[Group.of.nepali.translators] [Bug 1828988] Re: rabbitmq server fails to start after cluster reboot
** Also affects: rabbitmq-server (Ubuntu) Importance: Undecided Status: New ** Also affects: rabbitmq-server (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: rabbitmq-server (Ubuntu Bionic) Importance: Undecided Status: New ** Also affects: rabbitmq-server (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: rabbitmq-server (Ubuntu Eoan) Importance: Undecided Status: New -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1828988 Title: rabbitmq server fails to start after cluster reboot Status in OpenStack rabbitmq-server charm: In Progress Status in rabbitmq-server package in Ubuntu: New Status in rabbitmq-server source package in Xenial: New Status in rabbitmq-server source package in Bionic: New Status in rabbitmq-server source package in Eoan: New Status in rabbitmq-server source package in Focal: New Bug description: After rebooting an entire fcb cluster (shutdown -r on all nodes), my rabbitmq cluster failed to come back up. rabbitmqctl cluster_status: http://paste.ubuntu.com/p/hh4GV2BJ8R/ juju status for rabbitmq-server: http://paste.ubuntu.com/p/ptrJSrHGkG/ bundle: http://paste.ubuntu.com/p/k35TTVp3Ps/ To manage notifications about this bug go to: https://bugs.launchpad.net/charm-rabbitmq-server/+bug/1828988/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1841700] Re: instance ingress bandwidth limiting doesn't works in ocata.
** Also affects: neutron (Ubuntu) Importance: Undecided Status: New ** Also affects: neutron (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: neutron (Ubuntu) Status: New => Fix Released ** Also affects: cloud-archive Importance: Undecided Status: New ** Changed in: neutron Status: Invalid => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1841700 Title: instance ingress bandwidth limiting doesn't works in ocata. Status in Ubuntu Cloud Archive: New Status in neutron: Fix Released Status in neutron package in Ubuntu: Fix Released Status in neutron source package in Xenial: New Bug description: [Environment] Xenial-Ocata deployment [Description] The instance ingress bandwidth limit implementation was targeted for Ocata [0], but the full implementation ingress/egress was done during the pike [1] cycle. However, isn't reported or explicit that ingress direction isn't supported in ocata, which causes the following exception when --ingress is specified. $ openstack network qos rule create --type bandwidth-limit --max-kbps 300 --max-burst-kbits 300 --ingress bw-limiter Failed to create Network QoS rule: BadRequestException: 400: Client Error for url: https://openstack:9696/v2.0/qos/policies//bandwidth_limit_rules, Unrecognized attribute(s) 'direction' It would be desirable for this feature to be available on Ocata for being able to set ingress/egress bandwidth limits on the ports. [0] https://blueprints.launchpad.net/neutron/+spec/instance-ingress-bw-limit [1] https://bugs.launchpad.net/neutron/+bug/1560961 To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1841700/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1560961] Re: [RFE] Allow instance-ingress bandwidth limiting
** Also affects: neutron (Ubuntu) Importance: Undecided Status: New ** Also affects: neutron (Ubuntu Xenial) Importance: Undecided Status: New ** Also affects: cloud-archive Importance: Undecided Status: New -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1560961 Title: [RFE] Allow instance-ingress bandwidth limiting Status in Ubuntu Cloud Archive: New Status in neutron: Fix Released Status in neutron package in Ubuntu: New Status in neutron source package in Xenial: New Bug description: The current implementation of bandwidth limiting rules only supports egress bandwidth limiting. Use cases = There are cases where ingress bandwidth limiting is more important than egress limiting, for example when the workload of the cloud is mostly a consumer of data (crawlers, datamining, etc), and administrators need to ensure other workloads won't be affected. Other example are CSPs which need to plan & allocate the bandwidth provided to customers, or provide different levels of network service. API/Model impact === The BandwidthLimiting rules will be added a direction field (egress/ingress), which by default will be egress to match the current behaviour and, therefore be backward compatible. Combining egress/ingress would be achieved by including an egress bandwidth limit and an ingress bandwidth limit. Additional information == The CLI and SDK modifications are addressed in https://bugs.launchpad.net/python-openstackclient/+bug/1614121 To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1560961/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1668771] Re: [SRU] systemd-resolved negative caching for extended period of time
** No longer affects: systemd (Ubuntu Xenial) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1668771 Title: [SRU] systemd-resolved negative caching for extended period of time Status in systemd: New Status in systemd package in Ubuntu: In Progress Status in systemd source package in Bionic: Fix Committed Status in systemd source package in Disco: Fix Committed Status in systemd source package in Eoan: In Progress Bug description: [Impact] * If a DNS lookup returns SERVFAIL, systemd-resolved seems to cache the result for very long (infinity?). I have to restart systemd- resolved to have the negative caching purged. * After SERVFAIL DNS server issue has been resolved, chromium/firefox still returns DNS error despite host can correctly resolve the name. [Test Case] * If a lookup returns SERVFAIL systemd-resolved will cache the result for 30s (See 201d995), however, there are several use cases on which this condition is not acceptable (See #5552 comments) and the only workaround would be to disable cache entirely or flush it , which isn't optimal. * Configure /etc/systemd/resolved.conf as follows: Cache=yes (default) * Restart systemd-resolved (systemctl restart systemd- resolved.service) * Run a host/getent command against a entry that will return SERVFAIL and check the journalctl output to see that the reply gets served from cache. root@systemd-disco:/home/ubuntu# host www.no-record.cl Host www.montemar.cl not found: 2(SERVFAIL) root@systemd-disco:/home/ubuntu# journalctl -u systemd-resolved -n -- Logs begin at Fri 2019-07-12 18:09:42 UTC, end at Tue 2019-07-23 15:10:17 UTC. -- Jul 23 15:10:10 systemd-disco systemd-resolved[1282]: Transaction 6222 for on scope dns on ens3/* now complete with Jul 23 15:10:10 systemd-disco systemd-resolved[1282]: Sending response packet with id 61042 on interface 1/AF_INET. Jul 23 15:10:10 systemd-disco systemd-resolved[1282]: Freeing transaction 6222. Jul 23 15:10:17 systemd-disco systemd-resolved[1282]: Got DNS stub UDP query packet for id 53580 Jul 23 15:10:17 systemd-disco systemd-resolved[1282]: Looking up RR for www.no-record.cl IN A. Jul 23 15:10:17 systemd-disco systemd-resolved[1282]: RCODE SERVFAIL cache hit for www.no-record.cl IN A Jul 23 15:10:17 systemd-disco systemd-resolved[1282]: Transaction 58570 for < www.no-record.cl IN A> on scope dns on ens3/* now complete with scope dns on ens3/. Jul 12 18:48:31 systemd-disco systemd-resolved[2635]: Using feature level UDP for transaction 22382. Jul 12 18:48:31 systemd-disco systemd-resolved[2635]: Sending query packet with id 22382. Jul 12 18:48:31 systemd-disco systemd-resolved[2635]: Processing incoming packet on transaction 22382 (rcode=SERVFAIL). Jul 12 18:48:31 systemd-disco systemd-resolved[2635]: Server returned error: SERVFAIL Jul 12 18:48:31 systemd-disco systemd-resolved[2635]: Not caching negative entry for: www.metaklass.org IN A, cache mode set to no-negative Jul 12 18:48:31 systemd-disco systemd-resolved[2635]: Transaction 22382 for on scope dns on ens3/ now complete with from network (unsigned). Jul 12 18:48:31 systemd-disco systemd-resolved[2635]: Sending response packet with id 31060 on interface 1/AF_INET. The following patch https://github.com/systemd/systemd/pull/13047 implements the required changes. [Other Info] Note that systemd in Eoan is being upgraded to upstream 242, so I am not adding this to Eoan now, as I don't want to disturb the merge. If needed after the merge, I'll add to Eoan. To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1668771/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1668771] Re: systemd-resolved negative caching for extended period of time
** Also affects: systemd (Ubuntu Xenial) Importance: Undecided Status: New ** Changed in: systemd (Ubuntu Disco) Assignee: (unassigned) => Jorge Niedbalski (niedbalski) ** Changed in: systemd (Ubuntu Bionic) Assignee: (unassigned) => Jorge Niedbalski (niedbalski) ** Changed in: systemd (Ubuntu Xenial) Assignee: (unassigned) => Jorge Niedbalski (niedbalski) ** Changed in: systemd (Ubuntu Xenial) Status: New => In Progress ** Changed in: systemd (Ubuntu Bionic) Status: New => In Progress ** Changed in: systemd (Ubuntu Disco) Status: New => In Progress -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1668771 Title: systemd-resolved negative caching for extended period of time Status in systemd: New Status in systemd package in Ubuntu: In Progress Status in systemd source package in Xenial: In Progress Status in systemd source package in Bionic: In Progress Status in systemd source package in Disco: In Progress Status in systemd source package in Eoan: In Progress Bug description: 231-9ubuntu3 If a DNS lookup returns SERVFAIL, systemd-resolved seems to cache the result for very long (infinity?). I have to restart systemd-resolved to have the negative caching purged. After SERVFAIL DNS server issue has been resolved, chromium/firefox still returns DNS error despite host can correctly resolve the name. To manage notifications about this bug go to: https://bugs.launchpad.net/systemd/+bug/1668771/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1831181] Re: [aodh.notifier] Not setting user_domain_id raises keystone error: The resource could not be found.
** Changed in: aodh (Ubuntu Eoan) Status: Triaged => Fix Committed ** Changed in: aodh (Ubuntu Disco) Assignee: (unassigned) => Jorge Niedbalski (niedbalski) ** Changed in: aodh (Ubuntu Cosmic) Assignee: (unassigned) => Jorge Niedbalski (niedbalski) ** No longer affects: aodh (Ubuntu Xenial) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1831181 Title: [aodh.notifier] Not setting user_domain_id raises keystone error: The resource could not be found. Status in Aodh: New Status in OpenStack AODH Charm: Fix Committed Status in charm-interface-keystone: Fix Released Status in Ubuntu Cloud Archive: Triaged Status in Ubuntu Cloud Archive mitaka series: Triaged Status in Ubuntu Cloud Archive ocata series: Triaged Status in Ubuntu Cloud Archive queens series: Triaged Status in Ubuntu Cloud Archive rocky series: Triaged Status in Ubuntu Cloud Archive stein series: Triaged Status in Ubuntu Cloud Archive train series: Triaged Status in aodh package in Ubuntu: Fix Committed Status in aodh source package in Bionic: Triaged Status in aodh source package in Cosmic: Triaged Status in aodh source package in Disco: Triaged Status in aodh source package in Eoan: Fix Committed Bug description: [Environment] Xenial/Queens [Description] If no user_domain_id is provided then, the following exception will be raised by the aodh-notifier component: $ openstack alarm-history show 1424b6fb-1d9d-4d69-b00a-ad455aad0ecb ==> /var/log/aodh/aodh-notifier.log <== 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier File "/usr/lib/python2.7/dist-packages/keystoneauth1/identity/generic/base.py", line 201, in get_auth_ref 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier return self._plugin.get_auth_ref(session, **kwargs) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier File "/usr/lib/python2.7/dist-packages/keystoneauth1/identity/v2.py", line 63, in get_auth_ref 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier authenticated=False, log=False) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier File "/usr/lib/python2.7/dist-packages/keystoneauth1/session.py", line 848, in post 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier return self.request(url, 'POST', **kwargs) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier File "/usr/lib/python2.7/dist-packages/keystoneauth1/session.py", line 737, in request 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier raise exceptions.from_response(resp, method, url) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier NotFound: (http://10.5.0.36:35357/v2.0/tokens): The resource could not be found. (HTTP 404) (Request-ID: req-50d54903-d2af-4fd1-be68-a92498d91b85) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier Domain configuration for the aodh service is as follows: root@juju-95497c-controller-1:/home/ubuntu# grep domain /etc/aodh/aodh.conf gnocchi_external_domain_name = service_domain project_domain_name = service_domain user_domain_name = service_domain ### Explanation The following line https://github.com/openstack/aodh/blob/master/aodh/keystone_client.py#L51 enforces the existence of the user_domain_id for getting the authenticated keystone session. [Proposed Solution] * Use user_domain_name as a fallback if no user_domain_id is provided. * The charm templates should provide only user_domain_id if provided orelse fallback to user_domain_name. To manage notifications about this bug go to: https://bugs.launchpad.net/aodh/+bug/1831181/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1831181] Re: [aodh.notifier] Not setting user_domain_id raises keystone error: The resource could not be found.
** Changed in: charm-interface-keystone Status: In Progress => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1831181 Title: [aodh.notifier] Not setting user_domain_id raises keystone error: The resource could not be found. Status in Aodh: New Status in OpenStack AODH Charm: In Progress Status in charm-interface-keystone: Fix Released Status in Ubuntu Cloud Archive: New Status in aodh package in Ubuntu: New Status in aodh source package in Xenial: New Status in aodh source package in Bionic: New Status in aodh source package in Cosmic: New Status in aodh source package in Disco: New Status in aodh source package in Eoan: New Bug description: [Environment] Xenial/Queens [Description] If no user_domain_id is provided then, the following exception will be raised by the aodh-notifier component: $ openstack alarm-history show 1424b6fb-1d9d-4d69-b00a-ad455aad0ecb ==> /var/log/aodh/aodh-notifier.log <== 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier File "/usr/lib/python2.7/dist-packages/keystoneauth1/identity/generic/base.py", line 201, in get_auth_ref 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier return self._plugin.get_auth_ref(session, **kwargs) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier File "/usr/lib/python2.7/dist-packages/keystoneauth1/identity/v2.py", line 63, in get_auth_ref 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier authenticated=False, log=False) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier File "/usr/lib/python2.7/dist-packages/keystoneauth1/session.py", line 848, in post 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier return self.request(url, 'POST', **kwargs) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier File "/usr/lib/python2.7/dist-packages/keystoneauth1/session.py", line 737, in request 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier raise exceptions.from_response(resp, method, url) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier NotFound: (http://10.5.0.36:35357/v2.0/tokens): The resource could not be found. (HTTP 404) (Request-ID: req-50d54903-d2af-4fd1-be68-a92498d91b85) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier Domain configuration for the aodh service is as follows: root@juju-95497c-controller-1:/home/ubuntu# grep domain /etc/aodh/aodh.conf gnocchi_external_domain_name = service_domain project_domain_name = service_domain user_domain_name = service_domain ### Explanation The following line https://github.com/openstack/aodh/blob/master/aodh/keystone_client.py#L51 enforces the existence of the user_domain_id for getting the authenticated keystone session. [Proposed Solution] * Use user_domain_name as a fallback if no user_domain_id is provided. * The charm templates should provide only user_domain_id if provided orelse fallback to user_domain_name. To manage notifications about this bug go to: https://bugs.launchpad.net/aodh/+bug/1831181/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1831181] Re: [aodh.notifier] Not setting user_domain_id raises keystone error: The resource could not be found.
** Also affects: cloud-archive Importance: Undecided Status: New -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1831181 Title: [aodh.notifier] Not setting user_domain_id raises keystone error: The resource could not be found. Status in Aodh: New Status in OpenStack AODH Charm: In Progress Status in charm-interface-keystone: In Progress Status in Ubuntu Cloud Archive: New Status in aodh package in Ubuntu: New Status in aodh source package in Xenial: New Status in aodh source package in Bionic: New Status in aodh source package in Cosmic: New Status in aodh source package in Disco: New Status in aodh source package in Eoan: New Bug description: [Environment] Xenial/Queens [Description] If no user_domain_id is provided then, the following exception will be raised by the aodh-notifier component: $ openstack alarm-history show 1424b6fb-1d9d-4d69-b00a-ad455aad0ecb ==> /var/log/aodh/aodh-notifier.log <== 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier File "/usr/lib/python2.7/dist-packages/keystoneauth1/identity/generic/base.py", line 201, in get_auth_ref 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier return self._plugin.get_auth_ref(session, **kwargs) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier File "/usr/lib/python2.7/dist-packages/keystoneauth1/identity/v2.py", line 63, in get_auth_ref 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier authenticated=False, log=False) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier File "/usr/lib/python2.7/dist-packages/keystoneauth1/session.py", line 848, in post 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier return self.request(url, 'POST', **kwargs) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier File "/usr/lib/python2.7/dist-packages/keystoneauth1/session.py", line 737, in request 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier raise exceptions.from_response(resp, method, url) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier NotFound: (http://10.5.0.36:35357/v2.0/tokens): The resource could not be found. (HTTP 404) (Request-ID: req-50d54903-d2af-4fd1-be68-a92498d91b85) 2019-05-31 02:07:26.663 15274 ERROR aodh.notifier Domain configuration for the aodh service is as follows: root@juju-95497c-controller-1:/home/ubuntu# grep domain /etc/aodh/aodh.conf gnocchi_external_domain_name = service_domain project_domain_name = service_domain user_domain_name = service_domain ### Explanation The following line https://github.com/openstack/aodh/blob/master/aodh/keystone_client.py#L51 enforces the existence of the user_domain_id for getting the authenticated keystone session. [Proposed Solution] * Use user_domain_name as a fallback if no user_domain_id is provided. * The charm templates should provide only user_domain_id if provided orelse fallback to user_domain_name. To manage notifications about this bug go to: https://bugs.launchpad.net/aodh/+bug/1831181/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1708305] Re: Realtime feature mlockall: Cannot allocate memory
Hello Christian, Attached you can find a xenial SRU patch based on commit (https://github.com/libvirt/libvirt/commit/7e667664d28f90bf6916604a55ebad7e2d85305b). Here is the guest definition used on my testing (http://paste.ubuntu.com/25288141/) Without the patch, the error is reproduced. root@buneary:/home/ubuntu# virsh start reproducer2 error: Failed to start domain reproducer2 error: internal error: process exited while connecting to monitor: mlockall: Cannot allocate memory 2017-08-11T03:59:54.936275Z qemu-system-x86_64: locking memory failed With the patch the guest is initialized correctly. root@buneary:/var/lib/uvtool/libvirt/images# virsh start reproducer2 Domain reproducer2 started I ran the following systemtap probe (probe kernel.function("sys_setrlimit") { printf("locked: %d -> %s\n", pid(), sprintf("%s, %s", _rlimit_resource_str($resource), _struct_rlimit_u($rlim))) } ) And the output shows that the RLIMIT_MEMLOCK process limit is set to 9007199254740991 (VIR_DOMAIN_MEMORY_PARAM_UNLIMITED) root@buneary:/home/ubuntu# stap -g qemu_probe.stap -kv -g --suppress-time-limits Pass 1: parsed user script and 465 library scripts using 112796virt/48440res/6664shr/42136data kb, in 130usr/40sys/164real ms. Pass 2: analyzed script: 1 probe, 5 functions, 100 embeds, 0 globals using 164772virt/101848res/7988shr/94112data kb, in 660usr/120sys/776real ms. Pass 3: translated to C into "/tmp/stapVXuoMi/stap_30601_src.c" using 164772virt/102040res/8180shr/94112data kb, in 10usr/0sys/5real ms. Pass 4: compiled C into "stap_30601.ko" in 2160usr/540sys/3231real ms. Pass 5: starting run. locked: 31028 -> RLIMIT_MEMLOCK, [9007199254740991,9007199254740991] ** Changed in: libvirt (Ubuntu Artful) Status: Confirmed => Fix Released ** Changed in: libvirt (Ubuntu Artful) Status: Fix Released => Fix Committed ** Patch added: "fix-1708305-xenial.debdiff" https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1708305/+attachment/4930463/+files/fix-1708305-xenial.debdiff -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1708305 Title: Realtime feature mlockall: Cannot allocate memory Status in libvirt package in Ubuntu: Fix Committed Status in libvirt source package in Xenial: In Progress Status in libvirt source package in Zesty: In Progress Status in libvirt source package in Artful: Fix Committed Bug description: [Environment] root@buneary:~# lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 16.04.2 LTS Release: 16.04 Codename: xenial root@buneary:~# uname -r 4.10.0-29-generic Reproducible also with the 4.4 kernel. [Description] When a guest memory backing stanza is defined using the stanza + hugepages, as follows: (Full guest definition: http://paste.ubuntu.com/25229162/) The guest fails to start due to the following error: 2017-08-02 20:25:03.714+: starting up libvirt version: 1.3.1, package: 1ubuntu10.12 (Christian EhrhardtWed, 19 Jul 2017 08:28:14 +0200), qemu version: 2.5.0 (Debian 1:2.5+dfsg-5ubuntu10.14), hostname: buneary.seg LC_ALL=C PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin QEMU_AUDIO_DRV=none /usr/bin/kvm-spice -name reproducer2 -S -machine pc-i440fx-2.5,accel=kvm,usb=off -cpu host -m 124928 -realtime mlock=on -smp 32,sockets=16,cores=1,threads=2 -object memory-backend-file,id=ram-node0,prealloc=yes,mem-path=/dev/hugepages/libvirt/qemu,share=yes,size=64424509440,host-nodes=0,policy=bind -numa node,nodeid=0,cpus=0-15,memdev=ram-node0 -object memory-backend-file,id=ram-node1,prealloc=yes,mem-path=/dev/hugepages/libvirt/qemu,share=yes,size=66571993088,host-nodes=1,policy=bind -numa node,nodeid=1,cpus=16-31,memdev=ram-node1 -uuid 2460778d-979b-4024-9a13-0c3ca04b18ec -no-user-config -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/domain-reproducer2/monitor.sock,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -boot strict=on -device piix3-usb-uhci,id=usb,bus=pci.0,addr=0x1.0x2 -drive file=/var/lib/uvtool/libvirt/images/test-ds.qcow,format=qcow2,if=none,id=drive-virtio-disk0,cache=none -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x3,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -vnc 127.0.0.1:0 -device cirrus-vga,id=video0,bus=pci.0,addr=0x2 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4 -msg timestamp=on Domain id=14 is tainted: host-cpu char device redirected to /dev/pts/1 (label charserial0) mlockall: Cannot allocate memory 2017-08-02T20:25:37.732772Z qemu-system-x86_64: locking memory failed 2017-08-02
[Group.of.nepali.translators] [Bug 1502136] Re: Everything returns 403 if show_multiple_locations is true and get_image_location policy is set
** Also affects: cloud-archive Importance: Undecided Status: New ** Changed in: glance (Ubuntu Trusty) Status: In Progress => New ** Changed in: glance (Ubuntu Trusty) Assignee: Jorge Niedbalski (niedbalski) => (unassigned) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1502136 Title: Everything returns 403 if show_multiple_locations is true and get_image_location policy is set Status in Ubuntu Cloud Archive: New Status in Glance: Fix Released Status in glance package in Ubuntu: Fix Released Status in glance source package in Trusty: New Status in glance source package in Xenial: Fix Released Bug description: If, in glance-api.conf you set: show_multiple_locations = true Things work as expected: $ glance --os-image-api-version 2 image-show 13ae74f0-74bf-4792-a8bb-7c622abc5410 +--+--+ | Property | Value | +--+--+ | checksum | 9cb02fe7fcac26f8a25d6db3109063ae | | container_format | bare | | created_at | 2015-10-02T12:43:33Z | | disk_format | raw | | id | 13ae74f0-74bf-4792-a8bb-7c622abc5410 | | locations| [{"url": "swift+config://ref1/glance/13ae74f0-74bf-4792-a8bb-7c622abc5410", | | | "metadata": {}}] | | min_disk | 0 | | min_ram | 0 | | name | good-image | | owner| 88cffb9c8aee457788066c97b359585b | | protected| False | | size | 145 | | status | active | | tags | [] | | updated_at | 2015-10-02T12:43:34Z | | virtual_size | None | | visibility | private | +--+--+ but if you then set the get_image_location policy to role:admin, most calls return 403: $ glance --os-image-api-version 2 image-list 403 Forbidden: You are not authorized to complete this action. (HTTP 403) $ glance --os-image-api-version 2 image-show 13ae74f0-74bf-4792-a8bb-7c622abc5410 403 Forbidden: You are not authorized to complete this action. (HTTP 403) $ glance --os-image-api-version 2 image-delete 13ae74f0-74bf-4792-a8bb-7c622abc5410 403 Forbidden: You are not authorized to complete this action. (HTTP 403) etc. As https://review.openstack.org/#/c/48401/ says: 1. A user should be able to list/show/update/download image without needing permission on get_image_location. 2. A policy failure should result in a 403 return code. We're getting a 500 This is v2 only, v1 works ok. To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-archive/+bug/1502136/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1502136] Re: Everything returns 403 if show_multiple_locations is true and get_image_location policy is set
** Changed in: glance (Ubuntu Xenial) Status: New => Fix Released ** Changed in: glance (Ubuntu Trusty) Status: New => In Progress ** Changed in: glance (Ubuntu Trusty) Importance: Undecided => High ** Changed in: glance (Ubuntu Trusty) Assignee: (unassigned) => Jorge Niedbalski (niedbalski) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1502136 Title: Everything returns 403 if show_multiple_locations is true and get_image_location policy is set Status in Glance: Fix Released Status in glance package in Ubuntu: Fix Released Status in glance source package in Trusty: In Progress Status in glance source package in Xenial: Fix Released Bug description: If, in glance-api.conf you set: show_multiple_locations = true Things work as expected: $ glance --os-image-api-version 2 image-show 13ae74f0-74bf-4792-a8bb-7c622abc5410 +--+--+ | Property | Value | +--+--+ | checksum | 9cb02fe7fcac26f8a25d6db3109063ae | | container_format | bare | | created_at | 2015-10-02T12:43:33Z | | disk_format | raw | | id | 13ae74f0-74bf-4792-a8bb-7c622abc5410 | | locations| [{"url": "swift+config://ref1/glance/13ae74f0-74bf-4792-a8bb-7c622abc5410", | | | "metadata": {}}] | | min_disk | 0 | | min_ram | 0 | | name | good-image | | owner| 88cffb9c8aee457788066c97b359585b | | protected| False | | size | 145 | | status | active | | tags | [] | | updated_at | 2015-10-02T12:43:34Z | | virtual_size | None | | visibility | private | +--+--+ but if you then set the get_image_location policy to role:admin, most calls return 403: $ glance --os-image-api-version 2 image-list 403 Forbidden: You are not authorized to complete this action. (HTTP 403) $ glance --os-image-api-version 2 image-show 13ae74f0-74bf-4792-a8bb-7c622abc5410 403 Forbidden: You are not authorized to complete this action. (HTTP 403) $ glance --os-image-api-version 2 image-delete 13ae74f0-74bf-4792-a8bb-7c622abc5410 403 Forbidden: You are not authorized to complete this action. (HTTP 403) etc. As https://review.openstack.org/#/c/48401/ says: 1. A user should be able to list/show/update/download image without needing permission on get_image_location. 2. A policy failure should result in a 403 return code. We're getting a 500 This is v2 only, v1 works ok. To manage notifications about this bug go to: https://bugs.launchpad.net/glance/+bug/1502136/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1683876] Re: systemtap doesn't works on xenial with kernels > 4.4
** Changed in: systemtap (Ubuntu Yakkety) Status: New => Fix Released -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1683876 Title: systemtap doesn't works on xenial with kernels > 4.4 Status in systemtap package in Ubuntu: Fix Released Status in systemtap source package in Xenial: New Status in systemtap source package in Yakkety: Fix Released Bug description: [Environment] No LSB modules are available. Distributor ID: Ubuntu Description:Ubuntu 16.04.2 LTS Release:16.04 Codename: xenial Linux juju-niedbalski-xenial-machine-12 4.8.0-46-generic #49~16.04.1-Ubuntu SMP Fri Mar 31 14:51:03 UTC 2017 x86_64 x86_64 x86_64 GNU/Linux [Description] Xenial system with LTS-hwe xenial kernel enabled. Trying to run the following script: $ sudo stap -e 'probe oneshot { println("hello world") }' Raises the following errors: In file included from /usr/share/systemtap/runtime/linux/runtime.h:204:0, from /usr/share/systemtap/runtime/runtime.h:24, from /tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25: /usr/share/systemtap/runtime/linux/access_process_vm.h: In function ‘__access_process_vm_’: /usr/share/systemtap/runtime/linux/access_process_vm.h:35:29: error: passing argument 1 of ‘get_user_pages’ makes integer from pointer without a cast [-Werror=int-conversion] ret = get_user_pages (tsk, mm, addr, 1, write, 1, , ); ^ In file included from ./include/linux/pid_namespace.h:6:0, from ./include/linux/ptrace.h:8, from ./include/linux/ftrace.h:13, from ./include/linux/kprobes.h:42, from /usr/share/systemtap/runtime/linux/runtime.h:21, from /usr/share/systemtap/runtime/runtime.h:24, from /tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25: ./include/linux/mm.h:1315:6: note: expected ‘long unsigned int’ but argument is of type ‘struct task_struct *’ long get_user_pages(unsigned long start, unsigned long nr_pages, ^ In file included from /usr/share/systemtap/runtime/linux/runtime.h:204:0, from /usr/share/systemtap/runtime/linux/runtime.h:21, from /usr/share/systemtap/runtime/runtime.h:24, from /tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25: ./include/linux/mm.h:1315:6: note: expected ‘struct page **’ but argument is of type ‘int’ long get_user_pages(unsigned long start, unsigned long nr_pages, ^ In file included from /usr/share/systemtap/runtime/linux/runtime.h:204:0, from /usr/share/systemtap/runtime/runtime.h:24, from /tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25: /usr/share/systemtap/runtime/linux/access_process_vm.h:35:54: error: passing argument 6 of ‘get_user_pages’ makes pointer from integer without a cast [-Werror=int-conversion] ret = get_user_pages (tsk, mm, addr, 1, write, 1, , ); ^ In file included from ./include/linux/pid_namespace.h:6:0, from ./include/linux/ptrace.h:8, from ./include/linux/ftrace.h:13, from ./include/linux/kprobes.h:42, from /usr/share/systemtap/runtime/linux/runtime.h:21, from /usr/share/systemtap/runtime/runtime.h:24, from /tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25: ./include/linux/mm.h:1315:6: note: expected ‘struct vm_area_struct **’ but argument is of type ‘int’ long get_user_pages(unsigned long start, unsigned long nr_pages, ^ In file included from /usr/share/systemtap/runtime/linux/runtime.h:204:0, from /usr/share/systemtap/runtime/runtime.h:24, from /tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25: /usr/share/systemtap/runtime/linux/access_process_vm.h:35:13: error: too many arguments to function ‘get_user_pages’ ret = get_user_pages (tsk, mm, addr, 1, write, 1, , ); ^ In file included from ./include/linux/pid_namespace.h:6:0, from ./include/linux/ptrace.h:8, from ./include/linux/ftrace.h:13, from ./include/linux/kprobes.h:42, from /usr/share/systemtap/runtime/linux/runtime.h:21, from /usr/share/systemtap/runtime/runtime.h:24, from /tmp/stapjb3FJA/stap_06a893e40e8ca093be8e351d40e8d862_960_src.c:25: ./include/linux/mm.h:1315:6: note: declared here long get_user_pages(unsigned long start, unsigned long nr_pages, ^ In file included from
[Group.of.nepali.translators] [Bug 1631561] Re: volume usage audit print excessive debug log for deleted resources
** Changed in: cinder (Ubuntu Xenial) Status: New => In Progress ** Changed in: cinder (Ubuntu) Status: New => Fix Released ** Changed in: cinder (Ubuntu Yakkety) Status: New => In Progress ** Changed in: cinder (Ubuntu) Importance: Undecided => Medium ** Changed in: cinder (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: cinder (Ubuntu Yakkety) Importance: Undecided => Medium ** Changed in: cinder (Ubuntu Xenial) Assignee: (unassigned) => Jorge Niedbalski (niedbalski) ** Changed in: cinder (Ubuntu Yakkety) Assignee: (unassigned) => Jorge Niedbalski (niedbalski) -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1631561 Title: volume usage audit print excessive debug log for deleted resources Status in Cinder: Fix Released Status in Ubuntu Cloud Archive: New Status in cinder package in Ubuntu: Fix Released Status in cinder source package in Xenial: In Progress Status in cinder source package in Yakkety: In Progress Bug description: Current volume usage audit tool queries all volumes/snapshots/backups including those resources have been deleted, as a result, every single deleted resource would trigger a few debug/exception level messages, which is too much for a running production cluster at hour/day period. To manage notifications about this bug go to: https://bugs.launchpad.net/cinder/+bug/1631561/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp
[Group.of.nepali.translators] [Bug 1584485] Re: Upgrading samba to latest security fixes together with winbind in nsswitch.conf can harm entire OS
** No longer affects: samba (Ubuntu Precise) ** Changed in: samba (Ubuntu Xenial) Status: New => In Progress ** Changed in: samba (Ubuntu Xenial) Importance: Undecided => High ** Changed in: samba (Ubuntu Xenial) Assignee: (unassigned) => Jorge Niedbalski (niedbalski) ** Patch added: "Yakkety Patch for 1584485" https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1584485/+attachment/4763305/+files/fix-1584485-yakkety.debdiff -- You received this bug notification because you are a member of नेपाली भाषा समायोजकहरुको समूह, which is subscribed to Xenial. Matching subscriptions: Ubuntu 16.04 Bugs https://bugs.launchpad.net/bugs/1584485 Title: Upgrading samba to latest security fixes together with winbind in nsswitch.conf can harm entire OS Status in samba package in Ubuntu: In Progress Status in samba source package in Trusty: In Progress Status in samba source package in Xenial: In Progress Status in samba source package in Yakkety: In Progress Bug description: [Impact] * Upgrading samba when using winbind as NSS service can break OS. * Probably not triggered if "compat" is BEFORE "winbind" in nsswitch.conf. * Huge impact due to big version different between winbind and libraries. [Test Case] 1) Start an ubuntu Trusty container 2) cp /etc/apt/sources.list /etc/apt/sources.list.back 3) Disable the trusty-updates and trusty-security archives in /etc/apt/sources.list 4) sudo apt-get update 5) sudo apt-get install samba winbind libnss-winbind libpam-winbind 6) Set /etc/nsswitch.conf to : passwd: winbind compat 7) Restart the services 7.1) sudo restart smbd 7.2) sudo restart nmbd 7.3) sudo restart winbind 8) cp /etc/apt/sources.list.back /etc/apt/sources.list 9) sudo apt-get update 7) sudo apt-get install samba winbind libnss-winbind libpam-winbind While installing, you will see things similar to this : > Unpacking libnss-winbind:amd64 (2:4.3.11+dfsg-0ubuntu0.14.04.1) over (2:4.1.6+dfsg-1ubuntu2) ... > dpkg-deb: error: subprocess tar was killed by signal (Segmentation fault), core dumped > dpkg: error processing archive /var/cache/apt/archives/libpam-winbind_2%3a4.3.11+dfsg-0ubuntu0.14.04.1_amd64.deb (- > -unpack): > subprocess dpkg-deb --control returned error exit status 2 > dpkg-deb: error: subprocess tar was killed by signal (Segmentation fault), core dumped [Regression Potential] * "preinst" and "postrm" maintainer scripts are acting only in "upgrade" * uninstalling packages and reinstalling would bypass this change [Other Info] * Original Bug Description: It was brought to my attention that, because of latest security fixes for samba: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1577739 samba (2:4.3.9+dfsg-0ubuntu0.14.04.1) trusty-security; urgency=medium samba (2:4.3.8+dfsg-0ubuntu0.14.04.2) trusty-security; urgency=medium samba (2:4.1.6+dfsg-1ubuntu2.14.04.13) trusty-security; urgency=medium when library symbols changed, a samba upgrade MAY jeopardize an entire Ubuntu OS installation IF /etc/nsswitch.conf uses winbind as a service (specially if used before compat mechanism). How to reproduce easily: $ cat /etc/nsswitch.conf passwd: winbind compat shadow: compat group: winbind compat (winbind is usually used after compat, in this case it was used before) to have samba version "4.1.6+dfsg-1ubuntu2.14.04.13" installed and do a: $ sudo apt-get update and FINALLY: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1584485/comments/1 Leading into an unusable system in the following state: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1584485/comments/2 ## state Workaround: DO REMOVE winbind from /etc/nsswitch.conf (and possibly from pam.d with "pam-auth-update") before ANY attempt of upgrading samba to latest version. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1584485/+subscriptions ___ Mailing list: https://launchpad.net/~group.of.nepali.translators Post to : group.of.nepali.translators@lists.launchpad.net Unsubscribe : https://launchpad.net/~group.of.nepali.translators More help : https://help.launchpad.net/ListHelp