[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer

Verified on Xenial with: $ apt-cache policy libgnutls-openssl27:amd64 libgnutls-openssl27: Installed: 3.4.10-4ubuntu1.4 Candidate: 3.4.10-4ubuntu1.4 Version table: *** 3.4.10-4ubuntu1.4 500 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages 100

[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer

** Description changed: + [Impact] + + Applications using GnuTLS OpenSSL compat layer [1] are be unable to use + modern TLS versions (1.1 and 1.2) when relying on the + SSLv23_{client,server}_method functions. + + There is an industry-wide push to use modern TLS versions, see [2] and + [3] for

[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer

** Patch added: "lp1709193-14.04.debdiff" https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1709193/+attachment/4930182/+files/lp1709193-14.04.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in

[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer

** Patch added: "lp1709193-17.04.debdiff" https://bugs.launchpad.net/ubuntu/+source/gnutls28/+bug/1709193/+attachment/4930181/+files/lp1709193-17.04.debdiff ** Also affects: gnutls26 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a

[Touch-packages] [Bug 1686803] Re: sudo returns exit code 0 if child is killed with SIGTERM

It works well on Xenial with sudo 1.8.16-0ubuntu1.5, thanks. ** Tags removed: verification-needed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu.

[Touch-packages] [Bug 1698144] Re: "journalctl -k" doesn't respect kernel.dmesg_restrict

@xnox, many thanks for the detailed explanation. The membership requirements are mentioned in journalctl(1) so I should have checked that before opening a bug, sorry. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in

[Touch-packages] [Bug 1698144] [NEW] "journalctl -k" doesn't respect kernel.dmesg_restrict

Public bug reported: Steps to reproduce: 1) restrict dmesg to root only sudo kernel.dmesg_restrict=1 2) check that root can still get dmesg sudo dmesg 3) check a regular user cannot access dmesg and gets a denial dmesg 4) check with journalctl journalctl -k Here, journalctl should report a

[Touch-packages] [Bug 1668813] Re: The tc man page references tc-index man page but tc-index man page does not exist

Fix verified on Yakkety with 4.3.0-1ubuntu3.16.10.1 as well. ** Tags removed: verification-done-xenial verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iproute2 in Ubuntu.

Re: [Touch-packages] [Bug 1689585] Re: ntp doesn't unload its apparmor profile on purge

On 2017-05-12 03:34 PM, Seth Arnold wrote: > On Fri, May 12, 2017 at 06:56:35PM -0000, Simon Déziel wrote: >> If purging a package doesn't kill the running process, that's a >> packaging bug, not something Apparmor should try to paper over, IMHO. > > Yikes, package pre

Re: [Touch-packages] [Bug 1689585] Re: ntp doesn't unload its apparmor profile on purge

On 2017-05-12 02:15 PM, Christian Boltz wrote: > You are technically correct that the still-loaded profile doesn't > match a clean uninstall. However, I have a different opinion on this > and thing keeping the profile loaded is the better choice. > > Unloading a profile means removing the

Re: [Touch-packages] [Bug 1689585] Re: ntp doesn't unload its apparmor profile on purge

On 2017-05-12 01:48 AM, ChristianEhrhardt wrote: > shouldn't dh_apparmor unload it just as it loads it? Exactly, I would have assumed that it was dh_apparmor's job. Curious to hear from the Apparmor folks. Thanks for looking into this. Simon -- You received this bug notification because you

[Touch-packages] [Bug 1689585] [NEW] ntp doesn't unload its apparmor profile on purge

Public bug reported: Steps to reproduce: 1) install ntp apt install ntp 2) confirm it has loaded its AA profile aa-status | grep ntpd 3) purge ntp apt purge ntp 4) the profile is left behind but shouldn't aa-status | grep ntpd Additional info: This was found by first install ntp

Re: [Touch-packages] [Bug 1427807] Re: usermod's man refers to --*-sub-uids but accepts only --*-subuids

On 2017-05-08 03:07 PM, Nish Aravamudan wrote: > @sdeziel, afaict, that is an upstream fix committed,but not the ubuntu > package in artful. Right, my bad, sorry. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in

[Touch-packages] [Bug 1668813] Re: The tc man page references tc-index man page but tc-index man page does not exist

Fix verified on Xenial with 4.3.0-1ubuntu3.16.04.1 ** Tags removed: verification-needed ** Tags added: verification-done-xenial ** Tags removed: verification-done-xenial ** Tags added: verification-done ** Tags removed: verification-done ** Tags added: verification-done-xenial

[Touch-packages] [Bug 1427807] Re: usermod's man refers to --*-sub-uids but accepts only --*-subuids

** Changed in: shadow (Ubuntu) Status: Triaged => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/1427807 Title: usermod's man refers to --*-sub-uids

[Touch-packages] [Bug 1573307] Re: wget crashed with SIGSEGV in __memset_avx2()

** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to wget in Ubuntu. https://bugs.launchpad.net/bugs/1573307 Title: wget crashed with SIGSEGV in

[Touch-packages] [Bug 1660832] Re: unix domain socket cross permission check failing with nested namespaces

** Tags removed: verification-needed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1660832 Title: unix domain socket

Re: [Touch-packages] [Bug 1667751] Re: Confined binaries running in namespaces unable to read their executable

Thanks Seth. A general solution covering most cases would be great as tweaking existing profiles would involve many SRUs and inevitably, new profiles not working inside containers would show up. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which

Re: [Touch-packages] [Bug 1667751] Re: Confined binaries running in namespaces unable to read their executable

On 2017-02-24 04:04 PM, Seth Arnold wrote: > I'm surprised that the denials you're seeing now > weren't generated earlier, due to this change. Well, I just got the word that Apparmor was now working in containers after waiting for years so I happily jumped in. I guess the question is: is there a

[Touch-packages] [Bug 1667751] Re: Confined binaries running in namespaces unable to read their executable

** Description changed: + It seems that binaries confined by Apparmor attempt to read their own + executable when running in a namespace/container. This breaks many + profiles that are working perfectly well outside of namespaces. + + + + Original description: + I'm not sure if it's a bug

[Touch-packages] [Bug 1667751] Re: Confined binaries running in namespaces unable to read their executable

It doesn't seem to only affect rsyslog as I have for example a shell script contained by an Apparmor profile and inside the container it doesn't work as it wants to read /bin/dash: audit: type=1400 audit(1487935787.212:153): apparmor="DENIED" operation="file_mprotect" namespace="root//lxd-smb_"

[Touch-packages] [Bug 1667751] [NEW] rsyslog profile doesn't work in namespace

Public bug reported: I'm not sure if it's a bug that belongs to Apparmor, rsyslog or even the kernel so please re-assign if needed. Enabling rsyslog's Apparmor profile in a namespace generates this denial: [ 3026.956651] audit: type=1400 audit(1487955263.521:39): apparmor="DENIED"

[Touch-packages] [Bug 1660832] Re: unix domain socket cross permission check failing with nested namespaces

I can confirm this problem was fixed for Xenial on 4.4.0-65.86, thank you. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1660832 Title: unix domain socket cross

[Touch-packages] [Bug 1666748] Re: Apparmor problem inside a lxd container

*** This bug is a duplicate of bug 1660832 *** https://bugs.launchpad.net/bugs/1660832 The problem with the Unix socket is indeed fixed by 4.4.0-65.86. Thanks John. I have other issues with AA in namespaces which I will report in other LPs. ** This bug has been marked a duplicate of bug

Re: [Touch-packages] [Bug 1666748] Re: Apparmor problem inside a lxd container

On 2017-02-22 02:19 PM, John Johansen wrote: > You can try the set of kernel in > > http://people.canonical.com/~jj/linux+jj/ I haven't had a chance to try those kernels but 4.4.0-65.86 has just hit -proposed so I'll give it a try and report back, thanks. -- You received this bug notification

[Touch-packages] [Bug 1666748] Re: Apparmor problem inside a lxd container

I'm also seeing those with my smb servers: apparmor="DENIED" operation="file_perm" namespace="root//lxd-smb_" profile="/usr/sbin/smbd" pid=15865 comm="smbd" family="unix" sock_type="stream" protocol=0 requested_mask="send receive" denied_mask="send receive" addr=none peer_addr=none peer="---"

Re: [Touch-packages] [Bug 1666748] Re: Apparmor problem inside a lxd container

On 2017-02-21 09:58 PM, Seth Arnold wrote: > Hi Simon, could you capture the output of apparmor_parser -p on your > sshd profile? Here it is: https://paste.ubuntu.com/24044131/ > There's no 'unix' rules in the portion pasted to github. Indeed, I only added this workaround later on: #

[Touch-packages] [Bug 1666748] [NEW] Apparmor problem inside a lxd container

Public bug reported: I've been running /usr/sbin/sshd in a custom Apparmor profile [*] for a long time and it works well. When I loaded the same profile in a lxd container (named ganymede), it didn't work at all: apparmor="DENIED" operation="file_perm" namespace="root//lxd-ganymede_ "

[Touch-packages] [Bug 1589289] Re: fstrim: cannot open /dev/.lxd-mounts: Permission denied

On my containers using the "dir" storage backend, /etc/cron.weekly/fstrim outputs: fstrim: cannot open /dev/.lxd-mounts: Permission denied fstrim: /dev/lxd: FITRIM ioctl failed: Operation not permitted fstrim: /: FITRIM ioctl failed: Operation not permitted >From one of those containers: #

[Touch-packages] [Bug 1643901] Re: flxdec security update tracking bug

Marc, I'm assuming this is related to this https://scarybeastsecurity.blogspot.ca/2016/11/0day-exploit-advancing- exploitation.html, right? Like the author, I question the upstream decision to include FLIC support in the "good" set. Would it be possible to move that plugin to the "bad" or the

[Touch-packages] [Bug 1530610] Re: tmpfiles.d conflicting rules to manage /var/log

*** This bug is a duplicate of bug 1504659 *** https://bugs.launchpad.net/bugs/1504659 ** This bug has been marked a duplicate of bug 1504659 Duplicate line for path "/var/log" warning is shown when rsyslog is installed -- You received this bug notification because you are a member of

Re: [Touch-packages] [Bug 1616196] Re: unable to stop avahi-daemon (dbus always restarts it)

On 2016-10-30 09:11 AM, Trent Lloyd wrote: > Good news for you is that some work is going on upstream in > libnss-mdns right now to fix this problem properly and always handle > .local properly even when in authorative DNS - some commits just went > in recently Adam Goode is doing some great work

[Touch-packages] [Bug 1531622] Re: default config still using a legacy keyword: KLogPermitNonKernelFacility

Xenial debdiff with the proper version number, thanks stgraber. ** Patch removed: "lp1531622-xenial.debdiff" https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1531622/+attachment/4736972/+files/lp1531622-xenial.debdiff ** Patch added: "lp1531622-xenial.debdiff"

[Touch-packages] [Bug 1531622] Re: default config still using a legacy keyword: KLogPermitNonKernelFacility

** Description changed: /etc/rsyslog.conf contains: - $KLogPermitNonKernelFacility on +   $KLogPermitNonKernelFacility on But this no longer supported and trigger this log message: - Jan 5 08:56:16 simon-laptop rsyslogd-: command +  Jan 5 08:56:16 simon-laptop rsyslogd-:

[Touch-packages] [Bug 1531622] Re: default config still using a legacy keyword: KLogPermitNonKernelFacility

I updated the 2 debdiffs to remove useless space in the config file. ** Patch added: "lp1531622-xenial.debdiff" https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1531622/+attachment/4736972/+files/lp1531622-xenial.debdiff -- You received this bug notification because you are a member

[Touch-packages] [Bug 1531622] Re: default config still using a legacy keyword: KLogPermitNonKernelFacility

** Patch added: "lp1531622-yakkety.debdiff" https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1531622/+attachment/4736967/+files/lp1531622-yakkety.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in

[Touch-packages] [Bug 1531622] Re: default config still using a legacy keyword: KLogPermitNonKernelFacility

I'm not sure if the version is good for the Xenial debdiff, let me know if there is anything. ** Patch added: "lp1531622-xenial.debdiff" https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/1531622/+attachment/4736968/+files/lp1531622-xenial.debdiff -- You received this bug notification

Re: [Touch-packages] [Bug 1616196] Re: unable to stop avahi-daemon (dbus always restarts it)

Hi Trent, On 2016-08-23 05:17 PM, Trent Lloyd wrote: > The d-bus activation thing is a quirk of systemd, it actually tells you > when you run stop. You need to use disable (as well as stop) to both > stop it and prevent re-activation. Disabling and stopping the socket and the service works for

[Touch-packages] [Bug 1616196] [NEW] unable to stop avahi-daemon (dbus always restarts it)

Public bug reported: When avahi-daemon is stopped, dbus always revives it. Steps to reproduce: 1. sudo systemctl stop avahi-daemon.socket 2. sudo systemctl stop avahi-daemon.service 3. ps aux| grep avahi # should return nothing Currently, dbus revives it right away as shown in syslog: Aug 23

[Touch-packages] [Bug 1568829] Re: nm-applet icon not showing when /proc is mounted with hidepid!=0

Thanks Aron and Sebastien, I can confirm that version 1.2.2-0ubuntu0.16.04.1 from xenial-proposed fixes the problem. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu.

[Touch-packages] [Bug 1519120] Re: Xenial: VLAN interfaces don't work until after a reboot

This is similar to LP: #1541678 which has a simpler and more generic patch. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1519120 Title: Xenial: VLAN interfaces

[Touch-packages] [Bug 939105] Re: upstart should consult /usr/sbin/policy-rc.d

This is still a problem on Trusty. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to upstart in Ubuntu. https://bugs.launchpad.net/bugs/939105 Title: upstart should consult /usr/sbin/policy-rc.d Status in upstart package in

[Touch-packages] [Bug 1575877] Re: no_proxy ignored if https_proxy set

@Patrick, thanks for working on this. When you have done the verification, you can update the tags list that's below the initial issue description at the top. More details on that: https://wiki.ubuntu.com/StableReleaseUpdates#Verification -- You received this bug notification because you are a

[Touch-packages] [Bug 1327477] Re: dnsmasq not using all DHCPv6 provided nameservers

Simon's patch [1] was included in version 2.72 (Vivid and later). Marking as fix released. 1: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=006c162382aaa30f63413b876ecbe805280c3d36 ** Changed in: dnsmasq (Ubuntu) Status: Confirmed => Fix Released -- You received this bug

[Touch-packages] [Bug 1553353] Re: tail'ing a file in a script session hangs

The Debian maintainer forwarded the bug upstream and they fixed it right away. So here's a debdiff that fixes the problem for me. I uploaded it to my PPA and it successfully built on amd64 [1] but not i386 [2]. On i386 the libmount/lock test failed so it seems unrelated to this new commit. It's

[Touch-packages] [Bug 1553353] Re: tail'ing a file in a script session hangs

** Bug watch added: Debian Bug tracker #820843 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820843 ** Also affects: util-linux (Debian) via http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=820843 Importance: Unknown Status: Unknown -- You received this bug notification

[Touch-packages] [Bug 1553353] Re: tail'ing a file in a script session hangs

** Description changed: Steps to reproduce: 1) Start script session (same issue when script is saving to /dev/null) script # or: script /dev/null 2) Tail a file - tail -f /var/log/syslog + tailf /var/log/syslog 3) Press "Enter" 2 times 4) Notice the script process taking 100% CPU

[Touch-packages] [Bug 1553353] Re: tail'ing a file in a script session hangs

The above commit is from Debian's git. The problem still exists upstream in https://git.kernel.org/cgit/utils/util-linux/util- linux.git/commit/?id=44338f7fe6a529cef1f206dccd95e7282625c483 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is

[Touch-packages] [Bug 1553353] Re: tail'ing a file in a script session hangs

FYI, the current master (d38bcd109e9) still has the problem. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1553353 Title: tail'ing a file in a script session hangs

[Touch-packages] [Bug 1553353] Re: tail'ing a file in a script session hangs

After bisecting util-linux, the problematic commit is: 54c6611d6f7b73609a5331f4d0bcf63c4af6429e is the first bad commit commit 54c6611d6f7b73609a5331f4d0bcf63c4af6429e Author: Karel Zak Date: Wed Jun 17 15:48:50 2015 +0200 script: fix EOF problems * remove STDIN

[Touch-packages] [Bug 1568954] Re: lvmetad should not run in container

** Patch added: "xenial-lp1568954.debdiff" https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/1568954/+attachment/4633058/+files/xenial-lp1568954.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lvm2 in Ubuntu.

[Touch-packages] [Bug 1568954] [NEW] lvmetad should not run in container

Public bug reported: lvmetad is IMHO unneeded in a container. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: lvm2 2.02.133-1ubuntu8 ProcVersionSignature: Ubuntu 4.4.0-18.34-generic 4.4.6 Uname: Linux 4.4.0-18-generic x86_64 NonfreeKernelModules: zfs zunicode zcommon znvpair zavl

[Touch-packages] [Bug 1564951] Re: systemd-timesyncd: Failed to call clock_adjtime(): Invalid argument

*** This bug is a duplicate of bug 1566465 *** https://bugs.launchpad.net/bugs/1566465 @mpesari, I've filed https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1566465 with your "date -s" reproducer, thanks. ** This bug has been marked a duplicate of bug 1566465 [regression]: Failed to

[Touch-packages] [Bug 1564951] Re: systemd-timesyncd: Failed to call clock_adjtime(): Invalid argument

It's also occurring on a freshly installed physical Xenial machine. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1564951 Title: systemd-timesyncd: Failed to call

[Touch-packages] [Bug 1564951] Re: systemd-timesyncd: Failed to call clock_adjtime(): Invalid argument

strace'ing it showed this: clock_adjtime(CLOCK_REALTIME, 0x7ffcc1567020) = -1 EINVAL (Invalid argument) writev(2, [{"Failed to call clock_adjtime(): "..., 48}, {"\n", 1}], 2) = 49 ** Attachment added: "Full strace"

[Touch-packages] [Bug 1564951] [NEW] systemd-timesyncd: Failed to call clock_adjtime(): Invalid argument

Public bug reported: After upgrading systemd from 229-3ubuntu1 to 229-3ubuntu2, I noticed this on one of my VM: systemd-timesyncd: Failed to call clock_adjtime(): Invalid argument systemd-timesyncd says it was able to sync the clock but also report failures: # systemctl status

[Touch-packages] [Bug 216847] Re: sshd will not start at boot if ListenAddress is set, because network interface is not yet up

Under systemd, if the ListenAddress is on an interface that is manually brought up, the ifup script doesn't help. In that situation, the invoke- rc.d reload/restart fails because the initial startup of sshd wasn't successful. -- You received this bug notification because you are a member of

[Touch-packages] [Bug 1550539] Re: VMWare network interface name change with wily → xenial upgrade

@Martin, correct, the postinst succeeds, sorry for the confusion. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1550539 Title: VMWare network interface name change with

[Touch-packages] [Bug 1550539] Re: VMWare network interface name change with wily → xenial upgrade

@pitti, this new code [*] causes the postinst to fail when no eno* device exist: /var/lib/dpkg/info/udev.postinst: 109: [: Illegal number: * *: https://anonscm.debian.org/cgit/pkg-systemd/systemd.git/commit/?h=ubuntu=47584521cd23ab3490b40b8d95a1748d86ad7f25 -- You received this bug

[Touch-packages] [Bug 1553378] Re: recursive sftp transfers abort when destination dir exists

Thank you Colin for 7.2p1-1, I really appreciate it! ** Changed in: openssh (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu.

[Touch-packages] [Bug 920636] Re: Clearing up language in man page of ssh-keygen

Trusty and later have the correct wording so marking as fix released. ** Changed in: openssh (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu.

[Touch-packages] [Bug 1553353] Re: tail'ing a file in a script session hangs

On 2016-03-05 12:10 AM, Pádraig Brady wrote: > Reproduced with script 2.27.1 which spins in this case continually > doing: > > poll([{fd=4, events=POLLIN}], 1, 10)= 1 ([{fd=4, revents=POLLIN}]) Yes, that's what strace'ing reveals in my case. ** Changed in: util-linux (Ubuntu)

[Touch-packages] [Bug 1553378] [NEW] recursive sftp transfers abort when destination dir exists

Public bug reported: Since I moved from Trusty to Xenial, my sftp backup script stopped working. After a bit of investigation it seems to be exactly https://bugzilla.mindrot.org/show_bug.cgi?id=2528. Fortunately it was fixed in OpenSSH 7.2. I know 7.2 is pretty recent and not yet in Debian but I

[Touch-packages] [Bug 1553353] [NEW] tail'ing a file in a script session hangs

Public bug reported: Steps to reproduce: 1) Start script session (same issue when script is saving to /dev/null) script # or: script /dev/null 2) Tail a file tail -f /var/log/syslog 3) Press "Enter" 2 times 4) Notice the script process taking 100% CPU This regression is rather new but I don't

[Touch-packages] [Bug 1506544] Re: Change default Theme for LibreOffice to Breeze for Ubuntu 16.04

I just noticed that the breeze theme is in universe while human is in main. Sounds like the opposite of what it should be. $ apt-cache policy libreoffice-style-breeze libreoffice-style-human libreoffice-style-breeze: Installed: 1:5.1.1~rc2-0ubuntu1 Candidate: 1:5.1.1~rc2-0ubuntu1 Version

[Touch-packages] [Bug 1541716] Re: package ca-certificates 20150426ubuntu1 failed to install/upgrade: triggers looping, abandoned

Looks like a circular dependency that has nothing to do with ca- certificates: dpkg: cycle found while processing triggers: chain of packages whose triggers are or may be responsible: gconf2 -> gconf2 packages' pending triggers which are or may be unresolvable: ca-certificates:

[Touch-packages] [Bug 1541716] Re: package ca-certificates 20150426ubuntu1 failed to install/upgrade: triggers looping, abandoned

Looks like a circular dependency that has nothing to do with ca- certificates: dpkg: cycle found while processing triggers: chain of packages whose triggers are or may be responsible: gconf2 -> gconf2 packages' pending triggers which are or may be unresolvable: ca-certificates:

[Touch-packages] [Bug 1509266] Re: package ca-certificates 20150426ubuntu1 failed to install/upgrade: triggers looping, abandoned

Looking at the logs, it seems that ca-certificates is not the culprit: dpkg: cycle found while processing triggers: chain of packages whose triggers are or may be responsible: doc-base -> systemd packages' pending triggers which are or may be unresolvable: ca-certificates:

[Touch-packages] [Bug 1494555] Re: package ca-certificates 20150426ubuntu1 failed to install/upgrade: bloqué en boucle sur le traitement des actions différées (« triggers »), abandon

As mentioned in the logs, the problem is not due to ca-certificates but to lubuntu-software-center. ** Changed in: ca-certificates (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1449974] Re: package ca-certificates 20141019ubuntu0.15.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128

*** This bug is a duplicate of bug 1425071 *** https://bugs.launchpad.net/bugs/1425071 ** This bug has been marked a duplicate of bug 1425071 package ca-certificates 20141019ubuntu0.14.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status

[Touch-packages] [Bug 1510143] Re: --verbose no longer works

@btb-bitrate, I'm unable to reproduce the issue. Here, verbose output works: # /usr/sbin/update-ca-certificates --verbose Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done. Running hooks in /etc/ca-certificates/update.d... done. And during a package upgrade, you also see the

[Touch-packages] [Bug 1481401] Re: ca-certificates is missing new SHA384 USERTrust root certificate

ca-certificates was updated to the 20160104 package. See http://www.ubuntu.com/usn/usn-2913-1/ ** Changed in: ca-certificates (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1548497] Re: Cross-Container ARP Poisoning

With a recent kernel, libvirt can manage the MAC table [*] of the bridge so maybe this is something that can be done by LXC/LXD as well? *: see the "bridge" section of https://libvirt.org/formatnetwork.html#elementsConnect -- You received this bug notification because you are a member of Ubuntu

[Touch-packages] [Bug 1543282] [NEW] masked jobs trigger warning about failed dependency

Public bug reported: When one masks a unit, systemd complains that it fails to add the masked job as dependency. For example, after masking proc-sys-fs- binfmt_misc.automount, a boot sequence logs this message 24 times: Feb 8 15:14:18 simon-laptop systemd[1]: proc-sys-fs-

[Touch-packages] [Bug 1530610] Re: tmpfiles.d conflicting rules to manage /var/log

rsyslog 8.16.0-1ubuntu1 now includes a logcheck rule to specifically ignore this problem. The changelog doesn't explain why the conflict is being ignored instead of resolved. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1348873] Re: "remove" spelled as "remvoe" in "usermod -h"

** Changed in: shadow (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/1348873 Title: "remove" spelled as "remvoe" in

[Touch-packages] [Bug 1534340] Re: openssh server 6.6 does not report max auth failures

Works well, thank you! ** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1534340 Title: openssh server

[Touch-packages] [Bug 1533868] [NEW] blkid wiping enabled in config but not supported by LVM

Public bug reported: Creating a LV outputs a notice about blkid_wiping support not being available: # lvcreate -n t -L1G vg0 allocation/use_blkid_wiping=1 configuration setting is set while LVM is not compiled with blkid wiping support. Falling back to native LVM signature detection.

[Touch-packages] [Bug 1533267] [NEW] gcr-prompter is logging too much

Public bug reported: When prompted to unlock a SSH private key, gcr-prompter logs no less than 29 messages in auth.log: Jan 12 10:55:42 simon-laptop gcr-prompter[7123]: Gcr: received BeginPrompting call from callback /org/gnome/keyring/Prompt/p4@:1.2 Jan 12 10:55:42 simon-laptop

[Touch-packages] [Bug 1531964] [NEW] Unable to unlock cryptsetup with external keyboard when using MODULES=dep

Public bug reported: In order to unlock my root FS using an external keyboard I need to add the following: hid_generic mac_hid usbhid to /etc/initramfs-tools/modules. Otherwise, only the laptop's built-in keyboard works. In LP: #229732, this was fixed by loading a few modules in the panic

[Touch-packages] [Bug 1531622] [NEW] default config still using a legacy keyword: KLogPermitNonKernelFacility

Public bug reported: /etc/rsyslog.conf contains: $KLogPermitNonKernelFacility on But this no longer supported and trigger this log message: Jan 5 08:56:16 simon-laptop rsyslogd-: command 'KLogPermitNonKernelFacility' is currently not permitted - did you already set it via a

[Touch-packages] [Bug 1531184] [NEW] dnsmasq doesn't start on boot because its interface isn't up yet

Public bug reported: My dnsmasq instance uses "interface=br-vz0" and the interface br-vz0 is managed manually in /etc/network/interfaces. During boot, dnsmasq is started before br-vz0 is created and this causes dnsmasq to exit: Jan 5 08:56:16 simon-laptop dnsmasq[1008]: dnsmasq: unknown

[Touch-packages] [Bug 1531184] Re: dnsmasq doesn't start on boot because its interface isn't up yet

Adding the following to the [Unit] section of dnsmasq.service fixes the problem: After=network-online.target Wants=network-online.target -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu.

[Touch-packages] [Bug 1530610] [NEW] tmpfiles.d conflicting rules to manage /var/log

Public bug reported: /usr/lib/tmpfiles.d/00rsyslog.conf from rsyslog's package and /usr/lib/tmpfiles.d/var.conf from systemd's package both try to manage the directory /var/log. rsyslog's file takes precedence but the duplicated rules cause this to be logged: systemd-tmpfiles[3679]:

[Touch-packages] [Bug 1530483] [NEW] rsyslog's apparmor profile is missing a rule for systemd integration

Public bug reported: After enabling rsyslog's apparmor profile, it fails to start because of an Apparmor denial: audit: type=1400 audit(1451684240.442:25): apparmor="DENIED" operation="sendmsg" profile="/usr/sbin/rsyslogd" name="/run/systemd/notify" pid=2746 comm="rsyslogd" requested_mask="w"

[Touch-packages] [Bug 1473812] Re: dirname not available in initramfs

This also affects me on 14.04.4. I've noticed that booting with "debug" instead of "quiet splash" resolves the issue. Maybe it's just a timing issue? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.

[Touch-packages] [Bug 1273462] Re: Users can mistakenly run init.d scripts and cause problems if an equivalent upstart job already exists

Marking as verified on Trusty since I was able to do more testing. ** Tags added: verification-done-trusty -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lsb in Ubuntu. https://bugs.launchpad.net/bugs/1273462 Title:

[Touch-packages] [Bug 1481388] Re: NTP : Use-after-free in routing socket code after dropping root

I've been using the -proposed package on 15 Trusty machines since it was published. Again, I never was able to reproduce the original problem but I saw no regression either. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ntp

[Touch-packages] [Bug 1515379] [NEW] rsyslog not omitted by sendsigs when managed by upstart/systemd

Public bug reported: When rsyslog is managed by the init script, it symlinks its PID to /run/sendsigs.omit.d so that we can capture logs very late during the shutdown sequence: sendsigs_omit() { OMITDIR=/run/sendsigs.omit.d mkdir -p $OMITDIR ln -sf $PIDFILE $OMITDIR/rsyslog } When rsyslog

[Touch-packages] [Bug 1515379] Re: rsyslog not omitted by sendsigs when managed by upstart/systemd

In the upstart case, simply removing the "stop on runlevel [06]" clause is enough to capture the log output of the shutdown sequence. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu.

[Touch-packages] [Bug 1515379] Re: rsyslog not omitted by sendsigs when managed by upstart/systemd

A simplification of this workaround is: echo "stop on never-dies" >> /etc/init/rsyslog.override -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/1515379 Title: rsyslog

[Touch-packages] [Bug 1515379] Re: rsyslog stopped too early during shutdown/reboot

** Summary changed: - rsyslog not omitted by sendsigs when managed by upstart/systemd + rsyslog stopped too early during shutdown/reboot ** Description changed: + The upstart job managing rsyslog includes a "stop on runlevel [06]" + clause that makes it terminate very early during the

[Touch-packages] [Bug 1240336] Re: After release upgrade, the user looses permissions for several basic actions in the system

I ran into this problem on Lubuntu 14.04. On that machine, the user created during the installation had no problem but every other regular users were affected. The workaround was to join the regular users to the sudo group to please polkit. Since I really wanted those users to be "power less" I

[Touch-packages] [Bug 1481388] Re: NTP : Use-after-free in routing socket code after dropping root

Eric, I've been running the proposed version on many systems and haven't found any regression. Do you think this would be ready to move on to -updates now? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ntp in Ubuntu.

[Touch-packages] [Bug 1273462] Re: Users can mistakenly run init.d scripts and cause problems if an equivalent upstart job already exists

I couldn't find any regression in my testing but since it wasn't that extensive, I'm not marking it a verified just yet. I really like the behavior improvement. Now, a regular user has a convenient way to check service statuses: /etc/init.d/acpid status Instead of the obtuse old way: env

[Touch-packages] [Bug 1501966] [NEW] support changing Apparmor hats

Public bug reported: Some older versions of OpenSSH had a patch allowing the daemon to change Apparmor hats to apply different containment profiles to different code paths (AUTHENTICATED, EXEC, PRIVSEP, etc). This feature would need to be ported to recent OpenSSH versions and sent upstream for

[Touch-packages] [Bug 1481388] Re: NTP : Use-after-free in routing socket code after dropping root

I tried to reproduce the problem by lowering {r,w}mem_max on Precise and Trusty's *unpatched* version to no avail. On the up side, I couldn't find any regression with the update version. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is

[Touch-packages] [Bug 1481388] Re: NTP : Use-after-free in routing socket code after dropping root

Err, I meant I couldn't reproduce the issue with and without the patch. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1481388 Title: NTP : Use-after-free in routing socket

[Touch-packages] [Bug 1481388] Re: NTP : Use-after-free in routing socket code after dropping root

Eric, I don't know if that's a good test case but on my patched Trusty box: root@xeon:~# uname -a Linux xeon 3.13.0-63-generic #103-Ubuntu SMP Fri Aug 14 21:42:59 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux root@xeon:~# sysctl net.core.wmem_max=4650 net.core.wmem_max = 4700 root@xeon:~#

[Touch-packages] [Bug 1321418] Re: fsck.ext4 fails to fix multiply-claimed blocks: can't find dup_blk

This verified fine on Precise and Trusty using the FS image from comment #6. Thank you ** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to e2fsprogs in

<    1   2   3   4   >