[Desktop-packages] [Bug 2059756] Re: [SRU] adsys 0.14.1
** Description changed: [context] ADSys is a tool designed for administering and implementing Group Policy Objects (GPOs) from Active Directory on Linux systems. It includes a suite of services and commands that empower administrators to efficiently manage policy updates and maintain compliance with organizational business rules. Given that ADSys directly interfaces with Active Directory and needs to align with new business requirements in LTS releases, it has been essential to keep the package consistently updated with the latest changes of ADSys upstream source. As ADSys is a key component of our commercial offerings, our customers anticipate the availability of recently implemented features in the 22.04 release. Now that ADSys has a complete set of features, the request is to proceed with a one-off release of ADSys 0.14.1 to 22.04. Please note that any new features introduced in subsequent versions will be exclusively available in 24.04 and later releases. This version includes a comprehensive end to end automated test suite that runs ADSys against a real Active directory environment. Version 0.14.1 is available for 22.04 in a PPA (https://launchpad.net/~ubuntu-enterprise-desktop/+archive/ubuntu/adsys) and already used in production by customers. At this time of writing the number of open issues is 1 in Launchpad and 16 in GitHub including 6 enhancements. None of them have a high or critical importance. [references] LP: https://launchpad.net/ubuntu/+source/adsys LP Bugs: https://bugs.launchpad.net/ubuntu/+source/adsys GitHub: https://github.com/ubuntu/adsys/ GH Bugs: https://github.com/ubuntu/adsys/issues Documentation: https://canonical-adsys.readthedocs-hosted.com/en/stable/ Initial SRU discussion: https://lists.ubuntu.com/archives/ubuntu-release/2023-June/005650.html [changes] Full LP Changelog: https://launchpad.net/ubuntu/+source/adsys/+changelog * New features * New policies: - Add mount / network shares policy manager - Add AppArmor policy manager - Support multiple AD backends and implement Winbind support - Add system proxy policy manager - Add certificate policy manager for machines - Add adsysctl policy purge command to purge applied policies - Full documentation - Full end to end automated test suite. * Enhancements * Add a --machine / -m flag to adsysctl applied, indicating the policies applied to the current machine * Expose Ubuntu Pro status in the "status" command * Update scripts manager creation * List Pro policy types in service status output * Warn when Pro-only rules are configured * Use systemd via D-Bus instead of systemctl commands * Add placeholder notes for entry types * Rework Kerberos ticket handling logic to satisfy the Heimdal implementation of Kerberos * Rework policy application sync strategy * Print logs when policies are up to date * Update policy definitions to include dconf key for dark mode background * Infer user KRB5CCNAME path via the libkrb5 API (LP: #2049061) * Allow sssd backend to work without ad_domain being set (LP: #2054445) * Update apport hook to include journal errors and package logs * Bug fixes * Fix policy update failing when GPT.INI contains no version key * Fix object lookup for users having a FQDN as their hostname * Support special characters in domains when parsing sssd configuration * Fix DCONF_PROFILE not considering default_domain_suffix on sssd.conf * Ensure empty state for dconf policy * Handle case mismatches in GPT.INI file name * Ensure GPO URLs contain the FQDN of the domain controller * Add runtime dependency on nfs-common * Other * Updates to latest versions of Go (fixing known Go vulnerabilities) * Updates to latest versions of the Go dependencies * Updates and improvements to CI and QoL * Migrate translation support to native approach using go-i18n + gotext and switch to upstream gotext version Dependencies: * Build-dep: golang-go (>= 2:1.22~) * Dependencies to backport to 22.04: * golang-go >= 2:1.22 * ubuntu-proxy-manager (suggest. Required for Proxy support - feature will be disabled otherwise) * python3-cepces (suggest. Required for Certificates autoenrollment support - feature will be disabled otherwise) * Note: Both are currently in the new queue of 22.04 : https://launchpad.net/ubuntu/jammy/+queue?queue_state=0_text= [test plan] # Process Adsys follows a robust continuous integration and testing process. It is covered by a comprehensive automated tests suite (https://github.com/ubuntu/adsys/actions/workflows/qa.yaml) and an automated end to end test suite that runs in a real active directory environment (https://github.com/ubuntu/adsys/actions/workflows/e2e-tests.yaml). The team applied the following quality
[Desktop-packages] [Bug 2059756] Re: [SRU] adsys 0.14.1
** Description changed: [context] ADSys is a tool designed for administering and implementing Group Policy Objects (GPOs) from Active Directory on Linux systems. It includes a suite of services and commands that empower administrators to efficiently manage policy updates and maintain compliance with organizational business rules. Given that ADSys directly interfaces with Active Directory and needs to align with new business requirements in LTS releases, it has been essential to keep the package consistently updated with the latest changes of ADSys upstream source. As ADSys is a key component of our commercial offerings, our customers anticipate the availability of recently implemented features in the 22.04 release. Now that ADSys has a complete set of features, the request is to proceed with a one-off release of ADSys 0.14.1 to 22.04. Please note that any new features introduced in subsequent versions will be exclusively available in 24.04 and later releases. This version includes a comprehensive end to end automated test suite that runs ADSys against a real Active directory environment. Version 0.14.1 is available for 22.04 in a PPA (https://launchpad.net/~ubuntu-enterprise-desktop/+archive/ubuntu/adsys) and already used in production by customers. At this time of writing the number of open issues is 1 in Launchpad and 16 in GitHub including 6 enhancements. None of them have a high or critical importance. [references] LP: https://launchpad.net/ubuntu/+source/adsys LP Bugs: https://bugs.launchpad.net/ubuntu/+source/adsys GitHub: https://github.com/ubuntu/adsys/ GH Bugs: https://github.com/ubuntu/adsys/issues Documentation: https://canonical-adsys.readthedocs-hosted.com/en/stable/ Initial SRU discussion: https://lists.ubuntu.com/archives/ubuntu-release/2023-June/005650.html [changes] Full LP Changelog: https://launchpad.net/ubuntu/+source/adsys/+changelog * New features * New policies: - Add mount / network shares policy manager - Add AppArmor policy manager - Support multiple AD backends and implement Winbind support - Add system proxy policy manager - Add certificate policy manager for machines - Add adsysctl policy purge command to purge applied policies - Full documentation - Full end to end automated test suite. * Enhancements * Add a --machine / -m flag to adsysctl applied, indicating the policies applied to the current machine * Expose Ubuntu Pro status in the "status" command * Update scripts manager creation * List Pro policy types in service status output * Warn when Pro-only rules are configured * Use systemd via D-Bus instead of systemctl commands * Add placeholder notes for entry types * Rework Kerberos ticket handling logic to satisfy the Heimdal implementation of Kerberos * Rework policy application sync strategy * Print logs when policies are up to date * Update policy definitions to include dconf key for dark mode background * Infer user KRB5CCNAME path via the libkrb5 API (LP: #2049061) * Allow sssd backend to work without ad_domain being set (LP: #2054445) * Update apport hook to include journal errors and package logs * Bug fixes * Fix policy update failing when GPT.INI contains no version key * Fix object lookup for users having a FQDN as their hostname * Support special characters in domains when parsing sssd configuration * Fix DCONF_PROFILE not considering default_domain_suffix on sssd.conf * Ensure empty state for dconf policy * Handle case mismatches in GPT.INI file name * Ensure GPO URLs contain the FQDN of the domain controller * Add runtime dependency on nfs-common * Other * Updates to latest versions of Go (fixing known Go vulnerabilities) * Updates to latest versions of the Go dependencies * Updates and improvements to CI and QoL * Migrate translation support to native approach using go-i18n + gotext and switch to upstream gotext version Dependencies: * Build-dep: golang-go (>= 2:1.22~) * Dependencies to backport to 22.04: * golang-go >= 2:1.22 * ubuntu-proxy-manager (suggest. Required for Proxy support - feature will be disabled otherwise) * python3-cepces (suggest. Required for Certificates autoenrollment support - feature will be disabled otherwise) * Note: Both are currently in the new queue of 22.04 : https://launchpad.net/ubuntu/jammy/+queue?queue_state=0_text= [test plan] # Process Adsys follows a robust continuous integration and testing process. It is covered by a comprehensive automated tests suite (https://github.com/ubuntu/adsys/actions/workflows/qa.yaml) and an automated end to end test suite that runs in a real active directory environment (https://github.com/ubuntu/adsys/actions/workflows/e2e-tests.yaml). The team applied the following quality
[Desktop-packages] [Bug 2059756] Re: [SRU] adsys 0.14.1
** Changed in: golang-1.22 (Ubuntu) Status: New => Fix Released ** Description changed: [context] ADSys is a tool designed for administering and implementing Group Policy Objects (GPOs) from Active Directory on Linux systems. It includes a suite of services and commands that empower administrators to efficiently manage policy updates and maintain compliance with organizational business rules. Given that ADSys directly interfaces with Active Directory and needs to align with new business requirements in LTS releases, it has been essential to keep the package consistently updated with the latest changes of ADSys upstream source. As ADSys is a key component of our commercial offerings, our customers anticipate the availability of recently implemented features in the 22.04 release. Now that ADSys has a complete set of features, the request is to proceed with a one-off release of ADSys 0.14.1 to 22.04. Please note that any new features introduced in subsequent versions will be exclusively available in 24.04 and later releases. This version includes a comprehensive end to end automated test suite that runs ADSys against a real Active directory environment. Version 0.14.1 is available for 22.04 in a PPA (https://launchpad.net/~ubuntu-enterprise-desktop/+archive/ubuntu/adsys) and already used in production by customers. At this time of writing the number of open issues is 1 in Launchpad and 16 in GitHub including 6 enhancements. None of them have a high or critical importance. [references] LP: https://launchpad.net/ubuntu/+source/adsys LP Bugs: https://bugs.launchpad.net/ubuntu/+source/adsys GitHub: https://github.com/ubuntu/adsys/ GH Bugs: https://github.com/ubuntu/adsys/issues Documentation: https://canonical-adsys.readthedocs-hosted.com/en/stable/ Initial SRU discussion: https://lists.ubuntu.com/archives/ubuntu-release/2023-June/005650.html [changes] Full LP Changelog: https://launchpad.net/ubuntu/+source/adsys/+changelog * New features * New policies: - Add mount / network shares policy manager - Add AppArmor policy manager - Support multiple AD backends and implement Winbind support - Add system proxy policy manager - Add certificate policy manager for machines - Add adsysctl policy purge command to purge applied policies - Full documentation - Full end to end automated test suite. * Enhancements * Add a --machine / -m flag to adsysctl applied, indicating the policies applied to the current machine * Expose Ubuntu Pro status in the "status" command * Update scripts manager creation * List Pro policy types in service status output * Warn when Pro-only rules are configured * Use systemd via D-Bus instead of systemctl commands * Add placeholder notes for entry types * Rework Kerberos ticket handling logic to satisfy the Heimdal implementation of Kerberos * Rework policy application sync strategy * Print logs when policies are up to date * Update policy definitions to include dconf key for dark mode background * Infer user KRB5CCNAME path via the libkrb5 API (LP: #2049061) * Allow sssd backend to work without ad_domain being set (LP: #2054445) * Update apport hook to include journal errors and package logs * Bug fixes * Fix policy update failing when GPT.INI contains no version key * Fix object lookup for users having a FQDN as their hostname * Support special characters in domains when parsing sssd configuration * Fix DCONF_PROFILE not considering default_domain_suffix on sssd.conf * Ensure empty state for dconf policy * Handle case mismatches in GPT.INI file name * Ensure GPO URLs contain the FQDN of the domain controller * Add runtime dependency on nfs-common * Other * Updates to latest versions of Go (fixing known Go vulnerabilities) * Updates to latest versions of the Go dependencies * Updates and improvements to CI and QoL * Migrate translation support to native approach using go-i18n + gotext and switch to upstream gotext version Dependencies: * Build-dep: golang-go (>= 2:1.22~) * Dependencies to backport to 22.04: - * golang-go >= 2:1.22 + * golang-go >= 2:1.22 * ubuntu-proxy-manager (suggest. Required for Proxy support - feature will be disabled otherwise) * python3-cepces (suggest. Required for Certificates autoenrollment support - feature will be disabled otherwise) * Note: Both are currently in the new queue of 22.04 : https://launchpad.net/ubuntu/jammy/+queue?queue_state=0_text= - [test plan] # Process Adsys follows a robust continuous integration and testing process. It is covered by a comprehensive automated tests suite (https://github.com/ubuntu/adsys/actions/workflows/qa.yaml) and an automated end to end test suite that runs in a real active directory environment
[Desktop-packages] [Bug 2061850] Re: Can't authenticate in TTY after installing authd, but sudo works
The issue had been identified to be in GDM. ** Package changed: authd (Ubuntu) => gdm3 (Ubuntu) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gdm3 in Ubuntu. https://bugs.launchpad.net/bugs/2061850 Title: Can't authenticate in TTY after installing authd, but sudo works Status in gdm3 package in Ubuntu: New Bug description: In Ubuntu Noble, I install authd 0.2.1, switch to a different TTY and try to log in. I enter my user name and I am asked > Select your provider > > 1: local I click and am asked for the password. After entering it I expect to eventually get a shell, but after installing Authd I can wait minutes and end up with nothing (as if it were validating the password). If I enter wrong credentials I get "login incorrect" and a new user name prompt, which is the correct behavior. I get the same question asked when using 'sudo' but there it works. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/2061850/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2048781] Re: [MIR] authd
We decided to remove the authd package in noble for the time being. The current implementation (in particular the one in the PAM module) is not up to our standard in terms of quality and what we are confortable to support in the long term. Rather than releasing as is and having risky SRUs in the future changing a large part of the implementation, we decided against this and rather polishing the code, securing it, adding even more tests and releasing all that as a new package SRUed to the 24.04 LTS in the coming months. That way, we won’t risk to regress any potential users and we will use an architecture we are more confortable supporting for the next 5/10 years of the LTS release. It means that when we reintroduce it, we will rerequest a new MIR too as the PAM module will largely change and we want to ensure we follow the process and quality standard we expect for the Ubuntu distribution. ** Changed in: authd (Ubuntu) Status: In Progress => Won't Fix -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to authd in Ubuntu. https://bugs.launchpad.net/bugs/2048781 Title: [MIR] authd Status in authd package in Ubuntu: Won't Fix Bug description: [Availability] - The package authd is already in Ubuntu universe. - The package authd build for the architectures it is designed to work on. - It currently builds and works for architectures: amd64, arm64, armhf, ppc64el, riscv64, s390x - Link to package https://launchpad.net/ubuntu/+source/authd [Rationale] - Authd is the foundation for cloud-based authentication and MFA support on Ubuntu and identity providers such as Open ID connect or Microsoft Azure / Entra ID. This package also enables partners to create their own authentication brokers. - The package authd is required to be in main for enabling cloud authentication at provisioning time. - The package authd will generally be useful for corporate users. - No package in main or universe currently offers cloud authentication capabilities. - The target release is the next LTS 24.04 LTS. [Security] - This is a new software developed and maintained by Canonical. It has no security history. - No CVEs/security issues in this software in the past (There are false positives. authd is an authentication daemon for Junos and VMWare): - (0) https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=authd - (0) https://ubuntu.com/security/cves?q==authd - (0) https://security-tracker.debian.org/tracker/source-package/authd - no `suid` or `sgid` binaries - Package does install a dpkg trigger on /usr/lib/linux/efi - Packages does not open privileged ports (ports < 1024) - Packages does not contain extensions to security-sensitive software - It installs a service in /usr/sbin/authd, running as root. The service has some systemd confinement. - It installs a PAM module - It installs an NSS module. - Communication between authd and its brokers is done over DBus - Communication between the pam/nss module and authd are done over a local DBus socket (socket activated service), using grpc. - Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing systemd isolation features, cache directory permissions are 0700, cache file permissions are 0600. - /!\ This requires a security review. [Quality assurance - function/usage] - The package needs post install configuration and reading of documentation. - There isn't a safe default because the administrator must configure the selected authentication broker corresponding to their identity providers. - Once installed without additional configuration, PAM requests are ignored by authd. [Quality assurance - maintenance] - The Ubuntu Desktop team (~desktop-packages) maintains this package. It doesn’t have any long-term and critical, open bugs: - https://github.com/ubuntu/authd/issues - https://bugs.launchpad.net/ubuntu/+source/authd [Quality assurance - testing] - There is a comprehensive, non-trivial, testsuite. The testsuite includes integration and functional tests. - The testsuite runs at build time. The branch coverage is 89%: - https://github.com/ubuntu/authd/actions/workflows/qa.yaml?query=branch%3Amain - https://app.codecov.io/gh/ubuntu/authd - The same test suite runs as autopkgtest. It is passing on all supported architectures. Links to test logs: - https://launchpadlibrarian.net/701470374/buildlog_ubuntu-noble-amd64.authd_0.1_BUILDING.txt.gz - arm64 tests are flaky due to a Rust regression that makes the build very slow and timing out. - Currently, autopkgtests and package build are skipping integration tests (because it needs a VHS binary). We are working on bringing it before the 24.04 release with a mock ttyd so that we can run them there too. - Upstream CI also includes code sanity checks (golangci-lint, including gosec) and
[Desktop-packages] [Bug 2060546] Re: [FFe] Update authd to current version
We decided to remove the authd package in noble for the time being. The current implementation (in particular the one in the PAM module) is not up to our standard in terms of quality and what we are confortable to support in the long term. Rather than releasing as is and having risky SRUs in the future changing a large part of the implementation, we decided against this and rather polishing the code, securing it, adding even more tests and releasing all that as a new package SRUed to the 24.04 LTS in the coming months. That way, we won’t risk to regress any potential users and we will use an architecture we are more confortable supporting for the next 5/10 years of the LTS release. It means that when we reintroduce it, we will rerequest a new MIR too as the PAM module will largely change and we want to ensure we follow the process and quality standard we expect for the Ubuntu distribution. ** Changed in: authd (Ubuntu) Status: Triaged => Won't Fix -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to authd in Ubuntu. https://bugs.launchpad.net/bugs/2060546 Title: [FFe] Update authd to current version Status in authd package in Ubuntu: Won't Fix Bug description: Authd is a new package in noble, in universe. This package is not shipped by default, we made many improvements and fixes in the current version. We don’t plan to seed it this release, despite the MIR being approved. Update contains a lot of vendoring updates, and code changes (using a C wrapper to wrap around the Go code in the PAM module to fix some instability), multiple thousands of line due to the C wrapper in particular. The diff itself will not be meaningful. Part of meaningful fixes are the default group being added and ssh precheck API. Full changelog is available at https://github.com/ubuntu/authd/pull/237/files. It also fixes a vulnerability by depending on latest Go and latest x/net/http. This is the code level we are testing and relying on. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/authd/+bug/2060546/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2052495] Re: [MIR] wsl-pro-service
The last security request (having per user certificate to secure the gRPC communication so that they can’t be hijacked cross-users) is now addressed with 0.1.4 with many other enhancements fixing some recommended TODOs. I’m proceeding thus with the promotion. ** Changed in: wsl-pro-service (Ubuntu Noble) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to wsl-pro-service in Ubuntu. https://bugs.launchpad.net/bugs/2052495 Title: [MIR] wsl-pro-service Status in wsl-pro-service package in Ubuntu: Fix Released Status in wsl-pro-service source package in Focal: New Status in wsl-pro-service source package in Jammy: New Status in wsl-pro-service source package in Noble: Fix Released Bug description: [Availability] The package wsl-pro-service is already available in Ubuntu universe. The package wsl-pro-service build for the architectures it is designed to work on. It currently builds and works for architectures: amd64, arm64, armhf, ppc64el, riscv64, s390x Link to package https://launchpad.net/ubuntu/+source/wsl-pro-service [Rationale] Ubuntu Pro for WSL is a set of applications to manage Ubuntu WSL instances, grant them Pro status, orchestrate instances from Landscape and manage their lifecycle. Wsl-pro-service serves as a bridge between the agent running on Windows and Ubuntu instances. It controls the Pro and Landscape status. The package wsl-pro-service is required to be in main to seed it by default on WSL images. The package wsl-pro-service will generally be useful for corporate users. No package in main or universe currently offers these capabilities. The target release is all the LTS releases from 20.04 onwards. [Security] This is a new software developed and maintained by Canonical. It has no security history. It is a new software and no CVEs/security issues in this software in the past. - no `suid` or `sgid` binaries - The package installs a systemd service called wsl-pro-service - It installs a service in /usr/libexec/wsl-pro-service, running as root. The service has some systemd confinement. - Packages does not open privileged ports (ports < 1024) - Packages does not contain extensions to security-sensitive software - Communication between wsl-pro-service and the agent running on Windows is done over gRPC. - Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing systemd isolation features. *This requires a security review.* [Quality assurance - function/usage] The package works well right after installation. [Quality assurance - maintenance] The Ubuntu Desktop team (~desktop-packages) maintains this package. It doesn’t have any long-term and critical, open bugs: - https://github.com/canonical/ubuntu-pro-for-windows/issues - https://bugs.launchpad.net/ubuntu/+source/wsl-pro-service [Quality assurance - testing] There is a comprehensive, non-trivial, testsuite. The testsuite includes integration and functional tests. The testsuite runs at build time. The branch coverage is over 88%: - https://github.com/canonical/ubuntu-pro-for-windows/actions/workflows/qa.yaml?query=branch%3Amain - https://app.codecov.io/gh/canonical/ubuntu-pro-for-wsl The same test suite runs as autopkgtest. It is passing on all supported architectures. Links to test logs: - https://autopkgtest.ubuntu.com/packages/wsl-pro-service Upstream CI also includes code sanity checks (golangci-lint, including gosec) and vulnerability scanning (govulneck). [Quality assurance - packaging] - There is no debian/watch because wsl-pro-service is a native package. - debian/control defines a correct Maintainer field: - Maintainer: Ubuntu Developers This package does not yield massive lintian Warnings, Errors ``` W: wsl-pro-service: no-manual-page [usr/libexec/wsl-pro-service] ``` Full output from `lintian --pedantic`: ``` W: wsl-pro-service: no-manual-page [usr/libexec/wsl-pro-service] ``` - Lintian overrides are not present. - This package does not rely on obsolete or about to be demoted packages. - This package has no python2 or GTK2 dependencies - The package will be installed by default but does not ask debconf questions. Packaging and build is easy: - https://github.com/canonical/ubuntu-pro-for-windows/blob/main/wsl-pro-service/debian/rules [UI standards] Application is not end-user facing. However some strings are translatable and used for error messages via standard intltool/gettext or similar build and runtime internationalization system: The system for internationalization is in place of the project and the mo and po files are generated. It’s a question of taking the time to mark the appropriate strings for translations. It is a background service. Strings are used for logging and are not immediately
[Desktop-packages] [Bug 2062133] Re: Migration to the snap issues
yeah, informing the user will go a long way IMHO! -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/2062133 Title: Migration to the snap issues Status in thunderbird package in Ubuntu: In Progress Bug description: After migrating to the snap, I noticed the following: - the launcher icon disappeared (I guess it’s because the .desktop file is now "thunderbird_thunderbird.desktop" - the snap migration took a good 5 minutes on my machine (I guess it’s the copy of the email folder), without any feedbacks that something is happening if you don’t look at ps output. You don’t have any visual feedback about the migration and we should have a progress window (maybe zenity?) to reassure on this one time transition - all unread emails triggered notification (I guess it’s because the state is considered "New") on any folders. - I know have 2 15G folders now: ~/snap/thunderbird/common/ and ~/.thunderbird. I think the latter was the old one which is unused right now and it should be cleaned up after the migration to the snap? ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: thunderbird 2:1snap1-0ubuntu1 ProcVersionSignature: Ubuntu 6.8.0-11.11-generic 6.8.0-rc4 Uname: Linux 6.8.0-11-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia zfs ApportVersion: 2.28.0-0ubuntu1 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME Date: Thu Apr 18 09:28:35 2024 InstallationDate: Installed on 2020-04-24 (1455 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) SnapChanges: Identifiant État DescendancePrêt Résumé 700 Done 2024-04-18T09:06:12+02:00 2024-04-18T09:07:34+02:00 Installer le paquet Snap "thunderbird" SourcePackage: thunderbird UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/2062133/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2062133] [NEW] Migration to the snap issues
Public bug reported: After migrating to the snap, I noticed the following: - the launcher icon disappeared (I guess it’s because the .desktop file is now "thunderbird_thunderbird.desktop" - the snap migration took a good 5 minutes on my machine (I guess it’s the copy of the email folder), without any feedbacks that something is happening if you don’t look at ps output. You don’t have any visual feedback about the migration and we should have a progress window (maybe zenity?) to reassure on this one time transition - all unread emails triggered notification (I guess it’s because the state is considered "New") on any folders. - I know have 2 15G folders now: ~/snap/thunderbird/common/ and ~/.thunderbird. I think the latter was the old one which is unused right now and it should be cleaned up after the migration to the snap? ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: thunderbird 2:1snap1-0ubuntu1 ProcVersionSignature: Ubuntu 6.8.0-11.11-generic 6.8.0-rc4 Uname: Linux 6.8.0-11-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia zfs ApportVersion: 2.28.0-0ubuntu1 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME Date: Thu Apr 18 09:28:35 2024 InstallationDate: Installed on 2020-04-24 (1455 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) SnapChanges: Identifiant État DescendancePrêt Résumé 700 Done 2024-04-18T09:06:12+02:00 2024-04-18T09:07:34+02:00 Installer le paquet Snap "thunderbird" SourcePackage: thunderbird UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: thunderbird (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug noble -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to thunderbird in Ubuntu. https://bugs.launchpad.net/bugs/2062133 Title: Migration to the snap issues Status in thunderbird package in Ubuntu: New Bug description: After migrating to the snap, I noticed the following: - the launcher icon disappeared (I guess it’s because the .desktop file is now "thunderbird_thunderbird.desktop" - the snap migration took a good 5 minutes on my machine (I guess it’s the copy of the email folder), without any feedbacks that something is happening if you don’t look at ps output. You don’t have any visual feedback about the migration and we should have a progress window (maybe zenity?) to reassure on this one time transition - all unread emails triggered notification (I guess it’s because the state is considered "New") on any folders. - I know have 2 15G folders now: ~/snap/thunderbird/common/ and ~/.thunderbird. I think the latter was the old one which is unused right now and it should be cleaned up after the migration to the snap? ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: thunderbird 2:1snap1-0ubuntu1 ProcVersionSignature: Ubuntu 6.8.0-11.11-generic 6.8.0-rc4 Uname: Linux 6.8.0-11-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia zfs ApportVersion: 2.28.0-0ubuntu1 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME Date: Thu Apr 18 09:28:35 2024 InstallationDate: Installed on 2020-04-24 (1455 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) SnapChanges: Identifiant État DescendancePrêt Résumé 700 Done 2024-04-18T09:06:12+02:00 2024-04-18T09:07:34+02:00 Installer le paquet Snap "thunderbird" SourcePackage: thunderbird UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/2062133/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2061079] Re: GTK-ngl (new default backend) rendering issues with the nvidia 470 driver
Confirming that it’s fixed on the same machine with 550. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gtk4 in Ubuntu. https://bugs.launchpad.net/bugs/2061079 Title: GTK-ngl (new default backend) rendering issues with the nvidia 470 driver Status in GTK+: New Status in gtk4 package in Ubuntu: In Progress Status in nvidia-graphics-drivers-470 package in Ubuntu: Confirmed Status in nvidia-graphics-drivers-535 package in Ubuntu: Invalid Status in nvidia-graphics-drivers-545 package in Ubuntu: Invalid Bug description: With nvidia driver, all GTK4 applications have label rendering issues. They are not refresh until passing the cursor over them, giving blank windows. The corner are white and not themed. Passing from one app scren to another one reproduces the issue. gnome-control-center or files, for instance, are blank by default. As suggested by seb128, exporting GSK_RENDERER=gl fixes the issue. Related upstream bugs and discussions are: - https://blog.gtk.org/2024/01/28/new-renderers-for-gtk/ - https://gitlab.gnome.org/GNOME/gtk/-/issues/6574 - https://gitlab.gnome.org/GNOME/gtk/-/issues/6411 - https://gitlab.gnome.org/GNOME/gtk/-/issues/6542 -- $ glxinfo name of display: :1 display: :1 screen: 0 direct rendering: Yes server glx vendor string: NVIDIA Corporation server glx version string: 1.4 server glx extensions: GLX_ARB_context_flush_control, GLX_ARB_create_context, GLX_ARB_create_context_no_error, GLX_ARB_create_context_profile, GLX_ARB_create_context_robustness, GLX_ARB_fbconfig_float, GLX_ARB_multisample, GLX_EXT_buffer_age, GLX_EXT_create_context_es2_profile, GLX_EXT_create_context_es_profile, GLX_EXT_framebuffer_sRGB, GLX_EXT_import_context, GLX_EXT_libglvnd, GLX_EXT_stereo_tree, GLX_EXT_swap_control, GLX_EXT_swap_control_tear, GLX_EXT_texture_from_pixmap, GLX_EXT_visual_info, GLX_EXT_visual_rating, GLX_NV_copy_image, GLX_NV_delay_before_swap, GLX_NV_float_buffer, GLX_NV_multigpu_context, GLX_NV_robustness_video_memory_purge, GLX_SGIX_fbconfig, GLX_SGIX_pbuffer, GLX_SGI_swap_control, GLX_SGI_video_sync client glx vendor string: NVIDIA Corporation client glx version string: 1.4 client glx extensions: GLX_ARB_context_flush_control, GLX_ARB_create_context, GLX_ARB_create_context_no_error, GLX_ARB_create_context_profile, GLX_ARB_create_context_robustness, GLX_ARB_fbconfig_float, GLX_ARB_get_proc_address, GLX_ARB_multisample, GLX_EXT_buffer_age, GLX_EXT_create_context_es2_profile, GLX_EXT_create_context_es_profile, GLX_EXT_fbconfig_packed_float, GLX_EXT_framebuffer_sRGB, GLX_EXT_import_context, GLX_EXT_stereo_tree, GLX_EXT_swap_control, GLX_EXT_swap_control_tear, GLX_EXT_texture_from_pixmap, GLX_EXT_visual_info, GLX_EXT_visual_rating, GLX_NV_copy_buffer, GLX_NV_copy_image, GLX_NV_delay_before_swap, GLX_NV_float_buffer, GLX_NV_multigpu_context, GLX_NV_multisample_coverage, GLX_NV_robustness_video_memory_purge, GLX_NV_swap_group, GLX_SGIX_fbconfig, GLX_SGIX_pbuffer, GLX_SGI_swap_control, GLX_SGI_video_sync GLX version: 1.4 GLX extensions: GLX_ARB_context_flush_control, GLX_ARB_create_context, GLX_ARB_create_context_no_error, GLX_ARB_create_context_profile, GLX_ARB_create_context_robustness, GLX_ARB_fbconfig_float, GLX_ARB_get_proc_address, GLX_ARB_multisample, GLX_EXT_buffer_age, GLX_EXT_create_context_es2_profile, GLX_EXT_create_context_es_profile, GLX_EXT_framebuffer_sRGB, GLX_EXT_import_context, GLX_EXT_stereo_tree, GLX_EXT_swap_control, GLX_EXT_swap_control_tear, GLX_EXT_texture_from_pixmap, GLX_EXT_visual_info, GLX_EXT_visual_rating, GLX_NV_copy_image, GLX_NV_delay_before_swap, GLX_NV_float_buffer, GLX_NV_multigpu_context, GLX_NV_robustness_video_memory_purge, GLX_SGIX_fbconfig, GLX_SGIX_pbuffer, GLX_SGI_swap_control, GLX_SGI_video_sync Memory info (GL_NVX_gpu_memory_info): Dedicated video memory: 4096 MB Total available memory: 4096 MB Currently available dedicated video memory: 3041 MB OpenGL vendor string: NVIDIA Corporation OpenGL renderer string: NVIDIA GeForce GTX 1050/PCIe/SSE2 OpenGL core profile version string: 4.6.0 NVIDIA 470.239.06 OpenGL core profile shading language version string: 4.60 NVIDIA OpenGL core profile context flags: (none) OpenGL core profile profile mask: core profile OpenGL core profile extensions: GL_AMD_multi_draw_indirect, GL_AMD_seamless_cubemap_per_texture, GL_AMD_vertex_shader_layer, GL_AMD_vertex_shader_viewport_index, GL_ARB_ES2_compatibility, GL_ARB_ES3_1_compatibility, GL_ARB_ES3_2_compatibility, GL_ARB_ES3_compatibility, GL_ARB_arrays_of_arrays, GL_ARB_base_instance,
[Desktop-packages] [Bug 2061079] [NEW] Rendering issues on text with nvidia driver
Public bug reported: With nvidia driver, all GTK4 applications have label rendering issues. They are not refresh until passing the cursor over them, giving blank windows. The corner are white and not themed. Passing from one app scren to another one reproduces the issue. gnome-control-center or files, for instance, are blank by default. As suggested by seb128, exporting GSK_RENDERER=gl fixes the issue. Related upstream bugs and discussions are: - https://blog.gtk.org/2024/01/28/new-renderers-for-gtk/ - https://gitlab.gnome.org/GNOME/gtk/-/issues/6574 - https://gitlab.gnome.org/GNOME/gtk/-/issues/6411 - https://gitlab.gnome.org/GNOME/gtk/-/issues/6542 -- $ glxinfo name of display: :1 display: :1 screen: 0 direct rendering: Yes server glx vendor string: NVIDIA Corporation server glx version string: 1.4 server glx extensions: GLX_ARB_context_flush_control, GLX_ARB_create_context, GLX_ARB_create_context_no_error, GLX_ARB_create_context_profile, GLX_ARB_create_context_robustness, GLX_ARB_fbconfig_float, GLX_ARB_multisample, GLX_EXT_buffer_age, GLX_EXT_create_context_es2_profile, GLX_EXT_create_context_es_profile, GLX_EXT_framebuffer_sRGB, GLX_EXT_import_context, GLX_EXT_libglvnd, GLX_EXT_stereo_tree, GLX_EXT_swap_control, GLX_EXT_swap_control_tear, GLX_EXT_texture_from_pixmap, GLX_EXT_visual_info, GLX_EXT_visual_rating, GLX_NV_copy_image, GLX_NV_delay_before_swap, GLX_NV_float_buffer, GLX_NV_multigpu_context, GLX_NV_robustness_video_memory_purge, GLX_SGIX_fbconfig, GLX_SGIX_pbuffer, GLX_SGI_swap_control, GLX_SGI_video_sync client glx vendor string: NVIDIA Corporation client glx version string: 1.4 client glx extensions: GLX_ARB_context_flush_control, GLX_ARB_create_context, GLX_ARB_create_context_no_error, GLX_ARB_create_context_profile, GLX_ARB_create_context_robustness, GLX_ARB_fbconfig_float, GLX_ARB_get_proc_address, GLX_ARB_multisample, GLX_EXT_buffer_age, GLX_EXT_create_context_es2_profile, GLX_EXT_create_context_es_profile, GLX_EXT_fbconfig_packed_float, GLX_EXT_framebuffer_sRGB, GLX_EXT_import_context, GLX_EXT_stereo_tree, GLX_EXT_swap_control, GLX_EXT_swap_control_tear, GLX_EXT_texture_from_pixmap, GLX_EXT_visual_info, GLX_EXT_visual_rating, GLX_NV_copy_buffer, GLX_NV_copy_image, GLX_NV_delay_before_swap, GLX_NV_float_buffer, GLX_NV_multigpu_context, GLX_NV_multisample_coverage, GLX_NV_robustness_video_memory_purge, GLX_NV_swap_group, GLX_SGIX_fbconfig, GLX_SGIX_pbuffer, GLX_SGI_swap_control, GLX_SGI_video_sync GLX version: 1.4 GLX extensions: GLX_ARB_context_flush_control, GLX_ARB_create_context, GLX_ARB_create_context_no_error, GLX_ARB_create_context_profile, GLX_ARB_create_context_robustness, GLX_ARB_fbconfig_float, GLX_ARB_get_proc_address, GLX_ARB_multisample, GLX_EXT_buffer_age, GLX_EXT_create_context_es2_profile, GLX_EXT_create_context_es_profile, GLX_EXT_framebuffer_sRGB, GLX_EXT_import_context, GLX_EXT_stereo_tree, GLX_EXT_swap_control, GLX_EXT_swap_control_tear, GLX_EXT_texture_from_pixmap, GLX_EXT_visual_info, GLX_EXT_visual_rating, GLX_NV_copy_image, GLX_NV_delay_before_swap, GLX_NV_float_buffer, GLX_NV_multigpu_context, GLX_NV_robustness_video_memory_purge, GLX_SGIX_fbconfig, GLX_SGIX_pbuffer, GLX_SGI_swap_control, GLX_SGI_video_sync Memory info (GL_NVX_gpu_memory_info): Dedicated video memory: 4096 MB Total available memory: 4096 MB Currently available dedicated video memory: 3041 MB OpenGL vendor string: NVIDIA Corporation OpenGL renderer string: NVIDIA GeForce GTX 1050/PCIe/SSE2 OpenGL core profile version string: 4.6.0 NVIDIA 470.239.06 OpenGL core profile shading language version string: 4.60 NVIDIA OpenGL core profile context flags: (none) OpenGL core profile profile mask: core profile OpenGL core profile extensions: GL_AMD_multi_draw_indirect, GL_AMD_seamless_cubemap_per_texture, GL_AMD_vertex_shader_layer, GL_AMD_vertex_shader_viewport_index, GL_ARB_ES2_compatibility, GL_ARB_ES3_1_compatibility, GL_ARB_ES3_2_compatibility, GL_ARB_ES3_compatibility, GL_ARB_arrays_of_arrays, GL_ARB_base_instance, GL_ARB_bindless_texture, GL_ARB_blend_func_extended, GL_ARB_buffer_storage, GL_ARB_clear_buffer_object, GL_ARB_clear_texture, GL_ARB_clip_control, GL_ARB_color_buffer_float, GL_ARB_compressed_texture_pixel_storage, GL_ARB_compute_shader, GL_ARB_compute_variable_group_size, GL_ARB_conditional_render_inverted, GL_ARB_conservative_depth, GL_ARB_copy_buffer, GL_ARB_copy_image, GL_ARB_cull_distance, GL_ARB_debug_output, GL_ARB_depth_buffer_float, GL_ARB_depth_clamp, GL_ARB_depth_texture, GL_ARB_derivative_control, GL_ARB_direct_state_access, GL_ARB_draw_buffers, GL_ARB_draw_buffers_blend, GL_ARB_draw_elements_base_vertex, GL_ARB_draw_indirect, GL_ARB_draw_instanced, GL_ARB_enhanced_layouts,
[Desktop-packages] [Bug 2060548] Re: [FFe] Update and seed wsl-pro-service in the WSL images
** Summary changed: - Update and seed wsl-pro-service in the WSL images + [FFe] Update and seed wsl-pro-service in the WSL images ** Description changed: This is a new package for this release. It’s only functional with a Windows agent which is not publically released and under beta for now. As the end of the beta will be after the 24.04 release, we want to get as close as possible to the current code level, knowing that current code will still certainly grow feature-wise once with the Beta user feedback. However, having it seeded (the MIR is approved and security issues fixed but the certificate one, which has been discussed as minor for now) with the current code level will be great to diminish the diff when the SRU that will be needed then. The impact is on existing non beta users (and beta users are using a ppa with the ppa containing the current code level). Current diff is large as the development is very active and won’t really provide anything more. Note that it contains also a packaging change to fix bug #2057651. + + It also fixes a vulnerability by depending on latest Go and latest + x/net/http. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-meta in Ubuntu. https://bugs.launchpad.net/bugs/2060548 Title: [FFe] Update and seed wsl-pro-service in the WSL images Status in ubuntu-meta package in Ubuntu: New Status in wsl-pro-service package in Ubuntu: New Bug description: This is a new package for this release. It’s only functional with a Windows agent which is not publically released and under beta for now. As the end of the beta will be after the 24.04 release, we want to get as close as possible to the current code level, knowing that current code will still certainly grow feature-wise once with the Beta user feedback. However, having it seeded (the MIR is approved and security issues fixed but the certificate one, which has been discussed as minor for now) with the current code level will be great to diminish the diff when the SRU that will be needed then. The impact is on existing non beta users (and beta users are using a ppa with the ppa containing the current code level). Current diff is large as the development is very active and won’t really provide anything more. Note that it contains also a packaging change to fix bug #2057651. It also fixes a vulnerability by depending on latest Go and latest x/net/http. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/2060548/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2060548] [NEW] Update and seed wsl-pro-service in the WSL images
Public bug reported: This is a new package for this release. It’s only functional with a Windows agent which is not publically released and under beta for now. As the end of the beta will be after the 24.04 release, we want to get as close as possible to the current code level, knowing that current code will still certainly grow feature-wise once with the Beta user feedback. However, having it seeded (the MIR is approved and security issues fixed but the certificate one, which has been discussed as minor for now) with the current code level will be great to diminish the diff when the SRU that will be needed then. The impact is on existing non beta users (and beta users are using a ppa with the ppa containing the current code level). Current diff is large as the development is very active and won’t really provide anything more. Note that it contains also a packaging change to fix bug #2057651. ** Affects: ubuntu-meta (Ubuntu) Importance: Undecided Status: New ** Affects: wsl-pro-service (Ubuntu) Importance: Undecided Status: New ** Also affects: ubuntu-meta (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to wsl-pro-service in Ubuntu. https://bugs.launchpad.net/bugs/2060548 Title: Update and seed wsl-pro-service in the WSL images Status in ubuntu-meta package in Ubuntu: New Status in wsl-pro-service package in Ubuntu: New Bug description: This is a new package for this release. It’s only functional with a Windows agent which is not publically released and under beta for now. As the end of the beta will be after the 24.04 release, we want to get as close as possible to the current code level, knowing that current code will still certainly grow feature-wise once with the Beta user feedback. However, having it seeded (the MIR is approved and security issues fixed but the certificate one, which has been discussed as minor for now) with the current code level will be great to diminish the diff when the SRU that will be needed then. The impact is on existing non beta users (and beta users are using a ppa with the ppa containing the current code level). Current diff is large as the development is very active and won’t really provide anything more. Note that it contains also a packaging change to fix bug #2057651. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/2060548/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2060546] [NEW] Update authd to current version
Public bug reported: Authd is a new package in noble, in universe. This package is not shipped by default, we made many improvements and fixes in the current version. We don’t plan to seed it this release, despite the MIR being approved. Update contains a lot of vendoring updates, and code changes (using a C wrapper to wrap around the Go code in the PAM module to fix some instability), multiple thousands of line due to the C wrapper in particular. The diff itself will not be meaningful. Part of meaningful fixes are the default group being added and ssh precheck API. Full changelog is available at https://github.com/ubuntu/authd/pull/237/files. This is the code level we are testing and relying on. ** Affects: authd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to authd in Ubuntu. https://bugs.launchpad.net/bugs/2060546 Title: Update authd to current version Status in authd package in Ubuntu: New Bug description: Authd is a new package in noble, in universe. This package is not shipped by default, we made many improvements and fixes in the current version. We don’t plan to seed it this release, despite the MIR being approved. Update contains a lot of vendoring updates, and code changes (using a C wrapper to wrap around the Go code in the PAM module to fix some instability), multiple thousands of line due to the C wrapper in particular. The diff itself will not be meaningful. Part of meaningful fixes are the default group being added and ssh precheck API. Full changelog is available at https://github.com/ubuntu/authd/pull/237/files. This is the code level we are testing and relying on. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/authd/+bug/2060546/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2060273] [NEW] secondary users are not listed in polkit graphical prompt
Public bug reported: Tested with 124-1ubuntu1 on noble 1. Create 3 users on the machine: - sudo-user1, part of sudo group - sudo-user2, part of sudo group - normal-user, not part of the sudo group 2. Login with normal-user 3. Try to execute pkexec or any other command prompting for polkit -> only sudo-user1 password auth is proposed, before, we had a listbox to select all eligible user 4. Remove sudo-user1 5. Try pkexec again: -> now sudo-user2 is proposed, showing that the configuration for this user is correct. It seems that only the first "admin" of the machine is taken into account. However, as normal-user, I may not have sudo-user1 around, but only sudo-user2. ** Affects: policykit-1 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to policykit-1 in Ubuntu. https://bugs.launchpad.net/bugs/2060273 Title: secondary users are not listed in polkit graphical prompt Status in policykit-1 package in Ubuntu: New Bug description: Tested with 124-1ubuntu1 on noble 1. Create 3 users on the machine: - sudo-user1, part of sudo group - sudo-user2, part of sudo group - normal-user, not part of the sudo group 2. Login with normal-user 3. Try to execute pkexec or any other command prompting for polkit -> only sudo-user1 password auth is proposed, before, we had a listbox to select all eligible user 4. Remove sudo-user1 5. Try pkexec again: -> now sudo-user2 is proposed, showing that the configuration for this user is correct. It seems that only the first "admin" of the machine is taken into account. However, as normal-user, I may not have sudo-user1 around, but only sudo-user2. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/2060273/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2037270] [NEW] No PAM module is shipped in mantic
Public bug reported: Due to an issue in using multiple tags introduced in 0.12, the PAM module was not generated, and thus, shipped by the debian package anymore. ** Affects: adsys (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/2037270 Title: No PAM module is shipped in mantic Status in adsys package in Ubuntu: New Bug description: Due to an issue in using multiple tags introduced in 0.12, the PAM module was not generated, and thus, shipped by the debian package anymore. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/2037270/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2037271] [NEW] No pot file extraction when using multiple lines
Public bug reported: Upstream C gettext does not extract successfully the strings mark up for translation when they are on multiple lines. Switch to our go-i18n module to achieve this. ** Affects: adsys (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/2037271 Title: No pot file extraction when using multiple lines Status in adsys package in Ubuntu: New Bug description: Upstream C gettext does not extract successfully the strings mark up for translation when they are on multiple lines. Switch to our go-i18n module to achieve this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/2037271/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2007710] Re: [MIR] gnome-shell-extension-tiling-assistant
Override component to main gnome-shell-extension-tiling-assistant 39-3ubuntu2 in mantic: universe/gnome -> main gnome-shell-extension-ubuntu-tiling-assistant 39-3ubuntu2 in mantic amd64: universe/gnome/optional/100% -> main gnome-shell-extension-ubuntu-tiling-assistant 39-3ubuntu2 in mantic arm64: universe/gnome/optional/100% -> main gnome-shell-extension-ubuntu-tiling-assistant 39-3ubuntu2 in mantic armhf: universe/gnome/optional/100% -> main gnome-shell-extension-ubuntu-tiling-assistant 39-3ubuntu2 in mantic i386: universe/gnome/optional/100% -> main gnome-shell-extension-ubuntu-tiling-assistant 39-3ubuntu2 in mantic ppc64el: universe/gnome/optional/100% -> main gnome-shell-extension-ubuntu-tiling-assistant 39-3ubuntu2 in mantic riscv64: universe/gnome/optional/100% -> main gnome-shell-extension-ubuntu-tiling-assistant 39-3ubuntu2 in mantic s390x: universe/gnome/optional/100% -> main Override [y|N]? y 8 publications overridden. ** Changed in: gnome-shell-extension-tiling-assistant (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-shell-extension-tiling-assistant in Ubuntu. https://bugs.launchpad.net/bugs/2007710 Title: [MIR] gnome-shell-extension-tiling-assistant Status in gnome-shell-extension-tiling-assistant package in Ubuntu: Fix Released Bug description: [Availability] The package gnome-shell-extension-tiling-assistant is already in Ubuntu universe. The package gnome-shell-extension-tiling-assistant build for the architectures it is designed to work on. It currently builds and works for architetcures: all Link to package https://launchpad.net/ubuntu/+source/gnome-shell-extension-tiling-assistant [Rationale] - The package gnome-shell-extension-tiling-assistant is required in Ubuntu main to provide quarter tiling to our default desktop. The plan is to work upstream to get the feature integrated but that's going to take several cycle and we believe that using an extension is going to help providing feedback to guide the design decisions. - The package gnome-shell-extension-tiling-assistant would ideally be in Ubuntu main for Feb 23th but it's not realistic at this point, we would still like to request a feature freeze exception and include it this cycle though. [Security] - No CVEs/security issues in this software in the past - no `suid` or `sgid` binaries - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Packages does not open privileged ports (ports < 1024) - Packages does not contain extensions to security-sensitive software [Quality assurance - function/usage] - The package works well right after install [Quality assurance - maintenance] - The package is maintained well in Debian/Ubuntu/Upstream, it has no report in Debian/Ubuntu and no major issues upstream - Ubuntu https://bugs.launchpad.net/ubuntu/+source/gnome-shell-extension-tiling-assistant/+bug - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=gnome-shell-extension-tiling-assistant - Upstream's bug tracker, https://github.com/Leleat/Tiling-Assistant/issues - The package does not deal with exotic hardware we cannot support [Quality assurance - testing] - The package does not run a test at build time since there is no testing framework for gnome-shell extensions - The package does not run an autopkgtest because testing gnome-shell behaviour changes isn't something we can really do in the autopkgtest infrastructure - There is a manual testplan for the package on https://wiki.ubuntu.com/DesktopTeam/TestPlans/GnomeShellExtensionTilingAssistant In case the extension fails to load for whatever reason, the default mutter/gnome-shell standard tiling behavior will be used, so the users will be still able to use [Quality assurance - packaging] - debian/watch is present and works - debian/control defines a correct Maintainer - Recent build and lintian log: https://dpaste.com//9HSNBG8HR - Lintian overrides are not present - This package does not rely on obsolete or about to be demoted packages. - This package has no python2 or GTK2 dependencies - The package will be installed by default, but does not ask debconf questions - Packaging and build is easy, link to d/rules https://salsa.debian.org/debian/gnome-shell-extension-tiling- assistant/-/blob/ubuntu/main/debian/rules [UI standards] - Application is end-user facing, Translation is present, via standard intltool/gettext or similar build and runtime internationalization system see https://github.com/Leleat/Tiling-Assistant/tree/main/translations [Dependencies] - No further depends or recommends dependencies that are not yet in main [Standards compliance] - This package correctly follows FHS and Debian Policy [Maintenance/Owner] - Owning Team will
[Desktop-packages] [Bug 1990527] Re: Testsuite timeouts on riscv
I guess this is not the case anymore, correct? ** Changed in: adsys (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1990527 Title: Testsuite timeouts on riscv Status in adsys package in Ubuntu: Incomplete Bug description: Please find below the output of the testsuite running on riscv: any hint on what could be wrong? === RUN TestAddStdoutForwarderWithBlockedStdout time="2022-09-20T13:56:30Z" level=warning msg="Failed to write to regular output: write |1: file already closed" panic: test timed out after 10m0s goroutine 3 [running]: testing.(*M).startAlarm.func1() /usr/lib/go-1.19/src/testing/testing.go:2036 +0x8c created by time.goFunc /usr/lib/go-1.19/src/time/sleep.go:176 +0x50 goroutine 1 [chan receive]: testing.(*T).Run(0x3f741881a0, {0x2ad4e93af2?, 0x2ad4ae53a0?}, 0x2ad503d8e8) /usr/lib/go-1.19/src/testing/testing.go:1494 +0x34c testing.runTests.func1(0x30?) /usr/lib/go-1.19/src/testing/testing.go:1846 +0x78 testing.tRunner(0x3f741881a0, 0x3f7415dcf0) /usr/lib/go-1.19/src/testing/testing.go:1446 +0x11c testing.runTests(0x3f7414c500?, {0x2ad537b180, 0xa, 0xa}, {0x1?, 0x400ce8?, 0x2ad53c6c60?}) /usr/lib/go-1.19/src/testing/testing.go:1844 +0x408 testing.(*M).Run(0x3f7414c500) /usr/lib/go-1.19/src/testing/testing.go:1726 +0x504 main.main() _testmain.go:67 +0x1a8 goroutine 37 [semacquire]: sync.runtime_Semacquire(0x3f7423e140?) /usr/lib/go-1.19/src/runtime/sema.go:62 +0x34 sync.(*WaitGroup).Wait(0x3f7421a0d0) /usr/lib/go-1.19/src/sync/waitgroup.go:139 +0x74 github.com/ubuntu/adsys/internal/stdforward.addWriter.func2() /home/ubuntu/packages/adsys/adsys-0.9.2/obj-riscv64-linux-gnu/src/github.com/ubuntu/adsys/internal/stdforward/stdforward.go:1 14 +0x13c github.com/ubuntu/adsys/internal/stdforward_test.TestAddStdoutForwarderWithBlockedStdout(0x3f740b0368?) /home/ubuntu/packages/adsys/adsys-0.9.2/obj-riscv64-linux-gnu/src/github.com/ubuntu/adsys/internal/stdforward/stdforward_test .go:273 +0x1e0 testing.tRunner(0x3f74234340, 0x2ad503d8e8) /usr/lib/go-1.19/src/testing/testing.go:1446 +0x11c created by testing.(*T).Run /usr/lib/go-1.19/src/testing/testing.go:1493 +0x338 goroutine 38 [semacquire]: sync.runtime_SemacquireMutex(0x3f740dc000?, 0x3?, 0x2ad4e924ba?) /usr/lib/go-1.19/src/runtime/sema.go:77 +0x40 sync.(*RWMutex).RLock(...) /usr/lib/go-1.19/src/sync/rwmutex.go:71 github.com/ubuntu/adsys/internal/stdforward.(*forwarder).Write(0x2ad53c69c0, {0x3f74292000, 0x1c, 0x8000}) /home/ubuntu/packages/adsys/adsys-0.9.2/obj-riscv64-linux-gnu/src/github.com/ubuntu/adsys/internal/stdforward/stdforward.go:3 6 +0xe4 io.copyBuffer({0x2ad5041100, 0x2ad53c69c0}, {0x2ad50420c0, 0x3f7423c068}, {0x0, 0x0, 0x0}) /usr/lib/go-1.19/src/io/io.go:429 +0x1d8 io.Copy(...) /usr/lib/go-1.19/src/io/io.go:386 github.com/ubuntu/adsys/internal/stdforward.addWriter.func1.1() /home/ubuntu/packages/adsys/adsys-0.9.2/obj-riscv64-linux-gnu/src/github.com/ubuntu/adsys/internal/stdforward/stdforward.go:9 1 +0x80 created by github.com/ubuntu/adsys/internal/stdforward.addWriter.func1 /home/ubuntu/packages/adsys/adsys-0.9.2/obj-riscv64-linux-gnu/src/github.com/ubuntu/adsys/internal/stdforward/stdforward.go:8 9 +0x1b0 FAIL github.com/ubuntu/adsys/internal/stdforward 604.198s ? github.com/ubuntu/adsys/internal/testutils [no test files] ? github.com/ubuntu/adsys/internal/watchdservice [no test files] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1990527/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1779890] Re: Nautilus does not use a valid Kerberos ticket when accessing Samba share
** Package changed: gvfs (Ubuntu) => tracker-miners (Ubuntu) ** Changed in: tracker-miners (Ubuntu) Assignee: (unassigned) => Denison Barbosa (justdenis) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gvfs in Ubuntu. https://bugs.launchpad.net/bugs/1779890 Title: Nautilus does not use a valid Kerberos ticket when accessing Samba share Status in gvfs: New Status in tracker-miners package in Ubuntu: Triaged Bug description: Nautilus prompts for username and password when accessing a Samba share on a network drive, despite having a perfectly valid unexpired Kerberos ticket. The Kerberos ticket is obtained automatically at logon by authentication against a Samba Active Directory server (Samba AD-DC). Accessing the same Samba share with the same Kerberos ticket via "smbclient //host/sharename -k" works fine. One known workaround is: "nautilus -q", and then "killall gvfsd". After that, accessing the Samba share with Nautilus works normally as it should. I did not experience this issue in Ubuntu 16.04. It appears that a regression was introduced somewhere between 16.04 and 18.04. The issue is quite annoying and confusing for the users who are used to accessing Samba shares on the network drive without being prompted for their username and password. The issue appears to manifest itself usually not on the first access to a Samba share, but on subsequent accesses after a system reboot or upon user logout/login. Strangely, removing ~/.cache/ibus/bus/registry file before user login appears to fix the issue for the current user session, but then the problem reappears upon subsequent user logins or after a system reboot. Nemo appears to have the same problem as Nautilus. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gvfs-daemons 1.36.1-0ubuntu1 ProcVersionSignature: Ubuntu 4.15.0-24.26-generic 4.15.18 Uname: Linux 4.15.0-24-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.9-0ubuntu7.2 Architecture: amd64 Date: Tue Jul 3 11:12:06 2018 ExecutablePath: /usr/lib/gvfs/gvfsd InstallationDate: Installed on 2018-04-27 (66 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426) ProcEnviron: LANG=en_CA.UTF-8 PATH=(custom, no user) SHELL=/bin/bash XDG_RUNTIME_DIR= SourcePackage: gvfs UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/gvfs/+bug/1779890/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 821883] Re: [MIR] argyll
@Bryce, @RAOF: thanks for the notice! I feel we should then reuse this MIR to file a new template with our modern MIR rules (Note that the initial demand was made in 2011!) I’m thus marking it as incomplete until this is DONE, feel free to redirect this request directly to the team who will own and maintain the package. ** Changed in: argyll (Ubuntu) Assignee: Till Kamppeter (till-kamppeter) => Chris Halse Rogers (raof) ** No longer affects: colord (Ubuntu) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to colord in Ubuntu. https://bugs.launchpad.net/bugs/821883 Title: [MIR] argyll Status in argyll package in Ubuntu: Incomplete Bug description: Note this MIR is for both argyll and libicc2 (both packages are currently in Universe). With the most recent argyll package the binary packages of argyll and libicc2 are now all produced by the argyll source package. We followed Debian to unsplit here as the upstream source for both is argyll. The libicc2 source package in Universe can get dropped. Availability: Currently available in Universe, building on all currently supported architectures, see https://launchpad.net/ubuntu/+source/argyll Rationale: In Oneiric we want to introduce ICC-based color management on the operating system level, using the same architecture as Fedora does. argyll (support for color calibration) and libicc2 (ICC handling library) are part of this architecture. Therefore we need them in Main. This MIR is a work item of the following Blueprint: https://blueprints.launchpad.net/ubuntu/+spec/desktop-o-icc-color- management According to the Blueprint additional demand on CD space for the whole introduction of color management is around 300K only. Security: No security vulnerabilities known at CVE and Secunia for the current version (1.3.3), vulnerabilities of older versions are all fixed, no SUID components, no daemons. Quality assurance: Installs without debconf questions. The package is maintained upstream as new releases occur regularly and they get packaged for Debian by Roland Mas (see debian/changelog). UI standards: The package are a library and command line utilities. The complete upstream documentation is available in /usr/share/doc/argyll/. Each command shows a help page by calling it without parameters. Dependencies: Depends only on standard libraries for X and images. They are all in Main. Maintenance: See "Quality assurance". To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/argyll/+bug/821883/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 2003259] Re: [MIR] libcupsfilters libppd cups-browsed
Thanks for the MIR, however, as you wanted to do a simple MIR and not a full one, this is really lacking details and not tracking the real packages the MIRs are supposed to apply on. Please be considerate for the reviewer and help them as much as possible by following the process, so that from one bug report, we can see: - which source packages are impacted - which binary packages needs to be promoted. That, without any more verbiage. Also, those packages were packaged a very long time ago, so it’s probably the right opportunity to ensure, especially with the split, that they all confirmant with the MIR policy. So, do you mind: - add one source package for any source package impacted. - for each source package, check the MIR requirements and file the template, ONE FOR EACH, in the description (you can separate them by markers to make it clearer). - state in each source package what code was moved where - remove cups-filters source package from here, and tell what’s going to happens with current cups-filters source package. Should it be demoted? Until there, I’m marking that bug as incomplete. ** Changed in: cups-filters (Ubuntu) Status: New => Incomplete ** Changed in: cups-filters (Ubuntu) Assignee: Didier Roche-Tolomelli (didrocks) => Till Kamppeter (till-kamppeter) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to cups-filters in Ubuntu. https://bugs.launchpad.net/bugs/2003259 Title: [MIR] libcupsfilters libppd cups-browsed Status in cups-filters package in Ubuntu: Incomplete Bug description: This is a simplified MIR for the splitting of the cups-filters source package. With the second generation (2.x) cups-filters upstream got split into 5 independent component repositories: - libcupsfilters - libppd - cups-filters - braille-printer-app - cups-browsed See https://openprinting.github.io/cups-filters-Second-Generation-First- Beta-Release/ braille-printer-app still needs some upstream work for getting released, the others were already released as 2.0b2. libcupsfilters, cups-filters, and cups-browsed contain mainly the code from the former cups-filters (1.x) which is already in Main. libppd contains code from CUPS (libcups and cups-ppdc) which is also in Main. As of https://github.com/canonical/ubuntu-mir -- If a new source package contains only code which is already in main (e.g. the result of a source package split or rename, or source packages with a version in the name), it may not need a full review. Submitting a MIR bug with an explanation (but without the full template) or updating/extending on the existing old MIR bug and re-opening it by setting it to "NEW" is sufficient. -- This report does not need the full template. The original packages (cups-filters and cups) are in Main already for more than a decade, so repetition of the original MIR would not be useful. cups was already in Ubuntu from the very beginning on and therefore probably in Main since the differentiation of Main and Universe got introduced. The binary packages are named as before (except SONAME of libraries being 2 instead of 1 now), binary packages for libppd added. So current dependencies and seeding should pull in everything (libppd is a library and cups-filters depends on it). libfontembed has been discontinued (folded into libcupsfilters, API removed) but no package uses it (except the components of cups-filters 1.x thenselves). braille-printer-app will be added to this report (or a new simplified MIR report created) as soon as it gets released upstream. Its binary package(s) will need to get seeded. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cups-filters/+bug/2003259/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973033] Re: [MIR] wpebackend-fdo
$ ./change-override -c main -S wpebackend-fdo Override component to main wpebackend-fdo 1.12.0-1 in kinetic: universe/misc -> main libwpebackend-fdo-1.0-1 1.12.0-1 in kinetic amd64: universe/libs/optional/100% -> main libwpebackend-fdo-1.0-1 1.12.0-1 in kinetic arm64: universe/libs/optional/100% -> main libwpebackend-fdo-1.0-1 1.12.0-1 in kinetic armhf: universe/libs/optional/100% -> main libwpebackend-fdo-1.0-1 1.12.0-1 in kinetic i386: universe/libs/optional/100% -> main libwpebackend-fdo-1.0-1 1.12.0-1 in kinetic ppc64el: universe/libs/optional/100% -> main libwpebackend-fdo-1.0-1 1.12.0-1 in kinetic riscv64: universe/libs/optional/100% -> main libwpebackend-fdo-1.0-1 1.12.0-1 in kinetic s390x: universe/libs/optional/100% -> main libwpebackend-fdo-1.0-dev 1.12.0-1 in kinetic amd64: universe/libdevel/optional/100% -> main libwpebackend-fdo-1.0-dev 1.12.0-1 in kinetic arm64: universe/libdevel/optional/100% -> main libwpebackend-fdo-1.0-dev 1.12.0-1 in kinetic armhf: universe/libdevel/optional/100% -> main libwpebackend-fdo-1.0-dev 1.12.0-1 in kinetic i386: universe/libdevel/optional/100% -> main libwpebackend-fdo-1.0-dev 1.12.0-1 in kinetic ppc64el: universe/libdevel/optional/100% -> main libwpebackend-fdo-1.0-dev 1.12.0-1 in kinetic riscv64: universe/libdevel/optional/100% -> main libwpebackend-fdo-1.0-dev 1.12.0-1 in kinetic s390x: universe/libdevel/optional/100% -> main Override [y|N]? y 15 publications overridden. ** Changed in: wpebackend-fdo (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to wpebackend-fdo in Ubuntu. https://bugs.launchpad.net/bugs/1973033 Title: [MIR] wpebackend-fdo Status in wpebackend-fdo package in Ubuntu: Fix Released Bug description: [Availability] The package wpebackend-fdo is already in Ubuntu universe. The package wpebackend-fdo build for the architectures it is designed to work on. It currently builds and works for architectures: amd64 arm64 armhf i386 ppc64el riscv64 s390x Link to package https://launchpad.net/ubuntu/+source/wpebackend-fdo [Rationale] - The package wpebackend-fdo is required in Ubuntu main as a dependency of webkit2gtk. The dependency is optional but the default upstream and in other distributions and the only one upstream is really testing (turned out some of the issues we had previous cycle are because we aren't using the default backend, which also made a lower priority for upstream to work on fixes). Upstream is also planning to deprecate the nonwpe codepath. We might also need to build with that backend on older series at some point due to the previous statement. - The package wpebackend-fdo is required in Ubuntu main no later than aug 25 due to feature freeze [Security] - No CVEs/security issues in this software in the past - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Packages does not open privileged ports (ports < 1024) - Packages does not contain extensions to security-sensitive software [Quality assurance - function/usage] - The package works well right after install [Quality assurance - maintenance] - The package is maintained well in Ubuntu and Debian and has currently no reports - Ubuntu https://bugs.launchpad.net/ubuntu/+source/wpebackend-fdo/+bug - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=wpebackend-fdo - The package does not deal with exotic hardware we cannot support [Quality assurance - testing] - The package does not run a test at build time because upstream doesn't have one. That's something we need to work on. BLOCKER ^ - The package does not run an autopkgtest because upstream has no test and Debian didn't have some either. If webkit2gtk is built with it as it default backend then the webkitgtk autopkgtests are going to exercise wpe, is that enough? BLOCKER? ^ We need to work on the testing story, backup plan is to write some manual test plans. [Quality assurance - packaging] - debian/watch is present and works -- There is only one lintian warning # lintian --pedantic P: wpebackend-fdo source: package-uses-old-debhelper-compat-version 12 12 isn't that old but we will work on updating to 13 - There is one lintian overrides for having the .so distributed in the library rather than the dev because browsers try to load the .so and it should be available. The change was added in Debian to https://salsa.debian.org/webkit-team/wpebackend-fdo/-/commit/07a67e57 - This package does not rely on obsolete or about to be demoted packages. - This package has no python2 or GTK2 dependencies - The package will be installed by default, but does not ask debconf questions - Packaging and build is easy, link to d/rules https://salsa.debian.org/webkit-team/wpebackend- fdo/-/blob/master/debian/rules [UI
[Desktop-packages] [Bug 1973031] Re: [MIR] libwpe
$ ./change-override -c main -S libwpe Override component to main libwpe 1.12.0-1 in kinetic: universe/misc -> main libwpe-1.0-1 1.12.0-1 in kinetic amd64: universe/libs/optional/100% -> main libwpe-1.0-1 1.12.0-1 in kinetic arm64: universe/libs/optional/100% -> main libwpe-1.0-1 1.12.0-1 in kinetic armhf: universe/libs/optional/100% -> main libwpe-1.0-1 1.12.0-1 in kinetic i386: universe/libs/optional/100% -> main libwpe-1.0-1 1.12.0-1 in kinetic ppc64el: universe/libs/optional/100% -> main libwpe-1.0-1 1.12.0-1 in kinetic riscv64: universe/libs/optional/100% -> main libwpe-1.0-1 1.12.0-1 in kinetic s390x: universe/libs/optional/100% -> main libwpe-1.0-dev 1.12.0-1 in kinetic amd64: universe/libdevel/optional/100% -> main libwpe-1.0-dev 1.12.0-1 in kinetic arm64: universe/libdevel/optional/100% -> main libwpe-1.0-dev 1.12.0-1 in kinetic armhf: universe/libdevel/optional/100% -> main libwpe-1.0-dev 1.12.0-1 in kinetic i386: universe/libdevel/optional/100% -> main libwpe-1.0-dev 1.12.0-1 in kinetic ppc64el: universe/libdevel/optional/100% -> main libwpe-1.0-dev 1.12.0-1 in kinetic riscv64: universe/libdevel/optional/100% -> main libwpe-1.0-dev 1.12.0-1 in kinetic s390x: universe/libdevel/optional/100% -> main Override [y|N]? y 15 publications overridden. ** Changed in: libwpe (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libwpe in Ubuntu. https://bugs.launchpad.net/bugs/1973031 Title: [MIR] libwpe Status in libwpe package in Ubuntu: Fix Released Bug description: [Availability] The package libwpe is already in Ubuntu universe. The package libwpe build for the architectures it is designed to work on. It currently builds and works for architectures: amd64 arm64 armhf i386 ppc64el riscv64 s390x Link to package https://launchpad.net/ubuntu/+source/libwpe [Rationale] The package libwpe is required in Ubuntu main as a dependency of webkit2gtk. The dependency is optional but the default upstream and in other distributions and the only one upstream is really testing (turned out some of the issues we had previous cycle are because we aren't using the default backend, which also made a lower priority for upstream to work on fixes). Upstream is also planning to deprecate the nonwpe codepath. - The package wpebackend-fdo is required in Ubuntu main no later than aug 25 due to feature freeze [Security] - No CVEs/security issues in this software in the past - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Packages does not open privileged ports (ports < 1024) - Packages does not contain extensions to security-sensitive software [Quality assurance - function/usage] - The package works well right after install [Quality assurance - maintenance] - The package is maintained well in Ubuntu and Debian and has currently no reports - Ubuntu https://bugs.launchpad.net/ubuntu/+source/libwpe/+bug - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=libwpe [Quality assurance - testing] - The package does not run a test at build time because upstream doesn't have one. That's something we need to work on. BLOCKER ^ If webkit2gtk is built with it as it default backend then the webkitgtk autopkgtests are going to exercise wpe, is that enough? BLOCKER? ^ We need to work on the testing story, backup plan is to write some manual test plans. It's likely that the test plan for wpebackend-fdo will cover the library. [Quality assurance - packaging] - debian/watch is present and works -- There is only one lintian warning # lintian --pedantic P: libwpe source: package-uses-old-debhelper-compat-version 12 12 isn't that old but we will work on updating to 13 - Lintian overrides are not present - This package does not rely on obsolete or about to be demoted packages. - This package has no python2 or GTK2 dependencies - The package will be installed by default, but does not ask debconf question - Packaging and build is easy, link to d/rules https://salsa.debian.org/webkit-team/libwpe/-/blob/master/debian/rules [UI standards] - Application is not end-user facing (does not need translation) [Dependencies] - No further depends or recommends dependencies that are not yet in main [Standards compliance] - This package correctly follows FHS and Debian Policy [Maintenance/Owner] - Owning Team will be desktop-packages - Team is not yet, but will subscribe to the package before promotion - This does not use static builds - This does not use vendored code - The package successfully built during the most recent test rebuild [Background information] The Package description explains the package well Upstream Name is libwpe Link to upstream project https://github.com/WebPlatformForEmbedded/libwpe To manage notifications
[Desktop-packages] [Bug 1982351] Re: [SRU] Backport adsys-windows binary package
** Also affects: adsys (Ubuntu Jammy) Importance: Undecided Status: New ** Also affects: adsys (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: adsys (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1982351 Title: [SRU] Backport adsys-windows binary package Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: New Status in adsys source package in Jammy: New Bug description: As part of our entreprise desktop offering, there is the request to backport the adsys-windows binary package to 20.04 LTS and 22.04 LTS. ADSys is our Active Directory GPO integration. It’s available starting Ubuntu 21.04. adsys-windows contains Windows-specific files including a Windows executable (the Active Directory Watch Daemon), and XML files (ADMX/ADML) that are to be used solely on Windows. The package is provided as a safe way for Windows administrators to source the required adsys files that are needed on Windows. [Impact] * adsys-windows is a new binary package. Impact is thus only for people installing. * This is a enterprise feature requested by desktop customers running LTS. [Test Plan] 1. Install the adsys-windows package 2. Copy the adwatchd.exe executable from /usr/share/adsys/windows on a Windows machine and run it: 3. Set a path where the configuration file will be written 4. Input a list of policy scripts directories to be watched The executable will then install itself as a Windows Service and start monitoring the given directories for changes. Whenever it notices a change it will attempt to bump the version in the GPT.INI file at the root of the watched directory. If a GPT.INI is not found, the daemon will create one. For more information refer to the documentation at: https://github.com/ubuntu/adsys/wiki/11.-Active-Directory-Watch-Daemon [Where problems could occur] * As this is a separate, versioned, new package, no impact on existing installations. * Moreover the package has no files that are used in any way on Linux. It's just data to be copied on Windows machines. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1982351/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973748] Re: Updating any gsettings key makes user dconf database unreadable
** Changed in: adsys (Ubuntu Focal) Status: Incomplete => New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973748 Title: Updating any gsettings key makes user dconf database unreadable Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: New Status in adsys source package in Jammy: Fix Released Bug description: [Impact] Changing any gsettings key in AD resulted in user databases under /etc/dconf, owned by root, with 0600 as permissions. This change was done late in the cycle after passing some permissions checkers to harden the binaries. However, in that case, the user databases needs to be readable by the users so that they can apply those values, so we need to align with ibus profile and makes them 644. [Test case] * Change a gsettings key under AD, like picture-uri one. * Login on the Ubuntu laptop connected with AD by adsys * The background should now be changed to the set value. [Where problems could occur] This code is located in the dconf policy application manager and restricted to it. The negative impact in case of a new bug will be seen by gsettings key not being applied as it is already nowdays. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973748/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973748] Re: Updating any gsettings key makes user dconf database unreadable
** Changed in: adsys (Ubuntu Focal) Status: New => Incomplete -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973748 Title: Updating any gsettings key makes user dconf database unreadable Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: Incomplete Status in adsys source package in Jammy: Fix Released Bug description: [Impact] Changing any gsettings key in AD resulted in user databases under /etc/dconf, owned by root, with 0600 as permissions. This change was done late in the cycle after passing some permissions checkers to harden the binaries. However, in that case, the user databases needs to be readable by the users so that they can apply those values, so we need to align with ibus profile and makes them 644. [Test case] * Change a gsettings key under AD, like picture-uri one. * Login on the Ubuntu laptop connected with AD by adsys * The background should now be changed to the set value. [Where problems could occur] This code is located in the dconf policy application manager and restricted to it. The negative impact in case of a new bug will be seen by gsettings key not being applied as it is already nowdays. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973748/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1962170] Re: DEP8 failure with samba 4.15.5
** Description changed: + [Impact] + Tests are failing with the samba version in jammy. We want people using focal be able to upgrade to newer samba and still be compatible with adsys. + + [Test Plan] + 1. Ensure that DEP8 tests are passing once uploaded to proposed and ready to be migrated + + [Where problems could occur] + The functionalities failing are only on tests running (DEP8 or tests during package builds), but we want to be able to run our tests with newer versions of samba on focal too without regressing existing testsuite. + + + -- + The DEP8 tests of adsys started to fail[1] with my samba 4.15.5 upload. Some hints: ahasenack: it seems we can’t start our smbd local daemon to simulate Active Directory smb server - ahasenack: yeah, I’m puzzled because on smbd start failure, we do print stderr (not stdout though): https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L16 https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L43 in particular you can see here how we start it: https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L21 and the config template is at https://github.com/ubuntu/adsys/blob/20e6f962eb87f667f5e29800be0715ab2496a10d/internal/testutils/samba.go#L55 2022/02/24 03:13:59 Setup: smbd hasn’t started successfully that's here: https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L129 you wait for the port to be open? which port is that, 445/tcp? we wait on the port to be opened, and this one is passed as a parameter, see the template. For the argument we pass in ad tests, once sec, looking 1446 https://github.com/ubuntu/adsys/blob/20e6f962eb87f667f5e29800be0715ab2496a10d/cmd/integration_tests/adsys_test.go#L47 - you just need to run go test . in internal/ad/ the failure is as the pre-test setup - - 1. https://autopkgtest.ubuntu.com/results/autopkgtest-jammy/jammy/amd64/a/adsys/20220224_031434_4d453@/log.gz + 1. https://autopkgtest.ubuntu.com/results/autopkgtest- + jammy/jammy/amd64/a/adsys/20220224_031434_4d453@/log.gz -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1962170 Title: DEP8 failure with samba 4.15.5 Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: New Bug description: [Impact] Tests are failing with the samba version in jammy. We want people using focal be able to upgrade to newer samba and still be compatible with adsys. [Test Plan] 1. Ensure that DEP8 tests are passing once uploaded to proposed and ready to be migrated [Where problems could occur] The functionalities failing are only on tests running (DEP8 or tests during package builds), but we want to be able to run our tests with newer versions of samba on focal too without regressing existing testsuite. -- The DEP8 tests of adsys started to fail[1] with my samba 4.15.5 upload. Some hints: ahasenack: it seems we can’t start our smbd local daemon to simulate Active Directory smb server ahasenack: yeah, I’m puzzled because on smbd start failure, we do print stderr (not stdout though): https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L16 https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L43 in particular you can see here how we start it: https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L21 and the config template is at https://github.com/ubuntu/adsys/blob/20e6f962eb87f667f5e29800be0715ab2496a10d/internal/testutils/samba.go#L55 2022/02/24 03:13:59 Setup: smbd hasn’t started successfully that's here: https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L129 you wait for the port to be open? which port is that, 445/tcp? we wait on the port to be opened, and this one is passed as a parameter, see the template. For the argument we pass in ad tests, once sec, looking 1446 https://github.com/ubuntu/adsys/blob/20e6f962eb87f667f5e29800be0715ab2496a10d/cmd/integration_tests/adsys_test.go#L47 you just need to run go test . in internal/ad/ the failure is as the pre-test setup 1. https://autopkgtest.ubuntu.com/results/autopkgtest- jammy/jammy/amd64/a/adsys/20220224_031434_4d453@/log.gz To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1962170/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1962510] Re: failing tests with new sssd, blocks python3-defaults
** Description changed: + [Impact] + Fix some flaky tests to ensure that future SRUs are easier to release + + [Test Plan] + 1. Have the package build (tests are running) and that DEP8 tests are passing. + + [Where problems could occur] + The fix is only impacting some tests that were flaky and asking for a rerun. Fixes are only located in this test code to make them more reliable and less racy, even in VM environments. + + - + adsys has failing autopkgtests on armhf. Demoting the package to -proposed to unblock the python3-defaults transition. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1962510 Title: failing tests with new sssd, blocks python3-defaults Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: New Bug description: [Impact] Fix some flaky tests to ensure that future SRUs are easier to release [Test Plan] 1. Have the package build (tests are running) and that DEP8 tests are passing. [Where problems could occur] The fix is only impacting some tests that were flaky and asking for a rerun. Fixes are only located in this test code to make them more reliable and less racy, even in VM environments. - adsys has failing autopkgtests on armhf. Demoting the package to -proposed to unblock the python3-defaults transition. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1962510/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1961459] Re: adsys pam issues
** Description changed: + [Impact] + Memory leaks in adsys pam modules. + + [Test Plan] + 1. Install SRU version of adsys + 2. Login as an user + 3. Ensure that you can still login successfully. + + [Where problems could occur] + Login can be disabled due to the PAM module crashing. There is only one code path leading to that, so easy to detect. + + -- + These may not be security issues but it's possible I overlooked something; since they live in a security boundary I thought it worth reporting with a bit of hassle. If you'd rather work on this in the open, feel free to open this. pam_adsys.c update_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to work but I don't think that's how that API is supposed to be used pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny Thanks -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1961459 Title: adsys pam issues Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: New Bug description: [Impact] Memory leaks in adsys pam modules. [Test Plan] 1. Install SRU version of adsys 2. Login as an user 3. Ensure that you can still login successfully. [Where problems could occur] Login can be disabled due to the PAM module crashing. There is only one code path leading to that, so easy to detect. -- These may not be security issues but it's possible I overlooked something; since they live in a security boundary I thought it worth reporting with a bit of hassle. If you'd rather work on this in the open, feel free to open this. pam_adsys.c update_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to work but I don't think that's how that API is supposed to be used pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny Thanks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961459/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1962170] Re: DEP8 failure with samba 4.15.5
** Also affects: adsys (Ubuntu Focal) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1962170 Title: DEP8 failure with samba 4.15.5 Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: New Bug description: The DEP8 tests of adsys started to fail[1] with my samba 4.15.5 upload. Some hints: ahasenack: it seems we can’t start our smbd local daemon to simulate Active Directory smb server ahasenack: yeah, I’m puzzled because on smbd start failure, we do print stderr (not stdout though): https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L16 https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L43 in particular you can see here how we start it: https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L21 and the config template is at https://github.com/ubuntu/adsys/blob/20e6f962eb87f667f5e29800be0715ab2496a10d/internal/testutils/samba.go#L55 2022/02/24 03:13:59 Setup: smbd hasn’t started successfully that's here: https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L129 you wait for the port to be open? which port is that, 445/tcp? we wait on the port to be opened, and this one is passed as a parameter, see the template. For the argument we pass in ad tests, once sec, looking 1446 https://github.com/ubuntu/adsys/blob/20e6f962eb87f667f5e29800be0715ab2496a10d/cmd/integration_tests/adsys_test.go#L47 you just need to run go test . in internal/ad/ the failure is as the pre-test setup 1. https://autopkgtest.ubuntu.com/results/autopkgtest-jammy/jammy/amd64/a/adsys/20220224_031434_4d453@/log.gz To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1962170/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1961459] Re: adsys pam issues
** Also affects: adsys (Ubuntu Focal) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1961459 Title: adsys pam issues Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: New Bug description: These may not be security issues but it's possible I overlooked something; since they live in a security boundary I thought it worth reporting with a bit of hassle. If you'd rather work on this in the open, feel free to open this. pam_adsys.c update_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to work but I don't think that's how that API is supposed to be used pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny Thanks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961459/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1962510] Re: failing tests with new sssd, blocks python3-defaults
** Also affects: adsys (Ubuntu Focal) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1962510 Title: failing tests with new sssd, blocks python3-defaults Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: New Bug description: adsys has failing autopkgtests on armhf. Demoting the package to -proposed to unblock the python3-defaults transition. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1962510/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973745] Re: adsys windows admx/adml lts only does not include 22.04
** Also affects: adsys (Ubuntu Focal) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973745 Title: adsys windows admx/adml lts only does not include 22.04 Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: New Status in adsys source package in Jammy: Fix Committed Bug description: [Impact] Due to some misunterpretation in how the launchpad API works when listing lts only, 22.04 was not included there by the admx/adml files generated by CI. Consequently, when those files are deployed on Windows AD server with LTS only templates, this one is not listed. [Test Plan] * Deploy the admx/adml generated for "LTS Only" use cases on an AD server * Open any GPO rule like changing the background * Ensure there is an "Override for 22.04" entry. [Where problems could occur] Those files are statically generated and then shipped as thus. There is no runtime exercising this. The consequence of those generated files to be invalid is that Windows AD server will not show up "Ubuntu" in its GPO template. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973745/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973748] Re: Updating any gsettings key makes user dconf database unreadable
** Also affects: adsys (Ubuntu Focal) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973748 Title: Updating any gsettings key makes user dconf database unreadable Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: New Status in adsys source package in Jammy: Fix Committed Bug description: [Impact] Changing any gsettings key in AD resulted in user databases under /etc/dconf, owned by root, with 0600 as permissions. This change was done late in the cycle after passing some permissions checkers to harden the binaries. However, in that case, the user databases needs to be readable by the users so that they can apply those values, so we need to align with ibus profile and makes them 644. [Test case] * Change a gsettings key under AD, like picture-uri one. * Login on the Ubuntu laptop connected with AD by adsys * The background should now be changed to the set value. [Where problems could occur] This code is located in the dconf policy application manager and restricted to it. The negative impact in case of a new bug will be seen by gsettings key not being applied as it is already nowdays. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973748/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973751] Re: Machines or Users scripts are not executed
** Also affects: adsys (Ubuntu Focal) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973751 Title: Machines or Users scripts are not executed Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: New Status in adsys source package in Jammy: Fix Committed Bug description: [Impact] Machine and user scripts are not executed on startup/shutdown/login/logoff. /run has been recently changed to be noexec on jammy. Ensure that we can execute the scripts in /run/adsys subdirectories. The scripts mecanism has been reviewed by the security team, so we can reset them as executable. [Test case] * Setup some scripts under AD to be executed, one for machine scripts (on startup), one for user scripts (on login). Those scripts can create some temporary files under /tmp for instance. * Reboot and login on the Ubuntu laptop connected with AD by adsys, with ua attached * Check that the scripts were executed by testing that the created file under /tmp are present. [Where problems could occur] This is technically a new .mount systemd unit service which takes the same mount option than /run, but don’t set noexec. The setup is similar than qemu .mount unit for instance. Worst impact could be that the script policy manager can’t run the scripts as it is already the case today. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973751/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973752] Re: Fix privilege permission which can not be set to disabled
** Also affects: adsys (Ubuntu Focal) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973752 Title: Fix privilege permission which can not be set to disabled Status in adsys package in Ubuntu: Fix Released Status in adsys source package in Focal: New Status in adsys source package in Jammy: Fix Committed Bug description: [Impact] Disallowing local administrator does not work as excepted: - on some AD server, setting in the UI this key (and some other similars) to disabled, go to next GPO rule, then back to this one, AD will display the key as enabled. - on the client machine, we can see that the key has no state and nothing is forcibly allowed or disallowed. [Test case] * Install the new admx/adml with this version on the AD server. * On AD, go to disallow local administator, set it to disabled * Go to next GPO rules and then go back * The rule should still be disabled. * On an Ubuntu machine connected with AD by adsys, with ua attached, force a machine refresh with adsysctl policy update -m. * Check in adsysctl policy applied --all that the key is displayed as disabled * Confirm that no local administrator (part of the sudo group) can run "sudo". [Where problems could occur] The privilege manager and other policies impacts both Windows and client: - on Windows, this is in the admx/adml are statically generated and then shipped as thus. There is no runtime exercising this. The consequence of those generated files to be invalid is that Windows AD server will not show up "Ubuntu" in its GPO template. - on the client, the privilege manager is the main consumer of those disabled key types. The other kinds of keys are not impacted. [Additional informations] * New test cases have been added for the client part. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973752/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973745] Re: adsys windows admx/adml lts only does not include 22.04
** Also affects: adsys (Ubuntu Jammy) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973745 Title: adsys windows admx/adml lts only does not include 22.04 Status in adsys package in Ubuntu: New Status in adsys source package in Jammy: New Bug description: [Impact] Due to some misunterpretation in how the launchpad API works when listing lts only, 22.04 was not included there by the admx/adml files generated by CI. Consequently, when those files are deployed on Windows AD server with LTS only templates, this one is not listed. [Test Plan] * Deploy the admx/adml generated for "LTS Only" use cases on an AD server * Open any GPO rule like changing the background * Ensure there is an "Override for 22.04" entry. [Where problems could occur] Those files are statically generated and then shipped as thus. There is no runtime exercising this. The consequence of those generated files to be invalid is that Windows AD server will not show up "Ubuntu" in its GPO template. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973745/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973751] Re: Machines or Users scripts are not executed
** Also affects: adsys (Ubuntu Jammy) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973751 Title: Machines or Users scripts are not executed Status in adsys package in Ubuntu: New Status in adsys source package in Jammy: New Bug description: [Impact] Machine and user scripts are not executed on startup/shutdown/login/logoff. /run has been recently changed to be noexec on jammy. Ensure that we can execute the scripts in /run/adsys subdirectories. The scripts mecanism has been reviewed by the security team, so we can reset them as executable. [Test case] * Setup some scripts under AD to be executed, one for machine scripts (on startup), one for user scripts (on login). Those scripts can create some temporary files under /tmp for instance. * Reboot and login on the Ubuntu laptop connected with AD by adsys, with ua attached * Check that the scripts were executed by testing that the created file under /tmp are present. [Where problems could occur] This is technically a new .mount systemd unit service which takes the same mount option than /run, but don’t set noexec. The setup is similar than qemu .mount unit for instance. Worst impact could be that the script policy manager can’t run the scripts as it is already the case today. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973751/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973752] Re: Fix privilege permission which can not be set to disabled
** Also affects: adsys (Ubuntu Jammy) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973752 Title: Fix privilege permission which can not be set to disabled Status in adsys package in Ubuntu: New Status in adsys source package in Jammy: New Bug description: [Impact] Disallowing local administrator does not work as excepted: - on some AD server, setting in the UI this key (and some other similars) to disabled, go to next GPO rule, then back to this one, AD will display the key as enabled. - on the client machine, we can see that the key has no state and nothing is forcibly allowed or disallowed. [Test case] * Install the new admx/adml with this version on the AD server. * On AD, go to disallow local administator, set it to disabled * Go to next GPO rules and then go back * The rule should still be disabled. * On an Ubuntu machine connected with AD by adsys, with ua attached, force a machine refresh with adsysctl policy update -m. * Check in adsysctl policy applied --all that the key is displayed as disabled * Confirm that no local administrator (part of the sudo group) can run "sudo". [Where problems could occur] The privilege manager and other policies impacts both Windows and client: - on Windows, this is in the admx/adml are statically generated and then shipped as thus. There is no runtime exercising this. The consequence of those generated files to be invalid is that Windows AD server will not show up "Ubuntu" in its GPO template. - on the client, the privilege manager is the main consumer of those disabled key types. The other kinds of keys are not impacted. [Additional informations] * New test cases have been added for the client part. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973752/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973752] [NEW] Fix privilege permission which can not be set to disabled
Public bug reported: [Impact] Disallowing local administrator does not work as excepted: - on some AD server, setting in the UI this key (and some other similars) to disabled, go to next GPO rule, then back to this one, AD will display the key as enabled. - on the client machine, we can see that the key has no state and nothing is forcibly allowed or disallowed. [Test case] * Install the new admx/adml with this version on the AD server. * On AD, go to disallow local administator, set it to disabled * Go to next GPO rules and then go back * The rule should still be disabled. * On an Ubuntu machine connected with AD by adsys, with ua attached, force a machine refresh with adsysctl policy update -m. * Check in adsysctl policy applied --all that the key is displayed as disabled * Confirm that no local administrator (part of the sudo group) can run "sudo". [Where problems could occur] The privilege manager and other policies impacts both Windows and client: - on Windows, this is in the admx/adml are statically generated and then shipped as thus. There is no runtime exercising this. The consequence of those generated files to be invalid is that Windows AD server will not show up "Ubuntu" in its GPO template. - on the client, the privilege manager is the main consumer of those disabled key types. The other kinds of keys are not impacted. [Additional informations] * New test cases have been added for the client part. ** Affects: adsys (Ubuntu) Importance: Undecided Status: New ** Description changed: [Impact] Disallowing local administrator does not work as excepted: - on some AD server, setting in the UI this key (and some other similars) to disabled, go to next GPO rule, then back to this one, AD will display the key as enabled. - on the client machine, we can see that the key has no state and nothing is forcibly allowed or disallowed. [Test case] * Install the new admx/adml with this version on the AD server. * On AD, go to disallow local administator, set it to disabled * Go to next GPO rules and then go back * The rule should still be disabled. * On an Ubuntu machine connected with AD by adsys, with ua attached, force a machine refresh with adsysctl policy update -m. * Check in adsysctl policy applied --all that the key is displayed as disabled * Confirm that no local administrator (part of the sudo group) can run "sudo". [Where problems could occur] The privilege manager and other policies impacts both Windows and client: - on Windows, this is in the admx/adml are statically generated and then shipped as thus. There is no runtime exercising this. The consequence of those generated files to be invalid is that Windows AD server will not show up "Ubuntu" in its GPO template. - on the client, the privilege manager is the main consumer of those disabled key types. The other kinds of keys are not impacted. + + [Additional informations] + * New test cases have been added for the client part. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973752 Title: Fix privilege permission which can not be set to disabled Status in adsys package in Ubuntu: New Bug description: [Impact] Disallowing local administrator does not work as excepted: - on some AD server, setting in the UI this key (and some other similars) to disabled, go to next GPO rule, then back to this one, AD will display the key as enabled. - on the client machine, we can see that the key has no state and nothing is forcibly allowed or disallowed. [Test case] * Install the new admx/adml with this version on the AD server. * On AD, go to disallow local administator, set it to disabled * Go to next GPO rules and then go back * The rule should still be disabled. * On an Ubuntu machine connected with AD by adsys, with ua attached, force a machine refresh with adsysctl policy update -m. * Check in adsysctl policy applied --all that the key is displayed as disabled * Confirm that no local administrator (part of the sudo group) can run "sudo". [Where problems could occur] The privilege manager and other policies impacts both Windows and client: - on Windows, this is in the admx/adml are statically generated and then shipped as thus. There is no runtime exercising this. The consequence of those generated files to be invalid is that Windows AD server will not show up "Ubuntu" in its GPO template. - on the client, the privilege manager is the main consumer of those disabled key types. The other kinds of keys are not impacted. [Additional informations] * New test cases have been added for the client part. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973752/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net
[Desktop-packages] [Bug 1973751] [NEW] Machines or Users scripts are not executed
Public bug reported: [Impact] Machine and user scripts are not executed on startup/shutdown/login/logoff. /run has been recently changed to be noexec on jammy. Ensure that we can execute the scripts in /run/adsys subdirectories. The scripts mecanism has been reviewed by the security team, so we can reset them as executable. [Test case] * Setup some scripts under AD to be executed, one for machine scripts (on startup), one for user scripts (on login). Those scripts can create some temporary files under /tmp for instance. * Reboot and login on the Ubuntu laptop connected with AD by adsys, with ua attached * Check that the scripts were executed by testing that the created file under /tmp are present. [Where problems could occur] This is technically a new .mount systemd unit service which takes the same mount option than /run, but don’t set noexec. The setup is similar than qemu .mount unit for instance. Worst impact could be that the script policy manager can’t run the scripts as it is already the case today. ** Affects: adsys (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973751 Title: Machines or Users scripts are not executed Status in adsys package in Ubuntu: New Bug description: [Impact] Machine and user scripts are not executed on startup/shutdown/login/logoff. /run has been recently changed to be noexec on jammy. Ensure that we can execute the scripts in /run/adsys subdirectories. The scripts mecanism has been reviewed by the security team, so we can reset them as executable. [Test case] * Setup some scripts under AD to be executed, one for machine scripts (on startup), one for user scripts (on login). Those scripts can create some temporary files under /tmp for instance. * Reboot and login on the Ubuntu laptop connected with AD by adsys, with ua attached * Check that the scripts were executed by testing that the created file under /tmp are present. [Where problems could occur] This is technically a new .mount systemd unit service which takes the same mount option than /run, but don’t set noexec. The setup is similar than qemu .mount unit for instance. Worst impact could be that the script policy manager can’t run the scripts as it is already the case today. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973751/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973748] [NEW] Updating any gsettings key makes user dconf database unreadable
Public bug reported: [Impact] Changing any gsettings key in AD resulted in user databases under /etc/dconf, owned by root, with 0600 as permissions. This change was done late in the cycle after passing some permissions checkers to harden the binaries. However, in that case, the user databases needs to be readable by the users so that they can apply those values, so we need to align with ibus profile and makes them 644. [Test case] * Change a gsettings key under AD, like picture-uri one. * Login on the Ubuntu laptop connected with AD by adsys * The background should now be changed to the set value. [Where problems could occur] This code is located in the dconf policy application manager and restricted to it. The negative impact in case of a new bug will be seen by gsettings key not being applied as it is already nowdays. ** Affects: adsys (Ubuntu) Importance: Undecided Status: New ** Affects: adsys (Ubuntu Jammy) Importance: Undecided Status: New ** Also affects: adsys (Ubuntu Jammy) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973748 Title: Updating any gsettings key makes user dconf database unreadable Status in adsys package in Ubuntu: New Status in adsys source package in Jammy: New Bug description: [Impact] Changing any gsettings key in AD resulted in user databases under /etc/dconf, owned by root, with 0600 as permissions. This change was done late in the cycle after passing some permissions checkers to harden the binaries. However, in that case, the user databases needs to be readable by the users so that they can apply those values, so we need to align with ibus profile and makes them 644. [Test case] * Change a gsettings key under AD, like picture-uri one. * Login on the Ubuntu laptop connected with AD by adsys * The background should now be changed to the set value. [Where problems could occur] This code is located in the dconf policy application manager and restricted to it. The negative impact in case of a new bug will be seen by gsettings key not being applied as it is already nowdays. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973748/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1973745] [NEW] adsys windows admx/adml lts only does not include 22.04
Public bug reported: [Impact] Due to some misunterpretation in how the launchpad API works when listing lts only, 22.04 was not included there by the admx/adml files generated by CI. Consequently, when those files are deployed on Windows AD server with LTS only templates, this one is not listed. [Test Plan] * Deploy the admx/adml generated for "LTS Only" use cases on an AD server * Open any GPO rule like changing the background * Ensure there is an "Override for 22.04" entry. [Where problems could occur] Those files are statically generated and then shipped as thus. There is no runtime exercising this. The consequence of those generated files to be invalid is that Windows AD server will not show up "Ubuntu" in its GPO template. ** Affects: adsys (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1973745 Title: adsys windows admx/adml lts only does not include 22.04 Status in adsys package in Ubuntu: New Bug description: [Impact] Due to some misunterpretation in how the launchpad API works when listing lts only, 22.04 was not included there by the admx/adml files generated by CI. Consequently, when those files are deployed on Windows AD server with LTS only templates, this one is not listed. [Test Plan] * Deploy the admx/adml generated for "LTS Only" use cases on an AD server * Open any GPO rule like changing the background * Ensure there is an "Override for 22.04" entry. [Where problems could occur] Those files are statically generated and then shipped as thus. There is no runtime exercising this. The consequence of those generated files to be invalid is that Windows AD server will not show up "Ubuntu" in its GPO template. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973745/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1936907] Re: [MIR] ADSys
$ ./change-override -c main -B adsys Override component to main adsys 0.8.2 in jammy: universe/admin -> main adsys 0.8.2 in jammy amd64: universe/admin/optional/100% -> main adsys 0.8.2 in jammy arm64: universe/admin/optional/100% -> main adsys 0.8.2 in jammy armhf: universe/admin/optional/100% -> main adsys 0.8.2 in jammy ppc64el: universe/admin/optional/100% -> main adsys 0.8.2 in jammy riscv64: universe/admin/optional/100% -> main adsys 0.8.2 in jammy s390x: universe/admin/optional/100% -> main Override [y|N]? y 7 publications overridden. ** Changed in: adsys (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1936907 Title: [MIR] ADSys Status in adsys package in Ubuntu: Fix Released Bug description: [Availability] Available on all archs, available starting hirsute. It will be backported to Focal once an FFe has been accepted. [Rationale] We are supporting GPO Active Directory support on ubuntu starting hirsute. This features allows for an administrator to configure their Active Directory server to deploy per-machine and per-user configurations, enforce rules and other domain policies. Right now, dconf keys, sudo administration rights and computer and user scripts are supported. This feature is built and use the krb5 tickets which are provided by SSSD. Basically: - SSSD is dealing with user and machine registration/authentification and enforce password policies - ADSys is handling GPO enforcement and support. The Ubuntu specific policies needs to be installed on the Active Directory server (they are contained in the daemon). [Security] The daemon is started is running as a root user to be able to enforce machine policies, like rebuilding dconf databases, setting profiles. User only interacts with the client side (both sides communicates over GRPC), which can be ran as any user. Polkit is used to restrain access to some part of the API. There is a PAM module to build on demand per-user policy once authenticated with SSSD. They are rejected if the authentication or not all affected policies could be downloaded. [Quality assurance] Joining a domain in the ubiquity desktop installer makes the machine joining the AD domain and install adsys functionality. The package will be seeded directly on the desktop ISO. An extensive testsuite (more than 1k) is included and available as autopkgtests for rdepends. The whole stack is tested (even the client/daemon interaction) and coverage is measured (including in the small python script). However, tests with a real Active Directory server can only be done manually as there is no setup available in the autopkgtests infrastructure. [Dependencies] Main dependencies are libsmbclient, python3 (an embeeded script allows, via samba, connecting to AD LDAP) and SSSD/KRB5. This is a Go package, and all dependencies are vendored, and versions are controlled via go.mod. We are using dependabot (from Github) to automatically get notified of any dependencies updates (and security issues), which opens a PR, rebuild and run all tests to report it there. We are thus able to quickly merge them. [Standards compliance] Standard debhelper packaging, including a systemd service. [Maintenance] The desktop team will maintain it. * we commit to test no-change-rebuilds triggered by a dependent library/compiler and to fix any issues found for the lifetime of the release (including ESM when included) * we will provide timely testing of no-change-rebuilds from the security team, fixing the rebuilt package as necessary * we commit to provide updates to the security team for any affected vendored code for the lifetime of the release (including ESM when included) * we will provide timely, high quality updates for the security team to sponsor to fix issues in the affected vendored code [Background information] ADSys is composed of: - a daemon, named adsysd, running as root. This one will shutdown after a period of inactivity without any active request. It is socket activated. - a client, named adsysctl (which is a symlink to adsysd and only differ behavior from its executable name), which is running as the user (or root on boot for machine update). This ones optionally wakes up adsysd, connect through an Unix socket with SO_PEERCRED to communicate current user running the process. We are using grpc to communicate between the client and service. Each client request is validated through polkit, matching user name and permissions. The daemon will reject any unauthorized client connections. Note that all actions are always performed from executing the client, even the scheduled one by a cron. The daemon contains a python embedded script that uses samba utilities to connect with GSSAPI to
[Desktop-packages] [Bug 1962568] Re: [MIR] libadwaita-1
$ ./change-override -s jammy -c main -S libadwaita-1 Override component to main libadwaita-1 1.1~rc-1 in jammy: universe/misc -> main gir1.2-adw-1 1.1~rc-1 in jammy amd64: universe/introspection/optional/100% -> main gir1.2-adw-1 1.1~rc-1 in jammy arm64: universe/introspection/optional/100% -> main gir1.2-adw-1 1.1~rc-1 in jammy armhf: universe/introspection/optional/100% -> main gir1.2-adw-1 1.1~rc-1 in jammy ppc64el: universe/introspection/optional/100% -> main gir1.2-adw-1 1.1~rc-1 in jammy riscv64: universe/introspection/optional/100% -> main gir1.2-adw-1 1.1~rc-1 in jammy s390x: universe/introspection/optional/100% -> main libadwaita-1-0 1.1~rc-1 in jammy amd64: universe/libs/optional/100% -> main libadwaita-1-0 1.1~rc-1 in jammy arm64: universe/libs/optional/100% -> main libadwaita-1-0 1.1~rc-1 in jammy armhf: universe/libs/optional/100% -> main libadwaita-1-0 1.1~rc-1 in jammy ppc64el: universe/libs/optional/100% -> main libadwaita-1-0 1.1~rc-1 in jammy riscv64: universe/libs/optional/100% -> main libadwaita-1-0 1.1~rc-1 in jammy s390x: universe/libs/optional/100% -> main libadwaita-1-dev 1.1~rc-1 in jammy amd64: universe/libdevel/optional/100% -> main libadwaita-1-dev 1.1~rc-1 in jammy arm64: universe/libdevel/optional/100% -> main libadwaita-1-dev 1.1~rc-1 in jammy armhf: universe/libdevel/optional/100% -> main libadwaita-1-dev 1.1~rc-1 in jammy ppc64el: universe/libdevel/optional/100% -> main libadwaita-1-dev 1.1~rc-1 in jammy riscv64: universe/libdevel/optional/100% -> main libadwaita-1-dev 1.1~rc-1 in jammy s390x: universe/libdevel/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy amd64: universe/doc/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy arm64: universe/doc/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy armhf: universe/doc/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy i386: universe/doc/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy ppc64el: universe/doc/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy riscv64: universe/doc/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy s390x: universe/doc/optional/100% -> main libadwaita-1-examples 1.1~rc-1 in jammy amd64: universe/x11/optional/100% -> main libadwaita-1-examples 1.1~rc-1 in jammy arm64: universe/x11/optional/100% -> main libadwaita-1-examples 1.1~rc-1 in jammy armhf: universe/x11/optional/100% -> main libadwaita-1-examples 1.1~rc-1 in jammy ppc64el: universe/x11/optional/100% -> main libadwaita-1-examples 1.1~rc-1 in jammy riscv64: universe/x11/optional/100% -> main libadwaita-1-examples 1.1~rc-1 in jammy s390x: universe/x11/optional/100% -> main Override [y|N]? y 32 publications overridden. ** Changed in: libadwaita-1 (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libadwaita-1 in Ubuntu. https://bugs.launchpad.net/bugs/1962568 Title: [MIR] libadwaita-1 Status in libadwaita-1 package in Ubuntu: Fix Released Bug description: [Availability] The package libadwaita-1 is already in Ubuntu universe. The package libadwaita-1 build for the architectures it is designed to work on. It currently builds and works for architetcures: amd64 arm64 armhf ppc64el riscv64 s390x Link to package https://launchpad.net/ubuntu/+source/libadwaita-1 [Rationale] - The package libadwaita-1 is required in Ubuntu main because gnome-shell depends on it to be able to load extensions which use that library. - The package libadwaita-1 is required in Ubuntu main no later than March 28 which is beta freeze since it's going to block the new gnome-shell version to migrate out of proposed. [Security] - No CVEs/security issues in this software in the past - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Packages does not open privileged ports (ports < 1024) - Packages does not contain extensions to security-sensitive software [Quality assurance - function/usage] - The package works well right after install [Quality assurance - maintenance] - The package is maintained well in Debian/Ubuntu, it is rather new and has 1 low importance bug reported - Ubuntu https://bugs.launchpad.net/ubuntu/+source/libadwaita-1/+bug - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=libadwaita-1 - The package does not deal with exotic hardware we cannot support [Quality assurance - testing] - The package runs a test suite on build time, if it fails it makes the build fail, link to build log https://launchpadlibrarian.net/587438856/buildlog_ubuntu-jammy-amd64.libadwaita-1_1.1~beta-1_BUILDING.txt.gz - The package runs an autopkgtest, and is currently passing on this list of architectures , https://autopkgtest.ubuntu.com/packages/liba/libadwaita-1 [Quality assurance - packaging] - debian/watch is present and works - This package has no important
[Desktop-packages] [Bug 1962170] Re: DEP8 failure with samba 4.15.5
For reference, fixed in https://github.com/ubuntu/adsys/pull/289. Thanks Michael for the initial work on this! ** Changed in: adsys (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1962170 Title: DEP8 failure with samba 4.15.5 Status in adsys package in Ubuntu: Fix Committed Bug description: The DEP8 tests of adsys started to fail[1] with my samba 4.15.5 upload. Some hints: ahasenack: it seems we can’t start our smbd local daemon to simulate Active Directory smb server ahasenack: yeah, I’m puzzled because on smbd start failure, we do print stderr (not stdout though): https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L16 https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L43 in particular you can see here how we start it: https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L21 and the config template is at https://github.com/ubuntu/adsys/blob/20e6f962eb87f667f5e29800be0715ab2496a10d/internal/testutils/samba.go#L55 2022/02/24 03:13:59 Setup: smbd hasn’t started successfully that's here: https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L129 you wait for the port to be open? which port is that, 445/tcp? we wait on the port to be opened, and this one is passed as a parameter, see the template. For the argument we pass in ad tests, once sec, looking 1446 https://github.com/ubuntu/adsys/blob/20e6f962eb87f667f5e29800be0715ab2496a10d/cmd/integration_tests/adsys_test.go#L47 you just need to run go test . in internal/ad/ the failure is as the pre-test setup 1. https://autopkgtest.ubuntu.com/results/autopkgtest-jammy/jammy/amd64/a/adsys/20220224_031434_4d453@/log.gz To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1962170/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1961459] Re: adsys pam issues
** Changed in: adsys (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1961459 Title: adsys pam issues Status in adsys package in Ubuntu: Fix Committed Bug description: These may not be security issues but it's possible I overlooked something; since they live in a security boundary I thought it worth reporting with a bit of hassle. If you'd rather work on this in the open, feel free to open this. pam_adsys.c update_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to work but I don't think that's how that API is supposed to be used pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny Thanks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961459/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1962510] Re: failing tests with new sssd, blocks python3-defaults
The flaky test on armhf is fixed by https://github.com/ubuntu/adsys/pull/292 (couldn’t retrigger the flakyness after multiple builds in ppa with this patch) The ppcel64 issue, introduced by new samba is workarounded in https://github.com/ubuntu/adsys/pull/295 ** Changed in: adsys (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1962510 Title: failing tests with new sssd, blocks python3-defaults Status in adsys package in Ubuntu: Fix Committed Bug description: adsys has failing autopkgtests on armhf. Demoting the package to -proposed to unblock the python3-defaults transition. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1962510/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1962556] [NEW] [FFe] WSL systemd experimental support
Public bug reported: WSL on Ubuntu 22.04 has a strecth goal to ship systemd experimental support. This relies on 3 changes: - a script started up on WSL VM boot, which is shipped as part of this package to start systemd in its own namespace. - a change in the ubuntu Windows launcher executable, which is then looking for the boot= parameter in wsl.conf and if systemd experimental support is enabled, starts any new commands into that systemd namespace - an option in our OOBE installer, under advanced menu, disabled by default, to change the boot= parameter in wsl.conf. The feature will be labeled as experimental. So, this experimental support won’t be enabled by default and paved the way to have a discussion with Microsoft for potential limitations and how we can get this to a wider audience in the long term. This feature is long-awaited for WSL users. ** Affects: wsl-setup (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to wsl-setup in Ubuntu. https://bugs.launchpad.net/bugs/1962556 Title: [FFe] WSL systemd experimental support Status in wsl-setup package in Ubuntu: New Bug description: WSL on Ubuntu 22.04 has a strecth goal to ship systemd experimental support. This relies on 3 changes: - a script started up on WSL VM boot, which is shipped as part of this package to start systemd in its own namespace. - a change in the ubuntu Windows launcher executable, which is then looking for the boot= parameter in wsl.conf and if systemd experimental support is enabled, starts any new commands into that systemd namespace - an option in our OOBE installer, under advanced menu, disabled by default, to change the boot= parameter in wsl.conf. The feature will be labeled as experimental. So, this experimental support won’t be enabled by default and paved the way to have a discussion with Microsoft for potential limitations and how we can get this to a wider audience in the long term. This feature is long-awaited for WSL users. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wsl-setup/+bug/1962556/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1962170] Re: DEP8 failure with samba 4.15.5
Hum, it seems your patch makes sense and should work on most arch. I saw Michael did an upload with this: https://launchpad.net/ubuntu/+source/adsys/0.8ubuntu1 But it’s failing only on ppcel64: https://launchpadlibrarian.net/588289907/buildlog_ubuntu-jammy-ppc64el.adsys_0.8ubuntu1_BUILDING.txt.gz and passing on other architectures. The issue may be related to the signal installed on libsmbclient: https://github.com/ubuntu/adsys/blob/main/internal/smbsafe/smbsafe.go#L4. This workaround is the only reason of smbsafe (you can’t then exec concurrently subprocesses without cleaning up those signals and the library is doing that at every smb call on your behalf). Another idea is that stderr is not allocated for whatever reason https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L38 but why only on ppcel64? I reastically won’t have the time this week with the sprint to look at this. I hope this gives some hints if you need urgently to have it fixed before next one. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1962170 Title: DEP8 failure with samba 4.15.5 Status in adsys package in Ubuntu: In Progress Bug description: The DEP8 tests of adsys started to fail[1] with my samba 4.15.5 upload. Some hints: ahasenack: it seems we can’t start our smbd local daemon to simulate Active Directory smb server ahasenack: yeah, I’m puzzled because on smbd start failure, we do print stderr (not stdout though): https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L16 https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L43 in particular you can see here how we start it: https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L21 and the config template is at https://github.com/ubuntu/adsys/blob/20e6f962eb87f667f5e29800be0715ab2496a10d/internal/testutils/samba.go#L55 2022/02/24 03:13:59 Setup: smbd hasn’t started successfully that's here: https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L129 you wait for the port to be open? which port is that, 445/tcp? we wait on the port to be opened, and this one is passed as a parameter, see the template. For the argument we pass in ad tests, once sec, looking 1446 https://github.com/ubuntu/adsys/blob/20e6f962eb87f667f5e29800be0715ab2496a10d/cmd/integration_tests/adsys_test.go#L47 you just need to run go test . in internal/ad/ the failure is as the pre-test setup 1. https://autopkgtest.ubuntu.com/results/autopkgtest-jammy/jammy/amd64/a/adsys/20220224_031434_4d453@/log.gz To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1962170/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1962170] Re: DEP8 failure with samba 4.15.5
Hum, it seems your patch makes sense and should work on most arch. I saw Michael did an upload with this: https://launchpad.net/ubuntu/+source/adsys/0.8ubuntu1 But it’s failing only on ppcel64: https://launchpadlibrarian.net/588289907/buildlog_ubuntu-jammy-ppc64el.adsys_0.8ubuntu1_BUILDING.txt.gz and passing on other architectures. The issue may be related to the signal installed on libsmbclient: https://github.com/ubuntu/adsys/blob/main/internal/smbsafe/smbsafe.go#L4. This workaround is the only reason of smbsafe (you can’t then exec concurrently subprocesses without cleaning up those signals and the library is doing that at every smb call on your behalf). Another idea is that stderr is not allocated for whatever reason https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L38 but why only on ppcel64? I reastically won’t have the time this week with the sprint to look at this. I hope this gives some hints if you need urgently to have it fixed before next one. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1962170 Title: DEP8 failure with samba 4.15.5 Status in adsys package in Ubuntu: In Progress Bug description: The DEP8 tests of adsys started to fail[1] with my samba 4.15.5 upload. Some hints: ahasenack: it seems we can’t start our smbd local daemon to simulate Active Directory smb server ahasenack: yeah, I’m puzzled because on smbd start failure, we do print stderr (not stdout though): https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L16 https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L43 in particular you can see here how we start it: https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L21 and the config template is at https://github.com/ubuntu/adsys/blob/20e6f962eb87f667f5e29800be0715ab2496a10d/internal/testutils/samba.go#L55 2022/02/24 03:13:59 Setup: smbd hasn’t started successfully that's here: https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L129 you wait for the port to be open? which port is that, 445/tcp? we wait on the port to be opened, and this one is passed as a parameter, see the template. For the argument we pass in ad tests, once sec, looking 1446 https://github.com/ubuntu/adsys/blob/20e6f962eb87f667f5e29800be0715ab2496a10d/cmd/integration_tests/adsys_test.go#L47 you just need to run go test . in internal/ad/ the failure is as the pre-test setup 1. https://autopkgtest.ubuntu.com/results/autopkgtest-jammy/jammy/amd64/a/adsys/20220224_031434_4d453@/log.gz To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1962170/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1936907] Re: [MIR] ADSys
Thanks Seth for the review and the overall positive comments! :) Some answers: 1. the potential race is fixed after our discussion and pending some reviews 2. the pam modulefixes are done and merged already (even if upstream don’t deallocate, let’s do it on our side) 3. on the conditions that can be added to adsys-boot.service to make it less likely to spam the journal every five seconds for ten hours when on an airplane? -> We can’t rely on network being up (maybe we never had the network, or the interface is on but not connected yet, or the interface is on, has no Internet, but local network is enough to reach AD). Depending on all those conditions, we can’t link it to the network, it may be too early or too late. Also, we support offline mode once we have a valid cache. Considering that this case only happen the first time you boot your machine (no local cache for offline usage) and don’t have access to AD, this doesn’t seem a big issue and rather something you want to be alerted on, what do you think? 4. on the doc and examples containing a socket in /tmp -> This is more a debug example to run adsysd as non root. The issue with putting real values is then, if you do that on a system where adsysd is running, you end up erroring out on the systemd existing socket and then, it’s a nightmare to recover on the systemd side (you need to reset the state of the .socket unit). This is why the example carefully avoid using the real system socket (in addition to require root to read it). -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1936907 Title: [MIR] ADSys Status in adsys package in Ubuntu: In Progress Bug description: [Availability] Available on all archs, available starting hirsute. It will be backported to Focal once an FFe has been accepted. [Rationale] We are supporting GPO Active Directory support on ubuntu starting hirsute. This features allows for an administrator to configure their Active Directory server to deploy per-machine and per-user configurations, enforce rules and other domain policies. Right now, dconf keys, sudo administration rights and computer and user scripts are supported. This feature is built and use the krb5 tickets which are provided by SSSD. Basically: - SSSD is dealing with user and machine registration/authentification and enforce password policies - ADSys is handling GPO enforcement and support. The Ubuntu specific policies needs to be installed on the Active Directory server (they are contained in the daemon). [Security] The daemon is started is running as a root user to be able to enforce machine policies, like rebuilding dconf databases, setting profiles. User only interacts with the client side (both sides communicates over GRPC), which can be ran as any user. Polkit is used to restrain access to some part of the API. There is a PAM module to build on demand per-user policy once authenticated with SSSD. They are rejected if the authentication or not all affected policies could be downloaded. [Quality assurance] Joining a domain in the ubiquity desktop installer makes the machine joining the AD domain and install adsys functionality. The package will be seeded directly on the desktop ISO. An extensive testsuite (more than 1k) is included and available as autopkgtests for rdepends. The whole stack is tested (even the client/daemon interaction) and coverage is measured (including in the small python script). However, tests with a real Active Directory server can only be done manually as there is no setup available in the autopkgtests infrastructure. [Dependencies] Main dependencies are libsmbclient, python3 (an embeeded script allows, via samba, connecting to AD LDAP) and SSSD/KRB5. This is a Go package, and all dependencies are vendored, and versions are controlled via go.mod. We are using dependabot (from Github) to automatically get notified of any dependencies updates (and security issues), which opens a PR, rebuild and run all tests to report it there. We are thus able to quickly merge them. [Standards compliance] Standard debhelper packaging, including a systemd service. [Maintenance] The desktop team will maintain it. * we commit to test no-change-rebuilds triggered by a dependent library/compiler and to fix any issues found for the lifetime of the release (including ESM when included) * we will provide timely testing of no-change-rebuilds from the security team, fixing the rebuilt package as necessary * we commit to provide updates to the security team for any affected vendored code for the lifetime of the release (including ESM when included) * we will provide timely, high quality updates for the security team to sponsor to fix issues in the affected vendored code [Background information] ADSys is composed
[Desktop-packages] [Bug 1961459] Re: adsys pam issues
Ah, thanks! Lurking there and will shamelessly copy what they decide to do! :) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1961459 Title: adsys pam issues Status in adsys package in Ubuntu: New Bug description: These may not be security issues but it's possible I overlooked something; since they live in a security boundary I thought it worth reporting with a bit of hassle. If you'd rather work on this in the open, feel free to open this. pam_adsys.c update_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() arggv leak in fork() failure pam_adsys.c update_machine_policy() -- status != 0 looks like it ought to work but I don't think that's how that API is supposed to be used pam_adsys.c pam_sm_open_session() -- gethostname() indentation is funny Thanks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961459/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1957050] Re: [MIR] suitesparse-graphblas
Seems this is not enough and it’s again in the graph: o suitesparse-graphblas: libgraphblas-dev libgraphblas-doc libgraphblas6 [Reverse-Depends: Rescued from suitesparse-graphblas, libgraphblas-dev] [Reverse-Recommends: libsuitesparse-dev] Seb, if you have some spare cycle, mind having another look? Let’s reuse this bug to track it. ** Changed in: suitesparse-graphblas (Ubuntu) Assignee: (unassigned) => Sebastien Bacher (seb128) ** Changed in: suitesparse-graphblas (Ubuntu) Status: Invalid => Incomplete -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to suitesparse-graphblas in Ubuntu. https://bugs.launchpad.net/bugs/1957050 Title: [MIR] suitesparse-graphblas Status in suitesparse-graphblas package in Ubuntu: Incomplete Bug description: [Availability] The package suitesparse-graphblas is already in Ubuntu universe. The package suitesparse-graphblas builds for the architectures it is designed to work on. It currently builds and works for architectures: amd64 arm64 armhf ppc64el riscv64 s390x Link to package https://launchpad.net/ubuntu/+source/suitesparse-graphblas [Rationale] - The package suitesparse-graphblas is required in Ubuntu main to replace the current outdated copy included in suitesparse It's following up the change in https://launchpad.net/ubuntu/+source/suitesparse/1:5.10.1+dfsg-3 [Security] - No CVEs/security issues in this software in the past - no `suid` or `sgid` binaries - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Packages does not open privileged ports (ports < 1024) - Packages does not contain extensions to security-sensitive software [Quality assurance - function/usage] - The package works well right after install [Quality assurance - maintenance] - The package does not deal with exotic hardware we cannot support [Quality assurance - testing] - The package doesn't run tests during the build. It's not a regression compared to the current situation but it is something we should work toward resolving. The lack of tests has been reported to Debian, https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1003883 And on launchpad assigned to canonical-desktop-team, https://bugs.launchpad.net/ubuntu/+source/suitesparse-graphblas/+bug/1958152 - Similarly there is no autopkgtest, which is identic to the current situation pre split. It's mentioned in the previously referenced reports. - The lack of tests was discussed in the MIR team meeting and it was agreed the issue wouldn't be a blocker for promotion since it's not a regression over the current situation. [Quality assurance - packaging] - debian/watch is present and works - lintian --pedantic only warns about lines > 512 chars in upstream sources which doesn't sound like something we need to worry about - This package does not rely on obsolete or about to be demoted packages. - This package has no python2 or GTK2 dependencies - The package will be installed by default, but does not ask debconf questions - Packaging and build is easy, link to d/rules https://salsa.debian.org/science-team/suitesparse-graphblas/-/blob/master/debian/rules [UI standards] - Application is not end-user facing (does not need translation) [Dependencies] - No further depends or recommends dependencies that are not yet in main [Standards compliance] - This package correctly follows FHS and Debian Policy [Maintenance/Owner] - Owning Team will be desktop-packages - Team is already subscribed to the package - This does not use static builds - This does not use vendored code [Background information] The Package description explains the package well Upstream Name is GraphBLAS Link to upstream project https://people.engr.tamu.edu/davis/GraphBLAS.html To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suitesparse-graphblas/+bug/1957050/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1929038] Re: [SRU] Backport to 20.04 LTS
Hey Łukasz! Thanks for accepting it! impish has a version of adsys. This is an entreprise feature and I doubt we have users there, as by default, this is hilighted for LTSes only. Functionality-wise, as there is no ubuntu-advantage-desktop-daemon, this is equivalent to the version already present there (apart from one bug fix). We can prepare the SRU if you feel this is a deal-breaker, but I think this is more for paperwork than having a real rationale. What’s your opinion on this? -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1929038 Title: [SRU] Backport to 20.04 LTS Status in adsys package in Ubuntu: Fix Released Status in golang-1.16 package in Ubuntu: Fix Released Status in adsys source package in Focal: Fix Committed Status in golang-1.16 source package in Focal: Fix Released Bug description: As part of our entreprise desktop offering, there is the request to backport ADSys to 20.04 LTS. The package is in universe for now. ADSys is our Active Directory GPO integration. It’s available starting Ubuntu 21.04. [Impact] * ADSys is a new package. Impacts is thus only for people installing. * It depends on a recent Golang (1.16). We thus needs to backport this package from Ubuntu 21.04/21.10 (1.16.2-0ubuntu1 at the time of this writing) by introducing a versioned separate package (each Go version is a separate package already in the distribution). It is similar to what has been done for snaps in previous LTS. * This is a entreprise feature requested by desktop customers running LTS. [Test Plan for Golang 1.16] 1. Ensure Golang 1.16 is published in -proposed 2. Start a build with a package, requiring Golang 1.16 (dependency + PATH set to Golang 1.16 go binary). 3. Ensure the package builds successfully. 4. Run go version which should display: "go1.16.x" (x being the version uploaded). [Test Plan for ADSys] 1. Configure your machine with AD, with a correctly configured SSSD and KRB5 (AD user should be able to log in). Instructions can be found on https://github.com/ubuntu/adsys/wiki/2.-Prerequisites 2. Install admx and adml files on your AD controller: https://github.com/ubuntu/adsys/wiki/3.-AD-Setup 3. Configure some values in AD (https://github.com/ubuntu/adsys/wiki/4.-Using-GPO), for instance: * GDM login screen background * User favorites apps 4. Install ADSys, reboot the machine and login in as an AD user 5. Ensure both GDM background and user favorites apps follows what you set in AD [Where problems could occur] For Go 1.16: * Package depending on this Go version would not be able to compile. * As this is a separate, versionned, new package, no impact on existing ones. * FYI, we already built ADSys against this Go version in our ppa: https://launchpad.net/~didrocks/+archive/ubuntu/adsys For ADSys: * Machine will fail booting if ADSys can’t connect to AD on first boot. * AD User will fail logging if ADSys can’t connect to AD on first boot. * As this is a separate, versionned, new package, no impact on existing installations. [Other Info] * ADSys (built against Go 1.16 in the same PPA) is battle-tested from our PPA. * We will first upload Go 1.16 and let it migrate before uploading ADSys itself. * Of course, ADSys new version (the one we will backport) will be first uploaded in Impish. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1929038/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1929038] Re: [SRU] Backport to 20.04 LTS
Hey Łukasz! Thanks for accepting it! impish has a version of adsys. This is an entreprise feature and I doubt we have users there, as by default, this is hilighted for LTSes only. Functionality-wise, as there is no ubuntu-advantage-desktop-daemon, this is equivalent to the version already present there (apart from one bug fix). We can prepare the SRU if you feel this is a deal-breaker, but I think this is more for paperwork than having a real rationale. What’s your opinion on this? -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1929038 Title: [SRU] Backport to 20.04 LTS Status in adsys package in Ubuntu: Fix Released Status in golang-1.16 package in Ubuntu: Fix Released Status in adsys source package in Focal: Fix Committed Status in golang-1.16 source package in Focal: Fix Released Bug description: As part of our entreprise desktop offering, there is the request to backport ADSys to 20.04 LTS. The package is in universe for now. ADSys is our Active Directory GPO integration. It’s available starting Ubuntu 21.04. [Impact] * ADSys is a new package. Impacts is thus only for people installing. * It depends on a recent Golang (1.16). We thus needs to backport this package from Ubuntu 21.04/21.10 (1.16.2-0ubuntu1 at the time of this writing) by introducing a versioned separate package (each Go version is a separate package already in the distribution). It is similar to what has been done for snaps in previous LTS. * This is a entreprise feature requested by desktop customers running LTS. [Test Plan for Golang 1.16] 1. Ensure Golang 1.16 is published in -proposed 2. Start a build with a package, requiring Golang 1.16 (dependency + PATH set to Golang 1.16 go binary). 3. Ensure the package builds successfully. 4. Run go version which should display: "go1.16.x" (x being the version uploaded). [Test Plan for ADSys] 1. Configure your machine with AD, with a correctly configured SSSD and KRB5 (AD user should be able to log in). Instructions can be found on https://github.com/ubuntu/adsys/wiki/2.-Prerequisites 2. Install admx and adml files on your AD controller: https://github.com/ubuntu/adsys/wiki/3.-AD-Setup 3. Configure some values in AD (https://github.com/ubuntu/adsys/wiki/4.-Using-GPO), for instance: * GDM login screen background * User favorites apps 4. Install ADSys, reboot the machine and login in as an AD user 5. Ensure both GDM background and user favorites apps follows what you set in AD [Where problems could occur] For Go 1.16: * Package depending on this Go version would not be able to compile. * As this is a separate, versionned, new package, no impact on existing ones. * FYI, we already built ADSys against this Go version in our ppa: https://launchpad.net/~didrocks/+archive/ubuntu/adsys For ADSys: * Machine will fail booting if ADSys can’t connect to AD on first boot. * AD User will fail logging if ADSys can’t connect to AD on first boot. * As this is a separate, versionned, new package, no impact on existing installations. [Other Info] * ADSys (built against Go 1.16 in the same PPA) is battle-tested from our PPA. * We will first upload Go 1.16 and let it migrate before uploading ADSys itself. * Of course, ADSys new version (the one we will backport) will be first uploaded in Impish. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1929038/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1929038] Re: [SRU] Backport to 20.04 LTS
Thanks Łukasz! This is now in focal NEW. I think this could be accepted, migrate to update even and then, we can think about promoting it to main once #1936907 is approved. What do you think? -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1929038 Title: [SRU] Backport to 20.04 LTS Status in adsys package in Ubuntu: Fix Released Status in golang-1.16 package in Ubuntu: Fix Released Status in adsys source package in Focal: Triaged Status in golang-1.16 source package in Focal: Fix Released Bug description: As part of our entreprise desktop offering, there is the request to backport ADSys to 20.04 LTS. The package is in universe for now. ADSys is our Active Directory GPO integration. It’s available starting Ubuntu 21.04. [Impact] * ADSys is a new package. Impacts is thus only for people installing. * It depends on a recent Golang (1.16). We thus needs to backport this package from Ubuntu 21.04/21.10 (1.16.2-0ubuntu1 at the time of this writing) by introducing a versioned separate package (each Go version is a separate package already in the distribution). It is similar to what has been done for snaps in previous LTS. * This is a entreprise feature requested by desktop customers running LTS. [Test Plan for Golang 1.16] 1. Ensure Golang 1.16 is published in -proposed 2. Start a build with a package, requiring Golang 1.16 (dependency + PATH set to Golang 1.16 go binary). 3. Ensure the package builds successfully. 4. Run go version which should display: "go1.16.x" (x being the version uploaded). [Test Plan for ADSys] 1. Configure your machine with AD, with a correctly configured SSSD and KRB5 (AD user should be able to log in). Instructions can be found on https://github.com/ubuntu/adsys/wiki/2.-Prerequisites 2. Install admx and adml files on your AD controller: https://github.com/ubuntu/adsys/wiki/3.-AD-Setup 3. Configure some values in AD (https://github.com/ubuntu/adsys/wiki/4.-Using-GPO), for instance: * GDM login screen background * User favorites apps 4. Install ADSys, reboot the machine and login in as an AD user 5. Ensure both GDM background and user favorites apps follows what you set in AD [Where problems could occur] For Go 1.16: * Package depending on this Go version would not be able to compile. * As this is a separate, versionned, new package, no impact on existing ones. * FYI, we already built ADSys against this Go version in our ppa: https://launchpad.net/~didrocks/+archive/ubuntu/adsys For ADSys: * Machine will fail booting if ADSys can’t connect to AD on first boot. * AD User will fail logging if ADSys can’t connect to AD on first boot. * As this is a separate, versionned, new package, no impact on existing installations. [Other Info] * ADSys (built against Go 1.16 in the same PPA) is battle-tested from our PPA. * We will first upload Go 1.16 and let it migrate before uploading ADSys itself. * Of course, ADSys new version (the one we will backport) will be first uploaded in Impish. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1929038/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1956949] Re: CPC AWS jammy builds fail with: "fuse3 : Breaks: fuse"
** Changed in: gvfs (Ubuntu) Assignee: Didier Roche (didrocks) => Sebastien Bacher (seb128) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gvfs in Ubuntu. https://bugs.launchpad.net/bugs/1956949 Title: CPC AWS jammy builds fail with: "fuse3 : Breaks: fuse" Status in launchpad-buildd: Invalid Status in fuse3 package in Ubuntu: Invalid Status in gvfs package in Ubuntu: New Status in open-vm-tools package in Ubuntu: Fix Released Status in unionfs-fuse package in Ubuntu: New Bug description: CPC Jammy AWS image builds with livecd-rootfs fail now with: The following packages have unmet dependencies: fuse3 : Breaks: fuse This is relatively new (build worked on 20220104). The full build log can be seen at https://launchpad.net/~cloudware/+livefs/ubuntu/jammy/cpc/+build/320984 To manage notifications about this bug go to: https://bugs.launchpad.net/launchpad-buildd/+bug/1956949/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1948392] Re: [MIR] wsl-setup
$ ./change-override -c main -S wsl-setup Override component to main wsl-setup 0.1.1 in jammy: universe/admin -> main wsl-setup 0.1.1 in jammy amd64: universe/admin/optional/100% -> main wsl-setup 0.1.1 in jammy arm64: universe/admin/optional/100% -> main wsl-setup 0.1.1 in jammy armhf: universe/admin/optional/100% -> main wsl-setup 0.1.1 in jammy i386: universe/admin/optional/100% -> main wsl-setup 0.1.1 in jammy ppc64el: universe/admin/optional/100% -> main wsl-setup 0.1.1 in jammy riscv64: universe/admin/optional/100% -> main wsl-setup 0.1.1 in jammy s390x: universe/admin/optional/100% -> main Override [y|N]? y 8 publications overridden. ** Changed in: wsl-setup (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to wsl-setup in Ubuntu. https://bugs.launchpad.net/bugs/1948392 Title: [MIR] wsl-setup Status in wsl-setup package in Ubuntu: Fix Released Bug description: [Availability] Built for all supported architectures. starting from jammy. It is a simple arch-independent package. [Rationale] On WSL, we have an out of the box experience UI. This one is based on ubuntu-desktop-installer (which includes subiquity) on a classic snap. However, WSL doesn’t have systemd/apparmor (and so snap) support. For 22.04 LTS, we plan thus on mimicking a snap environment before executing the binaries in the snap itself. There is no confinement planned here, just shipping all dependencies that way before being able to switch to a more classic snap behavior in future WSL releases. This script is thus preparing this, mounting all needed snaps (core/theme/installer) before exporting needed environment variables for the snap and chaining to the binary within the snap. There is no specific changes for this in the snap. This package will be seeded on WSL. [Security] No known security issues There is no CVE, as being a new package, as of today. The script, even if ran as root on first setup, is using set -eu, and does basic things like mounting, bind mount, directory creation and export environment variables. [Quality assurance] There is no tests for this script, but we plan as part of our 22.04 LTS roadmap to have automated installation tests as part of our CI and daily builds. This will thus provision the machine, execute the Windows launcher executable which will chain into that script, which will itself chain to the snap, proceeding the OOBE experience. Consequently, failures will be quickly detected. There is no bugs opened as of today, as it’s a new package, and it’s only used by devs localy until we can seed it. On the packaging itself, this one is really trivial, and only ship one script. No postinst, no debconf questions. Note about the false lintian positive W: wsl-setup source: unknown-field wsl-setup_0.1.dsc Description, which is supported to fill the binary packages description with it. [UI standards] No UI as part of this script itself. [Dependencies] No dependency. Note that we don’t install the needed snaps on purpose in postinst. The snaps will be directly seeded. This is to prevent installation failure on system without snap support. [Standards compliance] Use current Standards-Version and dh 13 [Maintenance] The desktop team, as being responsible for WSL will maintain this package. [Background information] This script is called by the Windows launcher directly and should not be called directly by the user. This is why it ends up in libexec. The plan is to phase out this script once we get snap support on WSL (but this is dependent on Microsoft’s roadmap). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wsl-setup/+bug/1948392/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1947327] Re: [SRU] New package adsys
*** This bug is a duplicate of bug 1929038 *** https://bugs.launchpad.net/bugs/1929038 ** This bug has been marked a duplicate of bug 1929038 [SRU] Backport to 20.04 LTS -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1947327 Title: [SRU] New package adsys Status in adsys package in Ubuntu: New Bug description: [Impact] * Active Directory GPO support is a feature that we developed in impish. We have some customers asking for a backport on our current LTS release. This is a new feature which goes hands in hands with MIRing ADsys. See https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1936907. * We already backported the Golang 1.16, multiple SSSD fixes and GNOME Shell integration (for GDM policies) in focal. All are in -updates pocket. [Test Plan] * Setup an Active Directory server and controllers, enroll the machine and enable Ubuntu GPO support as described in the ADsys documentation (https://github.com/ubuntu/adsys/wiki/3.-AD-Setup) * Log in with an Active Directory user and apply GPO to it https://github.com/ubuntu/adsys/wiki/4.-Using-GPO * Ensure the GPO (changing user wallpaper, changing GDM background for instance) are applied on the machine. * Local user not in AD should not be impacted by any of thoss rules. [Where problems could occur] * Enabling SSSD with ADsys may prevent the machine booting or the user logging in. * Those are the direct part that is going to be tested above. [Other Info] * The backport has already be prepared, released in images and tested in customers environment with success. We thus have high confidence in term of regression risks. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1947327/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1947327] [NEW] [SRU] New package adsys
Public bug reported: [Impact] * Active Directory GPO support is a feature that we developed in impish. We have some customers asking for a backport on our current LTS release. This is a new feature which goes hands in hands with MIRing ADsys. See https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1936907. * We already backported the Golang 1.16, multiple SSSD fixes and GNOME Shell integration (for GDM policies) in focal. All are in -updates pocket. [Test Plan] * Setup an Active Directory server and controllers, enroll the machine and enable Ubuntu GPO support as described in the ADsys documentation (https://github.com/ubuntu/adsys/wiki/3.-AD-Setup) * Log in with an Active Directory user and apply GPO to it https://github.com/ubuntu/adsys/wiki/4.-Using-GPO * Ensure the GPO (changing user wallpaper, changing GDM background for instance) are applied on the machine. * Local user not in AD should not be impacted by any of thoss rules. [Where problems could occur] * Enabling SSSD with ADsys may prevent the machine booting or the user logging in. * Those are the direct part that is going to be tested above. [Other Info] * The backport has already be prepared, released in images and tested in customers environment with success. We thus have high confidence in term of regression risks. ** Affects: adsys (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1947327 Title: [SRU] New package adsys Status in adsys package in Ubuntu: New Bug description: [Impact] * Active Directory GPO support is a feature that we developed in impish. We have some customers asking for a backport on our current LTS release. This is a new feature which goes hands in hands with MIRing ADsys. See https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1936907. * We already backported the Golang 1.16, multiple SSSD fixes and GNOME Shell integration (for GDM policies) in focal. All are in -updates pocket. [Test Plan] * Setup an Active Directory server and controllers, enroll the machine and enable Ubuntu GPO support as described in the ADsys documentation (https://github.com/ubuntu/adsys/wiki/3.-AD-Setup) * Log in with an Active Directory user and apply GPO to it https://github.com/ubuntu/adsys/wiki/4.-Using-GPO * Ensure the GPO (changing user wallpaper, changing GDM background for instance) are applied on the machine. * Local user not in AD should not be impacted by any of thoss rules. [Where problems could occur] * Enabling SSSD with ADsys may prevent the machine booting or the user logging in. * Those are the direct part that is going to be tested above. [Other Info] * The backport has already be prepared, released in images and tested in customers environment with success. We thus have high confidence in term of regression risks. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1947327/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1946808] Re: zsys fail during reboot
The issue is in zfs-linux, where the merge from debian http://launchpadlibrarian.net/535966758/zfs- linux_2.0.2-1ubuntu5_2.0.3-8ubuntu1.diff.gz once again reverted some of the fixes and rolled back the patch to an earlier version. The fix was already reverted erronously in hirsute during the debian merge and we reintroduce the fix in https://launchpad.net/ubuntu/+source/zfs- linux/2.0.2-1ubuntu3. Colin, do you mind having a look and reintroducing the patch as a 0-days SRU (the first time we introduced it was in https://launchpad.net/ubuntu/+source/zfs-linux/0.8.4-1ubuntu14)? Can you check that you haven’t reverted by error other part of the patch and fix this one? As this is happening consecutively in 2 releases where the debian merge doesn’t seem to start from the latest version in ubuntu but reintroduce an older version of the patch, can you have a look at the local setup issue you may have when doing the merges? ** Package changed: zsys (Ubuntu) => zfs-linux (Ubuntu) ** Changed in: zfs-linux (Ubuntu) Assignee: (unassigned) => Colin Ian King (colin-king) ** Summary changed: - zsys fail during reboot + zsys fail reverting to a previous snapshot on reboot ** Summary changed: - zsys fail reverting to a previous snapshot on reboot + zfs fails reverting to a previous snapshot on reboot when selected on grub ** Changed in: zfs-linux (Ubuntu) Importance: Undecided => High ** Changed in: zfs-linux (Ubuntu) Status: New => Incomplete ** Changed in: zfs-linux (Ubuntu) Status: Incomplete => Triaged -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1946808 Title: zfs fails reverting to a previous snapshot on reboot when selected on grub Status in zfs-linux package in Ubuntu: Triaged Bug description: After creating a snapshot with: zsysctl save 211012-linux13-19 -s the reboot fails as shown on the screenshot, the other screenshot shows the result of the snapshot. ProblemType: Bug DistroRelease: Ubuntu 21.10 Package: zsys 0.5.8 ProcVersionSignature: Ubuntu 5.13.0-19.19-generic 5.13.14 Uname: Linux 5.13.0-19-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu70 Architecture: amd64 CasperMD5CheckResult: pass CurrentDesktop: XFCE Date: Tue Oct 12 19:11:43 2021 InstallationDate: Installed on 2021-10-12 (0 days ago) InstallationMedia: Xubuntu 21.10 "Impish Indri" - Release amd64 (20211012) Mounts: Error: [Errno 40] Too many levels of symbolic links: '/proc/mounts' ProcKernelCmdLine: BOOT_IMAGE=/BOOT/ubuntu_zgtuq6@/vmlinuz-5.13.0-19-generic root=ZFS=rpool/ROOT/ubuntu_zgtuq6 ro quiet splash RelatedPackageVersions: zfs-initramfs 2.0.6-1ubuntu2 zfsutils-linux 2.0.6-1ubuntu2 SourcePackage: zsys SystemdFailedUnits: UpgradeStatus: No upgrade log present (probably fresh install) ZFSImportedPools: NAMESIZE ALLOC FREE CKPOINT EXPANDSZ FRAGCAP DEDUPHEALTH ALTROOT bpool 768M 79.2M 689M- - 0%10% 1.00xONLINE - rpool14G 3.33G 10.7G- - 1%23% 1.00xONLINE - ZFSListcache-bpool: bpool/boot off on on off on off on off - none- - - - - - - - bpool/BOOT noneoff on on off on off on off - none- - - - - - - - bpool/BOOT/ubuntu_zgtuq6 /boot on on on off on off on off - none- - - - - - - - ZSYSJournal: -- Journal begins at Tue 2021-10-12 18:10:37 AST, ends at Tue 2021-10-12 19:11:52 AST. -- -- No entries -- modified.conffile..etc.apt.apt.conf.d.90_zsys_system_autosnapshot: [deleted] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zfs-linux/+bug/1946808/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1936907] Re: [MIR] ADSys
Thanks for the review! All comments should now be addressed. Required TODOs: * Statement is now clearly made in description Recommended TODOs: * subscription is now done * autopkgtests: no sudo anymore and they pass with 0.7.1: https://autopkgtest.ubuntu.com/packages/adsys * 0.7.1 ships the NOTICE file from yaml dependency * 0.7.1 now specify -buildmode=pie adsys 0.7.1 is now in the release pocket. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to adsys in Ubuntu. https://bugs.launchpad.net/bugs/1936907 Title: [MIR] ADSys Status in adsys package in Ubuntu: New Bug description: [Availability] Available on all archs, available starting hirsute. It will be backported to Focal once an FFe has been accepted. [Rationale] We are supporting GPO Active Directory support on ubuntu starting hirsute. This features allows for an administrator to configure their Active Directory server to deploy per-machine and per-user configurations, enforce rules and other domain policies. Right now, dconf keys are supported. This feature is built and use the krb5 tickets which are provided by SSSD. Basically: - SSSD is dealing with user and machine registration/authentification and enforce password policies - ADSys is handling GPO enforcement and support. The Ubuntu specific policies needs to be installed on the Active Directory server (they are contained in the daemon). [Security] The daemon is started is running as a root user to be able to enforce machine policies, like rebuilding dconf databases, setting profiles. User only interacts with the client side (both sides communicates over GRPC), which can be ran as any user. Polkit is used to restrain access to some part of the API. There is a PAM module to build on demand per-user policy once authenticated with SSSD. They are rejected if the authentication or not all affected policies could be downloaded. [Quality assurance] Joining a domain in the ubiquity desktop installer makes the machine joining the AD domain and install adsys functionality. The package will be seeded directly on the desktop ISO. An extensive testsuite (more than 700) is included and available as autopkgtests for rdepends. The whole stack is tested (even the client/daemon interaction) and coverage is measured (including in the small python script). However, tests with a real Active Directory server can only be done manually as there is no setup available in the autopkgtests infrastructure. [Dependencies] Main dependencies are libsmbclient, python3 (an embeeded script allows, via samba, connecting to AD LDAP) and SSSD/KRB5. This is a Go package, and all dependencies are vendored, and versions are controlled via go.mod. We are using dependabot (from Github) to automatically get notified of any dependencies updates (and security issues), which opens a PR, rebuild and run all tests to report it there. We are thus able to quickly merge them. [Standards compliance] Standard debhelper packaging, including a systemd service. [Maintenance] The desktop team will maintain it. * we commit to test no-change-rebuilds triggered by a dependent library/compiler and to fix any issues found for the lifetime of the release (including ESM when included) * we will provide timely testing of no-change-rebuilds from the security team, fixing the rebuilt package as necessary * we commit to provide updates to the security team for any affected vendored code for the lifetime of the release (including ESM when included) * we will provide timely, high quality updates for the security team to sponsor to fix issues in the affected vendored code [Background information] ADSys is composed of: - a daemon, named adsysd, running as root. This one will shutdown after a period of inactivity without any active request. It is socket activated. - a client, named adsysctl (which is a symlink to adsysd and only differ behavior from its executable name), which is running as the user (or root on boot for machine update). This ones optionally wakes up adsysd, connect through an Unix socket with SO_PEERCRED to communicate current user running the process. We are using grpc to communicate between the client and service. Each client request is validated through polkit, matching user name and permissions. The daemon will reject any unauthorized client connections. Note that all actions are always performed from executing the client, even the scheduled one by a cron. The daemon contains a python embeeded script to reuse samba utilities to connect with GSSAPI to the AD LDAP server and list available GPOs. GPOs are then downloaded in a cache directory which isn’t accessible to users. The daemon also contains all GPOs policies to install on the Active Directory side to reflect them in the UI. This could be accessed online or
[Desktop-packages] [Bug 1918446] Re: [MIR] libmanette
Override component to main libmanette 0.2.6-2 in impish: universe/misc -> main gir1.2-manette-0.2 0.2.6-2 in impish amd64: universe/introspection/optional/100% -> main gir1.2-manette-0.2 0.2.6-2 in impish arm64: universe/introspection/optional/100% -> main gir1.2-manette-0.2 0.2.6-2 in impish armhf: universe/introspection/optional/100% -> main gir1.2-manette-0.2 0.2.6-2 in impish ppc64el: universe/introspection/optional/100% -> main gir1.2-manette-0.2 0.2.6-2 in impish riscv64: universe/introspection/optional/100% -> main gir1.2-manette-0.2 0.2.6-2 in impish s390x: universe/introspection/optional/100% -> main libmanette-0.2-0 0.2.6-2 in impish amd64: universe/libs/optional/100% -> main libmanette-0.2-0 0.2.6-2 in impish arm64: universe/libs/optional/100% -> main libmanette-0.2-0 0.2.6-2 in impish armhf: universe/libs/optional/100% -> main libmanette-0.2-0 0.2.6-2 in impish ppc64el: universe/libs/optional/100% -> main libmanette-0.2-0 0.2.6-2 in impish riscv64: universe/libs/optional/100% -> main libmanette-0.2-0 0.2.6-2 in impish s390x: universe/libs/optional/100% -> main libmanette-0.2-dev 0.2.6-2 in impish amd64: universe/libdevel/optional/100% -> main libmanette-0.2-dev 0.2.6-2 in impish arm64: universe/libdevel/optional/100% -> main libmanette-0.2-dev 0.2.6-2 in impish armhf: universe/libdevel/optional/100% -> main libmanette-0.2-dev 0.2.6-2 in impish ppc64el: universe/libdevel/optional/100% -> main libmanette-0.2-dev 0.2.6-2 in impish riscv64: universe/libdevel/optional/100% -> main libmanette-0.2-dev 0.2.6-2 in impish s390x: universe/libdevel/optional/100% -> main Override [y|N]? y 19 publications overridden. ** Changed in: libmanette (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libmanette in Ubuntu. https://bugs.launchpad.net/bugs/1918446 Title: [MIR] libmanette Status in libmanette package in Ubuntu: Fix Released Bug description: * Availability Built for all supported architectures. In sync with Debian. https://launchpad.net/ubuntu/+source/libmanette/0.2.5-1 * Rationale It's a new optional build-depends from webkitgtk. It's enabled in Debian and an useful feature to have actived in Ubuntu. The binary needed in main is the library, libmanette-0.2-0. The dev and the gir binary are going to promoted in addition. * Security No known security issues https://security-tracker.debian.org/tracker/source-package/libmanette https://launchpad.net/ubuntu/+source/libmanette/+cve https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=libmanette * Quality assurance - The desktop-packages team is going to be subscribed - No open reports https://bugs.launchpad.net/ubuntu/+source/libmanette https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=libmanette https://gitlab.gnome.org/aplazas/libmanette/-/issues The tests are enabled during the build 1/3 ManetteEventMapping test OK 0.01s 2/3 ManetteMapping testOK 0.01s 3/3 ManetteMappingManager test OK 0.01s There is currently no autopkgtest * Dependencies The dependencies are in main Depends: libc6 (>= 2.4), libevdev2 (>= 1.4.5), libglib2.0-0 (>= 2.50.0), libgudev-1.0-0 (>= 146) * Standards compliance Use current Standards-Version and dh13 * Maintenance The Debian maintainer is active, the package is in sync, the Desktop Team is going to maintain it in Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libmanette/+bug/1918446/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1902898] Re: power-button action inconsistent between user session and greeter
** Description changed: - When a user is logged in to the Ubuntu desktop, a power button event - will cause the user to be prompted to choose if they'd like to proceed - with a shutdown. However, if the system is sitting at a greeter screen, - a power button event will instead attempt a suspend w/o prompting. This - is due to a different set of defaults for the greeter and the user: + [Impact] + When a user is logged in to the Ubuntu desktop, a power button event will cause the user to be prompted to choose if they'd like to proceed with a shutdown. However, if the system is sitting at a greeter screen, a power button event will instead attempt a suspend w/o prompting. This is due to a different set of defaults for the greeter and the user. + This is a fix for this, aligning all power actions between the greeter behaviour and the user session one on the user session. + + [Test Plan] + 1. Install new package and reboot + 2. On the greeter screen (gdm), press the physical power button of your machine. + 3. You should be now prompted about what to do, like shutdown. You can dismiss it. + 4. Clicking on the physical suspend button should suspend the machine immediatly. + + [Where problems could occur] + We change the scope of when we applied those settings: we were only applying them to the GNOME session ran by the user, and it will now be applied as default to the GNOME session ran by gdm. + Impacts is thus limited to the greeter screen. + + + Diff is available on this commit: https://git.launchpad.net/~ubuntu-desktop/ubuntu/+source/ubuntu-settings/commit/?h=focal=ca2f9aa9b03862ff044b64d7ef9506ca87e3dd89 + + -- + Original report content: For a logged-in desktop user, they see: $ gsettings get org.gnome.settings-daemon.plugins.power power-button-action 'interactive' But the gdm user sees: $ sudo machinectl shell gdm@ /bin/bash Connected to the local host. Press ^] three times within 1s to exit session. gdm:~$ gsettings get org.gnome.settings-daemon.plugins.power power-button-action 'suspend' Changing the gdm user's setting to "interactive" using gsettings causes the greeter to begin prompting, consistent with the logged in user experience. ** Changed in: ubuntu-settings (Ubuntu Focal) Status: Incomplete => Triaged -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-settings in Ubuntu. https://bugs.launchpad.net/bugs/1902898 Title: power-button action inconsistent between user session and greeter Status in ubuntu-settings package in Ubuntu: Fix Released Status in ubuntu-settings source package in Focal: Triaged Status in ubuntu-settings source package in Hirsute: Fix Released Bug description: [Impact] When a user is logged in to the Ubuntu desktop, a power button event will cause the user to be prompted to choose if they'd like to proceed with a shutdown. However, if the system is sitting at a greeter screen, a power button event will instead attempt a suspend w/o prompting. This is due to a different set of defaults for the greeter and the user. This is a fix for this, aligning all power actions between the greeter behaviour and the user session one on the user session. [Test Plan] 1. Install new package and reboot 2. On the greeter screen (gdm), press the physical power button of your machine. 3. You should be now prompted about what to do, like shutdown. You can dismiss it. 4. Clicking on the physical suspend button should suspend the machine immediatly. [Where problems could occur] We change the scope of when we applied those settings: we were only applying them to the GNOME session ran by the user, and it will now be applied as default to the GNOME session ran by gdm. Impacts is thus limited to the greeter screen. Diff is available on this commit: https://git.launchpad.net/~ubuntu-desktop/ubuntu/+source/ubuntu-settings/commit/?h=focal=ca2f9aa9b03862ff044b64d7ef9506ca87e3dd89 -- Original report content: For a logged-in desktop user, they see: $ gsettings get org.gnome.settings-daemon.plugins.power power-button-action 'interactive' But the gdm user sees: $ sudo machinectl shell gdm@ /bin/bash Connected to the local host. Press ^] three times within 1s to exit session. gdm:~$ gsettings get org.gnome.settings-daemon.plugins.power power-button-action 'suspend' Changing the gdm user's setting to "interactive" using gsettings causes the greeter to begin prompting, consistent with the logged in user experience. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-settings/+bug/1902898/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1902898] Re: power-button action inconsistent between user session and greeter
We are going to backport it to focal. Groovy, as being EOL in a couple of months, doesn’t work any SRU work, removing the task. ** No longer affects: ubuntu-settings (Ubuntu Groovy) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-settings in Ubuntu. https://bugs.launchpad.net/bugs/1902898 Title: power-button action inconsistent between user session and greeter Status in ubuntu-settings package in Ubuntu: Fix Released Status in ubuntu-settings source package in Focal: Incomplete Status in ubuntu-settings source package in Hirsute: Fix Released Bug description: When a user is logged in to the Ubuntu desktop, a power button event will cause the user to be prompted to choose if they'd like to proceed with a shutdown. However, if the system is sitting at a greeter screen, a power button event will instead attempt a suspend w/o prompting. This is due to a different set of defaults for the greeter and the user: For a logged-in desktop user, they see: $ gsettings get org.gnome.settings-daemon.plugins.power power-button-action 'interactive' But the gdm user sees: $ sudo machinectl shell gdm@ /bin/bash Connected to the local host. Press ^] three times within 1s to exit session. gdm:~$ gsettings get org.gnome.settings-daemon.plugins.power power-button-action 'suspend' Changing the gdm user's setting to "interactive" using gsettings causes the greeter to begin prompting, consistent with the logged in user experience. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-settings/+bug/1902898/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1922712] Re: add metric for new glibc hwcaps
I reviewed the branch and after some fixes, we +1 on it. CI is passing, the new code is covered by the same amount of testing than the rest of the code. I did a run-try locally with ubuntu-report --show: { "Version": "21.04", "OEM": { "Vendor": "Entroware", "Product": "Kratos", "Family": "Not Applicable" }, "BIOS": { "Vendor": "American Megatrends Inc.", "Version": "1.05.02E" }, "CPU": { "OpMode": "32-bit, 64-bit", "CPUs": "8", "Threads": "2", "Cores": "4", "Sockets": "1", "Vendor": "GenuineIntel", "Family": "6", "Model": "158", "Stepping": "10", "Name": "Intel(R) Core(TM) i5-8300H CPU @ 2.30GHz", "Virtualization": "VT-x" }, "Arch": "amd64", "HwCap": "x86-64-v3", "GPU": [ { "Vendor": "8086", "Model": "3e9b" }, { "Vendor": "10de", "Model": "1c8d" } ], "RAM": 16.2, "Partitions": [ 0.5 ], "Screens": [ { "Size": "344mmx194mm", "Resolution": "1920x1080", "Frequency": "60.02" }, { "Size": "527mmx296mm", "Resolution": "1920x1080", "Frequency": "60.00" } ], "Autologin": false, "LivePatch": false, "Session": { "DE": "ubuntu:GNOME", "Name": "ubuntu", "Type": "x11" }, "Language": "fr_FR", "Timezone": "Europe/Paris", "Install": { "Media": "Ubuntu 20.04 LTS \"Focal Fossa\" - Release amd64 (20200423)", "Type": "GTK", "OEM": false, "PartitionMethod": "use_zfs", "DownloadUpdates": true, "Language": "fr", "Minimal": false, "RestrictedAddons": true, "Stages": { "0": "language", "3": "console_setup", "53": "wireless", "82": "prepare", "130": "partman", "135": "partman", "137": "start_install", "141": "timezone", "142": "usersetup", "156": "user_done", "406": "done" } } } You can note the new entry is present: "HwCap": "x86-64-v3", -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ubuntu-report in Ubuntu. https://bugs.launchpad.net/bugs/1922712 Title: add metric for new glibc hwcaps Status in ubuntu-report package in Ubuntu: Triaged Bug description: FFe: We would like to collect that information with 21.04 to get a better view of supported hardware for the new hwcaps. The risk should be minimal, only adding an extra flag, and the server side collecting the data can handle that, according to Didier. pull request at https://github.com/ubuntu/ubuntu-report/pull/34 we want to collect information which most recent hwcap is supported by a machine. The result should be a string like "x86-64-v2", "x86-64-v3", "x86-64-v4", "z13", "z14", "p9", "p10" depending on "ld- linux --help" output. The string should be empty for architectures without glibc hwcaps (currently armhf, arm64, i386, riscv64). The string should be empty if no specific hwcaps is supported (e.g. on a power8 machine). The string should be "" (empty), when trying to run ld-linux on a release with glibc (<< 2.33). The string should be "-" (dash) when not having any hwcaps mentioned. Note that lexical sorting won't work for "p9", "p10". if test -x /lib/x86_64-linux-gnu/ld-linux-x86-64.so.2; then lddynload=/lib/x86_64-linux-gnu/ld-linux-x86-64.so.2 elif test -x /lib/powerpc64le-linux-gnu/ld64.so.2; then lddynload=/lib/powerpc64le-linux-gnu/ld64.so.2 elif test -x /lib/s390x-linux-gnu/ld64.so.1; then lddynload=/lib/s390x-linux-gnu/ld64.so.1 fi supported= if [ -n "$lddynload" ]; then $lddynload --help 2>&1 | awk '/^Subdirectories/,/^$/' supported=$($lddynload --help 2>&1 | awk '/^Subdirectories/,/^$/' | awk '/supported/ {print $1}') fi Here, $supported has listed all supported hwcaps, not just the best supported one. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-report/+bug/1922712/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1891682] Re: [MIR] sane-airscan
$ ./change-override -c main -S sane-airscan Override component to main sane-airscan 0.99.25-0ubuntu1 in hirsute: universe/misc -> main sane-airscan 0.99.25-0ubuntu1 in hirsute amd64: universe/graphics/optional/100% -> main sane-airscan 0.99.25-0ubuntu1 in hirsute arm64: universe/graphics/optional/100% -> main sane-airscan 0.99.25-0ubuntu1 in hirsute armhf: universe/graphics/optional/100% -> main sane-airscan 0.99.25-0ubuntu1 in hirsute ppc64el: universe/graphics/optional/100% -> main sane-airscan 0.99.25-0ubuntu1 in hirsute riscv64: universe/graphics/optional/100% -> main sane-airscan 0.99.25-0ubuntu1 in hirsute s390x: universe/graphics/optional/100% -> main Override [y|N]? y 7 publications overridden. ** Changed in: sane-airscan (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to sane-airscan in Ubuntu. https://bugs.launchpad.net/bugs/1891682 Title: [MIR] sane-airscan Status in sane-airscan package in Ubuntu: Fix Released Bug description: Driverless Scanning --- TL;DR: sane-airscan provides perfect support for driverless scanning, making thousands of devices working Printer manufacturers have introduced driverless printing standards to allow easy use of their (usually network) printers also from mobile phones, tablets, and IoT devices and not only from desktop computers which in most cases run Windows or Mac OS. This we have made use of to be able to print on a huge amount of printers from Linux and other free software operating systems. But multi-function devices with a scanner do also allow scanning from mobile devices and have a scan standard for that. Every device which supports Apple's AirPrint supports also AirScan and AirScan means that the device either scans via eSCL (from HP and Apple) or via WSD (from Microsoft and W3C). Also of this we make use to get a wide range of devices "just" working under Linux. This covers practically any modern network multi-function device, thousands of models. Finally we can also scan on multi- function devices which are not from HP (but scanning on the HP ones gets also easier, without needing HPLIP). And we even have discovered a USB-only stand-alone scanner doing driverless scanning, the Canon Lide 400. sane-airscan is the a SANE backend for supporting this. It supports both eSCL and WSD to their full extent, especially also for scanners with extra functionality like an Automatic Document Feeder (ADF). It is designed as a universal SANE backend for high-level scanning protocols, as much of the code as possible is shared between protocols, the protocol-specific parts are small. So easily new protocols, like TWAIN Direct or IPP Scan, can get added later. IPP Scan is especially important as it will help us to make scanner drivers snappable in the future. Why not sane-escl which sane-backends already ships? TL;DR: sane-escl is deprecated in favor of sane-airscan The first approach of driverless scanning which made it into Ubuntu was the sane-escl SANE backend, as part of the sane-backends package which we already include. This was easier to get in before Feature Freeze of 20.04 back in February, not requiring to get sane-airscan through NEW and then through a MIR. Also it was unclear in that time whether sane-airscan would be integrated into sane-backends. Now a lot has changed with the time: The authors of sane-escl and sane-airscan started their projects independently both also only supporting eSCL and not yet WSD. They were competing with each other and had some different priorities in their developments. I talked with them and asked them why they would not collaborate and succeeded to make them agree with each other. Now development of sane-escl has stopped and all effort goes into sane- airscan. In addition, WSD support was added to sane-airscan and sane-airscan has matured a lot, with a lot of users reporting their devices working and the author having fixed a lot of bugs based on reports and logs from users. sane-airscan supports both WSD and eSCL, sane-escl only eSCL. sane-airscan supports ADF scanning, sane-escl only scanning from the glass. Why not add sane-airscan to sane-backends upstream? --- Tl;DR: Developemnt and release pace is much faster than of SANE, with the IPP-Scan-based scanning architecture in the future only sane- airscan and not the scanner driver arsenal of sane-backends will be needed by applications. The author of sane-airscan asked for adding his backend to sane- backends in the beginning: https://gitlab.com/sane-project/backends/-/issues/202 In the end it seems that they have settled to keep sane-airscan separate, mainly due to its much faster
[Desktop-packages] [Bug 1908502] Re: [MIR] libdeflate
$ ./change-override -c main -S libdeflate Override component to main libdeflate 1.7-1ubuntu1 in hirsute: universe/misc -> main libdeflate-dev 1.7-1ubuntu1 in hirsute amd64: universe/libdevel/optional/100% -> main libdeflate-dev 1.7-1ubuntu1 in hirsute arm64: universe/libdevel/optional/100% -> main libdeflate-dev 1.7-1ubuntu1 in hirsute armhf: universe/libdevel/optional/100% -> main libdeflate-dev 1.7-1ubuntu1 in hirsute i386: universe/libdevel/optional/100% -> main libdeflate-dev 1.7-1ubuntu1 in hirsute ppc64el: universe/libdevel/optional/100% -> main libdeflate-dev 1.7-1ubuntu1 in hirsute riscv64: universe/libdevel/optional/100% -> main libdeflate-dev 1.7-1ubuntu1 in hirsute s390x: universe/libdevel/optional/100% -> main libdeflate-tools 1.7-1ubuntu1 in hirsute amd64: universe/libdevel/optional/100% -> main libdeflate-tools 1.7-1ubuntu1 in hirsute arm64: universe/libdevel/optional/100% -> main libdeflate-tools 1.7-1ubuntu1 in hirsute armhf: universe/libdevel/optional/100% -> main libdeflate-tools 1.7-1ubuntu1 in hirsute i386: universe/libdevel/optional/100% -> main libdeflate-tools 1.7-1ubuntu1 in hirsute ppc64el: universe/libdevel/optional/100% -> main libdeflate-tools 1.7-1ubuntu1 in hirsute riscv64: universe/libdevel/optional/100% -> main libdeflate-tools 1.7-1ubuntu1 in hirsute s390x: universe/libdevel/optional/100% -> main libdeflate0 1.7-1ubuntu1 in hirsute amd64: universe/libs/optional/100% -> main libdeflate0 1.7-1ubuntu1 in hirsute arm64: universe/libs/optional/100% -> main libdeflate0 1.7-1ubuntu1 in hirsute armhf: universe/libs/optional/100% -> main libdeflate0 1.7-1ubuntu1 in hirsute i386: universe/libs/optional/100% -> main libdeflate0 1.7-1ubuntu1 in hirsute ppc64el: universe/libs/optional/100% -> main libdeflate0 1.7-1ubuntu1 in hirsute riscv64: universe/libs/optional/100% -> main libdeflate0 1.7-1ubuntu1 in hirsute s390x: universe/libs/optional/100% -> main Override [y|N]? y 22 publications overridden. ** Changed in: libdeflate (Ubuntu Hirsute) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libdeflate in Ubuntu. https://bugs.launchpad.net/bugs/1908502 Title: [MIR] libdeflate Status in libdeflate package in Ubuntu: Fix Released Status in libdeflate source package in Hirsute: Fix Released Bug description: * Availability In sync with Debian, built on all architectures https://launchpad.net/ubuntu/+source/libdeflate/1.7-1 * Rationale It's a new depends of libtiff * Security There is no known security issues https://security-tracker.debian.org/tracker/source-package/libdeflate https://people.canonical.com/~ubuntu-security/cve/pkg/libdeflate.html https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=libdeflate * Quality assurance The desktop team is going to subscribe to the package https://launchpad.net/ubuntu/+source/libdeflate/+bugs https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=libdeflate No open reports The package enables upstream tests during the build and ships basic autopkgtests * Dependencies No universe binary dependencies * Standards compliance current 4.5.1 standards-version, debhelper compat 13, dh style simple rules * Maintenance Upstream is active, the package is maintained in Debian and in sync for Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libdeflate/+bug/1908502/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1916476] Re: [MIR] power-profiles-daemon
./change-override -c main -S power-profiles-daemon Override component to main power-profiles-daemon 0.1-1~fakesync2 in hirsute: universe/admin -> main power-profiles-daemon 0.1-1~fakesync2 in hirsute amd64: universe/admin/optional/100% -> main power-profiles-daemon 0.1-1~fakesync2 in hirsute arm64: universe/admin/optional/100% -> main power-profiles-daemon 0.1-1~fakesync2 in hirsute armhf: universe/admin/optional/100% -> main power-profiles-daemon 0.1-1~fakesync2 in hirsute ppc64el: universe/admin/optional/100% -> main power-profiles-daemon 0.1-1~fakesync2 in hirsute riscv64: universe/admin/optional/100% -> main power-profiles-daemon 0.1-1~fakesync2 in hirsute s390x: universe/admin/optional/100% -> main Override [y|N]? y 7 publications overridden. ** Changed in: power-profiles-daemon (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to power-profiles-daemon in Ubuntu. https://bugs.launchpad.net/bugs/1916476 Title: [MIR] power-profiles-daemon Status in power-profiles-daemon package in Ubuntu: Fix Released Bug description: * Availability It's available on the Ubuntu supported architectures https://launchpad.net/ubuntu/+source/power-profiles-daemon/0.1-1~fakesync2 The package is in sync with Debian (currently fakesynced to bypass NEW delays) * Rationale The new GNOME version integrates with the service to allow the users to select a power profile The binary to promote is power-profiles-daemon Ideally we would like to integrate the feature in the desktop this cycle * Security There is no known security issues https://security-tracker.debian.org/tracker/source-package/power-profiles-daemon https://people.canonical.com/~ubuntu-security/cve/pkg/power-profiles-daemon.html https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=power-profiles-daemon * Quality assurance The desktop team is going to subscribe to the package https://launchpad.net/ubuntu/+source/power-profiles-daemon/+bugs https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=power-profiles-daemon There are no bugs reported but the component is new. The package build is doing the upstream 'make test' > 1/1 power-profiles-daemon-integration-test OK 1.57s > > Ok: 1' The upstream integration tests are set as autopkgtest https://autopkgtest.ubuntu.com/packages/p/power-profiles-daemon/hirsute/amd64 * Dependencies The dependencies are in main (libc, libglib, libgudev, libupower-glib) * Standards compliance current 4.5.1 standards-version, debhelper compat 13, dh style simple rules * Maintenance Upstream is active, the package is maintained in Debian and desktop team is going to sign up for Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/power-profiles-daemon/+bug/1916476/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1917926] Re: Window focus issues for Xorg sessions in 3.38.3-3ubuntu1
same here. As the testsuite doesn’t catch this, it clearly means each shell and mutter updates should be tested both on Xorg and Wayland. Nvidia user here, so Wayland isn’t an option -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to mutter in Ubuntu. https://bugs.launchpad.net/bugs/1917926 Title: Window focus issues for Xorg sessions in 3.38.3-3ubuntu1 Status in mutter package in Ubuntu: Triaged Bug description: I switched to an Xorg session in hirsute today after upgrading gnome- shell and mutter packages which just hit the release package. There are very strange focus issues. Clicking on a window doesn't raise it to the front, alt-tab seems to only switch between a subset of the one windows. It's impossible to move windows with the mouse and resizing does not work. This occurred with: gnome-shell=3.38.3-3ubuntu1 mutter=3.38.3-3ubuntu1 Downgrading these packages fixed it: gnome-shell=3.38.3-2ubuntu2 mutter=3.38.3-2ubuntu1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mutter/+bug/1917926/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1883890] Re: [MIR] libinih
Override component to main libinih 50-1 in hirsute: universe/misc -> main libinih-dev 50-1 in hirsute amd64: universe/libdevel/optional/100% -> main libinih-dev 50-1 in hirsute arm64: universe/libdevel/optional/100% -> main libinih-dev 50-1 in hirsute armhf: universe/libdevel/optional/100% -> main libinih-dev 50-1 in hirsute i386: universe/libdevel/optional/100% -> main libinih-dev 50-1 in hirsute ppc64el: universe/libdevel/optional/100% -> main libinih-dev 50-1 in hirsute riscv64: universe/libdevel/optional/100% -> main libinih-dev 50-1 in hirsute s390x: universe/libdevel/optional/100% -> main libinih1 50-1 in hirsute amd64: universe/libs/optional/100% -> main libinih1 50-1 in hirsute arm64: universe/libs/optional/100% -> main libinih1 50-1 in hirsute armhf: universe/libs/optional/100% -> main libinih1 50-1 in hirsute i386: universe/libs/optional/100% -> main libinih1 50-1 in hirsute ppc64el: universe/libs/optional/100% -> main libinih1 50-1 in hirsute riscv64: universe/libs/optional/100% -> main libinih1 50-1 in hirsute s390x: universe/libs/optional/100% -> main libinireader0 50-1 in hirsute amd64: universe/libs/optional/100% -> main libinireader0 50-1 in hirsute arm64: universe/libs/optional/100% -> main libinireader0 50-1 in hirsute armhf: universe/libs/optional/100% -> main libinireader0 50-1 in hirsute i386: universe/libs/optional/100% -> main libinireader0 50-1 in hirsute ppc64el: universe/libs/optional/100% -> main libinireader0 50-1 in hirsute riscv64: universe/libs/optional/100% -> main libinireader0 50-1 in hirsute s390x: universe/libs/optional/100% -> main Override [y|N]? y 22 publications overridden. ** Changed in: libinih (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libinih in Ubuntu. https://bugs.launchpad.net/bugs/1883890 Title: [MIR] libinih Status in libinih package in Ubuntu: Fix Released Bug description: * Availability Built for all supported architectures. In sync with Debian. https://launchpad.net/ubuntu/+source/libinih/48-1 * Rationale It's a depends from gamemode which currently bundles a copy version * Security No known security issues https://security-tracker.debian.org/tracker/source-package/libinih https://launchpad.net/ubuntu/+source/libinih/+cve https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=libinih * Quality assurance - The desktop-packages team is subscribed - No report downstream, one upstream only and it's from today https://bugs.launchpad.net/ubuntu/+source/libinih https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=libinih https://github.com/benhoyt/inih/issues The unittests are run as an autopkgtest http://autopkgtest.ubuntu.com/packages/libi/libinih * Dependencies It Depends only on libc6 * Standards compliance Use current Standards-Version and dh13 * Maintenance The Debian maintainer is active, the package is in sync, the Desktop Team is subscribed in Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libinih/+bug/1883890/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1915570] Re: Login screen password entry not working on systems with fingerprint support
** Package changed: gdm3 (Ubuntu) => gnome-shell (Ubuntu) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1915570 Title: Login screen password entry not working on systems with fingerprint support Status in gnome-shell package in Ubuntu: Confirmed Bug description: This bug is for the login package. This only affects users of the development release and does not affect stable users. The bug in the password entry causes either the password to be entered only for the login to hang, or when attempting to enter the password, the computer quickly deletes any characters entered as if backspace was being held therefore preventing a user from being able to log in. --- ProblemType: Bug ApportVersion: 2.20.11-0ubuntu57 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME DistroRelease: Ubuntu 21.04 InstallationDate: Installed on 2021-02-12 (0 days ago) InstallationMedia: Ubuntu 21.04 "Hirsute Hippo" - Alpha amd64 (20210212) NonfreeKernelModules: nvidia_modeset nvidia Package: gdm3 3.38.1-2ubuntu1.1 PackageArchitecture: amd64 ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash ProcVersionSignature: Ubuntu 5.10.0-14.15-generic 5.10.11 Tags: hirsute Uname: Linux 5.10.0-14-generic x86_64 UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm cdrom dip lpadmin lxd plugdev sambashare sudo _MarkForUpload: True mtime.conffile..etc.gdm3.custom.conf: 2021-02-12T13:25:57.150125 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1915570/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1915570] Re: Login screen password entry not working
I’m getting a lot of pam failures due to fingerprints in my logs: févr. 12 08:21:51 casanier gdm-password][6277]: pam_unix(gdm-password:auth): Couldn't open /etc/securetty: Aucun fichier ou dossier de ce type févr. 12 08:21:51 casanier gdm-fingerprint][6278]: gkr-pam: no password is available for user févr. 12 08:21:51 casanier gdm-password][6283]: pam_unix(gdm-password:auth): Couldn't open /etc/securetty: Aucun fichier ou dossier de ce type févr. 12 08:21:51 casanier gdm-fingerprint][6284]: gkr-pam: no password is available for user févr. 12 08:21:52 casanier gdm-password][6289]: pam_unix(gdm-password:auth): Couldn't open /etc/securetty: Aucun fichier ou dossier de ce type févr. 12 08:21:52 casanier gdm-fingerprint][6290]: gkr-pam: no password is available for user févr. 12 08:21:52 casanier gdm-password][6360]: pam_unix(gdm-password:auth): Couldn't open /etc/securetty: Aucun fichier ou dossier de ce type févr. 12 08:21:52 casanier gdm-fingerprint][6361]: gkr-pam: no password is available for user févr. 12 08:21:52 casanier gdm-password][6366]: pam_unix(gdm-password:auth): Couldn't open /etc/securetty: Aucun fichier ou dossier de ce type févr. 12 08:21:52 casanier gdm-fingerprint][6367]: gkr-pam: no password is available for user févr. 12 08:21:52 casanier gdm-password][6372]: pam_unix(gdm-password:auth): Couldn't open /etc/securetty: Aucun fichier ou dossier de ce type févr. 12 08:21:52 casanier gdm-fingerprint][6373]: gkr-pam: no password is available for user févr. 12 08:21:52 casanier gdm-password][6378]: pam_unix(gdm-password:auth): Couldn't open /etc/securetty: Aucun fichier ou dossier de ce type févr. 12 08:21:52 casanier gdm-fingerprint][6379]: gkr-pam: no password is available for user févr. 12 08:21:53 casanier gdm-password][6384]: pam_unix(gdm-password:auth): Couldn't open /etc/securetty: Aucun fichier ou dossier de ce type févr. 12 08:21:53 casanier gdm-fingerprint][6385]: gkr-pam: no password is available for user févr. 12 08:21:53 casanier gdm-password][6390]: pam_unix(gdm-password:auth): Couldn't open /etc/securetty: Aucun fichier ou dossier de ce type févr. 12 08:21:53 casanier gdm-fingerprint][6391]: gkr-pam: no password is available for user févr. 12 08:21:53 casanier gdm-password][6396]: pam_unix(gdm-password:auth): Couldn't open /etc/securetty: Aucun fichier ou dossier de ce type févr. 12 08:21:53 casanier gdm-fingerprint][6397]: gkr-pam: no password is available for user Before getting into that state, I got very few in my logs, and after reverting my system globally, I don’t have those when logging in. I think this is the cause of the password prompt emptying. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to gnome-shell in Ubuntu. https://bugs.launchpad.net/bugs/1915570 Title: Login screen password entry not working on systems with fingerprint support Status in gdm3 package in Ubuntu: Confirmed Bug description: This bug is for the login package. This only affects users of the development release and does not affect stable users. The bug in the password entry causes either the password to be entered only for the login to hang, or when attempting to enter the password, the computer quickly deletes any characters entered as if backspace was being held therefore preventing a user from being able to log in. --- ProblemType: Bug ApportVersion: 2.20.11-0ubuntu57 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME DistroRelease: Ubuntu 21.04 InstallationDate: Installed on 2021-02-12 (0 days ago) InstallationMedia: Ubuntu 21.04 "Hirsute Hippo" - Alpha amd64 (20210212) NonfreeKernelModules: nvidia_modeset nvidia Package: gdm3 3.38.1-2ubuntu1.1 PackageArchitecture: amd64 ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash ProcVersionSignature: Ubuntu 5.10.0-14.15-generic 5.10.11 Tags: hirsute Uname: Linux 5.10.0-14-generic x86_64 UpgradeStatus: No upgrade log present (probably fresh install) UserGroups: adm cdrom dip lpadmin lxd plugdev sambashare sudo _MarkForUpload: True mtime.conffile..etc.gdm3.custom.conf: 2021-02-12T13:25:57.150125 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1915570/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1908502] Re: [MIR] libdeflate
[Summary] Some required TODO and checks to be done. If all those are addressed (mostly investigation), it would be a +1 from the MIR team POV. However, as this library is parsing data, I think a security review would be needed once all the points below are solved. Notes: Required TODOs: - Check if libtiff can use another compresssion library and if so, if there are strong intents to use deflate instead of that one. - Investigate the patch disabling test issue (more info on the dedicated section below) Recommended TODOs: - Analyse the warnings during build situation (see dedicated section as well) [Duplication] libdeflate is expected to be a more efficient 9z compression library. I guess there is no way to use our existing compression library in libtiff, but can you ensure it? [Dependencies] OK: - no other Dependencies to MIR due to this - no -dev/-debug/-doc packages that need exclusion [Embedded sources and static linking] OK: - no embedded source present - no static linking [Security] OK: - history of CVEs does not look concerning - does not run a daemon as root - does not use webkit1,2 - does not use lib*v8 directly - does not open a port - does not process arbitrary web content does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (eg, pam), etc) Problems: - does parse data formats for compressing/decompressing them. Will need a security review. [Common blockers] OK: - does not FTBFS currently - does have a test suite that runs at build time - test suite fails will fail the build upon error. - does have a simple test that runs as autopkgtest - The package will have a team bug subscriber - no translation present, but none needed for this case? - not a python/go package, no extra constraints to consider in that regard [Packaging red flags] OK: - Ubuntu does not carry a delta - symbols tracking is in place - d/watch is present and looks ok - Upstream update history is good - Debian/Ubuntu update history is good - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far - no massive Lintian warnings - d/rules is quite complex but rather clean - Does not have Built-Using Problems: - one distro patch is named "Simplify tests" while its only effect is removing a test. The name is misleading. The comment is also misleading "Don't run m32 tests on x86_64" while it’s removing it for all supported archs, without a rationale why disabling it. [Upstream red flags] OK: - no Errors during the build - no incautious use of malloc/sprintf (as far as I can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH - no use of user nobody - no use of setuid - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - not part of the UI for extra checks Problems: - quite a few warning during the build "profile count data file not found [-Wmissing-profile]". Those warning could potentially spread to all binaries using this build. Can you check with upstream about those? ** Changed in: libdeflate (Ubuntu Hirsute) Assignee: Didier Roche (didrocks) => Sebastien Bacher (seb128) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to tiff in Ubuntu. https://bugs.launchpad.net/bugs/1908502 Title: [MIR] libdeflate Status in libdeflate package in Ubuntu: New Status in tiff package in Ubuntu: Triaged Status in libdeflate source package in Hirsute: New Status in tiff source package in Hirsute: Triaged Bug description: * Availability In sync with Debian, built on all architectures https://launchpad.net/ubuntu/+source/libdeflate/1.7-1 * Rationale It's a new depends of libtiff * Security There is no known security issues https://security-tracker.debian.org/tracker/source-package/libdeflate https://people.canonical.com/~ubuntu-security/cve/pkg/libdeflate.html https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=libdeflate * Quality assurance The desktop team is going to subscribe to the package https://launchpad.net/ubuntu/+source/libdeflate/+bugs https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=libdeflate No open reports The package enables upstream tests during the build and ships basic autopkgtests * Dependencies No universe binary dependencies * Standards compliance current 4.5.1 standards-version, debhelper compat 13, dh style simple rules * Maintenance Upstream is active, the package is maintained in Debian and in sync for Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libdeflate/+bug/1908502/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1908502] Re: [MIR] libdeflate
** Changed in: libdeflate (Ubuntu Hirsute) Assignee: (unassigned) => Didier Roche (didrocks) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to tiff in Ubuntu. https://bugs.launchpad.net/bugs/1908502 Title: [MIR] libdeflate Status in libdeflate package in Ubuntu: New Status in tiff package in Ubuntu: Triaged Status in libdeflate source package in Hirsute: New Status in tiff source package in Hirsute: Triaged Bug description: * Availability In sync with Debian, built on all architectures https://launchpad.net/ubuntu/+source/libdeflate/1.7-1 * Rationale It's a new depends of libtiff * Security There is no known security issues https://security-tracker.debian.org/tracker/source-package/libdeflate https://people.canonical.com/~ubuntu-security/cve/pkg/libdeflate.html https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=libdeflate * Quality assurance The desktop team is going to subscribe to the package https://launchpad.net/ubuntu/+source/libdeflate/+bugs https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=libdeflate No open reports The package enables upstream tests during the build and ships basic autopkgtests * Dependencies No universe binary dependencies * Standards compliance current 4.5.1 standards-version, debhelper compat 13, dh style simple rules * Maintenance Upstream is active, the package is maintained in Debian and in sync for Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libdeflate/+bug/1908502/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1909665] Re: [MIR] ibus-libpinyin dependencies
libopencc1.1 1.1.1+git20200624+ds2-4ubuntu1 in hirsute amd64: universe/libs/optional/100% -> main libopencc1.1 1.1.1+git20200624+ds2-4ubuntu1 in hirsute arm64: universe/libs/optional/100% -> main libopencc1.1 1.1.1+git20200624+ds2-4ubuntu1 in hirsute armhf: universe/libs/optional/100% -> main libopencc1.1 1.1.1+git20200624+ds2-4ubuntu1 in hirsute i386: universe/libs/optional/100% -> main libopencc1.1 1.1.1+git20200624+ds2-4ubuntu1 in hirsute ppc64el: universe/libs/optional/100% -> main libopencc1.1 1.1.1+git20200624+ds2-4ubuntu1 in hirsute riscv64: universe/libs/optional/100% -> main libopencc1.1 1.1.1+git20200624+ds2-4ubuntu1 in hirsute s390x: universe/libs/optional/100% -> main libopencc-data 1.1.1+git20200624+ds2-4ubuntu1 in hirsute amd64: universe/libs/optional/100% -> main libopencc-data 1.1.1+git20200624+ds2-4ubuntu1 in hirsute arm64: universe/libs/optional/100% -> main libopencc-data 1.1.1+git20200624+ds2-4ubuntu1 in hirsute armhf: universe/libs/optional/100% -> main libopencc-data 1.1.1+git20200624+ds2-4ubuntu1 in hirsute i386: universe/libs/optional/100% -> main libopencc-data 1.1.1+git20200624+ds2-4ubuntu1 in hirsute ppc64el: universe/libs/optional/100% -> main libopencc-data 1.1.1+git20200624+ds2-4ubuntu1 in hirsute riscv64: universe/libs/optional/100% -> main libopencc-data 1.1.1+git20200624+ds2-4ubuntu1 in hirsute s390x: universe/libs/optional/100% -> main opencc 1.1.1+git20200624+ds2-4ubuntu1 in hirsute: universe/libs -> main ** Changed in: opencc (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to opencc in Ubuntu. https://bugs.launchpad.net/bugs/1909665 Title: [MIR] ibus-libpinyin dependencies Status in lua5.4 package in Ubuntu: Won't Fix Status in opencc package in Ubuntu: Fix Released Bug description: Please include these packages in Ubuntu's component main: * lua5.4 * opencc ibus-libpinyin provides the default method for inputting simplified Chinese, and is shipped with the desktop ISO. The latest Debian version of ibus-libpinyin couldn't migrate in hirsute, though, since it depends on liblua5.4-0 and libopencc1.1 which are both in universe. For now I built ibus-libpinyin in Ubuntu with lua5.3 and without opencc support. However, it would be preferable to be able to sync the fully featured package from Debian. lua5.2 and lua5.3 are already in main. opencc is a library for converting characters between traditional Chinese and simplified Chinese, and has been in main previously (trusty). As regards bug subscribing, I assume that ~ubuntu-server is a suitable candidate for lua5.4 and that ~desktop-packages should be subscribed to opencc bugs. Bugs lua5.4 --- There are no open bugs in version 5.4.2 Bugs opencc --- https://github.com/byvoid/opencc/issues https://bugs.launchpad.net/ubuntu/+source/opencc No open Debian bugs. I have read https://wiki.ubuntu.com/MainInclusionProcess#Main_Inclusion_requirements and haven't found any issues that would prevent the proposed main inclusion. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lua5.4/+bug/1909665/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1904545] Re: ZFS rollback does not do anything
*** This bug is a duplicate of bug 1894329 *** https://bugs.launchpad.net/bugs/1894329 ** This bug has been marked a duplicate of bug 1894329 ZFS revert from grub menu not working. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1904545 Title: ZFS rollback does not do anything Status in zsys package in Ubuntu: New Bug description: On Ubuntu 20.04.1 LTS as well as Ubuntu 20.10 rolling back a zfs snapshot does nothing. Tested rolling back autozsys as well as a manual snapshot. The rollback command does not return any error but does not rollback a snapshot. May be related to Bug #1904469 as a secondary symptom of the same issue but then again maybe not. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zsys/+bug/1904545/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1897565] Re: [SRU] Persistent dataset print strangely
** No longer affects: zsys (Ubuntu Bionic) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1897565 Title: [SRU] Persistent dataset print strangely Status in zsys package in Ubuntu: Fix Released Status in zsys source package in Focal: Fix Released Bug description: [Impact] * When running When I run zsysctl show --full, the output of persistent datasets is garbagled, like: Persistent Datasets: - &{rpool/usr/local %!!(MISSING)s(bool=false) {/usr/local on %!!(MISSING)s(bool=true) %!!(MISSING)s(bool=false) %!!(MISSING)s(int=0){inherited }} [] {%!!(MISSING)s(*zfs.Dataset=&{0x1fab700 1 map[1:{1594525151 none} 6:{yes none} 13:{/usr/local inherited} 27:{rpool/usr/local none} 28:{on default}] []})}} - &{rpool/var/games %!!(MISSING)s(bool=false) {/var/games on %!!(MISSING)s(bool=true) %!!(MISSING)s(bool=false) %!!(MISSING)s(int=0){inherited }} [] {%!!(MISSING)s(*zfs.Dataset=&{0x1b96680 1 map[1:{1594525151 none} 6:{yes none} 13:{/var/games inherited} 27:{rpool/var/games none} 28:{on default}] []})}} - &{rpool/var/mail %!!(MISSING)s(bool=false) {/var/mail on %!!(MISSING)s(bool=true) %!!(MISSING)s(bool=false) %!!(MISSING)s(int=0){inherited }} [] {%!!(MISSING)s(*zfs.Dataset=&{0x1beff10 1 map[1:{1594525151 none} 6:{yes none} 13:{/var/mail inherited} 27:{rpool/var/mail none} 28:{on default}] []})}} [Test Case] * After installing new version, run zsysctl show --full and check the output of persistent datasets Those should be of the form: Persistent Datasets: - rpool/boot/grub [Regression Potential] * The code impact is on the output formatting, which then can be less readable than today. * Note that i18n is impacted (due to the \t which was invalid here), but in practice, this string isn’t translated. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zsys/+bug/1897565/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1891157] Re: [MIR] ipp-usb
$ ./change-override -c main -S golang-github-openprinting-goipp Override component to main golang-github-openprinting-goipp 1.0.0-1 in groovy: universe/misc -> main golang-github-openprinting-goipp-dev 1.0.0-1 in groovy amd64: universe/devel/optional/100% -> main golang-github-openprinting-goipp-dev 1.0.0-1 in groovy arm64: universe/devel/optional/100% -> main golang-github-openprinting-goipp-dev 1.0.0-1 in groovy armhf: universe/devel/optional/100% -> main golang-github-openprinting-goipp-dev 1.0.0-1 in groovy i386: universe/devel/optional/100% -> main golang-github-openprinting-goipp-dev 1.0.0-1 in groovy ppc64el: universe/devel/optional/100% -> main golang-github-openprinting-goipp-dev 1.0.0-1 in groovy riscv64: universe/devel/optional/100% -> main golang-github-openprinting-goipp-dev 1.0.0-1 in groovy s390x: universe/devel/optional/100% -> main Override [y|N]? y 8 publications overridden. ** Changed in: golang-github-openprinting-goipp (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to ipp-usb in Ubuntu. https://bugs.launchpad.net/bugs/1891157 Title: [MIR] ipp-usb Status in golang-github-openprinting-goipp package in Ubuntu: Fix Released Status in golang-gopkg-ini.v1 package in Ubuntu: Invalid Status in ipp-usb package in Ubuntu: Fix Released Bug description: IPP-over-USB ipp-usb is the second implementation of the IPP-over-USB standard. This allows the PWG's Internet Printing Protocol (IPP) which is currently the most common communication protocol for network printers also to be used via USB, simply by a network printer being emulated on localhost. Advantages are: - IPP is a high-level bi-directional packet-based protocol for printing, scanning, and fax - Full device capabilities can be polled from the device, together with using standardized printing and scanning data format driverless printing and scanning is possible - Status, like loaded paper, toner levels, ... can get polled - Printing and scanning can be performed simultaneously and independently - The administration web interface can get accessed ipp-usb detects supported devices automatically and advertises their full functionality via DNS-SD on localhost, CUPS and the appropriate SANE backends discover the device automatically then and it is immediately available, no drivers needed, it just works. This makes thousands of printers, scanners, and multi-function devices work on USB, USB-only devices, like the scanner Canon Lide 400 get working for the first time. Why ipp-usb? There is ippusbxd already -- ippusbxd was the first implementation of IPP-over-USB, with the very same intentions, but it has problems which were not easily to be solved in C and so after a short discussion with me the author of the driverless scanning SANE backend sane-airscan (https://github.com/alexpevzner/sane-airscan) created a first draft of ipp-usb in Go within a few hours, which solved these problems. The project has matured with the time and seems to work perfectly. See also here: https://github.com/OpenPrinting/ippusbxd#before-you-begin-ippusbxd-or- ipp-usb See the original README for the rationale of ipp-usb: https://github.com/OpenPrinting/ipp-usb -- Unfortunately, the naive implementation, which simply relays a TCP connection to USB, does not work. It happens because closing the TCP connection on the client side has a useful side effect of discarding all data sent to this connection from the server side, but it does not happen with USB connections. In the case of USB, all data not received by the client will remain in the USB buffers, and the next time the client connects to the device, it will receive unexpected data, left from the previous abnormally completed request. Actually, it is an obvious flaw in the IPP-over-USB standard, but we have to live with it. So the implementation, once the HTTP request is sent, must read the entire HTTP response, which means that the implementation must understand the HTTP protocol, and effectively implement a HTTP reverse proxy, backed by the IPP-over-USB connection to the device. And this is what the ipp-usb program actually does. -- Many users reported this to work perfectly and I am using it since its creation in January 2020 on a daily basis without problems. Here are the issues of ippusbxd: https://github.com/OpenPrinting/ippusbxd/issues Especially https://github.com/OpenPrinting/ippusbxd/issues/15 shows that packets of canceled connections can get stuck in buffer and spilled out on next connection. Problems of ippusbxd's architecture and lack of useful C libraries to solve this is discussed here. https://github.com/OpenPrinting/ippusbxd/issues/14 The flakiness of the web
[Desktop-packages] [Bug 1897563] Re: Zsys changes the canmount property of persistent bpool/grub dataset
** Changed in: zsys (Ubuntu Focal) Assignee: (unassigned) => Didier Roche (didrocks) ** No longer affects: zsys (Ubuntu Bionic) ** Tags removed: verification-needed verification-needed-focal ** Tags added: verification-done verification-done-focal -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1897563 Title: Zsys changes the canmount property of persistent bpool/grub dataset Status in zsys package in Ubuntu: Fix Released Status in zsys source package in Focal: Fix Committed Bug description: [Impact] * People having personal layout, like a persistent dedicated dataset under /boot like /boot/grub will get it unmouted after a state revert. * Side effects: - those datasets are never marked as being part of the current machine, or any state. - bpool and bpool/BOOT are not listed in the unmanaged dataset list. [Test Case] * Install ZFS manually with a persistent bpool/bpool/grub dataset * Take a snapshot * Revert to this snapshot when rebooting * Check that the persistent grub dataset is still mounted * You can check as well with zsysctl show --full that you have this persistent dataset attached to the machine. [Regression Potential] * New datasets under /boot could appear to be attached by the machine (even if unlikely due to the huge testsuite which has been updated and checked) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zsys/+bug/1897563/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1892643] Re: [SRU] Update libgweather to 3.36.1
** Changed in: libgweather (Ubuntu Focal) Status: New => In Progress -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libgweather in Ubuntu. https://bugs.launchpad.net/bugs/1892643 Title: [SRU] Update libgweather to 3.36.1 Status in libgweather: Unknown Status in libgweather package in Ubuntu: Fix Released Status in libgweather source package in Focal: In Progress Status in libgweather package in Debian: Unknown Bug description: [Impact] libgweather 3.36.1 is a bug-fix release as part of GNOME 3.36. https://gitlab.gnome.org/GNOME/libgweather/-/blob/gnome-3-36/NEWS This version works around the unavailability of the NOAA weather services by using very short-term forecasts as current weather conditions. Sometimes the current weather is not available because the NOAA weather servers aren't working correctly. Version 3.36.1 fixes the unavailability of current temperature in some locations. [Test case] Make sure that gnome-weather is still working properly and the weather in gnome-shell is shown when gnome-weather is installed. [Regression potential] The regression potential is low since the changes in version 3.36.1 are small. [Other] libgweather 3.36.1 has been successfully built as a no-change backport from Groovy to Focal in my PPA and runs fine: https://launchpad.net/~amribrahim1987/+archive/ubuntu/ppa/+packages?field.name_filter=libgweather_filter=published_filter= ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: libgweather-3-16 3.36.0-1 ProcVersionSignature: Ubuntu 5.4.0-42.46-generic 5.4.44 Uname: Linux 5.4.0-42-generic x86_64 ApportVersion: 2.20.11-0ubuntu27.8 Architecture: amd64 CasperMD5CheckResult: skip CurrentDesktop: ubuntu:GNOME Date: Sun Aug 23 19:05:21 2020 InstallationDate: Installed on 2020-04-26 (119 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) SourcePackage: libgweather UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/libgweather/+bug/1892643/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1892643] Re: [SRU] Update libgweather to 3.36.1
I reapplied your debian/changelog directly and pushed to focal (pending approval). Thanks a lot! -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libgweather in Ubuntu. https://bugs.launchpad.net/bugs/1892643 Title: [SRU] Update libgweather to 3.36.1 Status in libgweather: Unknown Status in libgweather package in Ubuntu: Fix Released Status in libgweather source package in Focal: New Status in libgweather package in Debian: Unknown Bug description: [Impact] libgweather 3.36.1 is a bug-fix release as part of GNOME 3.36. https://gitlab.gnome.org/GNOME/libgweather/-/blob/gnome-3-36/NEWS This version works around the unavailability of the NOAA weather services by using very short-term forecasts as current weather conditions. Sometimes the current weather is not available because the NOAA weather servers aren't working correctly. Version 3.36.1 fixes the unavailability of current temperature in some locations. [Test case] Make sure that gnome-weather is still working properly and the weather in gnome-shell is shown when gnome-weather is installed. [Regression potential] The regression potential is low since the changes in version 3.36.1 are small. [Other] libgweather 3.36.1 has been successfully built as a no-change backport from Groovy to Focal in my PPA and runs fine: https://launchpad.net/~amribrahim1987/+archive/ubuntu/ppa/+packages?field.name_filter=libgweather_filter=published_filter= ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: libgweather-3-16 3.36.0-1 ProcVersionSignature: Ubuntu 5.4.0-42.46-generic 5.4.44 Uname: Linux 5.4.0-42-generic x86_64 ApportVersion: 2.20.11-0ubuntu27.8 Architecture: amd64 CasperMD5CheckResult: skip CurrentDesktop: ubuntu:GNOME Date: Sun Aug 23 19:05:21 2020 InstallationDate: Installed on 2020-04-26 (119 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) SourcePackage: libgweather UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/libgweather/+bug/1892643/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1892643] Re: [SRU] Update libgweather to 3.36.1
Hey Amr and thanks for making ubuntu better. Do you mind double checking your patch? Trying to apply it on 3.36.0-1, I get those chunks failing to apply (tried both your .diff and .diff.gz): patching file debian/changelog patching file libgweather/gweather-weather.c patching file libgweather/weather-metar.c patching file meson.build patching file NEWS patching file po/lv.po Hunk #1 FAILED at 6. Hunk #2 FAILED at 830. Hunk #3 FAILED at 849. Hunk #4 FAILED at 944. Hunk #5 FAILED at 1056. 5 out of 5 hunks FAILED -- saving rejects to file po/lv.po.rej patching file po/nb.po Hunk #1 succeeded at 1 with fuzz 2. Hunk #2 FAILED at 17. Hunk #3 FAILED at 246. Hunk #4 FAILED at 537. Hunk #5 FAILED at 843. Hunk #6 FAILED at 932. Hunk #7 FAILED at 1045. Hunk #8 succeeded at 1074 with fuzz 2. Hunk #9 succeeded at 1087 with fuzz 2. Hunk #10 succeeded at 1101 with fuzz 2. Hunk #11 succeeded at 1117 with fuzz 2. 6 out of 11 hunks FAILED -- saving rejects to file po/nb.po.rej patching file po/uk.po Hunk #1 FAILED at 1. Hunk #2 FAILED at 455. Hunk #3 FAILED at 544. Hunk #4 FAILED at 726. 4 out of 4 hunks FAILED -- saving rejects to file po/uk.po.rej patching file po-locations/nb.po Hunk #1 succeeded at 1 with fuzz 2. Hunk #4 FAILED at 1748. Hunk #5 succeeded at 1757 with fuzz 1. Hunk #6 FAILED at 2094. Hunk #10 succeeded at 5624 with fuzz 1. Hunk #12 FAILED at 6455. Hunk #15 FAILED at 6532. Hunk #16 FAILED at 6547. Hunk #18 FAILED at 7011. Hunk #20 succeeded at 7566 with fuzz 2. Hunk #24 FAILED at 7946. Hunk #27 succeeded at 8879 with fuzz 1. Hunk #28 FAILED at 9175. Hunk #32 FAILED at 9750. Hunk #33 FAILED at 10098. Hunk #34 FAILED at 10319. Hunk #35 FAILED at 10361. Hunk #36 FAILED at 10459. Hunk #37 succeeded at 10491 with fuzz 2. Hunk #38 FAILED at 10535. Hunk #39 FAILED at 10871. Hunk #40 FAILED at 10887. Hunk #41 FAILED at 10915. Hunk #43 FAILED at 11159. 18 out of 50 hunks FAILED -- saving rejects to file po-locations/nb.po.rej patching file po-locations/ro.po Hunk #1 FAILED at 9. Hunk #4 FAILED at 10310. Hunk #5 FAILED at 10352. Hunk #6 FAILED at 10450. Hunk #7 FAILED at 8. 5 out of 10 hunks FAILED -- saving rejects to file po-locations/ro.po.rej patching file po-locations/sk.po Hunk #1 succeeded at 10 with fuzz 1. Hunk #2 succeeded at 1767 with fuzz 2. Hunk #7 FAILED at 7278. Hunk #8 FAILED at 7628. Hunk #9 FAILED at 7673. Hunk #10 succeeded at 7713 with fuzz 2. Hunk #12 succeeded at 8882 with fuzz 2. Hunk #13 FAILED at 10322. Hunk #14 FAILED at 10364. Hunk #15 FAILED at 10462. Hunk #16 succeeded at 10500 with fuzz 2. 6 out of 18 hunks FAILED -- saving rejects to file po-locations/sk.po.rej patching file po-locations/uk.po Hunk #3 FAILED at 5066. Hunk #4 FAILED at 17519. 2 out of 4 hunks FAILED -- saving rejects to file po-locations/uk.po.rej -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libgweather in Ubuntu. https://bugs.launchpad.net/bugs/1892643 Title: [SRU] Update libgweather to 3.36.1 Status in libgweather: Unknown Status in libgweather package in Ubuntu: Fix Released Status in libgweather source package in Focal: New Status in libgweather package in Debian: Unknown Bug description: [Impact] libgweather 3.36.1 is a bug-fix release as part of GNOME 3.36. https://gitlab.gnome.org/GNOME/libgweather/-/blob/gnome-3-36/NEWS This version works around the unavailability of the NOAA weather services by using very short-term forecasts as current weather conditions. Sometimes the current weather is not available because the NOAA weather servers aren't working correctly. Version 3.36.1 fixes the unavailability of current temperature in some locations. [Test case] Make sure that gnome-weather is still working properly and the weather in gnome-shell is shown when gnome-weather is installed. [Regression potential] The regression potential is low since the changes in version 3.36.1 are small. [Other] libgweather 3.36.1 has been successfully built as a no-change backport from Groovy to Focal in my PPA and runs fine: https://launchpad.net/~amribrahim1987/+archive/ubuntu/ppa/+packages?field.name_filter=libgweather_filter=published_filter= ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: libgweather-3-16 3.36.0-1 ProcVersionSignature: Ubuntu 5.4.0-42.46-generic 5.4.44 Uname: Linux 5.4.0-42-generic x86_64 ApportVersion: 2.20.11-0ubuntu27.8 Architecture: amd64 CasperMD5CheckResult: skip CurrentDesktop: ubuntu:GNOME Date: Sun Aug 23 19:05:21 2020 InstallationDate: Installed on 2020-04-26 (119 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) SourcePackage: libgweather UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/libgweather/+bug/1892643/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to :
[Desktop-packages] [Bug 1897565] Re: [SRU] Persistent dataset print strangely
** Also affects: zsys (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: zsys (Ubuntu Bionic) Importance: Undecided => Medium ** Changed in: zsys (Ubuntu) Importance: Undecided => Medium ** Changed in: zsys (Ubuntu) Assignee: (unassigned) => Didier Roche (didrocks) ** Changed in: zsys (Ubuntu Bionic) Assignee: (unassigned) => Didier Roche (didrocks) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1897565 Title: [SRU] Persistent dataset print strangely Status in zsys package in Ubuntu: New Status in zsys source package in Bionic: New Bug description: [Impact] * When running When I run zsysctl show --full, the output of persistent datasets is garbagled, like: Persistent Datasets: - &{rpool/usr/local %!!(MISSING)s(bool=false) {/usr/local on %!!(MISSING)s(bool=true) %!!(MISSING)s(bool=false) %!!(MISSING)s(int=0){inherited }} [] {%!!(MISSING)s(*zfs.Dataset=&{0x1fab700 1 map[1:{1594525151 none} 6:{yes none} 13:{/usr/local inherited} 27:{rpool/usr/local none} 28:{on default}] []})}} - &{rpool/var/games %!!(MISSING)s(bool=false) {/var/games on %!!(MISSING)s(bool=true) %!!(MISSING)s(bool=false) %!!(MISSING)s(int=0){inherited }} [] {%!!(MISSING)s(*zfs.Dataset=&{0x1b96680 1 map[1:{1594525151 none} 6:{yes none} 13:{/var/games inherited} 27:{rpool/var/games none} 28:{on default}] []})}} - &{rpool/var/mail %!!(MISSING)s(bool=false) {/var/mail on %!!(MISSING)s(bool=true) %!!(MISSING)s(bool=false) %!!(MISSING)s(int=0){inherited }} [] {%!!(MISSING)s(*zfs.Dataset=&{0x1beff10 1 map[1:{1594525151 none} 6:{yes none} 13:{/var/mail inherited} 27:{rpool/var/mail none} 28:{on default}] []})}} [Test Case] * After installing new version, run zsysctl show --full and check the output of persistent datasets Those should be of the form: Persistent Datasets: - rpool/boot/grub [Regression Potential] * The code impact is on the output formatting, which then can be less readable than today. * Note that i18n is impacted (due to the \t which was invalid here), but in practice, this string isn’t translated. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zsys/+bug/1897565/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1897565] [NEW] [SRU] Persistent dataset print strangely
Public bug reported: [Impact] * When running When I run zsysctl show --full, the output of persistent datasets is garbagled, like: Persistent Datasets: - &{rpool/usr/local %!!(MISSING)s(bool=false) {/usr/local on %!!(MISSING)s(bool=true) %!!(MISSING)s(bool=false) %!!(MISSING)s(int=0){inherited }} [] {%!!(MISSING)s(*zfs.Dataset=&{0x1fab700 1 map[1:{1594525151 none} 6:{yes none} 13:{/usr/local inherited} 27:{rpool/usr/local none} 28:{on default}] []})}} - &{rpool/var/games %!!(MISSING)s(bool=false) {/var/games on %!!(MISSING)s(bool=true) %!!(MISSING)s(bool=false) %!!(MISSING)s(int=0){inherited }} [] {%!!(MISSING)s(*zfs.Dataset=&{0x1b96680 1 map[1:{1594525151 none} 6:{yes none} 13:{/var/games inherited} 27:{rpool/var/games none} 28:{on default}] []})}} - &{rpool/var/mail %!!(MISSING)s(bool=false) {/var/mail on %!!(MISSING)s(bool=true) %!!(MISSING)s(bool=false) %!!(MISSING)s(int=0) {inherited }} [] {%!!(MISSING)s(*zfs.Dataset=&{0x1beff10 1 map[1:{1594525151 none} 6:{yes none} 13:{/var/mail inherited} 27:{rpool/var/mail none} 28:{on default}] []})}} [Test Case] * After installing new version, run zsysctl show --full and check the output of persistent datasets Those should be of the form: Persistent Datasets: - rpool/boot/grub [Regression Potential] * The code impact is on the output formatting, which then can be less readable than today. * Note that i18n is impacted (due to the \t which was invalid here), but in practice, this string isn’t translated. ** Affects: zsys (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1897565 Title: [SRU] Persistent dataset print strangely Status in zsys package in Ubuntu: New Bug description: [Impact] * When running When I run zsysctl show --full, the output of persistent datasets is garbagled, like: Persistent Datasets: - &{rpool/usr/local %!!(MISSING)s(bool=false) {/usr/local on %!!(MISSING)s(bool=true) %!!(MISSING)s(bool=false) %!!(MISSING)s(int=0){inherited }} [] {%!!(MISSING)s(*zfs.Dataset=&{0x1fab700 1 map[1:{1594525151 none} 6:{yes none} 13:{/usr/local inherited} 27:{rpool/usr/local none} 28:{on default}] []})}} - &{rpool/var/games %!!(MISSING)s(bool=false) {/var/games on %!!(MISSING)s(bool=true) %!!(MISSING)s(bool=false) %!!(MISSING)s(int=0){inherited }} [] {%!!(MISSING)s(*zfs.Dataset=&{0x1b96680 1 map[1:{1594525151 none} 6:{yes none} 13:{/var/games inherited} 27:{rpool/var/games none} 28:{on default}] []})}} - &{rpool/var/mail %!!(MISSING)s(bool=false) {/var/mail on %!!(MISSING)s(bool=true) %!!(MISSING)s(bool=false) %!!(MISSING)s(int=0){inherited }} [] {%!!(MISSING)s(*zfs.Dataset=&{0x1beff10 1 map[1:{1594525151 none} 6:{yes none} 13:{/var/mail inherited} 27:{rpool/var/mail none} 28:{on default}] []})}} [Test Case] * After installing new version, run zsysctl show --full and check the output of persistent datasets Those should be of the form: Persistent Datasets: - rpool/boot/grub [Regression Potential] * The code impact is on the output formatting, which then can be less readable than today. * Note that i18n is impacted (due to the \t which was invalid here), but in practice, this string isn’t translated. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zsys/+bug/1897565/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1897563] [NEW] Zsys changes the canmount property of persistent bpool/grub dataset
Public bug reported: [Impact] * People having personal layout, like a persistent dedicated dataset under /boot like /boot/grub will get it unmouted after a state revert. * Side effects: - those datasets are never marked as being part of the current machine, or any state. - bpool and bpool/BOOT are not listed in the unmanaged dataset list. [Test Case] * Install ZFS manually with a persistent bpool/bpool/grub dataset * Take a snapshot * Revert to this snapshot when rebooting * Check that the persistent grub dataset is still mounted * You can check as well with zsysctl show --full that you have this persistent dataset attached to the machine. [Regression Potential] * New datasets under /boot could appear to be attached by the machine (even if unlikely due to the huge testsuite which has been updated and checked) ** Affects: zsys (Ubuntu) Importance: Undecided Status: New ** Affects: zsys (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: zsys (Ubuntu Bionic) Importance: Undecided Status: New ** Description changed: [Impact] - - * People having personal layout, like a persistent dedicated dataset under /boot like /boot/grub will get it unmouted after a state revert. - * Side effects: - - those datasets are never marked as being part of the current machine, or any state. - - bpool and bpool/BOOT are not listed in the unmanaged dataset list. + * People having personal layout, like a persistent dedicated dataset under /boot like /boot/grub will get it unmouted after a state revert. + * Side effects: + - those datasets are never marked as being part of the current machine, or any state. + - bpool and bpool/BOOT are not listed in the unmanaged dataset list. [Test Case] + * Install ZFS manually with a persistent bpool/bpool/grub dataset + * Take a snapshot + * Revert to this snapshot when rebooting + * Check that the persistent grub dataset is still mounted + * You can check as well with zsysctl show --full that you have this persistent dataset attached to the machine. - * Install ZFS manually with a persistent bpool/bpool/grub dataset - * Take a snapshot - * Revert to this snapshot when rebooting - * Check that the persistent grub dataset is still mounted - * You can check as well with zsysctl show that you have this persistent dataset attached to the machine. - - [Regression Potential] - * New datasets under /boot could appear to be attached by the machine (even if unlikely due to the huge testsuite which has been updated and checked) + [Regression Potential] + * New datasets under /boot could appear to be attached by the machine (even if unlikely due to the huge testsuite which has been updated and checked) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1897563 Title: Zsys changes the canmount property of persistent bpool/grub dataset Status in zsys package in Ubuntu: New Status in zsys source package in Bionic: New Bug description: [Impact] * People having personal layout, like a persistent dedicated dataset under /boot like /boot/grub will get it unmouted after a state revert. * Side effects: - those datasets are never marked as being part of the current machine, or any state. - bpool and bpool/BOOT are not listed in the unmanaged dataset list. [Test Case] * Install ZFS manually with a persistent bpool/bpool/grub dataset * Take a snapshot * Revert to this snapshot when rebooting * Check that the persistent grub dataset is still mounted * You can check as well with zsysctl show --full that you have this persistent dataset attached to the machine. [Regression Potential] * New datasets under /boot could appear to be attached by the machine (even if unlikely due to the huge testsuite which has been updated and checked) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zsys/+bug/1897563/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1812456] Re: [MIR] libflatpak0
[Summary] ACK from the MIR team. This does need a security review, so I'll assign ubuntu-security list specific binary packages to be promoted to main [Duplication] There is no other package in main providing the same functionality. [Dependencies] - no other Dependencies to MIR due to this apart from ostree which is listed above [Embedded sources and static linking] - no embedded source present - no static linking [Security] - history of CVEs does not look concerning - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats - does not open a port - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop (apart in tests) - does not deal with system authentication (eg, pam), etc) Problems: - it does run a daemon as root and interacts with cgroups. This isn’t part of the binary package we are promoting, however, as we have the rule "if the source in is main, we can promote any other binary package without a new MIR", this will need to be checked right now with the security team. [Common blockers] OP: - does not FTBFS currently - does have a test suite that runs at build time - test suite fails will fail the build upon error. - does have a test suite that runs as autopkgtest. Some tests are marked as flaky - The package has a team bug subscriber - translation presents? - not a python/go package, no extra constraints to consider int hat regard - no new python2 dependency [Packaging red flags] OK: - Ubuntu does not carry a delta - symbols tracking is in place - d/watch is present and looks ok - Upstream update history is good - Debian/Ubuntu update history is good - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far - no massive Lintian warnings - d/rules is rather clean - Does not have Built-Using [Upstream red flags] OK: - no Errors/warnings during the build - no incautious use of malloc/sprintf (as far as I can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH - no use of user nobody - no use of setuid - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - no embedded source copies - not part of the UI for extra checks ** Changed in: flatpak (Ubuntu) Assignee: Didier Roche (didrocks) => Ubuntu Security Team (ubuntu-security) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1812456 Title: [MIR] libflatpak0 Status in flatpak package in Ubuntu: New Bug description: Many applications have Flatpak integration using libflatpak. The Ubuntu desktop team would like libflatpak0 in main so we can easily build such applications. It takes a lot of work to make these dependencies optional and sometimes that is not possible. We don't need the Flatpak functionality to work by default and do not expect any other Flatpak packages to be installed by default. Default packages that have flatpak integration: - gnome-control-center (application panel). - malcontent (parental controls) Availability In Universe, builds for all architectures and in sync with Debian. Rationale = Multiple default packages have libflatpak as a dependency, including malcontent (LP: #1892456). Security This will need a Security review. https://security-tracker.debian.org/tracker/source-package/flatpak There have been two CVEs, both have been fixed in all supported Ubuntu releases. More recently, there is LP: #1815528 Quality Assurance = Bug subscriber: should be Ubuntu Desktop Bugs https://bugs.launchpad.net/ubuntu/+source/flatpak https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=flatpak https://github.com/flatpak/flatpak/issues tests are run as build tests (with dh_auto_test) and installed autopkgtests on Debian and Ubuntu. https://ci.debian.net/packages/f/flatpak http://autopkgtest.ubuntu.com/packages/f/flatpak UI Standards N/A Dependencies All in main except for libostree-1-1 (LP: #1892454) Standards Compliance Package uses standards version 4.5.0. Maintenance === - Actively developed upstream https://github.com/flatpak/flatpak - Maintained in Debian by the pkg-utopia team but more specifically, it is maintained by Simon McVittie (smcv) who maintains Flatpak, ostree, xdg-dbus-proxy, xdg-desktop-portal and xdg-desktop-portal-gtk. short dh7 style rules, dh compat 10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/flatpak/+bug/1812456/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More h
[Desktop-packages] [Bug 1892454] Re: [MIR] libostree-1-1
[Summary] MIR team ACK under the condition that: - https://bugs.launchpad.net/ubuntu/+source/libselinux/+bug/1892455 question is answered (for me as well, this component is already in main). - Which binary package will be needed to be promoted (the minimum set)? It seems only that libflatpak0 is only depending on libostree-1-1. Can you confirm this is the expected one to be promoted and only this one? - Will need a security review (already assigning, even if the questions needs to be answered in parallel) TODOs: - answer the 2 questions above - one suggestion below for running more tests on non s390x. - have the security team +1 [Duplication] There is no other package in main providing the same functionality. [Dependencies] no other Dependencies to MIR due to this if limited to libostree-1 [Embedded sources and static linking] - no embedded source present - no static linking [Security] OK: - history of CVEs does not look concerning (see comment in description) - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats - does not open a port - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop (only for tests) - does not deal with system authentication (eg, pam), etc) Problems: ostree-boot has a some code executing as root (systemd generator and systemd system service) and interacts with selinux. It’s not part of what is supposed to be promoted. However, as we have the rule "if the source is in main, you can get other binary packages part of this source promoted without a MIR", it will need to be checked this cycle. [Common blockers] OK: - does not FTBFS currently - does have a test suite that runs at build time - test suite fails will fail the build upon error. - does have a test suite that runs as autopkgtest - The package has a team bug subscriber - no translation present, but none needed for this case (user visible)? - not a python/go package, no extra constraints to consider in that regard [Packaging red flags] OK: - Ubuntu does not carry a delta - symbols tracking is in place - d/watch is present and looks ok - Upstream update history is good - Debian/Ubuntu update history is good - Debian is on the current release, we are one release behind due to sync freeze. - promoting this does not seem to cause issues for MOTUs that so far for who maintained the package - no massive Lintian warnings (overrides are well explained) - d/rules is rather clean - Does not have Built-Using Note: the package is very well maintained, and any override, changes in rules, that needs explanation are commented. One flaky test is skipped, with a long description which demonstrates that this has been thought about (but not reported upstream maybe?). TODO: - it may be interesting to set OSTREE_TEST_ALLOW_RANDOM on non s390x from the description in package build and autopkgtests. Mind checking that with Debian? [Upstream red flags] OK: - no Errors/warnings during the build - no incautious use of malloc/sprintf (as far as I can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH - no use of user nobody - no use of setuid (apart in tests) - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - no embedded source copies - not part of the UI for extra checks ** Changed in: ostree (Ubuntu) Assignee: Didier Roche (didrocks) => Ubuntu Security Team (ubuntu-security) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1892454 Title: [MIR] libostree-1-1 Status in ostree package in Ubuntu: New Bug description: Many applications have Flatpak integration using libflatpak. The Ubuntu desktop team would like libflatpak in main so we can easily build such applications (LP: #1812456). libostree-1-1 is a dependency of this, so it would also need to be in main. We don't need OSTree functionality, and do not expect any other OSTree packages to be installed by default. Availability In Universe, builds for all architectures and in sync with Debian. Rationale = Required for libflatpak0 being in main (LP: #1812456) Security This will need a Security review. Quality Assurance = Should be subscribed to by Ubuntu Desktop Bugs. Contains a single .so and doesn't have any debconf prompts. Package is maintained in Debian. No major bugs in Debian or Ubuntu. UI Standards N/A Dependencies All in main except for libselinux1 (LP: #1892455) Standards Compliance Package uses standards version 4.5.0. Maintenance === Actively developed upstream https://github.com/ostreedev/ostree. Packages actively maintained in Debian. Security Checks ===
[Desktop-packages] [Bug 1892454] Re: [MIR] libostree-1-1
Robert, you didn’t get desktop-packages subscribed again, mind doing so before resetting to NEW and assigning? Thanks! ** Changed in: ostree (Ubuntu) Status: New => Incomplete ** Changed in: ostree (Ubuntu) Assignee: (unassigned) => Robert Ancell (robert-ancell) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/1892454 Title: [MIR] libostree-1-1 Status in ostree package in Ubuntu: New Bug description: Many applications have Flatpak integration using libflatpak. The Ubuntu desktop team would like libflatpak in main so we can easily build such applications (LP: #1812456). libostree-1-1 is a dependency of this, so it would also need to be in main. We don't need OSTree functionality, and do not expect any other OSTree packages to be installed by default. Availability In Universe, builds for all architectures and in sync with Debian. Rationale = Required for libflatpak0 being in main (LP: #1812456) Security This will need a Security review. Quality Assurance = Should be subscribed to by Ubuntu Desktop Bugs. Contains a single .so and doesn't have any debconf prompts. Package is maintained in Debian. No major bugs in Debian or Ubuntu. UI Standards N/A Dependencies All in main except for libselinux1 (LP: #1892455) Standards Compliance Package uses standards version 4.5.0. Maintenance === Actively developed upstream https://github.com/ostreedev/ostree. Packages actively maintained in Debian. Security Checks === 2 CVEs found in http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ostree, but they seem to relate to actual OSTree functionality, not issues in libostree. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ostree/+bug/1892454/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1883887] Re: Focal installer destroyed my datasets
This was fixed in zsys 0.4.6. ** Changed in: zsys (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1883887 Title: Focal installer destroyed my datasets Status in zsys package in Ubuntu: Fix Released Bug description: I installed focal about a month about, using the desktop installer with the 'experimental' ZFS root option. I've been running ZFS on FreeBSD for about 10 years and figured I could handle any sharp edges. It's installed to a single 2TB SSD - no RAID, no L2ARC/ZIL, no dedup, nothing complicated. Machine is an Intel S2600CP2, 2x E5-2670 v1, 128GiB RAM. The machine stayed up for a few weeks, until I had cause to physically move it and so shut it down. It turned out GRUB had installed onto the wrong disk which I'd removed in the intervening time. It wouldn't boot, so I booted the focal desktop installer from a USB stick to give me a shell to fix things. I didn't run the actual installer, I just booted to the installer desktop and then did Ctrl-Alt-F1, apt install openssh-server, and then logged in via SSH. Then I followed some instructions about mounting the pool in a chroot (Step 3): https://askubuntu.com/questions/826209/re-initialise-grub-for-non-bootable-uefi-zfs-16-04-installation This took a couple of goes to get right as the first time I tried to mount on top of the installer (without zpool import -R) and many filesystems couldn't replace preexisting mounts, so I exported and re-imported. Anyway, I succeeded in mounting, and then doing update-grub. However, looking at the zpool history -il log while I was in the installer I see: (full zpool history -il log attached) 2020-06-16.14:56:34 [txg:889337] open pool version 5000; software version unknown; uts ubuntu 5.4.0-26-generic #30-Ubuntu SMP Mon Apr 20 16:58:30 UTC 2020 x86_64 [on ubuntu] 2020-06-16.14:56:34 [txg:889339] import pool version 5000; software version unknown; uts ubuntu 5.4.0-26-generic #30-Ubuntu SMP Mon Apr 20 16:58:30 UTC 2020 x86_64 [on ubuntu] 2020-06-16.14:58:20 zpool export rpool bpool [user 0 (root) on ubuntu:linux] 2020-06-16.14:59:16 [txg:889372] open pool version 5000; software version unknown; uts ubuntu 5.4.0-26-generic #30-Ubuntu SMP Mon Apr 20 16:58:30 UTC 2020 x86_64 [on ubuntu] 2020-06-16.14:59:16 [txg:889374] import pool version 5000; software version unknown; uts ubuntu 5.4.0-26-generic #30-Ubuntu SMP Mon Apr 20 16:58:30 UTC 2020 x86_64 [on ubuntu] 2020-06-16.15:01:32 [txg:889402] destroy rpool/ROOT/ubuntu_rjlt3b/var/log@autozsys_1gwqtf (19222) [on ubuntu] 2020-06-16.15:01:32 ioctl destroy_snaps input: snaps: rpool/ROOT/ubuntu_rjlt3b/var/log@autozsys_1gwqtf [user 0 (root) on ubuntu:linux] ...lots of snapshots are deleted... 2020-06-16.15:05:55 [txg:889577] destroy rpool/USERDATA/root_tavly8@autozsys_1gwqtf (19722) [on ubuntu] 2020-06-16.15:06:00 ioctl destroy_snaps input: snaps: rpool/USERDATA/root_tavly8@autozsys_1gwqtf 2020-06-16.15:06:45 [txg:889588] destroy rpool/USERDATA/local/vm/freebsd-12.1 (3398) [on ubuntu] 2020-06-16.15:06:45 [txg:889590] destroy rpool/USERDATA/local/vm (735) [on ubuntu] 2020-06-16.15:06:46 [txg:889592] destroy rpool/USERDATA/local/ecad/altera (551) [on ubuntu] 2020-06-16.15:06:46 [txg:889594] destroy rpool/USERDATA/local/ecad/xilinx (3476) [on ubuntu] 2020-06-16.15:06:47 [txg:889596] destroy rpool/USERDATA/local/ecad (127) [on ubuntu] 2020-06-16.15:06:48 [txg:889598] destroy rpool/USERDATA/local/scratch/atm26 (2058) [on ubuntu] 2020-06-16.15:06:48 [txg:889600] destroy rpool/USERDATA/local/scratch (2447) [on ubuntu] 2020-06-16.15:06:49 [txg:889602] destroy rpool/USERDATA/local (1671) [on ubuntu] 2020-06-16.15:07:20 [txg:889668] destroy rpool/USERDATA/opt_tavly8/riscv (1878) [on ubuntu] 2020-06-16.15:07:21 [txg:889670] destroy rpool/USERDATA/opt_tavly8/brave.com (1864) [on ubuntu] 2020-06-16.15:07:23 [txg:889672] destroy rpool/USERDATA/opt_tavly8/riscv-llvm (4788) [on ubuntu] 2020-06-16.15:07:24 [txg:889674] destroy rpool/USERDATA/opt_tavly8/riscv-freebsd (5147) [on ubuntu] 2020-06-16.15:07:25 [txg:889676] destroy rpool/USERDATA/opt_tavly8 (3313) [on ubuntu] Here something that wasn't the command line - and so I assume is zsys - deleted all the datasets I made in rpool/USERDATA. This was about 1TiB of data. Needless to say, nothing should be destroying user datasets. root@mesozoic:/# lsb_release -rd Description:Ubuntu 20.04 LTS Release:20.04 root@mesozoic:/# apt-cache policy zsys zsys: Installed: 0.4.5 Candidate: 0.4.5 Version table: *** 0.4.5 500 500 http://ubuntu.mirrors.uk2.net/ubuntu focal/main amd64 Packages 100 /var/lib/dpkg/status root@mesozoic:/# dpkg
[Desktop-packages] [Bug 1891987] [NEW] epson stylus photo rx560 is detected, added, but when printing, task is ending up immediatelly with success
Public bug reported: Tried with both manufacturer and gutenprint driver: 1. plug an epson stylus photo rx560 via usb 2. add the driver (manufacturer first, retried with gutenprint) autodetected our gtk ubuntu specific application. 3. Tried to print with multiple apps: the task is queued and then immediately terminated with success. Nothing is printed. $ lsmod | grep usb usb_storage77824 1 uas usblp 24576 0 btusb 57344 0 btrtl 24576 1 btusb btbcm 16384 1 btusb btintel24576 1 btusb bluetooth 581632 31 btrtl,btintel,btbcm,bnep,btusb,rfcomm usbhid 57344 0 hid 131072 2 usbhid,hid_generic Logs when adding the printer: $ tail -f /var/log/syslog Aug 18 09:36:00 casanier kernel: [ 2570.342143] usb 1-1: new high-speed USB device number 10 using xhci_hcd Aug 18 09:36:00 casanier kernel: [ 2570.501144] usb 1-1: New USB device found, idVendor=04b8, idProduct=0827, bcdDevice= 1.00 Aug 18 09:36:00 casanier kernel: [ 2570.501150] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 Aug 18 09:36:00 casanier kernel: [ 2570.501154] usb 1-1: Product: USB2.0 MFP(Hi-Speed) Aug 18 09:36:00 casanier kernel: [ 2570.501157] usb 1-1: Manufacturer: EPSON Aug 18 09:36:00 casanier kernel: [ 2570.501159] usb 1-1: SerialNumber: LH1010609180813040 Aug 18 09:36:00 casanier kernel: [ 2570.514421] usblp 1-1:1.1: usblp0: USB Bidirectional printer dev 10 if 1 alt 0 proto 2 vid 0x04B8 pid 0x0827 Aug 18 09:36:00 casanier kernel: [ 2570.516384] usb-storage 1-1:1.2: USB Mass Storage device detected Aug 18 09:36:00 casanier kernel: [ 2570.516676] scsi host5: usb-storage 1-1:1.2 Aug 18 09:36:00 casanier systemd[1]: Started Configure Plugged-In Printer. Aug 18 09:36:00 casanier udev-configure-printer: add usb-001-010 Aug 18 09:36:00 casanier udev-configure-printer: device devpath is /devices/pci:00/:00:14.0/usb1/1-1 Aug 18 09:36:00 casanier udev-configure-printer: Device already handled Aug 18 09:36:00 casanier systemd[1]: configure-printer@usb-001-010.service: Main process exited, code=exited, status=1/FAILURE Aug 18 09:36:00 casanier systemd[1]: configure-printer@usb-001-010.service: Failed with result 'exit-code'. Aug 18 09:36:01 casanier kernel: [ 2571.538832] scsi 5:0:0:0: Direct-Access EPSONStylus Storage 1.00 PQ: 0 ANSI: 2 Aug 18 09:36:01 casanier kernel: [ 2571.539702] sd 5:0:0:0: Attached scsi generic sg0 type 0 Aug 18 09:36:01 casanier kernel: [ 2571.545241] sd 5:0:0:0: Power-on or device reset occurred Aug 18 09:36:01 casanier kernel: [ 2571.601212] sd 5:0:0:0: [sda] Attached SCSI removable disk ^C $ ls -l /dev/usb/lp0 crw-rw 1 root lp 180, 0 août 18 09:36 /dev/usb/lp0 $ ls -l /dev/bus/usb/*/* crw-rw-r-- 1 root root189, 0 août 18 08:53 /dev/bus/usb/001/001 crw-rw-r-- 1 root root189, 1 août 18 08:53 /dev/bus/usb/001/002 crw-rw-r-- 1 root root189, 2 août 18 08:53 /dev/bus/usb/001/003 crw-rw-r-- 1 root root189, 3 août 18 08:53 /dev/bus/usb/001/004 crw-rw 1 root plugdev 189, 4 août 18 08:53 /dev/bus/usb/001/005 crw-rw-r-- 1 root root189, 5 août 18 08:53 /dev/bus/usb/001/006 crw-rw-r--+ 1 root lp 189, 9 août 18 09:36 /dev/bus/usb/001/010 crw-rw-r-- 1 root root189, 128 août 18 08:53 /dev/bus/usb/002/001 $ sudo usb_printerid /dev/usb/lp0 GET_DEVICE_ID string: MFG:EPSON;CMD:ESCPL2,BDC,D4,D4PX,ESCPR1;MDL:Stylus Photo RX560;CLS:PRINTER;DES:EPSON Stylus Photo RX560; $ lpinfo -v file cups-brf:/ network socket network lpd network http network beh network https network ipp direct hp network ipps direct usb://EPSON/Stylus%20Photo%20RX560?serial=LH1010609180813040=1 direct hpfax ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: cups 2.3.1-9ubuntu1.1 ProcVersionSignature: Ubuntu 5.4.0-42.46-generic 5.4.44 Uname: Linux 5.4.0-42-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu27.4 Architecture: amd64 CasperMD5CheckResult: skip CupsErrorLog: W [18/Aug/2020:09:01:38 +0200] CreateProfile failed: org.freedesktop.ColorManager.AlreadyExists:profile id \'Stylus-Photo-RX560-Gray..\' already exists W [18/Aug/2020:09:01:38 +0200] CreateProfile failed: org.freedesktop.ColorManager.AlreadyExists:profile id \'Stylus-Photo-RX560-RGB..\' already exists CurrentDesktop: ubuntu:GNOME Date: Tue Aug 18 09:37:40 2020 InstallationDate: Installed on 2020-04-24 (115 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) Lpstat: device for EPSON-Stylus-Photo-RX560: usb://EPSON/Stylus%20Photo%20RX560?serial=LH1010609180813040=1 MachineType: Entroware Kratos Papersize: a4 PpdFiles: Error: command ['fgrep', '-H', '*NickName', '/etc/cups/ppd/EPSON-Stylus-Photo-RX560.ppd'] failed with exit code 2: grep: /etc/cups/ppd/EPSON-Stylus-Photo-RX560.ppd: Permission denied ProcEnviron:
[Desktop-packages] [Bug 1891867] Re: zfs not correctly imported at boot
Please run apport-collect to attach logs so that we can debug your setting. @baling: why subscribing zsys to this bu? There is no mention of zsys being used here, it seems directly a manual zfs setup. ** Package changed: zsys (Ubuntu) => zfs-linux (Ubuntu) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1891867 Title: zfs not correctly imported at boot Status in zfs-linux package in Ubuntu: New Bug description: On a fresh and up-to-date Ubuntu 20.04 amd64 installation I configured two encrypted partitions on the same hdd. On these I created a stripped zpool. After login I can import and mount the pool without problems, but the at-boot import fails after the first partitions is available and never tried again. zpool version: zfs-0.8.3-1ubuntu12.2 zfs-kmod-0.8.3-1ubuntu12.2 uname -a: Linux hostname 5.4.0-40-generic #44-Ubuntu SMP Tue Jun 23 00:01:04 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux systemd --version systemd 245 (245.4-4ubuntu3.2) +PAM +AUDIT +SELINUX +IMA +APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ +LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN2 -IDN +PCRE2 default-hierarchy=hybrid Relevant logs: Aug 17 07:12:25 hostname kernel: sd 1:0:0:0: [sdb] 3907029168 512-byte logical blocks: (2.00 TB/1.82 TiB) Aug 17 07:12:25 hostname kernel: sd 1:0:0:0: [sdb] Write Protect is off Aug 17 07:12:25 hostname kernel: sd 1:0:0:0: [sdb] Mode Sense: 00 3a 00 00 Aug 17 07:12:25 hostname kernel: sd 1:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA Aug 17 07:12:25 hostname kernel: sdb: sdb1 sdb2 Aug 17 07:12:25 hostname kernel: sd 1:0:0:0: [sdb] Attached SCSI disk Aug 17 07:12:25 hostname systemd[1]: zfs-import-cache.service: Found ordering cycle on cryptsetup.target/start Aug 17 07:12:25 hostname systemd[1]: zfs-import-cache.service: Found dependency on systemd-cryptsetup@vol\x2dswap_crypt.service/start Aug 17 07:12:25 hostname systemd[1]: zfs-import-cache.service: Found dependency on systemd-random-seed.service/start Aug 17 07:12:25 hostname systemd[1]: zfs-import-cache.service: Found dependency on zfs-mount.service/start Aug 17 07:12:25 hostname systemd[1]: zfs-import-cache.service: Found dependency on zfs-import.target/start Aug 17 07:12:25 hostname systemd[1]: zfs-import-cache.service: Found dependency on zfs-import-cache.service/start Aug 17 07:12:25 hostname systemd[1]: zfs-import-cache.service: Job cryptsetup.target/start deleted to break ordering cycle starting with zfs-import-cache.service/start Aug 17 07:12:25 hostname systemd[1]: cryptsetup.target: Found dependency on zfs-mount.service/start Aug 17 07:12:25 hostname systemd[1]: cryptsetup.target: Found dependency on zfs-import.target/start Aug 17 07:12:25 hostname systemd[1]: cryptsetup.target: Found dependency on zfs-import-cache.service/start Aug 17 07:12:25 hostname systemd[1]: cryptsetup.target: Found dependency on zfs-mount.service/start Aug 17 07:12:25 hostname systemd[1]: cryptsetup.target: Found dependency on zfs-import.target/start Aug 17 07:12:25 hostname systemd[1]: cryptsetup.target: Found dependency on zfs-import-cache.service/start Aug 17 07:12:26 hostname systemd[1]: cryptsetup.target: Found dependency on zfs-mount.service/start Aug 17 07:12:26 hostname systemd[1]: cryptsetup.target: Found dependency on zfs-import.target/start Aug 17 07:12:26 hostname systemd[1]: cryptsetup.target: Found dependency on zfs-import-cache.service/start Aug 17 07:12:26 hostname systemd[1]: Starting Cryptography Setup for sdb1_crypt... Aug 17 07:12:26 hostname systemd[1]: Starting Cryptography Setup for sdb2_crypt... Aug 17 07:12:26 hostname systemd[1]: cryptsetup.target: Found dependency on zfs-mount.service/start Aug 17 07:12:26 hostname systemd[1]: cryptsetup.target: Found dependency on zfs-import.target/start Aug 17 07:12:26 hostname systemd[1]: cryptsetup.target: Found dependency on zfs-import-cache.service/start Aug 17 07:12:32 hostname systemd[1]: Finished Cryptography Setup for sdb2_crypt. Aug 17 07:12:32 hostname systemd[1]: Reached target Block Device Preparation for /dev/mapper/sdb2_crypt. Aug 17 07:12:32 hostname zpool[1887]: cannot import 'sdb': no such pool or dataset Aug 17 07:12:32 hostname zpool[1887]: Destroy and re-create the pool from Aug 17 07:12:32 hostname zpool[1887]: a backup source. Aug 17 07:12:32 hostname systemd[1]: zfs-import-cache.service: Main process exited, code=exited, status=1/FAILURE Aug 17 07:12:32 hostname systemd[1]: zfs-import-cache.service: Failed with result 'exit-code'. Aug 17 07:12:34 hostname systemd[1]: Finished Cryptography Setup for sdb1_crypt. Aug 17 07:12:34 hostname systemd[1]: Reached target Block Device Preparation for /dev/mapper/sdb1_crypt. To manage notifications about this bug go to:
[Desktop-packages] [Bug 1891132] Re: package zsys 0.4.6 failed to install/upgrade: installed zsys package post-installation script subprocess returned error exit status 1
*** This bug is a duplicate of bug 1886214 *** https://bugs.launchpad.net/bugs/1886214 ** This bug has been marked a duplicate of bug 1886214 zsys package post-installation failed when boot pool is not imported -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1891132 Title: package zsys 0.4.6 failed to install/upgrade: installed zsys package post-installation script subprocess returned error exit status 1 Status in zsys package in Ubuntu: New Bug description: sudo apt install calibre Reading package lists... Done Building dependency tree Reading state information... Done The following packages were automatically installed and are no longer required: libllvm9 linux-headers-5.4.0-39 linux-headers-5.4.0-39-generic linux-image-5.4.0-39-generic linux-modules-5.4.0-39-generic linux-modules-extra-5.4.0-39-generic Use 'sudo apt autoremove' to remove them. The following additional packages will be installed: calibre-bin fonts-mathjax imagemagick imagemagick-6-common imagemagick-6.q16 libchm1 libjpeg-turbo-progs libjs-mathjax libjs-sphinxdoc libjs-underscore libjxr-tools libjxr0 liblqr-1-0 libmagickcore-6.q16-6 libmagickcore-6.q16-6-extra libmagickwand-6.q16-6 libminizip1 libnetpbm10 libpodofo0.9.6 libqt5positioning5 libqt5qml5 libqt5quick5 libqt5quickwidgets5 libqt5webchannel5 libqt5webengine-data libqt5webengine5 libqt5webenginecore5 libqt5webenginewidgets5 libre2-5 netpbm optipng python3-apsw python3-bs4 python3-chm python3-css-parser python3-cssselect python3-cssutils python3-dnspython python3-feedparser python3-html2text python3-html5-parser python3-html5lib python3-ifaddr python3-lxml python3-markdown python3-mechanize python3-msgpack python3-nose python3-packaging python3-pygments python3-pyparsing python3-pyqt5.qtsvg python3-pyqt5.qtwebchannel python3-pyqt5.qtwebengine python3-regex python3-repoze.lru python3-routes python3-soupsieve python3-webencodings python3-webob python3-zeroconf Suggested packages: python3-openssl python3-unrardll imagemagick-doc autotrace enscript gnuplot grads graphviz hp2xx html2ps libwmf-bin mplayer povray radiance texlive-base-bin transfig ufraw-batch fonts-mathjax-extras fonts-stix libjs-mathjax-doc inkscape qt5-qmltooling-plugins python-apsw-doc python3-genshi python3-lxml-dbg python-lxml-doc python-markdown-doc python-nose-doc python-pygments-doc ttf-bitstream-vera python-pyparsing-doc python3-paste python-webob-doc The following NEW packages will be installed calibre calibre-bin fonts-mathjax imagemagick imagemagick-6-common imagemagick-6.q16 libchm1 libjpeg-turbo-progs libjs-mathjax libjs-sphinxdoc libjs-underscore libjxr-tools libjxr0 liblqr-1-0 libmagickcore-6.q16-6 libmagickcore-6.q16-6-extra libmagickwand-6.q16-6 libminizip1 libnetpbm10 libpodofo0.9.6 libqt5positioning5 libqt5qml5 libqt5quick5 libqt5quickwidgets5 libqt5webchannel5 libqt5webengine-data libqt5webengine5 libqt5webenginecore5 libqt5webenginewidgets5 libre2-5 netpbm optipng python3-apsw python3-bs4 python3-chm python3-css-parser python3-cssselect python3-cssutils python3-dnspython python3-feedparser python3-html2text python3-html5-parser python3-html5lib python3-ifaddr python3-lxml python3-markdown python3-mechanize python3-msgpack python3-nose python3-packaging python3-pygments python3-pyparsing python3-pyqt5.qtsvg python3-pyqt5.qtwebchannel python3-pyqt5.qtwebengine python3-regex python3-repoze.lru python3-routes python3-soupsieve python3-webencodings python3-webob python3-zeroconf 0 to upgrade, 62 to newly install, 0 to remove and 0 not to upgrade. 1 not fully installed or removed. Need to get 82.8 MB of archives. After this operation, 298 MB of additional disk space will be used. Do you want to continue? [Y/n] y Get:1 http://gb.archive.ubuntu.com/ubuntu focal/universe amd64 liblqr-1-0 amd64 0.4.2-2.1 [27.7 kB] Get:2 http://gb.archive.ubuntu.com/ubuntu focal/universe amd64 imagemagick-6-common all 8:6.9.10.23+dfsg-2.1ubuntu11 [60.8 kB] Get:3 http://gb.archive.ubuntu.com/ubuntu focal/universe amd64 libmagickcore-6.q16-6 amd64 8:6.9.10.23+dfsg-2.1ubuntu11 [1,645 kB] Get:4 http://gb.archive.ubuntu.com/ubuntu focal/universe amd64 libmagickwand-6.q16-6 amd64 8:6.9.10.23+dfsg-2.1ubuntu11 [305 kB] Get:5 http://gb.archive.ubuntu.com/ubuntu focal/universe amd64 libpodofo0.9.6 amd64 0.9.6+dfsg-5build1 [521 kB] Get:6 http://gb.archive.ubuntu.com/ubuntu focal/universe amd64 calibre-bin amd64 4.99.4+dfsg+really4.12.0-1build1 [769 kB] Get:7 http://gb.archive.ubuntu.com/ubuntu focal/universe amd64 imagemagick-6.q16 amd64 8:6.9.10.23+dfsg-2.1ubuntu11 [427 kB] Get:8 http://gb.archive.ubuntu.com/ubuntu focal/universe amd64 imagemagick amd64 8:6.9.10.23+dfsg-2.1ubuntu11 [14.4 kB] Get:9 http://gb.archive.ubuntu.com/ubuntu
[Desktop-packages] [Bug 1889385] [NEW] Change zsys GC to only keep one month
Public bug reported: [Impact] * People start experiencing /boot and disk near being full due to our snapshot policy. * Until we implement GC pressure based on disk space, mitigate the issue by only keeping last month. [Test Case] * Install new ZSys version * zsysctl show -> You should see history states that are older than one month * Wait for a GC pass to be ran, or run directly zsysctl service gc -> The history states older than a month should be gone (for states that don’t have dependencies) [Regression Potential] This change is a configuration tweak, which is already covered by a great number of test cases. Manual testing has been done on a system with a bunch of history states. The regression would be too much or too few history states being removed, but as said, this scenario is already covered by other test cases. ** Affects: zsys (Ubuntu) Importance: High Status: New ** Affects: zsys (Ubuntu Focal) Importance: High Status: New ** Also affects: zsys (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: zsys (Ubuntu Focal) Importance: Undecided => High ** Changed in: zsys (Ubuntu) Importance: Undecided => High -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1889385 Title: Change zsys GC to only keep one month Status in zsys package in Ubuntu: New Status in zsys source package in Focal: New Bug description: [Impact] * People start experiencing /boot and disk near being full due to our snapshot policy. * Until we implement GC pressure based on disk space, mitigate the issue by only keeping last month. [Test Case] * Install new ZSys version * zsysctl show -> You should see history states that are older than one month * Wait for a GC pass to be ran, or run directly zsysctl service gc -> The history states older than a month should be gone (for states that don’t have dependencies) [Regression Potential] This change is a configuration tweak, which is already covered by a great number of test cases. Manual testing has been done on a system with a bunch of history states. The regression would be too much or too few history states being removed, but as said, this scenario is already covered by other test cases. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zsys/+bug/1889385/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1881535] Re: Apt print some message when ZSys was removed without purge
** Also affects: zsys (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: zsys (Ubuntu) Importance: Undecided => Medium ** Changed in: zsys (Ubuntu Focal) Importance: Undecided => Medium ** Changed in: zsys (Ubuntu) Assignee: (unassigned) => Didier Roche (didrocks) ** Changed in: zsys (Ubuntu Focal) Assignee: (unassigned) => Didier Roche (didrocks) ** Description changed: + [Impact] + * If you removed ZSys without purging it, every apt install/upgrade/command was printing an "executable not found" message (but not erroring). + * Change /etc/apt/apt.conf.d/90_zsys_system_autosnapshot to check if /usr/libexec/zsys-system-autosnapshot exists and is executable. Keep || true to not fail the apt transaction. + + [Test Case] + 1. Upgrade to new ZSys version + 2. apt remove zsys (without --purge) + 3. Run and apt install/upgrade transaction + -> No error should be printed. + + [Regression Potential] + * This is cosmetic, for users who removes ZSys installed by ZFS on root system. The only change is in this /etc conffiles by adding the additional check before executing the binary. + + -- + /etc/apt/apt.conf.d/90_zsys_system_autosnapshot is still installed and try to execute /usr/libexec/zsys-system-autosnapshot on apt install/remove/upgrade which then prints an error (but didn’t fail thanks to || true). -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1881535 Title: Apt print some message when ZSys was removed without purge Status in zsys package in Ubuntu: Fix Released Status in zsys source package in Focal: New Bug description: [Impact] * If you removed ZSys without purging it, every apt install/upgrade/command was printing an "executable not found" message (but not erroring). * Change /etc/apt/apt.conf.d/90_zsys_system_autosnapshot to check if /usr/libexec/zsys-system-autosnapshot exists and is executable. Keep || true to not fail the apt transaction. [Test Case] 1. Upgrade to new ZSys version 2. apt remove zsys (without --purge) 3. Run and apt install/upgrade transaction -> No error should be printed. [Regression Potential] * This is cosmetic, for users who removes ZSys installed by ZFS on root system. The only change is in this /etc conffiles by adding the additional check before executing the binary. -- /etc/apt/apt.conf.d/90_zsys_system_autosnapshot is still installed and try to execute /usr/libexec/zsys-system-autosnapshot on apt install/remove/upgrade which then prints an error (but didn’t fail thanks to || true). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zsys/+bug/1881535/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1881539] Re: zsys tries to save gdm user home which doesn’t exit
** Changed in: zsys (Ubuntu) Importance: Undecided => Low ** Changed in: zsys (Ubuntu) Assignee: (unassigned) => Didier Roche (didrocks) ** Also affects: zsys (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: zsys (Ubuntu Focal) Importance: Undecided => Low ** Changed in: zsys (Ubuntu Focal) Assignee: (unassigned) => Didier Roche (didrocks) ** Description changed: + [Impact] + * ZSys user autosave feature was trying to save GDM users on systems that don’t have their GDM session teared down after logged in (nvidia binary driver). + * The saving was failing as no GDM dataset was created.This was only visible in logs: + mai 12 09:41:27 casanier zsysd[48398]: gdm + mai 12 09:41:27 casanier zsysctl[48826]: level=error msg="couldn't save state for user \"gdm\":user \"gdm\" doesn't exist" + mai 12 09:41:27 casanier systemd[2480]: zsys-user-savestate.service: Main process exited, code=exited, status=1/FAILURE + mai 12 09:41:27 casanier systemd[2480]: zsys-user-savestate.service: Failed with result 'exit-code'. + mai 12 09:41:27 casanier systemd[2480]: Failed to start Save current user state periodically. + + + [Test Case] + 1. Install the new ZSys on a machine which gdm session doesn’t tear down + 2. Wait for 5 minutes after boot so that the autosave user timer is triggered. + 3. Check the logs: the timer isn’t ran for gdm user. + + [Regression Potential] + * The fix is about adding ConditionUser=!@system to the systemd user autosave features, so that any user with UID < 1000 (which are the users we don’t create user datasets for) are not considered. + * The failure was silent for most of users who don’t look at the logs. + + + - + From the log: mai 12 09:41:27 casanier zsysd[48398]: gdm mai 12 09:41:27 casanier zsysctl[48826]: level=error msg="couldn't save state for user \"gdm\":user \"gdm\" doesn't exist" mai 12 09:41:27 casanier systemd[2480]: zsys-user-savestate.service: Main process exited, code=exited, status=1/FAILURE mai 12 09:41:27 casanier systemd[2480]: zsys-user-savestate.service: Failed with result 'exit-code'. mai 12 09:41:27 casanier systemd[2480]: Failed to start Save current user state periodically. mai 12 09:42:27 casanier systemd[1]: zsysd.service: Succeeded. We should avoid by default logging user ID < 1000 but root rather than outputting an error. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1881539 Title: zsys tries to save gdm user home which doesn’t exit Status in zsys package in Ubuntu: Fix Released Status in zsys source package in Focal: New Bug description: [Impact] * ZSys user autosave feature was trying to save GDM users on systems that don’t have their GDM session teared down after logged in (nvidia binary driver). * The saving was failing as no GDM dataset was created.This was only visible in logs: mai 12 09:41:27 casanier zsysd[48398]: gdm mai 12 09:41:27 casanier zsysctl[48826]: level=error msg="couldn't save state for user \"gdm\":user \"gdm\" doesn't exist" mai 12 09:41:27 casanier systemd[2480]: zsys-user-savestate.service: Main process exited, code=exited, status=1/FAILURE mai 12 09:41:27 casanier systemd[2480]: zsys-user-savestate.service: Failed with result 'exit-code'. mai 12 09:41:27 casanier systemd[2480]: Failed to start Save current user state periodically. [Test Case] 1. Install the new ZSys on a machine which gdm session doesn’t tear down 2. Wait for 5 minutes after boot so that the autosave user timer is triggered. 3. Check the logs: the timer isn’t ran for gdm user. [Regression Potential] * The fix is about adding ConditionUser=!@system to the systemd user autosave features, so that any user with UID < 1000 (which are the users we don’t create user datasets for) are not considered. * The failure was silent for most of users who don’t look at the logs. - From the log: mai 12 09:41:27 casanier zsysd[48398]: gdm mai 12 09:41:27 casanier zsysctl[48826]: level=error msg="couldn't save state for user \"gdm\":user \"gdm\" doesn't exist" mai 12 09:41:27 casanier systemd[2480]: zsys-user-savestate.service: Main process exited, code=exited, status=1/FAILURE mai 12 09:41:27 casanier systemd[2480]: zsys-user-savestate.service: Failed with result 'exit-code'. mai 12 09:41:27 casanier systemd[2480]: Failed to start Save current user state periodically. mai 12 09:42:27 casanier systemd[1]: zsysd.service: Succeeded. We should avoid by default logging user ID < 1000 but root rather than outputting an error. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zsys/+bug/1881539/+subscriptions -- Maili
[Desktop-packages] [Bug 1875420] Re: zsys causes apt install to output a confusing message
** Description changed: - When zsys is installed, an apt install includes the following message in - its output: + [Impact] + * When Zsys is installed, an apt install includes the following message in its output: + INFO Updating GRUB menu + There's no information that explains why this is being done, so the first time I encountered this it was quite concerning. + * Replace the pre and post-apt run message with the following: + + Requesting to save current system state + Successfully saved as "autozsys_ttmh2w" + ... + ZSys is adding automatic system snapshot to GRUB menu - INFO Updating GRUB menu + + [Test Case] + 1. Install new ZSys version + 2. Run apt upgrade (with content to be installed) + 3. Check that the above messages are printed (without INFO) + 4. Manual state save message is also enhanced for coherence: + $ zsysctl state save --system + ZSys is adding automatic system snapshot to GRUB menu + Successfully saved as "autozsys_l5247e" + + [Regression Potential] + * We changed the print message process to not have any INFO printed. However, those were only used for this specific use case. + * This is only printed to command line users, and the change of strings don’t happen any GUI functionality. ZSys is labelled as experimental and not fully translated, so the change to non english locale has a minimal impact. + + + An apt install includes the following message in its output: + INFO Updating GRUB menu There's no information that explains why this is being done, so the first time I encountered this it was quite concerning. ** Also affects: zsys (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: zsys (Ubuntu Focal) Importance: Undecided => Medium ** Changed in: zsys (Ubuntu Focal) Assignee: (unassigned) => Didier Roche (didrocks) -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1875420 Title: zsys causes apt install to output a confusing message Status in zsys package in Ubuntu: Fix Released Status in zsys source package in Focal: New Bug description: [Impact] * When Zsys is installed, an apt install includes the following message in its output: INFO Updating GRUB menu There's no information that explains why this is being done, so the first time I encountered this it was quite concerning. * Replace the pre and post-apt run message with the following: Requesting to save current system state Successfully saved as "autozsys_ttmh2w" ... ZSys is adding automatic system snapshot to GRUB menu [Test Case] 1. Install new ZSys version 2. Run apt upgrade (with content to be installed) 3. Check that the above messages are printed (without INFO) 4. Manual state save message is also enhanced for coherence: $ zsysctl state save --system ZSys is adding automatic system snapshot to GRUB menu Successfully saved as "autozsys_l5247e" [Regression Potential] * We changed the print message process to not have any INFO printed. However, those were only used for this specific use case. * This is only printed to command line users, and the change of strings don’t happen any GUI functionality. ZSys is labelled as experimental and not fully translated, so the change to non english locale has a minimal impact. An apt install includes the following message in its output: INFO Updating GRUB menu There's no information that explains why this is being done, so the first time I encountered this it was quite concerning. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zsys/+bug/1875420/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
[Desktop-packages] [Bug 1881536] Re: Update LastUsed on shutdown
** Also affects: zsys (Ubuntu Focal) Importance: Undecided Status: New ** Changed in: zsys (Ubuntu) Assignee: (unassigned) => Didier Roche (didrocks) ** Changed in: zsys (Ubuntu Focal) Assignee: (unassigned) => Didier Roche (didrocks) ** Changed in: zsys (Ubuntu) Importance: Undecided => Medium ** Changed in: zsys (Ubuntu Focal) Importance: Undecided => Medium ** Description changed: - When building other machines or when listing after a revert system - states, ensure we present the correct order (snapshots taken on this - filesystem dataset should be before the filesystem dataset itself, as it - was used afterwards). + [Impact] + * When building other machines or when listing after a revert system states, ensure we present the correct order (snapshots taken on this filesystem dataset should be before the filesystem dataset itself, as it was used afterwards). + * Minimize this by a new command, which only updates the LastUsed fields for used datasets on shutdown. + * Shutdown is triggered with ExecStop on the service which updates it on boot, which is more coherent. + * This is covered by new tests cases + + [Test Case] + 1. Run zfs get com.ubuntu.zsys:last-used -> note the time + 2. Shut down the machine + 3. Boot on another machine or on a live session + 4. Mount rpool + 5. Run zfs get com.ubuntu.zsys:last-used -> check the timestamp is newer that the first one noted. + + [Regression Potential] + * A new hidden command is added, triggered when shutting down the zsys-commit service. + * This is covered by new tests. -- You received this bug notification because you are a member of Desktop Packages, which is subscribed to zsys in Ubuntu. https://bugs.launchpad.net/bugs/1881536 Title: Update LastUsed on shutdown Status in zsys package in Ubuntu: Fix Released Status in zsys source package in Focal: New Bug description: [Impact] * When building other machines or when listing after a revert system states, ensure we present the correct order (snapshots taken on this filesystem dataset should be before the filesystem dataset itself, as it was used afterwards). * Minimize this by a new command, which only updates the LastUsed fields for used datasets on shutdown. * Shutdown is triggered with ExecStop on the service which updates it on boot, which is more coherent. * This is covered by new tests cases [Test Case] 1. Run zfs get com.ubuntu.zsys:last-used -> note the time 2. Shut down the machine 3. Boot on another machine or on a live session 4. Mount rpool 5. Run zfs get com.ubuntu.zsys:last-used -> check the timestamp is newer that the first one noted. [Regression Potential] * A new hidden command is added, triggered when shutting down the zsys-commit service. * This is covered by new tests. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zsys/+bug/1881536/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp