Feature: run apt-news as non-root

[panlinux]

Please describe the scenario where the new feature would be useful

While creating an apparmor profile and adding systemd isolation features to the apt-news service, I realized that it runs as root unnecessarily, as it just downloads a json file and stores it locally.

Describe the solution you'd like The next logical step in securing the service should be to run it as a non-privileged user.

Current behavior

The service runs as a privileged user without actually requiring those privileges.

Additional context As this is a simple service, it's also a good starting point for extra hardening of the Pro client. This might need a spec, though:

• create user in postinst
• how to handle upgrades from previous packages (chown where needed?)
• adjust directory permissions to allow non-privileged user to write there. Maybe a new directory will be needed
• code that downloads json file might also be the code that tries to parse it and create other files or run other actions, which may actually need root privileges for the moment. So perhaps splitting some code might be necessary
• apparmor profile will have to likely be updated, and perhaps systemd isolation features too

[orndorffgrant]

Thanks! This is a great idea. We should probably migrate many services and files that we create to be owned by a pro system user. This is potentially large in scope so marking "future". It is also potentially controversial to SRU this change (and therefore create a new user on every Ubuntu machine out there).

[panlinux]

Agreed on this being potentially large. About creating a new system user everywhere, I don't see it as controversial. Lots of packages do it.