• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

After update pkg. FreeBSD 10.3

RockerMan

New Member


Messages: 14

#1
Hi

After the next update multiple ports vulnerabilities, including port pkg, stopped working pkg audit in daily security run output.
Writes error:
Code:
Checking for packages with security vulnerabilities:
Database fetched: Mon Feb 27 03:34:35 MSK 2017
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file

-- End of security output --
on two servers.
Anyone encountered such a mistake?
How to remove it?

PS.
At the same time, on the server console command works fine
Code:
# pkg audit
0 problem(s) in the installed packages found.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Thanks: 5,495
Messages: 25,660

#2
Try forcing an update of the repository data; pkg update -f. I'm guessing it's that database that's corrupted.
 

RockerMan

New Member


Messages: 14

#3
Sorry I did not write, but I've done this update. Did again restarted for /etc/crontab. I also reinstalled sqlite3 from port, it did not help.
Code:
Checking for packages with security vulnerabilities:
Database fetched: Wed Mar  1 05:41:14 MSK 2017
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file

-- End of security output --
Code:
 # pkg audit
0 problem(s) in the installed packages found.
 

SirDice

Administrator
Staff member
Administrator
Moderator

Thanks: 5,495
Messages: 25,660

#4

RockerMan

New Member


Messages: 14

#5
ok
Code:
# pkg -v
1.10.0
# uname -a
FreeBSD prime-prx 10.3-RELEASE-p11 FreeBSD 10.3-RELEASE-p11 #0: Mon Oct 24 18:49:24 UTC 2016     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64
 

SirDice

Administrator
Staff member
Administrator
Moderator

Thanks: 5,495
Messages: 25,660

#6
I'm starting to think it might be a permission issue. Because it works if you run the commands by hand as root. What does ls -al /var/db/pkg show?
 

RockerMan

New Member


Messages: 14

#7
of course
Code:
root@prime-prx:/var/db/pkg # ls -al
total 52420
drwxr-xr-x  48 root  wheel      1536 Mar  1 14:00 .
drwxr-xr-x  13 root  wheel       512 Feb  7 15:44 ..
-rw-r--r--   1 root  wheel       246 Feb 28 04:59 FreeBSD.meta
drwxr-xr-x   2 root  wheel       512 Dec  9 11:45 apache22-2.2.31_1
drwxr-xr-x   2 root  wheel       512 Dec  9 11:44 apr-1.5.2.1.5.4_2
drwxr-xr-x   2 root  wheel       512 Oct 20 16:50 autoconf-2.69_1
drwxr-xr-x   2 root  wheel       512 Feb 27 10:44 ca_root_nss-3.29.1
drwxr-xr-x   2 root  wheel       512 Feb  8 10:17 chkrootkit-0.51
drwxr-xr-x   2 root  wheel       512 Feb  8 09:50 cmake-3.7.2
drwxr-xr-x   2 root  wheel       512 Feb  8 09:50 cmake-modules-3.7.2
drwxr-xr-x   2 root  wheel       512 Feb 27 10:44 curl-7.53.1
drwxr-xr-x   2 root  wheel       512 Dec  9 11:43 db5-5.3.28_6
drwxr-xr-x   2 root  wheel       512 Oct 20 16:50 dialog4ports-0.1.6
drwxr-xr-x   2 root  wheel       512 Dec  9 11:43 expat-2.2.0_1
drwxr-xr-x   2 root  wheel       512 Feb  8 09:17 gettext-runtime-0.19.8.1_1
drwxr-xr-x   2 root  wheel       512 Feb  8 09:19 gettext-tools-0.19.8.1
drwxr-xr-x   2 root  wheel       512 Feb  8 10:29 glib-2.46.2_4
drwxr-xr-x   2 root  wheel       512 Oct 20 16:50 gmake-4.2.1_1
drwxr-xr-x   2 root  wheel       512 Feb  8 10:01 gnutls-3.5.8
drwxr-xr-x   2 root  wheel       512 Dec  9 11:26 indexinfo-0.2.6
drwxr-xr-x   2 root  wheel       512 Feb  8 09:38 jsoncpp-1.8.0_1
drwxr-xr-x   2 root  wheel       512 Feb  8 10:23 libgcrypt-1.7.6
drwxr-xr-x   2 root  wheel       512 Feb  8 10:23 libgpg-error-1.26
drwxr-xr-x   2 root  wheel       512 Dec  9 11:25 libiconv-1.14_10
drwxr-xr-x   2 root  wheel       512 Feb  8 10:22 libssh2-1.8.0,3
drwxr-xr-x   2 root  wheel       512 Feb  8 09:53 libtasn1-4.10
drwxr-xr-x   2 root  wheel       512 Feb  8 09:53 libunistring-0.9.7
drwxr-xr-x   2 root  wheel       512 Feb  8 09:39 libuv-1.11.0
-rw-r--r--   1 root  wheel   6475776 Feb 28 16:14 local.sqlite
drwxr-xr-x   2 root  wheel       512 Feb  8 09:37 m4-1.4.18,1
drwxr-xr-x   2 root  wheel       512 Feb 27 10:52 net-snmp-5.7.3_12
drwxr-xr-x   2 root  wheel       512 Feb  8 09:54 nettle-3.3
drwxr-xr-x   2 root  wheel       512 Feb 15 13:17 nginx-1.10.3_1,2
drwxr-xr-x   2 root  wheel       512 Dec  9 11:38 nmap-7.31
drwxr-xr-x   2 root  wheel       512 Feb 15 13:16 openssl-1.0.2k_1,1
drwxr-xr-x   2 root  wheel       512 Feb  8 09:57 p11-kit-0.23.3
drwxr-xr-x   2 root  wheel       512 Feb  8 10:26 pcre-8.40
drwxr-xr-x   2 root  wheel       512 Oct 20 16:48 perl5-5.20.3_15
drwxr-xr-x   2 root  wheel       512 Feb 28 12:10 pkg-1.10.0_1
drwxr-xr-x   2 root  wheel       512 Feb 28 12:11 pkgconf-1.3.0
drwxr-xr-x   2 root  wheel       512 Oct 20 16:55 png-1.6.25
drwxr-xr-x   2 root  wheel       512 Feb  8 09:41 py27-docutils-0.13.1
drwxr-xr-x   2 root  wheel       512 Feb  8 09:36 py27-setuptools27-32.1.0
drwxr-xr-x   2 root  wheel       512 Feb  8 09:42 py27-sphinx-1.4.8,1
drwxr-xr-x   2 root  wheel       512 Feb  8 09:36 python27-2.7.13_1
-rw-r--r--   1 root  wheel  41967616 Feb 28 04:59 repo-FreeBSD.sqlite
drwxr-xr-x   2 root  wheel       512 Feb  8 09:37 scons-2.5.1
drwxr-xr-x   2 root  wheel       512 Feb 27 10:46 sqlite3-3.17.0
drwxr-xr-x   2 root  wheel       512 Feb  8 09:31 sudo-1.8.19p2
drwxr-xr-x   2 root  wheel       512 Feb  8 10:22 tripwire-2.4.3.2
-r--r--r--   1 root  wheel   4908955 Mar  1 05:41 vuln.xml
drwxr-xr-x   2 root  wheel       512 Dec  9 11:26 wget-1.18
with rights all right
Code:
-rw-r--r--   1 root  wheel   6475776 Feb 28 16:14 local.sqlite
 

RockerMan

New Member


Messages: 14

#8
reboot my desktop, login to server, from console too not work
Code:
# pkg audit
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file
 

RockerMan

New Member


Messages: 14

#9
reinstall pkg from ports, and work from console
Code:
# pkg audit
0 problem(s) in the installed packages found.
 

slaru

New Member

Thanks: 3
Messages: 2

#10
I have the same pkg audit problem. I tried the other suggestions in this thread. I nuked my /usr/local and /var/db/pkg directories, bootstrapped, and reinstalled packages. Still getting the same pkg audit problem.

Code:
# pkg audit
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file
# pkg -v
1.10.0
# uname -a
FreeBSD *** 11.0-RELEASE-p8 FreeBSD 11.0-RELEASE-p8 #0: Wed Feb 22 06:12:04 UTC 2017     root@amd64-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  amd64
 

RockerMan

New Member


Messages: 14

#15
In principle, change the permissions on the directory root (see PR 217390) corrected error "pkg: sqlite error ...".
But security policy requires a directory root setup rights 0700.
 

tsarya

Member

Thanks: 6
Messages: 37

#16
I have the same issue, my /root being 0700:
Code:
# pkg audit
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file
pkg version:
Code:
# pkg -v
1.10.0
If I run the same command under /var/db/pkg it works fine:
Code:
# cd /var/db/pkg/ && pkg audit
0 problem(s) in the installed packages found.
 

RockerMan

New Member


Messages: 14

#17
Hi

Yes, the same situation. With
Code:
cd /var/db/pkg/ && pkg audit
work.
Tell me pls, what script performs "daily security run output" that's this part:
"Checking for packages with security vulnerabilities:"?
To be able to insert it in "cd /var/db/pkg/ && pkg audit"?
 

tsarya

Member

Thanks: 6
Messages: 37

#18
As a workaround, I set my /root folder to 0755. This btw is the default after a fresh install.
What you can do is, while waiting for a fix, to make sure all sub-folders under /root are 0700.
Also, you can set the umaskfor your shell to 077 so that all new directories and files created by root have 0700 and 0600 permissions.
 

Jim Trigg

New Member


Messages: 3

#20
Safer fix: modify /usr/local/etc/periodic/security/410.pkg-audit and in the audit_pkgs() function add "cd /" before the first if statement. That fixes all of the daily/weekly/monthly security checks. Then you just need to make sure that when you run it manually you're in an accessible directory.
 

dvl@

Aspiring Daemon
Developer

Thanks: 57
Messages: 530

#22
I encountered a similar problem today. The cause of the problem: my pwd was a deleted directory.

i.e. something like this:

Code:
# cd ~/tmp/log
# rm -rf ~/tmp
# pkg info
pkg: sqlite error while executing sqlite open in file pkgdb.c:1107: unable to open database file
Solution: cd to an existing directory
 

Prostir

New Member


Messages: 6

#24
Hi!
I have a similar problem:
FreeBSD version 11.0-RELEASE-p8

portmaster -a -f -D -R
Code:
pkg: sqlite error while executing sqlite open in file pkgdb.c:1126: unable to open database file
......
......
Installing wget-1.19...
===> SECURITY REPORT:
      This port has installed the following files which may act as network
      servers and may therefore pose a remote security risk to the system.
/usr/local/bin/wget

      If there are vulnerabilities in these programs there may be a security
      risk to the system. FreeBSD makes no guarantee about the security of
      ports included in the Ports Collection. Please type 'make deinstall'
      to deinstall the port if this is a concern.

      For more information, and contact details about the security
      status of this software, see the following webpage:
http://www.gnu.org/s/wget/

===>>> Re-installation of wget-1.19 succeeded

===>>> Returning to update check of installed ports

===>>> Update check of installed ports complete

pkg: sqlite error while executing sqlite open in file pkgdb.c:1126: unable to open database file
===>>> Done displaying pkg-message files

===>>> The following actions were performed:
        Re-installation of pkg-1.10.1
        Re-installation of perl5-5.24.1
        Re-installation of ca_root_nss-3.30
        Re-installation of dialog4ports-0.1.6
        Re-installation of nload-0.7.4_1
        Re-installation of pkgconf-1.3.0,1
        Re-installation of portmaster-3.17.10
        Re-installation of libiconv-1.14_10
        Re-installation of indexinfo-0.2.6
        Re-installation of gettext-runtime-0.19.8.1_1
        Re-installation of gettext-tools-0.19.8.1
        Re-installation of gmake-4.2.1_1
        Re-installation of tree-1.7.0
        Re-installation of autoconf-wrapper-20131203
        Re-installation of automake-wrapper-20131203
        Re-installation of cscope-15.8b
        Re-installation of ctags-5.8
        Re-installation of p5-Locale-gettext-1.06
        Re-installation of help2man-1.47.4
        Re-installation of texinfo-6.1.20160425,1
        Re-installation of m4-1.4.18,1
        Re-installation of autoconf-2.69_1
        Re-installation of automake-1.15_1
        Re-installation of libtool-2.4.6
        Re-installation of fusefs-libs-2.9.5
        Re-installation of icu-58.2,1
        Re-installation of libdnet-1.12_1
        Re-installation of libedit-3.1.20170329_2,1
        Re-installation of libevent-2.1.8
        Re-installation of libmspack-0.5
        Re-installation of libssh2-1.8.0,3
        Re-installation of libxml2-2.9.4
        Re-installation of libyaml-0.1.6_2
        Re-installation of tcl86-8.6.6_2
        Re-installation of xerces-c3-3.1.4
        Re-installation of apache-xml-security-c-1.7.3
        Re-installation of libffi-3.2.1
        Re-installation of readline-6.3.8
        Re-installation of pcre-8.40
        Re-installation of python27-2.7.13_1
        Re-installation of glib-2.50.2,1
        Re-installation of libidn-1.33_1
        Re-installation of libmetalink-0.1.3
        Re-installation of lua52-5.2.4
        Re-installation of ruby-2.3.3_2,1
        Re-installation of bison-3.0.4,1
        Re-installation of bash-4.4.12_1
        Re-installation of mc-4.8.19_1
        Re-installation of open-vm-tools-nox11-10.1.0_1,2
        Re-installation of python36-3.6.1
        Re-installation of rsync-3.1.2_6
        Re-installation of sqlite3-3.18.0
        Re-installation of sudo-1.8.19p2
        Re-installation of tmux-2.3_2
        Re-installation of vim-8.0.0534
        Re-installation of wget-1.19
Code:
# pkg audit
0 problem(s) in the installed packages found.
# pkg -v
1.10.1
All the software I installed with portmaster(8).
 

DeadLoco

New Member

Thanks: 3
Messages: 17

#25
Was Fixed on pkg version: 1.10.1
No, it doesn't.

Code:
pkg: sqlite error while executing sqlite open in file pkgdb.c:1126: unable to open database file
===>>> Done displaying pkg-message files
I've got that message in spite of PWD I'm in.

Code:
> pkg -v
1.10.1