[fixed 3.7.9] mintUpdate 3.2.2 - incorrect package levelling
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions use the other forums in the support section.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions use the other forums in the support section.
Before you post read how to get help. Topics in this forum are automatically closed 6 months after creation.
[fixed 3.7.9] mintUpdate 3.2.2 - incorrect package levelling
When the mint elyssa repos are down, the dangerous (lvl 4/5) packages from Ubuntu (the -updates repo) are incorrectly marked as lvl 3, see http://forums.linuxmint.com/viewtopic.p ... 31#p162431 Unknown whether this affects felicia+, can anyone confirm for these mints?
Last edited by LockBot on Wed Dec 28, 2022 7:16 am, edited 1 time in total.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Reason: Topic automatically closed 6 months after creation. New replies are no longer allowed.
Re: mintUpdate 3.2.2 - incorrect package levelling
mintUpdate first downloads a list of security levels
/usr/lib/linuxmint/mintUpdate/tmp/rules
Everything not mentioned there gets level 3
I just checked and the rules file was empty
I then started mintUpdate and the rules file had the proper content
So updating while our repos are down could be a bit hazardous
I would not call it a bug, but I'll ask Clem to modify mintUpdate so we don't get an empty file
Thanks for letting us know
/usr/lib/linuxmint/mintUpdate/tmp/rules
Everything not mentioned there gets level 3
I just checked and the rules file was empty
I then started mintUpdate and the rules file had the proper content
So updating while our repos are down could be a bit hazardous
I would not call it a bug, but I'll ask Clem to modify mintUpdate so we don't get an empty file
Thanks for letting us know
Re: mintUpdate 3.2.2 - incorrect package levelling
Ok, so now I've had the chance to examine the source code, and confirm the same thing happens if you're simply not connected to the internet, and also in mintUpdate 3.7.7 (Gloria)
The issue is on line 322 of mintUpdate.py where the condition always evaluates to false, since an empty file is written on line 310, hence the else clause is always executed, removing the backup copy of the rules file too.
Steps to reproduce:
1) ensure correct connection to internet
2) run mintUpdate, check the log has "++ Successfully downloaded new safety rules"... in it
3) verify the non-empty files /usr/lib/linuxmint/mintUpdate/tmp/rules and /usr/lib/linuxmint/mintUpdate/rules.old
4) disconnect the internet
5) run mintUpdate, check the log has "-- Failed to download new safety rules:"... in it, but not "-- Could not download safety rules"
6) verify the empty files above.
The issue is on line 322 of mintUpdate.py where the condition always evaluates to false, since an empty file is written on line 310, hence the else clause is always executed, removing the backup copy of the rules file too.
Steps to reproduce:
1) ensure correct connection to internet
2) run mintUpdate, check the log has "++ Successfully downloaded new safety rules"... in it
3) verify the non-empty files /usr/lib/linuxmint/mintUpdate/tmp/rules and /usr/lib/linuxmint/mintUpdate/rules.old
4) disconnect the internet
5) run mintUpdate, check the log has "-- Failed to download new safety rules:"... in it, but not "-- Could not download safety rules"
6) verify the empty files above.
Re: [confirmed] mintUpdate 3.2.2 - incorrect package levelling
I have a feeling Clem has been on to this...
Re: [confirmed] mintUpdate 3.2.2 - incorrect package levelling
indeed, it was clem who filed that bug report