Verified on Xenial with:
$ apt-cache policy libgnutls-openssl27:amd64
libgnutls-openssl27:
Installed: 3.4.10-4ubuntu1.4
Candidate: 3.4.10-4ubuntu1.4
Version table:
*** 3.4.10-4ubuntu1.4 500
500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages
100
** Description changed:
+ [Impact]
+
+ Applications using GnuTLS OpenSSL compat layer [1] are be unable to use
+ modern TLS versions (1.1 and 1.2) when relying on the
+ SSLv23_{client,server}_method functions.
+
+ There is an industry-wide push to use modern TLS versions, see [2] and
+ [3] for
** Patch added: "lp1709193-14.04.debdiff"
https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1709193/+attachment/4930182/+files/lp1709193-14.04.debdiff
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gnutls26 in
** Patch added: "lp1709193-17.04.debdiff"
https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1709193/+attachment/4930181/+files/lp1709193-17.04.debdiff
** Also affects: gnutls26 (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a
It works well on Xenial with sudo 1.8.16-0ubuntu1.5, thanks.
** Tags removed: verification-needed-xenial
** Tags added: verification-done-xenial
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to sudo in Ubuntu.
@xnox, many thanks for the detailed explanation. The membership
requirements are mentioned in journalctl(1) so I should have checked
that before opening a bug, sorry.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in
Public bug reported:
Steps to reproduce:
1) restrict dmesg to root only
sudo kernel.dmesg_restrict=1
2) check that root can still get dmesg
sudo dmesg
3) check a regular user cannot access dmesg and gets a denial
dmesg
4) check with journalctl
journalctl -k
Here, journalctl should report a
Fix verified on Yakkety with 4.3.0-1ubuntu3.16.10.1 as well.
** Tags removed: verification-done-xenial verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iproute2 in Ubuntu.
On 2017-05-12 03:34 PM, Seth Arnold wrote:
> On Fri, May 12, 2017 at 06:56:35PM -0000, Simon Déziel wrote:
>> If purging a package doesn't kill the running process, that's a
>> packaging bug, not something Apparmor should try to paper over, IMHO.
>
> Yikes, package pre
On 2017-05-12 02:15 PM, Christian Boltz wrote:
> You are technically correct that the still-loaded profile doesn't
> match a clean uninstall. However, I have a different opinion on this
> and thing keeping the profile loaded is the better choice.
>
> Unloading a profile means removing the
On 2017-05-12 01:48 AM, ChristianEhrhardt wrote:
> shouldn't dh_apparmor unload it just as it loads it?
Exactly, I would have assumed that it was dh_apparmor's job. Curious to
hear from the Apparmor folks. Thanks for looking into this.
Simon
--
You received this bug notification because you
Public bug reported:
Steps to reproduce:
1) install ntp
apt install ntp
2) confirm it has loaded its AA profile
aa-status | grep ntpd
3) purge ntp
apt purge ntp
4) the profile is left behind but shouldn't
aa-status | grep ntpd
Additional info:
This was found by first install ntp
On 2017-05-08 03:07 PM, Nish Aravamudan wrote:
> @sdeziel, afaict, that is an upstream fix committed,but not the ubuntu
> package in artful.
Right, my bad, sorry.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in
Fix verified on Xenial with 4.3.0-1ubuntu3.16.04.1
** Tags removed: verification-needed
** Tags added: verification-done-xenial
** Tags removed: verification-done-xenial
** Tags added: verification-done
** Tags removed: verification-done
** Tags added: verification-done-xenial
** Changed in: shadow (Ubuntu)
Status: Triaged => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/1427807
Title:
usermod's man refers to --*-sub-uids
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to wget in Ubuntu.
https://bugs.launchpad.net/bugs/1573307
Title:
wget crashed with SIGSEGV in
** Tags removed: verification-needed-xenial
** Tags added: verification-done-xenial
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1660832
Title:
unix domain socket
Thanks Seth. A general solution covering most cases would be great as
tweaking existing profiles would involve many SRUs and inevitably, new
profiles not working inside containers would show up.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which
On 2017-02-24 04:04 PM, Seth Arnold wrote:
> I'm surprised that the denials you're seeing now
> weren't generated earlier, due to this change.
Well, I just got the word that Apparmor was now working in containers
after waiting for years so I happily jumped in.
I guess the question is: is there a
** Description changed:
+ It seems that binaries confined by Apparmor attempt to read their own
+ executable when running in a namespace/container. This breaks many
+ profiles that are working perfectly well outside of namespaces.
+
+
+
+ Original description:
+
I'm not sure if it's a bug
It doesn't seem to only affect rsyslog as I have for example a shell
script contained by an Apparmor profile and inside the container it
doesn't work as it wants to read /bin/dash:
audit: type=1400 audit(1487935787.212:153): apparmor="DENIED"
operation="file_mprotect" namespace="root//lxd-smb_"
Public bug reported:
I'm not sure if it's a bug that belongs to Apparmor, rsyslog or even the
kernel so please re-assign if needed.
Enabling rsyslog's Apparmor profile in a namespace generates this
denial:
[ 3026.956651] audit: type=1400 audit(1487955263.521:39):
apparmor="DENIED"
I can confirm this problem was fixed for Xenial on 4.4.0-65.86, thank
you.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1660832
Title:
unix domain socket cross
*** This bug is a duplicate of bug 1660832 ***
https://bugs.launchpad.net/bugs/1660832
The problem with the Unix socket is indeed fixed by 4.4.0-65.86.
Thanks John. I have other issues with AA in namespaces which I will report in
other LPs.
** This bug has been marked a duplicate of bug
On 2017-02-22 02:19 PM, John Johansen wrote:
> You can try the set of kernel in
>
> http://people.canonical.com/~jj/linux+jj/
I haven't had a chance to try those kernels but 4.4.0-65.86 has just hit
-proposed so I'll give it a try and report back, thanks.
--
You received this bug notification
I'm also seeing those with my smb servers:
apparmor="DENIED" operation="file_perm" namespace="root//lxd-smb_"
profile="/usr/sbin/smbd" pid=15865 comm="smbd" family="unix" sock_type="stream"
protocol=0 requested_mask="send receive"
denied_mask="send receive" addr=none peer_addr=none peer="---"
On 2017-02-21 09:58 PM, Seth Arnold wrote:
> Hi Simon, could you capture the output of apparmor_parser -p on your
> sshd profile?
Here it is: https://paste.ubuntu.com/24044131/
> There's no 'unix' rules in the portion pasted to github.
Indeed, I only added this workaround later on:
#
Public bug reported:
I've been running /usr/sbin/sshd in a custom Apparmor profile [*] for a long
time and it works well.
When I loaded the same profile in a lxd container (named ganymede), it didn't
work at all:
apparmor="DENIED" operation="file_perm" namespace="root//lxd-ganymede_
"
On my containers using the "dir" storage backend,
/etc/cron.weekly/fstrim outputs:
fstrim: cannot open /dev/.lxd-mounts: Permission denied
fstrim: /dev/lxd: FITRIM ioctl failed: Operation not permitted
fstrim: /: FITRIM ioctl failed: Operation not permitted
>From one of those containers:
#
Marc, I'm assuming this is related to this
https://scarybeastsecurity.blogspot.ca/2016/11/0day-exploit-advancing-
exploitation.html, right?
Like the author, I question the upstream decision to include FLIC
support in the "good" set. Would it be possible to move that plugin to
the "bad" or the
*** This bug is a duplicate of bug 1504659 ***
https://bugs.launchpad.net/bugs/1504659
** This bug has been marked a duplicate of bug 1504659
Duplicate line for path "/var/log" warning is shown when rsyslog is installed
--
You received this bug notification because you are a member of
On 2016-10-30 09:11 AM, Trent Lloyd wrote:
> Good news for you is that some work is going on upstream in
> libnss-mdns right now to fix this problem properly and always handle
> .local properly even when in authorative DNS - some commits just went
> in recently Adam Goode is doing some great work
Xenial debdiff with the proper version number, thanks stgraber.
** Patch removed: "lp1531622-xenial.debdiff"
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1531622/+attachment/4736972/+files/lp1531622-xenial.debdiff
** Patch added: "lp1531622-xenial.debdiff"
** Description changed:
/etc/rsyslog.conf contains:
- $KLogPermitNonKernelFacility on
+ $KLogPermitNonKernelFacility on
But this no longer supported and trigger this log message:
- Jan 5 08:56:16 simon-laptop rsyslogd-: command
+ Jan 5 08:56:16 simon-laptop rsyslogd-:
I updated the 2 debdiffs to remove useless space in the config file.
** Patch added: "lp1531622-xenial.debdiff"
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1531622/+attachment/4736972/+files/lp1531622-xenial.debdiff
--
You received this bug notification because you are a member
** Patch added: "lp1531622-yakkety.debdiff"
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1531622/+attachment/4736967/+files/lp1531622-yakkety.debdiff
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to rsyslog in
I'm not sure if the version is good for the Xenial debdiff, let me know
if there is anything.
** Patch added: "lp1531622-xenial.debdiff"
https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1531622/+attachment/4736968/+files/lp1531622-xenial.debdiff
--
You received this bug notification
Hi Trent,
On 2016-08-23 05:17 PM, Trent Lloyd wrote:
> The d-bus activation thing is a quirk of systemd, it actually tells you
> when you run stop. You need to use disable (as well as stop) to both
> stop it and prevent re-activation.
Disabling and stopping the socket and the service works for
Public bug reported:
When avahi-daemon is stopped, dbus always revives it.
Steps to reproduce:
1. sudo systemctl stop avahi-daemon.socket
2. sudo systemctl stop avahi-daemon.service
3. ps aux| grep avahi # should return nothing
Currently, dbus revives it right away as shown in syslog:
Aug 23
Thanks Aron and Sebastien, I can confirm that version
1.2.2-0ubuntu0.16.04.1 from xenial-proposed fixes the problem.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
This is similar to LP: #1541678 which has a simpler and more generic
patch.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1519120
Title:
Xenial: VLAN interfaces
This is still a problem on Trusty.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to upstart in Ubuntu.
https://bugs.launchpad.net/bugs/939105
Title:
upstart should consult /usr/sbin/policy-rc.d
Status in upstart package in
@Patrick, thanks for working on this. When you have done the
verification, you can update the tags list that's below the initial
issue description at the top. More details on that:
https://wiki.ubuntu.com/StableReleaseUpdates#Verification
--
You received this bug notification because you are a
Simon's patch [1] was included in version 2.72 (Vivid and later).
Marking as fix released.
1:
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=006c162382aaa30f63413b876ecbe805280c3d36
** Changed in: dnsmasq (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug
The Debian maintainer forwarded the bug upstream and they fixed it right
away. So here's a debdiff that fixes the problem for me. I uploaded it
to my PPA and it successfully built on amd64 [1] but not i386 [2].
On i386 the libmount/lock test failed so it seems unrelated to this new
commit. It's
** Bug watch added: Debian Bug tracker #820843
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820843
** Also affects: util-linux (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820843
Importance: Unknown
Status: Unknown
--
You received this bug notification
** Description changed:
Steps to reproduce:
1) Start script session (same issue when script is saving to /dev/null)
script # or: script /dev/null
2) Tail a file
- tail -f /var/log/syslog
+ tailf /var/log/syslog
3) Press "Enter" 2 times
4) Notice the script process taking 100% CPU
The above commit is from Debian's git. The problem still exists upstream
in https://git.kernel.org/cgit/utils/util-linux/util-
linux.git/commit/?id=44338f7fe6a529cef1f206dccd95e7282625c483
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is
FYI, the current master (d38bcd109e9) still has the problem.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/1553353
Title:
tail'ing a file in a script session hangs
After bisecting util-linux, the problematic commit is:
54c6611d6f7b73609a5331f4d0bcf63c4af6429e is the first bad commit
commit 54c6611d6f7b73609a5331f4d0bcf63c4af6429e
Author: Karel Zak
Date: Wed Jun 17 15:48:50 2015 +0200
script: fix EOF problems
* remove STDIN
** Patch added: "xenial-lp1568954.debdiff"
https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/1568954/+attachment/4633058/+files/xenial-lp1568954.debdiff
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lvm2 in Ubuntu.
Public bug reported:
lvmetad is IMHO unneeded in a container.
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: lvm2 2.02.133-1ubuntu8
ProcVersionSignature: Ubuntu 4.4.0-18.34-generic 4.4.6
Uname: Linux 4.4.0-18-generic x86_64
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
*** This bug is a duplicate of bug 1566465 ***
https://bugs.launchpad.net/bugs/1566465
@mpesari, I've filed
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1566465 with your
"date -s" reproducer, thanks.
** This bug has been marked a duplicate of bug 1566465
[regression]: Failed to
It's also occurring on a freshly installed physical Xenial machine.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1564951
Title:
systemd-timesyncd: Failed to call
strace'ing it showed this:
clock_adjtime(CLOCK_REALTIME, 0x7ffcc1567020) = -1 EINVAL (Invalid argument)
writev(2, [{"Failed to call clock_adjtime(): "..., 48}, {"\n", 1}], 2) = 49
** Attachment added: "Full strace"
Public bug reported:
After upgrading systemd from 229-3ubuntu1 to 229-3ubuntu2, I noticed
this on one of my VM:
systemd-timesyncd: Failed to call clock_adjtime(): Invalid argument
systemd-timesyncd says it was able to sync the clock but also report
failures:
# systemctl status
Under systemd, if the ListenAddress is on an interface that is manually
brought up, the ifup script doesn't help. In that situation, the invoke-
rc.d reload/restart fails because the initial startup of sshd wasn't
successful.
--
You received this bug notification because you are a member of
@Martin, correct, the postinst succeeds, sorry for the confusion.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1550539
Title:
VMWare network interface name change with
@pitti, this new code [*] causes the postinst to fail when no eno*
device exist:
/var/lib/dpkg/info/udev.postinst: 109: [: Illegal number: *
*:
https://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?h=ubuntu=47584521cd23ab3490b40b8d95a1748d86ad7f25
--
You received this bug
Thank you Colin for 7.2p1-1, I really appreciate it!
** Changed in: openssh (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
Trusty and later have the correct wording so marking as fix released.
** Changed in: openssh (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
On 2016-03-05 12:10 AM, Pádraig Brady wrote:
> Reproduced with script 2.27.1 which spins in this case continually
> doing:
>
> poll([{fd=4, events=POLLIN}], 1, 10)= 1 ([{fd=4, revents=POLLIN}])
Yes, that's what strace'ing reveals in my case.
** Changed in: util-linux (Ubuntu)
Public bug reported:
Since I moved from Trusty to Xenial, my sftp backup script stopped
working. After a bit of investigation it seems to be exactly
https://bugzilla.mindrot.org/show_bug.cgi?id=2528. Fortunately it was
fixed in OpenSSH 7.2.
I know 7.2 is pretty recent and not yet in Debian but I
Public bug reported:
Steps to reproduce:
1) Start script session (same issue when script is saving to /dev/null)
script # or: script /dev/null
2) Tail a file
tail -f /var/log/syslog
3) Press "Enter" 2 times
4) Notice the script process taking 100% CPU
This regression is rather new but I don't
I just noticed that the breeze theme is in universe while human is in
main. Sounds like the opposite of what it should be.
$ apt-cache policy libreoffice-style-breeze libreoffice-style-human
libreoffice-style-breeze:
Installed: 1:5.1.1~rc2-0ubuntu1
Candidate: 1:5.1.1~rc2-0ubuntu1
Version
Looks like a circular dependency that has nothing to do with ca-
certificates:
dpkg: cycle found while processing triggers:
chain of packages whose triggers are or may be responsible:
gconf2 -> gconf2
packages' pending triggers which are or may be unresolvable:
ca-certificates:
Looks like a circular dependency that has nothing to do with ca-
certificates:
dpkg: cycle found while processing triggers:
chain of packages whose triggers are or may be responsible:
gconf2 -> gconf2
packages' pending triggers which are or may be unresolvable:
ca-certificates:
Looking at the logs, it seems that ca-certificates is not the culprit:
dpkg: cycle found while processing triggers:
chain of packages whose triggers are or may be responsible:
doc-base -> systemd
packages' pending triggers which are or may be unresolvable:
ca-certificates:
As mentioned in the logs, the problem is not due to ca-certificates but
to lubuntu-software-center.
** Changed in: ca-certificates (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to
*** This bug is a duplicate of bug 1425071 ***
https://bugs.launchpad.net/bugs/1425071
** This bug has been marked a duplicate of bug 1425071
package ca-certificates 20141019ubuntu0.14.04.1 failed to install/upgrade:
subprocess installed post-installation script returned error exit status
@btb-bitrate, I'm unable to reproduce the issue. Here, verbose output
works:
# /usr/sbin/update-ca-certificates --verbose
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
And during a package upgrade, you also see the
ca-certificates was updated to the 20160104 package. See
http://www.ubuntu.com/usn/usn-2913-1/
** Changed in: ca-certificates (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to
With a recent kernel, libvirt can manage the MAC table [*] of the bridge
so maybe this is something that can be done by LXC/LXD as well?
*: see the "bridge" section of
https://libvirt.org/formatnetwork.html#elementsConnect
--
You received this bug notification because you are a member of Ubuntu
Public bug reported:
When one masks a unit, systemd complains that it fails to add the masked
job as dependency. For example, after masking proc-sys-fs-
binfmt_misc.automount, a boot sequence logs this message 24 times:
Feb 8 15:14:18 simon-laptop systemd[1]: proc-sys-fs-
rsyslog 8.16.0-1ubuntu1 now includes a logcheck rule to specifically
ignore this problem. The changelog doesn't explain why the conflict is
being ignored instead of resolved.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to
** Changed in: shadow (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/1348873
Title:
"remove" spelled as "remvoe" in
Works well, thank you!
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1534340
Title:
openssh server
Public bug reported:
Creating a LV outputs a notice about blkid_wiping support not being
available:
# lvcreate -n t -L1G vg0
allocation/use_blkid_wiping=1 configuration setting is set while LVM is not
compiled with blkid wiping support.
Falling back to native LVM signature detection.
Public bug reported:
When prompted to unlock a SSH private key, gcr-prompter logs no less
than 29 messages in auth.log:
Jan 12 10:55:42 simon-laptop gcr-prompter[7123]: Gcr: received BeginPrompting
call from callback /org/gnome/keyring/Prompt/p4@:1.2
Jan 12 10:55:42 simon-laptop
Public bug reported:
In order to unlock my root FS using an external keyboard I need to add
the following:
hid_generic
mac_hid
usbhid
to /etc/initramfs-tools/modules. Otherwise, only the laptop's built-in
keyboard works.
In LP: #229732, this was fixed by loading a few modules in the panic
Public bug reported:
/etc/rsyslog.conf contains:
$KLogPermitNonKernelFacility on
But this no longer supported and trigger this log message:
Jan 5 08:56:16 simon-laptop rsyslogd-: command
'KLogPermitNonKernelFacility' is currently not permitted - did you
already set it via a
Public bug reported:
My dnsmasq instance uses "interface=br-vz0" and the interface br-vz0 is
managed manually in /etc/network/interfaces.
During boot, dnsmasq is started before br-vz0 is created and this causes
dnsmasq to exit:
Jan 5 08:56:16 simon-laptop dnsmasq[1008]: dnsmasq: unknown
Adding the following to the [Unit] section of dnsmasq.service fixes the
problem:
After=network-online.target
Wants=network-online.target
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dnsmasq in Ubuntu.
Public bug reported:
/usr/lib/tmpfiles.d/00rsyslog.conf from rsyslog's package and
/usr/lib/tmpfiles.d/var.conf from systemd's package both try to manage
the directory /var/log.
rsyslog's file takes precedence but the duplicated rules cause this to
be logged:
systemd-tmpfiles[3679]:
Public bug reported:
After enabling rsyslog's apparmor profile, it fails to start because of
an Apparmor denial:
audit: type=1400 audit(1451684240.442:25): apparmor="DENIED"
operation="sendmsg" profile="/usr/sbin/rsyslogd"
name="/run/systemd/notify" pid=2746 comm="rsyslogd" requested_mask="w"
This also affects me on 14.04.4.
I've noticed that booting with "debug" instead of "quiet splash"
resolves the issue. Maybe it's just a timing issue?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
Marking as verified on Trusty since I was able to do more testing.
** Tags added: verification-done-trusty
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lsb in Ubuntu.
https://bugs.launchpad.net/bugs/1273462
Title:
I've been using the -proposed package on 15 Trusty machines since it was
published. Again, I never was able to reproduce the original problem but
I saw no regression either.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ntp
Public bug reported:
When rsyslog is managed by the init script, it symlinks its PID to
/run/sendsigs.omit.d so that we can capture logs very late during the
shutdown sequence:
sendsigs_omit() {
OMITDIR=/run/sendsigs.omit.d
mkdir -p $OMITDIR
ln -sf $PIDFILE $OMITDIR/rsyslog
}
When rsyslog
In the upstart case, simply removing the "stop on runlevel [06]" clause
is enough to capture the log output of the shutdown sequence.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to rsyslog in Ubuntu.
A simplification of this workaround is:
echo "stop on never-dies" >> /etc/init/rsyslog.override
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to rsyslog in Ubuntu.
https://bugs.launchpad.net/bugs/1515379
Title:
rsyslog
** Summary changed:
- rsyslog not omitted by sendsigs when managed by upstart/systemd
+ rsyslog stopped too early during shutdown/reboot
** Description changed:
+ The upstart job managing rsyslog includes a "stop on runlevel [06]"
+ clause that makes it terminate very early during the
I ran into this problem on Lubuntu 14.04. On that machine, the user
created during the installation had no problem but every other regular
users were affected.
The workaround was to join the regular users to the sudo group to please
polkit. Since I really wanted those users to be "power less" I
Eric, I've been running the proposed version on many systems and haven't
found any regression. Do you think this would be ready to move on to
-updates now?
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ntp in Ubuntu.
I couldn't find any regression in my testing but since it wasn't that
extensive, I'm not marking it a verified just yet.
I really like the behavior improvement. Now, a regular user has a convenient
way to check service statuses:
/etc/init.d/acpid status
Instead of the obtuse old way:
env
Public bug reported:
Some older versions of OpenSSH had a patch allowing the daemon to change
Apparmor hats to apply different containment profiles to different code
paths (AUTHENTICATED, EXEC, PRIVSEP, etc).
This feature would need to be ported to recent OpenSSH versions and sent
upstream for
I tried to reproduce the problem by lowering {r,w}mem_max on Precise and
Trusty's *unpatched* version to no avail. On the up side, I couldn't
find any regression with the update version.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is
Err, I meant I couldn't reproduce the issue with and without the patch.
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ntp in Ubuntu.
https://bugs.launchpad.net/bugs/1481388
Title:
NTP : Use-after-free in routing socket
Eric, I don't know if that's a good test case but on my patched Trusty
box:
root@xeon:~# uname -a
Linux xeon 3.13.0-63-generic #103-Ubuntu SMP Fri Aug 14 21:42:59 UTC 2015
x86_64 x86_64 x86_64 GNU/Linux
root@xeon:~# sysctl net.core.wmem_max=4650
net.core.wmem_max = 4700
root@xeon:~#
This verified fine on Precise and Trusty using the FS image from comment
#6. Thank you
** Tags removed: verification-needed
** Tags added: verification-done
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to e2fsprogs in
201 - 300 of 339 matches
Mail list logo