[Touch-packages] [Bug 1886412] Re: $ ubuntu-bug xorg
** Package changed: xorg (Ubuntu) => ubuntu -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1886412 Title: $ ubuntu-bug xorg Status in Ubuntu: Incomplete Bug description: I cannot open system settings so I can set up a sleep mode after leaving offfor a spell. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: xorg 1:7.7+19ubuntu7.1 ProcVersionSignature: Ubuntu 4.15.0-109.110-generic 4.15.18 Uname: Linux 4.15.0-109-generic x86_64 NonfreeKernelModules: nvidia .proc.driver.nvidia.gpus.0: Error: [Errno 21] Is a directory: '/proc/driver/nvidia/gpus/0' .proc.driver.nvidia.registry: Binary: "" .proc.driver.nvidia.version: NVRM version: NVIDIA UNIX x86_64 Kernel Module 304.137 Thu Sep 14 13:51:03 PDT 2017 GCC version: gcc version 7.5.0 (Ubuntu 7.5.0-3ubuntu1~18.04) .tmp.unity_support_test.1: ApportVersion: 2.20.9-0ubuntu7.15 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: None Date: Mon Jul 6 11:57:21 2020 DistUpgraded: Fresh install DistroCodename: bionic DistroVariant: ubuntu DkmsStatus: nvidia, 304.137, 4.15.0-108-generic, x86_64: installed nvidia, 304.137, 4.15.0-109-generic, x86_64: installed GraphicsCard: NVIDIA Corporation C61 [GeForce 7025 / nForce 630a] [10de:03d6] (rev a2) (prog-if 00 [VGA controller]) Subsystem: ASUSTeK Computer Inc. C61 [GeForce 7025 / nForce 630a] [1043:83a4] InstallationDate: Installed on 2012-09-29 (2837 days ago) InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 (20120823.1) MachineType: System manufacturer System Product Name ProcEnviron: LANGUAGE=en_GB:en PATH=(custom, no user) LANG=en_GB.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-109-generic root=UUID=6eb98a42-bc12-42f1-992b-97782d05bb24 ro splash quiet Renderer: Software SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 01/26/2011 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 0702 dmi.board.asset.tag: To Be Filled By O.E.M. dmi.board.name: M4N68T-M-LE-V2 dmi.board.vendor: ASUSTeK Computer INC. dmi.board.version: Rev X.0x dmi.chassis.asset.tag: Asset-1234567890 dmi.chassis.type: 3 dmi.chassis.vendor: Chassis Manufacture dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr0702:bd01/26/2011:svnSystemmanufacturer:pnSystemProductName:pvrSystemVersion:rvnASUSTeKComputerINC.:rnM4N68T-M-LE-V2:rvrRevX.0x:cvnChassisManufacture:ct3:cvrChassisVersion: dmi.product.family: To Be Filled By O.E.M. dmi.product.name: System Product Name dmi.product.version: System Version dmi.sys.vendor: System manufacturer version.compiz: compiz 1:0.9.13.1+18.04.20180302-0ubuntu1 version.libdrm2: libdrm2 2.4.101-2~18.04.1 version.libgl1-mesa-dri: libgl1-mesa-dri 19.2.8-0ubuntu0~18.04.3 version.libgl1-mesa-glx: libgl1-mesa-glx 19.2.8-0ubuntu0~18.04.3 version.nvidia-graphics-drivers: nvidia-graphics-drivers-* N/A version.xserver-xorg-core: xserver-xorg-core 2:1.19.6-1ubuntu4.4 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.5-1ubuntu1 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:18.0.1-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20171229-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.15-2 xserver.bootTime: Fri Jul 3 12:16:20 2020 xserver.configfile: /etc/X11/xorg.conf xserver.logfile: /var/log/Xorg.0.log xserver.outputs: xserver.version: 2:1.19.6-1ubuntu4.4 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1886412/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886900] Re: intel HD Graphics 4400
What is the problem you are trying to report? I can see kernel crashes relating to your webcam, but no problems relating to Intel graphics. ** Package changed: xorg (Ubuntu) => ubuntu ** Changed in: ubuntu Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1886900 Title: intel HD Graphics 4400 Status in Ubuntu: Incomplete Bug description: cadê ubuntu é hd intel vga ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: xorg 1:7.7+19ubuntu14 ProcVersionSignature: Ubuntu 5.4.0-40.44-generic 5.4.44 Uname: Linux 5.4.0-40-generic x86_64 ApportVersion: 2.20.11-0ubuntu27.3 Architecture: amd64 BootLog: Error: [Errno 13] Permissão negada: '/var/log/boot.log' CasperMD5CheckResult: skip CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Thu Jul 9 01:37:25 2020 DistUpgraded: Fresh install DistroCodename: focal DistroVariant: ubuntu DkmsStatus: v4l2loopback, 0.12.3, 5.4.0-40-generic, x86_64: installed ExtraDebuggingInterest: Yes GraphicsCard: Intel Corporation Haswell-ULT Integrated Graphics Controller [8086:0a16] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Acer Incorporated [ALI] Haswell-ULT Integrated Graphics Controller [1025:0775] InstallationDate: Installed on 2020-07-07 (2 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) MachineType: Acer Aspire E1-572 ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.4.0-40-generic root=UUID=e96503f3-7e43-44f7-8101-2da602a5db12 ro quiet splash vt.handoff=7 SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/02/2014 dmi.bios.vendor: Insyde Corp. dmi.bios.version: V2.17 dmi.board.asset.tag: Type2 - Board Asset Tag dmi.board.name: EA50_HW dmi.board.vendor: Acer dmi.board.version: V2.17 dmi.chassis.asset.tag: Chassis Asset Tag dmi.chassis.type: 10 dmi.chassis.vendor: Acer dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnInsydeCorp.:bvrV2.17:bd09/02/2014:svnAcer:pnAspireE1-572:pvrV2.17:rvnAcer:rnEA50_HW:rvrV2.17:cvnAcer:ct10:cvrChassisVersion: dmi.product.family: SharkBay System dmi.product.name: Aspire E1-572 dmi.product.sku: Aspire E1-572_0775_V2.17 dmi.product.version: V2.17 dmi.sys.vendor: Acer version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.101-2 version.libgl1-mesa-dri: libgl1-mesa-dri 20.0.8-0ubuntu1~20.04.1 version.libgl1-mesa-glx: libgl1-mesa-glx N/A version.xserver-xorg-core: xserver-xorg-core 2:1.20.8-2ubuntu2.1 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20200226-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.16-1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/1886900/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1871721] Re: Second Monitor on HDMI blank screen/blink screen with Nvidia + Intel & Ubuntu 20.04? (ASUS Laptop)
Please remove "quiet splash" from GRUB boot command line and see if it helps. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to mesa in Ubuntu. https://bugs.launchpad.net/bugs/1871721 Title: Second Monitor on HDMI blank screen/blink screen with Nvidia + Intel & Ubuntu 20.04? (ASUS Laptop) Status in kernel-package package in Ubuntu: Confirmed Status in mesa package in Ubuntu: Confirmed Status in nouveau-firmware package in Ubuntu: Confirmed Status in nvidia-graphics-drivers-440 package in Ubuntu: Confirmed Status in xserver-xorg-video-intel package in Ubuntu: Confirmed Bug description: I installed Ubuntu 20.04 on my ASUS laptop with Intel+Nvidia with propietary drivers of Nvidia (I have 440.64 rn) and I connected a second monitor to use it, but I saw that I cannot use it, I just see a blank screen. I tried with a TV of my room and same. The funny part is when I start the laptop to work, I can see the logo of my BIOS and the ASUS logo in the second monitor, even the grub, but after that I can't see nothing. When I reduce the resolution of the second monitor (800x600) then works, but even with that sometimes blinks to black again. On W10 for example it works perfectly, so I deduce it's not 'cause my HDMI. I tried with nouveau drivers and I have the same results btw. Laptop Asus with: Graphic card Nvidia GTX960M Processor Intel i5 6300 I tried with Nvidia Prime to Nvidia, Intel and On-demand. None of them works. All of them with Xorg. I have this with xrandr: Screen 0: minimum 8 x 8, current 2720 x 1080, maximum 16384 x 16384 eDP-1-1 connected primary 1920x1080+0+0 (normal left inverted right x axis y axis) 344mm x 193mm 1920x1080 60.00*+ 59.9759.9659.93 1680x1050 59.9559.88 1600x1024 60.17 1400x1050 59.98 1600x900 59.9959.9459.9559.82 1280x1024 60.02 1440x900 59.89 1400x900 59.9659.88 1280x960 60.00 1440x810 60.0059.97 1368x768 59.8859.85 1360x768 59.8059.96 1280x800 59.9959.9759.8159.91 1152x864 60.00 1280x720 60.0059.9959.8659.74 1024x768 60.0460.00 960x720 60.00 928x696 60.05 896x672 60.01 1024x576 59.9559.9659.9059.82 960x600 59.9360.00 960x540 59.9659.9959.6359.82 800x600 60.0060.3256.25 840x525 60.0159.88 864x486 59.9259.57 800x512 60.17 700x525 59.98 800x450 59.9559.82 640x512 60.02 720x450 59.89 700x450 59.9659.88 640x480 60.0059.94 720x405 59.5158.99 684x384 59.8859.85 680x384 59.8059.96 640x400 59.8859.98 576x432 60.06 640x360 59.8659.8359.8459.32 512x384 60.00 512x288 60.0059.92 480x270 59.6359.82 400x300 60.3256.34 432x243 59.9259.57 320x240 60.05 360x202 59.5159.13 320x180 59.8459.32 DP-1-1 disconnected (normal left inverted right x axis y axis) HDMI-1-1 disconnected (normal left inverted right x axis y axis) HDMI-1-2 connected 800x600+1920+0 (normal left inverted right x axis y axis) 1600mm x 900mm 1920x1080 60.00 + 50.0059.9430.0025.0024.0029.97 23.98 1920x1080i60.0050.0059.94 1280x1024 60.02 1360x768 60.02 1152x864 59.97 1280x720 59.8160.0050.0059.94 1024x768 60.00 800x600 60.32* 720x576 50.00 720x576i 50.00 720x480 60.0059.94 640x480 60.0059.94 720x400 70.08 DP-1-2 disconnected (normal left inverted right x axis y axis) HDMI-1-3 disconnected (normal left inverted right x axis y axis) PD: When you select a specific resolution, the second monitor "works", but it blinks, the image showed via HDMI on the second monitor blinks. So is impossible to work with it. Since all this time I was searching about this and I'm almost sure this is a problem of the GPU's Intel. But I saw this problem on askubuntu just with laptops with hybrid graphics. Always with Nvidia+Intel. (Maybe AMD+Nvidia too, but I'm not sure if they have the same problem here). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/kernel-package/+bug/1871721/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886900] [NEW] intel HD Graphics 4400
Public bug reported: cadê ubuntu é hd intel vga ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: xorg 1:7.7+19ubuntu14 ProcVersionSignature: Ubuntu 5.4.0-40.44-generic 5.4.44 Uname: Linux 5.4.0-40-generic x86_64 ApportVersion: 2.20.11-0ubuntu27.3 Architecture: amd64 BootLog: Error: [Errno 13] Permissão negada: '/var/log/boot.log' CasperMD5CheckResult: skip CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Thu Jul 9 01:37:25 2020 DistUpgraded: Fresh install DistroCodename: focal DistroVariant: ubuntu DkmsStatus: v4l2loopback, 0.12.3, 5.4.0-40-generic, x86_64: installed ExtraDebuggingInterest: Yes GraphicsCard: Intel Corporation Haswell-ULT Integrated Graphics Controller [8086:0a16] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Acer Incorporated [ALI] Haswell-ULT Integrated Graphics Controller [1025:0775] InstallationDate: Installed on 2020-07-07 (2 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) MachineType: Acer Aspire E1-572 ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.4.0-40-generic root=UUID=e96503f3-7e43-44f7-8101-2da602a5db12 ro quiet splash vt.handoff=7 SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/02/2014 dmi.bios.vendor: Insyde Corp. dmi.bios.version: V2.17 dmi.board.asset.tag: Type2 - Board Asset Tag dmi.board.name: EA50_HW dmi.board.vendor: Acer dmi.board.version: V2.17 dmi.chassis.asset.tag: Chassis Asset Tag dmi.chassis.type: 10 dmi.chassis.vendor: Acer dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnInsydeCorp.:bvrV2.17:bd09/02/2014:svnAcer:pnAspireE1-572:pvrV2.17:rvnAcer:rnEA50_HW:rvrV2.17:cvnAcer:ct10:cvrChassisVersion: dmi.product.family: SharkBay System dmi.product.name: Aspire E1-572 dmi.product.sku: Aspire E1-572_0775_V2.17 dmi.product.version: V2.17 dmi.sys.vendor: Acer version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.101-2 version.libgl1-mesa-dri: libgl1-mesa-dri 20.0.8-0ubuntu1~20.04.1 version.libgl1-mesa-glx: libgl1-mesa-glx N/A version.xserver-xorg-core: xserver-xorg-core 2:1.20.8-2ubuntu2.1 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20200226-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.16-1 ** Affects: xorg (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug focal ubuntu -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1886900 Title: intel HD Graphics 4400 Status in xorg package in Ubuntu: New Bug description: cadê ubuntu é hd intel vga ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: xorg 1:7.7+19ubuntu14 ProcVersionSignature: Ubuntu 5.4.0-40.44-generic 5.4.44 Uname: Linux 5.4.0-40-generic x86_64 ApportVersion: 2.20.11-0ubuntu27.3 Architecture: amd64 BootLog: Error: [Errno 13] Permissão negada: '/var/log/boot.log' CasperMD5CheckResult: skip CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Thu Jul 9 01:37:25 2020 DistUpgraded: Fresh install DistroCodename: focal DistroVariant: ubuntu DkmsStatus: v4l2loopback, 0.12.3, 5.4.0-40-generic, x86_64: installed ExtraDebuggingInterest: Yes GraphicsCard: Intel Corporation Haswell-ULT Integrated Graphics Controller [8086:0a16] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Acer Incorporated [ALI] Haswell-ULT Integrated Graphics Controller [1025:0775] InstallationDate: Installed on 2020-07-07 (2 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) MachineType: Acer Aspire E1-572 ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.4.0-40-generic root=UUID=e96503f3-7e43-44f7-8101-2da602a5db12 ro quiet splash vt.handoff=7 SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/02/2014 dmi.bios.vendor: Insyde Corp. dmi.bios.version: V2.17 dmi.board.asset.tag: Type2 - Board Asset Tag dmi.board.name: EA50_HW dmi.board.vendor: Acer dmi.board.version: V2.17 dmi.chassis.asset.tag: Chassis Asset Tag dmi.chassis.type: 10 dmi.chassis.vendor: Acer dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnInsydeCorp.:bvrV2.17:bd09/02/2014:svnAcer:pnAspireE1-572:pvrV2.17:rvnAcer:rnEA50_HW:rvrV2.17:cvnAcer:ct10:cvrChassisVersion: dmi.product.family: SharkBay System dmi.product.name: Aspire E1-572 dmi.product.sku: Aspire E1-572_0775_V2.17 dmi.product.version: V2.17 dmi.sys.vendor: Acer version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.101-2 version.libgl1-mesa-dri: libgl1-mesa-dri 20.0.8-0ubuntu1~20.04.1 version.libgl1-mesa-glx: libgl1-mesa-glx N/A version.xserver-xorg-core: xserver-xorg-core 2:1.20.8-2ubuntu2.1 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
[Touch-packages] [Bug 1051891] Re: Kernel crash shows confusing UI text
** Changed in: apport
Assignee: (unassigned) => Jaroslavas Karmazinas (cheops)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1051891
Title:
Kernel crash shows confusing UI text
Status in Apport:
Triaged
Status in apport package in Ubuntu:
Invalid
Bug description:
apport trunk r2483
If there is a kernel crash or oops, apport-gtk shows the "Ubuntu has
experienced an internal error" message:
elif report_type == 'KernelCrash' or report_type == 'KernelOops':
...
self.w('title_label').set_label('%s' %
self.get_system_application_title())
...
def get_system_application_title(self):
...
else:
if 'DistroRelease' not in self.report:
self.report.add_os_info()
t = _('Sorry, %s has experienced an internal error.') %
self.report['DistroRelease']
return t
This is appropriate for an oops, because the UI will appear shortly
afterward. But it isn't appropriate for a kernel crash, because Ubuntu
will have restarted since the error. In that case, it should instead
show the text "Ubuntu has restarted after experiencing an internal
error."
It may save time to fix bug 1043392 at the same time as this bug.
To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1051891/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886714] Re: Bluetooth disconnects, and then sound fails on reconnect
Thanks. Yes I noticed that but we still need info from a machine running a supported version of Ubuntu. So on either 18.04 or 20.04 please run this command to collect it automatically: apport-collect 1886714 ** Changed in: bluez (Ubuntu) Status: Won't Fix => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bluez in Ubuntu. https://bugs.launchpad.net/bugs/1886714 Title: Bluetooth disconnects, and then sound fails on reconnect Status in bluez package in Ubuntu: Incomplete Bug description: This bug has persisted over several years, and several versions, and after a lot of investigation I'm not really any closer on what's going on. I have two pretty old GA MA78gm S2H mainboards, configured slightly different, and otherwise working properly. Both of them have run both Ubuntu and Windows. The problem seems to have been minimized when running Win10, and even if it is there it seems like Win10 recover when it happen. I wonder if I started noticing the problem under Ubuntu 14.x, but I'm pretty sure it was there already at Ubuntu 16.x. I'm now running Ubuntu 19.10 and Gnome 3.34.2. (Just for the record, the bug also persisted in Ubu 18.04 for as long as I was using it.) It isn't really an option to switch the mainboards, as there are too much custom-builds running on them for the moment. They will probably be replaced when I have time to rebuild everything. ;) To make Bluetooth work I use an ASUS USB-BT400, which report as “BCM920702 Bluetooth 4.0”, or more accurately “BCM20702A1 (001.002.014) build 1467”. I have also used other dongles, but it seems like all of them has the same chipset. Now… Given I restart the computer And boot into Ubuntu 19.10 And log in as myself And attach a pair of Sony MDR-ZX770BN When I listen to sound from a movie with A2DP Then at some random point it start to lag noticeably (sound becomes scratchy) And suddenly disconnects (at this point it seems like it is Bluetooth that disconnects) It may take 5–10 minutes and up to several hours before it disconnects. Given I turn the headphones off And back on When it reconnects to the computer Then the computer fails to enable the sound device (visible in the preference manager f.ex.) There are several reports of various equipments that disconnect, and I wonder if this could be the same problem. Problem 1 The dongle is rather hot when it disconnects. This is mere speculation, but I wonder if the disconnect happen because either the mainboard gives to little current and thus it fails due to voltage drop, or it fails due to overheating. It seems like the port should have enough current to sustain the dongle, but I wonder if the mainboard could let several ports share the same power source, and thus it fail to deliver enough current. There are other devices powered by the USB ports, and they don't seem to fail, which seems likely to happen if power is the issue. The issue seems to be somewhat related to the quality of the audio, which makes me wonder whether higher quality gives more transferred data, which again gives higher power consumption. It also seems like the issue can be triggered by moving away from the computer. That would give higher tx power, which could make the dongle overheat or mainboard could fail to provide enough current. Is there any way to get a more specific failure report from the dongle? Problem 2 After the headphone reconnects it seems like the sound system isn't working properly. I've been checking, and everything seems correct, still the headphone is missing as an output device. I have not been able to figure out what makes the sound system fail, and I have not been able to make it recover. Only way to recover seems to be to do a cold reboot. A simple warm reboot does not fix the problem, but this can be related to problem 1. A few dumps john@hydra:~$ dmesg | fgrep 'Blue' [3.089584] usb 1-2.2: Product: BCM920702 Bluetooth 4.0 [8.417252] Bluetooth: Core ver 2.22 [8.417280] Bluetooth: HCI device and connection manager initialized [8.417284] Bluetooth: HCI socket layer initialized [8.417286] Bluetooth: L2CAP socket layer initialized [8.417301] Bluetooth: SCO socket layer initialized [8.779706] Bluetooth: hci0: BCM: chip id 63 [8.780703] Bluetooth: hci0: BCM: features 0x07 [8.796682] Bluetooth: hci0: hydra [8.800667] Bluetooth: hci0: BCM20702A1 (001.002.014) build 1467 [9.671568] Bluetooth: hci0: BCM20702A1 (001.002.014) build 1467 [9.687584] Bluetooth: hci0: Broadcom Bluetooth Device [ 10.571440] Bluetooth: BNEP (Ethernet Emulation) ver 1.3 [ 10.571442] Bluetooth: BNEP filters: protocol multicast [ 10.571448] Bluetooth: BNEP socket layer initialized [ 630.835385] Bluetooth: RFCOMM TTY layer
[Touch-packages] [Bug 1886854] Re: Race in load-module snap policy check in classic confinement
** Tags added: focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1886854 Title: Race in load-module snap policy check in classic confinement Status in pulseaudio package in Ubuntu: New Bug description: SUMMARY = When running a snap in classic confinement, that needs access to PA_COMMAND_LOAD_MODULE and PA_COMMAND_UNLOAD_MODULE. These sometimes succeed and sometimes fail with "Access denied". After running "pacmd unload-module module-snap-policy" and unloading the snap policy module, these work reliably. I have verified this in a fresh install of Ubuntu 20.04 in a VM. STEPS TO REPRODUCE = a) Either build a snap with classic confinement that sends these commands on the pulseaudio native protocol socket. (This is how I found the bug) b) Or, what I did here to easier reproduce, abuse the sandbox of a random classic snap: Download the attached bug.tgz with a minimal reproducer. It contains the source code for a program that sends load and unload commands to pulse. Unfortunately `pacmd` has a pid-file check that fails inside the sandbox and doesn't work. The reproducer does essentially the same as "pacmd load/unload-module" though. (a pre-compiled x64 binary is also included in case you don't have a go compiler and dare to run an untrusted binary in a VM) Unpack the tgz, build it, if necessary with "go mod download && go build" Grab a random classic mode snap to use its sandbox as a test bed: $ sudo snap install atom --classic atom 1.48.0 from Snapcrafters installed Open a shell in its sandbox: snap run --shell atom Navigate to the compiled binary and execute it a few times: user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:10 PulseAudio connection created successfully 2020/07/08 18:46:10 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:11 PulseAudio connection created successfully Loaded Module sucessfully at index: 40 user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:12 PulseAudio connection created successfully Loaded Module sucessfully at index: 41 user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:12 PulseAudio connection created successfully 2020/07/08 18:46:12 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:14 PulseAudio connection created successfully 2020/07/08 18:46:14 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:14 PulseAudio connection created successfully 2020/07/08 18:46:14 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:15 PulseAudio connection created successfully 2020/07/08 18:46:15 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied Succeeds and fails apparently at random. Now from a non-sandboxed shell, run pacmd unload-module module-snap-policy to unload the snap-policy module from pulseaudio, now run ./bug a few more times. It now succeeds reliably, every time. Side note, with the real program on my actual machine, the race seems to behave slightly differently. It seems not to work the first time an application is started, but closing it and reopening it seems to make it work pretty reliably afterwards. Restarting "snapd", causes the following run the snap to fail again. EXPECTED BEHAVIOUR == The pulseaudio snap policy module should correctly determine and enforce it's policy. ACTUAL BEHAVIOUR The pulseaudio snap policy module seemingly at random denies access when the snap has the permissions to do an operation. ADDITIONAL INFORMATION == $ lsb_release -rd Description: Ubuntu 20.04 LTS Release: 20.04 $ apt-cache policy pulseaudio pulseaudio: Installed: 1:13.99.1-1ubuntu3.3 Candidate: 1:13.99.1-1ubuntu3.3 Version table: *** 1:13.99.1-1ubuntu3.3 500 500 http://ch.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 1:13.99.1-1ubuntu3.2 500 500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages 1:13.99.1-1ubuntu3 500 500 http://ch.archive.ubuntu.com/ubuntu focal/main amd64 Packages To manage notifications about this bug go to:
[Touch-packages] [Bug 1886869] Re: Double dock after screen lock.
Please: 1. Attach a photo of the problem. 2. Run the 'Extensions' app (gnome-shell-extension-prefs) and ensure you don't have two dock extensions enabled. ** Package changed: xorg (Ubuntu) => gnome-shell (Ubuntu) ** Changed in: gnome-shell (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1886869 Title: Double dock after screen lock. Status in gnome-shell package in Ubuntu: Incomplete Bug description: After locking my screen and unlocking, i see a double dock. The first one have the trash can icon and the main one doesn't. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: xorg 1:7.7+19ubuntu14 ProcVersionSignature: Ubuntu 5.4.0-40.44-generic 5.4.44 Uname: Linux 5.4.0-40-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia .proc.driver.nvidia.gpus..02.00.0: Error: [Errno 21] Es un directorio: '/proc/driver/nvidia/gpus/:02:00.0' .proc.driver.nvidia.registry: Binary: "" .proc.driver.nvidia.suspend: suspend hibernate resume .proc.driver.nvidia.suspend_depth: default modeset uvm .proc.driver.nvidia.version: NVRM version: NVIDIA UNIX x86_64 Kernel Module 440.100 Fri May 29 08:45:51 UTC 2020 GCC version: gcc version 9.3.0 (Ubuntu 9.3.0-10ubuntu2) ApportVersion: 2.20.11-0ubuntu27.3 Architecture: amd64 BootLog: Error: [Errno 13] Permiso denegado: '/var/log/boot.log' CasperMD5CheckResult: skip CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Wed Jul 8 15:27:41 2020 DistUpgraded: 2020-04-24 12:10:19,615 ERROR got error from PostInstallScript ./xorg_fix_proprietary.py (g-exec-error-quark: Falló al ejecutar el proceso hijo «./xorg_fix_proprietary.py» (No existe el archivo o el directorio) (8)) DistroCodename: focal DistroVariant: ubuntu DkmsStatus: nvidia, 440.100, 5.4.0-39-generic, x86_64: installed nvidia, 440.100, 5.4.0-40-generic, x86_64: installed ExtraDebuggingInterest: Yes GraphicsCard: Advanced Micro Devices, Inc. [AMD/ATI] Wani [Radeon R5/R6/R7 Graphics] [1002:9874] (rev e6) (prog-if 00 [VGA controller]) Subsystem: Gigabyte Technology Co., Ltd Radeon R7 Graphics [1458:d000] NVIDIA Corporation GK208B [GeForce GT 710] [10de:128b] (rev a1) (prog-if 00 [VGA controller]) Subsystem: Gigabyte Technology Co., Ltd GK208B [GeForce GT 710] [1458:375a] InstallationDate: Installed on 2020-04-04 (94 days ago) InstallationMedia: Ubuntu 18.04.2 LTS "Bionic Beaver" - Release amd64 (20190210) MachineType: Gigabyte Technology Co., Ltd. To be filled by O.E.M. ProcEnviron: LANGUAGE=es_MX:es PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=es_MX.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.4.0-40-generic root=UUID=acb80b2e-decc-41c3-b1b0-daa06a3b7465 ro quiet splash vt.handoff=7 SourcePackage: xorg Symptom: display UpgradeStatus: Upgraded to focal on 2020-04-24 (75 days ago) dmi.bios.date: 10/09/2018 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: FD dmi.board.asset.tag: To be filled by O.E.M. dmi.board.name: F2A68HM-H dmi.board.vendor: Gigabyte Technology Co., Ltd. dmi.board.version: x.x dmi.chassis.asset.tag: To Be Filled By O.E.M. dmi.chassis.type: 3 dmi.chassis.vendor: Gigabyte Technology Co., Ltd. dmi.chassis.version: To Be Filled By O.E.M. dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrFD:bd10/09/2018:svnGigabyteTechnologyCo.,Ltd.:pnTobefilledbyO.E.M.:pvrTobefilledbyO.E.M.:rvnGigabyteTechnologyCo.,Ltd.:rnF2A68HM-H:rvrx.x:cvnGigabyteTechnologyCo.,Ltd.:ct3:cvrToBeFilledByO.E.M.: dmi.product.family: To be filled by O.E.M. dmi.product.name: To be filled by O.E.M. dmi.product.sku: To be filled by O.E.M. dmi.product.version: To be filled by O.E.M. dmi.sys.vendor: Gigabyte Technology Co., Ltd. version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.101-2 version.libgl1-mesa-dri: libgl1-mesa-dri 20.0.8-0ubuntu1~20.04.1 version.libgl1-mesa-glx: libgl1-mesa-glx 20.0.8-0ubuntu1~20.04.1 version.nvidia-graphics-drivers: nvidia-graphics-drivers-* N/A version.xserver-xorg-core: xserver-xorg-core 2:1.20.8-2ubuntu2.1 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20200226-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.16-1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1886869/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1871794] Re: [Bluetooth] No audio output/input in HSP/HFP mode
@Fmstrat, In your case, It looks like the driver for BT module on AX200 or the firmware intel/ibt-20-1-3.sfi has some problem, could yo please submit this bug to upstream -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1871794 Title: [Bluetooth] No audio output/input in HSP/HFP mode Status in pulseaudio package in Ubuntu: Confirmed Bug description: I'm testing with Sony bluetooth headset SBH20, works fine in A2DP profile, but I can't get audio input and output work in HSP/HFP profile. [Reproduce steps] 1. Scan and pair BT headset in Bluetooth setting 2. Switch to HSP/HFP profile in Sound setting 3. Test sound output/input [Machine information] ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: pulseaudio 1:13.99.1-1ubuntu1 ProcVersionSignature: Ubuntu 5.4.0-21.25-generic 5.4.27 Uname: Linux 5.4.0-21-generic x86_64 ApportVersion: 2.20.11-0ubuntu25 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: ubuntu 1359 F pulseaudio CurrentDesktop: ubuntu:GNOME Date: Thu Apr 9 16:26:52 2020 InstallationDate: Installed on 2020-04-09 (0 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Beta amd64 (20200402) SourcePackage: pulseaudio Symptom: audio Symptom_Card: SBH20 Symptom_DevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: ubuntu 1359 F pulseaudio Symptom_Type: No sound at all Title: [SBH20, recording] No sound at all UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/17/2019 dmi.bios.vendor: Dell Inc. dmi.bios.version: 1.0.13 dmi.board.name: 0188D1 dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 31 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvr1.0.13:bd09/17/2019:svnDellInc.:pnXPS1373902-in-1:pvr:rvnDellInc.:rn0188D1:rvrA00:cvnDellInc.:ct31:cvr: dmi.product.family: XPS dmi.product.name: XPS 13 7390 2-in-1 dmi.product.sku: 08B0 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1871794/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1659719] Re: ssh can't call a binary from a snap without the full path
I've filed https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964580 about the pam ordering issue. ** Bug watch added: Debian Bug tracker #964580 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=964580 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/1659719 Title: ssh can't call a binary from a snap without the full path Status in Snappy: Fix Committed Status in livecd-rootfs package in Ubuntu: Fix Released Status in openssh package in Ubuntu: Confirmed Status in pam package in Ubuntu: In Progress Status in snapd package in Ubuntu: Confirmed Status in livecd-rootfs source package in Groovy: Fix Released Status in openssh source package in Groovy: Confirmed Status in pam source package in Groovy: In Progress Status in snapd source package in Groovy: Confirmed Bug description: ssh can't call a binary from a snap, it will only work using the full path. Let's say I have the hello snap installed in 192.168.122.24. Then: elopio@ubuntu-xenial:~/mosh$ ssh 192.168.122.24 hello elopio@192.168.122.24's password: bash: hello: command not found elopio@ubuntu-xenial:~/mosh$ ssh 192.168.122.24 /snap/bin/hello elopio@192.168.122.24's password: Hello, world! To manage notifications about this bug go to: https://bugs.launchpad.net/snappy/+bug/1659719/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1659719] Re: ssh can't call a binary from a snap without the full path
Here's a better patch that I've tested this time. I dropped the code around adding /usr/local/games to PATH as that was in trusty. ** Changed in: pam (Ubuntu Groovy) Status: Confirmed => In Progress ** Patch added: "pam_1.3.1-5ubuntu4_1.3.1-5ubuntu5.patch" https://bugs.launchpad.net/snappy/+bug/1659719/+attachment/5390897/+files/pam_1.3.1-5ubuntu4_1.3.1-5ubuntu5.patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/1659719 Title: ssh can't call a binary from a snap without the full path Status in Snappy: Fix Committed Status in livecd-rootfs package in Ubuntu: Fix Released Status in openssh package in Ubuntu: Confirmed Status in pam package in Ubuntu: In Progress Status in snapd package in Ubuntu: Confirmed Status in livecd-rootfs source package in Groovy: Fix Released Status in openssh source package in Groovy: Confirmed Status in pam source package in Groovy: In Progress Status in snapd source package in Groovy: Confirmed Bug description: ssh can't call a binary from a snap, it will only work using the full path. Let's say I have the hello snap installed in 192.168.122.24. Then: elopio@ubuntu-xenial:~/mosh$ ssh 192.168.122.24 hello elopio@192.168.122.24's password: bash: hello: command not found elopio@ubuntu-xenial:~/mosh$ ssh 192.168.122.24 /snap/bin/hello elopio@192.168.122.24's password: Hello, world! To manage notifications about this bug go to: https://bugs.launchpad.net/snappy/+bug/1659719/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1871794] Re: [Bluetooth] No audio output/input in HSP/HFP mode
I should also note, if it helps, that when this BT device is installed on the system, using the hotkeys to adjust volume on my keyboard no longer works. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1871794 Title: [Bluetooth] No audio output/input in HSP/HFP mode Status in pulseaudio package in Ubuntu: Confirmed Bug description: I'm testing with Sony bluetooth headset SBH20, works fine in A2DP profile, but I can't get audio input and output work in HSP/HFP profile. [Reproduce steps] 1. Scan and pair BT headset in Bluetooth setting 2. Switch to HSP/HFP profile in Sound setting 3. Test sound output/input [Machine information] ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: pulseaudio 1:13.99.1-1ubuntu1 ProcVersionSignature: Ubuntu 5.4.0-21.25-generic 5.4.27 Uname: Linux 5.4.0-21-generic x86_64 ApportVersion: 2.20.11-0ubuntu25 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: ubuntu 1359 F pulseaudio CurrentDesktop: ubuntu:GNOME Date: Thu Apr 9 16:26:52 2020 InstallationDate: Installed on 2020-04-09 (0 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Beta amd64 (20200402) SourcePackage: pulseaudio Symptom: audio Symptom_Card: SBH20 Symptom_DevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: ubuntu 1359 F pulseaudio Symptom_Type: No sound at all Title: [SBH20, recording] No sound at all UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 09/17/2019 dmi.bios.vendor: Dell Inc. dmi.bios.version: 1.0.13 dmi.board.name: 0188D1 dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 31 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvr1.0.13:bd09/17/2019:svnDellInc.:pnXPS1373902-in-1:pvr:rvnDellInc.:rn0188D1:rvrA00:cvnDellInc.:ct31:cvr: dmi.product.family: XPS dmi.product.name: XPS 13 7390 2-in-1 dmi.product.sku: 08B0 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/1871794/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1871794] Re: [Bluetooth] No audio output/input in HSP/HFP mode
I am getting the same issue with a new device. Everything works fine on one BT USB, but the intel one fails. It is a PCIe card with Intel AX200 Wifi+BT, with BT being passed through a USB header. First boot with new card (dmesg): ``` [ 20.708957] Bluetooth: Core ver 2.22 [ 20.708971] Bluetooth: HCI device and connection manager initialized [ 20.708974] Bluetooth: HCI socket layer initialized [ 20.708975] Bluetooth: L2CAP socket layer initialized [ 20.708978] Bluetooth: SCO socket layer initialized [ 20.718527] usbcore: registered new interface driver btusb [ 20.719034] Bluetooth: hci0: Bootloader revision 0.3 build 0 week 24 2017 [ 20.720327] Bluetooth: hci0: Device revision is 1 [ 20.720328] Bluetooth: hci0: Secure boot is enabled [ 20.720329] Bluetooth: hci0: OTP lock is enabled [ 20.720329] Bluetooth: hci0: API lock is enabled [ 20.720330] Bluetooth: hci0: Debug lock is disabled [ 20.720331] Bluetooth: hci0: Minimum firmware build 1 week 10 2014 [ 20.725091] Bluetooth: hci0: Found device firmware: intel/ibt-20-1-3.sfi [ 21.839173] Bluetooth: BNEP (Ethernet Emulation) ver 1.3 [ 21.839174] Bluetooth: BNEP filters: protocol multicast [ 21.839176] Bluetooth: BNEP socket layer initialized [ 22.274234] Bluetooth: hci0: Waiting for firmware download to complete [ 22.275022] Bluetooth: hci0: Firmware loaded in 1519998 usecs [ 22.275058] Bluetooth: hci0: Waiting for device to boot [ 22.289027] Bluetooth: hci0: Device booted in 13657 usecs [ 22.289187] Bluetooth: hci0: Found Intel DDC parameters: intel/ibt-20-1-3.ddc [ 22.290032] Bluetooth: hci0: Failed to send Intel_Write_DDC (-22) [ 35.565521] Bluetooth: RFCOMM TTY layer initialized [ 35.565525] Bluetooth: RFCOMM socket layer initialized [ 35.565527] Bluetooth: RFCOMM ver 1.11 ``` Next boot: ``` [ 19.608303] Bluetooth: Core ver 2.22 [ 19.608315] Bluetooth: HCI device and connection manager initialized [ 19.608318] Bluetooth: HCI socket layer initialized [ 19.608319] Bluetooth: L2CAP socket layer initialized [ 19.608321] Bluetooth: SCO socket layer initialized [ 19.616842] usbcore: registered new interface driver btusb [ 19.617945] Bluetooth: hci0: Firmware revision 0.0 build 128 week 11 2020 [ 20.872710] Bluetooth: BNEP (Ethernet Emulation) ver 1.3 [ 20.872711] Bluetooth: BNEP filters: protocol multicast [ 20.872714] Bluetooth: BNEP socket layer initialized [ 34.561042] Bluetooth: RFCOMM TTY layer initialized [ 34.561048] Bluetooth: RFCOMM socket layer initialized [ 34.561050] Bluetooth: RFCOMM ver 1.11 ``` `lsusb -v`: ``` Bus 003 Device 003: ID 8087:0029 Intel Corp. Device Descriptor: bLength18 bDescriptorType 1 bcdUSB 2.01 bDeviceClass 224 Wireless bDeviceSubClass 1 Radio Frequency bDeviceProtocol 1 Bluetooth bMaxPacketSize064 idVendor 0x8087 Intel Corp. idProduct 0x0029 bcdDevice0.01 iManufacturer 0 iProduct0 iSerial 0 bNumConfigurations 1 Configuration Descriptor: bLength 9 bDescriptorType 2 wTotalLength 0x00c8 bNumInterfaces 2 bConfigurationValue 1 iConfiguration 0 bmAttributes 0xe0 Self Powered Remote Wakeup MaxPower 100mA Interface Descriptor: bLength 9 bDescriptorType 4 bInterfaceNumber0 bAlternateSetting 0 bNumEndpoints 3 bInterfaceClass 224 Wireless bInterfaceSubClass 1 Radio Frequency bInterfaceProtocol 1 Bluetooth iInterface 0 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x81 EP 1 IN bmAttributes3 Transfer TypeInterrupt Synch Type None Usage Type Data wMaxPacketSize 0x0040 1x 64 bytes bInterval 1 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x02 EP 2 OUT bmAttributes2 Transfer TypeBulk Synch Type None Usage Type Data wMaxPacketSize 0x0040 1x 64 bytes bInterval 1 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x82 EP 2 IN bmAttributes2 Transfer TypeBulk Synch Type None Usage Type Data wMaxPacketSize 0x0040 1x 64 bytes bInterval 1 Interface Descriptor: bLength 9 bDescriptorType 4
[Touch-packages] [Bug 1869116] Re: smartctl-validate is borked in a recent release
I was able to reproduce this bug by emulating an IDE in QEMU device and
running the smartctl-validate test. I have filed an upstream bug as
well.
https://github.com/karelzak/util-linux/issues/1098
** Bug watch added: github.com/karelzak/util-linux/issues #1098
https://github.com/karelzak/util-linux/issues/1098
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/1869116
Title:
smartctl-validate is borked in a recent release
Status in lxd:
Fix Released
Status in MAAS:
Triaged
Status in MAAS 2.8 series:
New
Status in util-linux package in Ubuntu:
Confirmed
Bug description:
Bug (maybe?) details first, diatribe second.
Bug Summary: multi-hdd / raid with multiple drives / multiple devices
or something along those lines cannot be commissioned anymore: 2.4.x
worked fine, 2.7.0 does not.
Here is the script output of smartctl-validate:
-
# /dev/sda (Model: PERC 6/i, Serial: 6842b2b0740e9900260e66c9220df4ac)
Unable to run 'smartctl-validate': Storage device 'PERC 6/i' with serial
'6842b2b0740e9900260e66c9220df4ac' not found!
This indicates the storage device has been removed or the OS is unable to
find it due to a hardware failure. Please re-commission this node to
re-discover the storage devices, or delete this device manually.
Given parameters:
{'storage': {'argument_format': '{path
}', 'type': 'storage', 'value': {'id_path':
'/dev/disk/by-id/wwn-0x6842b2b0740e9900260e66c9220df4ac', 'model': 'PERC 6/i',
'name': 'sda', 'physical_blockdevice_id': 33, 'serial':
'6842b2b0740e9900260e66c9220df4ac'
}
}
}
Discovered storage devices: [
{'NAME': 'sda', 'MODEL': 'PERC_6/i', 'SERIAL':
'6842b2b0740e9900260e66c9220df4ac'
},
{'NAME': 'sdb', 'MODEL': 'PERC_6/i', 'SERIAL':
'6842b2b0740e9900260e66f924ecece0'
},
{'NAME': 'sr0', 'MODEL': 'TEAC_DVD-ROM_DV-28SW', 'SERIAL':
'10092013112645'
}
]
Discovered interfaces: {'xx: xx: xx: xx: xx: xx': 'eno1'
}
-
-
# /dev/sdb (Model: PERC 6/i, Serial: 6842b2b0740e9900260e66f924ecece0)
Unable to run 'smartctl-validate': Storage device 'PERC 6/i' with serial
'6842b2b0740e9900260e66f924ecece0' not found!
This indicates the storage device has been removed or the OS is unable to
find it due to a hardware failure. Please re-commission this node to
re-discover the storage devices, or delete this device manually.
Given parameters: {'storage': {'argument_format': '{path
}', 'type': 'storage', 'value': {'id_path':
'/dev/disk/by-id/wwn-0x6842b2b0740e9900260e66f924ecece0', 'model': 'PERC 6/i',
'name': 'sdb', 'physical_blockdevice_id': 34, 'serial':
'6842b2b0740e9900260e66f924ecece0'
}
}
}
Discovered storage devices: [
{'NAME': 'sda', 'MODEL': 'PERC_6/i', 'SERIAL':
'6842b2b0740e9900260e66c9220df4ac'
},
{'NAME': 'sdb', 'MODEL': 'PERC_6/i', 'SERIAL':
'6842b2b0740e9900260e66f924ecece0'
},
{'NAME': 'sr0', 'MODEL': 'TEAC_DVD-ROM_DV-28SW', 'SERIAL':
'10092013112645'
}
]
Discovered interfaces: {'xx: xx: xx: xx: xx: xx': 'eno1'
}
-
You can see that it says the storage cannot be found and immediately
lists it as a discovered device. It does it for both tests (one for
each drive), and for both servers
Bug Details:
I had maas 2.4.x for the longest time over my journey (see below journey) and
have never had any problems re-commissioning (or deleting and re-discovering
over boot PXE) 2 of my servers (r610, r710).
r610 has an iPERC 6, four 10K X00GB drives configured in a RAID10, 1 virtual
disk.
r710 has an iPERC 6, 6x 2TB drives, configured in a RAID10, 2 virtual disks
So commission after commission trying to get through my journey, 0
problems. After I finally get everything figured out on the juju,
network/vlan, quad-nic end, I go to re-commission and I cannot.
smartctl-validate fails on both, over and over again. I even destroyed
and re-created the raid/VDs, still not.
After spending so much time on it I remembered that it was the first
time I had tried to re-commission these two servers since doing an
upgrade from 2.4.x->2.7 in an effort to use the updated KVM
integration to add a couple more guests. Once I got all everything
figured out I went to re-commission everything and boom.
[Upgrade path notes]
In full disclosure, in case this matters. I was on apt install of 2.4.x and
using snap for 2.7, except it didn't work. So I read on how to do apt 2.7 and
did that and did not uninstall snap 2.7 yet. I wanted to migrate from apt to
snap but do not know how to without losing all maas data and could not find
docs on it, so a problem for another day. But in case that is part of the
problem for some odd reason, I wanted to share.
[Diatribe]
My journey to get maas+juju+openstack+kubernets has been less then
[Touch-packages] [Bug 1880768] Re: usermod/userdel errantly believe user has running processes
Should I push this upstream to debian? Nobody seems interested in this. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/1880768 Title: usermod/userdel errantly believe user has running processes Status in shadow package in Ubuntu: New Bug description: I have found an occasional inability to remove or modify users due to incorrect matching of process owners, e.g. # id -u bdobbs 1047 # usermod -u 1573552 bdobbs usermod: user bdobbs is currently used by process 6337 # cat /proc/6337/status | grep Uid Uid: 3000400 3000400 3000400 3000400 In `libmisc/user_busy.c` a check is performed for processes owned by a user which is being modified. Searching subordinate user IDs causes errant matches. This has been fixed upstream, and is included in passwd-4.8 and the issue does not appear to exist in groovy. https://github.com/shadow- maint/shadow/commit/fd4405b763d26649339069532e79bd45013c8c38 I believe this fix should be backported to xenial and bionic. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: passwd 1:4.2-3.1ubuntu5.4 ProcVersionSignature: Ubuntu 4.4.0-1107.118-aws 4.4.219 Uname: Linux 4.4.0-1107-aws x86_64 ApportVersion: 2.20.1-0ubuntu2.23 Architecture: amd64 Date: Tue May 26 22:18:00 2020 Ec2AMI: ami-4e79ed36 Ec2AMIManifest: (unknown) Ec2AvailabilityZone: us-west-2a Ec2InstanceType: t3.medium Ec2Kernel: unavailable Ec2Ramdisk: unavailable ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/zsh SourcePackage: shadow UpgradeStatus: No upgrade log present (probably fresh install) modified.conffile..etc.cron.daily.passwd: [deleted] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1880768/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886869] [NEW] Double dock after screen lock.
Public bug reported: After locking my screen and unlocking, i see a double dock. The first one have the trash can icon and the main one doesn't. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: xorg 1:7.7+19ubuntu14 ProcVersionSignature: Ubuntu 5.4.0-40.44-generic 5.4.44 Uname: Linux 5.4.0-40-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia .proc.driver.nvidia.gpus..02.00.0: Error: [Errno 21] Es un directorio: '/proc/driver/nvidia/gpus/:02:00.0' .proc.driver.nvidia.registry: Binary: "" .proc.driver.nvidia.suspend: suspend hibernate resume .proc.driver.nvidia.suspend_depth: default modeset uvm .proc.driver.nvidia.version: NVRM version: NVIDIA UNIX x86_64 Kernel Module 440.100 Fri May 29 08:45:51 UTC 2020 GCC version: gcc version 9.3.0 (Ubuntu 9.3.0-10ubuntu2) ApportVersion: 2.20.11-0ubuntu27.3 Architecture: amd64 BootLog: Error: [Errno 13] Permiso denegado: '/var/log/boot.log' CasperMD5CheckResult: skip CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Wed Jul 8 15:27:41 2020 DistUpgraded: 2020-04-24 12:10:19,615 ERROR got error from PostInstallScript ./xorg_fix_proprietary.py (g-exec-error-quark: Falló al ejecutar el proceso hijo «./xorg_fix_proprietary.py» (No existe el archivo o el directorio) (8)) DistroCodename: focal DistroVariant: ubuntu DkmsStatus: nvidia, 440.100, 5.4.0-39-generic, x86_64: installed nvidia, 440.100, 5.4.0-40-generic, x86_64: installed ExtraDebuggingInterest: Yes GraphicsCard: Advanced Micro Devices, Inc. [AMD/ATI] Wani [Radeon R5/R6/R7 Graphics] [1002:9874] (rev e6) (prog-if 00 [VGA controller]) Subsystem: Gigabyte Technology Co., Ltd Radeon R7 Graphics [1458:d000] NVIDIA Corporation GK208B [GeForce GT 710] [10de:128b] (rev a1) (prog-if 00 [VGA controller]) Subsystem: Gigabyte Technology Co., Ltd GK208B [GeForce GT 710] [1458:375a] InstallationDate: Installed on 2020-04-04 (94 days ago) InstallationMedia: Ubuntu 18.04.2 LTS "Bionic Beaver" - Release amd64 (20190210) MachineType: Gigabyte Technology Co., Ltd. To be filled by O.E.M. ProcEnviron: LANGUAGE=es_MX:es PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=es_MX.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.4.0-40-generic root=UUID=acb80b2e-decc-41c3-b1b0-daa06a3b7465 ro quiet splash vt.handoff=7 SourcePackage: xorg Symptom: display UpgradeStatus: Upgraded to focal on 2020-04-24 (75 days ago) dmi.bios.date: 10/09/2018 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: FD dmi.board.asset.tag: To be filled by O.E.M. dmi.board.name: F2A68HM-H dmi.board.vendor: Gigabyte Technology Co., Ltd. dmi.board.version: x.x dmi.chassis.asset.tag: To Be Filled By O.E.M. dmi.chassis.type: 3 dmi.chassis.vendor: Gigabyte Technology Co., Ltd. dmi.chassis.version: To Be Filled By O.E.M. dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrFD:bd10/09/2018:svnGigabyteTechnologyCo.,Ltd.:pnTobefilledbyO.E.M.:pvrTobefilledbyO.E.M.:rvnGigabyteTechnologyCo.,Ltd.:rnF2A68HM-H:rvrx.x:cvnGigabyteTechnologyCo.,Ltd.:ct3:cvrToBeFilledByO.E.M.: dmi.product.family: To be filled by O.E.M. dmi.product.name: To be filled by O.E.M. dmi.product.sku: To be filled by O.E.M. dmi.product.version: To be filled by O.E.M. dmi.sys.vendor: Gigabyte Technology Co., Ltd. version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.101-2 version.libgl1-mesa-dri: libgl1-mesa-dri 20.0.8-0ubuntu1~20.04.1 version.libgl1-mesa-glx: libgl1-mesa-glx 20.0.8-0ubuntu1~20.04.1 version.nvidia-graphics-drivers: nvidia-graphics-drivers-* N/A version.xserver-xorg-core: xserver-xorg-core 2:1.20.8-2ubuntu2.1 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20200226-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.16-1 ** Affects: xorg (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug focal ubuntu -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1886869 Title: Double dock after screen lock. Status in xorg package in Ubuntu: New Bug description: After locking my screen and unlocking, i see a double dock. The first one have the trash can icon and the main one doesn't. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: xorg 1:7.7+19ubuntu14 ProcVersionSignature: Ubuntu 5.4.0-40.44-generic 5.4.44 Uname: Linux 5.4.0-40-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia .proc.driver.nvidia.gpus..02.00.0: Error: [Errno 21] Es un directorio: '/proc/driver/nvidia/gpus/:02:00.0' .proc.driver.nvidia.registry: Binary: "" .proc.driver.nvidia.suspend: suspend hibernate resume .proc.driver.nvidia.suspend_depth: default modeset uvm .proc.driver.nvidia.version: NVRM
[Touch-packages] [Bug 1557157] Autopkgtest regression report (openldap/2.4.49+dfsg-2ubuntu1.3)
All autopkgtests for the newly accepted openldap (2.4.49+dfsg-2ubuntu1.3) for
focal have finished running.
The following regressions have been reported in tests triggered by the package:
cyrus-imapd/3.0.13-5 (armhf)
apache2/2.4.41-4ubuntu3 (armhf)
kopanocore/8.7.0-7ubuntu1 (armhf)
Please visit the excuses page listed below and investigate the failures,
proceeding afterwards as per the StableReleaseUpdates policy regarding
autopkgtest regressions [1].
https://people.canonical.com/~ubuntu-archive/proposed-
migration/focal/update_excuses.html#openldap
[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions
Thank you!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1557157
Title:
apparmor profile denied for saslauthd: /run/saslauthd/mux
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Trusty:
Won't Fix
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Eoan:
Fix Committed
Status in openldap source package in Focal:
Fix Committed
Status in openldap source package in Groovy:
Fix Released
Bug description:
[Impact]
When using openldap with sasl authentication, the slapd process will
communicate with the saslauthd daemon via a socket in
{,/var}/run/saslauthd/mux. Unfortunately, this will fail in every
Ubuntu release from trusty onwards, because slapd's apparmor profile
doesn't contain the necessary directive to allow it to read/write
from/to the socket specified above.
The fix is simple: just add the necessary directive to allow slapd to
read/write from/to the saslauthd socket.
[Test Case]
One can reproduce the problem by doing:
$ lxc launch ubuntu-daily:groovy openldap-bugbug1557157-groovy
$ lxc shell openldap-bugbug1557157-groovy
# apt install slapd sasl2-bin ldap-utils apparmor-utils
(As the domain name, use "example.com").
# sed -i -e 's/^START=.*/START=yes/' /etc/default/saslauthd
# cat > /etc/ldap/sasl2/slapd.conf << __EOF__
mech_list: PLAIN
pwcheck_method: saslauthd
__EOF__
# adduser openldap sasl
# aa-enforce /etc/apparmor.d/usr.sbin.slapd
# systemctl restart slapd.service
# systemctl restart saslauthd.service
# passwd root
(You can choose any password here. You will need to type it when
running the next command.)
# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root
-Y PLAIN
The command will fail with something like:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification
failed
[Regression Potential]
This is an extremely simple and well contained fix, so I don't
envision any possible regressions after applying it. It is important
noticing that, since the problem affects older Ubuntu releases, the
openldap package will have to be rebuilt against possible newer
versions of libraries and other depencencies, which, albeit unlikely,
may cause issues.
[Original Description]
When using slapd with saslauthd the processes communicate via the
{,/var}/run/saslauthd/mux socket (this is the default location for the
saslauthd server from the sasl2-bin package in the
/etc/default/saslauthd config), but the apparmor profile for
usr.sbin.slapd does not allow access to this socket/file.
Syslog message:
apparmor="DENIED" operation="connect" profile="/usr/sbin/slapd"
name="/run/saslauthd/mux" pid=1880
4 comm="slapd" requested_mask="r" denied_mask="r" fsuid=108 ouid=0
Please add the following line to /etc/apparmor.d/usr.sbin.slapd:
/{,var/}run/saslauthd/mux rw,
Ubuntu version: Ubuntu 14.04.4 LTS
slapd version: 2.4.31-1+nmu2ubu
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557157/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886128] Re: systemd-resolved does not resolve address due to udp payload size.
> dns.pcap Edit (14.5 KiB, application/vnd.tcpdump.pcap)
that's tcpdump output, not actually a pcap; to get an actual pcap use
the tcpdump -w parameter to write the packets to a file.
> Could you please advise how to increase UDP payload size for the local
stub resolver?
resolved adjusts levels automatically. looking at your dns packet
capture will be the easiest way to tell what the problem is.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1886128
Title:
systemd-resolved does not resolve address due to udp payload size.
Status in systemd package in Ubuntu:
Incomplete
Bug description:
Description: Ubuntu 18.04.4 LTS
Release: 18.04
systemd-resolve --version
systemd 237
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP
+GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN
-PCRE2 default-hierarchy=hybrid
We met an error: on an attempt to resolve address, the following issue
appears:
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>>
mharder-formrec.cognitiveservices.azure.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 44096
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;mharder-formrec.cognitiveservices.azure.com. IN A
;; Query time: 231 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Tue Apr 28 20:47:14 UTC 2020
;; MSG SIZE rcvd: 72
Let me provide you important notes about the issue:
1) It's not reproducing on Ubuntu 16;
2) Bypassing systemd-resolve - everything works fine;
3) Only the difference between systemd-resolve and END is UDP_PAYLOAD_SIZE
Successful query:
113516:27:25.964386 10.1.0.4168.63.129.16 DNS 128
Standard query 0xc2d4 A mharder-formrec.cognitiveservices.azure.com
OPT
Domain Name System (query)
Transaction ID: 0xc2d4
Flags: 0x0120 Standard query
0... = Response: Message is a query
.000 0... = Opcode: Standard query (0)
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
.0.. = Z: reserved (0)
..1. = AD bit: Set
...0 = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
mharder-formrec.cognitiveservices.azure.com: type A, class IN
Additional records
: type OPT
Name:
Type: OPT (41)
UDP payload size: 4096
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x
0... = DO bit: Cannot handle DNSSEC security
RRs
.000 = Reserved: 0x
Data length: 12
Option: COOKIE
Unsuccessful query:
112816:27:25.713886 10.1.0.4168.63.129.16 DNS 116
Standard query 0x198d A mharder-formrec.cognitiveservices.azure.com
OPT
Domain Name System (query)
Transaction ID: 0x198d
Flags: 0x0100 Standard query
0... = Response: Message is a query
.000 0... = Opcode: Standard query (0)
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
.0.. = Z: reserved (0)
...0 = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
mharder-formrec.cognitiveservices.azure.com: type A, class IN
Additional records
: type OPT
Name:
Type: OPT (41)
UDP payload size: 512
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x
0... = DO bit: Cannot handle DNSSEC security
RRs
.000 = Reserved: 0x
Data length: 0
Notable difference:
Success:
UDP payload size: 4096
Failure:
UDP payload size: 512
And notable differences in the responses:
Success:
Flags: 0x8180 Standard query response, No error
..0. = Truncated: Message is not truncated
Failure:
Flags: 0x8380 Standard query response, No error
..1. = Truncated: Message is truncated
Interestingly, systemd-resolved is setting the maximum payload size to 512
regardless of whether EDNS0 is configured and regardless of what is sent to it
for the payload size.
I tried
[Touch-packages] [Bug 1885914] Re: Drop obsolete Unicode patch
I verified the test case using version 1.5.22-2ubuntu2.1 of the ibus packages from focal-proposed. Also confirmed that Ctrl+Shift+u works as expected when the unicode- hotkey dconf value is set to default. ** Tags removed: verification-needed verification-needed-focal ** Tags added: verification-done verification-done-focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ibus in Ubuntu. https://bugs.launchpad.net/bugs/1885914 Title: Drop obsolete Unicode patch Status in ibus package in Ubuntu: Fix Released Status in ibus source package in Focal: Fix Committed Bug description: [Impact] The Ubuntu 20.04 IBus version includes a patch, which was necessary in 18.04 to make the Ctrl+Shift+u shortcut work, but which has become obsolete later. Currently it prevents users from replacing Ctrl+Shift+u with some other shortcut to avoid conflicts with other applications. See also: * Bug #1885749 * https://github.com/ibus/ibus/issues/2163 In the proposed upload that patch has been dropped. [Test Case] 1. Launch ibus-setup and navigate to the Emoji tab. 2. Change the Unicode code point shortcut to something else. 3. Find that the original shortcut is still effective. 4. Install the ibus packages from focal-proposed. 5. Repeat 1. and 2. 6. Find that the new shortcut works while the original shortcut no longer works. [Regression Potential] Important to confirm that the default Ctrl+Shift+u shortcut works as intended without the patch. Otherwise the regression risk should be low. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ibus/+bug/1885914/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886128] Re: systemd-resolved does not resolve address due to udp payload size.
Thank you for the detailed explanation.
Let me clarify some things here:
1) In the initial reply, I provided two types of reponses:
- A successful one, that goes right through EDNS0 with UDP payload size 4096
- An unsuccessful one, that goes through the local stub resolver, but with udp
payload size 512. I believe that successful example confirms that EDNS supports
larger UDP payload size. Is it correct?
Could you please advise how to increase UDP payload size for the local
stub resolver?
2) I have gathered data using tcpdump, I hope it sheds some light on
this.
** Attachment added: "dns.pcap"
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1886128/+attachment/5390841/+files/dns.pcap
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1886128
Title:
systemd-resolved does not resolve address due to udp payload size.
Status in systemd package in Ubuntu:
Incomplete
Bug description:
Description: Ubuntu 18.04.4 LTS
Release: 18.04
systemd-resolve --version
systemd 237
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP
+GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN
-PCRE2 default-hierarchy=hybrid
We met an error: on an attempt to resolve address, the following issue
appears:
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>>
mharder-formrec.cognitiveservices.azure.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 44096
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;mharder-formrec.cognitiveservices.azure.com. IN A
;; Query time: 231 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Tue Apr 28 20:47:14 UTC 2020
;; MSG SIZE rcvd: 72
Let me provide you important notes about the issue:
1) It's not reproducing on Ubuntu 16;
2) Bypassing systemd-resolve - everything works fine;
3) Only the difference between systemd-resolve and END is UDP_PAYLOAD_SIZE
Successful query:
113516:27:25.964386 10.1.0.4168.63.129.16 DNS 128
Standard query 0xc2d4 A mharder-formrec.cognitiveservices.azure.com
OPT
Domain Name System (query)
Transaction ID: 0xc2d4
Flags: 0x0120 Standard query
0... = Response: Message is a query
.000 0... = Opcode: Standard query (0)
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
.0.. = Z: reserved (0)
..1. = AD bit: Set
...0 = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
mharder-formrec.cognitiveservices.azure.com: type A, class IN
Additional records
: type OPT
Name:
Type: OPT (41)
UDP payload size: 4096
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x
0... = DO bit: Cannot handle DNSSEC security
RRs
.000 = Reserved: 0x
Data length: 12
Option: COOKIE
Unsuccessful query:
112816:27:25.713886 10.1.0.4168.63.129.16 DNS 116
Standard query 0x198d A mharder-formrec.cognitiveservices.azure.com
OPT
Domain Name System (query)
Transaction ID: 0x198d
Flags: 0x0100 Standard query
0... = Response: Message is a query
.000 0... = Opcode: Standard query (0)
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
.0.. = Z: reserved (0)
...0 = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
mharder-formrec.cognitiveservices.azure.com: type A, class IN
Additional records
: type OPT
Name:
Type: OPT (41)
UDP payload size: 512
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x
0... = DO bit: Cannot handle DNSSEC security
RRs
.000 = Reserved: 0x
Data length: 0
Notable difference:
Success:
UDP payload size: 4096
Failure:
UDP payload size: 512
And notable differences in the responses:
Success:
Flags: 0x8180 Standard query response, No error
..0. = Truncated: Message is not truncated
[Touch-packages] [Bug 1881972] Re: systemd-networkd crashes with invalid pointer
thanks! i'd missed a patch in backporting for another bug.
a new version is building now in the same ppa, could you test with it
once it's built? Specifically, version
237-3ubuntu10.42~202007081907~ubuntu18.04.1 (or later)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1881972
Title:
systemd-networkd crashes with invalid pointer
Status in systemd package in Ubuntu:
Fix Released
Status in systemd source package in Bionic:
In Progress
Bug description:
[impact]
systemd-networkd double-free causes crash under some circumstances,
such as adding/removing ip rules
[test case]
see original description
[regression potential]
this strdup's strings during addition of routing policy rules, so any
regression would likely occur when adding/modifying/removing ip rules,
possibly including networkd segfault or failure to add/remove/modify
ip rules.
[scope]
this is needed for bionic.
this is fixed by upstream commit
eeab051b28ba6e1b4a56d369d4c6bf7cfa71947c which is included starting in
v240, so this is already included in Focal and later.
I did not research what original commit introduced the problem, but
the reporter indicates this did not happen for Xenial so it's unlikely
this is a problem in Xenial or earlier.
[original description]
This is a serious regression with systemd-networkd that I ran in to
while setting up a NAT router in AWS. The AWS AMI ubuntu/images/hvm-
ssd/ubuntu-bionic-18.04-amd64-server-20200131 with
systemd-237-3ubuntu10.33 does NOT have the problem, but the next most
recent AWS AMI ubuntu/images/hvm-ssd/ubuntu-
bionic-18.04-amd64-server-20200311 with systemd-including
237-3ubuntu10.39 does.
Also, a system booted from the (good) 20200131 AMI starts showing the
problem after updating only systemd (to 237-3ubuntu10.41) and its
direct dependencies (e.g. 'apt-get install systemd'). So I'm fairly
confident that a change to the systemd package between
237-3ubuntu10.33 and 237-3ubuntu10.39 introduced the problem and it is
still present.
On the NAT router I use three interfaces and have separate routing
tables for admin and forwarded traffic. Things come up fine initially
but every 30-60 minutes (DHCP lease renewal time?) one or more
interfaces is reconfigured and most of the time systemd-networkd will
crash and need to be restarted. Eventually the system becomes
unreachable when the default crash loop backoff logic prevents the
network service from being restarted at all. The log excerpt attached
illustrates the crash loop.
Also including the netplan and networkd config files below.
# grep . /etc/netplan/*
/etc/netplan/50-cloud-init.yaml:# This file is generated from information
provided by the datasource. Changes
/etc/netplan/50-cloud-init.yaml:# to it will not persist across an instance
reboot. To disable cloud-init's
/etc/netplan/50-cloud-init.yaml:# network configuration capabilities, write a
file
/etc/netplan/50-cloud-init.yaml:#
/etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
/etc/netplan/50-cloud-init.yaml:# network: {config: disabled}
/etc/netplan/50-cloud-init.yaml:network:
/etc/netplan/50-cloud-init.yaml:version: 2
/etc/netplan/50-cloud-init.yaml:ethernets:
/etc/netplan/50-cloud-init.yaml:ens5:
/etc/netplan/50-cloud-init.yaml:dhcp4: true
/etc/netplan/50-cloud-init.yaml:match:
/etc/netplan/50-cloud-init.yaml:macaddress: xx:xx:xx:xx:xx:xx
/etc/netplan/50-cloud-init.yaml:set-name: ens5
/etc/netplan/99_config.yaml:network:
/etc/netplan/99_config.yaml: version: 2
/etc/netplan/99_config.yaml: renderer: networkd
/etc/netplan/99_config.yaml: ethernets:
/etc/netplan/99_config.yaml:ens6:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml:macaddress: yy:yy:yy:yy:yy:yy
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml:use-routes: false
/etc/netplan/99_config.yaml:ens7:
/etc/netplan/99_config.yaml: match:
/etc/netplan/99_config.yaml:macaddress: zz:zz:zz:zz:zz:zz
/etc/netplan/99_config.yaml: mtu: 1500
/etc/netplan/99_config.yaml: dhcp4: true
/etc/netplan/99_config.yaml: dhcp4-overrides:
/etc/netplan/99_config.yaml:use-mtu: false
/etc/netplan/99_config.yaml:use-routes: false
# grep . /etc/networkd-dispatcher/*/*
/etc/networkd-dispatcher/configured.d/nat:#!/bin/bash
/etc/networkd-dispatcher/configured.d/nat:# Do additional configuration for
the inside and outside interfaces
/etc/networkd-dispatcher/configured.d/nat:# route table used for
forwarded/routed/natted traffic
/etc/networkd-dispatcher/configured.d/nat:FWD_TABLE=99
[Touch-packages] [Bug 1886854] Re: Race in load-module snap policy check in classic confinement
** Changed in: pulseaudio (Ubuntu) Assignee: (unassigned) => James Henstridge (jamesh) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1886854 Title: Race in load-module snap policy check in classic confinement Status in pulseaudio package in Ubuntu: New Bug description: SUMMARY = When running a snap in classic confinement, that needs access to PA_COMMAND_LOAD_MODULE and PA_COMMAND_UNLOAD_MODULE. These sometimes succeed and sometimes fail with "Access denied". After running "pacmd unload-module module-snap-policy" and unloading the snap policy module, these work reliably. I have verified this in a fresh install of Ubuntu 20.04 in a VM. STEPS TO REPRODUCE = a) Either build a snap with classic confinement that sends these commands on the pulseaudio native protocol socket. (This is how I found the bug) b) Or, what I did here to easier reproduce, abuse the sandbox of a random classic snap: Download the attached bug.tgz with a minimal reproducer. It contains the source code for a program that sends load and unload commands to pulse. Unfortunately `pacmd` has a pid-file check that fails inside the sandbox and doesn't work. The reproducer does essentially the same as "pacmd load/unload-module" though. (a pre-compiled x64 binary is also included in case you don't have a go compiler and dare to run an untrusted binary in a VM) Unpack the tgz, build it, if necessary with "go mod download && go build" Grab a random classic mode snap to use its sandbox as a test bed: $ sudo snap install atom --classic atom 1.48.0 from Snapcrafters installed Open a shell in its sandbox: snap run --shell atom Navigate to the compiled binary and execute it a few times: user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:10 PulseAudio connection created successfully 2020/07/08 18:46:10 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:11 PulseAudio connection created successfully Loaded Module sucessfully at index: 40 user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:12 PulseAudio connection created successfully Loaded Module sucessfully at index: 41 user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:12 PulseAudio connection created successfully 2020/07/08 18:46:12 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:14 PulseAudio connection created successfully 2020/07/08 18:46:14 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:14 PulseAudio connection created successfully 2020/07/08 18:46:14 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:15 PulseAudio connection created successfully 2020/07/08 18:46:15 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied Succeeds and fails apparently at random. Now from a non-sandboxed shell, run pacmd unload-module module-snap-policy to unload the snap-policy module from pulseaudio, now run ./bug a few more times. It now succeeds reliably, every time. Side note, with the real program on my actual machine, the race seems to behave slightly differently. It seems not to work the first time an application is started, but closing it and reopening it seems to make it work pretty reliably afterwards. Restarting "snapd", causes the following run the snap to fail again. EXPECTED BEHAVIOUR == The pulseaudio snap policy module should correctly determine and enforce it's policy. ACTUAL BEHAVIOUR The pulseaudio snap policy module seemingly at random denies access when the snap has the permissions to do an operation. ADDITIONAL INFORMATION == $ lsb_release -rd Description: Ubuntu 20.04 LTS Release: 20.04 $ apt-cache policy pulseaudio pulseaudio: Installed: 1:13.99.1-1ubuntu3.3 Candidate: 1:13.99.1-1ubuntu3.3 Version table: *** 1:13.99.1-1ubuntu3.3 500 500 http://ch.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 1:13.99.1-1ubuntu3.2 500 500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages 1:13.99.1-1ubuntu3 500 500 http://ch.archive.ubuntu.com/ubuntu focal/main amd64 Packages To manage
[Touch-packages] [Bug 1886572] Re: Remove uptime from the motd-news user agent
This bug was fixed in the package base-files - 11ubuntu8 --- base-files (11ubuntu8) groovy; urgency=medium * motd/50-motd-news: don't include uptime in the user-agent string (LP: #1886572) -- Andreas Hasenack Mon, 06 Jul 2020 19:50:22 -0300 ** Changed in: base-files (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to base-files in Ubuntu. https://bugs.launchpad.net/bugs/1886572 Title: Remove uptime from the motd-news user agent Status in base-files package in Ubuntu: Fix Released Bug description: I don't why that was included but it shouldn't be. Please remove it. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/base-files/+bug/1886572/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1879980] Re: Fail to boot with LUKS on top of RAID1 if the array is broken/degraded
Debian merge request for the cryptsetup patch was just submitted: https://salsa.debian.org/cryptsetup-team/cryptsetup/-/merge_requests/18 Cheers, Guilherme -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1879980 Title: Fail to boot with LUKS on top of RAID1 if the array is broken/degraded Status in cryptsetup package in Ubuntu: Confirmed Status in initramfs-tools package in Ubuntu: Confirmed Status in mdadm package in Ubuntu: Confirmed Bug description: [Impact] * Considering a setup of a encrypted rootfs on top of md RAID1 device, Ubuntu is currently unable to decrypt the rootfs if the array gets degraded, like for example if one of the array members gets removed. * The problem has 2 main aspects: first, cryptsetup initramfs script attempts to decrypt the array only in the local-top boot stage, and in case it fails, it gives-up and show user a shell (boot is aborted). * Second, mdadm initramfs script that assembles degraded arrays executes later on boot, in the local-block stage. So, in a stacked setup of encrypted root on top of RAID, if the RAID is degraded, cryptsetup fails early in the boot, preventing mdadm to assemble the degraded array. [Proposed solution] * The solution hereby proposed has 3 components: first, cryptsetup script is modified to allow a gentle failure on local-top stage, then it retries for a while in a later stage (local-block). This gives time to other initramfs scripts to run, like mdadm in local-block stage. * Second, mdadm script was adjusted - currently, it retries for a while to assemble the arrays in a non-degraded mode, by waiting for udev to discover the missing devices. After some time, it gives-up and assembles all arrays as degraded. The adjust we made was only to reduce this number of attempts and fallback a bit faster to degraded array assembly. * Third, there's a difference in Ubuntu initramfs-tools compared to Debian's : in Ubuntu, we rely on wait-for-root, a binary meant to speed-up the boot process. Problem is that currently this approach prevents local-block scripts to run more than once (thus retrying mechanisms will fail). Our proposed solution changes initramfs-tools to allow some looping in local-block stage (as Debian), but still relying on wait-for-root. Also, we increased a bit the default rootdelay from 30 seconds to 60 seconds. [Test case] * Install Ubuntu in a Virtual Machine with 2 disks. Use the installer to create a RAID1 volume and an encrypted root on top of it. * Boot the VM, and use "sgdisk"/"wipefs" to erase the partition table from one of the RAID members. Reboot and it will fail to mount rootfs and continue boot process. [Regression potential] * There are potential for regressions, since this is a change in 3 boot components. The patches were designed in a way to keep the regular case working, it changes the failure case which is not currently working anyway. * A potential issue in the initramfs-tools change is a bad script in local-block, lacking a good "halt" mechanism, to induce a boot loop condition. This problem would be exposed by the hereby proposed modification. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cryptsetup/+bug/1879980/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557157] Re: apparmor profile denied for saslauthd: /run/saslauthd/mux
The asterisk DEP8 armhf test was retried and is now green.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1557157
Title:
apparmor profile denied for saslauthd: /run/saslauthd/mux
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Trusty:
Won't Fix
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Eoan:
Fix Committed
Status in openldap source package in Focal:
Fix Committed
Status in openldap source package in Groovy:
Fix Released
Bug description:
[Impact]
When using openldap with sasl authentication, the slapd process will
communicate with the saslauthd daemon via a socket in
{,/var}/run/saslauthd/mux. Unfortunately, this will fail in every
Ubuntu release from trusty onwards, because slapd's apparmor profile
doesn't contain the necessary directive to allow it to read/write
from/to the socket specified above.
The fix is simple: just add the necessary directive to allow slapd to
read/write from/to the saslauthd socket.
[Test Case]
One can reproduce the problem by doing:
$ lxc launch ubuntu-daily:groovy openldap-bugbug1557157-groovy
$ lxc shell openldap-bugbug1557157-groovy
# apt install slapd sasl2-bin ldap-utils apparmor-utils
(As the domain name, use "example.com").
# sed -i -e 's/^START=.*/START=yes/' /etc/default/saslauthd
# cat > /etc/ldap/sasl2/slapd.conf << __EOF__
mech_list: PLAIN
pwcheck_method: saslauthd
__EOF__
# adduser openldap sasl
# aa-enforce /etc/apparmor.d/usr.sbin.slapd
# systemctl restart slapd.service
# systemctl restart saslauthd.service
# passwd root
(You can choose any password here. You will need to type it when
running the next command.)
# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root
-Y PLAIN
The command will fail with something like:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification
failed
[Regression Potential]
This is an extremely simple and well contained fix, so I don't
envision any possible regressions after applying it. It is important
noticing that, since the problem affects older Ubuntu releases, the
openldap package will have to be rebuilt against possible newer
versions of libraries and other depencencies, which, albeit unlikely,
may cause issues.
[Original Description]
When using slapd with saslauthd the processes communicate via the
{,/var}/run/saslauthd/mux socket (this is the default location for the
saslauthd server from the sasl2-bin package in the
/etc/default/saslauthd config), but the apparmor profile for
usr.sbin.slapd does not allow access to this socket/file.
Syslog message:
apparmor="DENIED" operation="connect" profile="/usr/sbin/slapd"
name="/run/saslauthd/mux" pid=1880
4 comm="slapd" requested_mask="r" denied_mask="r" fsuid=108 ouid=0
Please add the following line to /etc/apparmor.d/usr.sbin.slapd:
/{,var/}run/saslauthd/mux rw,
Ubuntu version: Ubuntu 14.04.4 LTS
slapd version: 2.4.31-1+nmu2ubu
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557157/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1882636] Re: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1873777
Weird, unsure what's wrong but you should report the issue to the distribution you are using (PopOS) ** Changed in: glib-networking (Ubuntu) Status: Incomplete => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to glib-networking in Ubuntu. https://bugs.launchpad.net/bugs/1882636 Title: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1873777 Status in glib-networking package in Ubuntu: Invalid Bug description: OS: Pop!_OS 20.04 LTS x86_64 Host: XPS 13 9370 Kernel: 5.4.0-7634-generic Uptime: 2 hours, 50 mins Packages: 1817 (dpkg), 20 (snap) Shell: bash 5.0.16 Resolution: 1920x1080 DE: GNOME WM: Mutter WM Theme: Pop Theme: Pop-dark [GTK2/3] Icons: Pop [GTK2/3] Terminal: gnome-terminal CPU: Intel i5-8250U (8) @ 3.400GHz GPU: Intel UHD Graphics 620 Memory: 3322MiB / 15729MiB Summary(cont) - Attempt to input Google account info into online account util and get error--> TLS/SSL support not available; install glib-networking. https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1873777 Referenced this BUG REPORT ##Downloaded Deb build but I'm having an issue applying appropriate inputs in the provided documentation. Please help!## To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1882636/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1866303] Re: slapd crash with pwdAccountLockedTime and stacked overlays
Eoan verification
Reproducing the problem:
Version table:
*** 2.4.48+dfsg-1ubuntu1.1 500
500 http://br.archive.ubuntu.com/ubuntu eoan-updates/main amd64 Packages
500 http://br.archive.ubuntu.com/ubuntu eoan-security/main amd64
Packages
100 /var/lib/dpkg/status
ubuntu@eoan-openldap-crash-1866303:~/slapd-test-case$ sudo sh ./script
...
Closing DB...
slapd running
ldap_bind: Invalid credentials (49)
slapd dead
With the proposed packages:
Version table:
*** 2.4.48+dfsg-1ubuntu1.2 500
500 http://br.archive.ubuntu.com/ubuntu eoan-proposed/main amd64
Packages
100 /var/lib/dpkg/status
slapd remains running:
ubuntu@eoan-openldap-crash-1866303:~/slapd-test-case$ sudo sh ./script
...
Closing DB...
slapd running
ldap_bind: Invalid credentials (49)
slapd running
Eoan verification succeeded.
** Tags removed: verification-needed-eoan
** Tags added: verification-done-eoan
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1866303
Title:
slapd crash with pwdAccountLockedTime and stacked overlays
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Disco:
Won't Fix
Status in openldap source package in Eoan:
Fix Committed
Status in openldap package in Debian:
Fix Released
Bug description:
[Impact]
In the configuration and conditions described below, slapd can crash:
1. ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
[Test Case]
* get the files from the bug:
mkdir slapd-test-case; cd slapd-test-case
wget -ct0
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334194/+files/slapd.conf
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334195/+files/data.ldif
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334196/+files/samba.schema
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334197/+files/script
* run the script:
sudo apt update && sudo sh ./script
* With the bug, the result is:
ldap_bind: Invalid credentials (49)
slapd dead
* If when confirming the bug you don't see "slapd dead" like above,
check manually, as slapd might have been in the process of shutting
down when the script checked its status: "sudo systemctl status slapd"
* With the fixed packages, you get a living slapd at the end (you can
run the script again on the same system after updating the packages):
sudo sh ./script
...
slapd running
ldap_bind: Invalid credentials (49)
slapd running
[Regression Potential]
The fix is in the password policy overlay (not enabled by default), so any
regressions would be around that area and could potentially impact
authentication ("binding") to openldap.
[Other Info]
This was fixed in focal and "cooked" there for a long while, as suggested by
the Debian maintainer. We haven't received further bug reports about this in
focal+.
[Original Description]
Hello,
Please merge openldap 2.4.49+dfsg-2 from Debian unstable to fix an
issue in the ppolicy overlay that can crash slapd. Please also
consider SRUing the patch after it has had some testing time.
Upstream: https://openldap.org/its/?findid=9171
Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953150
The ingredients for the crash are:
1: ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
The buggy code is not as specific as the above steps, so I suspect
there are probably other configurations or steps that can trigger the
same crash.
I will attach my test script and data for reproducing the crash.
Expected output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd running
Actual output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd dead
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1866303] Re: slapd crash with pwdAccountLockedTime and stacked overlays
The asterisk DEP8 armhf test was retried and is now green.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1866303
Title:
slapd crash with pwdAccountLockedTime and stacked overlays
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Disco:
Won't Fix
Status in openldap source package in Eoan:
Fix Committed
Status in openldap package in Debian:
Fix Released
Bug description:
[Impact]
In the configuration and conditions described below, slapd can crash:
1. ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
[Test Case]
* get the files from the bug:
mkdir slapd-test-case; cd slapd-test-case
wget -ct0
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334194/+files/slapd.conf
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334195/+files/data.ldif
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334196/+files/samba.schema
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334197/+files/script
* run the script:
sudo apt update && sudo sh ./script
* With the bug, the result is:
ldap_bind: Invalid credentials (49)
slapd dead
* If when confirming the bug you don't see "slapd dead" like above,
check manually, as slapd might have been in the process of shutting
down when the script checked its status: "sudo systemctl status slapd"
* With the fixed packages, you get a living slapd at the end (you can
run the script again on the same system after updating the packages):
sudo sh ./script
...
slapd running
ldap_bind: Invalid credentials (49)
slapd running
[Regression Potential]
The fix is in the password policy overlay (not enabled by default), so any
regressions would be around that area and could potentially impact
authentication ("binding") to openldap.
[Other Info]
This was fixed in focal and "cooked" there for a long while, as suggested by
the Debian maintainer. We haven't received further bug reports about this in
focal+.
[Original Description]
Hello,
Please merge openldap 2.4.49+dfsg-2 from Debian unstable to fix an
issue in the ppolicy overlay that can crash slapd. Please also
consider SRUing the patch after it has had some testing time.
Upstream: https://openldap.org/its/?findid=9171
Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953150
The ingredients for the crash are:
1: ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
The buggy code is not as specific as the above steps, so I suspect
there are probably other configurations or steps that can trigger the
same crash.
I will attach my test script and data for reproducing the crash.
Expected output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd running
Actual output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd dead
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886854] Re: Race in load-module snap policy check in classic confinement
** Tags added: rls-ff-incoming -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1886854 Title: Race in load-module snap policy check in classic confinement Status in pulseaudio package in Ubuntu: New Bug description: SUMMARY = When running a snap in classic confinement, that needs access to PA_COMMAND_LOAD_MODULE and PA_COMMAND_UNLOAD_MODULE. These sometimes succeed and sometimes fail with "Access denied". After running "pacmd unload-module module-snap-policy" and unloading the snap policy module, these work reliably. I have verified this in a fresh install of Ubuntu 20.04 in a VM. STEPS TO REPRODUCE = a) Either build a snap with classic confinement that sends these commands on the pulseaudio native protocol socket. (This is how I found the bug) b) Or, what I did here to easier reproduce, abuse the sandbox of a random classic snap: Download the attached bug.tgz with a minimal reproducer. It contains the source code for a program that sends load and unload commands to pulse. Unfortunately `pacmd` has a pid-file check that fails inside the sandbox and doesn't work. The reproducer does essentially the same as "pacmd load/unload-module" though. (a pre-compiled x64 binary is also included in case you don't have a go compiler and dare to run an untrusted binary in a VM) Unpack the tgz, build it, if necessary with "go mod download && go build" Grab a random classic mode snap to use its sandbox as a test bed: $ sudo snap install atom --classic atom 1.48.0 from Snapcrafters installed Open a shell in its sandbox: snap run --shell atom Navigate to the compiled binary and execute it a few times: user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:10 PulseAudio connection created successfully 2020/07/08 18:46:10 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:11 PulseAudio connection created successfully Loaded Module sucessfully at index: 40 user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:12 PulseAudio connection created successfully Loaded Module sucessfully at index: 41 user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:12 PulseAudio connection created successfully 2020/07/08 18:46:12 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:14 PulseAudio connection created successfully 2020/07/08 18:46:14 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:14 PulseAudio connection created successfully 2020/07/08 18:46:14 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:15 PulseAudio connection created successfully 2020/07/08 18:46:15 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied Succeeds and fails apparently at random. Now from a non-sandboxed shell, run pacmd unload-module module-snap-policy to unload the snap-policy module from pulseaudio, now run ./bug a few more times. It now succeeds reliably, every time. Side note, with the real program on my actual machine, the race seems to behave slightly differently. It seems not to work the first time an application is started, but closing it and reopening it seems to make it work pretty reliably afterwards. Restarting "snapd", causes the following run the snap to fail again. EXPECTED BEHAVIOUR == The pulseaudio snap policy module should correctly determine and enforce it's policy. ACTUAL BEHAVIOUR The pulseaudio snap policy module seemingly at random denies access when the snap has the permissions to do an operation. ADDITIONAL INFORMATION == $ lsb_release -rd Description: Ubuntu 20.04 LTS Release: 20.04 $ apt-cache policy pulseaudio pulseaudio: Installed: 1:13.99.1-1ubuntu3.3 Candidate: 1:13.99.1-1ubuntu3.3 Version table: *** 1:13.99.1-1ubuntu3.3 500 500 http://ch.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 1:13.99.1-1ubuntu3.2 500 500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages 1:13.99.1-1ubuntu3 500 500 http://ch.archive.ubuntu.com/ubuntu focal/main amd64 Packages To manage notifications about this bug go to:
[Touch-packages] [Bug 1866303] Re: slapd crash with pwdAccountLockedTime and stacked overlays
Bionic verification
Reproducing the bug:
Version table:
*** 2.4.45+dfsg-1ubuntu1.5 500
500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64
Packages
500 http://br.archive.ubuntu.com/ubuntu bionic-security/main amd64
Packages
100 /var/lib/dpkg/status
$ sudo sh ./script
...
Closing DB...
slapd running
ldap_bind: Invalid credentials (49)
slapd dead
Updating to proposed:
Version table:
*** 2.4.45+dfsg-1ubuntu1.6 500
500 http://br.archive.ubuntu.com/ubuntu bionic-proposed/main amd64
Packages
100 /var/lib/dpkg/status
Now slapd remains running:
$ sudo sh ./script
...
Closing DB...
slapd running
ldap_bind: Invalid credentials (49)
slapd running
Bionic verification succeeded.
** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1866303
Title:
slapd crash with pwdAccountLockedTime and stacked overlays
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Disco:
Won't Fix
Status in openldap source package in Eoan:
Fix Committed
Status in openldap package in Debian:
Fix Released
Bug description:
[Impact]
In the configuration and conditions described below, slapd can crash:
1. ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
[Test Case]
* get the files from the bug:
mkdir slapd-test-case; cd slapd-test-case
wget -ct0
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334194/+files/slapd.conf
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334195/+files/data.ldif
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334196/+files/samba.schema
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334197/+files/script
* run the script:
sudo apt update && sudo sh ./script
* With the bug, the result is:
ldap_bind: Invalid credentials (49)
slapd dead
* If when confirming the bug you don't see "slapd dead" like above,
check manually, as slapd might have been in the process of shutting
down when the script checked its status: "sudo systemctl status slapd"
* With the fixed packages, you get a living slapd at the end (you can
run the script again on the same system after updating the packages):
sudo sh ./script
...
slapd running
ldap_bind: Invalid credentials (49)
slapd running
[Regression Potential]
The fix is in the password policy overlay (not enabled by default), so any
regressions would be around that area and could potentially impact
authentication ("binding") to openldap.
[Other Info]
This was fixed in focal and "cooked" there for a long while, as suggested by
the Debian maintainer. We haven't received further bug reports about this in
focal+.
[Original Description]
Hello,
Please merge openldap 2.4.49+dfsg-2 from Debian unstable to fix an
issue in the ppolicy overlay that can crash slapd. Please also
consider SRUing the patch after it has had some testing time.
Upstream: https://openldap.org/its/?findid=9171
Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953150
The ingredients for the crash are:
1: ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
The buggy code is not as specific as the above steps, so I suspect
there are probably other configurations or steps that can trigger the
same crash.
I will attach my test script and data for reproducing the crash.
Expected output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd running
Actual output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd dead
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1866303] Re: slapd crash with pwdAccountLockedTime and stacked overlays
Xenial verification (for real)
Reproducing the bug:
Version table:
*** 2.4.42+dfsg-2ubuntu3.8 500
500 http://br.archive.ubuntu.com/ubuntu xenial-updates/main amd64
Packages
500 http://br.archive.ubuntu.com/ubuntu xenial-security/main amd64
Packages
100 /var/lib/dpkg/status
$ sudo sh ./script
...
Closing DB...
slapd running
ldap_bind: Invalid credentials (49)
slapd dead
With the packages from proposed, slapd remains running:
Version table:
*** 2.4.42+dfsg-2ubuntu3.9 500
500 http://br.archive.ubuntu.com/ubuntu xenial-proposed/main amd64
Packages
100 /var/lib/dpkg/status
$ sudo sh ./script
...
Closing DB...
slapd running
ldap_bind: Invalid credentials (49)
slapd running
Xenial verification succeeded.
** Tags removed: verification-needed-xenial
** Tags added: verification-done-xenial
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1866303
Title:
slapd crash with pwdAccountLockedTime and stacked overlays
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Disco:
Won't Fix
Status in openldap source package in Eoan:
Fix Committed
Status in openldap package in Debian:
Fix Released
Bug description:
[Impact]
In the configuration and conditions described below, slapd can crash:
1. ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
[Test Case]
* get the files from the bug:
mkdir slapd-test-case; cd slapd-test-case
wget -ct0
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334194/+files/slapd.conf
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334195/+files/data.ldif
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334196/+files/samba.schema
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334197/+files/script
* run the script:
sudo apt update && sudo sh ./script
* With the bug, the result is:
ldap_bind: Invalid credentials (49)
slapd dead
* If when confirming the bug you don't see "slapd dead" like above,
check manually, as slapd might have been in the process of shutting
down when the script checked its status: "sudo systemctl status slapd"
* With the fixed packages, you get a living slapd at the end (you can
run the script again on the same system after updating the packages):
sudo sh ./script
...
slapd running
ldap_bind: Invalid credentials (49)
slapd running
[Regression Potential]
The fix is in the password policy overlay (not enabled by default), so any
regressions would be around that area and could potentially impact
authentication ("binding") to openldap.
[Other Info]
This was fixed in focal and "cooked" there for a long while, as suggested by
the Debian maintainer. We haven't received further bug reports about this in
focal+.
[Original Description]
Hello,
Please merge openldap 2.4.49+dfsg-2 from Debian unstable to fix an
issue in the ppolicy overlay that can crash slapd. Please also
consider SRUing the patch after it has had some testing time.
Upstream: https://openldap.org/its/?findid=9171
Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953150
The ingredients for the crash are:
1: ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
The buggy code is not as specific as the above steps, so I suspect
there are probably other configurations or steps that can trigger the
same crash.
I will attach my test script and data for reproducing the crash.
Expected output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd running
Actual output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd dead
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1838329] Re: Cryptswap periodically fails to mount at boot due to missing a udev notification
> Does the Groovy bug task status need fixing? The g MR is open and linked in this bug; I prefer to leave that up to @rbalint for the devel release, I'm not sure if he wants to take the patches or do a merge of newer systemd later. > But if your trivial patch in comment 7 works, wouldn't that be better for an SRU? I'm not convinced it would work (it needs to lock the parent device if the target is a partition), and it wouldn't help with cryptsetup other than swap. Hence the proper, complete, upstream patch series is required. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1838329 Title: Cryptswap periodically fails to mount at boot due to missing a udev notification Status in systemd: New Status in systemd package in Ubuntu: New Status in systemd source package in Bionic: New Status in systemd source package in Focal: In Progress Status in systemd source package in Groovy: New Bug description: [impact] systems using cryptsetup-based encrypted swap may hang during boot due to udevd missing the notification that swap has been setup on the newly created swap device. [test case] see original description, and reproduction is intermittent based on timing [regression potential] any regression would likely occur during, or after, boot when creating an encrypted swap device and/or while waiting to activate the new swap device. Regressions may cause failure to correctly enable swap and/or hung boot waiting for the swap device. [scope] this was (potentially) fixed upstream with PR 15836, which is not yet included in any upstream release, so this is needed in all releases, including groovy. also note while the upstream bug is closed, and code review seems to indicate this *should* fix this specific issue, there are some comments in the upstream bug indicating it may not completely solve the problem, although there is no further debug of the new reports. [original description] On some systems, cryptsetup-based encrypted swap partitions cause systemd to get stuck at boot. This is a timing-sensitive Heisenbug, so the rate of occurrence varies from one system to another. Some hardware will not experience the issue at all, others will only occasionally experience the issue, and then there are the unlucky who are unable to boot at all, no matter how many times they restart. The workaround is for the cryptsetup-generator to generate cryptswap service entries that call `udevadm trigger` after `mkswap`. This will ensure that the udev event is triggered, so that systemd is notified that the encrypt swap partition is ready to activate. This patch has already been submitted upstream to systemd, but it was not accepted because it is a workaround for the side effect of systemd not seeing the udev event upon creating the swap partition. To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1838329/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886128] Re: systemd-resolved does not resolve address due to udp payload size.
well that's not a pcap, a pcap is a packet capture, e.g. from tcpdump. Your log shows your response is truncated: Jul 08 07:27:22 ubuntu18oras systemd-resolved[963]: Got DNS stub UDP query packet for id 2283 Jul 08 07:27:22 ubuntu18oras systemd-resolved[963]: Looking up RR for mharder-formrec.cognitiveservices.azure.com IN A. Jul 08 07:27:22 ubuntu18oras systemd-resolved[963]: Cache miss for mharder-formrec.cognitiveservices.azure.com IN A Jul 08 07:27:22 ubuntu18oras systemd-resolved[963]: Transaction 26533 for scope dns on eth0/*. Jul 08 07:27:22 ubuntu18oras systemd-resolved[963]: Using feature level UDP+EDNS0 for transaction 26533. Jul 08 07:27:22 ubuntu18oras systemd-resolved[963]: Using DNS server 168.63.129.16 for transaction 26533. Jul 08 07:27:22 ubuntu18oras systemd-resolved[963]: Sending query packet with id 26533. Jul 08 07:27:22 ubuntu18oras systemd-resolved[963]: Processing query... Jul 08 07:27:22 ubuntu18oras systemd-resolved[963]: Processing incoming packet on transaction 26533. (rcode=SUCCESS) Jul 08 07:27:22 ubuntu18oras systemd-resolved[963]: Reply truncated, retrying via TCP. resolved then retries using tcp, but your upstream nameserver doesn't respond: Jul 08 07:27:23 ubuntu18oras systemd-resolved[963]: Timeout reached on transaction 26533. you should make sure your upstream nameserver supports tcp and/or check your firewalling to make sure tcp can reach your upstream nameserver, and/or make sure your upstream nameserver supports larger udp packet sizes with edns0. An actual packet capture would show exactly what is going on. for reference, on my system (Ubuntu Bionic 18.04 container) edns0 works fine for that hostname without any truncation: Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Got DNS stub UDP query packet for id 18607 Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Looking up RR for mharder-formrec.cognitiveservices.azure.com IN A. Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Switching to DNS server 10.202.51.1 for interface eth0. Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Cache miss for mharder-formrec.cognitiveservices.azure.com IN A Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Transaction 3905 for scope dns on eth0/*. Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Using feature level UDP+EDNS0 for transaction 3905. Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Using DNS server 10.202.51.1 for transaction 3905. Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Sending query packet with id 3905. Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Processing query... Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Processing incoming packet on transaction 3905. (rcode=SUCCESS) Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Verified we get a response at feature level UDP+EDNS0 from DNS server 10.202.51.1. Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Added positive unauthenticated cache entry for mharder-formrec.cognitiveservices.azure.com IN CNAME 899s on */INET/10.202.51.1 Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Added positive unauthenticated cache entry for westus2.api.cognitive.microsoft.com IN CNAME 3598s on */INET/10.202.51.1 Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Added positive unauthenticated cache entry for cognitiveusw2prod.trafficmanager.net IN CNAME 28s on */INET/10.202.51.1 Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Added positive unauthenticated cache entry for cognitiveusw2prod.azure-api.net IN CNAME 898s on */INET/10.202.51.1 Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Added positive unauthenticated cache entry for apimgmttmmtjxmdjuddplpewicwu8gnxxj7ehaj3ubplfwharv.trafficmanager.net IN CNAME 298s on */INET/10.202.51.1 Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Added positive unauthenticated cache entry for cognitiveusw2prod-westus2-01.regional.azure-api.net IN CNAME 898s on */INET/10.202.51.1 Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Added positive unauthenticated cache entry for apimgmthsn6metwepz5stnvukztxi3dks7nna13rgbo90ytolj.cloudapp.net IN A 58s on */INET/10.202.51.1 Jul 08 17:35:18 lp1886128-b systemd-resolved[1114]: Transaction 3905 for on scope dns on eth0/* now complete with from network (unsigned). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1886128 Title: systemd-resolved does not resolve address due to udp payload size. Status in systemd package in Ubuntu: Incomplete Bug description: Description: Ubuntu 18.04.4 LTS Release: 18.04 systemd-resolve --version systemd 237 +PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid We met an error: on an attempt to resolve address, the following issue
[Touch-packages] [Bug 1557157] Re: apparmor profile denied for saslauthd: /run/saslauthd/mux
Focal verification
First, reproducing the problem:
Version table:
*** 2.4.49+dfsg-2ubuntu1.2 500
500 http://br.archive.ubuntu.com/ubuntu focal-updates/main amd64
Packages
500 http://br.archive.ubuntu.com/ubuntu focal-security/main amd64
Packages
100 /var/lib/dpkg/status
ldapsearch fails:
root@focal-openldap-saslauthd-1557157:~# ldapsearch -H ldapi:/// -LLL -b
'dc=example,dc=com' -s base -U root -Y PLAIN
SASL/PLAIN authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification failed
and dmesg complains:
[18037.506232] audit: type=1400 audit(1594229527.198:647): apparmor="DENIED"
operation="connect"
namespace="root//lxd-focal-openldap-saslauthd-1557157_"
profile="/usr/sbin/slapd" name="/run/saslauthd/mux" pid=171680 comm="slapd"
requested_mask="wr" denied_mask="wr" fsuid=1000112 ouid=100
With the proposed packages:
*** 2.4.49+dfsg-2ubuntu1.3 500
500 http://br.archive.ubuntu.com/ubuntu focal-proposed/main amd64
Packages
100 /var/lib/dpkg/status
ldapsearch works:
root@focal-openldap-saslauthd-1557157:~# ldapsearch -H ldapi:/// -LLL -b
'dc=example,dc=com' -s base -U root -Y PLAIN
SASL/PLAIN authentication started
Please enter your password:
SASL username: root
SASL SSF: 0
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example
And there is no apparmor DENIED message in dmesg.
Focal verification succeeded.
** Tags removed: verification-needed-focal
** Tags added: verification-done-focal
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1557157
Title:
apparmor profile denied for saslauthd: /run/saslauthd/mux
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Trusty:
Won't Fix
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Eoan:
Fix Committed
Status in openldap source package in Focal:
Fix Committed
Status in openldap source package in Groovy:
Fix Released
Bug description:
[Impact]
When using openldap with sasl authentication, the slapd process will
communicate with the saslauthd daemon via a socket in
{,/var}/run/saslauthd/mux. Unfortunately, this will fail in every
Ubuntu release from trusty onwards, because slapd's apparmor profile
doesn't contain the necessary directive to allow it to read/write
from/to the socket specified above.
The fix is simple: just add the necessary directive to allow slapd to
read/write from/to the saslauthd socket.
[Test Case]
One can reproduce the problem by doing:
$ lxc launch ubuntu-daily:groovy openldap-bugbug1557157-groovy
$ lxc shell openldap-bugbug1557157-groovy
# apt install slapd sasl2-bin ldap-utils apparmor-utils
(As the domain name, use "example.com").
# sed -i -e 's/^START=.*/START=yes/' /etc/default/saslauthd
# cat > /etc/ldap/sasl2/slapd.conf << __EOF__
mech_list: PLAIN
pwcheck_method: saslauthd
__EOF__
# adduser openldap sasl
# aa-enforce /etc/apparmor.d/usr.sbin.slapd
# systemctl restart slapd.service
# systemctl restart saslauthd.service
# passwd root
(You can choose any password here. You will need to type it when
running the next command.)
# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root
-Y PLAIN
The command will fail with something like:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification
failed
[Regression Potential]
This is an extremely simple and well contained fix, so I don't
envision any possible regressions after applying it. It is important
noticing that, since the problem affects older Ubuntu releases, the
openldap package will have to be rebuilt against possible newer
versions of libraries and other depencencies, which, albeit unlikely,
may cause issues.
[Original Description]
When using slapd with saslauthd the processes communicate via the
{,/var}/run/saslauthd/mux socket (this is the default location for the
saslauthd server from the sasl2-bin package in the
/etc/default/saslauthd config), but the apparmor profile for
usr.sbin.slapd does not allow access to this socket/file.
Syslog message:
apparmor="DENIED" operation="connect" profile="/usr/sbin/slapd"
name="/run/saslauthd/mux" pid=1880
4 comm="slapd" requested_mask="r" denied_mask="r" fsuid=108 ouid=0
Please add the following line to /etc/apparmor.d/usr.sbin.slapd:
/{,var/}run/saslauthd/mux rw,
Ubuntu version: Ubuntu 14.04.4 LTS
slapd version: 2.4.31-1+nmu2ubu
To manage notifications about this bug go to:
[Touch-packages] [Bug 1557157] Re: apparmor profile denied for saslauthd: /run/saslauthd/mux
Xenial verification
Reproducing the error:
root@xenial-openldap-saslauthd-1557157:~# ldapsearch -H ldapi:/// -LLL -b
'dc=example,dc=com' -s base -U root -Y PLAIN
SASL/PLAIN authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification failed
And dmesg:
[qua jul 8 11:50:42 2020] audit: type=1400 audit(1594219843.513:405):
apparmor="DENIED" operation="connect"
namespace="root//lxd-xenial-openldap-saslauthd-1557157_"
profile="/usr/sbin/slapd" name="/run/saslauthd/mux" pid=83468 comm="slapd"
requested_mask="wr" denied_mask="wr" fsuid=1000112 ouid=100
With the updated packages, ldapsearch works:
root@xenial-openldap-saslauthd-1557157:~# apt-cache policy slapd
slapd:
Installed: 2.4.42+dfsg-2ubuntu3.9
Candidate: 2.4.42+dfsg-2ubuntu3.9
Version table:
*** 2.4.42+dfsg-2ubuntu3.9 500
500 http://br.archive.ubuntu.com/ubuntu xenial-proposed/main amd64
Packages
100 /var/lib/dpkg/status
...
root@xenial-openldap-saslauthd-1557157:~# ldapsearch -H ldapi:/// -LLL -b
'dc=example,dc=com' -s base -U root -Y PLAIN
SASL/PLAIN authentication started
Please enter your password:
SASL username: root
SASL SSF: 0
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example
And no dmesg apparmor error.
Xenial verification succeeded.
** Tags removed: verification-needed-xenial
** Tags added: verification-done-xenial
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1557157
Title:
apparmor profile denied for saslauthd: /run/saslauthd/mux
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Trusty:
Won't Fix
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Eoan:
Fix Committed
Status in openldap source package in Focal:
Fix Committed
Status in openldap source package in Groovy:
Fix Released
Bug description:
[Impact]
When using openldap with sasl authentication, the slapd process will
communicate with the saslauthd daemon via a socket in
{,/var}/run/saslauthd/mux. Unfortunately, this will fail in every
Ubuntu release from trusty onwards, because slapd's apparmor profile
doesn't contain the necessary directive to allow it to read/write
from/to the socket specified above.
The fix is simple: just add the necessary directive to allow slapd to
read/write from/to the saslauthd socket.
[Test Case]
One can reproduce the problem by doing:
$ lxc launch ubuntu-daily:groovy openldap-bugbug1557157-groovy
$ lxc shell openldap-bugbug1557157-groovy
# apt install slapd sasl2-bin ldap-utils apparmor-utils
(As the domain name, use "example.com").
# sed -i -e 's/^START=.*/START=yes/' /etc/default/saslauthd
# cat > /etc/ldap/sasl2/slapd.conf << __EOF__
mech_list: PLAIN
pwcheck_method: saslauthd
__EOF__
# adduser openldap sasl
# aa-enforce /etc/apparmor.d/usr.sbin.slapd
# systemctl restart slapd.service
# systemctl restart saslauthd.service
# passwd root
(You can choose any password here. You will need to type it when
running the next command.)
# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root
-Y PLAIN
The command will fail with something like:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification
failed
[Regression Potential]
This is an extremely simple and well contained fix, so I don't
envision any possible regressions after applying it. It is important
noticing that, since the problem affects older Ubuntu releases, the
openldap package will have to be rebuilt against possible newer
versions of libraries and other depencencies, which, albeit unlikely,
may cause issues.
[Original Description]
When using slapd with saslauthd the processes communicate via the
{,/var}/run/saslauthd/mux socket (this is the default location for the
saslauthd server from the sasl2-bin package in the
/etc/default/saslauthd config), but the apparmor profile for
usr.sbin.slapd does not allow access to this socket/file.
Syslog message:
apparmor="DENIED" operation="connect" profile="/usr/sbin/slapd"
name="/run/saslauthd/mux" pid=1880
4 comm="slapd" requested_mask="r" denied_mask="r" fsuid=108 ouid=0
Please add the following line to /etc/apparmor.d/usr.sbin.slapd:
/{,var/}run/saslauthd/mux rw,
Ubuntu version: Ubuntu 14.04.4 LTS
slapd version: 2.4.31-1+nmu2ubu
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557157/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to
[Touch-packages] [Bug 1557157] Re: apparmor profile denied for saslauthd: /run/saslauthd/mux
Eoan verification
First, reproducing the bug:
Version table:
*** 2.4.48+dfsg-1ubuntu1.1 500
500 http://br.archive.ubuntu.com/ubuntu eoan-updates/main amd64 Packages
500 http://br.archive.ubuntu.com/ubuntu eoan-security/main amd64
Packages
100 /var/lib/dpkg/status
ldapsearch fails:
root@eoan-openldap-saslauthd-1557157:~# ldapsearch -H ldapi:/// -LLL -b
'dc=example,dc=com' -s base -U root -Y PLAIN
SASL/PLAIN authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification failed
And dmesg shows the apparmor DENIED message:
[17713.076558] audit: type=1400 audit(1594229202.756:559): apparmor="DENIED"
operation="connect"
namespace="root//lxd-eoan-openldap-saslauthd-1557157_"
profile="/usr/sbin/slapd" name="/run/saslauthd/mux" pid=162867 comm="slapd"
requested_mask="wr" denied_mask="wr" fsuid=1000111 ouid=100
With the package from proposed:
Version table:
*** 2.4.48+dfsg-1ubuntu1.2 500
500 http://br.archive.ubuntu.com/ubuntu eoan-proposed/main amd64
Packages
100 /var/lib/dpkg/status
ldapsearch works:
root@eoan-openldap-saslauthd-1557157:~# ldapsearch -H ldapi:/// -LLL -b
'dc=example,dc=com' -s base -U root -Y PLAIN
SASL/PLAIN authentication started
Please enter your password:
SASL username: root
SASL SSF: 0
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example
And there is no DENIED message in dmesg.
eoan verification succeeded.
** Tags removed: verification-needed-eoan
** Tags added: verification-done-eoan
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1557157
Title:
apparmor profile denied for saslauthd: /run/saslauthd/mux
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Trusty:
Won't Fix
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Eoan:
Fix Committed
Status in openldap source package in Focal:
Fix Committed
Status in openldap source package in Groovy:
Fix Released
Bug description:
[Impact]
When using openldap with sasl authentication, the slapd process will
communicate with the saslauthd daemon via a socket in
{,/var}/run/saslauthd/mux. Unfortunately, this will fail in every
Ubuntu release from trusty onwards, because slapd's apparmor profile
doesn't contain the necessary directive to allow it to read/write
from/to the socket specified above.
The fix is simple: just add the necessary directive to allow slapd to
read/write from/to the saslauthd socket.
[Test Case]
One can reproduce the problem by doing:
$ lxc launch ubuntu-daily:groovy openldap-bugbug1557157-groovy
$ lxc shell openldap-bugbug1557157-groovy
# apt install slapd sasl2-bin ldap-utils apparmor-utils
(As the domain name, use "example.com").
# sed -i -e 's/^START=.*/START=yes/' /etc/default/saslauthd
# cat > /etc/ldap/sasl2/slapd.conf << __EOF__
mech_list: PLAIN
pwcheck_method: saslauthd
__EOF__
# adduser openldap sasl
# aa-enforce /etc/apparmor.d/usr.sbin.slapd
# systemctl restart slapd.service
# systemctl restart saslauthd.service
# passwd root
(You can choose any password here. You will need to type it when
running the next command.)
# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root
-Y PLAIN
The command will fail with something like:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification
failed
[Regression Potential]
This is an extremely simple and well contained fix, so I don't
envision any possible regressions after applying it. It is important
noticing that, since the problem affects older Ubuntu releases, the
openldap package will have to be rebuilt against possible newer
versions of libraries and other depencencies, which, albeit unlikely,
may cause issues.
[Original Description]
When using slapd with saslauthd the processes communicate via the
{,/var}/run/saslauthd/mux socket (this is the default location for the
saslauthd server from the sasl2-bin package in the
/etc/default/saslauthd config), but the apparmor profile for
usr.sbin.slapd does not allow access to this socket/file.
Syslog message:
apparmor="DENIED" operation="connect" profile="/usr/sbin/slapd"
name="/run/saslauthd/mux" pid=1880
4 comm="slapd" requested_mask="r" denied_mask="r" fsuid=108 ouid=0
Please add the following line to /etc/apparmor.d/usr.sbin.slapd:
/{,var/}run/saslauthd/mux rw,
Ubuntu version: Ubuntu 14.04.4 LTS
slapd version: 2.4.31-1+nmu2ubu
To manage notifications about
[Touch-packages] [Bug 1866303] Re: slapd crash with pwdAccountLockedTime and stacked overlays
I'm sorry, the above verification was for the other bug that this upload
is fixing.
** Tags removed: verification-done-xenial
** Tags added: verification-needed-xenial
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1866303
Title:
slapd crash with pwdAccountLockedTime and stacked overlays
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Disco:
Won't Fix
Status in openldap source package in Eoan:
Fix Committed
Status in openldap package in Debian:
Fix Released
Bug description:
[Impact]
In the configuration and conditions described below, slapd can crash:
1. ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
[Test Case]
* get the files from the bug:
mkdir slapd-test-case; cd slapd-test-case
wget -ct0
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334194/+files/slapd.conf
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334195/+files/data.ldif
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334196/+files/samba.schema
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334197/+files/script
* run the script:
sudo apt update && sudo sh ./script
* With the bug, the result is:
ldap_bind: Invalid credentials (49)
slapd dead
* If when confirming the bug you don't see "slapd dead" like above,
check manually, as slapd might have been in the process of shutting
down when the script checked its status: "sudo systemctl status slapd"
* With the fixed packages, you get a living slapd at the end (you can
run the script again on the same system after updating the packages):
sudo sh ./script
...
slapd running
ldap_bind: Invalid credentials (49)
slapd running
[Regression Potential]
The fix is in the password policy overlay (not enabled by default), so any
regressions would be around that area and could potentially impact
authentication ("binding") to openldap.
[Other Info]
This was fixed in focal and "cooked" there for a long while, as suggested by
the Debian maintainer. We haven't received further bug reports about this in
focal+.
[Original Description]
Hello,
Please merge openldap 2.4.49+dfsg-2 from Debian unstable to fix an
issue in the ppolicy overlay that can crash slapd. Please also
consider SRUing the patch after it has had some testing time.
Upstream: https://openldap.org/its/?findid=9171
Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953150
The ingredients for the crash are:
1: ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
The buggy code is not as specific as the above steps, so I suspect
there are probably other configurations or steps that can trigger the
same crash.
I will attach my test script and data for reproducing the crash.
Expected output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd running
Actual output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd dead
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1814302] Re: Quasselcore apparmor profile issue in lxd container.
bionic:
ubuntu@lp1814302-b:~$ systemd-detect-virt
lxc
ubuntu@lp1814302-b:~$ dpkg -l|grep quassel
ii quassel-core 1:0.12.4-3ubuntu1.18.04.1 amd64
distributed IRC client - core component
ubuntu@lp1814302-b:~$ /usr/bin/quasselcore
Segmentation fault
ubuntu@lp1814302-b:~$ systemctl status quasselcore.service
● quasselcore.service - distributed IRC client using a central core component
Loaded: loaded (/lib/systemd/system/quasselcore.service; enabled; vendor
preset: enabled)
Active: failed (Result: signal) since Wed 2020-07-08 17:27:46 UTC; 1min 53s
ago
Docs: man:quasselcore(1)
Process: 2381 ExecStart=/usr/bin/quasselcore --configdir=${DATADIR}
--logfile=${LOGFILE} --loglevel=${LOGLEVEL} --port=${PORT} --listen=${LISTEN}
(code=killed, signal=SEGV)
Main PID: 2381 (code=killed, signal=SEGV)
Jul 08 17:27:46 lp1814302-b systemd[1]: quasselcore.service: Service hold-off
time over, scheduling restart.
Jul 08 17:27:46 lp1814302-b systemd[1]: quasselcore.service: Scheduled restart
job, restart counter is at 6.
Jul 08 17:27:46 lp1814302-b systemd[1]: Stopped distributed IRC client using a
central core component.
Jul 08 17:27:46 lp1814302-b systemd[1]: quasselcore.service: Start request
repeated too quickly.
Jul 08 17:27:46 lp1814302-b systemd[1]: quasselcore.service: Failed with result
'signal'.
Jul 08 17:27:46 lp1814302-b systemd[1]: Failed to start distributed IRC client
using a central core component.
ubuntu@lp1814302-b:~$ systemd-detect-virt
lxc
ubuntu@lp1814302-b:~$ dpkg -l|grep quassel
ii quassel-core 1:0.12.4-3ubuntu1.18.04.2 amd64
distributed IRC client - core component
ubuntu@lp1814302-b:~$ /usr/bin/quasselcore
Unable to create Quassel config directory: /home/ubuntu/.config/quassel-irc.org
...etc...
ubuntu@lp1814302-b:~$ systemctl status quasselcore.service
● quasselcore.service - distributed IRC client using a central core component
Loaded: loaded (/lib/systemd/system/quasselcore.service; enabled; vendor
preset: enabled)
Active: active (running) since Wed 2020-07-08 17:31:50 UTC; 18s ago
Docs: man:quasselcore(1)
Main PID: 2881 (quasselcore)
Tasks: 1 (limit: 115273)
CGroup: /system.slice/quasselcore.service
└─2881 /usr/bin/quasselcore --configdir=/var/lib/quassel
--logfile=/var/log/quassel/core.log --loglevel=Info --port=4242
--listen=::,0.0.0.0
Jul 08 17:31:50 lp1814302-b systemd[1]: Started distributed IRC client
using a central core component.
** Tags removed: verification-needed verification-needed-bionic
** Tags added: verification-done verification-done-bionic
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1814302
Title:
Quasselcore apparmor profile issue in lxd container.
Status in AppArmor:
Invalid
Status in apparmor package in Ubuntu:
Invalid
Status in quassel package in Ubuntu:
Fix Released
Status in apparmor source package in Bionic:
Invalid
Status in quassel source package in Bionic:
Fix Committed
Status in apparmor source package in Focal:
Invalid
Status in quassel source package in Focal:
Fix Committed
Status in apparmor source package in Groovy:
Invalid
Status in quassel source package in Groovy:
Fix Released
Bug description:
[impact]
quasselcore cannot start inside lxd container
[test case]
create lxd container, install quassel-core, check quasselcore service:
$ systemctl status quasselcore
● quasselcore.service - distributed IRC client using a central core component
Loaded: loaded (/lib/systemd/system/quasselcore.service; enabled; vendor
preset: enabled)
Active: failed (Result: signal) since Tue 2020-06-30 18:32:40 UTC; 4s ago
Docs: man:quasselcore(1)
Process: 3853 ExecStart=/usr/bin/quasselcore --configdir=${DATADIR}
--logfile=${LOGFILE} --loglevel=${LOGLEVEL} --port=${PORT} --listen=${LISTEN}
(code=killed, signal=SEGV)
Main PID: 3853 (code=killed, signal=SEGV)
Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Scheduled
restart job, restart counter is at 7.
Jun 30 18:32:40 lp1814302-f systemd[1]: Stopped distributed IRC client using
a central core component.
Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Start request
repeated too quickly.
Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Failed with
result 'signal'.
Jun 30 18:32:40 lp1814302-f systemd[1]: Failed to start distributed IRC
client using a central core component.
Also, the binary will segfault when run directly due to apparmor denials:
$ /usr/bin/quasselcore
Segmentation fault
[760149.590802] audit: type=1400 audit(1593542073.962:1058):
apparmor="DENIED" operation="file_mmap" namespace="root//lxd-
lp1814302-f_" profile="/usr/bin/quasselcore"
name="/usr/bin/quasselcore" pid=2006430 comm="quasselcore"
requested_mask="r"
[Touch-packages] [Bug 1881972] Re: systemd-networkd crashes with invalid pointer
Here's one of the new coredumps I'm getting at boot now. Note that I don't have debugging symbols installed for the PPA version of systemd. # coredumpctl gdb 714 PID: 714 (systemd-network) UID: 100 (systemd-network) GID: 102 (systemd-network) Signal: 11 (SEGV) Timestamp: Wed 2020-07-08 17:17:01 UTC (8min ago) Command Line: /lib/systemd/systemd-networkd Executable: /lib/systemd/systemd-networkd Control Group: /system.slice/systemd-networkd.service Unit: systemd-networkd.service Slice: system.slice Boot ID: df33bbaec4134b45aaabe8b3fca7dade Machine ID: ec267b3475883f9edb99f554607bb456 Hostname: ip-10-0-4-251 Storage: /var/lib/systemd/coredump/core.systemd-network.100.df33bbaec4134b45aaabe8b3fca7dade.714.159422862100.lz4 Message: Process 714 (systemd-network) of user 100 dumped core. Stack trace of thread 714: #0 0x5627a7f3425c n/a (systemd-networkd) #1 0x5627a7fb5760 n/a (systemd-networkd) #2 0x5627a7f26526 sd_netlink_process (systemd-networkd) #3 0x5627a7f267c3 n/a (systemd-networkd) #4 0x5627a7f2b6be n/a (systemd-networkd) #5 0x5627a7f2b93a sd_event_dispatch (systemd-networkd) #6 0x5627a7f2bac9 sd_event_run (systemd-networkd) #7 0x5627a7f2bd0b sd_event_loop (systemd-networkd) #8 0x5627a7eff3d6 n/a (systemd-networkd) #9 0x7f6d90500b97 __libc_start_main (libc.so.6) #10 0x5627a7effaba n/a (systemd-networkd) ** Attachment added: "core.systemd-network.100.df33bbaec4134b45aaabe8b3fca7dade.714.159422862100.lz4" https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1881972/+attachment/5390826/+files/core.systemd-network.100.df33bbaec4134b45aaabe8b3fca7dade.714.159422862100.lz4 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1881972 Title: systemd-networkd crashes with invalid pointer Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Bionic: In Progress Bug description: [impact] systemd-networkd double-free causes crash under some circumstances, such as adding/removing ip rules [test case] see original description [regression potential] this strdup's strings during addition of routing policy rules, so any regression would likely occur when adding/modifying/removing ip rules, possibly including networkd segfault or failure to add/remove/modify ip rules. [scope] this is needed for bionic. this is fixed by upstream commit eeab051b28ba6e1b4a56d369d4c6bf7cfa71947c which is included starting in v240, so this is already included in Focal and later. I did not research what original commit introduced the problem, but the reporter indicates this did not happen for Xenial so it's unlikely this is a problem in Xenial or earlier. [original description] This is a serious regression with systemd-networkd that I ran in to while setting up a NAT router in AWS. The AWS AMI ubuntu/images/hvm- ssd/ubuntu-bionic-18.04-amd64-server-20200131 with systemd-237-3ubuntu10.33 does NOT have the problem, but the next most recent AWS AMI ubuntu/images/hvm-ssd/ubuntu- bionic-18.04-amd64-server-20200311 with systemd-including 237-3ubuntu10.39 does. Also, a system booted from the (good) 20200131 AMI starts showing the problem after updating only systemd (to 237-3ubuntu10.41) and its direct dependencies (e.g. 'apt-get install systemd'). So I'm fairly confident that a change to the systemd package between 237-3ubuntu10.33 and 237-3ubuntu10.39 introduced the problem and it is still present. On the NAT router I use three interfaces and have separate routing tables for admin and forwarded traffic. Things come up fine initially but every 30-60 minutes (DHCP lease renewal time?) one or more interfaces is reconfigured and most of the time systemd-networkd will crash and need to be restarted. Eventually the system becomes unreachable when the default crash loop backoff logic prevents the network service from being restarted at all. The log excerpt attached illustrates the crash loop. Also including the netplan and networkd config files below. # grep . /etc/netplan/* /etc/netplan/50-cloud-init.yaml:# This file is generated from information provided by the datasource. Changes /etc/netplan/50-cloud-init.yaml:# to it will not persist across an instance reboot. To disable cloud-init's /etc/netplan/50-cloud-init.yaml:# network configuration capabilities, write a file /etc/netplan/50-cloud-init.yaml:# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
[Touch-packages] [Bug 1881972] Re: systemd-networkd crashes with invalid pointer
I added the ppa and did a dist-upgrade then rebooted. systemd-networkd
now consistently crashes once at boot (looks like a different crash
though). But then everything appears to work after networkd restarts
once. I will let it run and see if the invalid pointer crash happens.
# journalctl -l -u systemd-networkd -b 0
-- Logs begin at Wed 2020-06-03 15:00:29 UTC, end at Wed 2020-07-08 17:20:23
UTC. --
Jul 08 17:17:01 ip-10-0-4-251 systemd[1]: Starting Network Service...
Jul 08 17:17:01 ip-10-0-4-251 systemd-networkd[714]: Enumeration completed
Jul 08 17:17:01 ip-10-0-4-251 systemd[1]: Started Network Service.
Jul 08 17:17:01 ip-10-0-4-251 systemd-networkd[714]: ens5: Link UP
Jul 08 17:17:01 ip-10-0-4-251 systemd-networkd[714]: ens5: Gained carrier
Jul 08 17:17:01 ip-10-0-4-251 systemd-networkd[714]: ens5: Link DOWN
Jul 08 17:17:01 ip-10-0-4-251 systemd-networkd[714]: ens5: Lost carrier
Jul 08 17:17:01 ip-10-0-4-251 systemd[1]: systemd-networkd.service: Main
process exited, code=dumped, status=11/SEGV
Jul 08 17:17:01 ip-10-0-4-251 systemd[1]: systemd-networkd.service: Failed with
result 'core-dump'.
Jul 08 17:17:01 ip-10-0-4-251 systemd[1]: systemd-networkd.service: Service has
no hold-off time, scheduling restart.
Jul 08 17:17:01 ip-10-0-4-251 systemd[1]: systemd-networkd.service: Scheduled
restart job, restart counter is at 1.
Jul 08 17:17:01 ip-10-0-4-251 systemd[1]: Stopped Network Service.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1881972
Title:
systemd-networkd crashes with invalid pointer
Status in systemd package in Ubuntu:
Fix Released
Status in systemd source package in Bionic:
In Progress
Bug description:
[impact]
systemd-networkd double-free causes crash under some circumstances,
such as adding/removing ip rules
[test case]
see original description
[regression potential]
this strdup's strings during addition of routing policy rules, so any
regression would likely occur when adding/modifying/removing ip rules,
possibly including networkd segfault or failure to add/remove/modify
ip rules.
[scope]
this is needed for bionic.
this is fixed by upstream commit
eeab051b28ba6e1b4a56d369d4c6bf7cfa71947c which is included starting in
v240, so this is already included in Focal and later.
I did not research what original commit introduced the problem, but
the reporter indicates this did not happen for Xenial so it's unlikely
this is a problem in Xenial or earlier.
[original description]
This is a serious regression with systemd-networkd that I ran in to
while setting up a NAT router in AWS. The AWS AMI ubuntu/images/hvm-
ssd/ubuntu-bionic-18.04-amd64-server-20200131 with
systemd-237-3ubuntu10.33 does NOT have the problem, but the next most
recent AWS AMI ubuntu/images/hvm-ssd/ubuntu-
bionic-18.04-amd64-server-20200311 with systemd-including
237-3ubuntu10.39 does.
Also, a system booted from the (good) 20200131 AMI starts showing the
problem after updating only systemd (to 237-3ubuntu10.41) and its
direct dependencies (e.g. 'apt-get install systemd'). So I'm fairly
confident that a change to the systemd package between
237-3ubuntu10.33 and 237-3ubuntu10.39 introduced the problem and it is
still present.
On the NAT router I use three interfaces and have separate routing
tables for admin and forwarded traffic. Things come up fine initially
but every 30-60 minutes (DHCP lease renewal time?) one or more
interfaces is reconfigured and most of the time systemd-networkd will
crash and need to be restarted. Eventually the system becomes
unreachable when the default crash loop backoff logic prevents the
network service from being restarted at all. The log excerpt attached
illustrates the crash loop.
Also including the netplan and networkd config files below.
# grep . /etc/netplan/*
/etc/netplan/50-cloud-init.yaml:# This file is generated from information
provided by the datasource. Changes
/etc/netplan/50-cloud-init.yaml:# to it will not persist across an instance
reboot. To disable cloud-init's
/etc/netplan/50-cloud-init.yaml:# network configuration capabilities, write a
file
/etc/netplan/50-cloud-init.yaml:#
/etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
/etc/netplan/50-cloud-init.yaml:# network: {config: disabled}
/etc/netplan/50-cloud-init.yaml:network:
/etc/netplan/50-cloud-init.yaml:version: 2
/etc/netplan/50-cloud-init.yaml:ethernets:
/etc/netplan/50-cloud-init.yaml:ens5:
/etc/netplan/50-cloud-init.yaml:dhcp4: true
/etc/netplan/50-cloud-init.yaml:match:
/etc/netplan/50-cloud-init.yaml:macaddress: xx:xx:xx:xx:xx:xx
/etc/netplan/50-cloud-init.yaml:set-name: ens5
/etc/netplan/99_config.yaml:network:
/etc/netplan/99_config.yaml: version: 2
[Touch-packages] [Bug 1814302] Re: Quasselcore apparmor profile issue in lxd container.
focal:
ubuntu@lp1814302-f:~$ systemd-detect-virt
lxc
ubuntu@lp1814302-f:~$ dpkg -l|grep quassel-core
ii quassel-core 1:0.13.1-3ubuntu2 amd64
distributed IRC client - core component
ubuntu@lp1814302-f:~$ /usr/bin/quasselcore
Segmentation fault
ubuntu@lp1814302-f:~$ systemctl status quasselcore.service
● quasselcore.service - distributed IRC client using a central core component
Loaded: loaded (/lib/systemd/system/quasselcore.service; enabled; vendor
preset: enabled)
Active: activating (auto-restart) (Result: signal) since Wed 2020-07-08
17:24:12 UTC; 168ms ago
Docs: man:quasselcore(1)
Process: 4867 ExecStart=/usr/bin/quasselcore --configdir=${DATADIR}
--logfile=${LOGFILE} --loglevel=${LOGLEVEL} --port=${PORT} --listen=${LISTEN}
(code=killed, signal=SEGV)
Main PID: 4867 (code=killed, signal=SEGV)
Jul 08 17:24:13 lp1814302-f systemd[1]: quasselcore.service: Scheduled restart
job, restart counter is at 5.
Jul 08 17:24:13 lp1814302-f systemd[1]: Stopped distributed IRC client using a
central core component.
Jul 08 17:24:13 lp1814302-f systemd[1]: quasselcore.service: Start request
repeated too quickly.
Jul 08 17:24:13 lp1814302-f systemd[1]: quasselcore.service: Failed with result
'signal'.
Jul 08 17:24:13 lp1814302-f systemd[1]: Failed to start distributed IRC client
using a central core component.
ubuntu@lp1814302-f:~$ systemd-detect-virt
lxc
ubuntu@lp1814302-f:~$ dpkg -l |grep quassel
ii quassel-core 1:0.13.1-3ubuntu2.1amd64
distributed IRC client - core component
ubuntu@lp1814302-f:~$ /usr/bin/quasselcore
2020-07-08 17:26:00 [Error] Unable to create Quassel config directory:
...etc...
ubuntu@lp1814302-f:~$ systemctl status quasselcore.service
● quasselcore.service - distributed IRC client using a central core component
Loaded: loaded (/lib/systemd/system/quasselcore.service; enabled; vendor
preset: enabled)
Active: active (running) since Wed 2020-07-08 17:25:22 UTC; 43s ago
Docs: man:quasselcore(1)
Main PID: 5832 (quasselcore)
Tasks: 1 (limit: 115273)
Memory: 1.6M
CGroup: /system.slice/quasselcore.service
└─5832 /usr/bin/quasselcore --configdir=/var/lib/quassel
--logfile=/var/log/quassel/core.log --loglevel=Info --port=4242
--listen=::,0.0.0.0
Jul 08 17:25:22 lp1814302-f systemd[1]: Started distributed IRC client
using a central core component.
** Tags removed: verification-needed-focal
** Tags added: verification-done-focal
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1814302
Title:
Quasselcore apparmor profile issue in lxd container.
Status in AppArmor:
Invalid
Status in apparmor package in Ubuntu:
Invalid
Status in quassel package in Ubuntu:
Fix Released
Status in apparmor source package in Bionic:
Invalid
Status in quassel source package in Bionic:
Fix Committed
Status in apparmor source package in Focal:
Invalid
Status in quassel source package in Focal:
Fix Committed
Status in apparmor source package in Groovy:
Invalid
Status in quassel source package in Groovy:
Fix Released
Bug description:
[impact]
quasselcore cannot start inside lxd container
[test case]
create lxd container, install quassel-core, check quasselcore service:
$ systemctl status quasselcore
● quasselcore.service - distributed IRC client using a central core component
Loaded: loaded (/lib/systemd/system/quasselcore.service; enabled; vendor
preset: enabled)
Active: failed (Result: signal) since Tue 2020-06-30 18:32:40 UTC; 4s ago
Docs: man:quasselcore(1)
Process: 3853 ExecStart=/usr/bin/quasselcore --configdir=${DATADIR}
--logfile=${LOGFILE} --loglevel=${LOGLEVEL} --port=${PORT} --listen=${LISTEN}
(code=killed, signal=SEGV)
Main PID: 3853 (code=killed, signal=SEGV)
Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Scheduled
restart job, restart counter is at 7.
Jun 30 18:32:40 lp1814302-f systemd[1]: Stopped distributed IRC client using
a central core component.
Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Start request
repeated too quickly.
Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Failed with
result 'signal'.
Jun 30 18:32:40 lp1814302-f systemd[1]: Failed to start distributed IRC
client using a central core component.
Also, the binary will segfault when run directly due to apparmor denials:
$ /usr/bin/quasselcore
Segmentation fault
[760149.590802] audit: type=1400 audit(1593542073.962:1058):
apparmor="DENIED" operation="file_mmap" namespace="root//lxd-
lp1814302-f_" profile="/usr/bin/quasselcore"
name="/usr/bin/quasselcore" pid=2006430 comm="quasselcore"
requested_mask="r" denied_mask="r" fsuid=1000110 ouid=100
[regression potential]
this expands the apparmor
[Touch-packages] [Bug 1886826] Re: high packet loss on 18.04 with systemd-networkd
Yeah, here is an example of the netplan config, though I have tried with 3 different servers, 2 with very similar configs as below and one with bonded interfaces (all 3 have the same packet loss) - all 3 had the same/equivalent configs and worked without packet loss when running Ubuntu 16.04 - or when using netplan but with the renderer set to NetworkManger instead of networkd network: version: 2 renderer: networkd ethernets: ens15f0: dhcp4: false dhcp6: false addresses: - 10.0.0.1/24 gateway4: 10.0.0.254 nameservers: addresses: - 8.8.8.8 - 1.1.1.1 ens15f1: dhcp4: false dhcp6: false addresses: - 192.168.1.12/16 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1886826 Title: high packet loss on 18.04 with systemd-networkd Status in systemd package in Ubuntu: Incomplete Bug description: Description: Ubuntu 18.04.4 LTS Release: 18.04 systemctl --version systemd 237 +PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid Our issue is that we have a k8s (1.18, kube-router CNI) cluster comprised of a number of Ubuntu 16.04 nodes, we are in the process of upgrading the nodes to Ubuntu 18.04 - however after upgrading the first node and adding it back to the cluster we observed high packet loss from other cluster nodes to the 18.04 node as well as ping error messages when running a continuous ping from the 18.04 node to another node in the cluster, eg: 64 bytes from 10.8.11.1: icmp_seq=91 ttl=64 time=0.088 ms 64 bytes from 10.8.11.1: icmp_seq=92 ttl=64 time=0.076 ms ping: sendmsg: No buffer space available ping: sendmsg: No buffer space available ping: sendmsg: No buffer space available Another observation is that one of our daemonset pods (promtail) could not start. After many days of troubleshooting various possibilities, changing network cable, NIC, trying a different server, checking/changing various sysctl values, I eventually tried switching from systemd- networkd to NetworkManager as the backend via netplan config. After rebooting the server with NetworkManager in place and re-adding the node back to the k8s cluster, the packet loss disappeared as did the ping errors and the daemonset pod (promtail) also started normally. I would like to use Ubuntu's default of systemd-networkd to handle our NIC/route config - but cannot until I've figured out what in systemd- networkd is breaking. Any help is much appreciated on this matter. Thanks! Luke To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1886826/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557157] Re: apparmor profile denied for saslauthd: /run/saslauthd/mux
bionic verification
First reproducing the problem:
Version table:
*** 2.4.45+dfsg-1ubuntu1.5 500
500 http://br.archive.ubuntu.com/ubuntu bionic-updates/main amd64
Packages
500 http://br.archive.ubuntu.com/ubuntu bionic-security/main amd64
Packages
100 /var/lib/dpkg/status
Command fails:
root@bionic-openldap-saslauthd-1557157:~# ldapsearch -H ldapi:/// -LLL -b
'dc=example,dc=com' -s base -U root -Y PLAIN
SASL/PLAIN authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification failed
And dmesg shows the apparmor denial:
[17283.881912] audit: type=1400 audit(1594228773.536:453): apparmor="DENIED"
operation="connect"
namespace="root//lxd-bionic-openldap-saslauthd-1557157_"
profile="/usr/sbin/slapd" name="/run/saslauthd/mux" pid=153401 comm="slapd"
requested_mask="wr" denied_mask="wr" fsuid=1000111 ouid=100
With the updated package from proposed:
Version table:
*** 2.4.45+dfsg-1ubuntu1.6 500
500 http://br.archive.ubuntu.com/ubuntu bionic-proposed/main amd64
Packages
100 /var/lib/dpkg/status
The ldapsearch command works, and there is no apparmor error in dmesg:
root@bionic-openldap-saslauthd-1557157:~# ldapsearch -H ldapi:/// -LLL -b
'dc=example,dc=com' -s base -U root -Y PLAIN
SASL/PLAIN authentication started
Please enter your password:
SASL username: root
SASL SSF: 0
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example
Bionic verification succeeded.
** Tags removed: verification-needed-bionic
** Tags added: verification-done-bionic
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1557157
Title:
apparmor profile denied for saslauthd: /run/saslauthd/mux
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Trusty:
Won't Fix
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Eoan:
Fix Committed
Status in openldap source package in Focal:
Fix Committed
Status in openldap source package in Groovy:
Fix Released
Bug description:
[Impact]
When using openldap with sasl authentication, the slapd process will
communicate with the saslauthd daemon via a socket in
{,/var}/run/saslauthd/mux. Unfortunately, this will fail in every
Ubuntu release from trusty onwards, because slapd's apparmor profile
doesn't contain the necessary directive to allow it to read/write
from/to the socket specified above.
The fix is simple: just add the necessary directive to allow slapd to
read/write from/to the saslauthd socket.
[Test Case]
One can reproduce the problem by doing:
$ lxc launch ubuntu-daily:groovy openldap-bugbug1557157-groovy
$ lxc shell openldap-bugbug1557157-groovy
# apt install slapd sasl2-bin ldap-utils apparmor-utils
(As the domain name, use "example.com").
# sed -i -e 's/^START=.*/START=yes/' /etc/default/saslauthd
# cat > /etc/ldap/sasl2/slapd.conf << __EOF__
mech_list: PLAIN
pwcheck_method: saslauthd
__EOF__
# adduser openldap sasl
# aa-enforce /etc/apparmor.d/usr.sbin.slapd
# systemctl restart slapd.service
# systemctl restart saslauthd.service
# passwd root
(You can choose any password here. You will need to type it when
running the next command.)
# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root
-Y PLAIN
The command will fail with something like:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification
failed
[Regression Potential]
This is an extremely simple and well contained fix, so I don't
envision any possible regressions after applying it. It is important
noticing that, since the problem affects older Ubuntu releases, the
openldap package will have to be rebuilt against possible newer
versions of libraries and other depencencies, which, albeit unlikely,
may cause issues.
[Original Description]
When using slapd with saslauthd the processes communicate via the
{,/var}/run/saslauthd/mux socket (this is the default location for the
saslauthd server from the sasl2-bin package in the
/etc/default/saslauthd config), but the apparmor profile for
usr.sbin.slapd does not allow access to this socket/file.
Syslog message:
apparmor="DENIED" operation="connect" profile="/usr/sbin/slapd"
name="/run/saslauthd/mux" pid=1880
4 comm="slapd" requested_mask="r" denied_mask="r" fsuid=108 ouid=0
Please add the following line to /etc/apparmor.d/usr.sbin.slapd:
/{,var/}run/saslauthd/mux rw,
Ubuntu version: Ubuntu 14.04.4 LTS
slapd version: 2.4.31-1+nmu2ubu
To
[Touch-packages] [Bug 1886854] [NEW] Race in load-module snap policy check in classic confinement
Public bug reported: SUMMARY = When running a snap in classic confinement, that needs access to PA_COMMAND_LOAD_MODULE and PA_COMMAND_UNLOAD_MODULE. These sometimes succeed and sometimes fail with "Access denied". After running "pacmd unload-module module-snap-policy" and unloading the snap policy module, these work reliably. I have verified this in a fresh install of Ubuntu 20.04 in a VM. STEPS TO REPRODUCE = a) Either build a snap with classic confinement that sends these commands on the pulseaudio native protocol socket. (This is how I found the bug) b) Or, what I did here to easier reproduce, abuse the sandbox of a random classic snap: Download the attached bug.tgz with a minimal reproducer. It contains the source code for a program that sends load and unload commands to pulse. Unfortunately `pacmd` has a pid-file check that fails inside the sandbox and doesn't work. The reproducer does essentially the same as "pacmd load/unload-module" though. (a pre-compiled x64 binary is also included in case you don't have a go compiler and dare to run an untrusted binary in a VM) Unpack the tgz, build it, if necessary with "go mod download && go build" Grab a random classic mode snap to use its sandbox as a test bed: $ sudo snap install atom --classic atom 1.48.0 from Snapcrafters installed Open a shell in its sandbox: snap run --shell atom Navigate to the compiled binary and execute it a few times: user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:10 PulseAudio connection created successfully 2020/07/08 18:46:10 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:11 PulseAudio connection created successfully Loaded Module sucessfully at index: 40 user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:12 PulseAudio connection created successfully Loaded Module sucessfully at index: 41 user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:12 PulseAudio connection created successfully 2020/07/08 18:46:12 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:14 PulseAudio connection created successfully 2020/07/08 18:46:14 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:14 PulseAudio connection created successfully 2020/07/08 18:46:14 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied user@user-Standard-PC-Q35-ICH9-2009:~/bug$ ./bug 2020/07/08 18:46:15 PulseAudio connection created successfully 2020/07/08 18:46:15 Couldn't load module, error message: PulseAudio error: commandLoadModule -> Access denied Succeeds and fails apparently at random. Now from a non-sandboxed shell, run pacmd unload-module module-snap-policy to unload the snap-policy module from pulseaudio, now run ./bug a few more times. It now succeeds reliably, every time. Side note, with the real program on my actual machine, the race seems to behave slightly differently. It seems not to work the first time an application is started, but closing it and reopening it seems to make it work pretty reliably afterwards. Restarting "snapd", causes the following run the snap to fail again. EXPECTED BEHAVIOUR == The pulseaudio snap policy module should correctly determine and enforce it's policy. ACTUAL BEHAVIOUR The pulseaudio snap policy module seemingly at random denies access when the snap has the permissions to do an operation. ADDITIONAL INFORMATION == $ lsb_release -rd Description:Ubuntu 20.04 LTS Release:20.04 $ apt-cache policy pulseaudio pulseaudio: Installed: 1:13.99.1-1ubuntu3.3 Candidate: 1:13.99.1-1ubuntu3.3 Version table: *** 1:13.99.1-1ubuntu3.3 500 500 http://ch.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 100 /var/lib/dpkg/status 1:13.99.1-1ubuntu3.2 500 500 http://security.ubuntu.com/ubuntu focal-security/main amd64 Packages 1:13.99.1-1ubuntu3 500 500 http://ch.archive.ubuntu.com/ubuntu focal/main amd64 Packages ** Affects: pulseaudio (Ubuntu) Importance: Undecided Status: New ** Attachment added: "Code/binary to reproduce" https://bugs.launchpad.net/bugs/1886854/+attachment/5390823/+files/bug.tgz -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1886854 Title: Race in load-module snap policy check in classic confinement Status in pulseaudio package in Ubuntu: New Bug description: SUMMARY = When running a snap in
[Touch-packages] [Bug 1886826] Re: high packet loss on 18.04 with systemd-networkd
you should probably provide your network configuration ** Changed in: systemd (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1886826 Title: high packet loss on 18.04 with systemd-networkd Status in systemd package in Ubuntu: Incomplete Bug description: Description: Ubuntu 18.04.4 LTS Release: 18.04 systemctl --version systemd 237 +PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid Our issue is that we have a k8s (1.18, kube-router CNI) cluster comprised of a number of Ubuntu 16.04 nodes, we are in the process of upgrading the nodes to Ubuntu 18.04 - however after upgrading the first node and adding it back to the cluster we observed high packet loss from other cluster nodes to the 18.04 node as well as ping error messages when running a continuous ping from the 18.04 node to another node in the cluster, eg: 64 bytes from 10.8.11.1: icmp_seq=91 ttl=64 time=0.088 ms 64 bytes from 10.8.11.1: icmp_seq=92 ttl=64 time=0.076 ms ping: sendmsg: No buffer space available ping: sendmsg: No buffer space available ping: sendmsg: No buffer space available Another observation is that one of our daemonset pods (promtail) could not start. After many days of troubleshooting various possibilities, changing network cable, NIC, trying a different server, checking/changing various sysctl values, I eventually tried switching from systemd- networkd to NetworkManager as the backend via netplan config. After rebooting the server with NetworkManager in place and re-adding the node back to the k8s cluster, the packet loss disappeared as did the ping errors and the daemonset pod (promtail) also started normally. I would like to use Ubuntu's default of systemd-networkd to handle our NIC/route config - but cannot until I've figured out what in systemd- networkd is breaking. Any help is much appreciated on this matter. Thanks! Luke To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1886826/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1659719] Re: ssh can't call a binary from a snap without the full path
The inconsistency between login and openssh session module ordering is still an issue. Reopening. ** Changed in: openssh (Ubuntu Groovy) Status: Won't Fix => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/1659719 Title: ssh can't call a binary from a snap without the full path Status in Snappy: Fix Committed Status in livecd-rootfs package in Ubuntu: Fix Released Status in openssh package in Ubuntu: Confirmed Status in pam package in Ubuntu: Confirmed Status in snapd package in Ubuntu: Confirmed Status in livecd-rootfs source package in Groovy: Fix Released Status in openssh source package in Groovy: Confirmed Status in pam source package in Groovy: Confirmed Status in snapd source package in Groovy: Confirmed Bug description: ssh can't call a binary from a snap, it will only work using the full path. Let's say I have the hello snap installed in 192.168.122.24. Then: elopio@ubuntu-xenial:~/mosh$ ssh 192.168.122.24 hello elopio@192.168.122.24's password: bash: hello: command not found elopio@ubuntu-xenial:~/mosh$ ssh 192.168.122.24 /snap/bin/hello elopio@192.168.122.24's password: Hello, world! To manage notifications about this bug go to: https://bugs.launchpad.net/snappy/+bug/1659719/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1659719] Re: ssh can't call a binary from a snap without the full path
Given Colin's comment 12, it doesn't look like there are any plans to change this in openssh packaging so I'll mark this Won't Fix. ** Changed in: openssh (Ubuntu Groovy) Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/1659719 Title: ssh can't call a binary from a snap without the full path Status in Snappy: Fix Committed Status in livecd-rootfs package in Ubuntu: Fix Released Status in openssh package in Ubuntu: Confirmed Status in pam package in Ubuntu: Confirmed Status in snapd package in Ubuntu: Confirmed Status in livecd-rootfs source package in Groovy: Fix Released Status in openssh source package in Groovy: Won't Fix Status in pam source package in Groovy: Confirmed Status in snapd source package in Groovy: Confirmed Bug description: ssh can't call a binary from a snap, it will only work using the full path. Let's say I have the hello snap installed in 192.168.122.24. Then: elopio@ubuntu-xenial:~/mosh$ ssh 192.168.122.24 hello elopio@192.168.122.24's password: bash: hello: command not found elopio@ubuntu-xenial:~/mosh$ ssh 192.168.122.24 /snap/bin/hello elopio@192.168.122.24's password: Hello, world! To manage notifications about this bug go to: https://bugs.launchpad.net/snappy/+bug/1659719/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557157] Autopkgtest regression report (openldap/2.4.49+dfsg-2ubuntu1.3)
All autopkgtests for the newly accepted openldap (2.4.49+dfsg-2ubuntu1.3) for
focal have finished running.
The following regressions have been reported in tests triggered by the package:
apache2/2.4.41-4ubuntu3 (armhf)
cyrus-imapd/3.0.13-5 (armhf)
kopanocore/8.7.0-7ubuntu1 (armhf)
Please visit the excuses page listed below and investigate the failures,
proceeding afterwards as per the StableReleaseUpdates policy regarding
autopkgtest regressions [1].
https://people.canonical.com/~ubuntu-archive/proposed-
migration/focal/update_excuses.html#openldap
[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions
Thank you!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1557157
Title:
apparmor profile denied for saslauthd: /run/saslauthd/mux
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Trusty:
Won't Fix
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Eoan:
Fix Committed
Status in openldap source package in Focal:
Fix Committed
Status in openldap source package in Groovy:
Fix Released
Bug description:
[Impact]
When using openldap with sasl authentication, the slapd process will
communicate with the saslauthd daemon via a socket in
{,/var}/run/saslauthd/mux. Unfortunately, this will fail in every
Ubuntu release from trusty onwards, because slapd's apparmor profile
doesn't contain the necessary directive to allow it to read/write
from/to the socket specified above.
The fix is simple: just add the necessary directive to allow slapd to
read/write from/to the saslauthd socket.
[Test Case]
One can reproduce the problem by doing:
$ lxc launch ubuntu-daily:groovy openldap-bugbug1557157-groovy
$ lxc shell openldap-bugbug1557157-groovy
# apt install slapd sasl2-bin ldap-utils apparmor-utils
(As the domain name, use "example.com").
# sed -i -e 's/^START=.*/START=yes/' /etc/default/saslauthd
# cat > /etc/ldap/sasl2/slapd.conf << __EOF__
mech_list: PLAIN
pwcheck_method: saslauthd
__EOF__
# adduser openldap sasl
# aa-enforce /etc/apparmor.d/usr.sbin.slapd
# systemctl restart slapd.service
# systemctl restart saslauthd.service
# passwd root
(You can choose any password here. You will need to type it when
running the next command.)
# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root
-Y PLAIN
The command will fail with something like:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification
failed
[Regression Potential]
This is an extremely simple and well contained fix, so I don't
envision any possible regressions after applying it. It is important
noticing that, since the problem affects older Ubuntu releases, the
openldap package will have to be rebuilt against possible newer
versions of libraries and other depencencies, which, albeit unlikely,
may cause issues.
[Original Description]
When using slapd with saslauthd the processes communicate via the
{,/var}/run/saslauthd/mux socket (this is the default location for the
saslauthd server from the sasl2-bin package in the
/etc/default/saslauthd config), but the apparmor profile for
usr.sbin.slapd does not allow access to this socket/file.
Syslog message:
apparmor="DENIED" operation="connect" profile="/usr/sbin/slapd"
name="/run/saslauthd/mux" pid=1880
4 comm="slapd" requested_mask="r" denied_mask="r" fsuid=108 ouid=0
Please add the following line to /etc/apparmor.d/usr.sbin.slapd:
/{,var/}run/saslauthd/mux rw,
Ubuntu version: Ubuntu 14.04.4 LTS
slapd version: 2.4.31-1+nmu2ubu
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557157/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1882636] Re: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1873777
emms@betty:~$ dpkg -l | grep glib-networking ii glib-networking:amd642.64.2-1ubuntu0.1 amd64network-related giomodules for GLib ii glib-networking-common 2.64.2-1ubuntu0.1 all network-related giomodules for GLib - data files ii glib-networking-services 2.64.2-1ubuntu0.1 amd64network-related giomodules for GLib - D-Bus services ii glib-networking-tests2.64.2-1ubuntu0.1 amd64network-related giomodules for GLib - installed tests -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to glib-networking in Ubuntu. https://bugs.launchpad.net/bugs/1882636 Title: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1873777 Status in glib-networking package in Ubuntu: Incomplete Bug description: OS: Pop!_OS 20.04 LTS x86_64 Host: XPS 13 9370 Kernel: 5.4.0-7634-generic Uptime: 2 hours, 50 mins Packages: 1817 (dpkg), 20 (snap) Shell: bash 5.0.16 Resolution: 1920x1080 DE: GNOME WM: Mutter WM Theme: Pop Theme: Pop-dark [GTK2/3] Icons: Pop [GTK2/3] Terminal: gnome-terminal CPU: Intel i5-8250U (8) @ 3.400GHz GPU: Intel UHD Graphics 620 Memory: 3322MiB / 15729MiB Summary(cont) - Attempt to input Google account info into online account util and get error--> TLS/SSL support not available; install glib-networking. https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1873777 Referenced this BUG REPORT ##Downloaded Deb build but I'm having an issue applying appropriate inputs in the provided documentation. Please help!## To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1882636/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886836] [NEW] gdb crashes on printing allocatable array in Fortran derived type
Public bug reported: Package: gdb (8.1-0ubuntu3.2 Ubuntu:18.04/bionic-updates [amd64]) Ubuntu Release: Ubuntu 18.04.4 LTS Bug occurs when trying to print allocatable or pointer component of a Fortran derived-type structure in gdb. Expected behavior: gdb prints the contents of array BUFFER%ALPHA in the MWE below. Observed behavior: See upstream report https://sourceware.org/bugzilla/show_bug.cgi?id=23051 When trying to print BUFFER%ALPHA, gdb crashes. The MWE copied form the above link is: 1 PROGRAM allocate_array 2 3 TYPE L_BUFFER 4 REAL, DIMENSION(:), POINTER :: ALPHA 5 END TYPE L_BUFFER 6 TYPE(L_BUFFER), POINTER :: BUFFER 7 8 ALLOCATE(BUFFER) 9 10 ALLOCATE(BUFFER%ALPHA(5)) 11 12 BUFFER%ALPHA(5)=0.0078 13 print *, buffer%alpha 14 15 END PROGRAM allocate_array And the gdb output reads: Breakpoint 1, allocate_array () at allocate_array.F90:13 13print *, buffer%alpha (gdb) i lo buffer = 0x603f80 (gdb) p *buffer $1 = ( value.c:3116: internal-error: value* value_primitive_field(value*, LONGEST, int, type*): Assertion `PROP_CONST == TYPE_DATA_LOCATION_KIND (type)' failed. A problem internal to GDB has been detected, further debugging may prove unreliable. Quit this debugging session? (y or n) n The same error can be observed from inside a type-bound procedure when trying to print THIS%ALPHA (where this is the instance variable). The assertion fails since TYPE_DATA_LOCATION_KIND (type) is PROP_LOCEXPR. A standalone allocatable array has the property type PROP_CONST, as expected. This bug renders debugging of Fortran code with visual tools (vscode, eclipse, etc.) very difficult as the components are parsed automatically, leading to a crash. ** Affects: gdb (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gdb in Ubuntu. https://bugs.launchpad.net/bugs/1886836 Title: gdb crashes on printing allocatable
[Touch-packages] [Bug 1886809] Re: Pulse connect VPN exists because unwanted avahi network starts
** Tags added: bionic focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to avahi in Ubuntu. https://bugs.launchpad.net/bugs/1886809 Title: Pulse connect VPN exists because unwanted avahi network starts Status in avahi package in Ubuntu: New Bug description: Pulse VPNs exists very often because avahi enforces network 192.250.0.0/0 over tun0 interface. The message error is: rmon.error Unauthorized new route to 169.254.0.0/0.0.0.0 has been added (conflicts with our route to 0.0.0.0), disconnecting (routemon.cpp:598) No matter the options to skip avahi on /etc/default/avahi-daemon, it always calls /etc/network/if-up.d/avahi-autoipd and raises this discovery network. A fix can be done patching /etc/network/if-up.d/avahi-autoipd to skip any tunnel interface. --- /etc/network/if-up.d/avahi-autoipd.dpkg-old 2020-07-08 13:25:41.834569800 +0200 +++ /etc/network/if-up.d/avahi-autoipd 2020-07-07 10:07:37.68581 +0200 @@ -11,6 +11,10 @@ [ -x /usr/sbin/avahi-autoipd ] || exit 0 +case "$IFACE" in + tun*) exit 0 ;; +esac + [ "$IFACE" != "lo" ] || exit 0 case "$ADDRFAM" in inet) ;; To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1886809/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886835] Re: crashes to login screen, uvc related stuff blinks on console
Also, this is the very last thing I see on dmesg just after relogging: ``` [469698.684830] Bluetooth: hci0: Hardware error 0x0a [469698.694845] Bluetooth: hci0: Retrieving Intel exception info failed (-16) [469698.795777] debugfs: File 'le_min_key_size' in directory 'hci0' already present! [469698.795781] debugfs: File 'le_max_key_size' in directory 'hci0' already present! ``` (might be unrelated? I have a bluetooth mouse and nothing else) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/1886835 Title: crashes to login screen, uvc related stuff blinks on console Status in lightdm package in Ubuntu: New Bug description: I started getting random crashes to login screen, about twice a day. When crashes I briefly see some logging output to screen mentioning "UVC Control" or uvcview. I'm not using the webcam when the system crashes. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: lightdm 1.26.0-0ubuntu1 ProcVersionSignature: Ubuntu 5.3.0-61.55~18.04.1-generic 5.3.18 Uname: Linux 5.3.0-61-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.15 Architecture: amd64 CurrentDesktop: Unity:Unity7:ubuntu Date: Wed Jul 8 11:55:34 2020 InstallationDate: Installed on 2020-02-12 (146 days ago) InstallationMedia: Ubuntu 18.04.4 LTS "Bionic Beaver" - Release amd64 (20200203.1) SourcePackage: lightdm UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1886835/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886557] Re: [HDA-Intel - HDA ATI SB, playback] No sound at all
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: alsa-driver (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1886557 Title: [HDA-Intel - HDA ATI SB, playback] No sound at all Status in alsa-driver package in Ubuntu: Confirmed Bug description: I cannot install any of the installed players. Always messages: error ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: alsa-base 1.0.25+dfsg-0ubuntu5 ProcVersionSignature: Ubuntu 5.3.0-62.56-generic 5.3.18 Uname: Linux 5.3.0-62-generic x86_64 ApportVersion: 2.20.11-0ubuntu8.9 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC1: jean 6364 F pulseaudio /dev/snd/controlC0: jean 6364 F pulseaudio CurrentDesktop: ubuntu:GNOME Date: Mon Jul 6 19:47:29 2020 InstallationDate: Installed on 2020-07-03 (2 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017) PackageArchitecture: all ProcEnviron: PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=de_DE.UTF-8 SHELL=/bin/bash SourcePackage: alsa-driver Symptom: audio Symptom_AlsaPlaybackTest: ALSA playback test through plughw:SB failed Symptom_Card: Eingebautes Tongerät - HDA ATI SB Symptom_DevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC1: jean 6364 F pulseaudio /dev/snd/controlC0: jean 6364 F pulseaudio Symptom_Type: No sound at all Title: [HDA-Intel - HDA ATI SB, playback] No sound at all UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 04/15/2011 dmi.bios.vendor: Packard Bell dmi.bios.version: V1.10 dmi.board.name: EasyNote TK11BZ dmi.board.vendor: Packard Bell dmi.board.version: V1.10 dmi.chassis.type: 10 dmi.chassis.vendor: Chassis Manufacturer dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnPackardBell:bvrV1.10:bd04/15/2011:svnPackardBell:pnEasyNoteTK11BZ:pvrV1.10:rvnPackardBell:rnEasyNoteTK11BZ:rvrV1.10:cvnChassisManufacturer:ct10:cvrChassisVersion: dmi.product.family: Type1Family dmi.product.name: EasyNote TK11BZ dmi.product.sku: 123456789 dmi.product.version: V1.10 dmi.sys.vendor: Packard Bell To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1886557/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886835] [NEW] crashes to login screen, uvc related stuff blinks on console
Public bug reported: I started getting random crashes to login screen, about twice a day. When crashes I briefly see some logging output to screen mentioning "UVC Control" or uvcview. I'm not using the webcam when the system crashes. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: lightdm 1.26.0-0ubuntu1 ProcVersionSignature: Ubuntu 5.3.0-61.55~18.04.1-generic 5.3.18 Uname: Linux 5.3.0-61-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.15 Architecture: amd64 CurrentDesktop: Unity:Unity7:ubuntu Date: Wed Jul 8 11:55:34 2020 InstallationDate: Installed on 2020-02-12 (146 days ago) InstallationMedia: Ubuntu 18.04.4 LTS "Bionic Beaver" - Release amd64 (20200203.1) SourcePackage: lightdm UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: lightdm (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug bionic third-party-packages -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lightdm in Ubuntu. https://bugs.launchpad.net/bugs/1886835 Title: crashes to login screen, uvc related stuff blinks on console Status in lightdm package in Ubuntu: New Bug description: I started getting random crashes to login screen, about twice a day. When crashes I briefly see some logging output to screen mentioning "UVC Control" or uvcview. I'm not using the webcam when the system crashes. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: lightdm 1.26.0-0ubuntu1 ProcVersionSignature: Ubuntu 5.3.0-61.55~18.04.1-generic 5.3.18 Uname: Linux 5.3.0-61-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.15 Architecture: amd64 CurrentDesktop: Unity:Unity7:ubuntu Date: Wed Jul 8 11:55:34 2020 InstallationDate: Installed on 2020-02-12 (146 days ago) InstallationMedia: Ubuntu 18.04.4 LTS "Bionic Beaver" - Release amd64 (20200203.1) SourcePackage: lightdm UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lightdm/+bug/1886835/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1884265] Re: [fips] Not fully initialized digest segfaulting some client applications
@j-latten: please let me know if I can provide any help with this.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssl in Ubuntu.
https://bugs.launchpad.net/bugs/1884265
Title:
[fips] Not fully initialized digest segfaulting some client
applications
Status in openssl package in Ubuntu:
New
Status in openssl source package in Bionic:
New
Bug description:
In FIPS mode on Bionic MD5 is semi-disabled causing some applications
to segfault.
Test case:
sudo apt install ntp
ntpq -p
Segmentation fault (core dumped)
What happens there is ntpq wants to iterate all available digests
(list_digest_names in ntpq.c). It uses EVP_MD_do_all_sorted for this
task.
EVP_MD_do_all_sorted eventually runs openssl_add_all_digests_int in c_alld.c.
For FIPS mode it adds:
EVP_add_digest(EVP_md5());
What happens later in ntpq is (list_md_fn function inside ntpq.c):
ctx = EVP_MD_CTX_new();
EVP_DigestInit(ctx, EVP_get_digestbyname(name));
EVP_DigestFinal(ctx, digest, _len);
First digest it gets is MD5, but while running EVP_DigestInit for it, it gets
to this point (openssl/crypto/evp/digest.c EVP_DigestInit_ex):
#ifdef OPENSSL_FIPS
if (FIPS_mode()) {
if (!(type->flags & EVP_MD_FLAG_FIPS)
&& !(ctx->flags & EVP_MD_CTX_FLAG_NON_FIPS_ALLOW)) {
EVPerr(EVP_F_EVP_DIGESTINIT_EX, EVP_R_DISABLED_FOR_FIPS);
return 0;
}
}
#endif
Due to type->flags for MD5 being 0 there's an error set
(EVP_R_DISABLED_FOR_FIPS).
After getting back to ntpq.c:
ctx->engine and ctx->digest are not set (due to the mentioned error), hence
inside EVP_DigestFinal_ex (openssl/crypto/evp/digest.c)
OPENSSL_assert(ctx->digest->md_size <= EVP_MAX_MD_SIZE);
causes a segfault (ctx->digest is NULL).
So either MD5 shouldn't be added in FIPS mode or it should have the
EVP_MD_FLAG_FIPS to be properly initialized.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1884265/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1866303] Re: slapd crash with pwdAccountLockedTime and stacked overlays
Xenial verification
Reproducing the error:
root@xenial-openldap-saslauthd-1557157:~# ldapsearch -H ldapi:/// -LLL -b
'dc=example,dc=com' -s base -U root -Y PLAIN
SASL/PLAIN authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification failed
And dmesg:
[qua jul 8 11:50:42 2020] audit: type=1400 audit(1594219843.513:405):
apparmor="DENIED" operation="connect"
namespace="root//lxd-xenial-openldap-saslauthd-1557157_"
profile="/usr/sbin/slapd" name="/run/saslauthd/mux" pid=83468 comm="slapd"
requested_mask="wr" denied_mask="wr" fsuid=1000112 ouid=100
With the updated packages, ldapsearch works:
root@xenial-openldap-saslauthd-1557157:~# apt-cache policy slapd
slapd:
Installed: 2.4.42+dfsg-2ubuntu3.9
Candidate: 2.4.42+dfsg-2ubuntu3.9
Version table:
*** 2.4.42+dfsg-2ubuntu3.9 500
500 http://br.archive.ubuntu.com/ubuntu xenial-proposed/main amd64
Packages
100 /var/lib/dpkg/status
...
root@xenial-openldap-saslauthd-1557157:~# ldapsearch -H ldapi:/// -LLL -b
'dc=example,dc=com' -s base -U root -Y PLAIN
SASL/PLAIN authentication started
Please enter your password:
SASL username: root
SASL SSF: 0
dn: dc=example,dc=com
objectClass: top
objectClass: dcObject
objectClass: organization
o: example
dc: example
And no dmesg apparmor error.
Xenial verification succeeded.
** Tags removed: verification-needed-xenial
** Tags added: verification-done-xenial
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1866303
Title:
slapd crash with pwdAccountLockedTime and stacked overlays
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Disco:
Won't Fix
Status in openldap source package in Eoan:
Fix Committed
Status in openldap package in Debian:
Fix Released
Bug description:
[Impact]
In the configuration and conditions described below, slapd can crash:
1. ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
[Test Case]
* get the files from the bug:
mkdir slapd-test-case; cd slapd-test-case
wget -ct0
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334194/+files/slapd.conf
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334195/+files/data.ldif
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334196/+files/samba.schema
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334197/+files/script
* run the script:
sudo apt update && sudo sh ./script
* With the bug, the result is:
ldap_bind: Invalid credentials (49)
slapd dead
* If when confirming the bug you don't see "slapd dead" like above,
check manually, as slapd might have been in the process of shutting
down when the script checked its status: "sudo systemctl status slapd"
* With the fixed packages, you get a living slapd at the end (you can
run the script again on the same system after updating the packages):
sudo sh ./script
...
slapd running
ldap_bind: Invalid credentials (49)
slapd running
[Regression Potential]
The fix is in the password policy overlay (not enabled by default), so any
regressions would be around that area and could potentially impact
authentication ("binding") to openldap.
[Other Info]
This was fixed in focal and "cooked" there for a long while, as suggested by
the Debian maintainer. We haven't received further bug reports about this in
focal+.
[Original Description]
Hello,
Please merge openldap 2.4.49+dfsg-2 from Debian unstable to fix an
issue in the ppolicy overlay that can crash slapd. Please also
consider SRUing the patch after it has had some testing time.
Upstream: https://openldap.org/its/?findid=9171
Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953150
The ingredients for the crash are:
1: ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
The buggy code is not as specific as the above steps, so I suspect
there are probably other configurations or steps that can trigger the
same crash.
I will attach my test script and data for reproducing the crash.
Expected output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd running
Actual output
[Touch-packages] [Bug 1885562] Re: [fips] freebl_fipsSoftwareIntegrityTest fails in FIPS mode
@richardmaciel please let me know if I can help you with anything with regard to this bug. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to nss in Ubuntu. https://bugs.launchpad.net/bugs/1885562 Title: [fips] freebl_fipsSoftwareIntegrityTest fails in FIPS mode Status in nss package in Ubuntu: New Status in nss source package in Bionic: New Bug description: In FIPS mode there are some additional checks performed. They lead to verifying binaries signatures. Those signatures are shipped in the libnss3 package as *.chk files installed in /usr/lib/$(DEB_HOST_MULTIARCH)/nss. Along with those files are the libraries themselves (libfreebl3.so libfreeblpriv3.so libnssckbi.so libnssdbm3.so libsoftokn3.so). Those libraries are symlinked to be present in /usr/lib/$(DEB_HOST_MULTIARCH): ls -l /usr/lib/x86_64-linux-gnu/libfreeblpriv3.so lrwxrwxrwx 1 root root 21 Jun 10 18:54 /usr/lib/x86_64-linux-gnu/libfreeblpriv3.so -> nss/libfreeblpriv3.so The client binaries are linked against the symlinks, so when the verification happens (lib/freebl/shvfy.c) the mkCheckFileName function takes path to the symlink to the shlib and replaces the .so extension with .chk. Then it tries to open that file. Obviosly it fails, because the actual file is in /usr/lib/$(DEB_HOST_MULTIARCH)/nss. [Test case] sudo apt install chrony sudo chronyd -d chronyd: util.c:373 UTI_IPToRefid: Assertion `MD5_hash >= 0' failed. Potential solutions: Solution A: Drop the /usr/lib/$(DEB_HOST_MULTIARCH)/nss directory and put all signatures and libs in /usr/lib/$(DEB_HOST_MULTIARCH). Solution B: Create symlinks to *.chk files in /usr/lib/$(DEB_HOST_MULTIARCH) (like it is done for *.so). Solution C: Implement and upstream NSS feature of resolving symlinks and looking for *.chk where the symlinks lead to. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1885562/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886814] Re: posix_spawn usage in gnu make causes failures on s390x
** Tags added: architecture-s39064 bugnameltc-186737 severity-high targetmilestone-inin2004 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to make-dfsg in Ubuntu. https://bugs.launchpad.net/bugs/1886814 Title: posix_spawn usage in gnu make causes failures on s390x Status in Ubuntu on IBM z Systems: New Status in glibc package in Ubuntu: New Status in linux package in Ubuntu: Incomplete Status in make-dfsg package in Ubuntu: New Bug description: posix_spawn usage in gnu make causes failures on s390x Recently in gnu-make v4.3 https://paste.ubuntu.com/p/tYhbJFKN76/ it started to use posix_spawn, instead of fork()/exec(). This has caused failure of an unrelated package flatpak-builder autopkgtests on s390x only, like so echo Building make: echo: Operation not permitted make: *** [Makefile:2: all] Error 127 Julian Klaude investigated this in-depth. His earlier research also indicated that this is a heisenbug, if one tries to print to stderr before printing to stdout, no issue occurs. We are configuring GNU make to be build with --disable-posix-spawn on s390x only. We passed these details to Debian https://bugs.debian.org /cgi-bin/bugreport.cgi?bug=964541 too. But I do wonder, if there is something different or incorrect about posix_spawn() implementation in either glibc, or linux kernel, on s390x. Or gnu-make's usage of posix_spawn(). As otherise, using posix_spawn() in gnu-make works on other architectures, and flatpak-builder autopkgtests pass too. It seems very weird that stdout does not appear to be functional, unless stderr was opened/written to, from gnu-make execution compiled with posix-spawn feature. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1886814/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886128] Re: systemd-resolved does not resolve address due to udp payload size.
Added log as attachment
** Attachment added: "pcap.log"
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1886128/+attachment/5390800/+files/pcap.log
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1886128
Title:
systemd-resolved does not resolve address due to udp payload size.
Status in systemd package in Ubuntu:
Incomplete
Bug description:
Description: Ubuntu 18.04.4 LTS
Release: 18.04
systemd-resolve --version
systemd 237
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP
+GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN
-PCRE2 default-hierarchy=hybrid
We met an error: on an attempt to resolve address, the following issue
appears:
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>>
mharder-formrec.cognitiveservices.azure.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 44096
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;mharder-formrec.cognitiveservices.azure.com. IN A
;; Query time: 231 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Tue Apr 28 20:47:14 UTC 2020
;; MSG SIZE rcvd: 72
Let me provide you important notes about the issue:
1) It's not reproducing on Ubuntu 16;
2) Bypassing systemd-resolve - everything works fine;
3) Only the difference between systemd-resolve and END is UDP_PAYLOAD_SIZE
Successful query:
113516:27:25.964386 10.1.0.4168.63.129.16 DNS 128
Standard query 0xc2d4 A mharder-formrec.cognitiveservices.azure.com
OPT
Domain Name System (query)
Transaction ID: 0xc2d4
Flags: 0x0120 Standard query
0... = Response: Message is a query
.000 0... = Opcode: Standard query (0)
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
.0.. = Z: reserved (0)
..1. = AD bit: Set
...0 = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
mharder-formrec.cognitiveservices.azure.com: type A, class IN
Additional records
: type OPT
Name:
Type: OPT (41)
UDP payload size: 4096
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x
0... = DO bit: Cannot handle DNSSEC security
RRs
.000 = Reserved: 0x
Data length: 12
Option: COOKIE
Unsuccessful query:
112816:27:25.713886 10.1.0.4168.63.129.16 DNS 116
Standard query 0x198d A mharder-formrec.cognitiveservices.azure.com
OPT
Domain Name System (query)
Transaction ID: 0x198d
Flags: 0x0100 Standard query
0... = Response: Message is a query
.000 0... = Opcode: Standard query (0)
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
.0.. = Z: reserved (0)
...0 = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
mharder-formrec.cognitiveservices.azure.com: type A, class IN
Additional records
: type OPT
Name:
Type: OPT (41)
UDP payload size: 512
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x
0... = DO bit: Cannot handle DNSSEC security
RRs
.000 = Reserved: 0x
Data length: 0
Notable difference:
Success:
UDP payload size: 4096
Failure:
UDP payload size: 512
And notable differences in the responses:
Success:
Flags: 0x8180 Standard query response, No error
..0. = Truncated: Message is not truncated
Failure:
Flags: 0x8380 Standard query response, No error
..1. = Truncated: Message is truncated
Interestingly, systemd-resolved is setting the maximum payload size to 512
regardless of whether EDNS0 is configured and regardless of what is sent to it
for the payload size.
I tried to found a way to change UDP_PAYLOAD_SIZE,but it seems it is only
possible to change it only with direct code modifications.
To manage notifications about this bug go to:
[Touch-packages] [Bug 1688018] Re: DNS server from vpn connection is not being used after network-manager upgrade to 1.2.6
** Tags removed: sts-sponsor-volunteer ** Tags added: seg -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1688018 Title: DNS server from vpn connection is not being used after network-manager upgrade to 1.2.6 Status in network-manager package in Ubuntu: Triaged Status in network-manager source package in Xenial: In Progress Status in network-manager source package in Yakkety: Won't Fix Bug description: This was initially opened as #1671606 then later duped to #1639776. Discussion in #1639776 indicate that we need new bug for this so I am opening one ... Please don't mark this as duplicate to #1639776 or other similar bug report. We already lost several months and we are again at beginning ... TL;DR; -> network-manager-1.2.2-0ubuntu0.16.04.4 use DNS defined by VPN (correct). network-manager-1.2.6-0ubuntu0.16.04.1 use DNS from DHCP instead of one defined by VPN (wrong). DNS resolver should query only DNS servers defined by VPN while connection is active. = Test steps / result: - upgraded network-manager to 1.2.6-0ubuntu0.16.04.1 (dnsmasq-base-2.75-1ubuntu0.16.04.2) - restated my laptop to ensure clean start - connected to VPN using openconnect / network-manager-openconnect-gnome Observed results -> DNS queries are forwarded only to DNS servers defined by LAN connection (this is wrong / connection not working at all) - "killall dnsmasq" - dnsmasq get automatically restarted by system Observed results -> most of the the queries are forwarded to DNS servers defined by VPN, but lot of queries get forwarded to DNS servers defined by LAN connection (this is still wrong / DNS leaks, attacker can hijack connection even if VPN is enabled) - I downgraded back network-manager to 1.2.2-0ubuntu0.16.04.4 (dnsmasq-base stay same) - restated my laptop to ensure clean test - connected to same VPN using openconnect Observed results -> DNS queries are forwarded only to DNS servers defined by VPN connection. There are no leaks to LAN DNS server (this is correct behavior). = Paul Smith requested additional details in #1639776. Here are: * If you're using IPv4 vs. IPv6 -> IPv4 only. I have IPv6 set to ignore on all network definition (lan / wifi /vpn) * If you have checked or unchecked the "Use this connection only for resources on its network" -> unchecked on all nw definition * If you have this checked, try unchecking it and see if that makes a difference -> no change if I toggle this option. Behavior is same. * When you say "DNS lookups" please be clear about whether the hostnames being looked up are public (e.g., www.google.com or whatever), on your local LAN, or in the network accessed via the VPN. Does it make a difference which one you choose? -> No difference. * Are you using fully-qualified hostnames, or relying on the DNS domain search path? Does it make a difference if you do it differently? -> I normaly use FQDN due to nature of HTTPs cert validation. I don't see difference when I try same using hostname + domain search. = I am using openconnect (cisco) and openvpn. Test result are by using openconnect but I saw same behaviour also while using openvpn. = Thanks Lukas To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1688018/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1882161] Re: module-switch-on-port-avaiable: switch the port on ucm devices based on the priority
** Changed in: pulseaudio (Ubuntu Focal) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1882161 Title: module-switch-on-port-avaiable: switch the port on ucm devices based on the priority Status in HWE Next: New Status in OEM Priority Project: New Status in pulseaudio package in Ubuntu: Fix Released Status in pulseaudio source package in Focal: Fix Committed Status in pulseaudio source package in Groovy: Fix Released Bug description: This bug originates from an OEM private bug #1875597, then ubuntu users reported 2 public bugs #1871329 and #1881659. The 2nd issue of #1871329 and the 1st issue of #1881659 have the same root cause as #1875597 [Impact] On the Dell machines with multi function audio jack, after installing the ubuntu 20.04 and if the audio driver is sof instead of legacy hda, the headphone/headset can't output sound automatically after users plug in a headphone/headset. This is different from ubuntu 18.04, on the 18.04, the headphone/headset could output sound automatically after plugging in the audio jack. [Fix] The root cause is the ucm2 conf defines 2 input devices: the Mic2 and Headset MIC, and the pulseaudio parse the input device Headset MIC first then Mic2, finally the audio jack is set to Mic2 mode, this make the audio jack can't output sound anymore. To fix it, let the audio jack set to Headset MIC mode by default (Headset MIC has higher priority than Mic2 in the ucm2 conf), to do so, let pulseaudio send the device event to module-switch-on-port-available by the order of priority in the umc2. [Test Case] applying the fix patch to pulseaudio, plug a headset/headphone to the multi function audio jack, play sound from headset/headphone, the sound could be heard from headset/headphone. [Regression Risk] Low, just do a small change to store the ucm devices by their priority. and upstream just merged this patch. To manage notifications about this bug go to: https://bugs.launchpad.net/hwe-next/+bug/1882161/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886826] [NEW] high packet loss on 18.04 with systemd-networkd
Public bug reported: Description:Ubuntu 18.04.4 LTS Release:18.04 systemctl --version systemd 237 +PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid Our issue is that we have a k8s (1.18, kube-router CNI) cluster comprised of a number of Ubuntu 16.04 nodes, we are in the process of upgrading the nodes to Ubuntu 18.04 - however after upgrading the first node and adding it back to the cluster we observed high packet loss from other cluster nodes to the 18.04 node as well as ping error messages when running a continuous ping from the 18.04 node to another node in the cluster, eg: 64 bytes from 10.8.11.1: icmp_seq=91 ttl=64 time=0.088 ms 64 bytes from 10.8.11.1: icmp_seq=92 ttl=64 time=0.076 ms ping: sendmsg: No buffer space available ping: sendmsg: No buffer space available ping: sendmsg: No buffer space available Another observation is that one of our daemonset pods (promtail) could not start. After many days of troubleshooting various possibilities, changing network cable, NIC, trying a different server, checking/changing various sysctl values, I eventually tried switching from systemd-networkd to NetworkManager as the backend via netplan config. After rebooting the server with NetworkManager in place and re-adding the node back to the k8s cluster, the packet loss disappeared as did the ping errors and the daemonset pod (promtail) also started normally. I would like to use Ubuntu's default of systemd-networkd to handle our NIC/route config - but cannot until I've figured out what in systemd- networkd is breaking. Any help is much appreciated on this matter. Thanks! Luke ** Affects: systemd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1886826 Title: high packet loss on 18.04 with systemd-networkd Status in systemd package in Ubuntu: New Bug description: Description: Ubuntu 18.04.4 LTS Release: 18.04 systemctl --version systemd 237 +PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN -PCRE2 default-hierarchy=hybrid Our issue is that we have a k8s (1.18, kube-router CNI) cluster comprised of a number of Ubuntu 16.04 nodes, we are in the process of upgrading the nodes to Ubuntu 18.04 - however after upgrading the first node and adding it back to the cluster we observed high packet loss from other cluster nodes to the 18.04 node as well as ping error messages when running a continuous ping from the 18.04 node to another node in the cluster, eg: 64 bytes from 10.8.11.1: icmp_seq=91 ttl=64 time=0.088 ms 64 bytes from 10.8.11.1: icmp_seq=92 ttl=64 time=0.076 ms ping: sendmsg: No buffer space available ping: sendmsg: No buffer space available ping: sendmsg: No buffer space available Another observation is that one of our daemonset pods (promtail) could not start. After many days of troubleshooting various possibilities, changing network cable, NIC, trying a different server, checking/changing various sysctl values, I eventually tried switching from systemd- networkd to NetworkManager as the backend via netplan config. After rebooting the server with NetworkManager in place and re-adding the node back to the k8s cluster, the packet loss disappeared as did the ping errors and the daemonset pod (promtail) also started normally. I would like to use Ubuntu's default of systemd-networkd to handle our NIC/route config - but cannot until I've figured out what in systemd- networkd is breaking. Any help is much appreciated on this matter. Thanks! Luke To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1886826/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886300] Re: rename.ul refuses to rename links that don't resolve (regression)
Patch applied upstream [1]. Next steps are to apply it downstream in Debian and Ubuntu. [1] https://git.kernel.org/pub/scm/utils/util-linux/util- linux.git/commit/?id=477239ce0d60384642b51c950688136fdefec815 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1886300 Title: rename.ul refuses to rename links that don't resolve (regression) Status in util-linux package in Ubuntu: In Progress Status in util-linux source package in Eoan: Confirmed Status in util-linux source package in Focal: Confirmed Status in util-linux source package in Groovy: In Progress Bug description: rename.ul refuses to rename links that don't resolve. bionic rename.ul renames links whether or not they resolve (util-linux 2.31.1-0.4ubuntu3.6). focal rename.ul refuses to rename links that don't resolve (regression) (util-linux 2.34-0.1ubuntu9). ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: util-linux 2.34-0.1ubuntu9 ProcVersionSignature: Ubuntu 5.4.0-21.25-generic 5.4.27 Uname: Linux 5.4.0-21-generic x86_64 ApportVersion: 2.20.11-0ubuntu27.3 Architecture: amd64 CasperMD5CheckResult: skip Date: Sat Jul 4 20:38:06 2020 InstallationDate: Installed on 2020-04-05 (90 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Beta amd64 (20200331) ProcEnviron: LC_TIME=en_DK.utf8 TERM=screen PATH=(custom, no user) LANG=en_US.utf8 SHELL=/bin/bash SourcePackage: util-linux UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1886300/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886300] Re: rename.ul refuses to rename links that don't resolve (regression)
The offending commit has been introduced in util-linux v2.33, so the fix should go into Eoan (v2.34) and later. $ git describe --contains 5454df9 v2.33-rc1~309^2~9 $ rmadison -a source util-linux util-linux | 2.20.1-1ubuntu3 | precise | source util-linux | 2.20.1-1ubuntu3.1| precise-updates | source util-linux | 2.20.1-5.1ubuntu20 | trusty | source util-linux | 2.20.1-5.1ubuntu20.9 | trusty-updates | source util-linux | 2.27.1-6ubuntu3 | xenial | source util-linux | 2.27.1-6ubuntu3.10 | xenial-updates | source util-linux | 2.31.1-0.4ubuntu3| bionic | source util-linux | 2.31.1-0.4ubuntu3.6 | bionic-updates | source util-linux | 2.34-0.1ubuntu2 | eoan| source util-linux | 2.34-0.1ubuntu2.4| eoan-updates| source util-linux | 2.34-0.1ubuntu9 | focal | source util-linux | 2.35.2-5ubuntu3 | groovy | source ** Also affects: util-linux (Ubuntu Groovy) Importance: Medium Assignee: Mauricio Faria de Oliveira (mfo) Status: In Progress ** Also affects: util-linux (Ubuntu Eoan) Importance: Undecided Status: New ** Also affects: util-linux (Ubuntu Focal) Importance: Undecided Status: New ** Tags added: sts-sponsor-volunteer ** Changed in: util-linux (Ubuntu Eoan) Status: New => Confirmed ** Changed in: util-linux (Ubuntu Focal) Status: New => Confirmed ** Changed in: util-linux (Ubuntu Eoan) Importance: Undecided => Medium ** Changed in: util-linux (Ubuntu Focal) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1886300 Title: rename.ul refuses to rename links that don't resolve (regression) Status in util-linux package in Ubuntu: In Progress Status in util-linux source package in Eoan: Confirmed Status in util-linux source package in Focal: Confirmed Status in util-linux source package in Groovy: In Progress Bug description: rename.ul refuses to rename links that don't resolve. bionic rename.ul renames links whether or not they resolve (util-linux 2.31.1-0.4ubuntu3.6). focal rename.ul refuses to rename links that don't resolve (regression) (util-linux 2.34-0.1ubuntu9). ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: util-linux 2.34-0.1ubuntu9 ProcVersionSignature: Ubuntu 5.4.0-21.25-generic 5.4.27 Uname: Linux 5.4.0-21-generic x86_64 ApportVersion: 2.20.11-0ubuntu27.3 Architecture: amd64 CasperMD5CheckResult: skip Date: Sat Jul 4 20:38:06 2020 InstallationDate: Installed on 2020-04-05 (90 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Beta amd64 (20200331) ProcEnviron: LC_TIME=en_DK.utf8 TERM=screen PATH=(custom, no user) LANG=en_US.utf8 SHELL=/bin/bash SourcePackage: util-linux UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1886300/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886128] Re: systemd-resolved does not resolve address due to udp payload size.
> please note: after the first read, link will disappear
it's already gone (this is a public bug)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1886128
Title:
systemd-resolved does not resolve address due to udp payload size.
Status in systemd package in Ubuntu:
Incomplete
Bug description:
Description: Ubuntu 18.04.4 LTS
Release: 18.04
systemd-resolve --version
systemd 237
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP
+GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN
-PCRE2 default-hierarchy=hybrid
We met an error: on an attempt to resolve address, the following issue
appears:
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>>
mharder-formrec.cognitiveservices.azure.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 44096
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;mharder-formrec.cognitiveservices.azure.com. IN A
;; Query time: 231 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Tue Apr 28 20:47:14 UTC 2020
;; MSG SIZE rcvd: 72
Let me provide you important notes about the issue:
1) It's not reproducing on Ubuntu 16;
2) Bypassing systemd-resolve - everything works fine;
3) Only the difference between systemd-resolve and END is UDP_PAYLOAD_SIZE
Successful query:
113516:27:25.964386 10.1.0.4168.63.129.16 DNS 128
Standard query 0xc2d4 A mharder-formrec.cognitiveservices.azure.com
OPT
Domain Name System (query)
Transaction ID: 0xc2d4
Flags: 0x0120 Standard query
0... = Response: Message is a query
.000 0... = Opcode: Standard query (0)
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
.0.. = Z: reserved (0)
..1. = AD bit: Set
...0 = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
mharder-formrec.cognitiveservices.azure.com: type A, class IN
Additional records
: type OPT
Name:
Type: OPT (41)
UDP payload size: 4096
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x
0... = DO bit: Cannot handle DNSSEC security
RRs
.000 = Reserved: 0x
Data length: 12
Option: COOKIE
Unsuccessful query:
112816:27:25.713886 10.1.0.4168.63.129.16 DNS 116
Standard query 0x198d A mharder-formrec.cognitiveservices.azure.com
OPT
Domain Name System (query)
Transaction ID: 0x198d
Flags: 0x0100 Standard query
0... = Response: Message is a query
.000 0... = Opcode: Standard query (0)
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
.0.. = Z: reserved (0)
...0 = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
mharder-formrec.cognitiveservices.azure.com: type A, class IN
Additional records
: type OPT
Name:
Type: OPT (41)
UDP payload size: 512
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x
0... = DO bit: Cannot handle DNSSEC security
RRs
.000 = Reserved: 0x
Data length: 0
Notable difference:
Success:
UDP payload size: 4096
Failure:
UDP payload size: 512
And notable differences in the responses:
Success:
Flags: 0x8180 Standard query response, No error
..0. = Truncated: Message is not truncated
Failure:
Flags: 0x8380 Standard query response, No error
..1. = Truncated: Message is truncated
Interestingly, systemd-resolved is setting the maximum payload size to 512
regardless of whether EDNS0 is configured and regardless of what is sent to it
for the payload size.
I tried to found a way to change UDP_PAYLOAD_SIZE,but it seems it is only
possible to change it only with direct code modifications.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1886128/+subscriptions
--
Mailing list:
[Touch-packages] [Bug 1838329] Re: Cryptswap periodically fails to mount at boot due to missing a udev notification
@ddstreet Does the Groovy bug task status need fixing? I see that in your Focal upload you have a series of seven patches picked from upstream to fix this properly. But if your trivial patch in comment 7 works, wouldn't that be better for an SRU? Reference this paragraph of SRU policy: "In line with this, the requirements for stable updates are not necessarily the same as those in the development release. When preparing future releases, one of our goals is to construct the most elegant and maintainable system possible, and this often involves fundamental improvements to the system's architecture, rearranging packages to avoid bundled copies of other software so that we only have to maintain it in one place, and so on. However, once we have completed a release, the priority is normally to minimise risk caused by changes not explicitly required to fix qualifying bugs, and this tends to be well-correlated with minimising the size of those changes. As such, the same bug may need to be fixed in different ways in stable and development releases." How do you think this applies to this case? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1838329 Title: Cryptswap periodically fails to mount at boot due to missing a udev notification Status in systemd: New Status in systemd package in Ubuntu: New Status in systemd source package in Bionic: New Status in systemd source package in Focal: In Progress Status in systemd source package in Groovy: New Bug description: [impact] systems using cryptsetup-based encrypted swap may hang during boot due to udevd missing the notification that swap has been setup on the newly created swap device. [test case] see original description, and reproduction is intermittent based on timing [regression potential] any regression would likely occur during, or after, boot when creating an encrypted swap device and/or while waiting to activate the new swap device. Regressions may cause failure to correctly enable swap and/or hung boot waiting for the swap device. [scope] this was (potentially) fixed upstream with PR 15836, which is not yet included in any upstream release, so this is needed in all releases, including groovy. also note while the upstream bug is closed, and code review seems to indicate this *should* fix this specific issue, there are some comments in the upstream bug indicating it may not completely solve the problem, although there is no further debug of the new reports. [original description] On some systems, cryptsetup-based encrypted swap partitions cause systemd to get stuck at boot. This is a timing-sensitive Heisenbug, so the rate of occurrence varies from one system to another. Some hardware will not experience the issue at all, others will only occasionally experience the issue, and then there are the unlucky who are unable to boot at all, no matter how many times they restart. The workaround is for the cryptsetup-generator to generate cryptswap service entries that call `udevadm trigger` after `mkswap`. This will ensure that the udev event is triggered, so that systemd is notified that the encrypt swap partition is ready to activate. This patch has already been submitted upstream to systemd, but it was not accepted because it is a workaround for the side effect of systemd not seeing the udev event upon creating the swap partition. To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1838329/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886809] Re: Pulse connect VPN exists because unwanted avahi network starts
The attachment "avahi-autoipd.patch" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team. [This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to avahi in Ubuntu. https://bugs.launchpad.net/bugs/1886809 Title: Pulse connect VPN exists because unwanted avahi network starts Status in avahi package in Ubuntu: New Bug description: Pulse VPNs exists very often because avahi enforces network 192.250.0.0/0 over tun0 interface. The message error is: rmon.error Unauthorized new route to 169.254.0.0/0.0.0.0 has been added (conflicts with our route to 0.0.0.0), disconnecting (routemon.cpp:598) No matter the options to skip avahi on /etc/default/avahi-daemon, it always calls /etc/network/if-up.d/avahi-autoipd and raises this discovery network. A fix can be done patching /etc/network/if-up.d/avahi-autoipd to skip any tunnel interface. --- /etc/network/if-up.d/avahi-autoipd.dpkg-old 2020-07-08 13:25:41.834569800 +0200 +++ /etc/network/if-up.d/avahi-autoipd 2020-07-07 10:07:37.68581 +0200 @@ -11,6 +11,10 @@ [ -x /usr/sbin/avahi-autoipd ] || exit 0 +case "$IFACE" in + tun*) exit 0 ;; +esac + [ "$IFACE" != "lo" ] || exit 0 case "$ADDRFAM" in inet) ;; To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1886809/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886814] Re: posix_spawn usage in gnu make causes failures on s390x
Is this a native s390x build, or something qemu-user? Thanks. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to make-dfsg in Ubuntu. https://bugs.launchpad.net/bugs/1886814 Title: posix_spawn usage in gnu make causes failures on s390x Status in Ubuntu on IBM z Systems: New Status in glibc package in Ubuntu: New Status in linux package in Ubuntu: Incomplete Status in make-dfsg package in Ubuntu: New Bug description: posix_spawn usage in gnu make causes failures on s390x Recently in gnu-make v4.3 https://paste.ubuntu.com/p/tYhbJFKN76/ it started to use posix_spawn, instead of fork()/exec(). This has caused failure of an unrelated package flatpak-builder autopkgtests on s390x only, like so echo Building make: echo: Operation not permitted make: *** [Makefile:2: all] Error 127 Julian Klaude investigated this in-depth. His earlier research also indicated that this is a heisenbug, if one tries to print to stderr before printing to stdout, no issue occurs. We are configuring GNU make to be build with --disable-posix-spawn on s390x only. We passed these details to Debian https://bugs.debian.org /cgi-bin/bugreport.cgi?bug=964541 too. But I do wonder, if there is something different or incorrect about posix_spawn() implementation in either glibc, or linux kernel, on s390x. Or gnu-make's usage of posix_spawn(). As otherise, using posix_spawn() in gnu-make works on other architectures, and flatpak-builder autopkgtests pass too. It seems very weird that stdout does not appear to be functional, unless stderr was opened/written to, from gnu-make execution compiled with posix-spawn feature. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1886814/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886722] Re: package rsyslog 8.2001.0-1ubuntu1 failed to install/upgrade: o subprocesso instalado, do pacote rsyslog, o script post-installation retornou erro do status de saída
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1886722 Title: package rsyslog 8.2001.0-1ubuntu1 failed to install/upgrade: o subprocesso instalado, do pacote rsyslog, o script post-installation retornou erro do status de saída 10 Status in rsyslog package in Ubuntu: New Bug description: esta com algums problemas ProblemType: Package DistroRelease: Ubuntu 20.04 Package: rsyslog 8.2001.0-1ubuntu1 ProcVersionSignature: Ubuntu 5.4.0-39.43-generic 5.4.41 Uname: Linux 5.4.0-39-generic x86_64 ApportVersion: 2.20.11-0ubuntu27 AptOrdering: firefox:amd64: Install NULL: ConfigurePending Architecture: amd64 CasperMD5CheckResult: skip Date: Mon Jul 6 07:18:47 2020 ErrorMessage: o subprocesso instalado, do pacote rsyslog, o script post-installation retornou erro do status de saída 10 InstallationDate: Installed on 2020-04-24 (74 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017) Python3Details: /usr/bin/python3.8, Python 3.8.2, python3-minimal, 3.8.2-0ubuntu2 PythonDetails: N/A RelatedPackageVersions: dpkg 1.19.7ubuntu3 apt 2.0.2ubuntu0.1 SourcePackage: rsyslog Title: package rsyslog 8.2001.0-1ubuntu1 failed to install/upgrade: o subprocesso instalado, do pacote rsyslog, o script post-installation retornou erro do status de saída 10 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1886722/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886814] Missing required logs.
This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window: apport-collect 1886814 and then change the status of the bug to 'Confirmed'. If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'. This change has been made by an automated script, maintained by the Ubuntu Kernel Team. ** Changed in: linux (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to make-dfsg in Ubuntu. https://bugs.launchpad.net/bugs/1886814 Title: posix_spawn usage in gnu make causes failures on s390x Status in Ubuntu on IBM z Systems: New Status in glibc package in Ubuntu: New Status in linux package in Ubuntu: Incomplete Status in make-dfsg package in Ubuntu: New Bug description: posix_spawn usage in gnu make causes failures on s390x Recently in gnu-make v4.3 https://paste.ubuntu.com/p/tYhbJFKN76/ it started to use posix_spawn, instead of fork()/exec(). This has caused failure of an unrelated package flatpak-builder autopkgtests on s390x only, like so echo Building make: echo: Operation not permitted make: *** [Makefile:2: all] Error 127 Julian Klaude investigated this in-depth. His earlier research also indicated that this is a heisenbug, if one tries to print to stderr before printing to stdout, no issue occurs. We are configuring GNU make to be build with --disable-posix-spawn on s390x only. We passed these details to Debian https://bugs.debian.org /cgi-bin/bugreport.cgi?bug=964541 too. But I do wonder, if there is something different or incorrect about posix_spawn() implementation in either glibc, or linux kernel, on s390x. Or gnu-make's usage of posix_spawn(). As otherise, using posix_spawn() in gnu-make works on other architectures, and flatpak-builder autopkgtests pass too. It seems very weird that stdout does not appear to be functional, unless stderr was opened/written to, from gnu-make execution compiled with posix-spawn feature. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1886814/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
Re: [Touch-packages] [Bug 1886412] Re: $ ubuntu-bug xorg
On 06/07/2020 22:19, Sebastien Bacher wrote: > Thank you for taking the time to report this bug and help make Ubuntu > better. Unfortunately, we cannot work on this bug because your > description didn't include enough information. You may find it helpful > to read 'How to report bugs effectively' > http://www.chiark.greenend.org.uk/~sgtatham/bugs.html. We'd be grateful > if you would then provide a more complete description of the problem. > > We have instructions on debugging some types of problems at > http://wiki.ubuntu.com/DebuggingProcedures. > > At a minimum, we need: > 1. The specific steps or actions you took that caused you to encounter the > problem. > 2. The behavior you expected. > 3. The behavior you actually encountered (in as much detail as possible). > > Thanks! > > ** Changed in: xorg (Ubuntu) > Importance: Undecided => Low > > ** Changed in: xorg (Ubuntu) > Status: New => Incomplete > Hi I was downloading the normal updates that come automatically when finished it told me to restart the computer, the OS opened with no problems no message I left for about 15mins and the screen used to sleep after Five mins. When I returned the screen was still open I clicked on Applications for the drop-down programmes which flashed and returned to the top. When I clicked on the top right of the screen the same thing happened. I then decided to reboot again, the same thing happened seven time before I got a good screen that worked OK except that I could not open system settings from top right icon all the rest worked. I now decided to ask Ubuntu 1 for an answer, it then set up a scan which took some time and asked me to submit the results which I did. When I click on system settings the "About this computer" loads, I have not switched off since but I switch off the screen when not in use. Regards Gordon Wright Thank you. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1886412 Title: $ ubuntu-bug xorg Status in xorg package in Ubuntu: Incomplete Bug description: I cannot open system settings so I can set up a sleep mode after leaving offfor a spell. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: xorg 1:7.7+19ubuntu7.1 ProcVersionSignature: Ubuntu 4.15.0-109.110-generic 4.15.18 Uname: Linux 4.15.0-109-generic x86_64 NonfreeKernelModules: nvidia .proc.driver.nvidia.gpus.0: Error: [Errno 21] Is a directory: '/proc/driver/nvidia/gpus/0' .proc.driver.nvidia.registry: Binary: "" .proc.driver.nvidia.version: NVRM version: NVIDIA UNIX x86_64 Kernel Module 304.137 Thu Sep 14 13:51:03 PDT 2017 GCC version: gcc version 7.5.0 (Ubuntu 7.5.0-3ubuntu1~18.04) .tmp.unity_support_test.1: ApportVersion: 2.20.9-0ubuntu7.15 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: None Date: Mon Jul 6 11:57:21 2020 DistUpgraded: Fresh install DistroCodename: bionic DistroVariant: ubuntu DkmsStatus: nvidia, 304.137, 4.15.0-108-generic, x86_64: installed nvidia, 304.137, 4.15.0-109-generic, x86_64: installed GraphicsCard: NVIDIA Corporation C61 [GeForce 7025 / nForce 630a] [10de:03d6] (rev a2) (prog-if 00 [VGA controller]) Subsystem: ASUSTeK Computer Inc. C61 [GeForce 7025 / nForce 630a] [1043:83a4] InstallationDate: Installed on 2012-09-29 (2837 days ago) InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 (20120823.1) MachineType: System manufacturer System Product Name ProcEnviron: LANGUAGE=en_GB:en PATH=(custom, no user) LANG=en_GB.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.15.0-109-generic root=UUID=6eb98a42-bc12-42f1-992b-97782d05bb24 ro splash quiet Renderer: Software SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 01/26/2011 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 0702 dmi.board.asset.tag: To Be Filled By O.E.M. dmi.board.name: M4N68T-M-LE-V2 dmi.board.vendor: ASUSTeK Computer INC. dmi.board.version: Rev X.0x dmi.chassis.asset.tag: Asset-1234567890 dmi.chassis.type: 3 dmi.chassis.vendor: Chassis Manufacture dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr0702:bd01/26/2011:svnSystemmanufacturer:pnSystemProductName:pvrSystemVersion:rvnASUSTeKComputerINC.:rnM4N68T-M-LE-V2:rvrRevX.0x:cvnChassisManufacture:ct3:cvrChassisVersion: dmi.product.family: To Be Filled By O.E.M. dmi.product.name: System Product Name dmi.product.version: System Version dmi.sys.vendor: System manufacturer version.compiz: compiz 1:0.9.13.1+18.04.20180302-0ubuntu1 version.libdrm2: libdrm2 2.4.101-2~18.04.1 version.libgl1-mesa-dri: libgl1-mesa-dri 19.2.8-0ubuntu0~18.04.3 version.libgl1-mesa-glx:
[Touch-packages] [Bug 1886814] Re: posix_spawn usage in gnu make causes failures on s390x
** Also affects: ubuntu-z-systems Importance: Undecided Status: New ** Tags added: reverse-proxy-bugzilla s390x ** Changed in: ubuntu-z-systems Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to make-dfsg in Ubuntu. https://bugs.launchpad.net/bugs/1886814 Title: posix_spawn usage in gnu make causes failures on s390x Status in Ubuntu on IBM z Systems: New Status in glibc package in Ubuntu: New Status in linux package in Ubuntu: New Status in make-dfsg package in Ubuntu: New Bug description: posix_spawn usage in gnu make causes failures on s390x Recently in gnu-make v4.3 https://paste.ubuntu.com/p/tYhbJFKN76/ it started to use posix_spawn, instead of fork()/exec(). This has caused failure of an unrelated package flatpak-builder autopkgtests on s390x only, like so echo Building make: echo: Operation not permitted make: *** [Makefile:2: all] Error 127 Julian Klaude investigated this in-depth. His earlier research also indicated that this is a heisenbug, if one tries to print to stderr before printing to stdout, no issue occurs. We are configuring GNU make to be build with --disable-posix-spawn on s390x only. We passed these details to Debian https://bugs.debian.org /cgi-bin/bugreport.cgi?bug=964541 too. But I do wonder, if there is something different or incorrect about posix_spawn() implementation in either glibc, or linux kernel, on s390x. Or gnu-make's usage of posix_spawn(). As otherise, using posix_spawn() in gnu-make works on other architectures, and flatpak-builder autopkgtests pass too. It seems very weird that stdout does not appear to be functional, unless stderr was opened/written to, from gnu-make execution compiled with posix-spawn feature. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1886814/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886814] [NEW] posix_spawn usage in gnu make causes failures on s390x
Public bug reported: posix_spawn usage in gnu make causes failures on s390x Recently in gnu-make v4.3 https://paste.ubuntu.com/p/tYhbJFKN76/ it started to use posix_spawn, instead of fork()/exec(). This has caused failure of an unrelated package flatpak-builder autopkgtests on s390x only, like so echo Building make: echo: Operation not permitted make: *** [Makefile:2: all] Error 127 Julian Klaude investigated this in-depth. His earlier research also indicated that this is a heisenbug, if one tries to print to stderr before printing to stdout, no issue occurs. We are configuring GNU make to be build with --disable-posix-spawn on s390x only. We passed these details to Debian https://bugs.debian.org /cgi-bin/bugreport.cgi?bug=964541 too. But I do wonder, if there is something different or incorrect about posix_spawn() implementation in either glibc, or linux kernel, on s390x. Or gnu-make's usage of posix_spawn(). As otherise, using posix_spawn() in gnu-make works on other architectures, and flatpak-builder autopkgtests pass too. It seems very weird that stdout does not appear to be functional, unless stderr was opened/written to, from gnu-make execution compiled with posix-spawn feature. ** Affects: ubuntu-z-systems Importance: Medium Status: New ** Affects: glibc (Ubuntu) Importance: Undecided Status: New ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Affects: make-dfsg (Ubuntu) Importance: Undecided Status: New ** Tags: reverse-proxy-bugzilla s390x ** Also affects: glibc (Ubuntu) Importance: Undecided Status: New ** Also affects: linux (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to make-dfsg in Ubuntu. https://bugs.launchpad.net/bugs/1886814 Title: posix_spawn usage in gnu make causes failures on s390x Status in Ubuntu on IBM z Systems: New Status in glibc package in Ubuntu: New Status in linux package in Ubuntu: New Status in make-dfsg package in Ubuntu: New Bug description: posix_spawn usage in gnu make causes failures on s390x Recently in gnu-make v4.3 https://paste.ubuntu.com/p/tYhbJFKN76/ it started to use posix_spawn, instead of fork()/exec(). This has caused failure of an unrelated package flatpak-builder autopkgtests on s390x only, like so echo Building make: echo: Operation not permitted make: *** [Makefile:2: all] Error 127 Julian Klaude investigated this in-depth. His earlier research also indicated that this is a heisenbug, if one tries to print to stderr before printing to stdout, no issue occurs. We are configuring GNU make to be build with --disable-posix-spawn on s390x only. We passed these details to Debian https://bugs.debian.org /cgi-bin/bugreport.cgi?bug=964541 too. But I do wonder, if there is something different or incorrect about posix_spawn() implementation in either glibc, or linux kernel, on s390x. Or gnu-make's usage of posix_spawn(). As otherise, using posix_spawn() in gnu-make works on other architectures, and flatpak-builder autopkgtests pass too. It seems very weird that stdout does not appear to be functional, unless stderr was opened/written to, from gnu-make execution compiled with posix-spawn feature. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1886814/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886809] Re: Pulse connect VPN exists because unwanted avahi network starts
** Patch added: "avahi-autoipd.patch" https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1886809/+attachment/5390785/+files/avahi-autoipd.patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to avahi in Ubuntu. https://bugs.launchpad.net/bugs/1886809 Title: Pulse connect VPN exists because unwanted avahi network starts Status in avahi package in Ubuntu: New Bug description: Pulse VPNs exists very often because avahi enforces network 192.250.0.0/0 over tun0 interface. The message error is: rmon.error Unauthorized new route to 169.254.0.0/0.0.0.0 has been added (conflicts with our route to 0.0.0.0), disconnecting (routemon.cpp:598) No matter the options to skip avahi on /etc/default/avahi-daemon, it always calls /etc/network/if-up.d/avahi-autoipd and raises this discovery network. A fix can be done patching /etc/network/if-up.d/avahi-autoipd to skip any tunnel interface. --- /etc/network/if-up.d/avahi-autoipd.dpkg-old 2020-07-08 13:25:41.834569800 +0200 +++ /etc/network/if-up.d/avahi-autoipd 2020-07-07 10:07:37.68581 +0200 @@ -11,6 +11,10 @@ [ -x /usr/sbin/avahi-autoipd ] || exit 0 +case "$IFACE" in + tun*) exit 0 ;; +esac + [ "$IFACE" != "lo" ] || exit 0 case "$ADDRFAM" in inet) ;; To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1886809/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886809] Re: Pulse connect VPN exists because unwanted avahi network starts
I missed to system information. Here is it: # lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 18.04.4 LTS Release:18.04 Codename: bionic # dpkg -l "avahi*" Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++--=-=-= ii avahi-autoipd0.7-3.1ubuntu1.2 amd64 Avahi IPv4LL network address configuration daemon ii avahi-daemon 0.7-3.1ubuntu1.2 amd64 Avahi mDNS/DNS-SD daemon ii avahi-utils 0.7-3.1ubuntu1.2 amd64 Avahi browsing, publishing and discovery utilities -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to avahi in Ubuntu. https://bugs.launchpad.net/bugs/1886809 Title: Pulse connect VPN exists because unwanted avahi network starts Status in avahi package in Ubuntu: New Bug description: Pulse VPNs exists very often because avahi enforces network 192.250.0.0/0 over tun0 interface. The message error is: rmon.error Unauthorized new route to 169.254.0.0/0.0.0.0 has been added (conflicts with our route to 0.0.0.0), disconnecting (routemon.cpp:598) No matter the options to skip avahi on /etc/default/avahi-daemon, it always calls /etc/network/if-up.d/avahi-autoipd and raises this discovery network. A fix can be done patching /etc/network/if-up.d/avahi-autoipd to skip any tunnel interface. --- /etc/network/if-up.d/avahi-autoipd.dpkg-old 2020-07-08 13:25:41.834569800 +0200 +++ /etc/network/if-up.d/avahi-autoipd 2020-07-07 10:07:37.68581 +0200 @@ -11,6 +11,10 @@ [ -x /usr/sbin/avahi-autoipd ] || exit 0 +case "$IFACE" in + tun*) exit 0 ;; +esac + [ "$IFACE" != "lo" ] || exit 0 case "$ADDRFAM" in inet) ;; To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1886809/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886809] [NEW] Pulse connect VPN exists because unwanted avahi network starts
Public bug reported: Pulse VPNs exists very often because avahi enforces network 192.250.0.0/0 over tun0 interface. The message error is: rmon.error Unauthorized new route to 169.254.0.0/0.0.0.0 has been added (conflicts with our route to 0.0.0.0), disconnecting (routemon.cpp:598) No matter the options to skip avahi on /etc/default/avahi-daemon, it always calls /etc/network/if-up.d/avahi-autoipd and raises this discovery network. A fix can be done patching /etc/network/if-up.d/avahi-autoipd to skip any tunnel interface. --- /etc/network/if-up.d/avahi-autoipd.dpkg-old 2020-07-08 13:25:41.834569800 +0200 +++ /etc/network/if-up.d/avahi-autoipd 2020-07-07 10:07:37.68581 +0200 @@ -11,6 +11,10 @@ [ -x /usr/sbin/avahi-autoipd ] || exit 0 +case "$IFACE" in + tun*) exit 0 ;; +esac + [ "$IFACE" != "lo" ] || exit 0 case "$ADDRFAM" in inet) ;; ** Affects: avahi (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to avahi in Ubuntu. https://bugs.launchpad.net/bugs/1886809 Title: Pulse connect VPN exists because unwanted avahi network starts Status in avahi package in Ubuntu: New Bug description: Pulse VPNs exists very often because avahi enforces network 192.250.0.0/0 over tun0 interface. The message error is: rmon.error Unauthorized new route to 169.254.0.0/0.0.0.0 has been added (conflicts with our route to 0.0.0.0), disconnecting (routemon.cpp:598) No matter the options to skip avahi on /etc/default/avahi-daemon, it always calls /etc/network/if-up.d/avahi-autoipd and raises this discovery network. A fix can be done patching /etc/network/if-up.d/avahi-autoipd to skip any tunnel interface. --- /etc/network/if-up.d/avahi-autoipd.dpkg-old 2020-07-08 13:25:41.834569800 +0200 +++ /etc/network/if-up.d/avahi-autoipd 2020-07-07 10:07:37.68581 +0200 @@ -11,6 +11,10 @@ [ -x /usr/sbin/avahi-autoipd ] || exit 0 +case "$IFACE" in + tun*) exit 0 ;; +esac + [ "$IFACE" != "lo" ] || exit 0 case "$ADDRFAM" in inet) ;; To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/1886809/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557157] Autopkgtest regression report (openldap/2.4.48+dfsg-1ubuntu1.2)
All autopkgtests for the newly accepted openldap (2.4.48+dfsg-1ubuntu1.2) for
eoan have finished running.
The following regressions have been reported in tests triggered by the package:
asterisk/1:16.2.1~dfsg-2build2 (armhf)
Please visit the excuses page listed below and investigate the failures,
proceeding afterwards as per the StableReleaseUpdates policy regarding
autopkgtest regressions [1].
https://people.canonical.com/~ubuntu-archive/proposed-
migration/eoan/update_excuses.html#openldap
[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions
Thank you!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1557157
Title:
apparmor profile denied for saslauthd: /run/saslauthd/mux
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Trusty:
Won't Fix
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Eoan:
Fix Committed
Status in openldap source package in Focal:
Fix Committed
Status in openldap source package in Groovy:
Fix Released
Bug description:
[Impact]
When using openldap with sasl authentication, the slapd process will
communicate with the saslauthd daemon via a socket in
{,/var}/run/saslauthd/mux. Unfortunately, this will fail in every
Ubuntu release from trusty onwards, because slapd's apparmor profile
doesn't contain the necessary directive to allow it to read/write
from/to the socket specified above.
The fix is simple: just add the necessary directive to allow slapd to
read/write from/to the saslauthd socket.
[Test Case]
One can reproduce the problem by doing:
$ lxc launch ubuntu-daily:groovy openldap-bugbug1557157-groovy
$ lxc shell openldap-bugbug1557157-groovy
# apt install slapd sasl2-bin ldap-utils apparmor-utils
(As the domain name, use "example.com").
# sed -i -e 's/^START=.*/START=yes/' /etc/default/saslauthd
# cat > /etc/ldap/sasl2/slapd.conf << __EOF__
mech_list: PLAIN
pwcheck_method: saslauthd
__EOF__
# adduser openldap sasl
# aa-enforce /etc/apparmor.d/usr.sbin.slapd
# systemctl restart slapd.service
# systemctl restart saslauthd.service
# passwd root
(You can choose any password here. You will need to type it when
running the next command.)
# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root
-Y PLAIN
The command will fail with something like:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification
failed
[Regression Potential]
This is an extremely simple and well contained fix, so I don't
envision any possible regressions after applying it. It is important
noticing that, since the problem affects older Ubuntu releases, the
openldap package will have to be rebuilt against possible newer
versions of libraries and other depencencies, which, albeit unlikely,
may cause issues.
[Original Description]
When using slapd with saslauthd the processes communicate via the
{,/var}/run/saslauthd/mux socket (this is the default location for the
saslauthd server from the sasl2-bin package in the
/etc/default/saslauthd config), but the apparmor profile for
usr.sbin.slapd does not allow access to this socket/file.
Syslog message:
apparmor="DENIED" operation="connect" profile="/usr/sbin/slapd"
name="/run/saslauthd/mux" pid=1880
4 comm="slapd" requested_mask="r" denied_mask="r" fsuid=108 ouid=0
Please add the following line to /etc/apparmor.d/usr.sbin.slapd:
/{,var/}run/saslauthd/mux rw,
Ubuntu version: Ubuntu 14.04.4 LTS
slapd version: 2.4.31-1+nmu2ubu
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557157/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1866303] Autopkgtest regression report (openldap/2.4.48+dfsg-1ubuntu1.2)
All autopkgtests for the newly accepted openldap (2.4.48+dfsg-1ubuntu1.2) for
eoan have finished running.
The following regressions have been reported in tests triggered by the package:
asterisk/1:16.2.1~dfsg-2build2 (armhf)
Please visit the excuses page listed below and investigate the failures,
proceeding afterwards as per the StableReleaseUpdates policy regarding
autopkgtest regressions [1].
https://people.canonical.com/~ubuntu-archive/proposed-
migration/eoan/update_excuses.html#openldap
[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions
Thank you!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1866303
Title:
slapd crash with pwdAccountLockedTime and stacked overlays
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Disco:
Won't Fix
Status in openldap source package in Eoan:
Fix Committed
Status in openldap package in Debian:
Fix Released
Bug description:
[Impact]
In the configuration and conditions described below, slapd can crash:
1. ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
[Test Case]
* get the files from the bug:
mkdir slapd-test-case; cd slapd-test-case
wget -ct0
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334194/+files/slapd.conf
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334195/+files/data.ldif
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334196/+files/samba.schema
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334197/+files/script
* run the script:
sudo apt update && sudo sh ./script
* With the bug, the result is:
ldap_bind: Invalid credentials (49)
slapd dead
* If when confirming the bug you don't see "slapd dead" like above,
check manually, as slapd might have been in the process of shutting
down when the script checked its status: "sudo systemctl status slapd"
* With the fixed packages, you get a living slapd at the end (you can
run the script again on the same system after updating the packages):
sudo sh ./script
...
slapd running
ldap_bind: Invalid credentials (49)
slapd running
[Regression Potential]
The fix is in the password policy overlay (not enabled by default), so any
regressions would be around that area and could potentially impact
authentication ("binding") to openldap.
[Other Info]
This was fixed in focal and "cooked" there for a long while, as suggested by
the Debian maintainer. We haven't received further bug reports about this in
focal+.
[Original Description]
Hello,
Please merge openldap 2.4.49+dfsg-2 from Debian unstable to fix an
issue in the ppolicy overlay that can crash slapd. Please also
consider SRUing the patch after it has had some testing time.
Upstream: https://openldap.org/its/?findid=9171
Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953150
The ingredients for the crash are:
1: ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
The buggy code is not as specific as the above steps, so I suspect
there are probably other configurations or steps that can trigger the
same crash.
I will attach my test script and data for reproducing the crash.
Expected output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd running
Actual output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd dead
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886644] Re: SRU the current 3.36.4 stable update
This bug was fixed in the package evolution-data-server - 3.36.4-1 --- evolution-data-server (3.36.4-1) unstable; urgency=medium * New stable version (lp: #1886644), fixes - CVE-2020-14928: Response Injection via STARTTLS in SMTP and POP3 * Updated symbols for the new version -- Sebastien Bacher Tue, 07 Jul 2020 12:38:45 +0200 ** Changed in: evolution-data-server (Ubuntu) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-14928 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to evolution-data-server in Ubuntu. https://bugs.launchpad.net/bugs/1886644 Title: SRU the current 3.36.4 stable update Status in evolution-data-server package in Ubuntu: Fix Released Bug description: * Impact That's the current GNOME stable update, including some fixes and translation updates https://gitlab.gnome.org/GNOME/evolution-data-server/-/blob/gnome-3-36/NEWS * Test case The update is part of GNOME stable updates https://wiki.ubuntu.com/StableReleaseUpdates/GNOME Check that the calendar integration in GNOME and gnome-calendar is working, also test evolution with an email account. * Regression potential There is no specific change or feature to test in the upgrade To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evolution-data-server/+bug/1886644/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1882161] Re: module-switch-on-port-avaiable: switch the port on ucm devices based on the priority
** Changed in: oem-priority Importance: Undecided => Critical -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pulseaudio in Ubuntu. https://bugs.launchpad.net/bugs/1882161 Title: module-switch-on-port-avaiable: switch the port on ucm devices based on the priority Status in HWE Next: New Status in OEM Priority Project: New Status in pulseaudio package in Ubuntu: Fix Released Status in pulseaudio source package in Focal: In Progress Status in pulseaudio source package in Groovy: Fix Released Bug description: This bug originates from an OEM private bug #1875597, then ubuntu users reported 2 public bugs #1871329 and #1881659. The 2nd issue of #1871329 and the 1st issue of #1881659 have the same root cause as #1875597 [Impact] On the Dell machines with multi function audio jack, after installing the ubuntu 20.04 and if the audio driver is sof instead of legacy hda, the headphone/headset can't output sound automatically after users plug in a headphone/headset. This is different from ubuntu 18.04, on the 18.04, the headphone/headset could output sound automatically after plugging in the audio jack. [Fix] The root cause is the ucm2 conf defines 2 input devices: the Mic2 and Headset MIC, and the pulseaudio parse the input device Headset MIC first then Mic2, finally the audio jack is set to Mic2 mode, this make the audio jack can't output sound anymore. To fix it, let the audio jack set to Headset MIC mode by default (Headset MIC has higher priority than Mic2 in the ucm2 conf), to do so, let pulseaudio send the device event to module-switch-on-port-available by the order of priority in the umc2. [Test Case] applying the fix patch to pulseaudio, plug a headset/headphone to the multi function audio jack, play sound from headset/headphone, the sound could be heard from headset/headphone. [Regression Risk] Low, just do a small change to store the ucm devices by their priority. and upstream just merged this patch. To manage notifications about this bug go to: https://bugs.launchpad.net/hwe-next/+bug/1882161/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886790] Re: lxc 3.0.3-0ubuntu1~18.04.1 ADT test failure with 5.4 kernels in Bionic
This is a bug we fixed in our stable-3.0 branch and is fixed in the Ubuntu lxc 3.0.4 packages. See https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1848587 and specifically this commit: commit 11fc6882f7bfd40fbcda6a3a7f7c1bca50df3f2b Author: Christian Brauner Date: Mon Nov 18 15:08:22 2019 +0100 tests: use /dev/loop-control instead of /dev/network_latency BugLink: https://bugs.launchpad.net/bugs/1848587 The latter device has been removed apparently. Bionic didn't get the 3.0.4 upgrade? That seems odd. ** Changed in: lxc (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1886790 Title: lxc 3.0.3-0ubuntu1~18.04.1 ADT test failure with 5.4 kernels in Bionic Status in lxc package in Ubuntu: Fix Released Status in lxc source package in Bionic: Confirmed Bug description: Testing failed on: amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/amd64/l/lxc/20200706_183234_ca65f@/log.gz arm64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/arm64/l/lxc/20200706_172136_71b68@/log.gz ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/ppc64el/l/lxc/20200706_191938_cedac@/log.gz s390x: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/s390x/l/lxc/20200706_163359_98d4d@/log.gz The failing test seems to be: FAIL: lxc-tests: lxc-test-device-add-remove (0s) --- Adding /dev/network_latency to the container (device_add_remove_test) failed... --- This is a regression from the 4.15/5.3 to 5.4 kernels in Bionic. Note that this testcase is successful on Focal with the same kernel version. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1886790/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886714] Re: Bluetooth disconnects, and then sound fails on reconnect
>From second paragraph “I wonder if I started noticing the problem under Ubuntu 14.x, but I'm pretty sure it was there already at Ubuntu 16.x. I'm now running Ubuntu 19.10 and Gnome 3.34.2. (Just for the record, the bug also persisted in Ubu 18.04 for as long as I was using it.)” The bug was infact the reason I updated to 19.04 and later to 19.10, but it did not go away. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to bluez in Ubuntu. https://bugs.launchpad.net/bugs/1886714 Title: Bluetooth disconnects, and then sound fails on reconnect Status in bluez package in Ubuntu: Won't Fix Bug description: This bug has persisted over several years, and several versions, and after a lot of investigation I'm not really any closer on what's going on. I have two pretty old GA MA78gm S2H mainboards, configured slightly different, and otherwise working properly. Both of them have run both Ubuntu and Windows. The problem seems to have been minimized when running Win10, and even if it is there it seems like Win10 recover when it happen. I wonder if I started noticing the problem under Ubuntu 14.x, but I'm pretty sure it was there already at Ubuntu 16.x. I'm now running Ubuntu 19.10 and Gnome 3.34.2. (Just for the record, the bug also persisted in Ubu 18.04 for as long as I was using it.) It isn't really an option to switch the mainboards, as there are too much custom-builds running on them for the moment. They will probably be replaced when I have time to rebuild everything. ;) To make Bluetooth work I use an ASUS USB-BT400, which report as “BCM920702 Bluetooth 4.0”, or more accurately “BCM20702A1 (001.002.014) build 1467”. I have also used other dongles, but it seems like all of them has the same chipset. Now… Given I restart the computer And boot into Ubuntu 19.10 And log in as myself And attach a pair of Sony MDR-ZX770BN When I listen to sound from a movie with A2DP Then at some random point it start to lag noticeably (sound becomes scratchy) And suddenly disconnects (at this point it seems like it is Bluetooth that disconnects) It may take 5–10 minutes and up to several hours before it disconnects. Given I turn the headphones off And back on When it reconnects to the computer Then the computer fails to enable the sound device (visible in the preference manager f.ex.) There are several reports of various equipments that disconnect, and I wonder if this could be the same problem. Problem 1 The dongle is rather hot when it disconnects. This is mere speculation, but I wonder if the disconnect happen because either the mainboard gives to little current and thus it fails due to voltage drop, or it fails due to overheating. It seems like the port should have enough current to sustain the dongle, but I wonder if the mainboard could let several ports share the same power source, and thus it fail to deliver enough current. There are other devices powered by the USB ports, and they don't seem to fail, which seems likely to happen if power is the issue. The issue seems to be somewhat related to the quality of the audio, which makes me wonder whether higher quality gives more transferred data, which again gives higher power consumption. It also seems like the issue can be triggered by moving away from the computer. That would give higher tx power, which could make the dongle overheat or mainboard could fail to provide enough current. Is there any way to get a more specific failure report from the dongle? Problem 2 After the headphone reconnects it seems like the sound system isn't working properly. I've been checking, and everything seems correct, still the headphone is missing as an output device. I have not been able to figure out what makes the sound system fail, and I have not been able to make it recover. Only way to recover seems to be to do a cold reboot. A simple warm reboot does not fix the problem, but this can be related to problem 1. A few dumps john@hydra:~$ dmesg | fgrep 'Blue' [3.089584] usb 1-2.2: Product: BCM920702 Bluetooth 4.0 [8.417252] Bluetooth: Core ver 2.22 [8.417280] Bluetooth: HCI device and connection manager initialized [8.417284] Bluetooth: HCI socket layer initialized [8.417286] Bluetooth: L2CAP socket layer initialized [8.417301] Bluetooth: SCO socket layer initialized [8.779706] Bluetooth: hci0: BCM: chip id 63 [8.780703] Bluetooth: hci0: BCM: features 0x07 [8.796682] Bluetooth: hci0: hydra [8.800667] Bluetooth: hci0: BCM20702A1 (001.002.014) build 1467 [9.671568] Bluetooth: hci0: BCM20702A1 (001.002.014) build 1467 [9.687584] Bluetooth: hci0: Broadcom Bluetooth Device [ 10.571440] Bluetooth: BNEP (Ethernet Emulation) ver 1.3 [ 10.571442] Bluetooth: BNEP filters: protocol multicast [ 10.571448]
[Touch-packages] [Bug 1886790] Re: lxc 3.0.3-0ubuntu1~18.04.1 ADT test failure with 5.4 kernels in Bionic
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: lxc (Ubuntu Bionic) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1886790 Title: lxc 3.0.3-0ubuntu1~18.04.1 ADT test failure with 5.4 kernels in Bionic Status in lxc package in Ubuntu: Confirmed Status in lxc source package in Bionic: Confirmed Bug description: Testing failed on: amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/amd64/l/lxc/20200706_183234_ca65f@/log.gz arm64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/arm64/l/lxc/20200706_172136_71b68@/log.gz ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/ppc64el/l/lxc/20200706_191938_cedac@/log.gz s390x: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/s390x/l/lxc/20200706_163359_98d4d@/log.gz The failing test seems to be: FAIL: lxc-tests: lxc-test-device-add-remove (0s) --- Adding /dev/network_latency to the container (device_add_remove_test) failed... --- This is a regression from the 4.15/5.3 to 5.4 kernels in Bionic. Note that this testcase is successful on Focal with the same kernel version. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1886790/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886790] Re: lxc 3.0.3-0ubuntu1~18.04.1 ADT test failure with 5.4 kernels in Bionic
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: lxc (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1886790 Title: lxc 3.0.3-0ubuntu1~18.04.1 ADT test failure with 5.4 kernels in Bionic Status in lxc package in Ubuntu: Confirmed Status in lxc source package in Bionic: Confirmed Bug description: Testing failed on: amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/amd64/l/lxc/20200706_183234_ca65f@/log.gz arm64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/arm64/l/lxc/20200706_172136_71b68@/log.gz ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/ppc64el/l/lxc/20200706_191938_cedac@/log.gz s390x: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/s390x/l/lxc/20200706_163359_98d4d@/log.gz The failing test seems to be: FAIL: lxc-tests: lxc-test-device-add-remove (0s) --- Adding /dev/network_latency to the container (device_add_remove_test) failed... --- This is a regression from the 4.15/5.3 to 5.4 kernels in Bionic. Note that this testcase is successful on Focal with the same kernel version. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1886790/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1884318] Re: lxc 3.0.3-0ubuntu1~18.04.1 ADT test failure with 5.4 kernels in Bionic
*** This bug is a duplicate of bug 1886790 *** https://bugs.launchpad.net/bugs/1886790 Hi Kelsey, sorry I haven't noticed you already opened this bug against the lxc issue and opened another one (bug 1886790). As I have already provided the new bug to the lxc team to look at, I'll mark this one as a duplicate. Thanks! ** This bug has been marked a duplicate of bug 1886790 lxc 3.0.3-0ubuntu1~18.04.1 ADT test failure with 5.4 kernels in Bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1884318 Title: lxc 3.0.3-0ubuntu1~18.04.1 ADT test failure with 5.4 kernels in Bionic Status in lxc package in Ubuntu: Invalid Status in lxc source package in Bionic: New Bug description: Testing failed on: amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/amd64/l/lxc/20200617_163718_07690@/log.gz arm64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/arm64/l/lxc/20200617_165305_fce64@/log.gz To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1884318/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1870260] Re: initramfs unpacking failed: Decoding failed", message appears on boot up.
update-initramfs -u gives the following error message: /usr/bin/update- initramfs: 185: cannot create /var/lib/initramfs-tools/5.4.0-40-generic: Directory nonexistent I completely stuck after first boot of freshly installed ubuntu 20.04. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-meta in Ubuntu. https://bugs.launchpad.net/bugs/1870260 Title: initramfs unpacking failed: Decoding failed", message appears on boot up. Status in linux package in Ubuntu: Confirmed Status in ubuntu-meta package in Ubuntu: Confirmed Bug description: OS : Ubuntu 20.04(20200401) Problem: "initramfs unpacking failed: Decoding failed", message appears on boot up solution: If we edit /etc/initramfs-tools/initramfs.conf and COMPRESS=lz4, to COMPRESS=gzip then the error is fixing . Expected solution: This but in there from a long time I have seen this from Ubuntu 18.04,19.04,19.10 now in 20.04 So please fix it or change it from lz4 to gzip. an early reply is highly appreciated Thank you . --- ProblemType: Bug ApportVersion: 2.20.11-0ubuntu21 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: tamal 1451 F pulseaudio CurrentDesktop: ubuntu:GNOME DistroRelease: Ubuntu 20.04 InstallationDate: Installed on 2020-04-02 (0 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Beta amd64 (20200331) Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 004: ID 0bda:b009 Realtek Semiconductor Corp. 802.11n WLAN Adapter Bus 001 Device 003: ID 0408:5365 Quanta Computer, Inc. HP TrueVision HD Camera Bus 001 Device 002: ID 046d:c52b Logitech, Inc. Unifying Receiver Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: HP HP Laptop 15-da0xxx Package: ubuntu-meta ProcEnviron: LANGUAGE=en_IN:en PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_IN SHELL=/bin/bash ProcFB: 0 i915drmfb ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.4.0-21-generic root=UUID=29f895bf-ab7b-4df8-8e9a-c277376a2685 ro quiet splash vt.handoff=7 ProcVersionSignature: Ubuntu 5.4.0-21.25-generic 5.4.27 RelatedPackageVersions: linux-restricted-modules-5.4.0-21-generic N/A linux-backports-modules-5.4.0-21-generic N/A linux-firmware1.187 Tags: focal Uname: Linux 5.4.0-21-generic x86_64 UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm cdrom dip lpadmin lxd plugdev sambashare sudo _MarkForUpload: True dmi.bios.date: 11/29/2019 dmi.bios.vendor: Insyde dmi.bios.version: F.23 dmi.board.asset.tag: Type2 - Board Asset Tag dmi.board.name: 84A6 dmi.board.vendor: HP dmi.board.version: 80.43 dmi.chassis.asset.tag: Chassis Asset Tag dmi.chassis.type: 10 dmi.chassis.vendor: HP dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnInsyde:bvrF.23:bd11/29/2019:svnHP:pnHPLaptop15-da0xxx:pvrType1ProductConfigId:rvnHP:rn84A6:rvr80.43:cvnHP:ct10:cvrChassisVersion: dmi.product.family: 103C_5335KV HP Notebook dmi.product.name: HP Laptop 15-da0xxx dmi.product.sku: 5AY34PA#ACJ dmi.product.version: Type1ProductConfigId dmi.sys.vendor: HP To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1870260/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886728] Re: OpenVPN OTP replaces the ordinary password
Thank you for your bug report, the issue has also been reported upstream on https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/97 ** Bug watch added: gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues #97 https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/issues/97 ** Package changed: gnome-keyring (Ubuntu) => network-manager (Ubuntu) ** Changed in: network-manager (Ubuntu) Importance: Undecided => Low ** Changed in: network-manager (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1886728 Title: OpenVPN OTP replaces the ordinary password Status in network-manager package in Ubuntu: Triaged Bug description: When OpenVPN has One-time password (OTP) enabled, and the user connects, a dialog asks the user to enter the One-time password (OTP) and press ok. This action replaces the ordinary "long term" password with the OTP. This causes annoyance as the next login will fail because the password is wrong and the user has to enter both the password and the OTP the next time they log in. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: gnome-keyring 3.36.0-1ubuntu1 ProcVersionSignature: Ubuntu 5.4.0-40.44-generic 5.4.44 Uname: Linux 5.4.0-40-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu27.3 Architecture: amd64 CasperMD5CheckResult: skip CurrentDesktop: ubuntu:GNOME Date: Wed Jul 8 01:07:18 2020 InstallationDate: Installed on 2020-03-23 (106 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017) SourcePackage: gnome-keyring UpgradeStatus: Upgraded to focal on 2020-05-11 (57 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1886728/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886702] Re: cosmetic issue: updates tab's text is not left aligned
Thank you for your bug report ** Changed in: software-properties (Ubuntu) Importance: Undecided => Low ** Changed in: software-properties (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to software-properties in Ubuntu. https://bugs.launchpad.net/bugs/1886702 Title: cosmetic issue: updates tab's text is not left aligned Status in software-properties package in Ubuntu: Confirmed Bug description: Text alignment in updates tab is not consistent with other tabs. Text is center aligned as shown in screenshot. I think it should be left aligned. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: software-properties-gtk 0.98.9 ProcVersionSignature: Ubuntu 5.4.0-39.43-generic 5.4.41 Uname: Linux 5.4.0-39-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu27.3 Architecture: amd64 CasperMD5CheckResult: skip CurrentDesktop: ubuntu:GNOME Date: Tue Jul 7 22:59:03 2020 InstallationDate: Installed on 2019-02-05 (518 days ago) InstallationMedia: Ubuntu 18.10 "Cosmic Cuttlefish" - Release amd64 (20181017.3) PackageArchitecture: all SourcePackage: software-properties UpgradeStatus: Upgraded to focal on 2020-04-26 (72 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1886702/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1398805] Re: redshift fails to start geoclue provider after resuming network connection / hangs for 25s
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: redshift (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to geoclue in Ubuntu.
https://bugs.launchpad.net/bugs/1398805
Title:
redshift fails to start geoclue provider after resuming network
connection / hangs for 25s
Status in geoclue package in Ubuntu:
Confirmed
Status in redshift package in Ubuntu:
Confirmed
Bug description:
`redshift -l geoclue -p` hangs after resuming network operation.
This happens after resuming from hibernation, but can be reproduced by
disabling and re-enabling the network via network-manager.
strace shows:
sendmsg(3, {msg_name(0)=NULL,
msg_iov(2)=[{"l\1\1\1\214\0\0\0\2\0\0\0\177\0\0\0\1\1o\0\25\0\0\0/org/freedesktop/DBus\0\0\0\6\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\2\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\3\1s\0\10\0\0\0AddMatch\0\0\0\0\0\0\0\0\10\1g\0\1s\0\0",
144},
{"\207\0\0\0type='signal',sender='org.freedesktop.Geoclue.Master',path='/org/freedesktop/Geoclue/Master',interface='org.freedesktop.Geoclue.Master'\0",
140}], msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL) = 284
sendmsg(3, {msg_name(0)=NULL,
msg_iov(2)=[{"l\1\1\1\256\0\0\0\3\0\0\0\177\0\0\0\1\1o\0\25\0\0\0/org/freedesktop/DBus\0\0\0\6\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\2\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\3\1s\0\10\0\0\0AddMatch\0\0\0\0\0\0\0\0\10\1g\0\1s\0\0",
144},
{"\251\0\0\0type='signal',sender='org.freedesktop.DBus',path='/org/freedesktop/DBus',interface='org.freedesktop.DBus',member='NameOwnerChanged',arg0='org.freedesktop.Geoclue.Master'\0",
174}], msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL) = 318
sendmsg(3, {msg_name(0)=NULL,
msg_iov(2)=[{"l\1\0\1#\0\0\0\4\0\0\0\177\0\0\0\1\1o\0\25\0\0\0/org/freedesktop/DBus\0\0\0\6\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\2\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\3\1s\0\f\0\0\0GetNameOwner\0\0\0\0\10\1g\0\1s\0\0",
144}, {"\36\0\0\0org.freedesktop.Geoclue.Master\0", 35}], msg_controllen=0,
msg_flags=0}, MSG_NOSIGNAL) = 179
sendmsg(3, {msg_name(0)=NULL,
msg_iov(2)=[{"l\1\0\1\0\0\0\0\5\0\0\0\207\0\0\0\1\1o\0\37\0\0\0/org/freedesktop/Geoclue/Master\0\6\1s\0\36\0\0\0org.freedesktop.Geoclue.Master\0\0\2\1s\0\36\0\0\0org.freedesktop.Geoclue.Master\0\0\3\1s\0\6\0\0\0Create\0\0",
152}, {"", 0}], msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL) = 152
poll([{fd=3, events=POLLIN}], 1, 25000) = 1 ([{fd=3, revents=POLLIN}])
recvmsg(3, {msg_name(0)=NULL,
msg_iov(1)=[{"l\2\1\1\n\0\0\0\3\0\0\0=\0\0\0\6\1s\0\6\0\0\0:1.411\0\0\5\1u\0\4\0\0\0\10\1g\0\1s\0\0\7\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\5\0\0\0:1.43\0",
2048}], msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_CMSG_CLOEXEC) = 90
write(4, "\1\0\0\0\0\0\0\0", 8) = 8
recvmsg(3, 0x7fffcd24f170, MSG_CMSG_CLOEXEC) = -1 EAGAIN (Resource
temporarily unavailable)
poll([{fd=3, events=POLLIN}], 1, 25000
# Here it hangs
) = 0 (Timeout)
open("/usr/lib/x86_64-linux-gnu/charset.alias", O_RDONLY) = -1 ENOENT (No
such file or directory)
fstat(2, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 56), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7f3d2998c000
write(2, "Unable to obtain master client: Did not receive a reply.
Possible causes include: the remote application did not send a reply, the
message bus security policy blocked the reply, the reply timeout expired, or
the network connection was broken.\n", 243Unable to obtain master client: Did
not receive a reply. Possible causes include: the remote application did not
send a reply, the message bus security policy blocked the reply, the reply
timeout expired, or the network connection was broken.
) = 243
open("/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 5
fstat(5, {st_mode=S_IFREG|0644, st_size=2570, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7f3d2998b000
read(5, "# Locale name alias data base.\n# Copyright (C)
1996-2001,2003,2007 Free Software Foundation, Inc.\n#\n# This program is free
software; you can redistribute it and/or modify\n# it under the terms of the
GNU General Public License as published by\n# the Free Software Foundation;
either version 2, or (at your option)\n# any later version.\n#\n# This program
is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY;
without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the\n# GNU General Public License for more
details.\n#\n# You should have received a copy of the GNU General Public
License\n# along with this program; if not, write to the Free Software\n#
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.\n\n#
The format of this file is the same as for the
[Touch-packages] [Bug 1398805] Re: redshift fails to start geoclue provider after resuming network connection / hangs for 25s
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: geoclue (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to geoclue in Ubuntu.
https://bugs.launchpad.net/bugs/1398805
Title:
redshift fails to start geoclue provider after resuming network
connection / hangs for 25s
Status in geoclue package in Ubuntu:
Confirmed
Status in redshift package in Ubuntu:
Confirmed
Bug description:
`redshift -l geoclue -p` hangs after resuming network operation.
This happens after resuming from hibernation, but can be reproduced by
disabling and re-enabling the network via network-manager.
strace shows:
sendmsg(3, {msg_name(0)=NULL,
msg_iov(2)=[{"l\1\1\1\214\0\0\0\2\0\0\0\177\0\0\0\1\1o\0\25\0\0\0/org/freedesktop/DBus\0\0\0\6\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\2\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\3\1s\0\10\0\0\0AddMatch\0\0\0\0\0\0\0\0\10\1g\0\1s\0\0",
144},
{"\207\0\0\0type='signal',sender='org.freedesktop.Geoclue.Master',path='/org/freedesktop/Geoclue/Master',interface='org.freedesktop.Geoclue.Master'\0",
140}], msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL) = 284
sendmsg(3, {msg_name(0)=NULL,
msg_iov(2)=[{"l\1\1\1\256\0\0\0\3\0\0\0\177\0\0\0\1\1o\0\25\0\0\0/org/freedesktop/DBus\0\0\0\6\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\2\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\3\1s\0\10\0\0\0AddMatch\0\0\0\0\0\0\0\0\10\1g\0\1s\0\0",
144},
{"\251\0\0\0type='signal',sender='org.freedesktop.DBus',path='/org/freedesktop/DBus',interface='org.freedesktop.DBus',member='NameOwnerChanged',arg0='org.freedesktop.Geoclue.Master'\0",
174}], msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL) = 318
sendmsg(3, {msg_name(0)=NULL,
msg_iov(2)=[{"l\1\0\1#\0\0\0\4\0\0\0\177\0\0\0\1\1o\0\25\0\0\0/org/freedesktop/DBus\0\0\0\6\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\2\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\3\1s\0\f\0\0\0GetNameOwner\0\0\0\0\10\1g\0\1s\0\0",
144}, {"\36\0\0\0org.freedesktop.Geoclue.Master\0", 35}], msg_controllen=0,
msg_flags=0}, MSG_NOSIGNAL) = 179
sendmsg(3, {msg_name(0)=NULL,
msg_iov(2)=[{"l\1\0\1\0\0\0\0\5\0\0\0\207\0\0\0\1\1o\0\37\0\0\0/org/freedesktop/Geoclue/Master\0\6\1s\0\36\0\0\0org.freedesktop.Geoclue.Master\0\0\2\1s\0\36\0\0\0org.freedesktop.Geoclue.Master\0\0\3\1s\0\6\0\0\0Create\0\0",
152}, {"", 0}], msg_controllen=0, msg_flags=0}, MSG_NOSIGNAL) = 152
poll([{fd=3, events=POLLIN}], 1, 25000) = 1 ([{fd=3, revents=POLLIN}])
recvmsg(3, {msg_name(0)=NULL,
msg_iov(1)=[{"l\2\1\1\n\0\0\0\3\0\0\0=\0\0\0\6\1s\0\6\0\0\0:1.411\0\0\5\1u\0\4\0\0\0\10\1g\0\1s\0\0\7\1s\0\24\0\0\0org.freedesktop.DBus\0\0\0\0\5\0\0\0:1.43\0",
2048}], msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_CMSG_CLOEXEC) = 90
write(4, "\1\0\0\0\0\0\0\0", 8) = 8
recvmsg(3, 0x7fffcd24f170, MSG_CMSG_CLOEXEC) = -1 EAGAIN (Resource
temporarily unavailable)
poll([{fd=3, events=POLLIN}], 1, 25000
# Here it hangs
) = 0 (Timeout)
open("/usr/lib/x86_64-linux-gnu/charset.alias", O_RDONLY) = -1 ENOENT (No
such file or directory)
fstat(2, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 56), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7f3d2998c000
write(2, "Unable to obtain master client: Did not receive a reply.
Possible causes include: the remote application did not send a reply, the
message bus security policy blocked the reply, the reply timeout expired, or
the network connection was broken.\n", 243Unable to obtain master client: Did
not receive a reply. Possible causes include: the remote application did not
send a reply, the message bus security policy blocked the reply, the reply
timeout expired, or the network connection was broken.
) = 243
open("/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 5
fstat(5, {st_mode=S_IFREG|0644, st_size=2570, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0)
= 0x7f3d2998b000
read(5, "# Locale name alias data base.\n# Copyright (C)
1996-2001,2003,2007 Free Software Foundation, Inc.\n#\n# This program is free
software; you can redistribute it and/or modify\n# it under the terms of the
GNU General Public License as published by\n# the Free Software Foundation;
either version 2, or (at your option)\n# any later version.\n#\n# This program
is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY;
without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the\n# GNU General Public License for more
details.\n#\n# You should have received a copy of the GNU General Public
License\n# along with this program; if not, write to the Free Software\n#
Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.\n\n#
The format of this file is the same as for the
[Touch-packages] [Bug 1882636] Re: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1873777
email is alright, but the log there seems to have useful information geoclue[1460]: Failed to query location: TLS/SSL support not available; install glib-networking what's the output of $ dpkg -l | grep glib-networking ? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to glib-networking in Ubuntu. https://bugs.launchpad.net/bugs/1882636 Title: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1873777 Status in glib-networking package in Ubuntu: Incomplete Bug description: OS: Pop!_OS 20.04 LTS x86_64 Host: XPS 13 9370 Kernel: 5.4.0-7634-generic Uptime: 2 hours, 50 mins Packages: 1817 (dpkg), 20 (snap) Shell: bash 5.0.16 Resolution: 1920x1080 DE: GNOME WM: Mutter WM Theme: Pop Theme: Pop-dark [GTK2/3] Icons: Pop [GTK2/3] Terminal: gnome-terminal CPU: Intel i5-8250U (8) @ 3.400GHz GPU: Intel UHD Graphics 620 Memory: 3322MiB / 15729MiB Summary(cont) - Attempt to input Google account info into online account util and get error--> TLS/SSL support not available; install glib-networking. https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1873777 Referenced this BUG REPORT ##Downloaded Deb build but I'm having an issue applying appropriate inputs in the provided documentation. Please help!## To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1882636/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886728] [NEW] OpenVPN OTP replaces the ordinary password
You have been subscribed to a public bug: When OpenVPN has One-time password (OTP) enabled, and the user connects, a dialog asks the user to enter the One-time password (OTP) and press ok. This action replaces the ordinary "long term" password with the OTP. This causes annoyance as the next login will fail because the password is wrong and the user has to enter both the password and the OTP the next time they log in. ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: gnome-keyring 3.36.0-1ubuntu1 ProcVersionSignature: Ubuntu 5.4.0-40.44-generic 5.4.44 Uname: Linux 5.4.0-40-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu27.3 Architecture: amd64 CasperMD5CheckResult: skip CurrentDesktop: ubuntu:GNOME Date: Wed Jul 8 01:07:18 2020 InstallationDate: Installed on 2020-03-23 (106 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017) SourcePackage: gnome-keyring UpgradeStatus: Upgraded to focal on 2020-05-11 (57 days ago) ** Affects: network-manager (Ubuntu) Importance: Low Status: Triaged ** Tags: amd64 apport-bug focal -- OpenVPN OTP replaces the ordinary password https://bugs.launchpad.net/bugs/1886728 You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886790] [NEW] lxc 3.0.3-0ubuntu1~18.04.1 ADT test failure with 5.4 kernels in Bionic
Public bug reported: Testing failed on: amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/amd64/l/lxc/20200706_183234_ca65f@/log.gz arm64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/arm64/l/lxc/20200706_172136_71b68@/log.gz ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/ppc64el/l/lxc/20200706_191938_cedac@/log.gz s390x: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/s390x/l/lxc/20200706_163359_98d4d@/log.gz The failing test seems to be: FAIL: lxc-tests: lxc-test-device-add-remove (0s) --- Adding /dev/network_latency to the container (device_add_remove_test) failed... --- This is a regression from the 4.15/5.3 to 5.4 kernels in Bionic. Note that this testcase is successful on Focal with the same kernel version. ** Affects: lxc (Ubuntu) Importance: Undecided Status: New ** Affects: lxc (Ubuntu Bionic) Importance: High Status: New ** Tags: kernel-adt-failure ** Tags added: kernel-adt-failure ** Description changed: Testing failed on: - amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/amd64/l/lxc/20200706_183234_ca65f@/log.gz - arm64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/arm64/l/lxc/20200706_172136_71b68@/log.gz - ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/ppc64el/l/lxc/20200706_191938_cedac@/log.gz - s390x: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/s390x/l/lxc/20200706_163359_98d4d@/log.gz + amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/amd64/l/lxc/20200706_183234_ca65f@/log.gz + arm64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/arm64/l/lxc/20200706_172136_71b68@/log.gz + ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/ppc64el/l/lxc/20200706_191938_cedac@/log.gz + s390x: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/s390x/l/lxc/20200706_163359_98d4d@/log.gz + + The failing test seems to be: + + FAIL: lxc-tests: lxc-test-device-add-remove (0s) + --- + Adding /dev/network_latency to the container (device_add_remove_test) failed... + --- ** Also affects: lxc (Ubuntu Bionic) Importance: Undecided Status: New ** Summary changed: - lxc 3.0.3-0ubuntu1~18.04.1 ADT test failure with linux-hwe-5.4 5.4.0-41.45~18.04.1 + lxc 3.0.3-0ubuntu1~18.04.1 ADT test failure with 5.4 kernels in Bionic ** Description changed: Testing failed on: amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/amd64/l/lxc/20200706_183234_ca65f@/log.gz arm64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/arm64/l/lxc/20200706_172136_71b68@/log.gz ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/ppc64el/l/lxc/20200706_191938_cedac@/log.gz s390x: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/s390x/l/lxc/20200706_163359_98d4d@/log.gz The failing test seems to be: FAIL: lxc-tests: lxc-test-device-add-remove (0s) --- Adding /dev/network_latency to the container (device_add_remove_test) failed... --- + + This is a regression from the 4.15/5.3 to 5.4 kernels. Note that this + testcase is successful on Focal with the same kernel version. ** Description changed: Testing failed on: amd64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/amd64/l/lxc/20200706_183234_ca65f@/log.gz arm64: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/arm64/l/lxc/20200706_172136_71b68@/log.gz ppc64el: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/ppc64el/l/lxc/20200706_191938_cedac@/log.gz s390x: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/s390x/l/lxc/20200706_163359_98d4d@/log.gz The failing test seems to be: FAIL: lxc-tests:
[Touch-packages] [Bug 1886128] Re: systemd-resolved does not resolve address due to udp payload size.
Thank you,
I have gathered required log as you mentioned:
Output of journalctl -b -u systemd-resolved --no-pager( please note: after the
first read, link will disappear )
https://file.io/2LcfbtNf
Output of dig:
dig mharder-formrec.cognitiveservices.azure.com
; <<>> DiG 9.11.3-1ubuntu1.12-Ubuntu <<>>
mharder-formrec.cognitiveservices.azure.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 16016
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;mharder-formrec.cognitiveservices.azure.com. INA
;; Query time: 231 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Wed Jul 08 07:40:24 UTC 2020
;; MSG SIZE rcvd: 72
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1886128
Title:
systemd-resolved does not resolve address due to udp payload size.
Status in systemd package in Ubuntu:
Incomplete
Bug description:
Description: Ubuntu 18.04.4 LTS
Release: 18.04
systemd-resolve --version
systemd 237
+PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP
+GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD -IDN2 +IDN
-PCRE2 default-hierarchy=hybrid
We met an error: on an attempt to resolve address, the following issue
appears:
; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>>
mharder-formrec.cognitiveservices.azure.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 44096
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;mharder-formrec.cognitiveservices.azure.com. IN A
;; Query time: 231 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Tue Apr 28 20:47:14 UTC 2020
;; MSG SIZE rcvd: 72
Let me provide you important notes about the issue:
1) It's not reproducing on Ubuntu 16;
2) Bypassing systemd-resolve - everything works fine;
3) Only the difference between systemd-resolve and END is UDP_PAYLOAD_SIZE
Successful query:
113516:27:25.964386 10.1.0.4168.63.129.16 DNS 128
Standard query 0xc2d4 A mharder-formrec.cognitiveservices.azure.com
OPT
Domain Name System (query)
Transaction ID: 0xc2d4
Flags: 0x0120 Standard query
0... = Response: Message is a query
.000 0... = Opcode: Standard query (0)
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
.0.. = Z: reserved (0)
..1. = AD bit: Set
...0 = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
mharder-formrec.cognitiveservices.azure.com: type A, class IN
Additional records
: type OPT
Name:
Type: OPT (41)
UDP payload size: 4096
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x
0... = DO bit: Cannot handle DNSSEC security
RRs
.000 = Reserved: 0x
Data length: 12
Option: COOKIE
Unsuccessful query:
112816:27:25.713886 10.1.0.4168.63.129.16 DNS 116
Standard query 0x198d A mharder-formrec.cognitiveservices.azure.com
OPT
Domain Name System (query)
Transaction ID: 0x198d
Flags: 0x0100 Standard query
0... = Response: Message is a query
.000 0... = Opcode: Standard query (0)
..0. = Truncated: Message is not truncated
...1 = Recursion desired: Do query recursively
.0.. = Z: reserved (0)
...0 = Non-authenticated data: Unacceptable
Questions: 1
Answer RRs: 0
Authority RRs: 0
Additional RRs: 1
Queries
mharder-formrec.cognitiveservices.azure.com: type A, class IN
Additional records
: type OPT
Name:
Type: OPT (41)
UDP payload size: 512
Higher bits in extended RCODE: 0x00
EDNS0 version: 0
Z: 0x
0... = DO bit: Cannot handle DNSSEC security
RRs
.000 = Reserved: 0x
Data length: 0
Notable difference:
Success:
UDP payload size: 4096
Failure:
UDP payload size: 512
And notable differences in the responses:
Success:
Flags: 0x8180 Standard query response, No error
[Touch-packages] [Bug 1882636] Re: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1873777
I have a better log file which I have compressed with zip but dont feel comfortable printing it to this bug page. Do you mind if I send it to your email? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to glib-networking in Ubuntu. https://bugs.launchpad.net/bugs/1882636 Title: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1873777 Status in glib-networking package in Ubuntu: Incomplete Bug description: OS: Pop!_OS 20.04 LTS x86_64 Host: XPS 13 9370 Kernel: 5.4.0-7634-generic Uptime: 2 hours, 50 mins Packages: 1817 (dpkg), 20 (snap) Shell: bash 5.0.16 Resolution: 1920x1080 DE: GNOME WM: Mutter WM Theme: Pop Theme: Pop-dark [GTK2/3] Icons: Pop [GTK2/3] Terminal: gnome-terminal CPU: Intel i5-8250U (8) @ 3.400GHz GPU: Intel UHD Graphics 620 Memory: 3322MiB / 15729MiB Summary(cont) - Attempt to input Google account info into online account util and get error--> TLS/SSL support not available; install glib-networking. https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1873777 Referenced this BUG REPORT ##Downloaded Deb build but I'm having an issue applying appropriate inputs in the provided documentation. Please help!## To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glib-networking/+bug/1882636/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1557157] Autopkgtest regression report (openldap/2.4.48+dfsg-1ubuntu1.2)
All autopkgtests for the newly accepted openldap (2.4.48+dfsg-1ubuntu1.2) for
eoan have finished running.
The following regressions have been reported in tests triggered by the package:
asterisk/1:16.2.1~dfsg-2build2 (armhf)
Please visit the excuses page listed below and investigate the failures,
proceeding afterwards as per the StableReleaseUpdates policy regarding
autopkgtest regressions [1].
https://people.canonical.com/~ubuntu-archive/proposed-
migration/eoan/update_excuses.html#openldap
[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions
Thank you!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1557157
Title:
apparmor profile denied for saslauthd: /run/saslauthd/mux
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Trusty:
Won't Fix
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Eoan:
Fix Committed
Status in openldap source package in Focal:
Fix Committed
Status in openldap source package in Groovy:
Fix Released
Bug description:
[Impact]
When using openldap with sasl authentication, the slapd process will
communicate with the saslauthd daemon via a socket in
{,/var}/run/saslauthd/mux. Unfortunately, this will fail in every
Ubuntu release from trusty onwards, because slapd's apparmor profile
doesn't contain the necessary directive to allow it to read/write
from/to the socket specified above.
The fix is simple: just add the necessary directive to allow slapd to
read/write from/to the saslauthd socket.
[Test Case]
One can reproduce the problem by doing:
$ lxc launch ubuntu-daily:groovy openldap-bugbug1557157-groovy
$ lxc shell openldap-bugbug1557157-groovy
# apt install slapd sasl2-bin ldap-utils apparmor-utils
(As the domain name, use "example.com").
# sed -i -e 's/^START=.*/START=yes/' /etc/default/saslauthd
# cat > /etc/ldap/sasl2/slapd.conf << __EOF__
mech_list: PLAIN
pwcheck_method: saslauthd
__EOF__
# adduser openldap sasl
# aa-enforce /etc/apparmor.d/usr.sbin.slapd
# systemctl restart slapd.service
# systemctl restart saslauthd.service
# passwd root
(You can choose any password here. You will need to type it when
running the next command.)
# ldapsearch -H ldapi:/// -LLL -b 'dc=example,dc=com' -s base -U root
-Y PLAIN
The command will fail with something like:
ldap_sasl_interactive_bind_s: Other (e.g., implementation specific) error (80)
additional info: SASL(-1): generic failure: Password verification
failed
[Regression Potential]
This is an extremely simple and well contained fix, so I don't
envision any possible regressions after applying it. It is important
noticing that, since the problem affects older Ubuntu releases, the
openldap package will have to be rebuilt against possible newer
versions of libraries and other depencencies, which, albeit unlikely,
may cause issues.
[Original Description]
When using slapd with saslauthd the processes communicate via the
{,/var}/run/saslauthd/mux socket (this is the default location for the
saslauthd server from the sasl2-bin package in the
/etc/default/saslauthd config), but the apparmor profile for
usr.sbin.slapd does not allow access to this socket/file.
Syslog message:
apparmor="DENIED" operation="connect" profile="/usr/sbin/slapd"
name="/run/saslauthd/mux" pid=1880
4 comm="slapd" requested_mask="r" denied_mask="r" fsuid=108 ouid=0
Please add the following line to /etc/apparmor.d/usr.sbin.slapd:
/{,var/}run/saslauthd/mux rw,
Ubuntu version: Ubuntu 14.04.4 LTS
slapd version: 2.4.31-1+nmu2ubu
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1557157/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1866303] Autopkgtest regression report (openldap/2.4.48+dfsg-1ubuntu1.2)
All autopkgtests for the newly accepted openldap (2.4.48+dfsg-1ubuntu1.2) for
eoan have finished running.
The following regressions have been reported in tests triggered by the package:
asterisk/1:16.2.1~dfsg-2build2 (armhf)
Please visit the excuses page listed below and investigate the failures,
proceeding afterwards as per the StableReleaseUpdates policy regarding
autopkgtest regressions [1].
https://people.canonical.com/~ubuntu-archive/proposed-
migration/eoan/update_excuses.html#openldap
[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions
Thank you!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1866303
Title:
slapd crash with pwdAccountLockedTime and stacked overlays
Status in openldap package in Ubuntu:
Fix Released
Status in openldap source package in Xenial:
Fix Committed
Status in openldap source package in Bionic:
Fix Committed
Status in openldap source package in Disco:
Won't Fix
Status in openldap source package in Eoan:
Fix Committed
Status in openldap package in Debian:
Fix Released
Bug description:
[Impact]
In the configuration and conditions described below, slapd can crash:
1. ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
[Test Case]
* get the files from the bug:
mkdir slapd-test-case; cd slapd-test-case
wget -ct0
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334194/+files/slapd.conf
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334195/+files/data.ldif
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334196/+files/samba.schema
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+attachment/5334197/+files/script
* run the script:
sudo apt update && sudo sh ./script
* With the bug, the result is:
ldap_bind: Invalid credentials (49)
slapd dead
* If when confirming the bug you don't see "slapd dead" like above,
check manually, as slapd might have been in the process of shutting
down when the script checked its status: "sudo systemctl status slapd"
* With the fixed packages, you get a living slapd at the end (you can
run the script again on the same system after updating the packages):
sudo sh ./script
...
slapd running
ldap_bind: Invalid credentials (49)
slapd running
[Regression Potential]
The fix is in the password policy overlay (not enabled by default), so any
regressions would be around that area and could potentially impact
authentication ("binding") to openldap.
[Other Info]
This was fixed in focal and "cooked" there for a long while, as suggested by
the Debian maintainer. We haven't received further bug reports about this in
focal+.
[Original Description]
Hello,
Please merge openldap 2.4.49+dfsg-2 from Debian unstable to fix an
issue in the ppolicy overlay that can crash slapd. Please also
consider SRUing the patch after it has had some testing time.
Upstream: https://openldap.org/its/?findid=9171
Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953150
The ingredients for the crash are:
1: ppolicy overlay configured with pwdLockout: TRUE
2. smbk5pwd overlay stacked after ppolicy
3. an account locked out via pwdAccountLockedTime
4. a client binding to the locked-out account and also requesting the ppolicy
control
The buggy code is not as specific as the above steps, so I suspect
there are probably other configurations or steps that can trigger the
same crash.
I will attach my test script and data for reproducing the crash.
Expected output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd running
Actual output (last lines):
[ ok ] Starting OpenLDAP: slapd.
slapd running
ldap_bind: Invalid credentials (49)
slapd dead
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1866303/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886766] Re: xorg bug report
Please describe what kind of problem you are experiencing... Although I notice from the attached files there is one obvious issue -- you are using the old unmaintained 'intel' graphics driver. Please uninstall that: sudo apt remove xserver-xorg-video-intel because the built-in driver is better maintained and less buggy. ** Package changed: xorg (Ubuntu) => xorg-server (Ubuntu) ** Changed in: xorg-server (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1886766 Title: xorg bug report Status in xorg-server package in Ubuntu: Incomplete Bug description: i have run x-diagnose and selected the option report an x org bug. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: xorg 1:7.7+19ubuntu7.1 ProcVersionSignature: Ubuntu 4.15.0-109.110-generic 4.15.18 Uname: Linux 4.15.0-109-generic x86_64 .tmp.unity_support_test.0: ApportVersion: 2.20.9-0ubuntu7.15 Architecture: amd64 CompositorRunning: None Date: Wed Jul 8 11:40:07 2020 DistUpgraded: 2020-06-28 23:25:02,994 DEBUG /openCache(), new cache size 98031 DistroCodename: bionic DistroVariant: ubuntu ExtraDebuggingInterest: Yes, if not too technical GraphicsCard: Intel Corporation HD Graphics 5500 [8086:1616] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Fujitsu Limited. HD Graphics 5500 [10cf:1895] Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 003: ID 8087:0a2a Intel Corp. Bus 001 Device 002: ID 04f2:b413 Chicony Electronics Co., Ltd Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: FUJITSU LIFEBOOK A555 ProcEnviron: LANGUAGE=en_IN:en PATH=(custom, no user) LANG=en_IN SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.15.0-109-generic root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=1 SourcePackage: xorg UpgradeStatus: Upgraded to bionic on 2020-06-28 (9 days ago) dmi.bios.date: 05/31/2016 dmi.bios.vendor: FUJITSU // Insyde Software Corp. dmi.bios.version: 1.21 dmi.board.name: FJNBB3E dmi.board.vendor: FUJITSU dmi.chassis.type: 10 dmi.chassis.vendor: FUJITSU dmi.modalias: dmi:bvnFUJITSU//InsydeSoftwareCorp.:bvr1.21:bd05/31/2016:svnFUJITSU:pnLIFEBOOKA555:pvr:rvnFUJITSU:rnFJNBB3E:rvr:cvnFUJITSU:ct10:cvr: dmi.product.family: LIFEBOOK-FTS dmi.product.name: LIFEBOOK A555 dmi.sys.vendor: FUJITSU version.compiz: compiz 1:0.9.13.1+18.04.20180302-0ubuntu1 version.libdrm2: libdrm2 2.4.101-2~18.04.1 version.libgl1-mesa-dri: libgl1-mesa-dri 19.2.8-0ubuntu0~18.04.3 version.libgl1-mesa-glx: libgl1-mesa-glx 19.2.8-0ubuntu0~18.04.3 version.xserver-xorg-core: xserver-xorg-core 2:1.19.6-1ubuntu4.4 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.5-1ubuntu1 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:18.0.1-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20171229-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.15-2 xserver.bootTime: Fri Jun 12 09:49:57 2020 xserver.configfile: default xserver.errors: xserver.logfile: /var/log/Xorg.0.log xserver.outputs: product id1566 vendor BOE xserver.version: 2:1.18.4-0ubuntu0.8 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg-server/+bug/1886766/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1886766] [NEW] xorg bug report
Public bug reported: i have run x-diagnose and selected the option report an x org bug. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: xorg 1:7.7+19ubuntu7.1 ProcVersionSignature: Ubuntu 4.15.0-109.110-generic 4.15.18 Uname: Linux 4.15.0-109-generic x86_64 .tmp.unity_support_test.0: ApportVersion: 2.20.9-0ubuntu7.15 Architecture: amd64 CompositorRunning: None Date: Wed Jul 8 11:40:07 2020 DistUpgraded: 2020-06-28 23:25:02,994 DEBUG /openCache(), new cache size 98031 DistroCodename: bionic DistroVariant: ubuntu ExtraDebuggingInterest: Yes, if not too technical GraphicsCard: Intel Corporation HD Graphics 5500 [8086:1616] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Fujitsu Limited. HD Graphics 5500 [10cf:1895] Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 003: ID 8087:0a2a Intel Corp. Bus 001 Device 002: ID 04f2:b413 Chicony Electronics Co., Ltd Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: FUJITSU LIFEBOOK A555 ProcEnviron: LANGUAGE=en_IN:en PATH=(custom, no user) LANG=en_IN SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.15.0-109-generic root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=1 SourcePackage: xorg UpgradeStatus: Upgraded to bionic on 2020-06-28 (9 days ago) dmi.bios.date: 05/31/2016 dmi.bios.vendor: FUJITSU // Insyde Software Corp. dmi.bios.version: 1.21 dmi.board.name: FJNBB3E dmi.board.vendor: FUJITSU dmi.chassis.type: 10 dmi.chassis.vendor: FUJITSU dmi.modalias: dmi:bvnFUJITSU//InsydeSoftwareCorp.:bvr1.21:bd05/31/2016:svnFUJITSU:pnLIFEBOOKA555:pvr:rvnFUJITSU:rnFJNBB3E:rvr:cvnFUJITSU:ct10:cvr: dmi.product.family: LIFEBOOK-FTS dmi.product.name: LIFEBOOK A555 dmi.sys.vendor: FUJITSU version.compiz: compiz 1:0.9.13.1+18.04.20180302-0ubuntu1 version.libdrm2: libdrm2 2.4.101-2~18.04.1 version.libgl1-mesa-dri: libgl1-mesa-dri 19.2.8-0ubuntu0~18.04.3 version.libgl1-mesa-glx: libgl1-mesa-glx 19.2.8-0ubuntu0~18.04.3 version.xserver-xorg-core: xserver-xorg-core 2:1.19.6-1ubuntu4.4 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.10.5-1ubuntu1 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:18.0.1-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20171229-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.15-2 xserver.bootTime: Fri Jun 12 09:49:57 2020 xserver.configfile: default xserver.errors: xserver.logfile: /var/log/Xorg.0.log xserver.outputs: product id1566 vendor BOE xserver.version: 2:1.18.4-0ubuntu0.8 ** Affects: xorg (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug bionic ubuntu -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1886766 Title: xorg bug report Status in xorg package in Ubuntu: New Bug description: i have run x-diagnose and selected the option report an x org bug. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: xorg 1:7.7+19ubuntu7.1 ProcVersionSignature: Ubuntu 4.15.0-109.110-generic 4.15.18 Uname: Linux 4.15.0-109-generic x86_64 .tmp.unity_support_test.0: ApportVersion: 2.20.9-0ubuntu7.15 Architecture: amd64 CompositorRunning: None Date: Wed Jul 8 11:40:07 2020 DistUpgraded: 2020-06-28 23:25:02,994 DEBUG /openCache(), new cache size 98031 DistroCodename: bionic DistroVariant: ubuntu ExtraDebuggingInterest: Yes, if not too technical GraphicsCard: Intel Corporation HD Graphics 5500 [8086:1616] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Fujitsu Limited. HD Graphics 5500 [10cf:1895] Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 003: ID 8087:0a2a Intel Corp. Bus 001 Device 002: ID 04f2:b413 Chicony Electronics Co., Ltd Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: FUJITSU LIFEBOOK A555 ProcEnviron: LANGUAGE=en_IN:en PATH=(custom, no user) LANG=en_IN SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.15.0-109-generic root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=1 SourcePackage: xorg UpgradeStatus: Upgraded to bionic on 2020-06-28 (9 days ago) dmi.bios.date: 05/31/2016 dmi.bios.vendor: FUJITSU // Insyde Software Corp. dmi.bios.version: 1.21 dmi.board.name: FJNBB3E dmi.board.vendor: FUJITSU dmi.chassis.type: 10 dmi.chassis.vendor: FUJITSU dmi.modalias: dmi:bvnFUJITSU//InsydeSoftwareCorp.:bvr1.21:bd05/31/2016:svnFUJITSU:pnLIFEBOOKA555:pvr:rvnFUJITSU:rnFJNBB3E:rvr:cvnFUJITSU:ct10:cvr: dmi.product.family: LIFEBOOK-FTS dmi.product.name: LIFEBOOK A555 dmi.sys.vendor: FUJITSU version.compiz: compiz 1:0.9.13.1+18.04.20180302-0ubuntu1 version.libdrm2: libdrm2 2.4.101-2~18.04.1 version.libgl1-mesa-dri: libgl1-mesa-dri 19.2.8-0ubuntu0~18.04.3
