[Touch-packages] [Bug 2045621] Re: Improve power consumption on Framework systems
Ran below steps to verify the packages 249.11.5 (Jammy) and 253.5.3 (Mantic) : 1. add jammy proposed channel 2. $ apt install systemd-hwe-hwdb 3. verify the proposed version was installed: $ apt policy systemd-hwe-hwdb 4. verify that /usr/lib/udev/hwdb.d/90-ubuntu-autosuspend.hwdb was created with Framework expansion cards 5. verify the control files: $ cat /sys/devices/pci:00/:00:08.1/:c1:00.3/usb1/1-1/power/control auto $ cat /sys/devices/pci:00/:00:08.1/:c1:00.3/usb7/7-1/power/control auto ** Tags removed: verification-needed-jammy ** Tags added: verification-done-jammy ** Tags removed: verification-needed verification-needed-mantic ** Tags added: verification-done verification-done-mantic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/2045621 Title: Improve power consumption on Framework systems Status in OEM Priority Project: In Progress Status in systemd package in Ubuntu: Fix Committed Status in systemd-hwe package in Ubuntu: Invalid Status in systemd source package in Jammy: Won't Fix Status in systemd-hwe source package in Jammy: Fix Committed Status in systemd source package in Lunar: Won't Fix Status in systemd-hwe source package in Lunar: Won't Fix Status in systemd source package in Mantic: Won't Fix Status in systemd-hwe source package in Mantic: Fix Committed Status in systemd source package in Noble: Fix Committed Status in systemd-hwe source package in Noble: Invalid Bug description: [ Impact ] * Framework systems that have DP or HDMI cards connected will have increased power consumption even when nothing is connected to DP or HDMI ports since the cards don't default to autosuspend. * Backporting upstream patch that adds rules in hwdb.d/60-autosuspend.hwdb for Framework's HDMI and DP extensions. [ Test Plan ] * DUT: Framework with DP and HDMI: $ lsusb | grep Framework Bus 007 Device 002: ID 32ac:0003 Framework DisplayPort Expansion Card Bus 001 Device 002: ID 32ac:0002 Framework HDMI Expansion Card 1. Autosuspend is not enabled before patch. Set to "on" in power/control $ cat /sys/devices/pci:00/:00:08.1/:c1:00.3/usb1/1-1/manufacturer Framework $ cat /sys/devices/pci:00/:00:08.1/:c1:00.3/usb1/1-1/power/control on $ cat /sys/devices/pci:00/:00:08.1/:c1:00.3/usb1/1-2/manufacturer Framework $ cat /sys/devices/pci:00/:00:08.1/:c1:00.3/usb1/1-2/power/control on 2. Install patch 3. Autosuspend is enabled for both extensions. Set to "auto" in power/control $ cat power/control auto [ Where problems could occur ] * During testing verified that both DP+HDMI display show good output after hot-plug, system suspend, and reboot. There might be some differences when hibernate and hotplug. [ Other Info ] * https://github.com/systemd/systemd/commit/9023630cb7025650aa4d01ee794b0bb68bfdf2c1 To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/2045621/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2020913] Re: /etc/profile.d/debuginfd.{sh, csh} are created with 600 permissions
** Tags removed: server-todo
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to elfutils in Ubuntu.
https://bugs.launchpad.net/bugs/2020913
Title:
/etc/profile.d/debuginfd.{sh,csh} are created with 600 permissions
Status in elfutils package in Ubuntu:
Fix Released
Status in elfutils source package in Jammy:
Incomplete
Bug description:
[ Impact ]
Users installing libdebuginfod-common (the package that ships the
shell snippets responsible for configuring the DEBUGINFOD_URLS
environment variable, which will ultimately be used by GDB to contact
the Ubuntu debuginfod service) experience a problem caused by
permissions being set too tightly for
/etc/profile.d/debuginfod.{sh,csh}. This results in DEBUGINFOD_URLS
not being set for non-root users.
[ Test Plan ]
Inside a Jammy container:
# apt install -y libdebuginfod-common
# ls -lah /etc/profile.d/debuginfod*
Verify that the permission of both files allow them to be world-
readable.
[ Where problems could occur ]
Care has been taken to not modify existing file permissions
unnecessarily by using "g+r,o+r" when invoking chmod, but it is still
possible to conceive a scenario where upgrading the package would make
the files world-readable when the user is actually expecting
otherwise. However, such "regression" would arguably not be something
supported because if the intention is to prevent non-root users from
making use of debuginfod, there are better ways to achieve it.
[ Original Description ]
In a fresh container, installing libdebuginfod-common gives a
/etc/profile.d that looks like this:
```
root@32f34f7e271e:/etc/profile.d# ls -lah
total 24K
drwxr-xr-x 1 root root 4.0K May 26 17:23 .
drwxr-xr-x 1 root root 4.0K May 26 17:23 ..
-rw-r--r-- 1 root root 96 Oct 15 2021 01-locale-fix.sh
-rw--- 1 root root 677 May 26 17:23 debuginfod.csh
-rw--- 1 root root 692 May 26 17:23 debuginfod.sh
```
when I login as a nonprivledged user, DEBUGINFOD_URLS is not set
because the permissions are incorrect on the profile files.
```
# dpkg -l | grep libdebug
ii libdebuginfod-common0.186-1build1 all
configuration to enable the Debian debug info server
```
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/elfutils/+bug/2020913/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2035315] Re: Unprivileged user namespace restrictions break various applications
This bug has been reported on the Ubuntu ISO testing tracker.
A list of all reports related to this bug can be found here:
http://iso.qa.ubuntu.com/qatracker/reports/bugs/2035315
** Tags added: iso-testing
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2035315
Title:
Unprivileged user namespace restrictions break various applications
Status in apparmor package in Ubuntu:
Fix Released
Status in lxc package in Ubuntu:
Fix Released
Bug description:
When the unprivileged user namespace restrictions are enabled, various
applications within and outside the Ubuntu archive fail to function,
as they use unprivileged user namespaces as part of their normal
operation.
A search of the Ubuntu archive for the 23.10 release was performed
looking for all applications that make legitimate use of the
CLONE_NEWUSER argument, the details of which can be seen in
https://docs.google.com/spreadsheets/d/1MOPVoTW0BROF1TxYqoWeJ3c6w2xKElI4w-VjdCG0m9s/edit#gid=2102562502
For each package identified in that list, an investigation was made to
determine if the application actually used this as an unprivileged
user, and if so which of the binaries within the package were
affected.
The full investigation can be seen in
https://warthogs.atlassian.net/browse/SEC-1898 (which is unfortunately
private) but is summarised to the following list of Ubuntu source
packages, with the affected binaries as noted. NOTE that due to time
constraints for some packages it was not possible to finish the
complete investigation and so for those *all* the binaries from the
package are listed below.
For each of these binaries, an apparmor profile is required so that
the binary can be granted use of unprivileged user namespaces - an
example profile for the ch-run binary within the charliecloud package
is shown:
$ cat /etc/apparmor.d/usr.bin.ch-run
abi ,
include
/usr/bin/ch-run flags=(unconfined) {
userns,
# Site-specific additions and overrides. See local/README for details.
include if exists
}
However, in a few select cases, it has been decided not to ship an apparmor
profile, since this would effectively allow this mitigation to be bypassed. In
particular, the unshare and setns binaries within the util-linux package are
installed on every Ubuntu system, and allow an unprivileged user the ability to
launch an arbitrary application within a new user namespace. Any malicious
application then that wished to exploit an unprivileged user namespace to
conduct an attack on the kernel would simply need to spawn itself via `unshare
-U` or similar to be granted this permission. Therefore, due to the ubiquitous
nature of the unshare (and setns) binaries, profiles are not planned to be
provided for these by default. Similarly, the bwrap binary within bubblewrap is
also installed by default on Ubuntu Desktop 23.10 and can also be used to
launch arbitrary binaries within a new user namespace and so no profile is
planned to be provided for this either.
Those packages for which either a profile is not required or which a
profile is not planned are listed below, whilst the list of packages
that require a profile (and their associated binaries) is listed at
the end:
Packages that use user namespaces but for which a profile is not
required or not planned:
- bubblewrap
- /usr/bin/bwrap (NOT PLANNED AS NOTED ABOVE)
- cifs-utils
- /usr/sbin/cifs.upcall (NOT REQUIRED AS IS EXECUTED AS root)
- consfigurator # NOT REQUIRED, NO BINARIES OR reverse-depends
- criu
- /usr/sbin/criu (NOT REQUIRED SINCE ONLY FUNCTIONS AS root)
- docker.io-app
- /usr/bin/dockerd (NOT REQUIRED SINCE RUNS AS root)
- firejail
- /usr/bin/firejail (NOT REQUIRED SINCE is suid root)
- golang-github-containers-storage
- /usr/bin/containers-storage (NOT REQUIRED SINCE ONLY FUNCTIONS AS root)
- golang-gvisor-gvisor
- /usr/bin/runsc (NOT REQUIRED SINCE ONLY FUNCTIONS AS root)
- guix
- /usr/bin/guix-daemon (NOT REQURIED SINCE RUNS AS root)
- libvdestack # NOT REQUIRED, NO BINARIES OR reverse-depends
- libvirt # NOT REQUIRED SINCE USES lxc WHICH WILL HAVE A PROFILE
- network-manager # NOT REQUIRED SINCE CODE IS UNUSED
- nix # APPEARS UNNEEDED IN DEFAULT CONFIGURATION
- ocaml-extunix # NO BINARIES OR reverse-depends
- passt
- /usr/bin/passt # IS EXPECTED TO BE EXECUTED AS root
- rust-rustix # NO BINARIES AND CODE IS UNUSED IN THE ARCHIVE
- util-linux
-
Packages that use unprivileged user namespaces which require a profile (or
already have one as part of the previous apparmor update in
4.0.0~alpha2-0ubuntu1 via LP: #2030353):
- bazel-bootstrap
- /usr/libexec/@{multiarch}/bazel/linux-sandbox
- busybox
- /usr/bin/busybox
-
[Touch-packages] [Bug 1964506] Re: Ping: checks payloads incorrectly, ignores all mismatch replies
This bug was fixed in the package iputils - 3:20190709-3ubuntu1 --- iputils (3:20190709-3ubuntu1) focal; urgency=medium * debian/patches/git_revert_strict_pattern_matching.patch: - cherrypick of an upstream revert of a buggy commit which was leading to incorrect ping statistics on truncated packets (lp: #1964506) -- Sebastien Bacher Tue, 13 Sep 2022 21:06:15 +0200 ** Changed in: iputils (Ubuntu Focal) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iputils in Ubuntu. https://bugs.launchpad.net/bugs/1964506 Title: Ping: checks payloads incorrectly, ignores all mismatch replies Status in iputils package in Ubuntu: Fix Released Status in iputils source package in Focal: Fix Released Bug description: = Impact = the ping statistics are incorrect when dealing with truncated packets = Test case = $ ping -c 1 -s 1200 8.8.8.8 should list truncated replies and received packets = Regression potential = the changes are limited to the ping source any regression would impact that utility, check that responses are correctly handled and statistics reflecting what is expected -- Problematic commit reverted upstream causing incorrect behavior in Ubuntu Focal. Discussion: https://github.com/iputils/iputils/issues/320 Fix: https://github.com/iputils/iputils/pull/321 Release: https://github.com/iputils/iputils/releases/tag/20210722 Could this patch be added for a Focal update please? 1) Ubuntu 20.04.3 LTS 2) 3:20190709-3 3) focal$ ping -c 1 -s 1200 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 1200(1228) bytes of data. --- 8.8.8.8 ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 0ms 4) xenial$ ping -c 1 -s 1200 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 1200(1228) bytes of data. 76 bytes from 8.8.8.8: icmp_seq=1 ttl=61 (truncated) --- 8.8.8.8 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.284/0.284/0.284/0.000 ms To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iputils/+bug/1964506/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2015562] Update Released
The verification of the Stable Release Update for dnsmasq has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/2015562 Title: [SRU] Segfault in dnsmasq when using certain static domain entries + DoH (bugfix possibly exists upstream) Status in dnsmasq package in Ubuntu: Fix Released Status in dnsmasq source package in Jammy: Fix Released Bug description: [ Impact ] Some users may face an unpleasant segmentation fault if they combine configurations options like server=/domain/# with server|address=/domain/ since the domain matching functionality was rewritten in version 2.86. The special server address ’#’ means "use the standard servers". The SEGV occurs due to the struct server datastructure associated with it is passed to forward_query() call without been properly reserved and filled due to resolvconf servers didn't belong to the priority list. Without resolving this, dnsmasq stops running due to the SEGV and (non-experienced) users might not notice it. [ Test Plan ] #0.Prepare a VM or Container. i.e: # lxc launch ubuntu-daily:jammy Jdnsmasq #1. Install dnsmasq # apt update && apt upgrade -y # apt install -y dnsmasq #2. Disable systemd-resolved service and enabling resolution through dnsmasq, configuring DNS servers through it. # systemctl disable --now systemd-resolved.service # rm -f /etc/resolv.conf # cat > /etc/resolv.conf << __EOF__ nameserver 127.0.0.1 __EOF__ # echo "server=8.8.8.8" >> /etc/dnsmasq.conf (or edit the file to add it if you prefer) # (Optional) echo "log-queries" >> /etc/dnsmasq.conf # (optional) echo "log-debug" >> /etc/dnsmasq.conf # systemctl start dnsmasq.service 3. Copy netflix-nov6.conf into /etc/dnsmasq.d/ # cat > /etc/dnsmasq.d/netflix-nov6.conf << __EOF__ # Null response on these domains server=/netflix.com/# address=/netflix.com/:: server=/netflix.net/# address=/netflix.net/:: server=/nflxext.com/# address=/nflxext.com/:: server=/example.com/# address=/example.com/:: __EOF__ #4. Restart/reload dnsmasq # systemctl restart dnsmasq #5. Verify that dnsmasq resolves domains correctly: root@Jdnsmasq:~# dig +short -tA ubuntu.com @127.0.0.1 185.125.190.21 185.125.190.20 185.125.190.29 root@Jdnsmasq:~# dig +short -t ubuntu.com @127.0.0.1 2620:2d:4000:1::28 2620:2d:4000:1::26 2620:2d:4000:1::27 #6. Perform a type65 / HTTPS recordtype query for netflix.com towards the dnsmasq server twice: root@Jdnsmasq:~# dig A netflix.com @127.0.0.1 ; <<>> DiG 9.18.18-0ubuntu0.22.04.1-Ubuntu <<>> A netflix.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 48730 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ; EDE: 23 (Network Error) ;; QUESTION SECTION: ;netflix.com. IN A ;; Query time: 23 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Wed Nov 15 16:46:19 UTC 2023 ;; MSG SIZE rcvd: 46 root@Jdnsmasq-checking:~# dig A netflix.com @127.0.0.1 ;; communications error to 127.0.0.1#53: timed out ;; communications error to 127.0.0.1#53: connection refused ;; communications error to 127.0.0.1#53: connection refused #7. Check logs to verify segfault: # journalctl -u dnsmasq Apr 27 11:22:52 Jdnsmasq systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server. Apr 27 11:22:53 Jdnsmasq dnsmasq[111585]: query[type=65] netflix.com from 127.0.0.1 Apr 27 11:22:53 Jdnsmasq dnsmasq[111585]: config error is REFUSED (EDE: network error) Apr 27 11:22:54 Jdnsmasq dnsmasq[111585]: query[type=65] netflix.com from 127.0.0.1 Apr 27 11:22:54 Jdnsmasq systemd[1]: dnsmasq.service: Main process exited, code=dumped, status=11/SEGV Apr 27 11:22:54 Jdnsmasq systemd[1]: dnsmasq.service: Failed with result 'core-dump'. [ Where problems could occur ] This cherry picked commit from upstream incorporates a rewrite of the server priority list in the dnsmasq header file. Fortunately, that headers are not exported outside dnsmasq, so it cannot impact other third-party pieces of software. However, it can lend to think about the matching domain functionality that is being patched: could it be affect in some way to other types of server displaced on that list? Does anything change for the rest? In other words... Is the
[Touch-packages] [Bug 2015562] Re: [SRU] Segfault in dnsmasq when using certain static domain entries + DoH (bugfix possibly exists upstream)
This bug was fixed in the package dnsmasq - 2.86-1.1ubuntu0.4 --- dnsmasq (2.86-1.1ubuntu0.4) jammy; urgency=medium * src/dnsmasq.h, src/domain-match.c: Fix confusion when using resolvconf servers (combining server|address for a domain), resulting in the struct server datastructure for server=/domain/# getting passed to forward_query(), rapidly followed by a SEGV. This fix makes server=/domain/# a fully fledged member of the priority list. The code added here is a cherry pick released in upstream version 2.87, originating at https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=de372d69 (LP: #2015562) -- Miriam España Acebal Thu, 20 Apr 2023 11:00:27 +0200 ** Changed in: dnsmasq (Ubuntu Jammy) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/2015562 Title: [SRU] Segfault in dnsmasq when using certain static domain entries + DoH (bugfix possibly exists upstream) Status in dnsmasq package in Ubuntu: Fix Released Status in dnsmasq source package in Jammy: Fix Released Bug description: [ Impact ] Some users may face an unpleasant segmentation fault if they combine configurations options like server=/domain/# with server|address=/domain/ since the domain matching functionality was rewritten in version 2.86. The special server address ’#’ means "use the standard servers". The SEGV occurs due to the struct server datastructure associated with it is passed to forward_query() call without been properly reserved and filled due to resolvconf servers didn't belong to the priority list. Without resolving this, dnsmasq stops running due to the SEGV and (non-experienced) users might not notice it. [ Test Plan ] #0.Prepare a VM or Container. i.e: # lxc launch ubuntu-daily:jammy Jdnsmasq #1. Install dnsmasq # apt update && apt upgrade -y # apt install -y dnsmasq #2. Disable systemd-resolved service and enabling resolution through dnsmasq, configuring DNS servers through it. # systemctl disable --now systemd-resolved.service # rm -f /etc/resolv.conf # cat > /etc/resolv.conf << __EOF__ nameserver 127.0.0.1 __EOF__ # echo "server=8.8.8.8" >> /etc/dnsmasq.conf (or edit the file to add it if you prefer) # (Optional) echo "log-queries" >> /etc/dnsmasq.conf # (optional) echo "log-debug" >> /etc/dnsmasq.conf # systemctl start dnsmasq.service 3. Copy netflix-nov6.conf into /etc/dnsmasq.d/ # cat > /etc/dnsmasq.d/netflix-nov6.conf << __EOF__ # Null response on these domains server=/netflix.com/# address=/netflix.com/:: server=/netflix.net/# address=/netflix.net/:: server=/nflxext.com/# address=/nflxext.com/:: server=/example.com/# address=/example.com/:: __EOF__ #4. Restart/reload dnsmasq # systemctl restart dnsmasq #5. Verify that dnsmasq resolves domains correctly: root@Jdnsmasq:~# dig +short -tA ubuntu.com @127.0.0.1 185.125.190.21 185.125.190.20 185.125.190.29 root@Jdnsmasq:~# dig +short -t ubuntu.com @127.0.0.1 2620:2d:4000:1::28 2620:2d:4000:1::26 2620:2d:4000:1::27 #6. Perform a type65 / HTTPS recordtype query for netflix.com towards the dnsmasq server twice: root@Jdnsmasq:~# dig A netflix.com @127.0.0.1 ; <<>> DiG 9.18.18-0ubuntu0.22.04.1-Ubuntu <<>> A netflix.com @127.0.0.1 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 48730 ;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 1 ;; OPT PSEUDOSECTION: ; EDNS: version: 0, flags:; udp: 1232 ; EDE: 23 (Network Error) ;; QUESTION SECTION: ;netflix.com. IN A ;; Query time: 23 msec ;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP) ;; WHEN: Wed Nov 15 16:46:19 UTC 2023 ;; MSG SIZE rcvd: 46 root@Jdnsmasq-checking:~# dig A netflix.com @127.0.0.1 ;; communications error to 127.0.0.1#53: timed out ;; communications error to 127.0.0.1#53: connection refused ;; communications error to 127.0.0.1#53: connection refused #7. Check logs to verify segfault: # journalctl -u dnsmasq Apr 27 11:22:52 Jdnsmasq systemd[1]: Started dnsmasq - A lightweight DHCP and caching DNS server. Apr 27 11:22:53 Jdnsmasq dnsmasq[111585]: query[type=65] netflix.com from 127.0.0.1 Apr 27 11:22:53 Jdnsmasq dnsmasq[111585]: config error is REFUSED (EDE: network error) Apr 27 11:22:54 Jdnsmasq dnsmasq[111585]: query[type=65] netflix.com from 127.0.0.1 Apr 27 11:22:54 Jdnsmasq systemd[1]: dnsmasq.service: Main process exited, code=dumped, status=11/SEGV Apr 27 11:22:54 Jdnsmasq systemd[1]: dnsmasq.service: Failed with result 'core-dump'. [ Where problems could occur ] This cherry picked commit from upstream incorporates a rewrite of the server priority list in the dnsmasq header file. Fortunately, that
[Touch-packages] [Bug 2047982] Re: Highlighting of patches offers insufficient contrast
Can confirm this looks awful in Konsole and even more awful in Konsole+tmux. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to vim in Ubuntu. https://bugs.launchpad.net/bugs/2047982 Title: Highlighting of patches offers insufficient contrast Status in vim package in Ubuntu: Confirmed Bug description: With vim 2:9.0.2189-1ubuntu1 the coloring of patches has been changed. The result is that in konsole patches have become illegible. See appendix. Deleted lines have foreground cyan #18b2b2 and background light blue #7f7fff. Kind of blue on blue. Please, provide sane color defaults. The previous release used bright white on black for deleted lines. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/vim/+bug/2047982/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2046498] Re: test-execute fails in LXD with failure in exec-networknamespacepath-privatemounts-no.service
The issue with this is that during the test setup, adding the dummy-
test-ns interface to the test-execute-netns network namespace fails with
EPERM, but this return code is not checked at all:
...
/* Create dummy network interface for testing PrivateNetwork=yes */
have_net_dummy = system("ip link add dummy-test-exec type dummy") == 0;
if (have_net_dummy) {
/* Create a network namespace and a dummy interface in it for
NetworkNamespacePath= */
(void) system("ip netns add test-execute-netns");
(void) system("ip netns exec test-execute-netns ip link add
dummy-test-ns type dummy");
}
...
Running these commands manually in the LXD environment that the tests
run in:
# ip link add dummy-test-exec type dummy
# ip netns add test-execute-netns
# ip netns exec test-execute-netns ip link add dummy-test-ns type dummy
mount of /sys failed: Operation not permitted
The right solution might be to make the test case dependent on the
success of those setup calls, similar to what is done with
`have_net_dummy`.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2046498
Title:
test-execute fails in LXD with failure in exec-networknamespacepath-
privatemounts-no.service
Status in systemd package in Ubuntu:
New
Bug description:
This is in v255. This log snippet is taken from a local autopkgtest
build:
exec-networknamespacepath-privatemounts-no.service: Child 4580 belongs to
exec-networknamespacepath-privatemounts-no.service.
exec-networknamespacepath-privatemounts-no.service: Main process exited,
code=exited, status=0/SUCCESS (success)
exec-networknamespacepath-privatemounts-no.service: Running next main command
for state start.
exec-networknamespacepath-privatemounts-no.service: Will spawn child
(service_run_next_main): /bin/sh
exec-networknamespacepath-privatemounts-no.service: Passing 0 fds to service
exec-networknamespacepath-privatemounts-no.service: About to execute: /bin/sh
-x -c "ip link show dummy-test-ns"
Serializing sd-executor-state to memfd.
exec-networknamespacepath-privatemounts-no.service: Forked /bin/sh as 4581
Closing set fd 19 (socket:[109908])
Closing set fd 21 (socket:[51])
Closing set fd 20 (socket:[50])
Received SIGCHLD from PID 4581 (sh).
Child 4581 (sh) died (code=exited, status=1/FAILURE)
exec-networknamespacepath-privatemounts-no.service: Child 4581 belongs to
exec-networknamespacepath-privatemounts-no.service.
exec-networknamespacepath-privatemounts-no.service: Main process exited,
code=exited, status=1/FAILURE
exec-networknamespacepath-privatemounts-no.service: Failed with result
'exit-code'.
exec-networknamespacepath-privatemounts-no.service: Service will not restart
(restart setting)
exec-networknamespacepath-privatemounts-no.service: Changed start -> failed
exec-networknamespacepath-privatemounts-no.service: Unit entered failed state.
exec-networknamespacepath-privatemounts-no.service: Consumed 23ms CPU time.
src/test/test-execute.c:1124:test_exec_networknamespacepath:
exec-networknamespacepath-privatemounts-no.service: can_unshare=no: exit status
1, expected 0
(test-execute-without-unshare) terminated by signal ABRT.
Assertion 'r >= 0' failed at src/test/test-execute.c:1330, function
prepare_ns(). Aborting.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2046498/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2037604] Re: Backport packages for 22.04.4 HWE stack
i guess rebuilding gnome snaps with proposed on arm64 and testing that new gnome snap on mantic for pi5 & x1s would help. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to mesa in Ubuntu. https://bugs.launchpad.net/bugs/2037604 Title: Backport packages for 22.04.4 HWE stack Status in directx-headers package in Ubuntu: Invalid Status in mesa package in Ubuntu: Invalid Status in rust-bindgen package in Ubuntu: Invalid Status in rust-clang-sys package in Ubuntu: Invalid Status in directx-headers source package in Jammy: Fix Committed Status in mesa source package in Jammy: Fix Committed Status in rust-bindgen source package in Jammy: Invalid Status in rust-clang-sys source package in Jammy: Invalid Bug description: [Impact] The graphics HWE stack from mantic needs to be backported for 22.04.4 directx-headers - build-dep of the new Mesa mesa - new major release (23.2.x) - new HW support, Meteor Lake.. [Test case] We want to cover at least 2-3 different, widely used and already previously supported GPU generations from both AMD and Intel which are supported by this release, as those are the ones that cover most bases; nouveau users tend to switch to the NVIDIA blob after installation. No need to test ancient GPU's supported by mesa-amber. And best to focus on the newer generations (~5y and newer) as the older ones are less likely to break at this point. - AMD: Vega, Navi1x (RX5000*), Navi2x (RX6000*), Navi3x (RX7000*) - Intel: gen9 (SKL/APL/KBL/CFL/WHL/CML), gen11 (ICL), gen12 (TGL/RKL/RPL/DG2) Install the new packages and run some tests: - check that the desktop is still using hw acceleration and hasn't fallen back to swrast/llvmpipe - run freely available benchmarks that torture the GPU (Unigine Heaven/Valley/Superposition) - run some games from Steam if possible and in each case check that there is no gfx corruption happening or worse. Note that upstream releases have already been tested for OpenGL and Vulkan conformance by their CI. [Where things could go wrong] This is a major update of Mesa, there could be regressions but we'll try to catch any with testing. And since it shares bugs with mantic, we'd already know if there are serious issues. We will backport the final 23.2.x at a later stage, the first backport is needed for enabling Intel Meteor Lake. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/directx-headers/+bug/2037604/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2037604] Re: Backport packages for 22.04.4 HWE stack
unigine tests take no parameters, just launch and run -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to mesa in Ubuntu. https://bugs.launchpad.net/bugs/2037604 Title: Backport packages for 22.04.4 HWE stack Status in directx-headers package in Ubuntu: Invalid Status in mesa package in Ubuntu: Invalid Status in rust-bindgen package in Ubuntu: Invalid Status in rust-clang-sys package in Ubuntu: Invalid Status in directx-headers source package in Jammy: Fix Committed Status in mesa source package in Jammy: Fix Committed Status in rust-bindgen source package in Jammy: Invalid Status in rust-clang-sys source package in Jammy: Invalid Bug description: [Impact] The graphics HWE stack from mantic needs to be backported for 22.04.4 directx-headers - build-dep of the new Mesa mesa - new major release (23.2.x) - new HW support, Meteor Lake.. [Test case] We want to cover at least 2-3 different, widely used and already previously supported GPU generations from both AMD and Intel which are supported by this release, as those are the ones that cover most bases; nouveau users tend to switch to the NVIDIA blob after installation. No need to test ancient GPU's supported by mesa-amber. And best to focus on the newer generations (~5y and newer) as the older ones are less likely to break at this point. - AMD: Vega, Navi1x (RX5000*), Navi2x (RX6000*), Navi3x (RX7000*) - Intel: gen9 (SKL/APL/KBL/CFL/WHL/CML), gen11 (ICL), gen12 (TGL/RKL/RPL/DG2) Install the new packages and run some tests: - check that the desktop is still using hw acceleration and hasn't fallen back to swrast/llvmpipe - run freely available benchmarks that torture the GPU (Unigine Heaven/Valley/Superposition) - run some games from Steam if possible and in each case check that there is no gfx corruption happening or worse. Note that upstream releases have already been tested for OpenGL and Vulkan conformance by their CI. [Where things could go wrong] This is a major update of Mesa, there could be regressions but we'll try to catch any with testing. And since it shares bugs with mantic, we'd already know if there are serious issues. We will backport the final 23.2.x at a later stage, the first backport is needed for enabling Intel Meteor Lake. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/directx-headers/+bug/2037604/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2037604] Re: Backport packages for 22.04.4 HWE stack
Can somebody modify the description to specify exactly how to do those tests, please? (which commands/parameters, and expected results). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to mesa in Ubuntu. https://bugs.launchpad.net/bugs/2037604 Title: Backport packages for 22.04.4 HWE stack Status in directx-headers package in Ubuntu: Invalid Status in mesa package in Ubuntu: Invalid Status in rust-bindgen package in Ubuntu: Invalid Status in rust-clang-sys package in Ubuntu: Invalid Status in directx-headers source package in Jammy: Fix Committed Status in mesa source package in Jammy: Fix Committed Status in rust-bindgen source package in Jammy: Invalid Status in rust-clang-sys source package in Jammy: Invalid Bug description: [Impact] The graphics HWE stack from mantic needs to be backported for 22.04.4 directx-headers - build-dep of the new Mesa mesa - new major release (23.2.x) - new HW support, Meteor Lake.. [Test case] We want to cover at least 2-3 different, widely used and already previously supported GPU generations from both AMD and Intel which are supported by this release, as those are the ones that cover most bases; nouveau users tend to switch to the NVIDIA blob after installation. No need to test ancient GPU's supported by mesa-amber. And best to focus on the newer generations (~5y and newer) as the older ones are less likely to break at this point. - AMD: Vega, Navi1x (RX5000*), Navi2x (RX6000*), Navi3x (RX7000*) - Intel: gen9 (SKL/APL/KBL/CFL/WHL/CML), gen11 (ICL), gen12 (TGL/RKL/RPL/DG2) Install the new packages and run some tests: - check that the desktop is still using hw acceleration and hasn't fallen back to swrast/llvmpipe - run freely available benchmarks that torture the GPU (Unigine Heaven/Valley/Superposition) - run some games from Steam if possible and in each case check that there is no gfx corruption happening or worse. Note that upstream releases have already been tested for OpenGL and Vulkan conformance by their CI. [Where things could go wrong] This is a major update of Mesa, there could be regressions but we'll try to catch any with testing. And since it shares bugs with mantic, we'd already know if there are serious issues. We will backport the final 23.2.x at a later stage, the first backport is needed for enabling Intel Meteor Lake. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/directx-headers/+bug/2037604/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2045033] Re: Merge rsyslog 8.2312.0-2 from Debian
https://launchpad.net/ubuntu/+source/rsyslog/8.2312.0-2ubuntu1 ** Changed in: rsyslog (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/2045033 Title: Merge rsyslog 8.2312.0-2 from Debian Status in rsyslog package in Ubuntu: In Progress Bug description: Debian has released rsyslog 8.2310.0-4. Merge it. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/2045033/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1685484] Re: DHCP exit hook for setting systemd-timesyncd NTP servers doesn't work
To ubuntu 22.04, I refer to
https://roll.urown.net/desktop/network/time-sync.html.
Using NM's dispatch scripts, NetworkManager can talk with timesyncd when
configuring to use internal dhcp client.
If want to use dhclient's hook, I think you should configure NetworkManager to
use dhclient.
[main]
dhcp=dhclient
I don't test it, just for your reference.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1685484
Title:
DHCP exit hook for setting systemd-timesyncd NTP servers doesn't work
Status in network-manager package in Ubuntu:
Confirmed
Status in systemd package in Ubuntu:
Won't Fix
Status in systemd package in Debian:
Fix Released
Bug description:
I think it's regression for
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1578663 in
zesty.
1. NTP servers are send via DHCP and seen by NM:
$ nmcli con show connection1 | grep ntp
DHCP4.OPTION[30]: requested_ntp_servers = 1
DHCP4.OPTION[31]: ntp_servers = 80.50.231.226
217.96.29.26 212.160.106.226
2. timesyncd is using hardcoded default NTP server:
$ systemctl -n 200 status systemd-timesyncd.service
* systemd-timesyncd.service - Network Time Synchronization
Loaded: loaded (/lib/systemd/system/systemd-timesyncd.service; enabled;
vendor preset: enabled)
Drop-In: /lib/systemd/system/systemd-timesyncd.service.d
`-disable-with-time-daemon.conf
Active: active (running) since Sat 2017-04-22 13:12:23 CEST; 16min ago
Docs: man:systemd-timesyncd.service(8)
Main PID: 576 (systemd-timesyn)
Status: "Synchronized to time server 91.189.89.199:123 (ntp.ubuntu.com)."
Tasks: 2 (limit: 4915)
Memory: 1.5M
CPU: 20ms
CGroup: /system.slice/systemd-timesyncd.service
`-576 /lib/systemd/systemd-timesyncd
Apr 22 13:12:23 slodki systemd[1]: Starting Network Time Synchronization...
Apr 22 13:12:23 slodki systemd[1]: Started Network Time Synchronization.
Apr 22 13:12:53 slodki systemd-timesyncd[576]: Synchronized to time server
91.189.89.199:123 (ntp.ubuntu.com).
3. There are not other time sync deamons installed:
$ cat
/lib/systemd/system/systemd-timesyncd.service.d/disable-with-time-daemon.conf
[Unit]
# don't run timesyncd if we have another NTP daemon installed
ConditionFileIsExecutable=!/usr/sbin/ntpd
ConditionFileIsExecutable=!/usr/sbin/openntpd
ConditionFileIsExecutable=!/usr/sbin/chronyd
ConditionFileIsExecutable=!/usr/sbin/VBoxService
$ ls -l /usr/sbin/{ntpd,openntpd,chronyd,VBoxService}
ls: cannot access '/usr/sbin/ntpd': No such file or directory
ls: cannot access '/usr/sbin/openntpd': No such file or directory
ls: cannot access '/usr/sbin/chronyd': No such file or directory
ls: cannot access '/usr/sbin/VBoxService': No such file or directory
4. There is only one default timesyncd.conf file with default values:
$ sudo find / -iname \*timesync\*
/etc/systemd/timesyncd.conf
/etc/systemd/system/sysinit.target.wants/systemd-timesyncd.service
/etc/dhcp/dhclient-exit-hooks.d/timesyncd
/usr/share/man/man5/timesyncd.conf.d.5.gz
/usr/share/man/man5/timesyncd.conf.5.gz
/usr/share/man/man8/systemd-timesyncd.8.gz
/usr/share/man/man8/systemd-timesyncd.service.8.gz
/tmp/systemd-private-d029f63116924e99b9fc44caf622e299-systemd-timesyncd.service-6NwdRT
/lib/systemd/systemd-timesyncd
/lib/systemd/system/systemd-timesyncd.service
/lib/systemd/system/systemd-timesyncd.service.d
/var/tmp/systemd-private-d029f63116924e99b9fc44caf622e299-systemd-timesyncd.service-jz0q47
$ cat /etc/systemd/timesyncd.conf
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See timesyncd.conf(5) for details.
[Time]
#NTP=
#FallbackNTP=ntp.ubuntu.com
5. DHCP hook installed as /etc/dhcp/dhclient-exit-hooks.d/timesyncd is
not working,
TIMESYNCD_CONF=/run/systemd/timesyncd.conf.d/01-dhclient.conf is not
created.
6. After manually executing steps from hook all works as expected:
$ sudo mkdir -p /run/systemd/timesyncd.conf.d/
$ sudo cat [Time]
> NTP=80.50.231.226 217.96.29.26 212.160.106.226
> EOF
$ sudo systemctl try-restart systemd-timesyncd.service
$ sudo systemctl status systemd-timesyncd.service
* systemd-timesyncd.service - Network Time Synchronization
Loaded: loaded (/lib/systemd/system/systemd-timesyncd.service; enabled;
vendor preset: enabled)
[Touch-packages] [Bug 2033422] Re: openssl: backport to jammy "clear method store / query cache confusion"
I'm attaching an updated debdiff. - remove left-over patches for a bug that we decided to not handle as part of this SRU (patches were already unlisted from d/p/series) - added Bug-Ubuntu entries to patches PPA is the same. New build is at https://launchpad.net/~adrien-n/+archive/ubuntu/jammy- openssl-2033422-sru/+sourcepub/15684316/+listing-archive-extra . ** Patch added: "openssl_3.0.2-0ubuntu1.12-to-3.0.2-0ubuntu1.13.diff" https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2033422/+attachment/5737782/+files/openssl_3.0.2-0ubuntu1.12-to-3.0.2-0ubuntu1.13.diff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/2033422 Title: openssl: backport to jammy "clear method store / query cache confusion" Status in openssl package in Ubuntu: New Status in openssl source package in Jammy: In Progress Status in openssl source package in Lunar: Fix Released Bug description: === SRU information === [ATTENTION] This SRU contains THREE changes which are listed in the section below. [Meta] This bug is part of a series of three bugs for a single SRU. This ( #2033422 ) is the "central" bug with the global information and debdiff. This SRU addresses three issues with Jammy's openssl version: - http://pad.lv/1994165: ignored SMIME signature errors - http://pad.lv/2023545: imbca engine dumps core - http://pad.lv/2033422: very high CPU usage for concurrent TLS connections (this one) The SRU information has been added to the three bug reports and I am attaching the debdiff here only for all three. All the patches have been included in subsequent openssl 3.0.x releases which in turn have been included in subsequent Ubuntu releases. There has been no report of issues when updating to these Ubuntu releases. I have rebuilt the openssl versions and used abi-compliance-checker to compare the ABIs of the libraries in jammy and the one for the SRU. Both matched completely (FYI, mantic's matched completely too). I have also pushed the code to git (without any attempt to make it git-ubuntu friendly). https://code.launchpad.net/~adrien-n/ubuntu/+source/openssl/+git/openssl/+ref/jammy- sru I asked Brian Murray about phasing speed and he concurs a slow roll-out is probably better for openssl. There is a small uncertainty because a security update could come before the phasing is over, effectively fast-forwarding the SRU. Still, unless there is already a current pre-advisory, this is probably better than a 10% phasing which is over after only a couple days anyway. NB: at the moment openssl doesn't phase slowly so this needs to be implemented. [Impact] Severely degraded performance for concurrent operations compared to openssl 1.1. The performance is so degraded that some workloads fail due to timeouts or insufficient resources (noone magically has 5 times more machines). As a consequence, a number of people use openssl 1.1 instead and do not get security updates. [Test plan] Rafael Lopez has shared a simple benchmarks in http://pad.lv/2009544 with https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/2009544/+attachment/5690224/+files/main.py . To test, follow these steps: - run "time python3 main.py" # using the aforementioned main.py script - apt install -t jammy-proposed libssl3 - run "time python3 main.py" - compare the runtimes for the two main.py runs You can run this on x86_64, Raspberry Pi 4 or any machine, and get a very large speed-up in all cases. The improvements are not architecture-dependant. Using this changeset, I get the following numbers for ten runs on my laptop: 3.0.2: real 2m5.567s user 4m3.948s sys 2m0.233s this SRU: real 0m23.966s user 2m35.687s sys 0m1.920s As can be easily seen, the speed-up is massive: system time is divided by 60 and overall wall clock time is roughly five times lower. In http://pad.lv/2009544 , Rafael also shared his performance numbers and they are relatable to these. He used slightly different versions (upstreams rather than patched with cherry-picks) but at least one of the version used does not include other performance change. He also used different hardware and this performance issue seems to depend on the number of CPUs available but also obtained a performance several times better. Results on a given machine vary also very little across runs (less than 2% variation on runs of size 10). They are also very similar on a Raspberry Pi 4 (8GB). The benchmark uses https://www.google.com/humans.txt which takes around 130ms to download on my machine but I modified the script to download something only 20ms away. Results are so close to the ones using humans.txt that they are within the error margin. This is consistent with the high-concurrency in the benchmark which
[Touch-packages] [Bug 1837227] Re: systemd mount units fail during boot, while file system is correctly mounted
I've successfully confirmed that the mount issues seem to be fixed using systemd from focal-proposed. Using the 'rep-tmpfs.sh' script, all variants ran without any issues for multiple rounds. Basic testing on a VM also looks good. Below are the versions used for this test: $ dpkg -l systemd ... ||/ Name Version Architecture Description +++-==-=--= ii systemd245.4-4ubuntu3.23 amd64system and service manager $ uname -rv 5.4.0-169-generic #187-Ubuntu SMP Thu Nov 23 14:52:28 UTC 2023 I'll look into the reported regressions next, to confirm none of them are caused by this LP. ** Tags removed: se-sponsor-halves verification-needed verification-needed-focal ** Tags added: verification-done verification-done-focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1837227 Title: systemd mount units fail during boot, while file system is correctly mounted Status in systemd: New Status in Ubuntu Pro: In Progress Status in Ubuntu Pro 18.04 series: In Progress Status in linux package in Ubuntu: Fix Released Status in systemd package in Ubuntu: Fix Released Status in linux source package in Bionic: Won't Fix Status in systemd source package in Bionic: Won't Fix Status in linux source package in Focal: Fix Released Status in systemd source package in Focal: Fix Committed Status in linux source package in Jammy: Fix Released Status in systemd source package in Jammy: Fix Released Bug description: [Impact] systemd mount units fail during boot, and the system boots into emergency mode [Test Plan] This issue seems to happen randomly, and doesn't seem related to a specific mount unit. We've used a test script with good results during investigation to reproduce similar mount failures in a running system, and have seen a strong correlation between the script failures and the boot time mount failures. The attached 'rep-tmpfs.sh' script should be used to validate that mount points are working correctly under stress. One can run through the different variants as below: # ./rep-tmpfs.sh --variant-0 # ./rep-tmpfs.sh --variant-1 # ./rep-tmpfs.sh --variant-2 # ./rep-tmpfs.sh --variant-3 # ./rep-tmpfs.sh --variant-4 All of these should run successfully without any reported errors. [Where problems could occur] The patches change the way systemd tracks and handles mount points in general, so potential regressions could affect other mount units. We should keep an eye out for any issues with mounting file systems, as well as rapid mount/unmount operations. Successful test runs with the reproducer script should increase reliability in having no new regressions. [Other Info] This has been tackled upstream with several attempts, which have resulted in the final patch from 2022: 01400460ae16 core/mount: adjust deserialized state based on /proc/self/mountinfo For Bionic, systemd requires several dependency patches as below: 6a1d4d9fa6b9 core: properly reset all ExecStatus structures when entering a new unit cycle 7eba1463dedc mount: flush out cycle state on DEAD→MOUNTED only, not the other way round 350804867dbc mount: rescan /proc/self/mountinfo before processing waitid() results 1d086a6e5972 mount: mark an existing "mounting" unit from /proc/self/mountinfo as "just_mounted" Additionally, the kernel also requires the following patches: 28ca0d6d39ab list: introduce list_for_each_continue() 9f6c61f96f2d proc/mounts: add cursor [Original Description] In Ubuntu 18.04 at least, we sometimes get a random server in emergency mode with a failed mount unit (ext4 file system), while the corresponding file system is in fact correctly mounted. It happens roughly once every 1000 reboots. It seems to be related with this bug : https://github.com/systemd/systemd/issues/10872 Is it possible to apply the fix (https://github.com/systemd/systemd/commit/350804867dbcc9b7ccabae1187d730d37e2d8a21) in Ubuntu 18.04 ? Thanks in advance. To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1837227/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2046574] Re: Printer grey scale/bw option is not available
I don't know a way to print color using default Ubuntu text editor. I don't think it is possible. But using LibreOffice Writer from LibreOffice Community 7.6.4.1 (X86_64) got the same result. Also same with Firefox 121.0 (64 bit) The printer model is HP DeskJet 2632 and Laptop is HP Pavillion 14-BK003 I have connected it using Wifi Direct when I need to print. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gtk+3.0 in Ubuntu. https://bugs.launchpad.net/bugs/2046574 Title: Printer grey scale/bw option is not available Status in gtk+3.0 package in Ubuntu: Incomplete Bug description: I was using 22.04 LTS until last week(8 Dec 2023). I upgraded to 23.10 and noticed a difference with the printing options. In 22.04 (as far as I remember), There was Monochrome, Grey scale and Color. I used to print using grey scale and it used to print in grey scale. After upgrade to 23.10, There is no grey scale option. Instead there is Color, Auto Monochrome, Monochrome and process Monochrome. I tried all the monochrome options and all of them printed with color. Even when I checked preview it was showing color with these options selected. I think the monochrome options are not selected at all. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gtk+3.0/+bug/2046574/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2046574] Re: Printer grey scale/bw option is not available
Thank you for your bug report. Do you get the same issue in other applications as well? (the text editor or firefox for example)? Could you provide details on the type of printer you are using and how it's connected to the computer? ** Changed in: gtk+3.0 (Ubuntu) Status: New => Incomplete ** Changed in: gtk+3.0 (Ubuntu) Importance: Undecided => Low -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gtk+3.0 in Ubuntu. https://bugs.launchpad.net/bugs/2046574 Title: Printer grey scale/bw option is not available Status in gtk+3.0 package in Ubuntu: Incomplete Bug description: I was using 22.04 LTS until last week(8 Dec 2023). I upgraded to 23.10 and noticed a difference with the printing options. In 22.04 (as far as I remember), There was Monochrome, Grey scale and Color. I used to print using grey scale and it used to print in grey scale. After upgrade to 23.10, There is no grey scale option. Instead there is Color, Auto Monochrome, Monochrome and process Monochrome. I tried all the monochrome options and all of them printed with color. Even when I checked preview it was showing color with these options selected. I think the monochrome options are not selected at all. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gtk+3.0/+bug/2046574/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2047423] Re: [Regression] RTL is malfunctioning in 3.24.39
The version is in Noble but Ubuntu translations go through launchpad and langpacks so the bug shouldn't end up impacting users (since launchpad still has knowledge of the translated string) ** Changed in: gtk+3.0 (Ubuntu) Importance: Undecided => Low ** Changed in: gtk+3.0 (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gtk+3.0 in Ubuntu. https://bugs.launchpad.net/bugs/2047423 Title: [Regression] RTL is malfunctioning in 3.24.39 Status in GTK+: Fix Released Status in gtk+3.0 package in Ubuntu: Triaged Status in gtk+3.0 package in Fedora: Confirmed Bug description: GNOME Foundation and the GTK authors published a GTK version that has some issues with displaying RTL correctly as discovered by Yossef Or Boczko: https://gitlab.gnome.org/GNOME/gtk/-/issues/6296 We just need to make sure this version is not packaged by Ubuntu as it will break all RTL apps (Hebrew, Arabic, Persian, Urdu, etc.) using this version of GTK. There should be a fixed version soon. To manage notifications about this bug go to: https://bugs.launchpad.net/gtk/+bug/2047423/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2003756] Re: Cannot configure krb5-kdc on Ubuntu Jammy 22.04.01, "Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 142."
This bug also affects installing proftpd under 22.04. apt install proftpd Reading package lists... Done Building dependency tree... Done Reading state information... Done Note, selecting 'proftpd-core' instead of 'proftpd' proftpd-core is already the newest version (1.3.7c+dfsg-1build1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 1 not fully installed or removed. After this operation, 0 B of additional disk space will be used. Do you want to continue? [Y/n] [master d41b86764d] saving uncommitted changes in /etc prior to apt run Author: cseadmin 1 file changed, 1 insertion(+), 1 deletion(-) Setting up proftpd-core (1.3.7c+dfsg-1build1) ... usermod: no changes Synchronizing state of proftpd.service with SysV service script with /lib/systemd/systemd-sysv-install. Executing: /lib/systemd/systemd-sysv-install enable proftpd Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 142. dpkg: error processing package proftpd-core (--configure): installed proftpd-core package post-installation script subprocess returned error exit status 1 Errors were encountered while processing: proftpd-core needrestart is being skipped since dpkg has failed E: Sub-process /usr/bin/dpkg returned an error code (1) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/2003756 Title: Cannot configure krb5-kdc on Ubuntu Jammy 22.04.01, "Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 142." Status in init-system-helpers package in Ubuntu: Confirmed Status in krb5 package in Ubuntu: Confirmed Bug description: I have a fresh install of Ubuntu Server 22.04.01 LTS. After installing the server and running all updates, I run the following command: apt -y install slapd ldap-utils schema2ldif sasl2-bin libsasl2-modules-gssapi-mit krb5-kdc-ldap krb5-admin-server krb5-kdc This will be installing krb5-kdc 1.19.2-2. This is in preparation for setting up an OpenLDAP server, a Kerberos server with an LDAP backend, and saslauthd for pass-through authentication. krb5-kdc was auto-selected when running the steps in the guide here in my development environment: https://ubuntu.com/server/docs/service-kerberos-with-openldap-backend When installing that, I get the following in the output: Setting up krb5-kdc (1.19.2-2) ... Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /lib/systemd/system/krb5-kdc.service. Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 142. I do get the prompts for the realm, kdc, and admin server hostnames, and they are reflected in /etc/krb5.conf. If I then run the following: dpkg-reconfigure krb5-kdc I am prompted for whether I want the package to create the Kerberos KDC configuration automatically, and when I say yes, it then repeats the following error: Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 142. I cannot find any further debug in the syslog or anything to indicate what the root cause is; the list of packages here are all installed together on a separate development server where I experimented with the configuration I will be deploying here in production so I don't think it's incompatible packages in the install list, but I am open to feedback on that. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/init-system-helpers/+bug/2003756/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2048765] [NEW] package isc-dhcp-server 4.4.1-2.1ubuntu5.20.04.5 failed to install/upgrade: installed isc-dhcp-server package post-installation script subprocess returned error ex
Public bug reported: Failed when upgrading from 18.04 to 20.04 ProblemType: Package DistroRelease: Ubuntu 20.04 Package: isc-dhcp-server 4.4.1-2.1ubuntu5.20.04.5 ProcVersionSignature: Ubuntu 5.4.0-169.187~18.04.1-generic 5.4.257 Uname: Linux 5.4.0-169-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu27.27 Architecture: amd64 CasperMD5CheckResult: skip Date: Tue Jan 9 10:47:15 2024 ErrorMessage: installed isc-dhcp-server package post-installation script subprocess returned error exit status 127 InstallationDate: Installed on 2022-05-12 (606 days ago) InstallationMedia: Ubuntu-Server 18.04.6 LTS "Bionic Beaver" - Release amd64 (20210915) ProcCmdline: BOOT_IMAGE=/boot/vmlinuz-5.4.0-169-generic root=UUID=905b71bd-9ca7-4f37-9b80-a766904e5fae ro usbcore.autosuspend=-1 ipv6.disable=1 usb-storage.quirks=174c:55aa:u ipv6.disable=1 Python3Details: /usr/bin/python3.8, Python 3.8.10, python3-minimal, 3.8.2-0ubuntu2 PythonDetails: /usr/bin/python2.7, Python 2.7.18, python-is-python2, 2.7.17-4 SourcePackage: isc-dhcp Title: package isc-dhcp-server 4.4.1-2.1ubuntu5.20.04.5 failed to install/upgrade: installed isc-dhcp-server package post-installation script subprocess returned error exit status 127 UpgradeStatus: Upgraded to focal on 2024-01-09 (0 days ago) mtime.conffile..etc.dhcp.dhcpd.conf: 2023-02-26T22:46:30.427609 ** Affects: isc-dhcp (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apparmor apport-package focal need-duplicate-check -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to isc-dhcp in Ubuntu. https://bugs.launchpad.net/bugs/2048765 Title: package isc-dhcp-server 4.4.1-2.1ubuntu5.20.04.5 failed to install/upgrade: installed isc-dhcp-server package post-installation script subprocess returned error exit status 127 Status in isc-dhcp package in Ubuntu: New Bug description: Failed when upgrading from 18.04 to 20.04 ProblemType: Package DistroRelease: Ubuntu 20.04 Package: isc-dhcp-server 4.4.1-2.1ubuntu5.20.04.5 ProcVersionSignature: Ubuntu 5.4.0-169.187~18.04.1-generic 5.4.257 Uname: Linux 5.4.0-169-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu27.27 Architecture: amd64 CasperMD5CheckResult: skip Date: Tue Jan 9 10:47:15 2024 ErrorMessage: installed isc-dhcp-server package post-installation script subprocess returned error exit status 127 InstallationDate: Installed on 2022-05-12 (606 days ago) InstallationMedia: Ubuntu-Server 18.04.6 LTS "Bionic Beaver" - Release amd64 (20210915) ProcCmdline: BOOT_IMAGE=/boot/vmlinuz-5.4.0-169-generic root=UUID=905b71bd-9ca7-4f37-9b80-a766904e5fae ro usbcore.autosuspend=-1 ipv6.disable=1 usb-storage.quirks=174c:55aa:u ipv6.disable=1 Python3Details: /usr/bin/python3.8, Python 3.8.10, python3-minimal, 3.8.2-0ubuntu2 PythonDetails: /usr/bin/python2.7, Python 2.7.18, python-is-python2, 2.7.17-4 SourcePackage: isc-dhcp Title: package isc-dhcp-server 4.4.1-2.1ubuntu5.20.04.5 failed to install/upgrade: installed isc-dhcp-server package post-installation script subprocess returned error exit status 127 UpgradeStatus: Upgraded to focal on 2024-01-09 (0 days ago) mtime.conffile..etc.dhcp.dhcpd.conf: 2023-02-26T22:46:30.427609 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/2048765/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
