After update pkg. FreeBSD 10.3

Hi

After the next update multiple ports vulnerabilities, including port pkg, stopped working pkg audit in daily security run output.
Writes error:
Code:
Checking for packages with security vulnerabilities:
Database fetched: Mon Feb 27 03:34:35 MSK 2017
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file

-- End of security output --
on two servers.
Anyone encountered such a mistake?
How to remove it?

PS.
At the same time, on the server console command works fine
Code:
# pkg audit
0 problem(s) in the installed packages found.
 

SirDice

Administrator
Staff member
Administrator
Moderator
Try forcing an update of the repository data; pkg update -f. I'm guessing it's that database that's corrupted.
 
Sorry I did not write, but I've done this update. Did again restarted for /etc/crontab. I also reinstalled sqlite3 from port, it did not help.
Code:
Checking for packages with security vulnerabilities:
Database fetched: Wed Mar  1 05:41:14 MSK 2017
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file

-- End of security output --
Code:
 # pkg audit
0 problem(s) in the installed packages found.
 
ok
Code:
# pkg -v
1.10.0
# uname -a
FreeBSD prime-prx 10.3-RELEASE-p11 FreeBSD 10.3-RELEASE-p11 #0: Mon Oct 24 18:49:24 UTC 2016     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64
 

SirDice

Administrator
Staff member
Administrator
Moderator
I'm starting to think it might be a permission issue. Because it works if you run the commands by hand as root. What does ls -al /var/db/pkg show?
 
of course
Code:
root@prime-prx:/var/db/pkg # ls -al
total 52420
drwxr-xr-x  48 root  wheel      1536 Mar  1 14:00 .
drwxr-xr-x  13 root  wheel       512 Feb  7 15:44 ..
-rw-r--r--   1 root  wheel       246 Feb 28 04:59 FreeBSD.meta
drwxr-xr-x   2 root  wheel       512 Dec  9 11:45 apache22-2.2.31_1
drwxr-xr-x   2 root  wheel       512 Dec  9 11:44 apr-1.5.2.1.5.4_2
drwxr-xr-x   2 root  wheel       512 Oct 20 16:50 autoconf-2.69_1
drwxr-xr-x   2 root  wheel       512 Feb 27 10:44 ca_root_nss-3.29.1
drwxr-xr-x   2 root  wheel       512 Feb  8 10:17 chkrootkit-0.51
drwxr-xr-x   2 root  wheel       512 Feb  8 09:50 cmake-3.7.2
drwxr-xr-x   2 root  wheel       512 Feb  8 09:50 cmake-modules-3.7.2
drwxr-xr-x   2 root  wheel       512 Feb 27 10:44 curl-7.53.1
drwxr-xr-x   2 root  wheel       512 Dec  9 11:43 db5-5.3.28_6
drwxr-xr-x   2 root  wheel       512 Oct 20 16:50 dialog4ports-0.1.6
drwxr-xr-x   2 root  wheel       512 Dec  9 11:43 expat-2.2.0_1
drwxr-xr-x   2 root  wheel       512 Feb  8 09:17 gettext-runtime-0.19.8.1_1
drwxr-xr-x   2 root  wheel       512 Feb  8 09:19 gettext-tools-0.19.8.1
drwxr-xr-x   2 root  wheel       512 Feb  8 10:29 glib-2.46.2_4
drwxr-xr-x   2 root  wheel       512 Oct 20 16:50 gmake-4.2.1_1
drwxr-xr-x   2 root  wheel       512 Feb  8 10:01 gnutls-3.5.8
drwxr-xr-x   2 root  wheel       512 Dec  9 11:26 indexinfo-0.2.6
drwxr-xr-x   2 root  wheel       512 Feb  8 09:38 jsoncpp-1.8.0_1
drwxr-xr-x   2 root  wheel       512 Feb  8 10:23 libgcrypt-1.7.6
drwxr-xr-x   2 root  wheel       512 Feb  8 10:23 libgpg-error-1.26
drwxr-xr-x   2 root  wheel       512 Dec  9 11:25 libiconv-1.14_10
drwxr-xr-x   2 root  wheel       512 Feb  8 10:22 libssh2-1.8.0,3
drwxr-xr-x   2 root  wheel       512 Feb  8 09:53 libtasn1-4.10
drwxr-xr-x   2 root  wheel       512 Feb  8 09:53 libunistring-0.9.7
drwxr-xr-x   2 root  wheel       512 Feb  8 09:39 libuv-1.11.0
-rw-r--r--   1 root  wheel   6475776 Feb 28 16:14 local.sqlite
drwxr-xr-x   2 root  wheel       512 Feb  8 09:37 m4-1.4.18,1
drwxr-xr-x   2 root  wheel       512 Feb 27 10:52 net-snmp-5.7.3_12
drwxr-xr-x   2 root  wheel       512 Feb  8 09:54 nettle-3.3
drwxr-xr-x   2 root  wheel       512 Feb 15 13:17 nginx-1.10.3_1,2
drwxr-xr-x   2 root  wheel       512 Dec  9 11:38 nmap-7.31
drwxr-xr-x   2 root  wheel       512 Feb 15 13:16 openssl-1.0.2k_1,1
drwxr-xr-x   2 root  wheel       512 Feb  8 09:57 p11-kit-0.23.3
drwxr-xr-x   2 root  wheel       512 Feb  8 10:26 pcre-8.40
drwxr-xr-x   2 root  wheel       512 Oct 20 16:48 perl5-5.20.3_15
drwxr-xr-x   2 root  wheel       512 Feb 28 12:10 pkg-1.10.0_1
drwxr-xr-x   2 root  wheel       512 Feb 28 12:11 pkgconf-1.3.0
drwxr-xr-x   2 root  wheel       512 Oct 20 16:55 png-1.6.25
drwxr-xr-x   2 root  wheel       512 Feb  8 09:41 py27-docutils-0.13.1
drwxr-xr-x   2 root  wheel       512 Feb  8 09:36 py27-setuptools27-32.1.0
drwxr-xr-x   2 root  wheel       512 Feb  8 09:42 py27-sphinx-1.4.8,1
drwxr-xr-x   2 root  wheel       512 Feb  8 09:36 python27-2.7.13_1
-rw-r--r--   1 root  wheel  41967616 Feb 28 04:59 repo-FreeBSD.sqlite
drwxr-xr-x   2 root  wheel       512 Feb  8 09:37 scons-2.5.1
drwxr-xr-x   2 root  wheel       512 Feb 27 10:46 sqlite3-3.17.0
drwxr-xr-x   2 root  wheel       512 Feb  8 09:31 sudo-1.8.19p2
drwxr-xr-x   2 root  wheel       512 Feb  8 10:22 tripwire-2.4.3.2
-r--r--r--   1 root  wheel   4908955 Mar  1 05:41 vuln.xml
drwxr-xr-x   2 root  wheel       512 Dec  9 11:26 wget-1.18
with rights all right
Code:
-rw-r--r--   1 root  wheel   6475776 Feb 28 16:14 local.sqlite
 
reboot my desktop, login to server, from console too not work
Code:
# pkg audit
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file
 
reinstall pkg from ports, and work from console
Code:
# pkg audit
0 problem(s) in the installed packages found.
 
I have the same pkg audit problem. I tried the other suggestions in this thread. I nuked my /usr/local and /var/db/pkg directories, bootstrapped, and reinstalled packages. Still getting the same pkg audit problem.

Code:
# pkg audit
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file
# pkg -v
1.10.0
# uname -a
FreeBSD *** 11.0-RELEASE-p8 FreeBSD 11.0-RELEASE-p8 #0: Wed Feb 22 06:12:04 UTC 2017     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64
 
In principle, change the permissions on the directory root (see PR 217390) corrected error "pkg: sqlite error ...".
But security policy requires a directory root setup rights 0700.
 
I have the same issue, my /root being 0700:
Code:
# pkg audit
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file

pkg version:
Code:
# pkg -v
1.10.0

If I run the same command under /var/db/pkg it works fine:
Code:
# cd /var/db/pkg/ && pkg audit
0 problem(s) in the installed packages found.
 
Hi

Yes, the same situation. With
Code:
cd /var/db/pkg/ && pkg audit
work.
Tell me pls, what script performs "daily security run output" that's this part:
"Checking for packages with security vulnerabilities:"?
To be able to insert it in "cd /var/db/pkg/ && pkg audit"?
 
As a workaround, I set my /root folder to 0755. This btw is the default after a fresh install.
What you can do is, while waiting for a fix, to make sure all sub-folders under /root are 0700.
Also, you can set the umaskfor your shell to 077 so that all new directories and files created by root have 0700 and 0600 permissions.
 
Safer fix: modify /usr/local/etc/periodic/security/410.pkg-audit and in the audit_pkgs() function add "cd /" before the first if statement. That fixes all of the daily/weekly/monthly security checks. Then you just need to make sure that when you run it manually you're in an accessible directory.
 

dvl@

Developer
I encountered a similar problem today. The cause of the problem: my pwd was a deleted directory.

i.e. something like this:

Code:
# cd ~/tmp/log
# rm -rf ~/tmp
# pkg info
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file

Solution: cd to an existing directory
 
Hi!
I have a similar problem:
FreeBSD version 11.0-RELEASE-p8

portmaster -a -f -D -R
Code:
pkg: sqlite error while executing sqlite open in file pkgdb.c:1126: unable to open database file
......
......
Installing wget-1.19...
===> SECURITY REPORT:
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
/usr/local/bin/wget

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
http://www.gnu.org/s/wget/

===>>> Re-installation of wget-1.19 succeeded

===>>> Returning to update check of installed ports

===>>> Update check of installed ports complete

pkg: sqlite error while executing sqlite open in file pkgdb.c:1126: unable to open database file
===>>> Done displaying pkg-message files

===>>> The following actions were performed:
        Re-installation of pkg-1.10.1
        Re-installation of perl5-5.24.1
        Re-installation of ca_root_nss-3.30
        Re-installation of dialog4ports-0.1.6
        Re-installation of nload-0.7.4_1
        Re-installation of pkgconf-1.3.0,1
        Re-installation of portmaster-3.17.10
        Re-installation of libiconv-1.14_10
        Re-installation of indexinfo-0.2.6
        Re-installation of gettext-runtime-0.19.8.1_1
        Re-installation of gettext-tools-0.19.8.1
        Re-installation of gmake-4.2.1_1
        Re-installation of tree-1.7.0
        Re-installation of autoconf-wrapper-20131203
        Re-installation of automake-wrapper-20131203
        Re-installation of cscope-15.8b
        Re-installation of ctags-5.8
        Re-installation of p5-Locale-gettext-1.06
        Re-installation of help2man-1.47.4
        Re-installation of texinfo-6.1.20160425,1
        Re-installation of m4-1.4.18,1
        Re-installation of autoconf-2.69_1
        Re-installation of automake-1.15_1
        Re-installation of libtool-2.4.6
        Re-installation of fusefs-libs-2.9.5
        Re-installation of icu-58.2,1
        Re-installation of libdnet-1.12_1
        Re-installation of libedit-3.1.20170329_2,1
        Re-installation of libevent-2.1.8
        Re-installation of libmspack-0.5
        Re-installation of libssh2-1.8.0,3
        Re-installation of libxml2-2.9.4
        Re-installation of libyaml-0.1.6_2
        Re-installation of tcl86-8.6.6_2
        Re-installation of xerces-c3-3.1.4
        Re-installation of apache-xml-security-c-1.7.3
        Re-installation of libffi-3.2.1
        Re-installation of readline-6.3.8
        Re-installation of pcre-8.40
        Re-installation of python27-2.7.13_1
        Re-installation of glib-2.50.2,1
        Re-installation of libidn-1.33_1
        Re-installation of libmetalink-0.1.3
        Re-installation of lua52-5.2.4
        Re-installation of ruby-2.3.3_2,1
        Re-installation of bison-3.0.4,1
        Re-installation of bash-4.4.12_1
        Re-installation of mc-4.8.19_1
        Re-installation of open-vm-tools-nox11-10.1.0_1,2
        Re-installation of python36-3.6.1
        Re-installation of rsync-3.1.2_6
        Re-installation of sqlite3-3.18.0
        Re-installation of sudo-1.8.19p2
        Re-installation of tmux-2.3_2
        Re-installation of vim-8.0.0534
        Re-installation of wget-1.19
Code:
# pkg audit
0 problem(s) in the installed packages found.
# pkg -v
1.10.1
All the software I installed with portmaster(8).
 
Was Fixed on pkg version: 1.10.1
No, it doesn't.

Code:
pkg: sqlite error while executing sqlite open in file pkgdb.c:1126: unable to open database file
===>>> Done displaying pkg-message files

I've got that message in spite of PWD I'm in.

Code:
> pkg -v
1.10.1
 
Top