FS#75539 - [cudnn] contains files owned by undefined user and group

Attached to Project: Community Packages
Opened by David Runge (dvzrv) - Sunday, 07 August 2022, 18:20 GMT
Last edited by Konstantin Gizdov (kgizdov) - Monday, 08 August 2022, 17:24 GMT
Task Type Bug Report
Category Packages
Status Closed
Assigned To Sven-Hendrik Haase (Svenstaro)
Konstantin Gizdov (kgizdov)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description: The package contains files owned by an unknown user. From a security point of view this is dangerous. Please make sure to chown the files root:root (if applicable).

Namcap should have yelled about this quite loudly!

Additional info:

* cudnn 8.4.1.50-1
* https://gitlab.archlinux.org/archlinux/repod/-/issues/61

Steps to reproduce:

```
repod-file package inspect /mnt/mirror/community/os/x86_64/cudnn-8.4.1.50-1-x86_64.pkg.tar.zst
Traceback (most recent call last):
File "/usr/lib/python3.10/site-packages/repod/files/mtree.py", line 360, in from_file
MTreeEntryV1(
File "pydantic/main.py", line 341, in pydantic.main.BaseModel.__init__
pydantic.error_wrappers.ValidationError: 1 validation error for MTreeEntryV1
uid
ensure this value is less than 1000 (type=value_error.number.not_lt; limit_value=1000)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/bin/repod-file", line 8, in <module>
sys.exit(repod_file())
File "/usr/lib/python3.10/site-packages/repod/cli/cli.py", line 189, in repod_file
repod_file_package(args=args)
File "/usr/lib/python3.10/site-packages/repod/cli/cli.py", line 33, in repod_file_package
model = asyncio.run(
File "/usr/lib/python3.10/asyncio/runners.py", line 44, in run
return loop.run_until_complete(main)
File "/usr/lib/python3.10/asyncio/base_events.py", line 646, in run_until_complete
return future.result()
File "/usr/lib/python3.10/site-packages/repod/files/package.py", line 106, in from_file
mtree=MTree.from_file(
File "/usr/lib/python3.10/site-packages/repod/files/mtree.py", line 374, in from_file
raise RepoManagementValidationError(
repod.errors.RepoManagementValidationError: An error occured when validating mtree data!
Basic settings: {'type_': 'file', 'uid': 25503, 'gid': 30, 'mode': '755'}
File settings: {'name': '/usr', 'time': 1655127018.0, 'gid': 0, 'uid': 0, 'type_': 'dir'}
1 validation error for MTreeEntryV1
uid
ensure this value is less than 1000 (type=value_error.number.not_lt; limit_value=1000)
```

```
-rw-r--r-- root/root 7213 2022-06-13 15:30 .BUILDINFO
-rw-r--r-- root/root 2432 2022-06-13 15:30 .MTREE
-rw-r--r-- root/root 337 2022-06-13 15:30 .PKGINFO
drwxr-xr-x root/root 0 2022-06-13 15:30 usr/
drwxr-xr-x 25503/30 0 2022-06-13 15:30 usr/include/
-rw-r--r-- 25503/30 2968 2022-06-13 15:30 usr/include/cudnn.h
-rw-r--r-- 25503/30 29025 2022-06-13 15:30 usr/include/cudnn_adv_infer.h
-rw-r--r-- 25503/30 29025 2022-06-13 15:30 usr/include/cudnn_adv_infer_v8.h
-rw-r--r-- 25503/30 27700 2022-06-13 15:30 usr/include/cudnn_adv_train.h
-rw-r--r-- 25503/30 27700 2022-06-13 15:30 usr/include/cudnn_adv_train_v8.h
-rw-r--r-- 25503/30 20020 2022-06-13 15:30 usr/include/cudnn_backend.h
-rw-r--r-- 25503/30 20020 2022-06-13 15:30 usr/include/cudnn_backend_v8.h
-rw-r--r-- 25503/30 29083 2022-06-13 15:30 usr/include/cudnn_cnn_infer.h
-rw-r--r-- 25503/30 29083 2022-06-13 15:30 usr/include/cudnn_cnn_infer_v8.h
-rw-r--r-- 25503/30 10217 2022-06-13 15:30 usr/include/cudnn_cnn_train.h
-rw-r--r-- 25503/30 10217 2022-06-13 15:30 usr/include/cudnn_cnn_train_v8.h
-rw-r--r-- 25503/30 49339 2022-06-13 15:30 usr/include/cudnn_ops_infer.h
-rw-r--r-- 25503/30 49339 2022-06-13 15:30 usr/include/cudnn_ops_infer_v8.h
-rw-r--r-- 25503/30 25733 2022-06-13 15:30 usr/include/cudnn_ops_train.h
-rw-r--r-- 25503/30 25733 2022-06-13 15:30 usr/include/cudnn_ops_train_v8.h
-rw-r--r-- 25503/30 2968 2022-06-13 15:30 usr/include/cudnn_v8.h
-rw-r--r-- 25503/30 2790 2022-06-13 15:30 usr/include/cudnn_version.h
-rw-r--r-- 25503/30 2790 2022-06-13 15:30 usr/include/cudnn_version_v8.h
drwxr-xr-x 25503/30 0 2022-06-13 15:30 usr/lib/
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn.so -> libcudnn.so.8
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn.so.8 -> libcudnn.so.8.4.1
-rwxr-xr-x 25503/30 150200 2022-06-13 15:30 usr/lib/libcudnn.so.8.4.1
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_adv_infer.so -> libcudnn_adv_infer.so.8
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_adv_infer.so.8 -> libcudnn_adv_infer.so.8.4.1
-rwxr-xr-x 25503/30 115709968 2022-06-13 15:30 usr/lib/libcudnn_adv_infer.so.8.4.1
-rw-r--r-- 25503/30 118274612 2022-06-13 15:30 usr/lib/libcudnn_adv_infer_static.a
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_adv_infer_static_v8.a -> libcudnn_adv_infer_static.a
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_adv_train.so -> libcudnn_adv_train.so.8
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_adv_train.so.8 -> libcudnn_adv_train.so.8.4.1
-rwxr-xr-x 25503/30 95822736 2022-06-13 15:30 usr/lib/libcudnn_adv_train.so.8.4.1
-rw-r--r-- 25503/30 98247526 2022-06-13 15:30 usr/lib/libcudnn_adv_train_static.a
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_adv_train_static_v8.a -> libcudnn_adv_train_static.a
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_cnn_infer.so -> libcudnn_cnn_infer.so.8
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_cnn_infer.so.8 -> libcudnn_cnn_infer.so.8.4.1
-rwxr-xr-x 25503/30 734142536 2022-06-13 15:30 usr/lib/libcudnn_cnn_infer.so.8.4.1
-rw-r--r-- 25503/30 979523392 2022-06-13 15:30 usr/lib/libcudnn_cnn_infer_static.a
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_cnn_infer_static_v8.a -> libcudnn_cnn_infer_static.a
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_cnn_train.so -> libcudnn_cnn_train.so.8
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_cnn_train.so.8 -> libcudnn_cnn_train.so.8.4.1
-rwxr-xr-x 25503/30 88801384 2022-06-13 15:30 usr/lib/libcudnn_cnn_train.so.8.4.1
-rw-r--r-- 25503/30 138441474 2022-06-13 15:30 usr/lib/libcudnn_cnn_train_static.a
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_cnn_train_static_v8.a -> libcudnn_cnn_train_static.a
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_ops_infer.so -> libcudnn_ops_infer.so.8
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_ops_infer.so.8 -> libcudnn_ops_infer.so.8.4.1
-rwxr-xr-x 25503/30 91095456 2022-06-13 15:30 usr/lib/libcudnn_ops_infer.so.8.4.1
-rw-r--r-- 25503/30 94498900 2022-06-13 15:30 usr/lib/libcudnn_ops_infer_static.a
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_ops_infer_static_v8.a -> libcudnn_ops_infer_static.a
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_ops_train.so -> libcudnn_ops_train.so.8
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_ops_train.so.8 -> libcudnn_ops_train.so.8.4.1
-rwxr-xr-x 25503/30 71946488 2022-06-13 15:30 usr/lib/libcudnn_ops_train.so.8.4.1
-rw-r--r-- 25503/30 72441204 2022-06-13 15:30 usr/lib/libcudnn_ops_train_static.a
lrwxrwxrwx 25503/30 0 2022-06-13 15:30 usr/lib/libcudnn_ops_train_static_v8.a -> libcudnn_ops_train_static.a
drwxr-xr-x root/root 0 2022-06-13 15:30 usr/share/
drwxr-xr-x root/root 0 2022-06-13 15:30 usr/share/licenses/
drwxr-xr-x root/root 0 2022-06-13 15:30 usr/share/licenses/cudnn/
-rw-r--r-- 25503/30 28994 2022-06-13 15:30 usr/share/licenses/cudnn/LICENSE
-rw-r--r-- root/root 162625 2022-06-13 15:30 usr/share/licenses/cudnn/NVIDIA_SLA+cuDNN_Supp_Feb2017_release.pdf
```
This task depends upon

Closed by  Konstantin Gizdov (kgizdov)
Monday, 08 August 2022, 17:24 GMT
Reason for closing:  Fixed
Additional comments about closing:  cudnn 8.4.1.50-2

Loading...