) ...
Processing triggers for gnome-menus (3.36.0-1ubuntu3) ...
Processing triggers for shared-mime-info (2.1-2) ...

Also note, the file itself is 644 for file permissions. If you have a umask that prevents it being world readable, you'll have to either change permissions or add a fileacl on the downloaded .deb

James Mello
  • 1