[Bug 1819074] Re: Keepalived < 2.0.x in Ubuntu 18.04 LTS not compatible with systemd-networkd
After reading the comments for bug 1810583 closer, it is also a symptom of this bug, and keepalived >= 2.0.x would fix it (restore the VIPs). Thanks, - cameron -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1819074 Title: Keepalived < 2.0.x in Ubuntu 18.04 LTS not compatible with systemd- networkd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/keepalived/+bug/1819074/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1819074] Re: Keepalived < 2.0.x in Ubuntu 18.04 LTS not compatible with systemd-networkd
Bug 1815101 is a symptom of this bug. I do not think bug 1810583 is related, I do not think a backport of keepalived >= 2.0.x would fix bug 1810583. Thanks, - cameron -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1819074 Title: Keepalived < 2.0.x in Ubuntu 18.04 LTS not compatible with systemd- networkd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/keepalived/+bug/1819074/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1819074] [NEW] Keepalived < 2.0.x in Ubuntu 18.04 LTS not compatible with systemd-networkd
Public bug reported: Systemd-networkd clobbers VIPs placed by other daemons on any reconfiguration triggering systemd-networkd restart (netplan apply for example). Keepalived < version 2.0.x will not restore a VIP lost in this fashion, breaking high availability on Ubuntu 18.04 LTS. A backport for keepalived >= 2.0.x should fix the issue. ** Affects: keepalived (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1819074 Title: Keepalived < 2.0.x in Ubuntu 18.04 LTS not compatible with systemd- networkd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/keepalived/+bug/1819074/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1815101] Re: netplan removes keepalived configuration
Newer keepalived (> 2.0.x) addresses the systemd-networkd behavior. >From keepalived 2.0.0 release notes: "Transition to backup state if a VIP or eVIP is removed When we next transition to master the addresses will be restored. If nopreempt is not set, that will be almost immediately." Any chance of a keepalived 2.0.x backport package for Ubuntu 18.0.4? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1815101 Title: netplan removes keepalived configuration To manage notifications about this bug go to: https://bugs.launchpad.net/netplan/+bug/1815101/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 423252] Re: NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd
Re #120 (adam-stokes) The best workable solution for me would be working official packages for Lucid and Pangolin. Working LDAP authn/z over TLS is baseline functionality for us (servers and academic computer labs). I've had no problems with the patch from #73 thus far on our Lucid servers. Most traffic is Apache php/suexec. Day to day use is sudo/su for sysadmins. Have not noticed any side effects. We've been running this way since 2011-04-11. Currently planning to test nutznbotz #113 gnutls using nettle and adejong #119 nss-pam-ldapd, but not until summer when we test Pangolin for production. Thanks canonical folks and patch contributors for all the great work on this. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in Ubuntu. https://bugs.launchpad.net/bugs/423252 Title: NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/423252/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 423252] Re: NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd
Re #120 (adam-stokes) The best workable solution for me would be working official packages for Lucid and Pangolin. Working LDAP authn/z over TLS is baseline functionality for us (servers and academic computer labs). I've had no problems with the patch from #73 thus far on our Lucid servers. Most traffic is Apache php/suexec. Day to day use is sudo/su for sysadmins. Have not noticed any side effects. We've been running this way since 2011-04-11. Currently planning to test nutznbotz #113 gnutls using nettle and adejong #119 nss-pam-ldapd, but not until summer when we test Pangolin for production. Thanks canonical folks and patch contributors for all the great work on this. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/423252 Title: NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/423252/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 423252] Re: NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd
Just a follow up to #106. We have been running with the libgcrypt11 patch from #73 with a couple thousand openldap and AD users using Apache2/phpsuexec on Lucid 10.04.2 64 bit for months now with no troubles. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in Ubuntu. https://bugs.launchpad.net/bugs/423252 Title: NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/423252/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 423252] Re: NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd
Just a follow up to #106. We have been running with the libgcrypt11 patch from #73 with a couple thousand openldap and AD users using Apache2/phpsuexec on Lucid 10.04.2 64 bit for months now with no troubles. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/423252 Title: NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-release-notes/+bug/423252/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 423252] Re: NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd
I just tried Howard's patch from #73 this morning, using the libgcrypt11_1.4.4-5ubuntu2_amd64.deb source files to roll a new libgcrypt11 package. I can now su to root from accounts not in the local password file database, before I could not. That was on a Lucid 10.04.2 LTS vm. Next week sometime we might be able to test Apache2/phpsuexec for a larger base of user accounts. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in Ubuntu. https://bugs.launchpad.net/bugs/423252 Title: NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 423252] Re: NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd
I just tried Howard's patch from #73 this morning, using the libgcrypt11_1.4.4-5ubuntu2_amd64.deb source files to roll a new libgcrypt11 package. I can now su to root from accounts not in the local password file database, before I could not. That was on a Lucid 10.04.2 LTS vm. Next week sometime we might be able to test Apache2/phpsuexec for a larger base of user accounts. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/423252 Title: NSS using LDAP+SSL breaks setuid applications like su, sudo, apache2 suexec, and atd -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 620133] Re: ltsp-client-setup init.d script does not run bind_mounts in Lucid
After taking a look at the debian ltsp-bindmounts script, worked around our issue with the following in /usr/share/ltsp/ltsp-bindmounts: #!/bin/sh . /usr/share/ltsp/ltsp-init-common . /etc/default/ltsp-client-setup bind_mounts Nothing else seems to be reading /etc/default/ltsp-client-setup file. Are the old ltsp-client-setup variables expected to live in lts.conf now? If so we'll dig through the latest ltsp guide in svn to see if we can figure them out. This install was an upgrade from Jaunty-Karmic-Lucid. Thanks. -- ltsp-client-setup init.d script does not run bind_mounts in Lucid https://bugs.launchpad.net/bugs/620133 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 620133] Re: ltsp-client-setup init.d script does not run bind_mounts in Lucid
Checked /usr/share/initramfs-tools/scripts/nfs-bottom/ltsp. The only reference it makes to bind mounts is: ltsp_bindmounts=/usr/share/ltsp/ltsp-bindmounts There is no /usr/share/ltsp/ltsp-bindmounts in the ltsp-client-core package. The bind_mounts () function exists instead in /usr/share/ltsp/ltsp-init-common which is sourced by /etc/init.d/ltsp-client-setup... -- ltsp-client-setup init.d script does not run bind_mounts in Lucid https://bugs.launchpad.net/bugs/620133 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 620133] [NEW] ltsp-client-setup init.d script does not run bind_mounts in Lucid
Public bug reported: Binary package hint: ltsp-client-core This appears to fix it in our Lucid, fat client, nfsroot, LTSP environment: --- ltsp-client-setup-dist-lucid 2010-08-17 16:24:20.0 -0600 +++ ltsp-client-setup 2010-08-17 14:17:35.0 -0600 @@ -38,6 +38,7 @@ eval $(getltscfg-cluster -a -l refresh) || true fi load_modules || true + bind_mounts || true configure_resolver || true set_time || true configure_console || true ** Affects: ltsp (Ubuntu) Importance: Undecided Status: New -- ltsp-client-setup init.d script does not run bind_mounts in Lucid https://bugs.launchpad.net/bugs/620133 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 506297] Re: Graphical Ubuntu logo enabled on servers, no more login prompt
@Tom Ellis, Thanks! The 'noplymouth' option worked great with all plymouth upstart scripts back in place. Definitely a more civilized approach. Boot options of: ro nosplash noplymouth INIT_VERBOSE=yes init=/sbin/init -v give nice output on a VM server text console. -- Graphical Ubuntu logo enabled on servers, no more login prompt https://bugs.launchpad.net/bugs/506297 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 531331] Re: Remove plymouth destroying system
For Lucid Server edition we disabled Plymouth by removing the /etc/init/plymouth*.conf scripts. That and some other changes resulted in a nicer console for servers: http://staff.adams.edu/~cdmiller/posts /Ubuntu-Lucid-server-disable-plymouth/ In the post is our list of packages that apt reports depend on Plymouth. The list of packages is nonsensical. Pragmatically, Plymouth needs a different default configuration for server releases. An aside, my wife's Lucid workstation boots up screamingly fast now with the upstart/Plymouth combo. -- Remove plymouth destroying system https://bugs.launchpad.net/bugs/531331 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 556372] Re: Please remove the plymouth dependency from mountall / cryptsetup
To disable Plymouth on Lucid server we removed the /etc/init/plymouth*.conf scripts: http://staff.adams.edu/~cdmiller/posts /Ubuntu-Lucid-server-disable-plymouth/ Hope that is a helpful kludge for some. -- Please remove the plymouth dependency from mountall / cryptsetup https://bugs.launchpad.net/bugs/556372 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 506297] Re: Graphical Ubuntu logo enabled on servers, no more login prompt
Here is how we got a text only console for Lucid server, and upgrade from Karmic on a VM: Enable the text console: http://staff.adams.edu/~cdmiller/posts/Ubuntu-Lucid-server-text-console/ Disable Plymouth: http://staff.adams.edu/~cdmiller/posts/Ubuntu-Lucid-server-disable-plymouth/ Verbose Upstart for boot messages: http://staff.adams.edu/~cdmiller/posts/Ubuntu-Lucid-server-upstart/ -- Graphical Ubuntu logo enabled on servers, no more login prompt https://bugs.launchpad.net/bugs/506297 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 423252] Re: NSS using LDAP on Karmic breaks 'su' and 'sudo'
Finally got a chance to revisit this after post #29 above. For that servers config I still had a local /etc/passwd entry for the affected account and so was not triggering the described su and sudo symptoms. On Karmic with: libnss-ldap 261-2.1ubuntu4 sudo 1.7.0-1ubuntu2.1 login 1:4.1.4.1-1ubuntu2 Without an /etc/passwd entry and an otherwise working libnss-ldap setup sudo returns sudo: setreuid(ROOT_UID, user_uid): Operation not permitted and su fails with su: Authentication failure Tests: With libnss-ldap, su and sudo fail. With nscd and libnss-ldap, su and sudo work. With libnss-ldapd, with or without nscd, su and sudo work. As root, getent returns passwd entries correctly for all the above cases. -- NSS using LDAP on Karmic breaks 'su' and 'sudo' https://bugs.launchpad.net/bugs/423252 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to libnss-ldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 423252] Re: NSS using LDAP on Karmic breaks 'su' and 'sudo'
Finally got a chance to revisit this after post #29 above. For that servers config I still had a local /etc/passwd entry for the affected account and so was not triggering the described su and sudo symptoms. On Karmic with: libnss-ldap 261-2.1ubuntu4 sudo 1.7.0-1ubuntu2.1 login 1:4.1.4.1-1ubuntu2 Without an /etc/passwd entry and an otherwise working libnss-ldap setup sudo returns sudo: setreuid(ROOT_UID, user_uid): Operation not permitted and su fails with su: Authentication failure Tests: With libnss-ldap, su and sudo fail. With nscd and libnss-ldap, su and sudo work. With libnss-ldapd, with or without nscd, su and sudo work. As root, getent returns passwd entries correctly for all the above cases. -- NSS using LDAP on Karmic breaks 'su' and 'sudo' https://bugs.launchpad.net/bugs/423252 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 423252] Re: NSS using LDAP on Karmic breaks 'su' and 'sudo'
We use LDAP over TLS via PAM for auth, and use NSSWITCH as well. After upgrade from Hardy - Jaunty - Karmic, su no longer functioned, however sudo did work. Here is what I found. When upgrading to Karmic, keeping our old /etc/pam.d/common-auth failed for su. Putting in the default common- auth from a fresh install of Karmic works. Old /etc/pam.d/common-auth: auth sufficient pam_ldap.so debug auth sufficient pam_unix.so try_first_pass likeauth nullok auth required pam_deny.so auth required pam_nologin.so Baseline Karmic /etc/pam.d/common-auth that works (snippet): # here are the per-package modules (the Primary block) auth[success=2 default=ignore] pam_unix.so nullok_secure auth[success=1 default=ignore] pam_ldap.so use_first_pass # here's the fallback if no module succeeds authrequisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around authrequiredpam_permit.so Our relavent nsswitch lines: passwd: files ldap group: files ldap shadow: files ldap Relevant /etc/ldap.conf lines: ssl start_tls tls_checkpeer no So, after fixing the common-auth file, su began working for us. Hope that is helpful. -- NSS using LDAP on Karmic breaks 'su' and 'sudo' https://bugs.launchpad.net/bugs/423252 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 214782] Re: device naming mismatch between libvirt and kvm/qemu
I can confirm this. This is on current Hardy and on Intrepid with libvirt 0.4.2. Qemu 0.9.1 is where the change in cdrom device name happened. Fedora 9 still uses Qemu 0.9.0 and are thus unaffected so far. Short term cludge attached. Longer term fix should check qemu info block from the monitor to get a list of cdrom devices. ** Attachment added: sub ide0-cd1 for cdrom for qemu 0.9.1 http://launchpadlibrarian.net/15353284/qemu_driver.c-diff -- device naming mismatch between libvirt and kvm/qemu https://bugs.launchpad.net/bugs/214782 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 240442] Re: Fix for cdrom change in libvirt virsh virt-manager
** Attachment added: sub ides-cd0 for cdrom in qemu_driver.c for libvirt http://launchpadlibrarian.net/15354080/qemu_driver.c-diff -- Fix for cdrom change in libvirt virsh virt-manager https://bugs.launchpad.net/bugs/240442 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 240442] [NEW] Fix for cdrom change in libvirt virsh virt-manager
Public bug reported: Binary package hint: libvirt0 On hardy with libvirt 0.4.0 and on Hardy using Intrepid libvirt 0.4.2 change cdrom does not work for kvm/qemu guests. Qemu version 0.9.1 changed device naming to allow for multiple cd's. A single cd will appear as ide1-cd0 rather than cdrom. Fedora 9 still uses qemu 0.9.0 and so is unaffected. Patch attached is a short term fix, longer term should check qemu monitor info block to see what devices are cdrom's. libvirt-bin0.4.2-5ubuntu2, 0.4.0-2ubuntu8 libvirt0 0.4.2-5ubuntu2, 0.4.0-2ubuntu8 Description:Ubuntu 8.04 Release:8.04 This is also reported in bug 214782, but the summary line is less direct. ** Affects: libvirt (Ubuntu) Importance: Undecided Status: New ** Tags: cdrom change hardy intrepid libvirt -- Fix for cdrom change in libvirt virsh virt-manager https://bugs.launchpad.net/bugs/240442 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 113645] Re: IPW3945 using Network-Manager disconnects often
I see similar behaviour constant disconnecting / reconnecting to an old wap11 unencrypted, with Feisty on a lenovo thinkpad x60 and: 03:00.0 Network controller: Intel Corporation PRO/Wireless 3945ABG Network Connection (rev 02). Sometimes after several reconnects I get an oops. -- IPW3945 using Network-Manager disconnects often https://bugs.launchpad.net/bugs/113645 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
