[Group.of.nepali.translators] [Bug 1914372] [NEW] Ubuntu packages affected by CVE-2020-24553
*** This bug is a security vulnerability *** Public security bug reported: [Impact] Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header. [Test Case] Described as POC at https://www.redteam-pentesting.de/en/advisories/rt- sa-2020-004/-inconsistent-behavior-of-gos-cgi-and-fastcgi-transport-may- lead-to-cross-site-scripting: 1. Use the snippet of CGI go code provided and run it: go run poc.go 2. Run nginx with the config provided to forward the FastCGI calls to the go program. 3. curl -i -o - http://localhost:8000 4. Observe the output. In a affected go build the output will say: Content-Type: text/html (...) while in the fixed version it should recognize the content type correctly as: Content-Type: image/png [Where problems could occur] * It may affect deployments where go apps are used as CGI scripts - if the setup was incorrectly relying on hard-coded content type it may require fixing it. [Other Info] * The fix is present in golang-1.15 for hirsute and groovy. ** Affects: golang-1.10 (Ubuntu) Importance: High Status: New ** Affects: golang-1.14 (Ubuntu) Importance: High Status: New ** Affects: golang-1.10 (Ubuntu Xenial) Importance: High Status: New ** Affects: golang-1.14 (Ubuntu Xenial) Importance: Undecided Status: Invalid ** Affects: golang-1.10 (Ubuntu Bionic) Importance: High Status: New ** Affects: golang-1.14 (Ubuntu Bionic) Importance: Undecided Status: Invalid ** Affects: golang-1.14 (Ubuntu Focal) Importance: High Status: New ** Affects: golang-1.14 (Ubuntu Groovy) Importance: High Status: New ** Affects: golang-1.14 (Ubuntu Hirsute) Importance: High Status: New ** Tags: sts ** Also affects: golang-1.14 (Ubuntu Groovy) Importance: Undecided Status: New ** Also affects: golang-1.14 (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: golang-1.14 (Ubuntu Hirsute) Importance: High Status: New ** Also affects: golang-1.10 (Ubuntu) Importance: Undecided Status: New ** No longer affects: golang-1.10 (Ubuntu Hirsute) ** No longer affects: golang-1.10 (Ubuntu Groovy) ** No longer affects: golang-1.10 (Ubuntu Focal) ** Also affects: golang-1.10 (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: golang-1.14 (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: golang-1.10 (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: golang-1.14 (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: golang-1.14 (Ubuntu Xenial) Status: New => Invalid ** Changed in: golang-1.14 (Ubuntu Bionic) Status: New => Invalid ** Changed in: golang-1.10 (Ubuntu) Importance: Undecided => High ** Changed in: golang-1.10 (Ubuntu Xenial) Importance: Undecided => High ** Changed in: golang-1.10 (Ubuntu Bionic) Importance: Undecided => High ** Changed in: golang-1.14 (Ubuntu Focal) Importance: Undecided => High ** Changed in: golang-1.14 (Ubuntu Groovy) Importance: Undecided => High -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1914372 Title: Ubuntu packages affected by CVE-2020-24553 Status in golang-1.10 package in Ubuntu: New Status in golang-1.14 package in Ubuntu: New Status in golang-1.10 source package in Xenial: New Status in golang-1.14 source package in Xenial: Invalid Status in golang-1.10 source package in Bionic: New Status in golang-1.14 source package in Bionic: Invalid Status in golang-1.14 source package in Focal: New Status in golang-1.14 source package in Groovy: New Status in golang-1.14 source package in Hirsute: New Bug description: [Impact] Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content- Type header. [Test Case] Described as POC at https://www.redteam-pentesting.de/en/advisories /rt-sa-2020-004/-inconsistent-behavior-of-gos-cgi-and-fastcgi- transport-may-lead-to-cross-site-scripting: 1. Use the snippet of CGI go code provided and run it: go run poc.go 2. Run nginx with the config provided to forward the FastCGI calls to the go program. 3. curl -i -o - http://localhost:8000 4. Observe the output. In a affected go build the output will say: Content-Type: text/html (...) while in the fixed version it should recognize the content type correctly as: Content-Type: image/png [Where problems could occur] * It may affect deployments where go apps are used as CGI scripts - if the setup was incorrectly relying on hard-coded content type it may require fixing it. [Other Info]
[Group.of.nepali.translators] [Bug 1861177] Re: seccomp_rule_add is very slow
Marking Eoan as Won't fix due to EOL. ** Changed in: libseccomp (Ubuntu Eoan) Status: Fix Committed => Won't Fix -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1861177 Title: seccomp_rule_add is very slow Status in snapd: Invalid Status in libseccomp package in Ubuntu: Fix Released Status in libseccomp source package in Xenial: Fix Released Status in libseccomp source package in Bionic: Fix Released Status in libseccomp source package in Eoan: Won't Fix Status in libseccomp source package in Focal: Fix Released Status in libseccomp source package in Groovy: Fix Released Bug description: [IMPACT] There is a known and patched issue with version 2.4 of libseccomp where certain operations have a large performance regression. This is causing some packages that use libseccomp such as container orchestration systems to occasionally time out or otherwise fail under certain workloads. Please consider porting the patch into the various Ubuntu versions that have version 2.4 of libseccomp and into the backports. The performance patch from version 2.5 (yet to be released) applies cleanly on top of the 2.4 branch of libseccomp. For more information, and for a copy of the patch (which can also be cherry picked from the upstream libseccomp repos) see the similar Debian issue: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=943913 Upstream issue : https://github.com/seccomp/libseccomp/issues/153 Upstream fix : https://github.com/seccomp/libseccomp/pull/180/ [Test Case] For this test case we use Docker on Ubuntu Groovy (20.10) : --> Current libseccomp version #dpkg -l | grep libseccomp ii libseccomp2:amd64 2.4.3-1ubuntu3 amd64high level interface to Linux seccomp filter ## pull ubuntu image # docker pull ubuntu ## create a container # docker run --name test_seccomp -it 74435f89ab78 /bin/bash ## run test case # for i in `seq 1 40`; do (time sudo docker exec test_seccomp true &); done ... MAX TIME : real 0m10,319s user 0m0,018s sys 0m0,033s --> Patched libseccomp version # dpkg -l | grep libseccomp ii libseccomp2:amd64 2.4.3-1ubuntu4 amd64high level interface to Linux seccomp filter # docker start test_seccomp ## run test case # for i in `seq 1 40`; do (time sudo docker exec test_seccomp true &); done ... MAX TIME : real 0m3,650s user 0m0,025s sys 0m0,028s [Regression Potential] The first of the 2 patches cleans up the code that adds rules to a single filter without changing the logic of the code. The second patch introduces the idea of shadow transactions. On a successful transaction commit the old transaction checkpoint is preserved and is brought up to date with the current filter. The next time a new transaction starts, it checks is the a shadow transaction exist and if so the shadow is used instead of creating a new checkpoint from scratch [1]. This is the patch that mitigates the performance regression. Any potential regression will involve the parts of the code that add rules to filters and/or the code that creates and checks the shadow transactions. [Other] Affected releases : Groovy, Focal, Eoan, Bionic, Xenial. [1] https://github.com/seccomp/libseccomp/pull/180/commits/bc3a6c0453b0350ee43e4925482f705a2fbf5a4d To manage notifications about this bug go to: https://bugs.launchpad.net/snapd/+bug/1861177/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1885562] [NEW] freebl_fipsSoftwareIntegrityTest fails in FIPS mode
*** This bug is a security vulnerability *** Public security bug reported: When in FIPS mode there some additional checks performed. They lead to verifying binaries signatures. Those signatures are shipped in the libnss3 package as *.chk files installed in /usr/lib/$(DEB_HOST_MULTIARCH)/nss. Along with those files are the libraries themselves (libfreebl3.so libfreeblpriv3.so libnssckbi.so libnssdbm3.so libsoftokn3.so). Those libraries are symlinked to be present in /usr/lib/$(DEB_HOST_MULTIARCH): ls -l /usr/lib/x86_64-linux-gnu/libfreeblpriv3.so lrwxrwxrwx 1 root root 21 Jun 10 18:54 /usr/lib/x86_64-linux-gnu/libfreeblpriv3.so -> nss/libfreeblpriv3.so The client binaries are linked against the symlinks, so when the verification happens (lib/freebl/shvfy.c) the mkCheckFileName function takes path to the symlink to the shlib and replaces the .so extension with .chk. Then it tries to open that file. Obviosly it fails, because the actual file is in /usr/lib/$(DEB_HOST_MULTIARCH)/nss. [Test case] sudo apt install chrony sudo chronyd -d chronyd: util.c:373 UTI_IPToRefid: Assertion `MD5_hash >= 0' failed. Potential solutions: Solution A: Drop the /usr/lib/$(DEB_HOST_MULTIARCH)/nss directory and put all signatures and libs in /usr/lib/$(DEB_HOST_MULTIARCH). Solution B: Implement and upstream NSS feature of resolving symlinks and looking for *.chk where the symlinks lead to. ** Affects: nss (Ubuntu) Importance: Undecided Status: New ** Affects: nss (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: nss (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: nss (Ubuntu Bionic) Importance: Undecided Status: New ** No longer affects: nss (Ubuntu Xenial) ** Description changed: When in FIPS mode there some additional checks performed. They lead to verifying binaries signatures. Those signatures are shipped in the libnss3 package as *.chk files installed in /usr/lib/$(DEB_HOST_MULTIARCH)/nss. Along with those files are the libraries themselves (libfreebl3.so libfreeblpriv3.so libnssckbi.so libnssdbm3.so libsoftokn3.so). Those libraries are symlinked to be present in /usr/lib/$(DEB_HOST_MULTIARCH): ls -l /usr/lib/x86_64-linux-gnu/libfreeblpriv3.so lrwxrwxrwx 1 root root 21 Jun 10 18:54 /usr/lib/x86_64-linux-gnu/libfreeblpriv3.so -> nss/libfreeblpriv3.so - The binaries are linked against the symlinks, so when the verification happens (lib/freebl/shvfy.c) the mkCheckFileName function takes path to the symlink to the shlib and replaces the .so extension with .chk. + The client binaries are linked against the symlinks, so when the verification happens (lib/freebl/shvfy.c) the mkCheckFileName function takes path to the symlink to the shlib and replaces the .so extension with .chk. Then it tries to open that file. Obviosly it fails, because the actual file is in /usr/lib/$(DEB_HOST_MULTIARCH)/nss. [Test case] sudo apt install chrony sudo chronyd -d chronyd: util.c:373 UTI_IPToRefid: Assertion `MD5_hash >= 0' failed. Potential solutions: Solution A: Drop the /usr/lib/$(DEB_HOST_MULTIARCH)/nss directory and put all signatures and libs in /usr/lib/$(DEB_HOST_MULTIARCH). Solution B: Implement and upstream NSS feature of resolving symlinks and looking for *.chk where the symlinks lead to. -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1885562 Title: freebl_fipsSoftwareIntegrityTest fails in FIPS mode Status in nss package in Ubuntu: New Status in nss source package in Bionic: New Bug description: When in FIPS mode there some additional checks performed. They lead to verifying binaries signatures. Those signatures are shipped in the libnss3 package as *.chk files installed in /usr/lib/$(DEB_HOST_MULTIARCH)/nss. Along with those files are the libraries themselves (libfreebl3.so libfreeblpriv3.so libnssckbi.so libnssdbm3.so libsoftokn3.so). Those libraries are symlinked to be present in /usr/lib/$(DEB_HOST_MULTIARCH): ls -l /usr/lib/x86_64-linux-gnu/libfreeblpriv3.so lrwxrwxrwx 1 root root 21 Jun 10 18:54 /usr/lib/x86_64-linux-gnu/libfreeblpriv3.so -> nss/libfreeblpriv3.so The client binaries are linked against the symlinks, so when the verification happens (lib/freebl/shvfy.c) the mkCheckFileName function takes path to the symlink to the shlib and replaces the .so extension with .chk. Then it tries to open that file. Obviosly it fails, because the actual file is in /usr/lib/$(DEB_HOST_MULTIARCH)/nss. [Test case] sudo apt install chrony sudo chronyd -d chronyd: util.c:373 UTI_IPToRefid: Assertion `MD5_hash >= 0' failed. Potential solutions: Solution A: Drop the /usr/lib/$(DEB_HOST_MULTIARCH)/nss directory and put all signatures and libs in
[Group.of.nepali.translators] [Bug 1878155] Re: Thunderbird fails to connect to server in FIPS mode
It is already included upstream starting from release 75.0b1. ** Also affects: thunderbird (Ubuntu Groovy) Importance: Undecided Status: New ** Also affects: thunderbird (Ubuntu Eoan) Importance: Undecided Status: New ** Also affects: thunderbird (Ubuntu Focal) Importance: Undecided Status: New -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1878155 Title: Thunderbird fails to connect to server in FIPS mode Status in thunderbird package in Ubuntu: New Status in thunderbird source package in Xenial: New Status in thunderbird source package in Bionic: New Status in thunderbird source package in Eoan: New Status in thunderbird source package in Focal: New Status in thunderbird source package in Groovy: New Bug description: [Impact] * Thunderbird may become useless after booting into FIPS mode - it refuses to connect to server displaying the following message: Unexpected response from the server This document cannot be displayed unless you install the Personal Security Manager (PSM). Download and install PSM and try again, or contact your system administrator. This seems to be a result of the fact that despite Thunderbird for Ubuntu being with FIPS support disabled there's a piece of code that ignores the build flag and checks for `/proc/sys/crypto/fips_enabled` status anyway. Looks like upstream fix [1] needs to be applied to Thunderbird source under security/nss. [Test Case] * Configure an email account in Thunderbird. I was able to reproduce it with a gmail account. * Install FIPS modules as described in [2]. * Boot into FIPS mode. * Open Thunderbird. [Regression Potential] * I can't identify regression potential - this is clearly a bug fixed upstream by a simple fix. [Other Info] * Related Firefox bug: https://bugs.launchpad.net/bugs/1843044 * I was able to backport this fix and test it - the problem was gone. Xenial build is available in ppa:dgadomski/thunderbird. [1] https://hg.mozilla.org/projects/nss/raw-rev/55ba54adfcaea2f984a999a511eec5047462eb57 [2] https://docs.ubuntu.com/security-certs/en/fips To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1878155/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1878155] [NEW] Thunderbird fails to connect to server in FIPS mode
Public bug reported: [Impact] * Thunderbird may become useless after booting into FIPS mode - it refuses to connect to server displaying the following message: Unexpected response from the server This document cannot be displayed unless you install the Personal Security Manager (PSM). Download and install PSM and try again, or contact your system administrator. This seems to be a result of the fact that despite Thunderbird for Ubuntu being with FIPS support disabled there's a piece of code that ignores the build flag and checks for `/proc/sys/crypto/fips_enabled` status anyway. Looks like upstream fix [1] needs to be applied to Thunderbird source under security/nss. [Test Case] * Configure an email account in Thunderbird. I was able to reproduce it with a gmail account. * Install FIPS modules as described in [2]. * Boot into FIPS mode. * Open Thunderbird. [Regression Potential] * I can't identify regression potential - this is clearly a bug fixed upstream by a simple fix. [Other Info] * Related Firefox bug: https://bugs.launchpad.net/bugs/1843044 * I was able to backport this fix and test it - the problem was gone. Xenial build is available in ppa:dgadomski/thunderbird. [1] https://hg.mozilla.org/projects/nss/raw-rev/55ba54adfcaea2f984a999a511eec5047462eb57 [2] https://docs.ubuntu.com/security-certs/en/fips ** Affects: thunderbird (Ubuntu) Importance: Undecided Status: New ** Affects: thunderbird (Ubuntu Xenial) Importance: Undecided Status: New ** Affects: thunderbird (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: thunderbird (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: thunderbird (Ubuntu Bionic) Importance: Undecided Status: New -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1878155 Title: Thunderbird fails to connect to server in FIPS mode Status in thunderbird package in Ubuntu: New Status in thunderbird source package in Xenial: New Status in thunderbird source package in Bionic: New Bug description: [Impact] * Thunderbird may become useless after booting into FIPS mode - it refuses to connect to server displaying the following message: Unexpected response from the server This document cannot be displayed unless you install the Personal Security Manager (PSM). Download and install PSM and try again, or contact your system administrator. This seems to be a result of the fact that despite Thunderbird for Ubuntu being with FIPS support disabled there's a piece of code that ignores the build flag and checks for `/proc/sys/crypto/fips_enabled` status anyway. Looks like upstream fix [1] needs to be applied to Thunderbird source under security/nss. [Test Case] * Configure an email account in Thunderbird. I was able to reproduce it with a gmail account. * Install FIPS modules as described in [2]. * Boot into FIPS mode. * Open Thunderbird. [Regression Potential] * I can't identify regression potential - this is clearly a bug fixed upstream by a simple fix. [Other Info] * Related Firefox bug: https://bugs.launchpad.net/bugs/1843044 * I was able to backport this fix and test it - the problem was gone. Xenial build is available in ppa:dgadomski/thunderbird. [1] https://hg.mozilla.org/projects/nss/raw-rev/55ba54adfcaea2f984a999a511eec5047462eb57 [2] https://docs.ubuntu.com/security-certs/en/fips To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/1878155/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1863232] [NEW] daemon rotates socket on restart
Public bug reported: On Apache reloads the daemon tries to rotate wsgi sockets causing unnecessary log entries, especially in OpenStack context. This has been addressed in mod-wsgi upstream (4.6.0) and could be backported to Ubuntu. ** Affects: mod-wsgi (Ubuntu) Importance: Low Status: Fix Released ** Affects: mod-wsgi (Ubuntu Xenial) Importance: Undecided Assignee: Dariusz Gadomski (dgadomski) Status: In Progress ** Affects: mod-wsgi (Ubuntu Bionic) Importance: Undecided Assignee: Dariusz Gadomski (dgadomski) Status: In Progress ** Also affects: mod-wsgi (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: mod-wsgi (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: mod-wsgi (Ubuntu) Status: New => Fix Released ** Changed in: mod-wsgi (Ubuntu Bionic) Status: New => In Progress ** Changed in: mod-wsgi (Ubuntu Bionic) Assignee: (unassigned) => Dariusz Gadomski (dgadomski) ** Changed in: mod-wsgi (Ubuntu Xenial) Status: New => In Progress ** Changed in: mod-wsgi (Ubuntu Xenial) Assignee: (unassigned) => Dariusz Gadomski (dgadomski) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1863232 Title: daemon rotates socket on restart Status in mod-wsgi package in Ubuntu: Fix Released Status in mod-wsgi source package in Xenial: In Progress Status in mod-wsgi source package in Bionic: In Progress Bug description: On Apache reloads the daemon tries to rotate wsgi sockets causing unnecessary log entries, especially in OpenStack context. This has been addressed in mod-wsgi upstream (4.6.0) and could be backported to Ubuntu. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mod-wsgi/+bug/1863232/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1762391] Re: pam_group.so is not evaluated by gnome-terminal
systemd in Xenial differs to much to cleanly apply the upstream fix. It would require reimplementing it and may be more risky than useful. Marking Won't fix. ** Changed in: systemd (Ubuntu Xenial) Status: New => Won't Fix -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1762391 Title: pam_group.so is not evaluated by gnome-terminal Status in systemd: New Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Xenial: Won't Fix Status in systemd source package in Bionic: In Progress Status in systemd source package in Cosmic: Won't Fix Status in systemd source package in Eoan: In Progress Status in systemd source package in Focal: Fix Released Bug description: [Impact] pam_setcred call was missing in systemd making its implementation of the PAM protocol incomplete. It could manifest in different ways, but one particularly problematic for enterprise environments was the fact that processes were never getting group membership they were expected to get via pam_group module. [Test Case] * Add a /etc/security/group.conf entry, e.g. *;*;*;Al-2400;dialout,users * Add pam_group to your PAM stack, e.g. /etc/pam.d/common-auth * Login to the system and launch gnome-terminal (it will be launched via gnome-terminal-server launched by systemd --user + dbus). Expected result: Logged in user is a member of 'dialout' and 'users' groups. Actual result: no group membership gained from pam_group. [Regression Potential] * It introduces a new PAM warning message in some scenarios (e.g. for systemd DynamicUser=1 units) for users that can't authenticate (pam_setcred fails in such case). * In certain systems user group membership may be extended by pam_group. [Other Info] Original bug description: We are using Ubuntu in a university network with lots of ldap users. To automatically map ldap users/groups to local groups we are using pam_group.so. This has worked for years. With the upgrade from Xenial to Bionic /etc/security/group.conf is not evaluated anymore by gnome-terminal as it runs as systemd --user. Xterm, ssh, su, and tty* however do work as expected. Only the default gnome-terminal behaves different. According to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851243 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756458 this might not be a bug, but a feature. Nevertheless this behavior is very unexpected when upgrading from Xenial to Bionic and therefore should at least added to the changelog. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gnome-terminal 3.28.0-1ubuntu1 ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3 Uname: Linux 4.15.0-10-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.9-0ubuntu4 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Apr 9 13:17:52 2018 InstallationDate: Installed on 2018-03-29 (11 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20180321) SourcePackage: gnome-terminal UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1762391/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1762391] Re: pam_group.so is not evaluated by gnome-terminal
SRU proposal for focal. Upstream regression has been resolved and the fix is integrated in the patch. ** No longer affects: gnome-terminal (Ubuntu Eoan) ** Patch removed: "focal_systemd_244-3ubuntu4.debdiff" https://bugs.launchpad.net/systemd/+bug/1762391/+attachment/5320077/+files/focal_systemd_244-3ubuntu4.debdiff ** Patch added: "focal_systemd_244-3ubuntu4.debdiff" https://bugs.launchpad.net/systemd/+bug/1762391/+attachment/5320810/+files/focal_systemd_244-3ubuntu4.debdiff -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1762391 Title: pam_group.so is not evaluated by gnome-terminal Status in systemd: New Status in systemd package in Ubuntu: In Progress Status in systemd source package in Xenial: New Status in systemd source package in Bionic: In Progress Status in systemd source package in Cosmic: Won't Fix Status in systemd source package in Eoan: In Progress Bug description: We are using Ubuntu in a university network with lots of ldap users. To automatically map ldap users/groups to local groups we are using pam_group.so. This has worked for years. With the upgrade from Xenial to Bionic /etc/security/group.conf is not evaluated anymore by gnome-terminal as it runs as systemd --user. Xterm, ssh, su, and tty* however do work as expected. Only the default gnome-terminal behaves different. According to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851243 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756458 this might not be a bug, but a feature. Nevertheless this behavior is very unexpected when upgrading from Xenial to Bionic and therefore should at least added to the changelog. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gnome-terminal 3.28.0-1ubuntu1 ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3 Uname: Linux 4.15.0-10-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.9-0ubuntu4 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Apr 9 13:17:52 2018 InstallationDate: Installed on 2018-03-29 (11 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20180321) SourcePackage: gnome-terminal UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1762391/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1762391] Re: pam_group.so is not evaluated by gnome-terminal
** No longer affects: gnome-terminal (Ubuntu) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1762391 Title: pam_group.so is not evaluated by gnome-terminal Status in systemd: New Status in systemd package in Ubuntu: In Progress Status in systemd source package in Xenial: New Status in systemd source package in Bionic: In Progress Status in systemd source package in Cosmic: Won't Fix Status in gnome-terminal source package in Eoan: New Status in systemd source package in Eoan: In Progress Bug description: We are using Ubuntu in a university network with lots of ldap users. To automatically map ldap users/groups to local groups we are using pam_group.so. This has worked for years. With the upgrade from Xenial to Bionic /etc/security/group.conf is not evaluated anymore by gnome-terminal as it runs as systemd --user. Xterm, ssh, su, and tty* however do work as expected. Only the default gnome-terminal behaves different. According to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851243 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756458 this might not be a bug, but a feature. Nevertheless this behavior is very unexpected when upgrading from Xenial to Bionic and therefore should at least added to the changelog. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gnome-terminal 3.28.0-1ubuntu1 ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3 Uname: Linux 4.15.0-10-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.9-0ubuntu4 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Apr 9 13:17:52 2018 InstallationDate: Installed on 2018-03-29 (11 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20180321) SourcePackage: gnome-terminal UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1762391/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1762391] Re: pam_group.so is not evaluated by gnome-terminal
This issue has been fixed upstream, I believe it makes sense to also have it in Ubuntu. ** Changed in: systemd (Ubuntu Bionic) Status: Won't Fix => In Progress ** Changed in: systemd (Ubuntu) Status: Won't Fix => In Progress ** Changed in: systemd (Ubuntu) Assignee: (unassigned) => Dariusz Gadomski (dgadomski) ** Changed in: systemd (Ubuntu Bionic) Assignee: (unassigned) => Dariusz Gadomski (dgadomski) ** Also affects: gnome-terminal (Ubuntu Eoan) Importance: Undecided Status: New ** Also affects: systemd (Ubuntu Eoan) Importance: Undecided Status: New ** Changed in: systemd (Ubuntu Eoan) Status: New => In Progress ** Changed in: systemd (Ubuntu Eoan) Assignee: (unassigned) => Dariusz Gadomski (dgadomski) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1762391 Title: pam_group.so is not evaluated by gnome-terminal Status in systemd: New Status in gnome-terminal package in Ubuntu: Invalid Status in systemd package in Ubuntu: In Progress Status in systemd source package in Xenial: New Status in systemd source package in Bionic: In Progress Status in systemd source package in Cosmic: Won't Fix Status in gnome-terminal source package in Eoan: New Status in systemd source package in Eoan: In Progress Bug description: We are using Ubuntu in a university network with lots of ldap users. To automatically map ldap users/groups to local groups we are using pam_group.so. This has worked for years. With the upgrade from Xenial to Bionic /etc/security/group.conf is not evaluated anymore by gnome-terminal as it runs as systemd --user. Xterm, ssh, su, and tty* however do work as expected. Only the default gnome-terminal behaves different. According to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851243 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756458 this might not be a bug, but a feature. Nevertheless this behavior is very unexpected when upgrading from Xenial to Bionic and therefore should at least added to the changelog. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gnome-terminal 3.28.0-1ubuntu1 ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3 Uname: Linux 4.15.0-10-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.9-0ubuntu4 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Apr 9 13:17:52 2018 InstallationDate: Installed on 2018-03-29 (11 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20180321) SourcePackage: gnome-terminal UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1762391/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1850754] Re: ceph-volume lvm list is O(n^2)
** No longer affects: ceph (Ubuntu Xenial) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1850754 Title: ceph-volume lvm list is O(n^2) Status in Ceph: Unknown Status in ceph package in Ubuntu: New Status in ceph source package in Bionic: New Status in ceph source package in Eoan: New Bug description: ceph-volume lvm list calls take very long time due to the fact it has been implemented with O(n^2). This leads to unproportionally long execution time taking under consideration the fact that no complex computation is needed. Steps to reproduce: 1. Create a setup with a large number of disks and logical volumes (e.g. 24) 2. Call ceph-volume lvm list for one of the disks. 3. Wait for the call to finish. Expected result: Call is executed within seconds at most. Actual result: Call may take even minutes in some circumstances (large number of disks, some OSDs stopped). To manage notifications about this bug go to: https://bugs.launchpad.net/ceph/+bug/1850754/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1850754] Re: ceph-volume lvm list is O(n^2)
** Also affects: ceph (Ubuntu Eoan) Importance: Undecided Status: New -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1850754 Title: ceph-volume lvm list is O(n^2) Status in Ceph: Unknown Status in ceph package in Ubuntu: New Status in ceph source package in Xenial: New Status in ceph source package in Bionic: New Status in ceph source package in Eoan: New Bug description: ceph-volume lvm list calls take very long time due to the fact it has been implemented with O(n^2). This leads to unproportionally long execution time taking under consideration the fact that no complex computation is needed. Steps to reproduce: 1. Create a setup with a large number of disks and logical volumes (e.g. 24) 2. Call ceph-volume lvm list for one of the disks. 3. Wait for the call to finish. Expected result: Call is executed within seconds at most. Actual result: Call may take even minutes in some circumstances (large number of disks, some OSDs stopped). To manage notifications about this bug go to: https://bugs.launchpad.net/ceph/+bug/1850754/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1836361] Re: Windows guest display is inverted vertically
** Also affects: spice-html5 (Ubuntu Xenial) Importance: Undecided Status: New -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1836361 Title: Windows guest display is inverted vertically Status in spice-html5 package in Ubuntu: Fix Released Status in spice-html5 source package in Xenial: New Status in spice-html5 source package in Bionic: In Progress Status in spice-html5 source package in Cosmic: Won't Fix Status in spice-html5 source package in Disco: In Progress Status in spice-html5 source package in Eoan: Fix Released Status in spice-html5 package in Debian: Unknown Bug description: [Impact] * When running a Windows VM using the QXL driver from [1] the display is inverted and therefore almost unusable. [Test Case] * Launch a Windows VM with a QXL display (I used Win2k16 running under libvirt). * Start websockify sudo apt install python3-websockify && websockify 5959 localhost:5900 * Run a HTTP server to spice-html5: cd /usr/share/spice-html5 && python -m SimpleHTTPServer * Open a browser and go to http://localhost:8000 * Enter host: localhost port: 5959 * Click start Expected behaviour: Guest UI is displayed correctly. Actual behaviour: Guest UI gets inverted on refresh. [Regression Potential] * This component may be used with openstack and it's possible that there are workarounds in place, so they may start working incorrectly. [Other Info] * Part of this fixed is included cosmic and onwards (spice-html5 0.1.7-3). [1] https://fedorapeople.org/groups/virt/virtio-win/direct-downloads /latest-virtio/virtio-win.iso To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/spice-html5/+bug/1836361/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1747765] Re: PreserveJobHistory and PreserveJobLog do not respect numeric input as outlined in the docs
** Also affects: cups (Ubuntu Cosmic) Importance: Undecided Status: New -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1747765 Title: PreserveJobHistory and PreserveJobLog do not respect numeric input as outlined in the docs Status in cups package in Ubuntu: Fix Released Status in cups source package in Xenial: New Status in cups source package in Bionic: New Status in cups source package in Cosmic: New Status in cups source package in Disco: New Bug description: [Impact] The documentation allows the following types of arguments for the PreserveJobHistory parameter: PreserveJobHistory Yes PreserveJobHistory No PreserveJobHistory seconds The value in seconds is treated in the same as 'No' resulting in immediate removing of jobs from history, while it is supposed to save it for . [Test Case] * Set PreserveJobHistory to 300. * Schedule a job for printing. * Check the error_log. Expected result: Job is save for at least 300 seconds. Actual results: Job is immediately removed from history. [Regression Potential] * With the fix the jobs will be saved longer than before, so in tight conditions (low disk space) and heavy workload it may affect memory/disk space consumption and lead to running out of free space in worst case. [Other Info] * Original bug description: 1) Ubuntu Release Description: Ubuntu 16.04.3 LTS Release: 16.04 2) Version of the package cups: Installed: 2.1.3-4ubuntu0.3 Candidate: 2.1.3-4ubuntu0.3 Version table: *** 2.1.3-4ubuntu0.3 500 500 http://us.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages 3) What I expected to happen: from man cupsd.conf PreserveJobFiles Yes PreserveJobFiles No PreserveJobFiles seconds Specifies whether job files (documents) are preserved after a job is printed. If a numeric value is specified, job files are preserved for the indicated number of seconds after printing. The default is "86400" (preserve 1 day). PreserveJobHistory Yes PreserveJobHistory No PreserveJobHistory seconds Specifies whether the job history is preserved after a job is printed. If a numeric value is specified, the job history is preserved for the indicated number of seconds after printing. If "Yes", the job history is preserved until the MaxJobs limit is reached. The default is "Yes". 4) What happens instead If I put the following directives in cupsd.conf the job files and history are deleted immediately. PreserveJobFiles 604800 PreserveJobHistory 604800 Debug log showing history being purged: d [06/Feb/2018:15:11:59 -0600] cupsdCheckJobs: 0 active jobs, sleeping=0, ac-power=-1, reload=0, curtime=1517951519 d [06/Feb/2018:15:11:59 -0600] cupsdCleanJobs: MaxJobs=100, JobHistory=604800, JobFiles=604800 D [06/Feb/2018:15:11:59 -0600] [Job 106] Removing from history. D [06/Feb/2018:15:11:59 -0600] [Job 106] Unloading... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/1747765/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1762391] Re: pam_group.so is not evaluated by gnome-terminal
** Also affects: gnome-terminal (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: systemd (Ubuntu Xenial) Importance: Undecided Status: New ** No longer affects: gnome-terminal (Ubuntu Xenial) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1762391 Title: pam_group.so is not evaluated by gnome-terminal Status in systemd: New Status in gnome-terminal package in Ubuntu: Invalid Status in systemd package in Ubuntu: Won't Fix Status in systemd source package in Xenial: New Status in systemd source package in Bionic: Won't Fix Status in systemd source package in Cosmic: Won't Fix Bug description: We are using Ubuntu in a university network with lots of ldap users. To automatically map ldap users/groups to local groups we are using pam_group.so. This has worked for years. With the upgrade from Xenial to Bionic /etc/security/group.conf is not evaluated anymore by gnome-terminal as it runs as systemd --user. Xterm, ssh, su, and tty* however do work as expected. Only the default gnome-terminal behaves different. According to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851243 and https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=756458 this might not be a bug, but a feature. Nevertheless this behavior is very unexpected when upgrading from Xenial to Bionic and therefore should at least added to the changelog. ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: gnome-terminal 3.28.0-1ubuntu1 ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3 Uname: Linux 4.15.0-10-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.9-0ubuntu4 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Mon Apr 9 13:17:52 2018 InstallationDate: Installed on 2018-03-29 (11 days ago) InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20180321) SourcePackage: gnome-terminal UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1762391/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1755490] Re: Incorrect information about display shown in gnome/unity-control-center
** Also affects: gnome-desktop3 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1755490 Title: Incorrect information about display shown in gnome/unity-control- center Status in gnome-desktop3 package in Ubuntu: New Status in hwdata package in Ubuntu: Fix Released Status in unity-settings-daemon package in Ubuntu: Fix Released Status in hwdata source package in Xenial: Fix Committed Status in unity-settings-daemon source package in Xenial: Fix Committed Status in hwdata source package in Bionic: Fix Committed Status in unity-settings-daemon source package in Bionic: Fix Released Status in hwdata source package in Cosmic: Fix Committed Status in unity-settings-daemon source package in Cosmic: Fix Released Bug description: [Impact] * There is a number of display devices that misuse the width & height field in EDID. Instead of real size in centimeters it contains encoded aspect ratio (e.g. 1600x900, 16x10, 160x90). This leads to incorrect calculation of diagonal for the purpose of e.g. Unity settings app. [Test Case] 1. Connect a display device that provides incorrect EDID data (e.g. LG 49UB850T-DA TV). 2. Open the Displays section of Unity settings. 3. Look for the name of the newly connected display in the settings window. Expected result: Display name should contain its real diagonal or model name (if dimensions are not availabe). Actual result: Display name contains a ridiculous diagonal (e.g. 72" in case of a 49" display). [Regression Potential] * This affects the way the display name will be formatted for any software using unity-settings-daemon. If anything is testing/comparing display names - it may fail. [Other Info] * Original bug description: After connecting a LG 49UB850T-DA TV the following information is displayed in the unity-control-center: Goldstar Company Ltd 72" It's misleading since neither the company name nor the diagonal matches. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-desktop3/+bug/1755490/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1782152] Re: GDM blocks SIGUSR1 used in PAM scripts
Although I originally shared Daniel's doubt, I reported it to Debian and shared the patch (bug linked above). ** Bug watch added: Debian Bug tracker #905277 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905277 ** Also affects: gdm3 (Debian) via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=905277 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1782152 Title: GDM blocks SIGUSR1 used in PAM scripts Status in gdm3 package in Ubuntu: In Progress Status in gdm3 source package in Xenial: New Status in gdm3 source package in Bionic: New Status in gdm3 source package in Cosmic: In Progress Status in gdm3 package in Debian: Unknown Bug description: https://gitlab.gnome.org/GNOME/gdm/issues/399 [Impact] GDM blocks SIGUSR1 for it's processes, since this is used in communication with X. This signal is later unblocked, however it happens after PAM interaction, so if PAM depends on this signal in any way it will get blocked. The issue has been fixed upstream. [Test Case] 1. Prepare a setup described in Other Info using the attached scripts. 2. Log in. 3. Check logs /tmp/auth.log. Expected result: SIGUSR1 has been received. Actual result: SIGUSR1 never reaches the process. [Regression Potential] If there were components depending on SIGUSR1 their behavior may change - features that were inactive before may be triggered. [Other Info] Original bug description: In case of the following scenario: 1. PAM configured to run auth and session with pam_exec scripts synchronizing via SIGUSR1 2. Using GDM as the login manager causes SIGUSR1 never reaches the target scripts. Workaround: a) Use SIGUSR2 in the scripts. b) Comment out block_sigusr1() call in daemon/main.c. To reproduce add the following entries: /etc/pam.d/common-auth: auth optionalpam_exec.so log=/tmp/auth.log expose_authtok quiet /usr/local/bin/auth.py /etc/pam.d/common-session: session optional pam_exec.so log=/tmp/session.log /usr/local/bin/session.py Attaching example scripts. When using SIGUSR1 - sigusr1_handler is never called, with SIGUSR2 it is called without issues. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/1782152/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1688508] Re: libvirt-guests.sh fails to shutdown guests in parallel
** Changed in: libvirt (Ubuntu Zesty) Status: In Progress => Won't Fix -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1688508 Title: libvirt-guests.sh fails to shutdown guests in parallel Status in libvirt: Fix Released Status in libvirt package in Ubuntu: Fix Released Status in libvirt source package in Xenial: In Progress Status in libvirt source package in Zesty: Won't Fix Status in libvirt source package in Artful: In Progress Bug description: [Environment] No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 16.04.3 LTS Release: 16.04 Codename: xenial [Impact] There is a bug/race condition on libvirt-guests.service, that prevents the shutdown of guests to happen in parallel. The critical chain for this service is: libvirt-guests.service +20ms └─libvirt-bin.service @2.784s +140ms └─remote-fs.target @2.777s └─remote-fs-pre.target @2.775s └─open-iscsi.service @2.554s +116ms └─iscsid.service @2.525s +18ms └─network-online.target @2.502s └─network.target @1.955s └─networking.service @1.625s +299ms └─network-pre.target @1.601s └─cloud-init-local.service @405ms +1.072s └─systemd-remount-fs.service @232ms +64ms └─systemd-journald.socket @178ms └─-.slice @117ms As an example, I have the following kvm host with 42 virtual machines. ubuntu@xenial-base:~$ virsh list --all IdName State 12locked-trusty-2running 13locked-trusty-3running [...] 41locked-trusty-42 running After rebooting the machine: [ 250.999516] libvirt-guests.sh[4215]: Running guests on default URI: locked-trusty-2, locked-trusty-4, locked-trusty-12, locked-trusty-3, locked-trusty-5, locked-trusty-11, locked-trusty-10, locked-trusty-8, locked-trusty-9, locked-trusty-7, locked-trusty-6, locked-trusty-13, locked-trusty-14, locked-trusty-15, locked-trusty-16, locked-trusty-17, locked-trusty-18, locked-trusty-19, locked-trusty-20, locked-trusty-21, locked-trusty-22, locked-trusty-23, locked-trusty-24, locked-trusty-25, locked-trusty-26, locked-trusty-27, locked-trusty-28, locked-trusty-29, locked-trusty-30, locked-trusty-31, locked-trusty-32, locked-trusty-33, locked-trusty-34, locked-trusty-35, locked-trusty-36, locked-trusty-37, locked-trusty-38, locked-trusty-39, locked-trusty-40, locked-trusty-41, locked-trusty-42 [ 251.011367] libvirt-guests.sh[4215]: Shutting down guests on default URI... [ 251.027072] libvirt-guests.sh[4215]: Starting shutdown on guest: locked-trusty-2 [...] [ 391.949941] libvirt-guests.sh[4215]: Waiting for 28 guests to shut down, 10 seconds left [ 398.074405] libvirt-guests.sh[4215]: Waiting for 28 guests to shut down, 5 seconds left [ 403.020479] libvirt-guests.sh[4215]: Timeout expired while shutting down domains [ OK ] Stopped Suspend Active Libvirt Guests. [ OK ] Stopped target System Time Synchronized. [Test Case] * Make sure the following variables are set in /etc/default/libvirt- guests (which are all default options): ON_SHUTDOWN=shutdown PARALLEL_SHUTDOWN=10 SHUTDOWN_TIMEOUT=120 * Create over 20 virtual machines (in my case, using uvt-kvm). $ for f in $(seq 0 40); do uvt-kvm create --memory 2000 --cpu 1 locked-trusty-$f release=xenial arch=amd64 ; done * Reboot the machine and monitor the systemd service stop sequence or console output. (With systemd: systemctl start debug-shell and jumpt to ctrl+alt+f9) * Error message "Timeout expired while shutting down domains" should be displayed. [Regression Potential] * None identified. [Other Info] * There is a proposed patch in upstream already that has been already linked to this bug: https://bugzilla.redhat.com/show_bug.cgi?id=1450141 To manage notifications about this bug go to: https://bugs.launchpad.net/libvirt/+bug/1688508/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1644662] Re: Icons missing when appearance setting is "high contrast"
** No longer affects: unity-control-center (Ubuntu) ** No longer affects: unity-control-center (Ubuntu Xenial) ** No longer affects: unity-control-center (Ubuntu Artful) ** No longer affects: unity-control-center (Ubuntu Bionic) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1644662 Title: Icons missing when appearance setting is "high contrast" Status in gnome-themes-standard package in Ubuntu: New Status in gnome-themes-standard source package in Xenial: New Status in gnome-themes-standard source package in Artful: New Status in gnome-themes-standard source package in Bionic: New Bug description: [Impact] * Switching to HighContrast theme in System Settings/Appearance results in missing icons for some of the panels in System Settings. * Only Xenial is affected of the currently supported releases. * Current development release is not affected. [Test Case] * Open System Settings, select Appearance. * Choose the "High Contrast" theme. * Go back by selecting "All Settings". Expected result: there are icons to all items in the Settings window. Actual result: some items are missing icons. [Regression Potential] * There might be different icons used in some places depending on the fact that for Xenial HighContrast used Adwaita themes. Possibly icons may be missing in different places. [Other Info] * For some reason Trusty was using HighContrast icons and the change was made somewhere in between Trusty - Xenial. * Original bug description: To reproduce this: Open System Settings. Click Appearance Theme: High Contrast. Click All Settings tab: Many icons are missing. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: unity-control-center 15.04.0+16.04.20160705-0ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-47.68-generic 4.4.24 Uname: Linux 4.4.0-47-generic x86_64 NonfreeKernelModules: nvidia_uvm nvidia_drm nvidia_modeset nvidia ApportVersion: 2.20.1-0ubuntu2.1 Architecture: amd64 CurrentDesktop: Unity Date: Thu Nov 24 14:45:30 2016 ExecutablePath: /usr/bin/unity-control-center InstallationDate: Installed on 2015-06-06 (537 days ago) InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422) ProcEnviron: PATH=(custom, user) SHELL=/bin/bash LANG=en_CA.UTF-8 LANGUAGE=en_CA:en XDG_RUNTIME_DIR= SourcePackage: unity-control-center UpgradeStatus: Upgraded to xenial on 2016-08-28 (88 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-themes-standard/+bug/1644662/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1644662] Re: Icons missing when appearance setting is "high contrast"
** Also affects: gnome-themes-standard (Ubuntu) Importance: Undecided Status: New ** Changed in: unity-control-center (Ubuntu Xenial) Status: Confirmed => Invalid -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1644662 Title: Icons missing when appearance setting is "high contrast" Status in gnome-themes-standard package in Ubuntu: New Status in unity-control-center package in Ubuntu: Invalid Status in gnome-themes-standard source package in Xenial: New Status in unity-control-center source package in Xenial: Invalid Bug description: [Impact] * Switching to HighContrast theme in System Settings/Appearance results in missing icons for some of the panels in System Settings. * Only Xenial is affected of the currently supported releases. * Current development release is not affected. [Test Case] * Open System Settings, select Appearance. * Choose the "High Contrast" theme. * Go back by selecting "All Settings". Expected result: there are icons to all items in the Settings window. Actual result: some items are missing icons. [Regression Potential] * There might be different icons used in some places depending on the fact that for Xenial HighContrast used Adwaita themes. Possibly icons may be missing in different places. [Other Info] * For some reason Trusty was using HighContrast icons and the change was made somewhere in between Trusty - Xenial. * Original bug description: To reproduce this: Open System Settings. Click Appearance Theme: High Contrast. Click All Settings tab: Many icons are missing. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: unity-control-center 15.04.0+16.04.20160705-0ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-47.68-generic 4.4.24 Uname: Linux 4.4.0-47-generic x86_64 NonfreeKernelModules: nvidia_uvm nvidia_drm nvidia_modeset nvidia ApportVersion: 2.20.1-0ubuntu2.1 Architecture: amd64 CurrentDesktop: Unity Date: Thu Nov 24 14:45:30 2016 ExecutablePath: /usr/bin/unity-control-center InstallationDate: Installed on 2015-06-06 (537 days ago) InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422) ProcEnviron: PATH=(custom, user) SHELL=/bin/bash LANG=en_CA.UTF-8 LANGUAGE=en_CA:en XDG_RUNTIME_DIR= SourcePackage: unity-control-center UpgradeStatus: Upgraded to xenial on 2016-08-28 (88 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-themes-standard/+bug/1644662/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1644662] Re: Icons missing when appearance setting is "high contrast"
SRU proposal for Xenial. ** Description changed: + [Impact] + + * Switching to HighContrast theme in System Settings/Appearance results in missing icons for some of the panels in System Settings. + * Only Xenial is affected of the currently supported releases. + * Current development release is not affected. + + [Test Case] + + * Open System Settings, select Appearance. + * Choose the "High Contrast" theme. + * Go back by selecting "All Settings". + + Expected result: there are icons to all items in the Settings window. + Actual result: some items are missing icons. + + [Regression Potential] + + * There might be different icons used in some places depending by the + fact that for Xenial HighContrast used Adwaita themes. Possibly + + [Other Info] + * For some reason Trusty was using HighContrast icons and the change was made somewhere in between Trusty - Xenial. + * Original bug description: + To reproduce this: Open System Settings. Click Appearance Theme: High Contrast. Click All Settings tab: Many icons are missing. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: unity-control-center 15.04.0+16.04.20160705-0ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-47.68-generic 4.4.24 Uname: Linux 4.4.0-47-generic x86_64 NonfreeKernelModules: nvidia_uvm nvidia_drm nvidia_modeset nvidia ApportVersion: 2.20.1-0ubuntu2.1 Architecture: amd64 CurrentDesktop: Unity Date: Thu Nov 24 14:45:30 2016 ExecutablePath: /usr/bin/unity-control-center InstallationDate: Installed on 2015-06-06 (537 days ago) InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422) ProcEnviron: - PATH=(custom, user) - SHELL=/bin/bash - LANG=en_CA.UTF-8 - LANGUAGE=en_CA:en - XDG_RUNTIME_DIR= + PATH=(custom, user) + SHELL=/bin/bash + LANG=en_CA.UTF-8 + LANGUAGE=en_CA:en + XDG_RUNTIME_DIR= SourcePackage: unity-control-center UpgradeStatus: Upgraded to xenial on 2016-08-28 (88 days ago) ** Patch added: "xenial_gnome-themes-standard_3.18.0-2ubuntu2.debdiff" https://bugs.launchpad.net/ubuntu/+source/unity-control-center/+bug/1644662/+attachment/5045075/+files/xenial_gnome-themes-standard_3.18.0-2ubuntu2.debdiff ** Tags added: sts sts-sponsor ** Tags added: sts-sponsor-needed ** Tags removed: sts-sponsor-needed ** Changed in: unity-control-center (Ubuntu) Status: Confirmed => Invalid ** Changed in: unity-control-center (Ubuntu Xenial) Status: New => Confirmed -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1644662 Title: Icons missing when appearance setting is "high contrast" Status in unity-control-center package in Ubuntu: Invalid Status in unity-control-center source package in Xenial: Confirmed Bug description: [Impact] * Switching to HighContrast theme in System Settings/Appearance results in missing icons for some of the panels in System Settings. * Only Xenial is affected of the currently supported releases. * Current development release is not affected. [Test Case] * Open System Settings, select Appearance. * Choose the "High Contrast" theme. * Go back by selecting "All Settings". Expected result: there are icons to all items in the Settings window. Actual result: some items are missing icons. [Regression Potential] * There might be different icons used in some places depending by the fact that for Xenial HighContrast used Adwaita themes. Possibly [Other Info] * For some reason Trusty was using HighContrast icons and the change was made somewhere in between Trusty - Xenial. * Original bug description: To reproduce this: Open System Settings. Click Appearance Theme: High Contrast. Click All Settings tab: Many icons are missing. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: unity-control-center 15.04.0+16.04.20160705-0ubuntu1 ProcVersionSignature: Ubuntu 4.4.0-47.68-generic 4.4.24 Uname: Linux 4.4.0-47-generic x86_64 NonfreeKernelModules: nvidia_uvm nvidia_drm nvidia_modeset nvidia ApportVersion: 2.20.1-0ubuntu2.1 Architecture: amd64 CurrentDesktop: Unity Date: Thu Nov 24 14:45:30 2016 ExecutablePath: /usr/bin/unity-control-center InstallationDate: Installed on 2015-06-06 (537 days ago) InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422) ProcEnviron: PATH=(custom, user) SHELL=/bin/bash LANG=en_CA.UTF-8 LANGUAGE=en_CA:en XDG_RUNTIME_DIR= SourcePackage: unity-control-center UpgradeStatus: Upgraded to xenial on 2016-08-28 (88 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/unity-control-center/+bug/1644662/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to :
[Group.of.nepali.translators] [Bug 1702529] Re: ACCESS_DENIED with symlinks within a root ("/") share
** Changed in: samba (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1702529 Title: ACCESS_DENIED with symlinks within a root ("/") share Status in samba: Unknown Status in samba package in Ubuntu: Fix Released Status in samba source package in Trusty: In Progress Status in samba source package in Xenial: In Progress Status in samba source package in Zesty: In Progress Bug description: [Impact] * In case of accessing directories chdir to it directly instead of its parent directory. This changes how dir symlinks are handled in root shares and leads to avoiding the ACCESS_DENIED ISSUE. [Test Case] 1. Prepare smb server with a share: [rootshare] guest ok = yes path = / wide links = no follow symlinks = yes 2. On the server: mkdir -p /srv/dir ln -s /srv/dir /srv/symdir. 3. Connect from a client: smbclient -m smb3 //server/rootshare -c "cd srv\symdir; dir" [Regression Potential] * When accessing broken symlinks share's base directory is accessed. This however seems to be consistent with a pre-fix behavior. [Other Info] Original bug description: See Samba bug: https://bugzilla.samba.org/show_bug.cgi?id=12873 for more information and test case. Also view LP bug: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1701073 for more information. To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1702529/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp