"Permission denied" in log from any command

Osiris · April 19, 2022, 4:51pm

Huh.. Weird. I'll leave this to @certbot-devs or other community volunteers as I have no idea what so ever..

9peppe · April 19, 2022, 5:02pm

you did use --classic when installing it, right?

janka · April 19, 2022, 5:24pm

Yes.
And some more characters...

rg305 · April 19, 2022, 5:32pm

Show:
which certbot
history | grep -E 'snap|certbot|python'

? ? ? ?

janka · April 19, 2022, 5:58pm

which certbot gives /usr/bin/certbot

History:

   46  add-apt-repository ppa:certbot/certbot
   51  apt-get install python-certbot-nginx
  278  certbot
  361  certbot renew
  369  apt-get remove certbot
  370  snap install --classic certbot
  376  certbot renew --dry-run
  377  snap refresh core
  378  snap install core
  379  snap refresh core
  380  snap refresh certbot
  381  snap remove certbot
  382  snap install --classic certbot
  383  certbot renew --dry-run
  393  certbot renew
  395  certbot renew  --nginx
  425  certbot
  431  snap remove certbot
  433  snap install certbot --classic
  464  snap run certbot
  475  certbot renew --dry-run
  497  certbot --version
  500  certbot
  503  which certbot
  504  history | grep -E 'snap|certbot|python'

Had to put in minimum 6 characters

_az · April 19, 2022, 6:12pm

Are you using a web-based terminal by any chance? Like, are you typing these commands into a browser?

If you can try using a native SSH client (like ssh or PuTTY or whatever), that might help.

I've seen a couple of users run into this issue, we should look into what effect these terminals are having on the execution environment.

janka · April 19, 2022, 6:13pm

No. I'm ssh'ing from an Ubuntu desktop.

_az · April 19, 2022, 6:36pm

That's bizarre. Doubly so if certbot --version doesn't print anything. I'm not sure. Could you please run:

snap run --strace="-s 1024" certbot --version 2>certbot.log

and post the resulting certbot.log file somewhere?

rg305 · April 19, 2022, 7:07pm

Maybe those weren't fully undone?

janka · April 19, 2022, 7:10pm

https://dev.hmm.dk/certbot.log

janka · April 19, 2022, 7:18pm

Could be. I have no idea where to look.

apt list --installed|grep cert:

ca-certificates/focal-updates,focal-security,now 20210119~20.04.2 all [installed]
python3-certifi/focal,now 2019.11.28-1 all [installed,automatic]
ssl-cert/focal,now 1.0.39 all [installed,automatic]

_az · April 19, 2022, 7:47pm

Thanks. Nothing really stands out.

Is this installation of Ubuntu running in a Proxmox/CT/LXD environment? I noticed the kernel is older than it should be for Ubuntu Focal.

I don't know how significant that is going to be, but snapd does rely heavily on kernel features. Running Focal on 4.13 instead of 5.x could be having an interaction with snapd.

I suggest giving the pip instructions a try instead, and seeing whether the issue persists with that method of installing Certbot.

janka · April 19, 2022, 7:56pm

Yes. I guess it's about time to get the host off that 17.10 anyway. I'll upgrade and see if that makes a difference.
Thanks so far!

9peppe · April 19, 2022, 7:58pm

+9 months gives 19.04. A full three years ago.

janka · April 19, 2022, 8:05pm

In six months it is five years! Guess I just sort of forgot about that machine as I never have to touch it

9peppe · April 19, 2022, 8:16pm

Three years... since Canonical stopped supporting it.

There are better distros for that.

janka · April 20, 2022, 8:10am

Now the host is on 20.4, and it works again.
Thank you @_az for the help!

9peppe · April 20, 2022, 9:00am

22.04 is mere days away

janka · April 20, 2022, 9:07am

Naa, now I have 8 years to EOL

9peppe · April 20, 2022, 9:10am

You actually have three

ESM doesn't count. As Canonical puts it:

Canonical provides Ubuntu Advantage Essential subscriptions, which include ESM, free of charge for individuals on up to 3 machines. Ubuntu Extended Security Maintenance | Security | Ubuntu