subject:"\[Bug 1832757\] Re\: Update ubuntu\-advantage\-client"

I'm satisfied with the results, also considering test (5) done in the
other bug. Just to be sure, I also tried it via dist-upgrade. That is a
bit more hacky, as it involves changing s/precise/trusty/ in
sources.list snippets, ignoring gpg errors (as precise doesn't have the
gpg key for trusty-esm) and so on, but it also worked in the end.

Flipping the tags.

** Tags removed: verification-needed-trusty
** Tags added: verification-done-trusty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

Test 4:
>From a fresh trusty instance, which has uat installed (from updates):
a) enable esm (via ubuntu-advantage enable-esm), upgrade to proposed
b) upgrade to proposed, enable esm (via ua attach)

Result: PASS

Details:
In the end, both instances have the same proposed package:
$ lxc exec esm-sru-4a apt-cache policy ubuntu-advantage-tools
ubuntu-advantage-tools:
  Installed: 19.6~ubuntu14.04.3
  Candidate: 19.6~ubuntu14.04.3
  Version table:
 *** 19.6~ubuntu14.04.3 0
500 http://br.archive.ubuntu.com/ubuntu/ trusty-proposed/main amd64 
Packages
100 /var/lib/dpkg/status
 10ubuntu0.14.04.4 0
500 http://archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages

And both have ESM enabled. In the (b) case, it's using the new infra
pocket names because ESM was enabled with the new client via ua attach:

$ lxc exec esm-sru-4b apt-cache policy |grep esm
 500 https://esm.ubuntu.com/ubuntu/ trusty-infra-updates/main amd64 Packages
 origin esm.ubuntu.com
 500 https://esm.ubuntu.com/ubuntu/ trusty-infra-security/main amd64 Packages
 origin esm.ubuntu.com

Content comparison
- etc directory (/dev/null was used because of the broken absolute symlinks; 
here is the suppressed output: https://paste.ubuntu.com/p/n98rSKBqvP/):
$ diff -uNr 4a/etc 4b/etc 2>/dev/null
diff -uNr 4a/etc/apt/auth.conf.d/90ubuntu-advantage 
4b/etc/apt/auth.conf.d/90ubuntu-advantage
--- 4a/etc/apt/auth.conf.d/90ubuntu-advantage   2019-10-31 15:52:19.613041203 
-0300
+++ 4b/etc/apt/auth.conf.d/90ubuntu-advantage   2019-10-31 15:57:10.593242280 
-0300
@@ -1 +1 @@
-machine esm.ubuntu.com/ login myuser password mypass
+machine esm.ubuntu.com/ login bearer password longrandompass  # 
ubuntu-advantage-tools

Since (4b) runs ua attach, the credentials are converted to the new
bearer format, so the above is expected and correct.

diff -uNr 4a/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list 
4b/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list
--- 4a/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list  2019-10-31 
15:52:19.629041498 -0300
+++ 4b/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list  2019-10-31 
15:57:10.605241750 -0300
@@ -1,5 +1,4 @@
-deb https://esm.ubuntu.com/ubuntu trusty-security main
-# deb-src https://esm.ubuntu.com/ubuntu trusty-security main
-
-deb https://esm.ubuntu.com/ubuntu trusty-updates main
-# deb-src https://esm.ubuntu.com/ubuntu trusty-updates main
+deb https://esm.ubuntu.com/ubuntu trusty-infra-security main
+# deb-src https://esm.ubuntu.com/ubuntu trusty-infra-security main
+deb https://esm.ubuntu.com/ubuntu trusty-infra-updates main
+# deb-src https://esm.ubuntu.com/ubuntu trusty-infra-updates main

Since (4b) runs attach, the pockets are renamed to the new infra names,
so the above is also expected and correct.


- /var:
Also broken symlinks, and:
$ diff -uNr 4a/var 4b/var|diffstat -l
diff: 4a/var/lib/cloud/instance: No such file or directory
diff: 4b/var/lib/cloud/instance: No such file or directory
cache/apt/pkgcache.bin
cache/apt/srcpkgcache.bin
cache/man/index.db
lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-security_InRelease
lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-security_main_binary-amd64_Packages
lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-updates_InRelease
lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-updates_main_binary-amd64_Packages
lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-security_InRelease
lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-security_main_binary-amd64_Packages
lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-updates_InRelease
lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-updates_main_binary-amd64_Packages
lib/cloud/data/status.json
lib/cloud/instances/esm-sru-4a/boot-finished
lib/cloud/instances/esm-sru-4a/user-data.txt.i
lib/cloud/instances/esm-sru-4a/vendor-data.txt.i
lib/dhcp/dhclient.eth0.leases
lib/ubuntu-advantage/private/machine-access-cc-eal.json
lib/ubuntu-advantage/private/machine-access-esm-infra.json
lib/ubuntu-advantage/private/machine-access-fips-updates.json
lib/ubuntu-advantage/private/machine-access-fips.json
lib/ubuntu-advantage/private/machine-access-livepatch.json
lib/ubuntu-advantage/private/machine-access-support.json
lib/ubuntu-advantage/private/machine-token.json
lib/ubuntu-advantage/status.json
lib/urandom/random-seed
log/apt/history.log
log/apt/term.log
log/cloud-init-output.log
log/cloud-init.log
log/dmesg
log/dmesg.0
log/dmesg.1.gz
log/dpkg.log
log/kern.log
log/syslog
log/ubuntu-advantage.log
log/upstart/acpid.log
log/upstart/apport.log
log/upstart/console-setup.log
log/upstart/cryptdisks.log
log/upstart/hwclock.log
log/upstart/kmod.log
log/upstart/mountall.log
log/upstart/mounted-debugfs.log
log/upstart/mounted-dev.log
log/upstart/mounted-proc.log
log/upstart/procps-static-network-up.log
log/upstart/procps-virtual-filesystems.log
log/upstart/setvtrgb.log
log/upstart/systemd-logind.log
log/upstart/ttyS0.log
log/wtmp

The /var/lib/ubuntu-advantage files are n

[Bug 1832757] Re: Update ubuntu-advantage-client

Test 3:
>From a fresh trusty system, no uat installed, no ubuntu-minimal installed
a) install uat from updates, enable esm, upgrade to proposed
b) install uat from proposed, enable esm (via ua attach)

Result: PASS

Details:
At the end, confirmed that both chroots have esm enabled and with a positive 
pinning:
# chroot /tank/trusty-3a/ apt-cache policy | grep esm
 500 https://esm.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages
 origin esm.ubuntu.com
 500 https://esm.ubuntu.com/ubuntu/ trusty-security/main amd64 Packages
 origin esm.ubuntu.com
# chroot /tank/trusty-3b/ apt-cache policy | grep esm
 500 https://esm.ubuntu.com/ubuntu/ trusty-infra-updates/main amd64 Packages
 origin esm.ubuntu.com
 500 https://esm.ubuntu.com/ubuntu/ trusty-infra-security/main amd64 Packages
 origin esm.ubuntu.com

Note how (3b) is using the new infra pocket names, however. That's
because "ua attach" was run in that case, and it wasn't run in (3a).
Both work, though, and it's expected that users will eventually run "ua
attach" after upgrading even if they had esm enabled before. This is
mentioned in the [Other Info] section of the bug description.

Filesystem differences:
# diff -uNr /tank/trusty-3{a,b}/ 2>/dev/null | diffstat -l
etc/apt/auth.conf.d/90ubuntu-advantage
etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list
var/cache/apt/archives/ubuntu-advantage-tools_10ubuntu0.14.04.4_all.deb
var/cache/apt/pkgcache.bin
var/cache/apt/srcpkgcache.bin
var/cache/ldconfig/aux-cache
var/lib/apt/extended_states
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-security_InRelease
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-security_main_binary-amd64_Packages
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-updates_InRelease
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-updates_main_binary-amd64_Packages
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-security_InRelease
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-security_main_binary-amd64_Packages
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-updates_InRelease
var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-updates_main_binary-amd64_Packages
var/lib/dpkg/available
var/lib/dpkg/available-old
var/lib/dpkg/status-old
var/lib/ubuntu-advantage/machine-id
var/lib/ubuntu-advantage/private/machine-access-cc-eal.json
var/lib/ubuntu-advantage/private/machine-access-esm-infra.json
var/lib/ubuntu-advantage/private/machine-access-fips-updates.json
var/lib/ubuntu-advantage/private/machine-access-fips.json
var/lib/ubuntu-advantage/private/machine-access-livepatch.json
var/lib/ubuntu-advantage/private/machine-access-support.json
var/lib/ubuntu-advantage/private/machine-token.json
var/lib/ubuntu-advantage/status.json
var/log/apt/history.log
var/log/apt/term.log
var/log/dpkg.log
var/log/ubuntu-advantage.log

Of the above, only /etc/apt is of interest, so let's take a closer look:
# diff -uNr /tank/trusty-3{a,b}/etc/apt
diff -uNr /tank/trusty-3a/etc/apt/auth.conf.d/90ubuntu-advantage 
/tank/trusty-3b/etc/apt/auth.conf.d/90ubuntu-advantage
--- /tank/trusty-3a/etc/apt/auth.conf.d/90ubuntu-advantage  2019-10-31 
15:04:20.083887502 -0300
+++ /tank/trusty-3b/etc/apt/auth.conf.d/90ubuntu-advantage  2019-10-31 
15:06:51.943489600 -0300
@@ -1 +1 @@
-machine esm.ubuntu.com/ login myuser password mypass
+machine esm.ubuntu.com/ login bearer password verylongrandompass  # 
ubuntu-advantage-tools

The above confirms that ua attach was run on (3b), because the old style
credentials were removed and the new style was put in place.

diff -uNr /tank/trusty-3a/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list 
/tank/trusty-3b/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list
--- /tank/trusty-3a/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list 
2019-10-31 15:04:20.083887502 -0300
+++ /tank/trusty-3b/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list 
2019-10-31 15:06:51.935489610 -0300
@@ -1,5 +1,4 @@
-deb https://esm.ubuntu.com/ubuntu trusty-security main
-# deb-src https://esm.ubuntu.com/ubuntu trusty-security main
-
-deb https://esm.ubuntu.com/ubuntu trusty-updates main
-# deb-src https://esm.ubuntu.com/ubuntu trusty-updates main
+deb https://esm.ubuntu.com/ubuntu trusty-infra-security main
+# deb-src https://esm.ubuntu.com/ubuntu trusty-infra-security main
+deb https://esm.ubuntu.com/ubuntu trusty-infra-updates main
+# deb-src https://esm.ubuntu.com/ubuntu trusty-infra-updates main

This also confirms that ua attach was run on (3b), since we now have the
new infra pocket names.

Like with test (2), absolute symlinks in the chroot get broken when
looked at from the outside, so here is a list of what was suppressed
from the full diff output: https://paste.ubuntu.com/p/7BmfzQjtqt/

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to

[Bug 1832757] Re: Update ubuntu-advantage-client

Test 2:
a) fresh install from t-updates, go to t-proposed
b) fresh install from t-proposed directly

Result: PASS

Details:
At the end, we have two chroots: /tank/trusty-2a and /tank/trusty-2b
# chroot /tank/trusty-2a apt-cache policy ubuntu-advantage-tools
ubuntu-advantage-tools:
  Installed: 19.6~ubuntu14.04.3
  Candidate: 19.6~ubuntu14.04.3
  Version table:
 *** 19.6~ubuntu14.04.3 0
500 http://br.archive.ubuntu.com/ubuntu/ trusty-proposed/main amd64 
Packages
100 /var/lib/dpkg/status
 10ubuntu0.14.04.4 0
500 http://br.archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 
Packages

# chroot /tank/trusty-2b apt-cache policy ubuntu-advantage-tools
ubuntu-advantage-tools:
  Installed: 19.6~ubuntu14.04.3
  Candidate: 19.6~ubuntu14.04.3
  Version table:
 *** 19.6~ubuntu14.04.3 0
500 http://br.archive.ubuntu.com/ubuntu/ trusty-proposed/main amd64 
Packages
100 /var/lib/dpkg/status
 10ubuntu0.14.04.4 0
500 http://br.archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 
Packages


Diffing content of both chroots:
# find /tank/trusty-2b/ -xdev | sed -r 's,^/tank/[^/]+,,' | sort > 
full-trusty-2b.list
# find /tank/trusty-2a/ -xdev | sed -r 's,^/tank/[^/]+,,' | sort > 
full-trusty-2a.list

The diff is:
# diff -u full-trusty-2{a,b}.list
--- full-trusty-2a.list 2019-10-31 14:46:33.307720630 -0300
+++ full-trusty-2b.list 2019-10-31 14:46:26.487592874 -0300
@@ -1567,7 +1567,6 @@
 /opt
 /proc
 /root
-/root/.bash_history
 /root/.bashrc
 /root/.profile
 /run
@@ -13724,7 +13723,6 @@
 /var/cache/apt/archives/sysv-rc_2.88dsf-41ubuntu6_all.deb
 /var/cache/apt/archives/tar_1.27.1-1_amd64.deb
 /var/cache/apt/archives/tzdata_2014b-1_all.deb
-/var/cache/apt/archives/ubuntu-advantage-tools_10ubuntu0.14.04.4_all.deb
 /var/cache/apt/archives/ubuntu-advantage-tools_19.6~ubuntu14.04.3_amd64.deb
 /var/cache/apt/archives/ubuntu-keyring_2012.05.19_all.deb
 /var/cache/apt/archives/ucf_3.0027+nmu1_all.deb

The above shows that trusty-2a went through the trusty-updates u-a-t
package, while trusty-2b didn't.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

addendum for test 2:
# diff -uNr /tank/trusty-2{a,b}/ 2>/dev/null|diffstat
 root/.bash_history  |2 
 var/cache/apt/archives/ubuntu-advantage-tools_10ubuntu0.14.04.4_all.deb |binary
 var/cache/apt/pkgcache.bin  |binary
 var/cache/ldconfig/aux-cache|binary
 var/lib/apt/extended_states |   24 
 var/lib/dpkg/available  |   46 
 var/lib/dpkg/available-old  |  601 
-
 var/lib/dpkg/status-old |  105 
-
 var/log/apt/history.log |   12 
 var/log/apt/term.log|7 
 var/log/dpkg.log|  639 
--
 11 files changed, 409 insertions(+), 1027 deletions(-)

2>/dev/null was added because of broken absolute symlinks, which are
only fine inside the chroot, but not from the outside. Full list at
https://paste.ubuntu.com/p/sMmzYRrJT9/

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

Test 1: basic attach w/ proposed


Result: PASS

Details:
$ lxc launch ubuntu-daily:trusty t1
Creating t1
Starting t1

# enable proposed, update, check
$ lxc exec t1 apt-get update
$ lxc exec t1 apt-cache policy ubuntu-advantage-tools
ubuntu-advantage-tools:
  Installed: 10ubuntu0.14.04.3
  Candidate: 19.6~ubuntu14.04.3
  Version table:
 19.6~ubuntu14.04.3 0
500 http://archive.ubuntu.com/ubuntu/ trusty-proposed/main amd64 
Packages
 10ubuntu0.14.04.4 0
500 http://archive.ubuntu.com/ubuntu/ trusty-updates/main amd64 Packages
 *** 10ubuntu0.14.04.3 0

# update
$ lxc exec t1 apt-get install ubuntu-advantage-tools

# attach
$ lxc exec t1 ua attach $token
Enabling default service esm-infra
Updating package lists
ESM Infra enabled
This machine is now attached to 'panli...@gmail.com'

SERVICE   ENTITLED  STATUSDESCRIPTION
cc-ealyes   n/a   Common Criteria EAL2 Provisioning Packages
cis-audit no— Center for Internet Security Audit Tools
esm-infra yes   enabled   UA Infra: Extended Security Maintenance
fips  yes   n/a   NIST-certified FIPS modules
fips-updates  yes   n/a   Uncertified security updates to FIPS modules
livepatch yes   n/a   Canonical Livepatch service

Enable services with: ua enable 

 Account: panli...@gmail.com
Subscription: panli...@gmail.com

# confirm esm repo is enabled with positive pinning
$ lxc exec t1 apt-cache policy|grep esm
 500 https://esm.ubuntu.com/ubuntu/ trusty-infra-updates/main amd64 Packages
 origin esm.ubuntu.com
 500 https://esm.ubuntu.com/ubuntu/ trusty-infra-security/main amd64 Packages
 origin esm.ubuntu.com

# test download an esm update
$ lxc exec t1 -- apt-get install -d sudo
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libfreetype6 os-prober
Use 'apt-get autoremove' to remove them.
The following packages will be upgraded:
  sudo
1 upgraded, 0 newly installed, 0 to remove and 59 not upgraded.
Need to get 833 kB of archives.
After this operation, 1072 kB of additional disk space will be used.
Get:1 https://esm.ubuntu.com/ubuntu/ trusty-infra-security/main sudo amd64 
1.8.9p5-1ubuntu1.5+esm2 [833 kB]
Fetched 833 kB in 5s (166 kB/s)
Download complete and in download only mode

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

Repeating tests 1-4 here.

Test number 5, which failed in the previous verification, can be seen
done in bug https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-
tools/+bug/1850672. It was done with do-release-upgade, which is how I
expect users would upgrade from precise, and I took care with the
repositories to make sure esm was included in the upgrades, and the
right ubuntu-advantage-tools package was used each time (either from
trusty-updates, or from -proposed).

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-10-30 Thread Steve Langasek

Hello Andreas, or anyone else affected,

Accepted ubuntu-advantage-tools into trusty-proposed. The package will
build now and be available at https://launchpad.net/ubuntu/+source
/ubuntu-advantage-tools/19.6~ubuntu14.04.3 in a few hours, and then in
the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-trusty to verification-done-trusty. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-trusty. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Tags removed: verification-failed-trusty
** Tags added: verification-needed-trusty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-10-30 Thread Andreas Hasenack

Test (5a) failed. The scenario is an upgrade from precise with esm
enabled to trusty, and then to trusty-proposed. What happened is that
after installing the trusty proposed package in this sequence, ESM
became disabled.

Upstream bug: https://github.com/CanonicalLtd/ubuntu-advantage-
client/issues/899


** Bug watch added: github.com/CanonicalLtd/ubuntu-advantage-client/issues #899
   https://github.com/CanonicalLtd/ubuntu-advantage-client/issues/899

** Tags removed: verification-needed-trusty
** Tags added: verification-failed-trusty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-10-30 Thread Andreas Hasenack

An 19.6~ubuntu14.04.3 upload with the fix will be done shortly.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-10-28 Thread Andreas Hasenack

trusty verification, test case (4)

Both scenarios, (a) and (b), start from trusty with u-a-t already
installed from updates

Test (a): enable esm -> upgrade to proposed
Test (b): upgrade to proposed -> ua attach (which enables esm)

The u-a-t package from updates that was used is: 10ubuntu0.14.04.4
The u-a-t package from proposed that was used is: 19.6~ubuntu14.04.2

At the end, this is the diff between the files on both containers. I
manually removed uninteresting bits like /etc/hostname, /etc/ssh/*,
cloud-init data, etc. This is what remains:

1) output of diff -uNr 4a 4b (minus the manually excluded hunks described 
above):
--- 4a/etc/apt/auth.conf.d/90ubuntu-advantage
+++ 4b/etc/apt/auth.conf.d/90ubuntu-advantage
@@ -1 +1 @@
-machine esm.ubuntu.com/ login $user password $pass
+machine esm.ubuntu.com/ login bearer password $newverylongpass

Since (a) didn't run ua attach, but just upgraded to the proposed
package, the credentials were not migrated to the new bearer token. ESM
keeps working without this step, but "ua status" will say the machine is
unattached. This is expected and explained in the last paragraph of the
"[Other Info]" section in this SRU bug.

--- 4a/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list
+++ 4b/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list
@@ -1,5 +1,4 @@
-deb https://esm.ubuntu.com/ubuntu trusty-security main
-# deb-src https://esm.ubuntu.com/ubuntu trusty-security main
-
-deb https://esm.ubuntu.com/ubuntu trusty-updates main
-# deb-src https://esm.ubuntu.com/ubuntu trusty-updates main
+deb https://esm.ubuntu.com/ubuntu trusty-infra-security main
+# deb-src https://esm.ubuntu.com/ubuntu trusty-infra-security main
+deb https://esm.ubuntu.com/ubuntu trusty-infra-updates main
+# deb-src https://esm.ubuntu.com/ubuntu trusty-infra-updates main

Only an "ua attach" command will rewrite the esm pockets in the
sources.list snippet to include the "infra" word. The old names, without
"infra", will not be removed from the ESM server for trusty, so having
step (a) keep using the old names isn't a problem.

2) diff -u 4a/files.list 4b/files.list
Manually removed the following diff noise:
- /var/cache/apt/archives
- /var/lib/cloud/instances
- /var/log/auth.log and /var/log/dmesg.1.gz

The following hunks remain:
--- 4a/files.list
+++ 4b/files.list
@@ -29617,10 +29623,10 @@
 /var/lib/apt/lists/br.archive.ubuntu.com_ubuntu_dists_trusty-proposed_InRelease
 
/var/lib/apt/lists/br.archive.ubuntu.com_ubuntu_dists_trusty-proposed_main_binary-amd64_Packages
 
/var/lib/apt/lists/br.archive.ubuntu.com_ubuntu_dists_trusty-proposed_main_i18n_Translation-en
-/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-security_InRelease
-/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-security_main_binary-amd64_Packages
-/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-updates_InRelease
-/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-updates_main_binary-amd64_Packages
+/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-security_InRelease
+/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-security_main_binary-amd64_Packages
+/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-updates_InRelease
+/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-updates_main_binary-amd64_Packages
 /var/lib/apt/lists/lock
 /var/lib/apt/lists/partial
 /var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_trusty-security_InRelease

(a) is still using the trusty pockets without the "infra" name, and (b),
because it ran an "ua attach", that also runs "apt update", therefore
the infra pockets are shown in apt's lists/ directory for (b) and not
for (a).

@@ -31900,6 +31953,15 @@
 /var/lib/systemd/deb-systemd-helper-enabled/ssh.socket.dsh-also
 /var/lib/systemd/deb-systemd-helper-enabled/syslog.service
 /var/lib/ubuntu-advantage
+/var/lib/ubuntu-advantage/private
+/var/lib/ubuntu-advantage/private/machine-access-cc-eal.json
+/var/lib/ubuntu-advantage/private/machine-access-esm-infra.json
+/var/lib/ubuntu-advantage/private/machine-access-fips.json
+/var/lib/ubuntu-advantage/private/machine-access-fips-updates.json
+/var/lib/ubuntu-advantage/private/machine-access-livepatch.json
+/var/lib/ubuntu-advantage/private/machine-access-support.json
+/var/lib/ubuntu-advantage/private/machine-token.json
+/var/lib/ubuntu-advantage/status.json
 /var/lib/ubuntu-release-upgrader
 /var/lib/ubuntu-release-upgrader/release-upgrade-available
 /var/lib/ucf

Since (b) ran "ua attach", that fully migrated that setup to the new
client, which is then showing content in its data directory at /var/lib
/ubuntu-advantage/. The (a) case did not run attach.

I declare test case (4) as having succeeded.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-10-28 Thread Chad Smith

test case 1: trusty `ua attach ` enables ESM and can install esm
packages

--- Test 1: Attach a trusty machine using a token from 
auth.contracts.canonical.com and verify ESM is attached and ESM packages can be 
installed.
Launch Trusty container with allowing ssh access for 
Creating sru-trusty
Starting sru-trusty
Wait for cloud-init to finish startup on trusty
...
Upgrade ubuntu-advantage-tools to trusty-proposed
deb http://archive.ubuntu.com/ubuntu trusty-proposed main
Get:1 http://security.ubuntu.com trusty-security InRelease [65.9 kB]
Ign http://archive.ubuntu.com trusty InRelease
Get:2 http://security.ubuntu.com trusty-security/main amd64 Packages [835 kB]
Get:3 http://archive.ubuntu.com trusty-updates InRelease [65.9 kB]
Hit http://archive.ubuntu.com trusty-backports InRelease
Get:4 http://security.ubuntu.com trusty-security/restricted amd64 Packages 
[14.2 kB]
Get:5 http://security.ubuntu.com trusty-security/universe amd64 Packages [294 
kB]
Get:6 http://archive.ubuntu.com trusty-proposed InRelease [65.9 kB]
Get:7 http://security.ubuntu.com trusty-security/multiverse amd64 Packages 
[4806 B]
Get:8 http://security.ubuntu.com trusty-security/main Translation-en [448 kB]
Hit http://archive.ubuntu.com trusty Release.gpg
Get:9 http://archive.ubuntu.com trusty-updates/main amd64 Packages [1177 kB]
Get:10 http://security.ubuntu.com trusty-security/multiverse Translation-en 
[2564 B]
Get:11 http://security.ubuntu.com trusty-security/restricted Translation-en 
[3556 B]
Get:12 http://security.ubuntu.com trusty-security/universe Translation-en [162 
kB]
Get:13 http://archive.ubuntu.com trusty-updates/restricted amd64 Packages [17.2 
kB]
Get:14 http://archive.ubuntu.com trusty-updates/universe amd64 Packages [525 kB]
Get:15 http://archive.ubuntu.com trusty-updates/multiverse amd64 Packages [14.6 
kB]
Get:16 http://archive.ubuntu.com trusty-updates/main Translation-en [582 kB]
Get:17 http://archive.ubuntu.com trusty-updates/multiverse Translation-en [7616 
B]
Get:18 http://archive.ubuntu.com trusty-updates/restricted Translation-en [4028 
B]
Get:19 http://archive.ubuntu.com trusty-updates/universe Translation-en [281 kB]
Hit http://archive.ubuntu.com trusty-backports/main amd64 Packages
Hit http://archive.ubuntu.com trusty-backports/restricted amd64 Packages
Hit http://archive.ubuntu.com trusty-backports/universe amd64 Packages
Hit http://archive.ubuntu.com trusty-backports/multiverse amd64 Packages
Hit http://archive.ubuntu.com trusty-backports/main Translation-en
Hit http://archive.ubuntu.com trusty-backports/multiverse Translation-en
Hit http://archive.ubuntu.com trusty-backports/restricted Translation-en
Hit http://archive.ubuntu.com trusty-backports/universe Translation-en
Get:20 http://archive.ubuntu.com trusty-proposed/main amd64 Packages [4595 B]
Get:21 http://archive.ubuntu.com trusty-proposed/main Translation-en [2932 B]
Hit http://archive.ubuntu.com trusty Release
Hit http://archive.ubuntu.com trusty/main amd64 Packages
Hit http://archive.ubuntu.com trusty/restricted amd64 Packages
Hit http://archive.ubuntu.com trusty/universe amd64 Packages
Hit http://archive.ubuntu.com trusty/multiverse amd64 Packages
Hit http://archive.ubuntu.com trusty/main Translation-en
Hit http://archive.ubuntu.com trusty/multiverse Translation-en
Hit http://archive.ubuntu.com trusty/restricted Translation-en
Hit http://archive.ubuntu.com trusty/universe Translation-en
Fetched 4578 kB in 15s (294 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
The following packages were automatically installed and are no longer required:
  libfreetype6 os-prober
Use 'apt-get autoremove' to remove them.
The following extra packages will be installed:
  python3-pkg-resources python3-yaml
Suggested packages:
  python3-setuptools
The following NEW packages will be installed:
  python3-pkg-resources python3-yaml
The following packages will be upgraded:
  ubuntu-advantage-tools
1 upgraded, 2 newly installed, 0 to remove and 8 not upgraded.
Need to get 172 kB of archives.
After this operation, 798 kB of additional disk space will be used.
Get:1 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python3-yaml amd64 
3.10-4ubuntu0.1 [92.7 kB]
Get:2 http://archive.ubuntu.com/ubuntu/ trusty-updates/main 
python3-pkg-resources all 3.3-1ubuntu2 [31.7 kB]
Get:3 http://archive.ubuntu.com/ubuntu/ trusty-proposed/main 
ubuntu-advantage-tools amd64 19.6~ubuntu14.04.2 [47.3 kB]
Fetched 172 kB in 1s (91.9 kB/s)
Selecting previously unselected package python3-yaml.
(Reading database ... 25111 files and directories currently installed.)
Preparing to unpack .../python3-yaml_3.10-4ubuntu0.1_amd64.deb ...
Unpacking python3-yaml (3.10-4ubuntu0.1) ...
Selecting previously unselected package python3-pkg-resources.
Preparing to unpack .../python3-pkg-resources_3.3-1ubuntu2_all.deb ...
Unpacking python3-pkg-resources (3.3-1ubuntu2) ...
Preparing to unpack .../ubuntu-advantage-tools_19.6~ubuntu14.04.2_amd64

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-10-28 Thread Andreas Hasenack

trusty verification, test case (3)

Both start from fresh trusty minimal with no u-a-t installed

a) u-a-t updates -> enable esm -> upgrade proposed
b) u-a-t proposed -> attach

The u-a-t package from updates that was used is: 10ubuntu0.14.04.4
The u-a-t package from proposed that was used is: 19.6~ubuntu14.04.2

1) Output of diff -uNr /tank/trusty-3{a,b}/etc/apt. An explanation follows each 
hunk:
--- /tank/trusty-3a/etc/apt/auth.conf.d/90ubuntu-advantage
+++ /tank/trusty-3b/etc/apt/auth.conf.d/90ubuntu-advantage
@@ -1 +1 @@
-machine esm.ubuntu.com/ login $user password $pass
+machine esm.ubuntu.com/ login bearer password $reallylongpass

Since (a) didn't run ua attach, but just upgraded to the proposed
package, the credentials were not migrated to the new bearer token. ESM
keeps working without this step, but "ua status" will say the machine is
unattached. This is expected and explained in the last paragraph of the
"[Other Info]" section in this SRU bug.

--- /tank/trusty-3a/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list
+++ /tank/trusty-3b/etc/apt/sources.list.d/ubuntu-esm-infra-trusty.list
@@ -1,5 +1,4 @@
-deb https://esm.ubuntu.com/ubuntu trusty-security main
-# deb-src https://esm.ubuntu.com/ubuntu trusty-security main
-
-deb https://esm.ubuntu.com/ubuntu trusty-updates main
-# deb-src https://esm.ubuntu.com/ubuntu trusty-updates main
+deb https://esm.ubuntu.com/ubuntu trusty-infra-security main
+# deb-src https://esm.ubuntu.com/ubuntu trusty-infra-security main
+deb https://esm.ubuntu.com/ubuntu trusty-infra-updates main
+# deb-src https://esm.ubuntu.com/ubuntu trusty-infra-updates main

Only an "ua attach" command will rewrite the esm pockets in the
sources.list snippet to include the "infra" word. The old names, without
"infra", will not be removed from the ESM server for trusty, so having
step (a) keep using the old names isn't a problem.

2) File listing diff. An explanation follows each hunk:
--- trusty-3a.list
+++ trusty-3b.list
@@ -13723,7 +13723,6 @@
 /var/cache/apt/archives/sysv-rc_2.88dsf-41ubuntu6_all.deb
 /var/cache/apt/archives/tar_1.27.1-1_amd64.deb
 /var/cache/apt/archives/tzdata_2014b-1_all.deb
-/var/cache/apt/archives/ubuntu-advantage-tools_10ubuntu0.14.04.4_all.deb
 /var/cache/apt/archives/ubuntu-advantage-tools_19.6~ubuntu14.04.2_amd64.deb
 /var/cache/apt/archives/ubuntu-keyring_2012.05.19_all.deb
 /var/cache/apt/archives/ucf_3.0027+nmu1_all.deb

(b) didn't go through trusty-updates, therefore that package isn't
cached.

@@ -13765,10 +13764,10 @@
 /var/lib/apt/lists/br.archive.ubuntu.com_ubuntu_dists_trusty-updates_InRelease
 
/var/lib/apt/lists/br.archive.ubuntu.com_ubuntu_dists_trusty-updates_main_binary-amd64_Packages
 
/var/lib/apt/lists/br.archive.ubuntu.com_ubuntu_dists_trusty-updates_main_i18n_Translation-en
-/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-security_InRelease
-/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-security_main_binary-amd64_Packages
-/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-updates_InRelease
-/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-updates_main_binary-amd64_Packages
+/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-security_InRelease
+/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-security_main_binary-amd64_Packages
+/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-updates_InRelease
+/var/lib/apt/lists/esm.ubuntu.com_ubuntu_dists_trusty-infra-updates_main_binary-amd64_Packages
 /var/lib/apt/lists/lock
 /var/lib/apt/lists/partial
 /var/lib/apt/mirrors

(a) is still using the trusty pockets without the "infra" name, and (b),
because it ran an "ua attach", that also runs "apt update", therefore
the infra pockets are shown in apt's lists/ directory.


@@ -14881,6 +14880,15 @@
 /var/lib/systemd/deb-systemd-helper-enabled/rsyslog.service.dsh-also
 /var/lib/systemd/deb-systemd-helper-enabled/syslog.service
 /var/lib/ubuntu-advantage
+/var/lib/ubuntu-advantage/machine-id
+/var/lib/ubuntu-advantage/private
+/var/lib/ubuntu-advantage/private/machine-access-cc-eal.json
+/var/lib/ubuntu-advantage/private/machine-access-esm-infra.json
+/var/lib/ubuntu-advantage/private/machine-access-fips.json
+/var/lib/ubuntu-advantage/private/machine-access-fips-updates.json
+/var/lib/ubuntu-advantage/private/machine-access-livepatch.json
+/var/lib/ubuntu-advantage/private/machine-access-support.json
+/var/lib/ubuntu-advantage/private/machine-token.json
 /var/lib/ubuntu-advantage/status.json
 /var/lib/ucf
 /var/lib/ucf/cache

Since (b) ran "ua attach", that fully migrated that setup to the new
client, which is then showing content in its data directory at /var/lib
/ubuntu-advantage/. The (a) case did not run attach.

I declare test case (3) as having succeeded.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
h

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-10-27 Thread Chad Smith

** Description changed:

[Impact]
This is a major rewrite of ubuntu-advantage-client. This version introduces
an updated command line interface (UA Client) to simplify some interaction with
Ubuntu Advantage support offerings, and interacts with a new service backend
built specifically for this new streamlined experience.

Disco, Eoan, and Focal already have this rewrite (but an older version
of it), but trusty, xenial, bionic and cosmic do not. This update is for
trusty only at the moment, because the other LTSs and later releases
have other services available under the UA umbrella which haven't yet
been fully converted to the new backend.

[Test Case]
There are free services available for Trusty and anyone with an ubuntu one
account can try them out with the new client.
-
- In order to attach a machine to UA, first obtain a token at
- https://auth.contracts.canonical.com/. With that token, attach the
- machine with this command:
+ 1.
+ In order to attach a machine to UA, first obtain a token at
https://auth.contracts.canonical.com/. With that token, attach the machine with
this command:

sudo ua attach

If that's successful, you will have ESM-infra enabled at the end.

Additional test cases to confirm that the package correctly handles
upgrades for all relevant cases:

-
- 2. Script reference
https://gist.github.com/panlinux/4caaf069356da7436d97b47afce32234
-
- a. Start with a fresh Ubuntu instance which does not have u-a-t installed
(i.e. ubuntu-minimal is not installed). Install u-a-t from -updates.
- Do not enable ua. Upgrade to u-a-t from -proposed.
- b. In an identical instance, install u-a-t from -proposed.
- c. Confirm that the on-disk results of a) and b) are identical.
+ 2. Script reference
+ https://gist.github.com/panlinux/4caaf069356da7436d97b47afce32234
+
+ a. Start with a fresh Ubuntu instance which does not have u-a-t installed
(i.e. ubuntu-minimal is not installed). Install u-a-t from -updates.
+ Do not enable ua. Upgrade to u-a-t from -proposed.
+ b. In an identical instance, install u-a-t from -proposed.
+ c. Confirm that the on-disk results of a) and b) are identical.

sudo su -
# adjust if needed, i.e., point to a mirror
export ARCHIVE_URL=http://br.archive.ubuntu.com/ubuntu
export PROPOSED_REPO="deb $ARCHIVE_URL trusty-proposed main"

mkdir /esm-sru
cd /esm-sru
truncate -s 10G file.img
zpool create -O sync=disabled tank $(pwd)/file.img
zfs create tank/trusty-minimal
debootstrap --exclude=ubuntu-minimal trusty /tank/trusty-minimal $ARCHIVE_URL
zfs snapshot tank/trusty-minimal@fresh
# confirm no ubuntu-minimal nor ubuntu-advantage-tools
chroot /tank/trusty-minimal dpkg -l | grep -E
"(ubuntu-minimal|ubuntu-advantage)"

# create a clone from trusty-minimal called trusty-2a
zfs clone tank/trusty-minimal@fresh tank/trusty-2a

# add extra pockets
cat >> /tank/trusty-2a/etc/apt/sources.list < /tank/trusty-2a/etc/apt/sources.list.d/proposed.list <> /tank/trusty-2b/etc/apt/sources.list < /tank/trusty-2b/etc/apt/sources.list.d/proposed.list < trusty-2a.list
find /tank/trusty-2b/ | sed -r 's,^/tank/[^/]+,,' | sort > trusty-2b.list

-
3. Script reference
https://gist.github.com/panlinux/4843bfc1e726a3f006aa44190411d582
- a. Start with a fresh Ubuntu instance which does not have u-a-t installed
(i.e. ubuntu-minimal is not installed). Install u-a-t from -updates. Enable esm
with 'ubuntu-advantage enable-esm'. Upgrade to u-a-t from -proposed.
- b. In an identical instance, install u-a-t from -proposed. Enable esm with
'ubuntu-advantage attach'.
- c. Confirm that the on-disk results of a) and b) are identical.
+ a. Start with a fresh Ubuntu instance which does not have u-a-t installed
(i.e. ubuntu-minimal is not installed). Install u-a-t from -updates. Enable esm
with 'ubuntu-advantage enable-esm'. Upgrade to u-a-t from -proposed.
+ b. In an identical instance, install u-a-t from -proposed. Enable esm with
'ubuntu-advantage attach'.
+ c. Confirm that the on-disk results of a) and b) are identical.

sudo su -
# adjust if needed, i.e., point to a mirror
export ARCHIVE_URL=http://br.archive.ubuntu.com/ubuntu
export PROPOSED_REPO="deb $ARCHIVE_URL trusty-proposed main"

# these are needed
export LEGACY_ESM_TOKEN="user:password"
export UA_CONTRACT_TOKEN=""

# create a clone from trusty-minimal called trusty-3a
zfs clone tank/trusty-minimal@fresh tank/trusty-3a

# add extra pockets
cat >> /tank/trusty-3a/etc/apt/sources.list < /tank/trusty-3a/etc/apt/sou

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-10-24 Thread Steve Langasek

Hello Andreas, or anyone else affected,

Accepted ubuntu-advantage-tools into trusty-proposed. The package will
build now and be available at https://launchpad.net/ubuntu/+source
/ubuntu-advantage-tools/19.6~ubuntu14.04.1 in a few hours, and then in
the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-trusty to verification-done-trusty. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-trusty. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: ubuntu-advantage-tools (Ubuntu Trusty)
   Status: Triaged => Fix Committed

** Tags added: verification-needed verification-needed-trusty

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-10-24 Thread Chad Smith

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco, Eoan, and Focal already have this rewrite (but an older version
  of it), but trusty, xenial, bionic and cosmic do not. This update is for
  trusty only at the moment, because the other LTSs and later releases
  have other services available under the UA umbrella which haven't yet
  been fully converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  In order to attach a machine to UA, first obtain a token at
  https://auth.contracts.canonical.com/. With that token, attach the
  machine with this command:
  
  sudo ua attach 
  
  If that's successful, you will have ESM-infra enabled at the end.
  
  Additional test cases to confirm that the package correctly handles
  upgrades for all relevant cases:
  
- 2. Trusty -proposed upgrade tests (TODO: run test-2a.sh and attach logs)
- #  2a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Do not 
enable ua. Upgrade to u-a-t from -proposed.
- 
- echo --- BEGIN test 2a: upgrade unattached trusty-updates -> trusty-proposed
- # Make a minimal trusty chroot
- mk-sbuild trusty
- # Add the following placeholder for bind mounts in your 
/etc/schroot/sbuild/fstab:
- 
- # SRUDATADIR
- 
- # Add a shared data directory into the chroot/fstab
- mkdir -b 2a/var/lib/
- sudo sed -i 's/.*SRUDATADIR/\/home\/csmith\/2a \/data   nonerw,bind   
  0   0  # SRUDATADIR" /etc/schroot/sbuild/fstab
- 
- # connect to chroot and install on a system that lacks ubuntu-advantage-tools
- CHROOT_DIR=`schroot --config  -c trusty-amd64  | awk -F "=" 
'/^directory=/{print $2}'`
- 
- # Install ua-tools from a given pocket name
- cat > ua_tools_install_from_pocket.sh  > /tank/trusty-2a/etc/apt/sources.list < /tank/trusty-2a/etc/apt/sources.list.d/proposed.list <> /tank/trusty-2b/etc/apt/sources.list < /tank/trusty-2b/etc/apt/sources.list.d/proposed.list < trusty-2a.list
+ find /tank/trusty-2b/ | sed -r 's,^/tank/[^/]+,,' | sort > trusty-2b.list
+ 
+ 
+ 3. Script reference 
https://gist.github.com/panlinux/4843bfc1e726a3f006aa44190411d582
+  a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed). Install u-a-t from -updates. Enable esm 
with 'ubuntu-advantage enable-esm'. Upgrade to u-a-t from -proposed.
+  b. In an identical instance, install u-a-t from -proposed. Enable esm with 
'ubuntu-advantage attach'.
+  c. Confirm that the on-disk results of a) and b) are identical.
+ 
+ sudo su -
+ # adjust if needed, i.e., point to a mirror
+ export ARCHIVE_URL=http://br.archive.ubuntu.com/ubuntu
+ export PROPOSED_REPO="deb $ARCHIVE_URL trusty-proposed main"
+ 
+ # these are needed
+ export LEGACY_ESM_TOKEN="user:password"
+ export UA_CONTRACT_TOKEN=""
+ 
+ mkdir /esm-sru
+ cd /esm-sru
+ truncate -s 10G file.img
+ zpool create -O sync=disabled tank $(pwd)/file.img
+ zfs create tank/trusty-minimal
+ debootstrap --exclude=ubuntu-minimal trusty /tank/trusty-minimal $ARCHIVE_URL
+ zfs snapshot tank/trusty-minimal@fresh
+ # confirm no ubuntu-minimal nor ubuntu-advantage-tools
+ chroot /tank/trusty-minimal dpkg -l | grep -E 
"(ubuntu-minimal|ubuntu-advantage)"
+ 
+ # create a clone from trusty-minimal called trusty-3a
+ zfs clone tank/trusty-minimal@fresh tank/trusty-3a
+ 
+ # add extra pockets
+ cat >> /tank/trusty-3a/etc/apt/sources.list < /tank/trusty-3a/etc/apt/sources.list.d/prop

[Bug 1832757] Re: Update ubuntu-advantage-client

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco, Eoan, and Focal already have this rewrite (but an older version
  of it), but trusty, xenial, bionic and cosmic do not. This update is for
  trusty only at the moment, because the other LTSs and later releases
  have other services available under the UA umbrella which haven't yet
  been fully converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  In order to attach a machine to UA, first obtain a token at
  https://auth.contracts.canonical.com/. With that token, attach the
  machine with this command:
  
  sudo ua attach 
  
  If that's successful, you will have ESM-infra enabled at the end.
  
  Additional test cases to confirm that the package correctly handles
  upgrades for all relevant cases:
  
  2. Trusty -proposed upgrade tests (TODO: run test-2a.sh and attach logs)
  #  2a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Do not 
enable ua. Upgrade to u-a-t from -proposed.
  
  echo --- BEGIN test 2a: upgrade unattached trusty-updates -> trusty-proposed
  # Make a minimal trusty chroot
  mk-sbuild trusty
  # Add the following placeholder for bind mounts in your 
/etc/schroot/sbuild/fstab:
  
  # SRUDATADIR
  
  # Add a shared data directory into the chroot/fstab
  mkdir -b 2a/var/lib/
  sudo sed -i 's/.*SRUDATADIR/\/home\/csmith\/2a \/data   nonerw,bind   
  0   0  # SRUDATADIR" /etc/schroot/sbuild/fstab
  
  # connect to chroot and install on a system that lacks ubuntu-advantage-tools
  CHROOT_DIR=`schroot --config  -c trusty-amd64  | awk -F "=" 
'/^directory=/{print $2}'`
  
  # Install ua-tools from a given pocket name
  cat > ua_tools_install_from_pocket.sh   /data/dpkg.list
  cp -r /etc/ /data
  cp -r /var/lib/ubuntu-advantage/* /data/var/lib/ubuntu-advantage
  exit
  
  # 2b. In an identical instance, install u-a-t directly from -proposed.
  echo --- BEGIN test 2b: install clean unattached trusty-proposed
  # connect to chroot and install on a system that lacks ubuntu-advantage-tools
  schroot -u root -c trusty-amd64 --directory /
  
  # Add a shared data directory into the chroot/fstab
  mkdir -b 2a/var/lib/
  sudo sed -i 's/.*SRUDATADIR/\/home\/csmith\/2a \/data   nonerw,bind   
  0   0  # SRUDATADIR" /etc/schroot/sbuild/fstab
  
  # connect to chroot and install on a system that lacks ubuntu-advantage-
  tools
  
  schroot -u root -c trusty-amd64 --directory /
  
  echo "test: No ubuntu-minimal or ubuntu-advantage-tools found"
  dpkg -l | egrep 'ubuntu-advantage|ubuntu-minimal'
  
  # Install ua-tools from trusty-proposed
  bash /ua_tools_install_from_pocket.sh trusty-proposed
  
  dpkg -l > /data/dpkg.list
  cp -r /etc/ /data
  cp -r /var/lib/ubuntu-advantage/* /data/var/lib/ubuntu-advantage
  exit
  
  # 2c. Confirm that the on-disk results of a) and b) are identical.
  echo --- BEGIN test 2c: ensure no filesystem diffs betwenn 2a and 2b
  diff -urN 2a 2b
  
  3. (TODO run test-3.sh script and attach log results)
   a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.=
  echo --- BEGIN test 3a: Install u-a-t from -updates and enable ESM, upgrade 
to -proposed
  # Use existing schroot from 2a or `mk-sbuild trusty`
  
  # Add a shared data directory into the chroot/fstab
  mkdir -b 3a/var/lib/
  sudo sed -i 's/.*SRUDATADIR/\/home\/csmith\/3a \/data   nonerw,bind   
  0   0  # SRUDATADIR" /etc/schroot/sbuild/fstab
  
  # connect to minimal trusty schroot
  schroot -u root -c trusty-amd64 --directory /
  
  # Install ua-tools from trusty-updates
  bash /ua_tools_install_from_pocket.sh trusty-updates
  
  sudo ubuntu-advantage enable-esm 
  
  echo "Confirm ansible is available for esm PPA"
  a

[Bug 1832757] Re: Update ubuntu-advantage-client

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco, Eoan, and Focal already have this rewrite (but an older version
  of it), but trusty, xenial, bionic and cosmic do not. This update is for
  trusty only at the moment, because the other LTSs and later releases
  have other services available under the UA umbrella which haven't yet
  been fully converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  In order to attach a machine to UA, first obtain a token at
  https://auth.contracts.canonical.com/. With that token, attach the
  machine with this command:
  
  sudo ua attach 
  
  If that's successful, you will have ESM-infra enabled at the end.
  
  Additional test cases to confirm that the package correctly handles
  upgrades for all relevant cases:
  
  2. Trusty -proposed upgrade tests (TODO: run test-2a.sh and attach logs)
  #  2a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Do not 
enable ua. Upgrade to u-a-t from -proposed.
  
  echo --- BEGIN test 2a: upgrade unattached trusty-updates -> trusty-proposed
  # Make a minimal trusty chroot
  mk-sbuild trusty
  # Add the following placeholder for bind mounts in your 
/etc/schroot/sbuild/fstab:
  
  # SRUDATADIR
  
  # Add a shared data directory into the chroot/fstab
  mkdir -b 2a/var/lib/
  sudo sed -i 's/.*SRUDATADIR/\/home\/csmith\/2a \/data   nonerw,bind   
  0   0  # SRUDATADIR" /etc/schroot/sbuild/fstab
  
  # connect to chroot and install on a system that lacks ubuntu-advantage-tools
  CHROOT_DIR=`schroot --config  -c trusty-amd64  | awk -F "=" 
'/^directory=/{print $2}'`
  
  # Install ua-tools from a given pocket name
  cat > ua_tools_install_from_pocket.sh   /data/dpkg.list
  cp -r /etc/ /data
  cp -r /var/lib/ubuntu-advantage/* /data/var/lib/ubuntu-advantage
  exit
  
  # 2b. In an identical instance, install u-a-t directly from -proposed.
  echo --- BEGIN test 2b: install clean unattached trusty-proposed
  # connect to chroot and install on a system that lacks ubuntu-advantage-tools
  schroot -u root -c trusty-amd64 --directory /
  
  # Add a shared data directory into the chroot/fstab
  mkdir -b 2a/var/lib/
  sudo sed -i 's/.*SRUDATADIR/\/home\/csmith\/2a \/data   nonerw,bind   
  0   0  # SRUDATADIR" /etc/schroot/sbuild/fstab
  
  # connect to chroot and install on a system that lacks ubuntu-advantage-
  tools
  
  schroot -u root -c trusty-amd64 --directory /
  
  echo "test: No ubuntu-minimal or ubuntu-advantage-tools found"
  dpkg -l | egrep 'ubuntu-advantage|ubuntu-minimal'
  
  # Install ua-tools from trusty-proposed
  bash /ua_tools_install_from_pocket.sh trusty-proposed
  
  dpkg -l > /data/dpkg.list
  cp -r /etc/ /data
  cp -r /var/lib/ubuntu-advantage/* /data/var/lib/ubuntu-advantage
  exit
  
  # 2c. Confirm that the on-disk results of a) and b) are identical.
  echo --- BEGIN test 2c: ensure no filesystem diffs betwenn 2a and 2b
  diff -urN 2a 2b
  
- 
  3. (TODO run test-3.sh script and attach log results)
-  a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.=
+  a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.=
  echo --- BEGIN test 3a: Install u-a-t from -updates and enable ESM, upgrade 
to -proposed
  # Use existing schroot from 2a or `mk-sbuild trusty`
  
  # Add a shared data directory into the chroot/fstab
  mkdir -b 3a/var/lib/
  sudo sed -i 's/.*SRUDATADIR/\/home\/csmith\/3a \/data   nonerw,bind   
  0   0  # SRUDATADIR" /etc/schroot/sbuild/fstab
  
  # connect to minimal trusty schroot
- schroo

[Bug 1832757] Re: Update ubuntu-advantage-client

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco, Eoan, and Focal already have this rewrite (but an older version
  of it), but trusty, xenial, bionic and cosmic do not. This update is for
  trusty only at the moment, because the other LTSs and later releases
  have other services available under the UA umbrella which haven't yet
  been fully converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  In order to attach a machine to UA, first obtain a token at
  https://auth.contracts.canonical.com/. With that token, attach the
  machine with this command:
  
  sudo ua attach 
  
  If that's successful, you will have ESM-infra enabled at the end.
  
  Additional test cases to confirm that the package correctly handles
  upgrades for all relevant cases:
- 
  
  2. Trusty -proposed upgrade tests (TODO: run test-2a.sh and attach logs)
  #  2a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Do not 
enable ua. Upgrade to u-a-t from -proposed.
  
  echo --- BEGIN test 2a: upgrade unattached trusty-updates -> trusty-proposed
  # Make a minimal trusty chroot
  mk-sbuild trusty
  # Add the following placeholder for bind mounts in your 
/etc/schroot/sbuild/fstab:
  
  # SRUDATADIR
  
  # Add a shared data directory into the chroot/fstab
  mkdir -b 2a/var/lib/
  sudo sed -i 's/.*SRUDATADIR/\/home\/csmith\/2a \/data   nonerw,bind   
  0   0  # SRUDATADIR" /etc/schroot/sbuild/fstab
  
  # connect to chroot and install on a system that lacks ubuntu-advantage-tools
  CHROOT_DIR=`schroot --config  -c trusty-amd64  | awk -F "=" 
'/^directory=/{print $2}'`
  
  # Install ua-tools from a given pocket name
  cat > ua_tools_install_from_pocket.sh   /data/dpkg.list
  cp -r /etc/ /data
  cp -r /var/lib/ubuntu-advantage/* /data/var/lib/ubuntu-advantage
  exit
  
- 
  # 2b. In an identical instance, install u-a-t directly from -proposed.
  echo --- BEGIN test 2b: install clean unattached trusty-proposed
  # connect to chroot and install on a system that lacks ubuntu-advantage-tools
  schroot -u root -c trusty-amd64 --directory /
  
  # Add a shared data directory into the chroot/fstab
  mkdir -b 2a/var/lib/
  sudo sed -i 's/.*SRUDATADIR/\/home\/csmith\/2a \/data   nonerw,bind   
  0   0  # SRUDATADIR" /etc/schroot/sbuild/fstab
  
  # connect to chroot and install on a system that lacks ubuntu-advantage-
  tools
  
  schroot -u root -c trusty-amd64 --directory /
  
  echo "test: No ubuntu-minimal or ubuntu-advantage-tools found"
  dpkg -l | egrep 'ubuntu-advantage|ubuntu-minimal'
  
  # Install ua-tools from trusty-proposed
  bash /ua_tools_install_from_pocket.sh trusty-proposed
  
  dpkg -l > /data/dpkg.list
  cp -r /etc/ /data
  cp -r /var/lib/ubuntu-advantage/* /data/var/lib/ubuntu-advantage
  exit
  
- 
  # 2c. Confirm that the on-disk results of a) and b) are identical.
  echo --- BEGIN test 2c: ensure no filesystem diffs betwenn 2a and 2b
  diff -urN 2a 2b
  
  
- 3.
-  a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
-  b. In an identical instance, install u-a-t from -proposed.  Enable esm with 
'ubuntu-advantage attach'.
-  c. Confirm that the on-disk results of a) and b) are identical.
+ 3. (TODO run test-3.sh script and attach log results)
+  a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.=
+ echo --- BEGIN test 3a: Install u-a-t from -updates and enable ESM, upgrade 
to -proposed
+ # Use existing schroot from 2a or `mk-sbuild trusty`
+ 
+ # Add a shared data directory into the chroot/fstab
+ mkdir -b 3a/var/lib/

[Bug 1832757] Re: Update ubuntu-advantage-client

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco, Eoan, and Focal already have this rewrite (but an older version
  of it), but trusty, xenial, bionic and cosmic do not. This update is for
  trusty only at the moment, because the other LTSs and later releases
  have other services available under the UA umbrella which haven't yet
  been fully converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  In order to attach a machine to UA, first obtain a token at
  https://auth.contracts.canonical.com/. With that token, attach the
  machine with this command:
  
  sudo ua attach 
  
  If that's successful, you will have ESM-infra enabled at the end.
  
  Additional test cases to confirm that the package correctly handles
  upgrades for all relevant cases:
  
- 2. Trusty -proposed upgrade tests
+ 
+ 2. Trusty -proposed upgrade tests (TODO: run test-2a.sh and attach logs)
  #  2a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Do not 
enable ua. Upgrade to u-a-t from -proposed.
  
  echo --- BEGIN test 2a: upgrade unattached trusty-updates -> trusty-proposed
  # Make a minimal trusty chroot
  mk-sbuild trusty
+ # Add the following placeholder for bind mounts in your 
/etc/schroot/sbuild/fstab:
+ 
+ # SRUDATADIR
+ 
+ # Add a shared data directory into the chroot/fstab
+ mkdir -b 2a/var/lib/
+ sudo sed -i 's/.*SRUDATADIR/\/home\/csmith\/2a \/data   nonerw,bind   
  0   0  # SRUDATADIR" /etc/schroot/sbuild/fstab
  
  # connect to chroot and install on a system that lacks ubuntu-advantage-tools
- schroot -u root -c trusty-amd64 --directory /
- 
- echo "test: No ubuntu-minimal or ubuntu-advantage-tools found"
- dpkg -l | egrep 'ubuntu-advantage|ubuntu-minimal'
- 
+ CHROOT_DIR=`schroot --config  -c trusty-amd64  | awk -F "=" 
'/^directory=/{print $2}'`
  
  # Install ua-tools from a given pocket name
  cat > ua_tools_install_from_pocket.sh   2a-ua-files.list
- echo "--- end dpkg -l "
- echo "--- begin find /etc "
- find /etc >> 2a-ua-files.list
- echo "--- end find /etc "
- echo "--- begin find /var/lib/ubuntu-advantage "
- find /var/lib/ubuntu-advantage >> 2a-ua-files.list
- echo "--- end find /var/lib/ubuntu-advantage "
- 
- 
- # 2b. In an identical instance, install u-a-t from -proposed.
- echo --- BEGIN test 2b: install clean unattached trusty-proposed
- # connect to chroot and install on a system that lacks ubuntu-advantage-tools
  schroot -u root -c trusty-amd64 --directory /
  
  echo "test: No ubuntu-minimal or ubuntu-advantage-tools found"
  dpkg -l | egrep 'ubuntu-advantage|ubuntu-minimal'
  
+ # Install ua-tools from trusty-updates
+ bash /ua_tools_install_from_pocket.sh trusty-updates
  
- # Install ua-tools from a given pocket name
- cat > ua_tools_install_from_pocket.sh   2b-ua-files.list
- echo "--- end dpkg -l "
- echo "--- begin find /etc "
- find /etc >> 2b-ua-files.list
- echo "--- end find /etc "
- echo "--- begin find /var/lib/ubuntu-advantage "
- find /var/lib/ubuntu-advantage >> 2b-ua-files.list
- echo "--- end find /var/lib/ubuntu-advantage "
+ bash /ua_tools_install_from_pocket.sh trusty-proposed
+ 
+ dpkg -l > /data/dpkg.list
+ cp -r /etc/ /data
+ cp -r /var/lib/ubuntu-advantage/* /data/var/lib/ubuntu-advantage
+ exit
+ 
+ 
+ # 2b. In an identical instance, install u-a-t directly from -proposed.
+ echo --- BEGIN test 2b: install clean unattached trusty-proposed
+ # connect to chroot and install on a system that lacks ubuntu-advantage-tools
+ schroot -u root -c trusty-amd64 --directory /
+ 
+ # Add a shared data directory into

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-10-22 Thread Chad Smith

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco, Eoan, and Focal already have this rewrite (but an older version
  of it), but trusty, xenial, bionic and cosmic do not. This update is for
  trusty only at the moment, because the other LTSs and later releases
  have other services available under the UA umbrella which haven't yet
  been fully converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  In order to attach a machine to UA, first obtain a token at
  https://auth.contracts.canonical.com/. With that token, attach the
  machine with this command:
  
  sudo ua attach 
  
  If that's successful, you will have ESM-infra enabled at the end.
  
  Additional test cases to confirm that the package correctly handles
  upgrades for all relevant cases:
  
- 2.
-  a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates.
-  Do not enable ua. Upgrade to u-a-t from -proposed.
-  b. In an identical instance, install u-a-t from -proposed.
-  c. Confirm that the on-disk results of a) and b) are identical.
+ 2. Trusty -proposed upgrade tests
+ #  2a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Do not 
enable ua. Upgrade to u-a-t from -proposed.
+ 
+ echo --- BEGIN test 2a: upgrade unattached trusty-updates -> trusty-proposed
+ # Make a minimal trusty chroot
+ mk-sbuild trusty
+ 
+ # connect to chroot and install on a system that lacks ubuntu-advantage-tools
+ schroot -u root -c trusty-amd64 --directory /
+ 
+ echo "test: No ubuntu-minimal or ubuntu-advantage-tools found"
+ dpkg -l | egrep 'ubuntu-advantage|ubuntu-minimal'
+ 
+ 
+ # Install ua-tools from a given pocket name
+ cat > ua_tools_install_from_pocket.sh   2a-ua-files.list
+ echo "--- end dpkg -l "
+ echo "--- begin find /etc "
+ find /etc >> 2a-ua-files.list
+ echo "--- end find /etc "
+ echo "--- begin find /var/lib/ubuntu-advantage "
+ find /var/lib/ubuntu-advantage >> 2a-ua-files.list
+ echo "--- end find /var/lib/ubuntu-advantage "
+ 
+ 
+ # 2b. In an identical instance, install u-a-t from -proposed.
+ echo --- BEGIN test 2b: install clean unattached trusty-proposed
+ # connect to chroot and install on a system that lacks ubuntu-advantage-tools
+ schroot -u root -c trusty-amd64 --directory /
+ 
+ echo "test: No ubuntu-minimal or ubuntu-advantage-tools found"
+ dpkg -l | egrep 'ubuntu-advantage|ubuntu-minimal'
+ 
+ 
+ # Install ua-tools from a given pocket name
+ cat > ua_tools_install_from_pocket.sh   2b-ua-files.list
+ echo "--- end dpkg -l "
+ echo "--- begin find /etc "
+ find /etc >> 2b-ua-files.list
+ echo "--- end find /etc "
+ echo "--- begin find /var/lib/ubuntu-advantage "
+ find /var/lib/ubuntu-advantage >> 2b-ua-files.list
+ echo "--- end find /var/lib/ubuntu-advantage "
+ 
+ # 2c. Confirm that the on-disk results of a) and b) are identical.
+ 
+ diff -urN 2a-ua-files.list 2b-ua-files.list
+ 
+ 
+ 
  3.
   a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
   b. In an identical instance, install u-a-t from -proposed.  Enable esm with 
'ubuntu-advantage attach'.
   c. Confirm that the on-disk results of a) and b) are identical.
  4.
   a. Start with a fresh Ubuntu instance which does have u-a-t installed.  
Enable esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
   b. In an identical instance, upgrade to u-a-t from -proposed.  Enable esm 
with 'ubuntu-advanta

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-10-18 Thread Andreas Hasenack

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
- Disco and Eoan already have this new version (but slightly older), but
- trusty, xenial, bionic and cosmic do not. This update is for trusty only
- at the moment, because the other LTSs and later releases have other
- services available under the UA umbrella which haven't yet been fully
- converted to the new backend.
+ Disco, Eoan, and Focal already have this rewrite (but an older version
+ of it), but trusty, xenial, bionic and cosmic do not. This update is for
+ trusty only at the moment, because the other LTSs and later releases
+ have other services available under the UA umbrella which haven't yet
+ been fully converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
- You can sign up interactively by just typing:
- 
- sudo ua attach
- 
- That will prompt you for your ubuntu one login credentials, and 2FA if
- needed, and enable ESM and Livepatch (the latter if running an HWE
- kernel).
- 
- Alternatively, you can go to https://auth.contracts.canonical.com/,
- obtain a token, and attach your machine with:
+ In order to attach a machine to UA, first obtain a token at
+ https://auth.contracts.canonical.com/. With that token, attach the
+ machine with this command:
  
  sudo ua attach 
+ 
+ If that's successful, you will have ESM-infra enabled at the end.
  
  Additional test cases to confirm that the package correctly handles
  upgrades for all relevant cases:
  
  2.
   a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates.
   Do not enable ua. Upgrade to u-a-t from -proposed.
   b. In an identical instance, install u-a-t from -proposed.
   c. Confirm that the on-disk results of a) and b) are identical.
  3.
   a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
   b. In an identical instance, install u-a-t from -proposed.  Enable esm with 
'ubuntu-advantage attach'.
   c. Confirm that the on-disk results of a) and b) are identical.
  4.
   a. Start with a fresh Ubuntu instance which does have u-a-t installed.  
Enable esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
   b. In an identical instance, upgrade to u-a-t from -proposed.  Enable esm 
with 'ubuntu-advantage attach'.
   c. Confirm that the on-disk results of a) and b) are identical.
  5.
   a. Start with a fresh Ubuntu *precise* instance which does have u-a-t 
installed and esm enabled.  Dist-upgrade to trusty, then upgrade to u-a-t from 
-proposed.
   b. In an identical instance, dist-upgrade to trusty with -proposed enabled.
   c. Confirm that the on-disk results of a) and b) are identical.
  
  [Regression Potential]
  This is a major rewrite from bash to python3 and there are changes in 
behavior.
  - new services will be listed, but not avaialble for trusty, only for later 
LTSs
  - even when ESM is not enabled, an apt hook will advertise the availability 
of updates in that repository. This hook has failed in the past while this 
package was in disco, and that failed the apt transaction. This has of course 
been fixed since then (see #1824523 and #1824523).
  
  [Other Info]
  This is the FFe bug that got this rewrite into Disco at that time:
  https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1814157
  
  Development of this client is happening on github:
  https://github.com/CanonicalLtd/ubuntu-advantage-client
  
  The GPG keys can be verified by checking the signed release files over https. 
Respectively:
  CC (not available on trusty atm): 
https://esm.ubuntu.com/cc/ubuntu/dists/xenial/InRelease
  FIPS (not available on trusty atm): 
https://esm.ubuntu.com/fips/ubuntu/dists/xenial/InRelease
  FIPS-updates (not available on trusty atm): 
https://esm.ubuntu.com/fips-updates/ubuntu/dists/xenial-updates/InRelease
  ESM: https://esm.ubuntu.com/ubuntu/dists/trusty-updates/InRelease and 
https://esm.ubuntu.com/ubuntu/dists/trusty-security/InRelease
  
  cis-audit is not ready and we don't have a gpg key for it yet, so we are
  shpping a placeholder file in the package called ubuntu-
  securitybenchmarks-keyring.gpg and that is a zero-sized file. Since cis-
  audit is not available for trusty, and gpg keyrings are only copied over
  to /etc/apt/trusted.gpg.d/ at enable time, this isn't an issue. And even
  if it was copied over to that directory, an empty file there doesn't
  cause issues. The

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-10-18 Thread Andreas Hasenack

** Changed in: ubuntu-advantage-tools (Ubuntu Trusty)
   Status: In Progress => Triaged

** Changed in: ubuntu-advantage-tools (Ubuntu Trusty)
 Assignee: Andreas Hasenack (ahasenack) => (unassigned)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-07-11 Thread Steve Langasek

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
- Disco and Eoan already have this new version (disco's is slightly
- older), but trusty, xenial, bionic and cosmic do not. This update is for
- trusty only at the moment, because the other LTSs and later releases
- have other services available under the UA umbrella which haven't yet
- been fully converted to the new backend.
+ Disco and Eoan already have this new version (but slightly older), but
+ trusty, xenial, bionic and cosmic do not. This update is for trusty only
+ at the moment, because the other LTSs and later releases have other
+ services available under the UA umbrella which haven't yet been fully
+ converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  You can sign up interactively by just typing:
  
  sudo ua attach
  
  That will prompt you for your ubuntu one login credentials, and 2FA if
  needed, and enable ESM and Livepatch (the latter if running an HWE
  kernel).
  
  Alternatively, you can go to https://auth.contracts.canonical.com/,
  obtain a token, and attach your machine with:
  
  sudo ua attach 
  
  Additional test cases to confirm that the package correctly handles
  upgrades for all relevant cases:
  
  2.
   a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates.
   Do not enable ua. Upgrade to u-a-t from -proposed.
   b. In an identical instance, install u-a-t from -proposed.
   c. Confirm that the on-disk results of a) and b) are identical.
  3.
-  a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
+  a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.  
Enable esm with 'ubuntu-advantage attach'.
   b. In an identical instance, install u-a-t from -proposed.  Enable esm with 
'ubuntu-advantage attach'.
   c. Confirm that the on-disk results of a) and b) are identical.
  4.
   a. Start with a fresh Ubuntu instance which does have u-a-t installed.  
Enable esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
   b. In an identical instance, upgrade to u-a-t from -proposed.  Enable esm 
with 'ubuntu-advantage attach'.
   c. Confirm that the on-disk results of a) and b) are identical.
  5.
   a. Start with a fresh Ubuntu *precise* instance which does have u-a-t 
installed and esm enabled.  Dist-upgrade to trusty, then upgrade to u-a-t from 
-proposed.
   b. In an identical instance, dist-upgrade to trusty with -proposed enabled.
   c. Confirm that the on-disk results of a) and b) are identical.
  
  [Regression Potential]
  This is a major rewrite from bash to python3 and there are changes in 
behavior.
  - new services will be listed, but not avaialble for trusty, only for later 
LTSs
  - even when ESM is not enabled, an apt hook will advertise the availability 
of updates in that repository. This hook has failed in the past while this 
package was in disco, and that failed the apt transaction. This has of course 
been fixed since then (see #1824523 and #1824523).
  
  [Other Info]
  This is the FFe bug that got this rewrite into Disco at that time:
  https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1814157
  
  Development of this client is happening on github:
  https://github.com/CanonicalLtd/ubuntu-advantage-client
  
  The GPG keys can be verified by checking the signed release files over https. 
Respectively:
  CC (not available on trusty atm): 
https://esm.ubuntu.com/cc/ubuntu/dists/xenial/InRelease
  FIPS (not available on trusty atm): 
https://esm.ubuntu.com/fips/ubuntu/dists/xenial/InRelease
  FIPS-updates (not available on trusty atm): 
https://esm.ubuntu.com/fips-updates/ubuntu/dists/xenial-updates/InRelease
  ESM: https://esm.ubuntu.com/ubuntu/dists/trusty-updates/InRelease and 
https://esm.ubuntu.com/ubuntu/dists/trusty-security/InRelease
  
  cis-audit is not ready and we don't have a gpg key for it yet, so we are
- shipping a placeholder file in the package called ubuntu-
+ shpping a placeholder file in the package called ubuntu-
  securitybenchmarks-keyring.gpg and that is a zero-sized file. Since cis-
  audit is not available for trusty, and gpg keyrings are only copied over
  to /etc/apt/trusted.gpg.d/ at enable time, this isn't an issue. A

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-07-11 Thread Steve Langasek

I have verified that the new fips archive key introduced in this SRU (in
both the fips and fips-updates keyrings) is the key used to sign the
InRelease files served by esm.ubuntu.com over https, both publicly and
on the Canonical VPN.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-07-11 Thread Andreas Hasenack

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco and Eoan already have this new version (disco's is slightly
  older), but trusty, xenial, bionic and cosmic do not. This update is for
  trusty only at the moment, because the other LTSs and later releases
  have other services available under the UA umbrella which haven't yet
  been fully converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  You can sign up interactively by just typing:
  
  sudo ua attach
  
  That will prompt you for your ubuntu one login credentials, and 2FA if
  needed, and enable ESM and Livepatch (the latter if running an HWE
  kernel).
  
  Alternatively, you can go to https://auth.contracts.canonical.com/,
  obtain a token, and attach your machine with:
  
  sudo ua attach 
  
  Additional test cases to confirm that the package correctly handles
  upgrades for all relevant cases:
  
  2.
   a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates.
   Do not enable ua. Upgrade to u-a-t from -proposed.
   b. In an identical instance, install u-a-t from -proposed.
   c. Confirm that the on-disk results of a) and b) are identical.
  3.
   a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
   b. In an identical instance, install u-a-t from -proposed.  Enable esm with 
'ubuntu-advantage attach'.
   c. Confirm that the on-disk results of a) and b) are identical.
  4.
   a. Start with a fresh Ubuntu instance which does have u-a-t installed.  
Enable esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
   b. In an identical instance, upgrade to u-a-t from -proposed.  Enable esm 
with 'ubuntu-advantage attach'.
   c. Confirm that the on-disk results of a) and b) are identical.
  5.
   a. Start with a fresh Ubuntu *precise* instance which does have u-a-t 
installed and esm enabled.  Dist-upgrade to trusty, then upgrade to u-a-t from 
-proposed.
   b. In an identical instance, dist-upgrade to trusty with -proposed enabled.
   c. Confirm that the on-disk results of a) and b) are identical.
  
  [Regression Potential]
  This is a major rewrite from bash to python3 and there are changes in 
behavior.
  - new services will be listed, but not avaialble for trusty, only for later 
LTSs
  - even when ESM is not enabled, an apt hook will advertise the availability 
of updates in that repository. This hook has failed in the past while this 
package was in disco, and that failed the apt transaction. This has of course 
been fixed since then (see #1824523 and #1824523).
  
  [Other Info]
  This is the FFe bug that got this rewrite into Disco at that time:
  https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1814157
  
  Development of this client is happening on github:
  https://github.com/CanonicalLtd/ubuntu-advantage-client
  
  The GPG keys can be verified by checking the signed release files over https. 
Respectively:
  CC (not available on trusty atm): 
https://esm.ubuntu.com/cc/ubuntu/dists/xenial/InRelease
  FIPS (not available on trusty atm): 
https://esm.ubuntu.com/fips/ubuntu/dists/xenial/InRelease
  FIPS-updates (not available on trusty atm): 
https://esm.ubuntu.com/fips-updates/ubuntu/dists/xenial-updates/InRelease
  ESM: https://esm.ubuntu.com/ubuntu/dists/trusty-updates/InRelease and 
https://esm.ubuntu.com/ubuntu/dists/trusty-security/InRelease
  
  cis-audit is not ready and we don't have a gpg key for it yet, so we are
  shipping a placeholder file in the package called ubuntu-
  securitybenchmarks-keyring.gpg and that is a zero-sized file. Since cis-
  audit is not available for trusty, and gpg keyrings are only copied over
  to /etc/apt/trusted.gpg.d/ at enable time, this isn't an issue. And even
  if it was copied over to that directory, an empty file there doesn't
  cause issues. The reason we still have the file is, as said, a
  placeholder, as the code and tests expect it, and because we want to use
  the same source package for all supported ubuntu releases.
  
- On an upgrade, existing users of trusty esm are expected to run "sudo ua
- attach []", although not doing it won't disable their existing
- ESM access. The new ua tool just won't recognize esm as being active in
- its "ua status" output until the attach operation is complete. The same
- applies to livepatch, if it was enabled before.
+ On an upgrade, existing users of

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-07-11 Thread Andreas Hasenack

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
- Disco and Eoan already have this new version (but slightly older), but
- trusty, xenial, bionic and cosmic do not. This update is for trusty only
- at the moment, because the other LTSs and later releases have other
- services available under the UA umbrella which haven't yet been fully
- converted to the new backend.
+ Disco and Eoan already have this new version (disco's is slightly
+ older), but trusty, xenial, bionic and cosmic do not. This update is for
+ trusty only at the moment, because the other LTSs and later releases
+ have other services available under the UA umbrella which haven't yet
+ been fully converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  You can sign up interactively by just typing:
  
  sudo ua attach
  
  That will prompt you for your ubuntu one login credentials, and 2FA if
  needed, and enable ESM and Livepatch (the latter if running an HWE
  kernel).
  
  Alternatively, you can go to https://auth.contracts.canonical.com/,
  obtain a token, and attach your machine with:
  
  sudo ua attach 
  
  Additional test cases to confirm that the package correctly handles
  upgrades for all relevant cases:
  
  2.
   a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates.
   Do not enable ua. Upgrade to u-a-t from -proposed.
   b. In an identical instance, install u-a-t from -proposed.
   c. Confirm that the on-disk results of a) and b) are identical.
  3.
   a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
   b. In an identical instance, install u-a-t from -proposed.  Enable esm with 
'ubuntu-advantage attach'.
   c. Confirm that the on-disk results of a) and b) are identical.
  4.
   a. Start with a fresh Ubuntu instance which does have u-a-t installed.  
Enable esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
   b. In an identical instance, upgrade to u-a-t from -proposed.  Enable esm 
with 'ubuntu-advantage attach'.
   c. Confirm that the on-disk results of a) and b) are identical.
  5.
   a. Start with a fresh Ubuntu *precise* instance which does have u-a-t 
installed and esm enabled.  Dist-upgrade to trusty, then upgrade to u-a-t from 
-proposed.
   b. In an identical instance, dist-upgrade to trusty with -proposed enabled.
   c. Confirm that the on-disk results of a) and b) are identical.
  
  [Regression Potential]
  This is a major rewrite from bash to python3 and there are changes in 
behavior.
  - new services will be listed, but not avaialble for trusty, only for later 
LTSs
  - even when ESM is not enabled, an apt hook will advertise the availability 
of updates in that repository. This hook has failed in the past while this 
package was in disco, and that failed the apt transaction. This has of course 
been fixed since then (see #1824523 and #1824523).
  
  [Other Info]
  This is the FFe bug that got this rewrite into Disco at that time:
  https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1814157
  
  Development of this client is happening on github:
  https://github.com/CanonicalLtd/ubuntu-advantage-client
  
  The GPG keys can be verified by checking the signed release files over https. 
Respectively:
  CC (not available on trusty atm): 
https://esm.ubuntu.com/cc/ubuntu/dists/xenial/InRelease
  FIPS (not available on trusty atm): 
https://esm.ubuntu.com/fips/ubuntu/dists/xenial/InRelease
  FIPS-updates (not available on trusty atm): 
https://esm.ubuntu.com/fips-updates/ubuntu/dists/xenial-updates/InRelease
  ESM: https://esm.ubuntu.com/ubuntu/dists/trusty-updates/InRelease and 
https://esm.ubuntu.com/ubuntu/dists/trusty-security/InRelease
  
  cis-audit is not ready and we don't have a gpg key for it yet, so we are
  shpping a placeholder file in the package called ubuntu-
  securitybenchmarks-keyring.gpg and that is a zero-sized file. Since cis-
  audit is not available for trusty, and gpg keyrings are only copied over
  to /etc/apt/trusted.gpg.d/ at enable time, this isn't an issue. And even
  if it was copied over to that directory, an empty file there doesn't
  cause issues. The reason we still have the file is, as said, a
  placeholder, as the code and tests expect it, and because we want to use
  the same source package for all supported ubuntu releases.
  
  On an upgrade, existing users of trusty esm are ex

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-07-10 Thread Steve Langasek

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco and Eoan already have this new version (but slightly older), but
  trusty, xenial, bionic and cosmic do not. This update is for trusty only
  at the moment, because the other LTSs and later releases have other
  services available under the UA umbrella which haven't yet been fully
  converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  You can sign up interactively by just typing:
  
  sudo ua attach
  
  That will prompt you for your ubuntu one login credentials, and 2FA if
  needed, and enable ESM and Livepatch (the latter if running an HWE
  kernel).
  
  Alternatively, you can go to https://auth.contracts.canonical.com/,
  obtain a token, and attach your machine with:
  
  sudo ua attach 
  
  Additional test cases to confirm that the package correctly handles
  upgrades for all relevant cases:
  
  2.
   a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates.
   Do not enable ua. Upgrade to u-a-t from -proposed.
   b. In an identical instance, install u-a-t from -proposed.
   c. Confirm that the on-disk results of a) and b) are identical.
  3.
   a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
-  b. In an identical instance, install u-a-t from -proposed.  Enable esm with 
'ubuntu-advantage enable esm'.
+  b. In an identical instance, install u-a-t from -proposed.  Enable esm with 
'ubuntu-advantage attach'.
   c. Confirm that the on-disk results of a) and b) are identical.
  4.
   a. Start with a fresh Ubuntu instance which does have u-a-t installed.  
Enable esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
-  b. In an identical instance, upgrade to u-a-t from -proposed.  Enable esm 
with 'ubuntu-advantage enable esm'.
+  b. In an identical instance, upgrade to u-a-t from -proposed.  Enable esm 
with 'ubuntu-advantage attach'.
   c. Confirm that the on-disk results of a) and b) are identical.
  5.
-  a. Start with a fresh Ubuntu *precise* instance which does have u-a-t 
installed and esm enabled.  Dist-upgrade to trusty, then upgrade to u-a-t from 
-proposed.
-  b. In an identical instance, dist-upgrade to trusty with -proposed enabled.
+  a. Start with a fresh Ubuntu *precise* instance which does have u-a-t 
installed and esm enabled.  Dist-upgrade to trusty, then upgrade to u-a-t from 
-proposed.
+  b. In an identical instance, dist-upgrade to trusty with -proposed enabled.
   c. Confirm that the on-disk results of a) and b) are identical.
  
  [Regression Potential]
  This is a major rewrite from bash to python3 and there are changes in 
behavior.
  - new services will be listed, but not avaialble for trusty, only for later 
LTSs
  - even when ESM is not enabled, an apt hook will advertise the availability 
of updates in that repository. This hook has failed in the past while this 
package was in disco, and that failed the apt transaction. This has of course 
been fixed since then (see #1824523 and #1824523).
  
  [Other Info]
  This is the FFe bug that got this rewrite into Disco at that time:
  https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1814157
  
  Development of this client is happening on github:
  https://github.com/CanonicalLtd/ubuntu-advantage-client
  
  The GPG keys can be verified by checking the signed release files over https. 
Respectively:
  CC (not available on trusty atm): 
https://esm.ubuntu.com/cc/ubuntu/dists/xenial/InRelease
  FIPS (not available on trusty atm): 
https://esm.ubuntu.com/fips/ubuntu/dists/xenial/InRelease
  FIPS-updates (not available on trusty atm): 
https://esm.ubuntu.com/fips-updates/ubuntu/dists/xenial-updates/InRelease
  ESM: https://esm.ubuntu.com/ubuntu/dists/trusty-updates/InRelease and 
https://esm.ubuntu.com/ubuntu/dists/trusty-security/InRelease
  
  cis-audit is not ready and we don't have a gpg key for it yet, so we are
  shpping a placeholder file in the package called ubuntu-
  securitybenchmarks-keyring.gpg and that is a zero-sized file. Since cis-
  audit is not available for trusty, and gpg keyrings are only copied over
  to /etc/apt/trusted.gpg.d/ at enable time, this isn't an issue. And even
  if it was copied over to that directory, an empty file there doesn't
  cause issues. The reason we still have the file is, as said, a
  placeholder, as the code and tests expect it, and

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-07-10 Thread Steve Langasek

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco and Eoan already have this new version (but slightly older), but
  trusty, xenial, bionic and cosmic do not. This update is for trusty only
  at the moment, because the other LTSs and later releases have other
  services available under the UA umbrella which haven't yet been fully
  converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  You can sign up interactively by just typing:
  
  sudo ua attach
  
  That will prompt you for your ubuntu one login credentials, and 2FA if
  needed, and enable ESM and Livepatch (the latter if running an HWE
  kernel).
  
  Alternatively, you can go to https://auth.contracts.canonical.com/,
  obtain a token, and attach your machine with:
  
  sudo ua attach 
+ 
+ Additional test cases to confirm that the package correctly handles
+ upgrades for all relevant cases:
+ 
+ 2.
+  a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. 
+  Do not enable ua. Upgrade to u-a-t from -proposed.
+  b. In an identical instance, install u-a-t from -proposed.
+  c. Confirm that the on-disk results of a) and b) are identical.
+ 3.
+  a. Start with a fresh Ubuntu instance which does not have u-a-t installed 
(i.e. ubuntu-minimal is not installed).  Install u-a-t from -updates. Enable 
esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
+  b. In an identical instance, install u-a-t from -proposed.  Enable esm with 
'ubuntu-advantage enable esm'.
+  c. Confirm that the on-disk results of a) and b) are identical.
+ 4.
+  a. Start with a fresh Ubuntu instance which does have u-a-t installed.  
Enable esm with 'ubuntu-advantage enable-esm'.  Upgrade to u-a-t from -proposed.
+  b. In an identical instance, upgrade to u-a-t from -proposed.  Enable esm 
with 'ubuntu-advantage enable esm'.
+  c. Confirm that the on-disk results of a) and b) are identical.
  
  [Regression Potential]
  This is a major rewrite from bash to python3 and there are changes in 
behavior.
  - new services will be listed, but not avaialble for trusty, only for later 
LTSs
  - even when ESM is not enabled, an apt hook will advertise the availability 
of updates in that repository. This hook has failed in the past while this 
package was in disco, and that failed the apt transaction. This has of course 
been fixed since then (see #1824523 and #1824523).
  
  [Other Info]
  This is the FFe bug that got this rewrite into Disco at that time:
  https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1814157
  
  Development of this client is happening on github:
  https://github.com/CanonicalLtd/ubuntu-advantage-client
  
  The GPG keys can be verified by checking the signed release files over https. 
Respectively:
  CC (not available on trusty atm): 
https://esm.ubuntu.com/cc/ubuntu/dists/xenial/InRelease
  FIPS (not available on trusty atm): 
https://esm.ubuntu.com/fips/ubuntu/dists/xenial/InRelease
  FIPS-updates (not available on trusty atm): 
https://esm.ubuntu.com/fips-updates/ubuntu/dists/xenial-updates/InRelease
  ESM: https://esm.ubuntu.com/ubuntu/dists/trusty-updates/InRelease and 
https://esm.ubuntu.com/ubuntu/dists/trusty-security/InRelease
  
  cis-audit is not ready and we don't have a gpg key for it yet, so we are
  shpping a placeholder file in the package called ubuntu-
  securitybenchmarks-keyring.gpg and that is a zero-sized file. Since cis-
  audit is not available for trusty, and gpg keyrings are only copied over
  to /etc/apt/trusted.gpg.d/ at enable time, this isn't an issue. And even
  if it was copied over to that directory, an empty file there doesn't
  cause issues. The reason we still have the file is, as said, a
  placeholder, as the code and tests expect it, and because we want to use
  the same source package for all supported ubuntu releases.
  
  On an upgrade, existing users of trusty esm are expected to run "sudo ua
  attach []", although not doing it won't disable their existing
  ESM access. The new ua tool just won't recognize esm as being active in
  its "ua status" output until the attach operation is complete. The same
  applies to livepatch, if it was enabled before.

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco and Eoan

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-07-04 Thread Andreas Hasenack

** Changed in: ubuntu-advantage-tools (Ubuntu Trusty)
   Status: New => In Progress

** Changed in: ubuntu-advantage-tools (Ubuntu Trusty)
 Assignee: (unassigned) => Andreas Hasenack (ahasenack)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-07-03 Thread Launchpad Bug Tracker

This bug was fixed in the package ubuntu-advantage-tools - 19.5.1

---
ubuntu-advantage-tools (19.5.1) eoan; urgency=medium

  * d/t/usage: fix dep8 test ("entitlements" was renamed to "services")

ubuntu-advantage-tools (19.5) eoan; urgency=medium

  * New upstream release (LP: #1832757):
- packaging:
  + d/control: depend on libapt-pkg to use pin-priority never
  + d/postinst: adjust logfile permissions
  + d/postinst: remove public files and generate status cache on upgrade
  + d/postinst: Remove the old CACHE_DIR in postinst
  + d/postrm: remove log files on package purge
  + d/postrm: remove the ESM pinning file on purge
  + trusty should remove v1 esm key if present after upgrade
  + keyrings: regenerate keyrings on a trusty host
  + refresh keyrings to match current production for fips and cc-eal
- apt:
  + all repo entitlements now call apt-get update on enable
  + enable -updates if -updates from the Ubuntu archive is enabled
  + Add basic i18n (good enough for lang packs)
  + retry apt install and update commands 3 times simple backoff
  + write commented -updates lines instead of omitting them
- attach/detach:
  + added --no-auto-enable option
  + suppress messages from inapplicable default entitlements
  + two-factor auth reprompt only two-factor auth on failed 2fa
  + honour enableByDefault obligations from contract server
  + livepatch: no auto-enable on attach for trusty
  + don't attempt to disable inapplicable entitlements during detach
  + check for root before checking for attach in assert_attached_root
- status:
  + add --json cli formatting option
  + emit a SERVICE header in status output
  + redact technical support and expiry for free contracts
  + unentitled services will report n/a
- cc-eal:
  + add a warning about download size before install
  + change cc to cc-eal in docs, parameters and commandline help
- esm:
  + add esm-v2 gpg keyring, drop old keyring, ignore aptKey directive
  + and livepatch auto enabled on attach where supported
  + on upgrade do not install preferences to pin never if esm enabled
  + remove only the apt auth entry on disable, leaving sources.list
  + use Pin-Priority never apt preference file to disable esm initially
- fips:
  + display as pending when linux-fips is not the running kernel
  + only install/upgrade optional packages that are already on the system
- logs:
  + no longer redact secrets as logfile is root read-only
  + separate console log devel from logfile level
  + remove level from messages to the console
- add subcommand to refresh all contract details
- config: allow contract_url and sso_auth_url to have a trailing slash
- docker: fix persisting generated uuid on images without machine-id files
- environ: allow lowercase ua_ overrides
- repo: un-comment ESM sources.list lines on repo disable
- updated manpage and help docs

 -- Andreas Hasenack   Wed, 03 Jul 2019 21:55:25
-0300

** Changed in: ubuntu-advantage-tools (Ubuntu)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-07-03 Thread Andreas Hasenack

** Changed in: ubuntu-advantage-tools (Ubuntu)
 Assignee: (unassigned) => Andreas Hasenack (ahasenack)

** Changed in: ubuntu-advantage-tools (Ubuntu)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

2019-06-21 Thread Sebastien Bacher

** Changed in: ubuntu-advantage-tools (Ubuntu)
   Importance: Undecided => High

** Changed in: ubuntu-advantage-tools (Ubuntu Trusty)
   Importance: Undecided => High

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco and Eoan already have this new version (but slightly older), but
  trusty, xenial, bionic and cosmic do not. This update is for trusty only
  at the moment, because the other LTSs and later releases have other
  services available under the UA umbrella which haven't yet been fully
  converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  You can sign up interactively by just typing:
  
  sudo ua attach
  
  That will prompt you for your ubuntu one login credentials, and 2FA if
  needed, and enable ESM and Livepatch (the latter if running an HWE
  kernel).
  
  Alternatively, you can go to https://auth.contracts.canonical.com/,
  obtain a token, and attach your machine with:
  
  sudo ua attach 
  
  [Regression Potential]
  This is a major rewrite from bash to python3 and there are changes in 
behavior.
  - new services will be listed, but not avaialble for trusty, only for later 
LTSs
  - even when ESM is not enabled, an apt hook will advertise the availability 
of updates in that repository. This hook has failed in the past while this 
package was in disco, and that failed the apt transaction. This has of course 
been fixed since then (see #1824523 and #1824523).
  
  [Other Info]
  This is the FFe bug that got this rewrite into Disco at that time:
  https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1814157
  
  Development of this client is happening on github:
  https://github.com/CanonicalLtd/ubuntu-advantage-client
  
  The GPG keys can be verified by checking the signed release files over https. 
Respectively:
  CC (not available on trusty atm): 
https://esm.ubuntu.com/cc/ubuntu/dists/xenial/InRelease
  FIPS (not available on trusty atm): 
https://esm.ubuntu.com/fips/ubuntu/dists/xenial/InRelease
  FIPS-updates (not available on trusty atm): 
https://esm.ubuntu.com/fips-updates/ubuntu/dists/xenial-updates/InRelease
  ESM: https://esm.ubuntu.com/ubuntu/dists/trusty-updates/InRelease and 
https://esm.ubuntu.com/ubuntu/dists/trusty-security/InRelease
  
  cis-audit is not ready and we don't have a gpg key for it yet, so we are
  shpping a placeholder file in the package called ubuntu-
  securitybenchmarks-keyring.gpg and that is a zero-sized file. Since cis-
  audit is not available for trusty, and gpg keyrings are only copied over
  to /etc/apt/trusted.gpg.d/ at enable time, this isn't an issue. And even
  if it was copied over to that directory, an empty file there doesn't
  cause issues. The reason we still have the file is, as said, a
  placeholder, as the code and tests expect it, and because we want to use
  the same source package for all supported ubuntu releases.
+ 
+ On an upgrade, existing users of trusty esm are expected to run "sudo ua
+ attach []", although not doing it won't disable their existing
+ ESM access. The new ua tool just won't recognize esm as being active in
+ its "ua status" output until the attach operation is complete.

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco and Eoan already have this new version (but slightly older), but
  trusty, xenial, bionic and cosmic do not. This update is for trusty only
  at the moment, because the other LTSs and later releases have other
  services available under the UA umbrella which haven't yet been fully
  converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  You can sign up interactively by just typing:
  
  sudo ua attach
  
  That will prompt you for your ubuntu one login credentials, and 2FA if
  needed, and enable ESM and Livepatch (the latter if running an HWE
  kernel).
  
  Alternatively, you can go to https://auth.contracts.canonical.com/,
  obtain a token, and attach your machine with:
  
  sudo ua attach 
  
  [Regression Potential]
  This is a major rewrite from bash to python3 and there are changes in 
behavior.
  - new services will be listed, but not avaialble for trusty, only for later 
LTSs
  - even when ESM is not enabled, an apt hook will advertise the availability 
of updates in that repository. This hook has failed in the past while this 
package was in disco, and that failed the apt transaction. This has of course 
been fixed since t

[Bug 1832757] Re: Update ubuntu-advantage-client

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco and Eoan already have this new version (but slightly older), but
  trusty, xenial, bionic and cosmic do not. This update is for trusty only
  at the moment, because the other LTSs and later releases have other
  services available under the UA umbrella which haven't yet been fully
  converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  You can sign up interactively by just typing:
  
  sudo ua attach
  
  That will prompt you for your ubuntu one login credentials, and 2FA if
  needed, and enable ESM and Livepatch (the latter if running an HWE
  kernel).
  
  Alternatively, you can go to https://auth.contracts.canonical.com/,
  obtain a token, and attach your machine with:
  
  sudo ua attach 
  
  [Regression Potential]
  This is a major rewrite from bash to python3 and there are changes in 
behavior.
  - new services will be listed, but not avaialble for trusty, only for later 
LTSs
  - even when ESM is not enabled, an apt hook will advertise the availability 
of updates in that repository. This hook has failed in the past while this 
package was in disco, and that failed the apt transaction. This has of course 
been fixed since then (see #1824523 and #1824523).
  
  [Other Info]
  This is the FFe bug that got this rewrite into Disco at that time:
  https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1814157
  
  Development of this client is happening on github:
  https://github.com/CanonicalLtd/ubuntu-advantage-client
  
  The GPG keys can be verified by checking the signed release files over https. 
Respectively:
  CC (not available on trusty atm): 
https://esm.ubuntu.com/cc/ubuntu/dists/xenial/InRelease
  FIPS (not available on trusty atm): 
https://esm.ubuntu.com/fips/ubuntu/dists/xenial/InRelease
  FIPS-updates (not available on trusty atm): 
https://esm.ubuntu.com/fips-updates/ubuntu/dists/xenial-updates/InRelease
  ESM: https://esm.ubuntu.com/ubuntu/dists/trusty-updates/InRelease and 
https://esm.ubuntu.com/ubuntu/dists/trusty-security/InRelease
+ 
+ cis-audit is not ready and we don't have a gpg key for it yet, so we are
+ shpping a placeholder file in the package called ubuntu-
+ securitybenchmarks-keyring.gpg and that is a zero-sized file. Since cis-
+ audit is not available for trusty, and gpg keyrings are only copied over
+ to /etc/apt/trusted.gpg.d/ at enable time, this isn't an issue. And even
+ if it was copied over to that directory, an empty file there doesn't
+ cause issues. The reason we still have the file is, as said, a
+ placeholder, as the code and tests expect it, and because we want to use
+ the same source package for all supported ubuntu releases.

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco and Eoan already have this new version (but slightly older), but
  trusty, xenial, bionic and cosmic do not. This update is for trusty only
  at the moment, because the other LTSs and later releases have other
  services available under the UA umbrella which haven't yet been fully
  converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  You can sign up interactively by just typing:
  
  sudo ua attach
  
  That will prompt you for your ubuntu one login credentials, and 2FA if
  needed, and enable ESM and Livepatch (the latter if running an HWE
  kernel).
  
  Alternatively, you can go to https://auth.contracts.canonical.com/,
  obtain a token, and attach your machine with:
  
  sudo ua attach 
  
  [Regression Potential]
  This is a major rewrite from bash to python3 and there are changes in 
behavior.
  - new services will be listed, but not avaialble for trusty, only for later 
LTSs
  - even when ESM is not enabled, an apt hook will advertise the availability 
of updates in that repository. This hook has failed in the past while this 
package was in disco, and that failed the apt transaction. This has of course 
been fixed since then (see #1824523 and #1824523).
  
  [Other Info]
+ This is the FFe bug that got this rewrite into Disco at that time:
+ https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1814157
+ 
+ Development of this client is happening on github:
+ https://github.com/CanonicalLtd/ubuntu-advantage-client
+ 
+ The GPG keys can be verified by checking the signed release files over https. 
Respectively:
+ CC (not available on trusty atm): 
https://esm.ubuntu.com/cc/ubuntu/dists/xenial/InRelease
+ FIPS (not available on trusty atm): 
https://esm.ubuntu.com/fips/ubuntu/dists/xenial/InRelease
+ FIPS-updates (not available on trusty atm): 
https://esm.ubuntu.com/fips-updates/ubuntu/dists/xenial-updates/InRelease
+ ESM: https://esm.ubuntu.com/ubuntu/dists/trusty-updates/InRelease and 
https://esm.ubuntu.com/ubuntu/dists/trusty-security/InRelease

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client

** Description changed:

  [Impact]
  This is a major rewrite of ubuntu-advantage-client. This version introduces 
an updated command line interface (UA Client) to simplify some interaction with 
Ubuntu Advantage support offerings, and interacts with a new service backend 
built specifically for this new streamlined experience.
  
  Disco and Eoan already have this new version (but slightly older), but
  trusty, xenial, bionic and cosmic do not. This update is for trusty only
  at the moment, because the other LTSs and later releases have other
  services available under the UA umbrella which haven't yet been fully
  converted to the new backend.
  
  [Test Case]
  There are free services available for Trusty and anyone with an ubuntu one 
account can try them out with the new client.
  
  You can sign up interactively by just typing:
  
  sudo ua attach
  
  That will prompt you for your ubuntu one login credentials, and 2FA if
  needed, and enable ESM and Livepatch (the latter if running an HWE
  kernel).
  
  Alternatively, you can go to https://auth.contracts.canonical.com/,
  obtain a token, and attach your machine with:
  
  sudo ua attach 
  
  [Regression Potential]
- 
-  * discussion of how regressions are most likely to manifest as a result
- of this change.
- 
-  * It is assumed that any SRU candidate patch is well-tested before
-    upload and has a low overall risk of regression, but it's important
-    to make the effort to think about what ''could'' happen in the
-    event of a regression.
- 
-  * This both shows the SRU team that the risks have been considered,
-    and provides guidance to testers in regression-testing the SRU.
+ This is a major rewrite from bash to python3 and there are changes in 
behavior.
+ - new services will be listed, but not avaialble for trusty, only for later 
LTSs
+ - even when ESM is not enabled, an apt hook will advertise the availability 
of updates in that repository. This hook has failed in the past while this 
package was in disco, and that failed the apt transaction. This has of course 
been fixed since then (see #1824523 and #1824523).
  
  [Other Info]
- 
-  * Anything else you think is useful to include
-  * Anticipate questions from users, SRU, +1 maintenance, security teams and 
the Technical Board
-  * and address these questions in advance

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1832757

Title:
  Update ubuntu-advantage-client

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1832757/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1832757] Re: Update ubuntu-advantage-client