Snap-confine has elevated permissions

I tried to run `chromium` on my Kubuntu 20.04.3 LTS workstation and got the following error:

Snap-confine has elevated permissions and is not confined but should be. Refusing to continue to avoid permission escalation attacks

I found this and this worked for me:

systemctl enable --now apparmor.service    
systemctl enable --now snapd.apparmor.service

If Apache2 won’t serve your JavaScript file try…

I had an issue with Apache2 improperly serving a JavaScript file which I seem to have fixed by making sure the file was terminated with a new-line character… this was really hard to diagnose and resolve! The behaviour in Firefox was that the file just didn’t finish to download, whereas the Apache2 logs indicated a 200 result… I think it may have had something to do with automatic compression, which is a dark art that I do not understand (mumbles something about mod deflate…).

rsync errors

I was having an issue with my rsync command:

time rsync --progress --verbose --acls --xattrs --exclude="/lib/mysql/ibdata1" --exclude="*.tmp" --stats --human-readable --recursive --del --force --times --links --hard-links --executability --numeric-ids --owner --group --perms --sparse --compress-level=6 diligence-test:/usr/ /data/temp/2017-11-15-163925/usr/

getting stuck during “receiving incremental file list” then giving up with:

Timeout, server diligence-test not responding.
rsync: connection unexpectedly closed (16384 bytes received so far) [receiver]
rsync error: error in rsync protocol data stream (code 12) at io.c(235) [receiver=3.1.2]
rsync: connection unexpectedly closed (32569 bytes received so far) [generator]
rsync error: unexplained error (code 255) at io.c(235) [generator=3.1.2]
Command exited with non-zero status 255

I could see the server-side process hang in select() with:

root@diligence-test:/home/jj5# ps aux | grep rsync
root      5421  0.0  0.1  15636  2660 ?        Ss   18:55   0:00 rsync --server --sender -vlHogtpAXrSe.iLsfxC --numeric-ids . /usr/

root@diligence-test:/home/jj5# strace -p 5421
strace: Process 5421 attached
select(1, [0], [], [0], {42, 979828})   = 0 (Timeout)

Anyway I figured out how to dodge the problem by nominating –delete-before instead of –del, e.g.:

time rsync --progress --verbose --acls --xattrs --exclude="/lib/mysql/ibdata1" --exclude="*.tmp" --stats --human-readable --recursive --delete-before --force --times --links --hard-links --executability --numeric-ids --owner --group --perms --sparse --compress-level=6 diligence-test:/usr/ /data/temp/2017-11-15-163925/usr/

Error in rsync protocol data stream

So I was running a backup with rsync and I saw this:

lib/mysql/ibdata1
        437.40M  33%    4.53MB/s    0:03:10  
inflate returned -3 (0 bytes)
rsync error: error in rsync protocol data stream (code 12) at token.c(557) [receiver=3.1.2]
rsync: connection unexpectedly closed (155602 bytes received so far) [generator]
rsync error: error in rsync protocol data stream (code 12) at io.c(235) [generator=3.1.2]

The issue seems to be that if you’re using rsync compression and the remote file gets changed while the rsync copy is in progress then shit gets corrupted. My solution was to handle error level ’12’ and retry without compression. If the file changes while the rsync is in progress the file will be corrupt, so you shouldn’t rely on the integrity of such files.

Fixing bug in /etc/cron.daily/etckeeper on Ubuntu Lucid

I was getting an error like this:

/etc/cron.daily/etckeeper:
bzr: ERROR: exceptions.UnicodeDecodeError: 'ascii' codec can't decode byte 0xc4 in position 34: ordinal not in range(128)

Traceback (most recent call last):
  File "/usr/lib/python2.6/dist-packages/bzrlib/commands.py", line 853, in exception_to_return_code
    return the_callable(*args, **kwargs)
  File "/usr/lib/python2.6/dist-packages/bzrlib/commands.py", line 1055, in run_bzr
    ret = run(*run_argv)
  File "/usr/lib/python2.6/dist-packages/bzrlib/commands.py", line 661, in run_argv_aliases
    return self.run_direct(**all_cmd_args)
  File "/usr/lib/python2.6/dist-packages/bzrlib/commands.py", line 665, in run_direct
    return self._operation.run_simple(*args, **kwargs)
  File "/usr/lib/python2.6/dist-packages/bzrlib/cleanup.py", line 122, in run_simple
    self.cleanups, self.func, *args, **kwargs)
  File "/usr/lib/python2.6/dist-packages/bzrlib/cleanup.py", line 156, in _do_with_cleanups
    result = func(*args, **kwargs)
  File "/usr/lib/python2.6/dist-packages/bzrlib/builtins.py", line 659, in run
    no_recurse, action=action, save=not dry_run)
  File "/usr/lib/python2.6/dist-packages/bzrlib/mutabletree.py", line 50, in tree_write_locked
    return unbound(self, *args, **kwargs)
  File "/usr/lib/python2.6/dist-packages/bzrlib/mutabletree.py", line 521, in smart_add
    for subf in sorted(os.listdir(abspath)):
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc4 in position 34: ordinal not in range(128)

bzr 2.1.4 on python 2.6.5 (Linux-2.6.35.4-rscloud-x86_64-with-Ubuntu-10.04-lucid)
arguments: ['/usr/bin/bzr', 'add', '-q', '.']
encoding: 'ANSI_X3.4-1968', fsenc: 'ANSI_X3.4-1968', lang: None
plugins:
  bzrtools             /usr/lib/python2.6/dist-packages/bzrlib/plugins/bzrtools [2.1.0]
  etckeeper            /usr/lib/python2.6/dist-packages/bzrlib/plugins/etckeeper [unknown]
  launchpad            /usr/lib/python2.6/dist-packages/bzrlib/plugins/launchpad [2.1.4]
  netrc_credential_store /usr/lib/python2.6/dist-packages/bzrlib/plugins/netrc_credential_store [2.1.4]
  news_merge           /usr/lib/python2.6/dist-packages/bzrlib/plugins/news_merge [2.1.4]

*** Bazaar has encountered an internal error.  This probably indicates a
    bug in Bazaar.  You can help us fix it by filing a bug report at
        https://bugs.launchpad.net/bzr/+filebug
    including this traceback and a description of the problem.
etckeeper warning: bzr add failed
Committing to: /etc/
modified apache2/passwd.htdigest
modified apache2/sites-available/svn.jj5.net-ssl
Committed revision 87.

I’ve tried to fix it by adding:

export LANG=en_AU.UTF-8
export LANGUAGE=en_AU:en

As lines 2 and 3 in /etc/cron.daily/etckeeper.

Now I’ll wait a day or two and see if it worked…

gnutls_handshake failed using git

Today I ran into this error:

jj5@mercy:~/public-git$ git push origin master
error: gnutls_handshake() failed: A TLS warning alert has been received. while accessing https://demo@demo.personalserver.com/public/git/info/refs 

The solution, of all things, was to add a ServerName spec into my Apache configuration file /etc/apache2/sites-enabled/default-ssl.conf, e.g.:

ServerName demo.personalserver.com

Bug fixed!!