[Bug 1849346] Re: [snap] kerberos GSSAPI no longer works after deb->snap transition
if the goal is to have a single snap making use of the kerberos ticket, as a workaround you can put something like this in /etc/krb5.conf [libdefaults] default_ccache_name = DIR:/home/%{username}/snap/firefox/common/.cache/.k5_ccache the default connections for the firefox snap prevent it to read hidden files under $HOME, so we help it a little. Seems to work so far -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1849346 Title: [snap] kerberos GSSAPI no longer works after deb->snap transition To manage notifications about this bug go to: https://bugs.launchpad.net/firefox/+bug/1849346/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1913570] Re: Firefox not opening file chooser dialog for importing certificates
I hit this bug too with firefox 94.0.1-1 / Ubuntu 20.04.3 LTS (Focal Fossa) when trying to import my certificate from /etc/ssl/certs/toto.crt, that has previously been installed with update-ca-certificates, "nothing happens" as you describe when opening the Browser Console, and repeating the action, I get an error: message: "Component returned failure code: 0x80520012 (NS_ERROR_FILE_NOT_FOUND) [nsIX509CertDB.importCertsFromFile]" we can see what happens by looking in the snap: snap run --shell firefox cat /etc/ssl/certs/toto.crt : No such file or directory this is a symlink that points to a folder under /usr/local/share/ca- certificates which is not accessible by the snap. Fix it: copy the file under $HOME where it can be imported... hth -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1913570 Title: Firefox not opening file chooser dialog for importing certificates To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1913570/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1950000] [NEW] landscape-client leaking the private URL of the server
Public bug reported: landscape-client 19.12-0ubuntu4.2 my client.conf contains [client] url = https://my.super.secret.company.com/message-system that allows to reach a private landscape-server whenever I am on the company's network. When I am not connected on my company's network, I expect no traffic to be attempted to the private landscape-server. In practice though, the client will keep trying to connect and send DNS queries to resolve my.super.secret.company.com (they all fail). This is unencrypted traffic to a public DNS server, so my laptop is leaking the private URL of the landscape server. I would like to prevent this traffic, basically: "my.super.secret.company.com" name should never be sent to a DNS server not owned by my company. (of course I would love a generic solution as landscape-client is not the only one doing this :) but it is the worst offender on my laptop) ** Affects: landscape-client (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/195 Title: landscape-client leaking the private URL of the server To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/landscape-client/+bug/195/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1949723] [NEW] systemd-resolved segfault in hashmap_iterate_entry
Public bug reported: installed libnss-resolve that put "resolve" in nsswitch.conf. $ lsb_release -rd Description:Ubuntu 20.04.3 LTS Release:20.04 $ dpkg -l systemd | grep systemd ii systemd245.4-4ubuntu3.13 amd64system and service manager $ grep ^hosts /etc/nsswitch.conf hosts: files libvirt mdns4_minimal resolve [NOTFOUND=return] dns mymachines systemd-resolved crashed once with segmentation fault. (gdb) bt #0 0x7f119c67693a in hashmap_iterate_entry (h=h@entry=0x706f746b73656465, i=i@entry=0x7ffc4ef515d0) at ../src/basic/hashmap.c:705 #1 0x7f119c6789d6 in internal_hashmap_iterate (h=0x706f746b73656465, i=i@entry=0x7ffc4ef515d0, value=value@entry=0x7ffc4ef515c8, key=key@entry=0x0) at ../src/basic/hashmap.c:714 #2 0x7f119c678a8b in set_iterate (s=, i=i@entry=0x7ffc4ef515d0, value=value@entry=0x7ffc4ef515c8) at ../src/basic/hashmap.c:735 #3 0x55ba5e0ea917 in dns_query_candidate_go (c=c@entry=0x55ba5f353180) at ../src/resolve/resolved-dns-query.c:152 #4 0x55ba5e0e9f0c in dns_query_candidate_notify (c=c@entry=0x55ba5f353180) at ../src/resolve/resolved-dns-query.c:312 #5 0x55ba5e0ea178 in dns_transaction_complete (t=0x55ba5f37a9d0, state=) at ../src/resolve/resolved-dns-transaction.c:351 #6 0x55ba5e0e27cd in dns_transaction_process_dnssec (t=t@entry=0x55ba5f37a9d0) at ../src/resolve/resolved-dns-transaction.c:838 #7 0x55ba5e0e3649 in dns_transaction_process_reply (t=t@entry=0x55ba5f37a9d0, p=p@entry=0x55ba5f39dce0) at ../src/resolve/resolved-dns-transaction.c:1210 #8 0x55ba5e0e40ab in on_dns_packet (s=, fd=, revents=, userdata=0x55ba5f37a9d0) at ../src/resolve/resolved-dns-transaction.c:1264 #9 0x7f119c5e6c77 in source_dispatch (s=s@entry=0x55ba5f346780) at ../src/libsystemd/sd-event/sd-event.c:3193 #10 0x7f119c5e6f11 in sd_event_dispatch (e=e@entry=0x55ba5f320430) at ../src/libsystemd/sd-event/sd-event.c:3634 #11 0x7f119c5e8948 in sd_event_run (e=e@entry=0x55ba5f320430, timeout=timeout@entry=18446744073709551615) at ../src/libsystemd/sd-event/sd-event.c:3692 #12 0x7f119c5e8b6f in sd_event_loop (e=0x55ba5f320430) at ../src/libsystemd/sd-event/sd-event.c:3714 #13 0x55ba5e0c326a in run (argv=, argc=) at ../src/resolve/resolved.c:84 #14 main (argc=, argv=) at ../src/resolve/resolved.c:91 This seems to have been reported upstream https://github.com/systemd/systemd/issues/16168 ** Affects: systemd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1949723 Title: systemd-resolved segfault in hashmap_iterate_entry To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1949723/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1674273] Re: Resolver ignores ndots option
This still occurs in Focal. nslookup "respects the dots" as it calls the systemd resolver, and as per man resolved.conf(5) Domains= A space-separated list of domains. These domains are used as search suffixes when resolving single-label host names (domain names which contain no dot) to get this behavior on ping you need ping to switch to the systemd resolver ("resolve" in nsswitch) which is achieved with apt install libnss-resolve -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1674273 Title: Resolver ignores ndots option To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/1674273/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs