Control: block -1 by 1080270
Hello Bastian,
Bastian Germann [2024-06-26 22:05 +0200]:
> Please drop the libssh-gcrypt-dev and libssh-gcrypt-4 packages as soon as no
> reverse dep is left.
> Upstream has deprecated the gcrypt flavor with v0.11 and only a few packages
> still depend on it.
> They
Package: libavformat60
Version: 7:6.1.1-5+b1
Hello Debian Multimedia Maintainers,
Bastian asked [1] for libssh to drop the gcrypt variant (libssh-gcrypt-4). It's
deprecated in libssh upstream, and with the recently changed OpenSSL license
there is no reason any more to have it.
The only remainin
Package: libavformat60
Version: 7:6.1.1-5+b1
Hello Debian Multimedia Maintainers,
Bastian asked [1] for libssh to drop the gcrypt variant (libssh-gcrypt-4). It's
deprecated in libssh upstream, and with the recently changed OpenSSL license
there is no reason any more to have it.
The only remainin
This was fixed upstream in https://github.com/cockpit-project/cockpit-
machines/commit/bc7d9a2d53297264a6d8f889ef238d08027aa6ef and is part of
cockpit-machines 315. Thus it is fixed in oneiric. For 24.04 you can get
version 316-1~bpo24.04.1 from official noble-backports.
** Changed in: cockpit-mac
These methods were introduced in
https://pagure.io/freeipa/c/0f9a8b7a15b911f443042061d795fcaa51f1a3c7 ,
and that triggers a strong déjà vu for me -- I've looked at this failure
in a different context already.
But https://launchpad.net/ubuntu/+source/python-cryptography in oracular
*is* version 42.
These methods were introduced in
https://pagure.io/freeipa/c/0f9a8b7a15b911f443042061d795fcaa51f1a3c7 ,
and that triggers a strong déjà vu for me -- I've looked at this failure
in a different context already.
But https://launchpad.net/ubuntu/+source/python-cryptography in oracular
*is* version 42.
Public bug reported:
I am currently enabling our Cockpit tests on oracular [1] (now after
feature freeze and well before release is a good time). The main
regression is with joining a FreeIPA domain.
The server runs a standard quay.io/freeipa/freeipa-
server:centos-9-stream container with a coupl
Public bug reported:
I am currently enabling our Cockpit tests on oracular [1] (now after
feature freeze and well before release is a good time). The main
regression is with joining a FreeIPA domain.
The server runs a standard quay.io/freeipa/freeipa-
server:centos-9-stream container with a coupl
Control: tag -1 pending
Hello Simon,
Simon McVittie [2024-08-22 9:17 +0100]:
> The pristine-tar branch is missing data for recent upstream releases.
Whoops, thanks for pointing out!
> Please consider using `gbp push` to push changes to all relevant branches.
That's not it -- my local pristine
Hello all,
three months ago, Firefox announced [1] that they are dropping support for the
Chrome Devtools Protocol, the browser automation protocol that we have used in
Cockpit's test API for many years. This finally happened in Firefox 129 [2],
which just recently made it into Fedora 40.
The new
Control: tag -1 upstream
Control: forwarded -1 https://gitlab.com/libvirt/libvirt/-/issues/660
Martin Pitt [2024-08-13 5:59 +0200]:
> However, the image log has the list of updated packages (at the bottom of
> [3]),
> and the most plausible one is
>
> libvirt-daemon (10.5.
Control: tag -1 confirmed
Laurent Bigonville [2024-07-24 15:39 +0200]:
> type=AVC msg=audit(1721828131.241:1176): apparmor="DENIED" operation="open"
> class="file" profile="libvirt-6fde45f5-ff7e-4277-87b9-123a8aa30c7e"
> name="/proc/sys/vm/max_map_count" pid=149623 comm="qemu-system-x86"
> requ
Control: tag -1 upstream fixed-upstream pending
Hello Petter,
Petter Reinholdtsen [2024-08-02 7:40 +0200]:
> The Appstream validation report the following problem with the metadata
> I submitted in BTS #1076991.
>
> Errors
>
> * gui-app-without-icon
[...]
I did that when I committed that up
OK, thanks for confirming!
** Changed in: systemd (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2073776
Title:
nsswitch.con
OK, thanks for confirming!
** Changed in: systemd (Ubuntu)
Status: Incomplete => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2073776
Title:
nsswitch.conf "passwd" entry misses "sys
Control: tag -1 upstream fixed-upstream pending
Hello Petter,
Petter Reinholdtsen [2024-07-25 6:48 +0200]:
> +Description: Added AppStream metainfo XML with hardware provide info.
> + This allow isenkram to propose this package when the hardware is
> + present.
Thank you! However, despite this
Control: tag -1 upstream fixed-upstream pending
Hello Petter,
Petter Reinholdtsen [2024-07-25 6:14 +0200]:
> Where looking at the source of media-player-info, I came across some
> DeviceMatch entries in media-players/*.mpi which appear to be typos.
> Most entries have a usb: prefix, but a select
Hmm.. Installing libnss-systemd is supposed to add that line
automatically. Do you remember, did you happen to change nsswitch.cnf
manually somehow? backup/restore, Ansible, etc?
** Summary changed:
- cockpit-ws 321-1~bpo22.04.1 changes user to cockpit-wsinstance but systemd
units still use cock
So can you please check `sudo journalctl -u cockpit-ws-user` ? That
should have the root cause of the error.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2073776
Title:
cockpit-ws 321-1~bpo22.04.1
And can you pelase check that you have `libnss-systemd` installed (it's
a dependency of cockpit-ws) and that /etc/nsswitch.conf "passwd" line
includes "systemd"?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.ne
That's not an "old" username. cockpit-ws really needs two. "cockpit-ws"
uses DynamicUser=yes, while cockpit-wsinstance is a static user name
(for technical reasons). Is anything not working?
** Changed in: cockpit (Ubuntu)
Status: New => Incomplete
--
You received this bug notification be
That's because the two ARM architectures still didn't pick up the build:
https://launchpad.net/ubuntu/+source/cockpit/321-1~bpo24.04.1
This must be a bug in the buildd configuration --
https://launchpad.net/ubuntu/noble/arm64/+builds is empty, and even
https://launchpad.net/ubuntu/oracular/arm64/+
Package: wnpp
X-Debbugs-Cc: debian-de...@lists.debian.org,
pkg-utopia-maintain...@lists.alioth.debian.org
Owner: Martin Pitt
X-Debbugs-Cc: Utopia Maintenance Team
Severity: wishlist
* Package name: cockpit-files
Version : 2
Upstream Contact: Martin Pitt
* URL
Package: wnpp
X-Debbugs-Cc: debian-de...@lists.debian.org,
pkg-utopia-maintain...@lists.alioth.debian.org
Owner: Martin Pitt
X-Debbugs-Cc: Utopia Maintenance Team
Severity: wishlist
* Package name: cockpit-files
Version : 2
Upstream Contact: Martin Pitt
* URL
Package: wnpp
X-Debbugs-Cc: debian-de...@lists.debian.org,
pkg-utopia-maintain...@lists.alioth.debian.org
Owner: Martin Pitt
X-Debbugs-Cc: Utopia Maintenance Team
Severity: wishlist
* Package name: cockpit-files
Version : 2
Upstream Contact: Martin Pitt
* URL
-2024-6126]
+
+ -- Martin Pitt Fri, 05 Jul 2024 06:15:50 +0200
+
cockpit (287.1-0+deb12u2) bookworm-security; urgency=medium
* Add 0001-ssh-Use-valid-host-name-in-test-sshbridge.patch:
diff -Nru
cockpit-287.1/debian/patches/0002-pam-ssh-add-Fix-insecure-killing-of-session-ssh-agen.patch
co
-2024-6126]
+
+ -- Martin Pitt Fri, 05 Jul 2024 06:15:50 +0200
+
cockpit (287.1-0+deb12u2) bookworm-security; urgency=medium
* Add 0001-ssh-Use-valid-host-name-in-test-sshbridge.patch:
diff -Nru
cockpit-287.1/debian/patches/0002-pam-ssh-add-Fix-insecure-killing-of-session-ssh-agen.patch
co
Package: lxc
Version: 1:5.0.2-1+deb12u2
I recently changed cockpit-ws' systemd unit from a static `adduser` to
`DynamicUser=yes`. This works great by and large (on Debian 12 and testing and
also all currently supported Ubuntu releases). But there's a failure when
running the autopkgtest in debci [
Control: forwarded -1 https://github.com/cockpit-project/cockpit/pull/20543
Control: tag -1 patch pending
Hello Michael,
Michael Biebl [2024-06-03 14:39 +0200]:
> Jun 03 14:35:42 mars apparmor.systemd[1026]: AppArmor-Analysefehler f?r
> /etc/apparmor.d in profile /etc/apparmor.d/cockpit-desktop
Control: forwarded -1 https://github.com/cockpit-project/cockpit/pull/20543
Control: tag -1 patch pending
Hello Michael,
Michael Biebl [2024-06-03 14:39 +0200]:
> Jun 03 14:35:42 mars apparmor.systemd[1026]: AppArmor-Analysefehler f?r
> /etc/apparmor.d in profile /etc/apparmor.d/cockpit-desktop
Control: forwarded -1 https://github.com/cockpit-project/cockpit/pull/20543
Control: tag -1 patch pending
Hello Michael,
Michael Biebl [2024-06-03 14:39 +0200]:
> Jun 03 14:35:42 mars apparmor.systemd[1026]: AppArmor-Analysefehler f?r
> /etc/apparmor.d in profile /etc/apparmor.d/cockpit-desktop
** Tags removed: verification-needed verification-needed-noble
** Tags added: verification-failed verification-failed-noble
** Tags added: regression-proposed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/
** Bug watch added: Debian Bug tracker #1053706
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053706
** Also affects: procps (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053706
Importance: Unknown
Status: Unknown
--
You received this bug notification becau
Hello Cockpiteers,
Is anyone using https://github.com/cockpit-project/cockpit-certificates and
interesting in taking over its development and maintenance? From the cockpit
team's PoV it is rather abandoned, nobody uses it or is interested in it, and
we have too much to do and need to shed some loa
Hello all,
Is anyone using https://github.com/cockpit-project/cockpit-certificates and
interested in taking over development/maintenance?
This never made it into any distribution or even an official upstream release,
we have too much to do in Red Hat's Cockpit team, and we need to shed some
load.
Package: python3-ipaclient
Severity: important
Version: 4.11.1-2
Tags: upstream, fixed-upstream
Forwarded:
https://lists.fedorahosted.org/archives/list/freeipa-us...@lists.fedorahosted.org/thread/PLR7R2FIZXNOQFMT3XWMBK3UYI7FWVMY/
Hello,
A few days ago, python-cryptography 42.0 entered Debian tes
Thanks @ffesti ! So I suppose this should be closed upstream, and I'll create a
bugzilla instead?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3073#issuecomment-2092433241
You are receiving this because you are subscribed to this thr
This helped a lot, but it's still applying the user creation and `%attr()`
processing in the wrong order. I filed issue #3073 about it.
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/pull/2432#issuecomment-2092096531
You are receiving this be
We are currently [trying to move our project to
systemd-sysusers](https://github.com/cockpit-project/cockpit/pull/20365), away
from manual `useradd` calls in the package's `%pre` script. The [rpm
manual](https://rpm-software-management.github.io/rpm/manual/users_and_groups.html)
claims
> Rpm
This was "fixed" in noble by clearing out noble-proposed, thanks! That
took care of the worst fallout.
** Changed in: python-gssapi (Ubuntu Noble)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://
Public bug reported:
The recent no-change rebuild in
https://launchpad.net/ubuntu/+source/python-gssapi/1.8.2-1ubuntu2
regressed. With -1ubuntu1, the import works:
python3 -c 'import gssapi'
but with -1ubuntu2, it crashes with
Traceback (most recent call last):
File "", line 1, in
File "
There are no patches, it's a straight import of the source package into
Ubuntu. Ubuntu *does* have different compiler options than Debian, so
that may be a factor. Otherwise I'm in the same boat as you -- there's
only so much time I can throw at this (I've done full-time "investigate,
report, and t
ian/changelog
--- cockpit-287.1/debian/changelog 2024-04-02 11:11:19.0 +0200
+++ cockpit-287.1/debian/changelog 2024-04-16 09:20:17.0 +0200
@@ -1,3 +1,11 @@
+cockpit (287.1-0+deb12u2) bookworm-security; urgency=medium
+
+ * Add 0001-ssh-Use-valid-host-name-in-test-ssh
ian/changelog
--- cockpit-287.1/debian/changelog 2024-04-02 11:11:19.0 +0200
+++ cockpit-287.1/debian/changelog 2024-04-16 09:20:17.0 +0200
@@ -1,3 +1,11 @@
+cockpit (287.1-0+deb12u2) bookworm-security; urgency=medium
+
+ * Add 0001-ssh-Use-valid-host-name-in-test-ssh
ian/changelog
--- cockpit-287.1/debian/changelog 2024-04-02 11:11:19.0 +0200
+++ cockpit-287.1/debian/changelog 2024-04-16 09:20:17.0 +0200
@@ -1,3 +1,11 @@
+cockpit (287.1-0+deb12u2) bookworm-security; urgency=medium
+
+ * Add 0001-ssh-Use-valid-host-name-in-test-ssh
Public bug reported:
One of our Cockpit integration tests [1] spotted an AppArmor regression
in rsyslogd. This is coincidental, the test passes and it doesn't do
anything with rsyslogd -- just something happens to happen in the
background to trigger this (and I can actually reproduce it locally
qu
Public bug reported:
One of our Cockpit integration tests [1] spotted an AppArmor regression
in rsyslogd. This is coincidental, the test passes and it doesn't do
anything with rsyslogd -- just something happens to happen in the
background to trigger this (and I can actually reproduce it locally
qu
Yeah, I could live with that -- but TBH I still consider this mostly a
bug in openssh. querying the status of sshd.service really should work.
Arch, RHEL, Fedora, OpenSUSE etc. all call this sshd.service.
--
You received this bug notification because you are a member of FreeIPA,
which is subscrib
Yeah, I could live with that -- but TBH I still consider this mostly a
bug in openssh. querying the status of sshd.service really should work.
Arch, RHEL, Fedora, OpenSUSE etc. all call this sshd.service.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subs
Yeah, I could live with that -- but TBH I still consider this mostly a
bug in openssh. querying the status of sshd.service really should work.
Arch, RHEL, Fedora, OpenSUSE etc. all call this sshd.service.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packag
Timo: It doesn't fail on Debian. See the "That works in Debian
because.." in the description (TL/DR: Debian doesn't enable ssh.socket,
but ssh.service, which sets up the symlink)
** Description changed:
Joining a FreeIPA domain reconfigures SSH. E.g. it enables GSSAPI
authentication in /etc/s
Timo: It doesn't fail on Debian. See the "That works in Debian
because.." in the description (TL/DR: Debian doesn't enable ssh.socket,
but ssh.service, which sets up the symlink)
** Description changed:
Joining a FreeIPA domain reconfigures SSH. E.g. it enables GSSAPI
authentication in /etc/s
Timo: It doesn't fail on Debian. See the "That works in Debian
because.." in the description (TL/DR: Debian doesn't enable ssh.socket,
but ssh.service, which sets up the symlink)
** Description changed:
Joining a FreeIPA domain reconfigures SSH. E.g. it enables GSSAPI
authentication in /etc/s
Confirmed in current noble.
--
You received this bug notification because you are a member of FreeIPA,
which is subscribed to freeipa in Ubuntu.
https://bugs.launchpad.net/bugs/1946244
Title:
When installing/uninstalling with realmd, uninstalling crashes with
ScriptError
Status in freeipa p
Confirmed in current noble.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1946244
Title:
When installing/uninstalling with realmd, uninstalling crashes with
ScriptError
To manage notifications ab
Public bug reported:
Joining a FreeIPA domain reconfigures SSH. E.g. it enables GSSAPI
authentication in /etc/ssh/sshd_config.d/04-ipa.conf . After that, it
tries to restart sshd, but that fails as "sshd.service" is not a thing
on Ubuntu:
2024-04-12T03:10:57Z DEBUG args=['/bin/systemctl', 'is-act
Public bug reported:
Joining a FreeIPA domain reconfigures SSH. E.g. it enables GSSAPI
authentication in /etc/ssh/sshd_config.d/04-ipa.conf . After that, it
tries to restart sshd, but that fails as "sshd.service" is not a thing
on Ubuntu:
2024-04-12T03:10:57Z DEBUG args=['/bin/systemctl', 'is-act
Public bug reported:
Joining a FreeIPA domain reconfigures SSH. E.g. it enables GSSAPI
authentication in /etc/ssh/sshd_config.d/04-ipa.conf . After that, it
tries to restart sshd, but that fails as "sshd.service" is not a thing
on Ubuntu:
2024-04-12T03:10:57Z DEBUG args=['/bin/systemctl', 'is-act
Yay, today this is finally fixed, pbuilder creation and building a noble
VM image finally works again \o/ Thanks!
** Changed in: perl (Ubuntu Noble)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is s
Yay, today this is finally fixed, pbuilder creation and building a noble
VM image finally works again \o/ Thanks!
** Changed in: perl (Ubuntu Noble)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubun
In other words, having the fix in backports is fine I think.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2060014
Title:
CVE-2024-2947 command injection when deleting a sosreport with a
crafted n
Marc: Thanks -- no urgency from my side, I just wasn't sure about your
current CVE "must/may fix" policies.
** Changed in: cockpit (Ubuntu Mantic)
Status: Triaged => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
htt
Nathan Scott [2024-04-09 17:30 +1000]:
> > It's not really unknown, it's "just" a file conflict:
>
> Yeah - the unknown bit for me is "why tho" - I cannot see conflicting
> files in those packages that would have any debug symbols (there's
> some common directories... but no binaries shared AFAICS)
Hello Nathan,
Nathan Scott [2024-04-09 16:19 +1000]:
> Is any of this getting through... ? Just checked the Ubuntu tracker
> URL, and looks like every response Ken or I sent has been dropped on
> the ground.
Right, I didn't get any response either (not a surprise, as it's *first*
Launchpad recei
Aside from curl this can be reproduced most quickly with
sudo /usr/sbin/debootstrap --include=build-essential noble /tmp/n
http://archive.ubuntu.com/ubuntu
Errors were encountered while processing:
perl
libdpkg-perl
libperl5.38t64:amd64
dpkg-dev
build-essential
These are all ultimately du
I wonder where that comes from --
https://launchpad.net/ubuntu/+source/perl/+publishinghistory says that
5.38.2-3 was deleted, but only from noble-updates. In noble proper it is
merely "superseded". https://launchpad.net/ubuntu/+source/perl/5.38.2-3
doesn't show it being published anyway, and it's
Aside from curl this can be reproduced most quickly with
sudo /usr/sbin/debootstrap --include=build-essential noble /tmp/n
http://archive.ubuntu.com/ubuntu
Errors were encountered while processing:
perl
libdpkg-perl
libperl5.38t64:amd64
dpkg-dev
build-essential
These are all ultimately du
I wonder where that comes from --
https://launchpad.net/ubuntu/+source/perl/+publishinghistory says that
5.38.2-3 was deleted, but only from noble-updates. In noble proper it is
merely "superseded". https://launchpad.net/ubuntu/+source/perl/5.38.2-3
doesn't show it being published anyway, and it's
Public bug reported:
For the last two weeks, building noble VM images for our CI has been
broken. Most of it was uninstallability due to the xz reset, but for the
last three days, `pbuilder --create` has failed [2] because it gets perl
and perl-modules-5.38 in two different versions:
2024-04-08 0
Public bug reported:
For the last two weeks, building noble VM images for our CI has been
broken. Most of it was uninstallability due to the xz reset, but for the
last three days, `pbuilder --create` has failed [2] because it gets perl
and perl-modules-5.38 in two different versions:
2024-04-08 0
> They didn't propagate yet due to noble being jammed so much
This happened now \o/, so they are ready to go.
** Changed in: cockpit (Ubuntu Noble)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
Maybe the missing dbgsym packages are on purpose? The build log has
this:
# Note: --no-automatic-dbgsym not defined for all releases up to
# and including Debian 8 (jessie), but defined after that
# ... expect a warning on older releases, but no other ill
# effects from the unkno
Public bug reported:
In Cockpit's CI we see a lot of pmproxy crashes like [1] in a test which
starts/stops/reconfigures pmlogger, pmproxy, and redis. The journal
(some examples are [2][3][4]) always shows a similar stack trace:
pmproxy[9832]: segfault at 3 ip 767961047e45 sp 7ffe97e825d0
Sorry, clicked the wrong button, I'll expand the bug description. In the
meantime, attaching the core dump.
** Attachment added: "core dump"
https://bugs.launchpad.net/ubuntu/+source/pcp/+bug/2060275/+attachment/5761630/+files/core.pmproxy.997.9420690eb6044feb9fbda197076efdac.4632.171229645400
Backporters: I uploaded backports from noble-proposed to mantic and
jammy. They didn't propagate yet due to noble being jammed so much, but
we do validate them on both releases upstream. I'll let you decide
whether to accept or stall them.
--
You received this bug notification because you are a m
@Marc, security team: I'd like your opinion/preference/guidance for
mantic: It currently has upstream version 300.1. Half a year ago we did
two more upstream point releases for critical bug fixes (aimed at and
uploaded to RHEL): https://github.com/cockpit-
project/cockpit/releases/tag/300.2 and htt
Note: I tried to add backports tasks, but there's neither a
https://launchpad.net/jammy-backports nor a
https://launchpad.net/mantic-backports project. But not a biggie, these
will both get 314 as soon as it lands in noble.
--
You received this bug notification because you are a member of Ubuntu
tallability and autopkgtest queue
before it can land in noble proper (and thus the backports of mantic and
jammy get updated).
** Affects: cockpit (Ubuntu)
Importance: High
Assignee: Martin Pitt (pitti)
Status: Fix Committed
** Affects: cockpit (Ubuntu Mantic)
Importance: Medium
Control: forwarded -1 https://github.com/martinpitt/umockdev/issues/216
Control: tag -1 upstream pending
Hello all,
Thorsten Glaser [2024-03-20 3:05 +]:
> /usr/include/features-time64.h:26:5: error: #error "_TIME_BITS=64 is allowed
> only with _FILE_OFFSET_BITS=64"
>26 | # error "_TIM
Control: forwarded -1 https://github.com/martinpitt/umockdev/issues/216
Control: tag -1 upstream pending
Hello all,
Thorsten Glaser [2024-03-20 3:05 +]:
> /usr/include/features-time64.h:26:5: error: #error "_TIME_BITS=64 is allowed
> only with _FILE_OFFSET_BITS=64"
>26 | # error "_TIM
** Changed in: chrony (Ubuntu)
Status: New => Won't Fix
** Changed in: gnutls28 (Ubuntu)
Status: New => Won't Fix
** Changed in: libvirt (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which i
** Changed in: chrony (Ubuntu)
Status: New => Won't Fix
** Changed in: gnutls28 (Ubuntu)
Status: New => Won't Fix
** Changed in: libvirt (Ubuntu)
Status: New => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to U
Just to make sure that we really talk about the same thing: This bug
sounds like it is *intended* that
unshare --user --map-root-user /bin/bash -c whoami
(as unpriv user) now fails in current Ubuntu 24.04 noble. That still
worked in released 23.10.
I am starting to test Cockpit on the curren
Just to make sure that we really talk about the same thing: This bug
sounds like it is *intended* that
unshare --user --map-root-user /bin/bash -c whoami
(as unpriv user) now fails in current Ubuntu 24.04 noble. That still
worked in released 23.10.
I am starting to test Cockpit on the curren
** Tags added: cockpit-test
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1774000
Title:
Fails to boot cirros QEMU image with tuned running
To manage notifications about this bug go to:
https://bug
** Tags added: cockpit-test
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2040483
Title:
AppArmor denies crun sending signals to containers (stop, kill)
To manage notifications about this bug go to
Public bug reported:
There is an AppArmor regression in current noble. In cockpit we recently
started to test on noble (to prevent the "major regressions after
release" fiasco from 23.10 again).
For some weird reason, rsyslog is installed *by default* [1] in the
cloud images. That is a rather poi
Public bug reported:
There is an AppArmor regression in current noble. In cockpit we recently
started to test on noble (to prevent the "major regressions after
release" fiasco from 23.10 again).
For some weird reason, rsyslog is installed *by default* [1] in the
cloud images. That is a rather poi
*** This bug is a duplicate of bug 2056739 ***
https://bugs.launchpad.net/bugs/2056739
Absolutely agree, thanks Christian!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2056747
Title:
apparmor=
Public bug reported:
Merely booting current noble cloud image with "chrony" installed causes
this:
audit: type=1400 audit(1710152842.540:107): apparmor="DENIED"
operation="open" class="file" profile="/usr/sbin/chronyd"
name="/etc/gnutls/config" pid=878 comm="chronyd" requested_mask="r"
denied_mas
Public bug reported:
Running any VM in libvirt causes a new AppArmor violation in current
noble. This is a regression, this didn't happen in any previous release.
Reproducer:
virt-install --memory 50 --pxe --virt-type qemu --os-variant
alpinelinux3.8 --disk none --wait 0 --name test1
(This is
Control: severity 1061370 grave
Control: forcemerge -1 1061370
Matthias Klose [2024-02-01 8:30 +0100]:
> please don't file duplicate reports, see #1061370
Ah, sorry -- it wasn't clear from the title that it was about this problem, nor
was it RC. Marking a duplicate, so that it's easier to find.
Control: severity 1061370 grave
Control: forcemerge -1 1061370
Matthias Klose [2024-02-01 8:30 +0100]:
> please don't file duplicate reports, see #1061370
Ah, sorry -- it wasn't clear from the title that it was about this problem, nor
was it RC. Marking a duplicate, so that it's easier to find.
Control: severity 1061370 grave
Control: forcemerge -1 1061370
Matthias Klose [2024-02-01 8:30 +0100]:
> please don't file duplicate reports, see #1061370
Ah, sorry -- it wasn't clear from the title that it was about this problem, nor
was it RC. Marking a duplicate, so that it's easier to find.
Package: libatomic1
Version: 14-20240127-1
Severity: grave
Justification: breaks a lot of unrelated packages
Hello,
yesterday's cockpit armel build failed [1] on armel like this in the
./configure test for the PCP library:
| configure:6158: gcc -o conftest -Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-z
Package: libatomic1
Version: 14-20240127-1
Severity: grave
Justification: breaks a lot of unrelated packages
Hello,
yesterday's cockpit armel build failed [1] on armel like this in the
./configure test for the PCP library:
| configure:6158: gcc -o conftest -Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-z
Package: libatomic1
Version: 14-20240127-1
Severity: grave
Justification: breaks a lot of unrelated packages
Hello,
yesterday's cockpit armel build failed [1] on armel like this in the
./configure test for the PCP library:
| configure:6158: gcc -o conftest -Wdate-time -D_FORTIFY_SOURCE=2 -Wl,-z
Control: tag -1 pending
Hallo Matthias,
Matthias Klose [2024-01-29 21:27 +0100]:
> 636s NO TESTS RAN (skipped=4)
> 637s autopkgtest [01:57:06]: test upstream: ---]
> 637s autopkgtest [01:57:06]: test upstream: - - - - - - - - - - results - -
> - - - - - - - -
> 637s upstream
I can't make head or tail of this. aa-complain still enforces deny
rules, there is no (discoverable) way to log deny rules, and
grep -r deny /etc/apparmor.d | grep virt | grep -v /sys | grep -v /dev
doesn't show anything which would apply to /var/lib/libvirt/.
`aa-disable
/etc/apparmor.d/libv
Control: retitle -1 libvirt-daemon: Deleting external snapshot for non-running
system VM fails with AppArmor
when stracing libvirt, this is what happens:
6557 openat(AT_FDCWD, "/var/lib/libvirt/images/test2.qcow2", O_RDWR|O_CLOEXEC)
= -1 EACCES (Permission denied)
6557 sendmsg(13, {msg_name=N
1 - 100 of 6156 matches
Mail list logo
