[Sts-sponsors] Please review and sponsor LP#1912122 for rsyslog
Hi Eric, Mauricio, Could you please review and consider sponsoring the rsyslog debdiffs on LP 1912122? https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1912122 VISA opened a case and mentioned that /var/log/dmesg is 0644, and I should have really caught this and changed it to 0640 during my campaign to get DMESG_RESTRICT enabled. So, fixing it up here. I am aware that this might not be possible to SRU to Groovy, or would get stuck in block-proposed, but its the upload to hirsute that really matters. Please review and sponsor. You can put timecards under: SF301554 - VISA - /var/log/dmesg file pemission Thanks, Matthew -- Mailing list: https://launchpad.net/~sts-sponsors Post to : sts-sponsors@lists.launchpad.net Unsubscribe : https://launchpad.net/~sts-sponsors More help : https://help.launchpad.net/ListHelp
[Sts-sponsors] [Bug 1910432] [NEW] dirmngr doesn't work with kernel parameter ipv6.disable=1
You have been subscribed to a public bug by Dan Streetman (ddstreet): [Impact] apt-key fails to fetch keys with "Address family not supported by protocol" [Description] We've had users report issues about apt-key being unable to fetch keys when IPv6 is disabled. As the mentioned kernel command line parameter disables IPV6 socket support, servers that allow/respond with IPv6 will cause connect_server() to fail with EAFNOSUPPORT. As this error is not being handled in some version of dirmngr, it'll simply fail the connection and could cause other processes to fail as well. In the test scenario below, it's easy to demonstrate this behaviour through apt-key. This has been reported upstream, and has been fixed with the following commit: - dirmngr: Handle EAFNOSUPPORT at connect_server. (109d16e8f644) The fix has been present upstream starting with GnuPG 2.22, so it's not currently available in any Ubuntu releases. [Test Case] 1. Spin up Focal VM 2. Disable IPv6: $ sudo vi /etc/default/grub (...) GRUB_CMDLINE_LINUX="ipv6.disable=1" $ sudo update-grub 3. Reboot the VM 4. Try to fetch a key: sudo apt-key adv --fetch-keys https://www.postgreSQL.org/media/keys/ACCC4CF8.asc You'll get the following error: gpg: WARNING: unable to fetch URI https://www.postgresql.org/media/keys/ACCC4CF8.asc: Address family not supported by protocol [Regression Potential] The patch introduces additional error handling when connecting to servers, to properly mark remote hosts as having valid IPv4 and/or IPv6 connectivity. We should look out for potential regressions when connecting to servers with exclusive IPv4 or IPv6 connectivity, to make sure the server is not getting marked as 'dead' due to missing one of the versions. This commit has also been tested in the corresponding Ubuntu series, and has been deemed safe for backporting to stable branches of upstream GnuPG. The overall regression potential for this change should be fairly low, and breakage should be easily spotted. ** Affects: gnupg2 (Ubuntu) Importance: High Assignee: Heitor Alves de Siqueira (halves) Status: In Progress ** Affects: gnupg2 (Ubuntu Bionic) Importance: High Assignee: Heitor Alves de Siqueira (halves) Status: In Progress ** Affects: gnupg2 (Ubuntu Focal) Importance: High Assignee: Heitor Alves de Siqueira (halves) Status: In Progress ** Affects: gnupg2 (Ubuntu Groovy) Importance: High Assignee: Heitor Alves de Siqueira (halves) Status: In Progress ** Affects: gnupg2 (Ubuntu Hirsute) Importance: High Assignee: Heitor Alves de Siqueira (halves) Status: In Progress ** Tags: seg sts sts-sponsor sts-sponsor-ddstreet -- dirmngr doesn't work with kernel parameter ipv6.disable=1 https://bugs.launchpad.net/bugs/1910432 You received this bug notification because you are a member of STS Sponsors, which is subscribed to the bug report. -- Mailing list: https://launchpad.net/~sts-sponsors Post to : sts-sponsors@lists.launchpad.net Unsubscribe : https://launchpad.net/~sts-sponsors More help : https://help.launchpad.net/ListHelp
Re: [Sts-sponsors] [Merge] ~halves/ubuntu/+source/gnupg2:lp1910432-focal into ubuntu/+source/gnupg2:ubuntu/focal-devel
sorry didn't click the checkbox on my inline comment last time Diff comments: > diff --git a/debian/changelog b/debian/changelog > index fe05c72..6ada1d4 100644 > --- a/debian/changelog > +++ b/debian/changelog > @@ -1,3 +1,10 @@ > +gnupg2 (2.2.19-3ubuntu3) focal; urgency=medium as focal is an sru release, version number should be 2.2.19-3ubuntu2.1 > + > + * d/p/dirmngr-handle-EAFNOSUPPORT-at-connect_server.patch: > +- Fix IPv6 connectivity for dirmngr (LP: #1910432) > + > + -- Heitor Alves de Siqueira Wed, 06 Jan 2021 > 18:10:35 + > + > gnupg2 (2.2.19-3ubuntu2) focal; urgency=medium > >* Don't declare diffutils as a test dependency, this package is essential -- https://code.launchpad.net/~halves/ubuntu/+source/gnupg2/+git/gnupg2/+merge/396406 Your team STS Sponsors is requested to review the proposed merge of ~halves/ubuntu/+source/gnupg2:lp1910432-focal into ubuntu/+source/gnupg2:ubuntu/focal-devel. -- Mailing list: https://launchpad.net/~sts-sponsors Post to : sts-sponsors@lists.launchpad.net Unsubscribe : https://launchpad.net/~sts-sponsors More help : https://help.launchpad.net/ListHelp
Re: [Sts-sponsors] [Merge] ~halves/ubuntu/+source/gnupg2:lp1910432-focal into ubuntu/+source/gnupg2:ubuntu/focal-devel
Review: Needs Fixing looks good, minor issue with version number bump -- https://code.launchpad.net/~halves/ubuntu/+source/gnupg2/+git/gnupg2/+merge/396406 Your team STS Sponsors is requested to review the proposed merge of ~halves/ubuntu/+source/gnupg2:lp1910432-focal into ubuntu/+source/gnupg2:ubuntu/focal-devel. -- Mailing list: https://launchpad.net/~sts-sponsors Post to : sts-sponsors@lists.launchpad.net Unsubscribe : https://launchpad.net/~sts-sponsors More help : https://help.launchpad.net/ListHelp
Re: [Sts-sponsors] [Merge] ~halves/ubuntu/+source/gnupg2:lp1910432-devel into ubuntu/+source/gnupg2:ubuntu/devel
Review: Needs Fixing looks good, minor issue with needing separate MR for groovy and hirsute. Diff comments: > diff --git a/debian/changelog b/debian/changelog > index 974065a..493cd72 100644 > --- a/debian/changelog > +++ b/debian/changelog > @@ -1,3 +1,10 @@ > +gnupg2 (2.2.20-1ubuntu2) groovy; urgency=medium Can you change the release to hirsute please? That's the current devel release. Also can you open a separate MR for groovy? The version number in groovy should be 2.2.20-1ubuntu1.1 > + > + * d/p/dirmngr-handle-EAFNOSUPPORT-at-connect_server.patch: > +- Fix IPv6 connectivity for dirmngr (LP: #1910432) > + > + -- Heitor Alves de Siqueira Sat, 16 Jan 2021 > 14:53:14 + > + > gnupg2 (2.2.20-1ubuntu1) groovy; urgency=low > >* Merge from Debian unstable. Remaining changes: -- https://code.launchpad.net/~halves/ubuntu/+source/gnupg2/+git/gnupg2/+merge/396407 Your team STS Sponsors is requested to review the proposed merge of ~halves/ubuntu/+source/gnupg2:lp1910432-devel into ubuntu/+source/gnupg2:ubuntu/devel. -- Mailing list: https://launchpad.net/~sts-sponsors Post to : sts-sponsors@lists.launchpad.net Unsubscribe : https://launchpad.net/~sts-sponsors More help : https://help.launchpad.net/ListHelp
Re: [Sts-sponsors] [Merge] ~halves/ubuntu/+source/gnupg2:lp1910432-bionic into ubuntu/+source/gnupg2:ubuntu/bionic-devel
Review: Needs Fixing Looks like this doesn't compile; the v4_valid and v6_valid variables aren't present in the bionic code. However, it looks fairly simple to adjust for the older code; can you take a look at it? -- https://code.launchpad.net/~halves/ubuntu/+source/gnupg2/+git/gnupg2/+merge/396408 Your team STS Sponsors is requested to review the proposed merge of ~halves/ubuntu/+source/gnupg2:lp1910432-bionic into ubuntu/+source/gnupg2:ubuntu/bionic-devel. -- Mailing list: https://launchpad.net/~sts-sponsors Post to : sts-sponsors@lists.launchpad.net Unsubscribe : https://launchpad.net/~sts-sponsors More help : https://help.launchpad.net/ListHelp