Ubuntu – Trouble with batch conversion of .png to .pdf using convert

convert is a powerful command line tool to convert graphics. Its support for PDF is provided by Ghostscript. Because of a significant security hole in Ghostscript prior to version 9.24, use of convert on PDF files has been blocked as a stopgap. The issue has been fixed since Ghostscript version 9.24. While Ghostscript versions are updated to secure versions in all supported Ubuntu versions (at this time from Ubuntu 16.04 onwards), the usage restriction may still be in place.

The policy file is /etc/ImageMagick-6/policy.xml. You may edit that file as root user to change the policies.

Eliminating all usage restrictions

For desktop users not running a webserver, simply eliminating these restrictions might be good enough. To that aim, one may delete the file, but it is better practice to "move the file out" by renaming it. With this command, you are renaming the file. As a result, all policies are lifted, but you still can revert if needed:

sudo mv /etc/ImageMagick-6/policy.xml /etc/ImageMagick-6/policy.xmlout

To revert to the original situation, just rename back to the original name:

sudo mv /etc/ImageMagick-6/policy.xmlout /etc/ImageMagick-6/policy.xml

Be well aware that moving the policy file out decreases system security.

Eliminating only the restriction to combine into PDF

For your specific case, gene_wood in a comment pointed to the posibility to selectively relax the policy for working with PDF files by commenting out one line:

<policy domain="coder" rights="none" pattern="PDF" />

Edit the file, and place comment marks around this line to disable this rule:

<!-- <policy domain="coder" rights="none" pattern="PDF" /> -->

If you do not want to eliminate all security policies, this is the way to go.