[Touch-packages] [Bug 1709536] Re: snapd 2.26.14 on ubuntu-core won't start in containers anymore
** Description changed: - It looks like snapd in ubuntu-core (2.26.14 here) has been modified to - use a negative Nice value in systemd. Systemd seems to treat a failure - to apply the requested Nice value as critical to unit startup. + [Impact] - Unprivileged LXD containers do not allow the use of negative nice values - as those are restricted to the real root user. I believe the optimal fix - would be for systemd to ignore permission errors when attempting to - setup such custom nice values in containers but if that can't be - resolved quickly, then it means that snapd will now fail to start inside - containers. + Systemd treats a failure to apply the requested Nice value as critical + to unit startup. + Unprivileged LXD containers do not allow the use of negative nice + values. snapd will fail to start inside containers now that snapd uses a + negative Nice value. Aug 09 05:54:37 core systemd[1]: snapd.service: Main process exited, code=exited, status=201/NICE Aug 09 05:54:37 core systemd[1]: snapd.service: Unit entered failed state. Aug 09 05:54:37 core systemd[1]: snapd.service: Failed with result 'exit-code'. + The fix is for systemd to ignore permission errors when attempting to + setup such custom nice values in containers. - I have confirmed that setting up a unit override by hand which sets Nice=0 does resolve the problem, confirming that the negative Nice value is the problem (snapd.service has Nice=-5 here). + I have confirmed that setting up a unit override by hand which sets Nice + = 0 does resolve the problem. + + [Test Case] + + Boot a Xenial image in lxd: + + $ lxc launch xenial x1 + $ lxc exec x1 -- systemctl --state=failed + + Observe failures for snapd : + + ● snapd.service loaded failed failed Snappy daemon + ● snapd.socket loaded failed failed Socket activation for snapp + + Install updated systemd from -proposed and get status: (lxc exec + reboot; lxc exec systemctl status) + + State: running + Jobs: 0 queued + Failed: 0 units + + [Regression Potential] + + Services will now run with a Nice value other than what was specified in + the unit if it cannot be changed for some reason. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1709536 Title: snapd 2.26.14 on ubuntu-core won't start in containers anymore Status in Snap Layer: New Status in snapd: New Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Xenial: In Progress Status in systemd source package in Artful: Fix Released Bug description: [Impact] Systemd treats a failure to apply the requested Nice value as critical to unit startup. Unprivileged LXD containers do not allow the use of negative nice values. snapd will fail to start inside containers now that snapd uses a negative Nice value. Aug 09 05:54:37 core systemd[1]: snapd.service: Main process exited, code=exited, status=201/NICE Aug 09 05:54:37 core systemd[1]: snapd.service: Unit entered failed state. Aug 09 05:54:37 core systemd[1]: snapd.service: Failed with result 'exit-code'. The fix is for systemd to ignore permission errors when attempting to setup such custom nice values in containers. I have confirmed that setting up a unit override by hand which sets Nice = 0 does resolve the problem. [Test Case] Boot a Xenial image in lxd: $ lxc launch xenial x1 $ lxc exec x1 -- systemctl --state=failed Observe failures for snapd : ● snapd.service loaded failed failed Snappy daemon ● snapd.socket loaded failed failed Socket activation for snapp Install updated systemd from -proposed and get status: (lxc exec reboot; lxc exec systemctl status) State: running Jobs: 0 queued Failed: 0 units [Regression Potential] Services will now run with a Nice value other than what was specified in the unit if it cannot be changed for some reason. To manage notifications about this bug go to: https://bugs.launchpad.net/layer-snap/+bug/1709536/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1662137] Re: 16.04 recovery shell works only for two minutes
I have slightly different behavior but the same ultimate result. After two minutes in the root shell, the friendly-rescue menu shows up again, conflicting in a bizarre way with the existing prompt; sometimes keystrokes affect one process and sometimes the other, sometimes both somehow. They write over eachother breaking both the shell and the menu, and usually making the whole server unusable until a reboot. My fix was to uninstall friendly-rescue, which at least gives me another root shell that breaks less when it starts overtop of my existing one after two minutes. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1662137 Title: 16.04 recovery shell works only for two minutes Status in systemd package in Ubuntu: Confirmed Bug description: Selecting "Rescue" shell from the "Advanced options" menu in grub enters the "friendly-recovery" service and allows to drop into a root shell. After ~120 seconds, systemd sees a timeout and starts another "friendly-recovery" whiptail process. This and the running shell now compete for tty access (input and output) thus making the shell nearly unusable. Diagnosing this, it becomes clear that in the first root shell entered from friendly-recovery, "systemctl list-jobs" lists the generated "wait for disk" tasks for the /boot partition and the swap partition still to be running. Only when they run into a timeout, the next friendly-recovery is spawned. I'll attach a log session for such a boot that has two manual "logger" entries in it: Feb 06 10:54:57 harry root[605]: now in root shell from friendly-recovery ... Feb 06 10:56:41 harry root[1254]: now running in parallel This clearly shows the timing of the startup. I have no idea why the "wait for disk" units run into a timeout as the system boots correctly in the "non-rescue" mode. I'll further attach a "systemd-analyze blame" from a regular bootup to show that there is no trace of such a timeout to be found. Furthermore i do have this behaviour on a real machine and on an (independent) VM, so affects more than the machine the bug was reported from. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: systemd 229-4ubuntu16 ProcVersionSignature: Ubuntu 4.4.0-62.83-generic 4.4.40 Uname: Linux 4.4.0-62-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.5 Architecture: amd64 CurrentDesktop: GNOME Date: Mon Feb 6 11:02:37 2017 InstallationDate: Installed on 2015-03-27 (681 days ago) InstallationMedia: Ubuntu 14.04.2 LTS "Trusty Tahr" - Release amd64 (20150218.1) MachineType: Hewlett-Packard HP EliteBook 8460p ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.4.0-62-generic root=UUID=310be2be-96ea-4fe9-b929-75605e718fdc ro resume=/dev/sda6 loop.max_part=63 quiet splash vt.handoff=7 SourcePackage: systemd SystemdDelta: [EXTENDED] /etc/systemd/system/display-manager.service → /lib/systemd/system/display-manager.service.d/xdiagnose.conf [EXTENDED] /lib/systemd/system/rc-local.service → /lib/systemd/system/rc-local.service.d/debian.conf [EXTENDED] /lib/systemd/system/systemd-timesyncd.service → /lib/systemd/system/systemd-timesyncd.service.d/disable-with-time-daemon.conf 3 overridden configuration files found. UpgradeStatus: Upgraded to xenial on 2016-12-01 (66 days ago) dmi.bios.date: 12/22/2011 dmi.bios.vendor: Hewlett-Packard dmi.bios.version: 68SCF Ver. F.22 dmi.board.name: 161C dmi.board.vendor: Hewlett-Packard dmi.board.version: KBC Version 97.4A dmi.chassis.asset.tag: 617H dmi.chassis.type: 10 dmi.chassis.vendor: Hewlett-Packard dmi.modalias: dmi:bvnHewlett-Packard:bvr68SCFVer.F.22:bd12/22/2011:svnHewlett-Packard:pnHPEliteBook8460p:pvrA0001D02:rvnHewlett-Packard:rn161C:rvrKBCVersion97.4A:cvnHewlett-Packard:ct10:cvr: dmi.product.name: HP EliteBook 8460p dmi.product.version: A0001D02 dmi.sys.vendor: Hewlett-Packard To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1662137/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1576341] Re: systemd in degraded state on startup in LXD containers
systemd SRU to ignore failures to set Nice priority on services in containers for Xenial in bug 1709536. ** No longer affects: systemd (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1576341 Title: systemd in degraded state on startup in LXD containers Status in lvm2 package in Ubuntu: Fix Released Status in open-iscsi package in Ubuntu: Fix Released Bug description: The ubuntu:xenial image shows 'degraded' state in lxd on initial boot. $ lxc launch xenial x1 $ sleep 10 $ lxc file pull x1/etc/cloud/build.info - build_name: server serial: 20160420-145324 $ lxc exec x1 systemctl is-system-running degraded $ lxc exec x1 -- systemctl --state=failed UNIT LOAD ACTIVE SUBDESCRIPTION ● dev-hugepages.mount loaded failed failed Huge Pages File System ● iscsid.serviceloaded failed failed iSCSI initiator daemon (iscsid) ● open-iscsi.serviceloaded failed failed Login to default iSCSI targets ● systemd-remount-fs.serviceloaded failed failed Remount Root and Kernel File Systems ● systemd-sysctl.serviceloaded failed failed Apply Kernel Variables ● lvm2-lvmetad.socket loaded failed failed LVM2 metadata daemon socket ● systemd-journald-audit.socket loaded failed failed Journal Audit Socket LOAD = Reflects whether the unit definition was properly loaded. ACTIVE = The high-level unit activation state, i.e. generalization of SUB. SUB= The low-level unit activation state, values depend on unit type. 7 loaded units listed. Pass --all to see loaded but inactive units, too. To show all installed unit files use 'systemctl list-unit-files'. ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: open-iscsi 2.0.873+git0.3b4b4500-14ubuntu3 ProcVersionSignature: Ubuntu 4.4.0-18.34-generic 4.4.6 Uname: Linux 4.4.0-18-generic x86_64 ApportVersion: 2.20.1-0ubuntu2 Architecture: amd64 Date: Thu Apr 28 17:28:04 2016 ProcEnviron: TERM=xterm-256color PATH=(custom, no user) SourcePackage: open-iscsi UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/1576341/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1706818] Re: mismatched file locking since 1:4.2.8p4+dfsg-3ubuntu1 causes race leaving ntp dead on reboot
** Changed in: ntp (Ubuntu Zesty) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1706818 Title: mismatched file locking since 1:4.2.8p4+dfsg-3ubuntu1 causes race leaving ntp dead on reboot Status in ntp package in Ubuntu: Fix Released Status in ntp source package in Xenial: Fix Committed Status in ntp source package in Zesty: Fix Released Status in ntp source package in Artful: Fix Released Status in ntp package in Debian: Fix Released Bug description: [Impact] * The locks of ntpdate the ifup hook and the ntp service start do not match, therefore installation of ntpdate can harmstring the start of ntp at boot. * The change ports back what Debian added later and we merged in Zesty. It does two things: 1. it makes the lock paths actually match 2. it drops the usage of lockfile-progs which never was a dependency and uses flock directly. [Test Case] * Prep - Taking a Xenial VM (to avoid all the time set rejects in a container from cluttering the view) - Installing ntp - Check status of ntp - Reboot the VM - Check status of ntp # Until now all should be good * Break it - install ntpdate - reboot - Check status of ntp - It (likely) is failed for "blocked known address being busy" - This is somewhat of a race, adding more extra network devices in libvirt to your guest increases the chance if you can't reproduce. * Fix it - install the fix from proposed (or the ppa in c#14) - reboot - ntp is now running correctly after reboot [Regression Potential] * It was locking before as well, just on a lock never contended and potentially failing to have the lockfile-progs calls available. Due to the change the init now of ntp can take longer (until the ntpdate calls are out of the way) * For a fallback in case locking goes crazy in unexpected ways the timeout of the flock (180s) is intentionally not checked for bad return codes. That way in those cases ntp still tries to initialize and if it fails for an ntpdate blocking the port it didn't "loose" anything by being stalled. Therefor I'd consider that the actual regression potential rather low and safe. [Other Info] * This is kind of a bug-zombie, fixed in zesty but resurrected in Debian (and Ubuntu by our merge) due to the addition of a native systemd service. Now that Dev is finally (again) good it is time to tackle the Xenial SRU. --- ntpdate and ntp conflict on the NTP well-known-socket. If ntp and ntpdate 1:4.2.8p4+dfsg-3ubuntu5.5 are installed on Xenial, and there are 2 static interfaces configured, most often we find that ntpd is not running after a reboot. When the ntp service is started by systemd, ntp fails to bind the NTP socket because ntpdate is running in the background. It's intended that ntp and ntpdate try to avoid this conflict with a lock file, but the locking mechanism was changed in ntpdate.if-up (from lockfile to flock), but it was not changed in ntp.init. Previously the file locking prevented ntp from trying to start when ntpdate was running. Not any more. Having multiple interfaces causes a much longer period of the socket being unavailable, because the 2 ntpdate processes will get serialized by the lock, while the ntp service is looking for a different lock, so it just plows right in. Attempts by netdate.if-up to stop and start ntp seem to overlap and when the final start is invoked, systemd seems to thing ntp is already running, though it has failed. In 1:4.2.8p4+dfsg-3ubuntu1 the following change was made: debian/ntpdate.if-up: Drop lockfile mechanism as upstream is using flock now. Looks like corresponds to rev 371 of debian/ntpdate.if-up from upstream. This change diverged locking between ntpdate.if-up and ntp.init. This was rectified in rev 451 of ntp.init, to use compatible locking, but that doesn't appear in the Ubuntu version. System Information: lsb_release -rd: Description:Ubuntu 16.04.2 LTS Release:16.04 apt-cache policy ntpdate: ntpdate: Installed: 1:4.2.8p4+dfsg-3ubuntu5.5 Candidate: 1:4.2.8p4+dfsg-3ubuntu5.5 Version table: *** 1:4.2.8p4+dfsg-3ubuntu5.5 100 100 /var/lib/dpkg/status apt-cache policy ntp: ntp: Installed: 1:4.2.8p4+dfsg-3ubuntu5.5 Candidate: 1:4.2.8p4+dfsg-3ubuntu5.5 Version table: *** 1:4.2.8p4+dfsg-3ubuntu5.5 100 100 /var/lib/dpkg/status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ntp/+bug/1706818/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-pac
[Touch-packages] [Bug 1687981] Re: Backport packages for 16.04.3 HWE stack
** Changed in: xorg-server (Ubuntu Xenial) Status: Invalid => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libdrm in Ubuntu. https://bugs.launchpad.net/bugs/1687981 Title: Backport packages for 16.04.3 HWE stack Status in libclc package in Ubuntu: Invalid Status in libdrm package in Ubuntu: Invalid Status in libinput package in Ubuntu: Invalid Status in libwacom package in Ubuntu: Invalid Status in libxfont package in Ubuntu: Invalid Status in libxfont2 package in Ubuntu: Invalid Status in llvm-toolchain-4.0 package in Ubuntu: Invalid Status in mesa package in Ubuntu: Invalid Status in virtualbox-hwe package in Ubuntu: Fix Released Status in vulkan package in Ubuntu: Invalid Status in wayland package in Ubuntu: Invalid Status in x11proto-core package in Ubuntu: Invalid Status in xfonts-utils package in Ubuntu: Invalid Status in xorg-hwe-16.04 package in Ubuntu: Invalid Status in xorg-server package in Ubuntu: Invalid Status in xorg-server-hwe-16.04 package in Ubuntu: Invalid Status in libclc source package in Xenial: Fix Released Status in libdrm source package in Xenial: Fix Released Status in libinput source package in Xenial: Fix Released Status in libwacom source package in Xenial: Fix Released Status in libxfont source package in Xenial: Fix Released Status in libxfont2 source package in Xenial: Fix Released Status in llvm-toolchain-4.0 source package in Xenial: Fix Released Status in mesa source package in Xenial: Fix Released Status in vulkan source package in Xenial: Fix Released Status in wayland source package in Xenial: Fix Released Status in x11proto-core source package in Xenial: Fix Released Status in xfonts-utils source package in Xenial: Fix Released Status in xorg-hwe-16.04 source package in Xenial: Fix Released Status in xorg-server source package in Xenial: Fix Committed Status in xorg-server-hwe-16.04 source package in Xenial: Fix Released Bug description: [Impact] *** hwe-16.04 refresh for 16.04.3 *** Revert changes to use debhelper10. xorg-server-hwe-16.04 needs updates - wayland 1.11 (but zesty has 1.12 which mesa needs so backport that) - x11proto-core 7.0.31 - libxfont-dev 2.0.1, which also means backporting libxfont1 (NEW) x-x-i-libinput will not replace -evdev in x-x-i-all-hwe-16.04 because the unity mouse config doesn't work with -libinput. x-x-i-libinput needs newer libinput, which in turn needs libwacom update. Mesa needs llvm-4.0 and libclc, libdrm, wayland updates. [Test case] upgrade from/to stock & old hwe stack, test desktop usage [Regression potential] zesty hasn't blown up [Other information] build order: 1. x11proto-core, libdrm, libxfont, libxfont1, libwacom, llvm-toolchain-4.0, vulkan, wayland 2. libclc, libinput, xorg-server (build-dep libxfont1-dev) 3. mesa, xorg-server-hwe-16.04 4. drivers 5. xorg-hwe-16.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libclc/+bug/1687981/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer
** No longer affects: ssmtp (Ubuntu Trusty) ** No longer affects: ssmtp (Ubuntu Xenial) ** No longer affects: ssmtp (Ubuntu Zesty) ** No longer affects: ssmtp (Ubuntu Artful) ** No longer affects: gnutls26 (Ubuntu Xenial) ** No longer affects: gnutls26 (Ubuntu Zesty) ** No longer affects: gnutls26 (Ubuntu Artful) ** No longer affects: gnutls26 (Ubuntu) ** Changed in: gnutls26 (Ubuntu Trusty) Importance: Undecided => Medium ** Changed in: gnutls28 (Ubuntu Trusty) Importance: Undecided => Medium ** Changed in: gnutls28 (Ubuntu Xenial) Importance: Undecided => Medium ** Changed in: gnutls28 (Ubuntu Zesty) Importance: Undecided => Medium ** Changed in: gnutls28 (Ubuntu Artful) Importance: Undecided => Medium -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer Status in gnutls28 package in Ubuntu: Fix Released Status in gnutls26 source package in Trusty: Fix Committed Status in gnutls28 source package in Trusty: Won't Fix Status in gnutls28 source package in Xenial: Fix Committed Status in gnutls28 source package in Zesty: Fix Released Status in gnutls28 source package in Artful: Fix Released Status in gnutls28 package in Debian: Fix Released Bug description: [Impact] Applications using GnuTLS OpenSSL compat layer [1] are be unable to use modern TLS versions (1.1 and 1.2) when relying on the SSLv23_{client,server}_method functions. There is an industry-wide push to use modern TLS versions, see [2] and [3] for example. The proposed fix changes the compat layer to use GnuTLS' "NORMAL" priority [4] instead of hard-coding which protocol versions and ciphers to enable. [Test Case] 1) Setup a mail submission server that uses StartTLS 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay through the mail relay using StartTLS 3) Send an email while capturing with tcpdump/tshark 4) Inspect the submission connection (TCP/587) and look for the protocol version negotiated by the client. Without the fix, you should see TLSv1.0. With the fix, it should be TLSv1.2. Please see the original issue description for more details. [Regression Potential] Regression risk should be low since it's a backport of a simple fix that landed in Debian in April 2017. [References] 1: $ apt-cache rdepends libgnutls-openssl27 libgnutls-openssl27 Reverse Depends: libgnutls-dev libgnutls-dev zoneminder yaskkserv tf5 ssmtp snowdrop sngrep slrnpull slrn sipsak macopix-gtk2 gnss-sdr gkrellm freewheeling boinctui iputils-ping 2: https://lists.debian.org/debian-devel-announce/2017/08/msg4.html 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls 4: https://gnutls.org/manual/html_node/Priority-Strings.html [Original issue description] sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.0 (0x0301) Cipher Suites Length: 30 Cipher Suites (15 suites) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smtp 2>/dev/null | grep -E '^[[:space:]]+(Protocol|Cipher)' Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES128-GCM-SHA25
[Touch-packages] [Bug 1703377] Re: Gnome online account login prevents paste or autotype
[Expired for gnome-online-accounts (Ubuntu) because there has been no activity for 60 days.] ** Changed in: gnome-online-accounts (Ubuntu) Status: Incomplete => Expired -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnome-online-accounts in Ubuntu. https://bugs.launchpad.net/bugs/1703377 Title: Gnome online account login prevents paste or autotype Status in gnome-online-accounts package in Ubuntu: Expired Bug description: On entering Login data to an online account such as google. Using keepass as password manager I now can not enter my password via paste nor via autotype. Trying any of them results in an invalid password. Ubuntu 16.10 - GNOME Shell 3.20.4 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-online-accounts/+bug/1703377/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716082] Re: package libblkid1:amd64 2.28.2-1ubuntu1.2 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configur
** Tags removed: need-duplicate-check -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1716082 Title: package libblkid1:amd64 2.28.2-1ubuntu1.2 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration Status in util-linux package in Ubuntu: New Bug description: i m not able to update or install any application ProblemType: Package DistroRelease: Ubuntu 16.10 Package: libblkid1:amd64 2.28.2-1ubuntu1.2 ProcVersionSignature: Ubuntu 4.8.0-59.64-generic 4.8.17 Uname: Linux 4.8.0-59-generic x86_64 ApportVersion: 2.20.3-0ubuntu8.7 AptOrdering: libblkid1:amd64: Configure libglib2.0-0:amd64: Install NULL: ConfigurePending Architecture: amd64 Date: Mon Sep 4 22:56:24 2017 DuplicateSignature: package:libblkid1:amd64:2.28.2-1ubuntu1.2 Unpacking unity-control-center (15.04.0+16.10.20170214-0ubuntu1) over (15.04.0+16.10.20161003.1-0ubuntu2) ... Log started: 2017-09-04 22:56:24 dpkg: error processing package libblkid1:amd64 (--configure): package is in a very bad inconsistent state; you should ErrorMessage: package is in a very bad inconsistent state; you should reinstall it before attempting configuration InstallationDate: Installed on 2017-09-02 (6 days ago) InstallationMedia: Ubuntu 16.10 "Yakkety Yak" - Release amd64 (20161012.2) RelatedPackageVersions: dpkg 1.18.10ubuntu1.1 apt 1.3.5 SourcePackage: util-linux Title: package libblkid1:amd64 2.28.2-1ubuntu1.2 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1716082/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716082] [NEW] package libblkid1:amd64 2.28.2-1ubuntu1.2 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting config
Public bug reported: i m not able to update or install any application ProblemType: Package DistroRelease: Ubuntu 16.10 Package: libblkid1:amd64 2.28.2-1ubuntu1.2 ProcVersionSignature: Ubuntu 4.8.0-59.64-generic 4.8.17 Uname: Linux 4.8.0-59-generic x86_64 ApportVersion: 2.20.3-0ubuntu8.7 AptOrdering: libblkid1:amd64: Configure libglib2.0-0:amd64: Install NULL: ConfigurePending Architecture: amd64 Date: Mon Sep 4 22:56:24 2017 DuplicateSignature: package:libblkid1:amd64:2.28.2-1ubuntu1.2 Unpacking unity-control-center (15.04.0+16.10.20170214-0ubuntu1) over (15.04.0+16.10.20161003.1-0ubuntu2) ... Log started: 2017-09-04 22:56:24 dpkg: error processing package libblkid1:amd64 (--configure): package is in a very bad inconsistent state; you should ErrorMessage: package is in a very bad inconsistent state; you should reinstall it before attempting configuration InstallationDate: Installed on 2017-09-02 (6 days ago) InstallationMedia: Ubuntu 16.10 "Yakkety Yak" - Release amd64 (20161012.2) RelatedPackageVersions: dpkg 1.18.10ubuntu1.1 apt 1.3.5 SourcePackage: util-linux Title: package libblkid1:amd64 2.28.2-1ubuntu1.2 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: util-linux (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-package yakkety -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu. https://bugs.launchpad.net/bugs/1716082 Title: package libblkid1:amd64 2.28.2-1ubuntu1.2 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration Status in util-linux package in Ubuntu: New Bug description: i m not able to update or install any application ProblemType: Package DistroRelease: Ubuntu 16.10 Package: libblkid1:amd64 2.28.2-1ubuntu1.2 ProcVersionSignature: Ubuntu 4.8.0-59.64-generic 4.8.17 Uname: Linux 4.8.0-59-generic x86_64 ApportVersion: 2.20.3-0ubuntu8.7 AptOrdering: libblkid1:amd64: Configure libglib2.0-0:amd64: Install NULL: ConfigurePending Architecture: amd64 Date: Mon Sep 4 22:56:24 2017 DuplicateSignature: package:libblkid1:amd64:2.28.2-1ubuntu1.2 Unpacking unity-control-center (15.04.0+16.10.20170214-0ubuntu1) over (15.04.0+16.10.20161003.1-0ubuntu2) ... Log started: 2017-09-04 22:56:24 dpkg: error processing package libblkid1:amd64 (--configure): package is in a very bad inconsistent state; you should ErrorMessage: package is in a very bad inconsistent state; you should reinstall it before attempting configuration InstallationDate: Installed on 2017-09-02 (6 days ago) InstallationMedia: Ubuntu 16.10 "Yakkety Yak" - Release amd64 (20161012.2) RelatedPackageVersions: dpkg 1.18.10ubuntu1.1 apt 1.3.5 SourcePackage: util-linux Title: package libblkid1:amd64 2.28.2-1ubuntu1.2 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/1716082/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1710637] Re: Input falls through to gdm3 and terminates the session on Ctrl+C
Could this be why I sometimes get no keyboard input at all in my user sessions in Artul...? (Can type password in GDM, but then all keyboard input is lost until reboot.) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to console-setup in Ubuntu. https://bugs.launchpad.net/bugs/1710637 Title: Input falls through to gdm3 and terminates the session on Ctrl+C Status in console-setup package in Ubuntu: Fix Released Status in gdm3 package in Ubuntu: Incomplete Status in gnome-shell package in Ubuntu: Incomplete Status in mutter package in Ubuntu: Incomplete Bug description: Multiple times a day I find myself without a session after hitting Ctrl+C in a terminal, it seems the input falls through the Ubuntu/GNOME session and to gdm, which itself decides to terminate. Even worse, when this happens, you can briefly see your login password in plaintext in the virtual terminal. You can see the password however long you want if you stop the gdm service when this happens. I don't have a good way to reproduce, but it seems locking the session with a keyboard shortcut, subsequently unlocking it, maybe suspending, at some point brings this behaviour into the picture, until the session dies with a Ctrl+C. ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: gdm3 3.24.2-1ubuntu9 ProcVersionSignature: Ubuntu 4.11.0-13.19-generic 4.11.12 Uname: Linux 4.11.0-13-generic x86_64 NonfreeKernelModules: zfs zunicode zavl zcommon znvpair ApportVersion: 2.20.6-0ubuntu5 Architecture: amd64 CurrentDesktop: GNOME Date: Mon Aug 14 15:54:34 2017 InstallationDate: Installed on 2016-05-06 (464 days ago) InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420.1) SourcePackage: gdm3 UpgradeStatus: Upgraded to artful on 2017-07-19 (25 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/console-setup/+bug/1710637/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1624317] Re: systemd-resolved breaks VPN with split-horizon DNS
#82 Helped me as well. And I'm 17.04... It'd be nice to see this fixed... -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1624317 Title: systemd-resolved breaks VPN with split-horizon DNS Status in NetworkManager: Unknown Status in network-manager package in Ubuntu: Confirmed Status in network-manager source package in Zesty: Confirmed Status in network-manager source package in Artful: Confirmed Bug description: [Impact] * NetworkManager incorrectly handles dns-priority of the VPN-like connections, which leads to leaking DNS queries outside of the VPN into the general internet. * Upstream has resolved this issue in master and 1.8 to correctly configure any dns backends with negative dns-priority settings. [Test Case] #FIXME# * detailed instructions how to reproduce the bug * these should allow someone who is not familiar with the affected package to reproduce the bug and verify that the updated package fixes the problem. #FIXME# [Regression Potential] * If this issue is changed DNS resolution will change, for certain queries, to go via VPN rather than general internet. And therefore, one may get new/different results or even loose access to resolve/access certain parts of the interent depending on what the DNS server on VPN chooses to respond to. [Other Info] * Original bug report I use a VPN configured with network-manager-openconnect-gnome in which a split-horizon DNS setup assigns different addresses to some names inside the remote network than the addresses seen for those names from outside the remote network. However, systemd-resolved often decides to ignore the VPN’s DNS servers and use the local network’s DNS servers to resolve names (whether in the remote domain or not), breaking the split-horizon DNS. This related bug, reported by Lennart Poettering himself, was closed with the current Fedora release at the time reaching EOL: https://bugzilla.redhat.com/show_bug.cgi?id=1151544 To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager/+bug/1624317/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716078] [NEW] problem regarding detecting intel graphic card and changing my resolution
Public bug reported: ubuntu 14.04 cannot detect my graphic card, which is intel HD graphics 630, and I cannot change my resolution. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: xorg 1:7.7+1ubuntu8 ProcVersionSignature: Ubuntu 3.13.0-129.178-generic 3.13.11-ckt39 Uname: Linux 3.13.0-129-generic x86_64 .tmp.unity.support.test.1: ApportVersion: 2.14.1-0ubuntu3 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: compiz CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0' CompositorUnredirectFSW: true CurrentDesktop: Unity Date: Fri Sep 8 18:11:33 2017 DistUpgraded: Fresh install DistroCodename: trusty DistroVariant: ubuntu GraphicsCard: Intel Corporation Device [8086:5912] (rev 04) (prog-if 00 [VGA controller]) Subsystem: Acer Incorporated [ALI] Device [1025:108e] InstallationDate: Installed on 2017-09-09 (0 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417) MachineType: Acer Aspire TC-780 ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-129-generic.efi.signed root=UUID=957edbfd-0d99-4b8f-8c66-a16283cc26ed ro quiet splash vt.handoff=7 Renderer: Software SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/21/2017 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: R02-A2 dmi.board.name: Aspire TC-780(KBL) dmi.board.vendor: Acer dmi.chassis.type: 3 dmi.chassis.vendor: Acer dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrR02-A2:bd02/21/2017:svnAcer:pnAspireTC-780:pvr:rvnAcer:rnAspireTC-780(KBL):rvr:cvnAcer:ct3:cvr: dmi.product.name: Aspire TC-780 dmi.sys.vendor: Acer version.compiz: compiz 1:0.9.11+14.04.20140409-0ubuntu1 version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.52-1 version.libgl1-mesa-dri: libgl1-mesa-dri 10.1.0-4ubuntu5 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx 10.1.0-4ubuntu5 version.xserver-xorg-core: xserver-xorg-core 2:1.15.1-0ubuntu2 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev 1:2.8.2-1ubuntu2 version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.3.0-1ubuntu3 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.910-0ubuntu1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.10-1ubuntu2 xserver.bootTime: Fri Sep 8 18:03:21 2017 xserver.configfile: default xserver.logfile: /var/log/Xorg.0.log xserver.outputs: xserver.version: 2:1.15.1-0ubuntu2 ** Affects: xorg (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug compiz-0.9 trusty ubuntu -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1716078 Title: problem regarding detecting intel graphic card and changing my resolution Status in xorg package in Ubuntu: New Bug description: ubuntu 14.04 cannot detect my graphic card, which is intel HD graphics 630, and I cannot change my resolution. ProblemType: Bug DistroRelease: Ubuntu 14.04 Package: xorg 1:7.7+1ubuntu8 ProcVersionSignature: Ubuntu 3.13.0-129.178-generic 3.13.11-ckt39 Uname: Linux 3.13.0-129-generic x86_64 .tmp.unity.support.test.1: ApportVersion: 2.14.1-0ubuntu3 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: compiz CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0' CompositorUnredirectFSW: true CurrentDesktop: Unity Date: Fri Sep 8 18:11:33 2017 DistUpgraded: Fresh install DistroCodename: trusty DistroVariant: ubuntu GraphicsCard: Intel Corporation Device [8086:5912] (rev 04) (prog-if 00 [VGA controller]) Subsystem: Acer Incorporated [ALI] Device [1025:108e] InstallationDate: Installed on 2017-09-09 (0 days ago) InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140417) MachineType: Acer Aspire TC-780 ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.13.0-129-generic.efi.signed root=UUID=957edbfd-0d99-4b8f-8c66-a16283cc26ed ro quiet splash vt.handoff=7 Renderer: Software SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 02/21/2017 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: R02-A2 dmi.board.name: Aspire TC-780(KBL) dmi.board.vendor: Acer dmi.chassis.type: 3 dmi.chassis.vendor: Acer dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrR02-A2:bd02/21/2017:svnAcer:pnAspireTC-780:pvr:rvnAcer:rnAspireTC-780(KBL):rvr:cvnAcer:ct3:cvr: dmi.product.name: Aspire TC-780 dmi.sys.vendor: Acer version.compiz: compiz 1:0.9.11+14.04.20140409-0ubuntu1 version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.52-1 version.libgl1-mesa-dri: libgl1-mesa-dri 10.1.0-4ubuntu5 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl
[Touch-packages] [Bug 290639] Re: NetworkManager cannot handle both eth0 and ppp0 at the same time
** Changed in: network-manager Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/290639 Title: NetworkManager cannot handle both eth0 and ppp0 at the same time Status in NetworkManager: Fix Released Status in network-manager package in Ubuntu: Triaged Bug description: Binary package hint: network-manager Okay, so I have a pppoe-connection to my internet-provider which I connect to via a WLAN-AP that's connected with my home-network. In network-manager I can set up my Ethernet (eth0) connection to connect to the local network and my ppp0e (ppp0) connection to the internet. When I click on network-manager, I only have radio-buttons to select the desired "wired connection" which only allows me to EITHER start eth0 OR ppp0. When I'm connected to the internet, I can't access the LAN and vice-versa. The ony solution for me right now is to use pppoeconf and configure the eth0-connection via config file, which of course breaks network- manager. What I am asking for is simple: Allow the use of more than just one "wired connection" in network-manager (ditch the radio buttons and make them "multiple choice"?) here's my etc/network/interfaces: (comments were made by me for better readability here, they're not in the file itself) ##BEGIN interfaces auto lo iface lo inet loopback auto dsl-provider iface dsl-provider inet ppp pre-up /sbin/ifconfig eth0 up # line maintained by pppoeconf provider dsl-provider auto eth0 iface eth0 inet static address 192.168.0.3 netmask 255.255.255.0 gateway 192.168.0.1 ##END interfaces System is 8.10 with all the latest updates, network-manager is: network-manager: Installiert: 0.7~~svn20081018t105859-0ubuntu1 Kandidat: 0.7~~svn20081018t105859-0ubuntu1 Versions-Tabelle: *** 0.7~~svn20081018t105859-0ubuntu1 0 500 http://at.archive.ubuntu.com intrepid/main Packages 100 /var/lib/dpkg/status To manage notifications about this bug go to: https://bugs.launchpad.net/network-manager/+bug/290639/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716069] Re: systemd breaks apparmor (<2.10.95-1). in turn mysql-server wont install
Hi Thomas, where did you find a systemd package version 233-8ubuntu1~ubuntu16.04.1? I can't find it on https://launchpad.net/ubuntu/+source/systemd or https://launchpad.net/ubuntu/+source/systemd/+publishinghistory Thanks ** Changed in: apparmor (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1716069 Title: systemd breaks apparmor (<2.10.95-1). in turn mysql-server wont install Status in apparmor package in Ubuntu: Incomplete Bug description: mysql-server cant be installed, because systemd (233-8ubuntu1~ubuntu16.04.1) requires a newer version of apparmor than the installed version 2.10.95-0ubuntu2.7 this in tune breaks various packages depending on mysql-server, like gnu-cash or others. Possible solutions: - provide a newer apparmor package for ubuntu 16.04.1 - provide a mysql-server package not depending on apparmor - provide a systemd package working with apparmor 2.10.95-0ubuntu2.7 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1716069/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716069] [NEW] systemd breaks apparmor (<2.10.95-1). in turn mysql-server wont install
Public bug reported: mysql-server cant be installed, because systemd (233-8ubuntu1~ubuntu16.04.1) requires a newer version of apparmor than the installed version 2.10.95-0ubuntu2.7 this in tune breaks various packages depending on mysql-server, like gnu-cash or others. Possible solutions: - provide a newer apparmor package for ubuntu 16.04.1 - provide a mysql-server package not depending on apparmor - provide a systemd package working with apparmor 2.10.95-0ubuntu2.7 ** Affects: apparmor (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1716069 Title: systemd breaks apparmor (<2.10.95-1). in turn mysql-server wont install Status in apparmor package in Ubuntu: New Bug description: mysql-server cant be installed, because systemd (233-8ubuntu1~ubuntu16.04.1) requires a newer version of apparmor than the installed version 2.10.95-0ubuntu2.7 this in tune breaks various packages depending on mysql-server, like gnu-cash or others. Possible solutions: - provide a newer apparmor package for ubuntu 16.04.1 - provide a mysql-server package not depending on apparmor - provide a systemd package working with apparmor 2.10.95-0ubuntu2.7 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1716069/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716063] Re: libvirt manager configured dhcpv6 network does not appear to sned domain
xml network file has domain name set, and so does the generated dnsmasq config. ** Also affects: dnsmasq (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1716063 Title: libvirt manager configured dhcpv6 network does not appear to sned domain Status in dnsmasq package in Ubuntu: New Status in isc-dhcp package in Ubuntu: New Status in libvirt package in Ubuntu: New Bug description: libvirt manager configured dhcpv6 network does not appear to send domain I've configured dhcpv4 & v6 networking in the libvirt dialog (will provide the config dump) In the virtual machine guest i have specified to obtain inet6 dhcp. With debug enabled that appears to receive only the new ipc6 address, prefixlen and name servers, but not the domain setting, like it does for ipv4. I'm expecting something like new_ipv6_domain_name, or just new_domain_name set for the ipv6 lease. Not sure if it is a bug in libvirt or ics-dhcp To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1716063/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716063] [NEW] libvirt manager configured dhcpv6 network does not appear to sned domain
Public bug reported: libvirt manager configured dhcpv6 network does not appear to send domain I've configured dhcpv4 & v6 networking in the libvirt dialog (will provide the config dump) In the virtual machine guest i have specified to obtain inet6 dhcp. With debug enabled that appears to receive only the new ipc6 address, prefixlen and name servers, but not the domain setting, like it does for ipv4. I'm expecting something like new_ipv6_domain_name, or just new_domain_name set for the ipv6 lease. Not sure if it is a bug in libvirt or ics-dhcp ** Affects: isc-dhcp (Ubuntu) Importance: Undecided Status: New ** Affects: libvirt (Ubuntu) Importance: Undecided Status: New ** Tags: dhcp ipv6 ** Also affects: isc-dhcp (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to isc-dhcp in Ubuntu. https://bugs.launchpad.net/bugs/1716063 Title: libvirt manager configured dhcpv6 network does not appear to sned domain Status in isc-dhcp package in Ubuntu: New Status in libvirt package in Ubuntu: New Bug description: libvirt manager configured dhcpv6 network does not appear to send domain I've configured dhcpv4 & v6 networking in the libvirt dialog (will provide the config dump) In the virtual machine guest i have specified to obtain inet6 dhcp. With debug enabled that appears to receive only the new ipc6 address, prefixlen and name servers, but not the domain setting, like it does for ipv4. I'm expecting something like new_ipv6_domain_name, or just new_domain_name set for the ipv6 lease. Not sure if it is a bug in libvirt or ics-dhcp To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1716063/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer
I agree with juliank's assessment in comment #22. The 2nd Trusty debdiff allows md5 to be used throughout the entire cert chain which is apparently not what Simon intended. I don't think it is the right approach. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer Status in gnutls26 package in Ubuntu: Invalid Status in gnutls28 package in Ubuntu: Fix Released Status in gnutls26 source package in Trusty: Fix Committed Status in gnutls28 source package in Trusty: Won't Fix Status in ssmtp source package in Trusty: Invalid Status in gnutls26 source package in Xenial: Invalid Status in gnutls28 source package in Xenial: Fix Committed Status in ssmtp source package in Xenial: Invalid Status in gnutls26 source package in Zesty: Invalid Status in gnutls28 source package in Zesty: Fix Released Status in ssmtp source package in Zesty: Invalid Status in gnutls26 source package in Artful: Invalid Status in gnutls28 source package in Artful: Fix Released Status in ssmtp source package in Artful: Invalid Status in gnutls28 package in Debian: Fix Released Bug description: [Impact] Applications using GnuTLS OpenSSL compat layer [1] are be unable to use modern TLS versions (1.1 and 1.2) when relying on the SSLv23_{client,server}_method functions. There is an industry-wide push to use modern TLS versions, see [2] and [3] for example. The proposed fix changes the compat layer to use GnuTLS' "NORMAL" priority [4] instead of hard-coding which protocol versions and ciphers to enable. [Test Case] 1) Setup a mail submission server that uses StartTLS 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay through the mail relay using StartTLS 3) Send an email while capturing with tcpdump/tshark 4) Inspect the submission connection (TCP/587) and look for the protocol version negotiated by the client. Without the fix, you should see TLSv1.0. With the fix, it should be TLSv1.2. Please see the original issue description for more details. [Regression Potential] Regression risk should be low since it's a backport of a simple fix that landed in Debian in April 2017. [References] 1: $ apt-cache rdepends libgnutls-openssl27 libgnutls-openssl27 Reverse Depends: libgnutls-dev libgnutls-dev zoneminder yaskkserv tf5 ssmtp snowdrop sngrep slrnpull slrn sipsak macopix-gtk2 gnss-sdr gkrellm freewheeling boinctui iputils-ping 2: https://lists.debian.org/debian-devel-announce/2017/08/msg4.html 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls 4: https://gnutls.org/manual/html_node/Priority-Strings.html [Original issue description] sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.0 (0x0301) Cipher Suites Length: 30 Cipher Suites (15 suites) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smtp 2>/dev/null | grep -E '^[[:space:]]+(Protocol|Cipher)' Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES128-GCM-SHA256 Additional information: $ lsb_release -rd Description: Ubuntu 16.04.3 LTS Release: 16.04
[Touch-packages] [Bug 1716022] Re: Mouse cursor jaggy movements
Played around with magnification. Pressing Super-Alt-8 somehow creates this situation. Increasing the magnification to 200%, pressing Super-Alt-8 and reverting to 100% remedies the effect. Thus: An issue that I cannot explain. ** Changed in: xorg (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1716022 Title: Mouse cursor jaggy movements Status in xorg package in Ubuntu: Invalid Bug description: Ever since the update of libmpfr4:amd64 (3.1.6~rc1-1, 3.1.6-1) on 2017-09-08 12:28:20 the mouse cursor demonstrates a jumpy / jaggy behaviour. Compared to a similar machine or the live cd the mouse seems to jump around. Testing with a handwritten text in Gimp demonstrated the difference. This might not be an Xorg error but rather a Wayland | Mutter | libmpfr issue (I really can't tell but had to make a start) ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: xorg 1:7.7+19ubuntu2 ProcVersionSignature: Ubuntu 4.12.0-13.14-generic 4.12.10 Uname: Linux 4.12.0-13-generic x86_64 ApportVersion: 2.20.7-0ubuntu1 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Fri Sep 8 19:05:34 2017 DistUpgraded: Fresh install DistroCodename: artful DistroVariant: ubuntu DkmsStatus: virtualbox, 5.1.26, 4.12.0-12-generic, x86_64: installed virtualbox, 5.1.26, 4.12.0-13-generic, x86_64: installed ExtraDebuggingInterest: Yes, if not too technical GraphicsCard: Intel Corporation Iris Graphics 6100 [8086:162b] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Apple Inc. Iris Graphics 6100 [106b:013f] InstallationDate: Installed on 2017-09-05 (3 days ago) InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Alpha amd64 (20170902) MachineType: Apple Inc. MacBookPro12,1 ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.12.0-13-generic.efi.signed root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=7 SourcePackage: xorg Symptom: display UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 06/18/2017 dmi.bios.vendor: Apple Inc. dmi.bios.version: MBP121.88Z.0167.B33.1706181928 dmi.board.name: Mac-E43C1C25D4880AD6 dmi.board.vendor: Apple Inc. dmi.board.version: MacBookPro12,1 dmi.chassis.type: 9 dmi.chassis.vendor: Apple Inc. dmi.chassis.version: Mac-E43C1C25D4880AD6 dmi.modalias: dmi:bvnAppleInc.:bvrMBP121.88Z.0167.B33.1706181928:bd06/18/2017:svnAppleInc.:pnMacBookPro12,1:pvr1.0:rvnAppleInc.:rnMac-E43C1C25D4880AD6:rvrMacBookPro12,1:cvnAppleInc.:ct9:cvrMac-E43C1C25D4880AD6: dmi.product.family: MacBook Pro dmi.product.name: MacBookPro12,1 dmi.product.version: 1.0 dmi.sys.vendor: Apple Inc. version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.82-1 version.libgl1-mesa-dri: libgl1-mesa-dri 17.2.0-0ubuntu1 version.libgl1-mesa-glx: libgl1-mesa-glx 17.2.0-0ubuntu1 version.xserver-xorg-core: xserver-xorg-core 2:1.19.3-1ubuntu6 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.9.0-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20170309-0ubuntu1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.15-2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1716022/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer
I see the NM one passes now, thanks for retrying it. The aria2 armhf problem reliably fails though. I guess I'll have to setup a QEMU VM for that arch and manually run the test to see what's going on. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer Status in gnutls26 package in Ubuntu: Invalid Status in gnutls28 package in Ubuntu: Fix Released Status in gnutls26 source package in Trusty: Fix Committed Status in gnutls28 source package in Trusty: Won't Fix Status in ssmtp source package in Trusty: Invalid Status in gnutls26 source package in Xenial: Invalid Status in gnutls28 source package in Xenial: Fix Committed Status in ssmtp source package in Xenial: Invalid Status in gnutls26 source package in Zesty: Invalid Status in gnutls28 source package in Zesty: Fix Released Status in ssmtp source package in Zesty: Invalid Status in gnutls26 source package in Artful: Invalid Status in gnutls28 source package in Artful: Fix Released Status in ssmtp source package in Artful: Invalid Status in gnutls28 package in Debian: Fix Released Bug description: [Impact] Applications using GnuTLS OpenSSL compat layer [1] are be unable to use modern TLS versions (1.1 and 1.2) when relying on the SSLv23_{client,server}_method functions. There is an industry-wide push to use modern TLS versions, see [2] and [3] for example. The proposed fix changes the compat layer to use GnuTLS' "NORMAL" priority [4] instead of hard-coding which protocol versions and ciphers to enable. [Test Case] 1) Setup a mail submission server that uses StartTLS 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay through the mail relay using StartTLS 3) Send an email while capturing with tcpdump/tshark 4) Inspect the submission connection (TCP/587) and look for the protocol version negotiated by the client. Without the fix, you should see TLSv1.0. With the fix, it should be TLSv1.2. Please see the original issue description for more details. [Regression Potential] Regression risk should be low since it's a backport of a simple fix that landed in Debian in April 2017. [References] 1: $ apt-cache rdepends libgnutls-openssl27 libgnutls-openssl27 Reverse Depends: libgnutls-dev libgnutls-dev zoneminder yaskkserv tf5 ssmtp snowdrop sngrep slrnpull slrn sipsak macopix-gtk2 gnss-sdr gkrellm freewheeling boinctui iputils-ping 2: https://lists.debian.org/debian-devel-announce/2017/08/msg4.html 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls 4: https://gnutls.org/manual/html_node/Priority-Strings.html [Original issue description] sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.0 (0x0301) Cipher Suites Length: 30 Cipher Suites (15 suites) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smtp 2>/dev/null | grep -E '^[[:space:]]+(Protocol|Cipher)' Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES128-GCM-SHA256 Additional information: $ lsb_release -rd Description: Ubuntu 16.04.3 LTS Release: 16.04 $ apt-cache
[Touch-packages] [Bug 1671974] Re: CUPS - Excessive Amounts of UDP Multicast Traffic for BJNP
Moving this bug under cups package. ** Package changed: cups-filters (Ubuntu) => cups (Ubuntu) ** Changed in: cups (Ubuntu) Status: Incomplete => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cups in Ubuntu. https://bugs.launchpad.net/bugs/1671974 Title: CUPS - Excessive Amounts of UDP Multicast Traffic for BJNP Status in cups package in Ubuntu: Confirmed Bug description: It appears that the cups-browsed service as of Xenial (version 1.8.3-2ubuntu3.1) sends an excessive amount of UDP multicast requests for ports 8610 (Canon MFNP) and 8612 (Canon BJNP) under unexpected conditions and regardless of a presence or lack of Canon printer devices on the network. This is manifested by enabling UFW, and observing multicast requests being blocked that are sent from the host machine's network IPv4 or IPv6 address to the multicast address, e.g. [UFW BLOCK] IN=wlp3s0 OUT= MAC= SRC= DST=ff02:::::::0001 LEN=64 TC=0 HOPLIMIT=1 FLOWLBL=96642 PROTO=UDP SPT=8612 DPT=8612 LEN=24 IN= OUT=wlan0 SRC=192.168.90.45 DST=192.168.91.255 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=7742 DF PROTO=UDP SPT=8612 DPT=8610 LEN=24 Users have observed that the requests can be reproduced when any USB device is plugged/unplugged into the computer, regardless of whether the device has anything to do with printing: https://twitter.com/gertvdijk/status/621790755758178304 https://bugs.kali.org/view.php?id=3094 Just Googling "udp 8612", shows are a large number of results on different websites of people who have observed this behaviour in firewall and traffic logs, and have noticed that it may contribute to network slowdown and latency: https://askubuntu.com/questions/867739/what-is-this-traffic/867786 https://serverfault.com/questions/667376/watchguard-blocking-internal-udp-packets https://jehurst.wordpress.com/2016/01/22/small-victories/ recommends disabling the cups-browsed service to stop these requests: systemctl stop cups-browsed.service systemctl disable cups-browsed.service There are probably two things to address here: 1. Connecting any USB device should not cause these requests unless the device is actually a printer or directly related to printing. 2. Requests independent of connecting USB devices should be rate limited to a degree and/or should be dependent on the actual presence of a Canon printer configured on the network. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/1671974/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1671974] [NEW] CUPS - Excessive Amounts of UDP Multicast Traffic for BJNP
You have been subscribed to a public bug: It appears that the cups-browsed service as of Xenial (version 1.8.3-2ubuntu3.1) sends an excessive amount of UDP multicast requests for ports 8610 (Canon MFNP) and 8612 (Canon BJNP) under unexpected conditions and regardless of a presence or lack of Canon printer devices on the network. This is manifested by enabling UFW, and observing multicast requests being blocked that are sent from the host machine's network IPv4 or IPv6 address to the multicast address, e.g. [UFW BLOCK] IN=wlp3s0 OUT= MAC= SRC= DST=ff02:::::::0001 LEN=64 TC=0 HOPLIMIT=1 FLOWLBL=96642 PROTO=UDP SPT=8612 DPT=8612 LEN=24 IN= OUT=wlan0 SRC=192.168.90.45 DST=192.168.91.255 LEN=44 TOS=0x00 PREC=0x00 TTL=64 ID=7742 DF PROTO=UDP SPT=8612 DPT=8610 LEN=24 Users have observed that the requests can be reproduced when any USB device is plugged/unplugged into the computer, regardless of whether the device has anything to do with printing: https://twitter.com/gertvdijk/status/621790755758178304 https://bugs.kali.org/view.php?id=3094 Just Googling "udp 8612", shows are a large number of results on different websites of people who have observed this behaviour in firewall and traffic logs, and have noticed that it may contribute to network slowdown and latency: https://askubuntu.com/questions/867739/what-is-this-traffic/867786 https://serverfault.com/questions/667376/watchguard-blocking-internal-udp-packets https://jehurst.wordpress.com/2016/01/22/small-victories/ recommends disabling the cups-browsed service to stop these requests: systemctl stop cups-browsed.service systemctl disable cups-browsed.service There are probably two things to address here: 1. Connecting any USB device should not cause these requests unless the device is actually a printer or directly related to printing. 2. Requests independent of connecting USB devices should be rate limited to a degree and/or should be dependent on the actual presence of a Canon printer configured on the network. ** Affects: cups (Ubuntu) Importance: Undecided Status: Confirmed ** Tags: xenial -- CUPS - Excessive Amounts of UDP Multicast Traffic for BJNP https://bugs.launchpad.net/bugs/1671974 You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cups in Ubuntu. -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer
If you look at http://people.canonical.com/~ubuntu-archive/proposed- migration/xenial/update_excuses.html#gnutls28 you'll see that aria2 failed on armhf, and network-manager on amd64. network-manager looks like a temporary failure, I just retried that; and aria2 - well, it fails to read CA certificates, I'm not sure why, but that seems unrelated too. I just retried it, maybe it works now; but maybe it's a bug in aria2 missing a test dependency. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer Status in gnutls26 package in Ubuntu: Invalid Status in gnutls28 package in Ubuntu: Fix Released Status in gnutls26 source package in Trusty: Fix Committed Status in gnutls28 source package in Trusty: Won't Fix Status in ssmtp source package in Trusty: Invalid Status in gnutls26 source package in Xenial: Invalid Status in gnutls28 source package in Xenial: Fix Committed Status in ssmtp source package in Xenial: Invalid Status in gnutls26 source package in Zesty: Invalid Status in gnutls28 source package in Zesty: Fix Released Status in ssmtp source package in Zesty: Invalid Status in gnutls26 source package in Artful: Invalid Status in gnutls28 source package in Artful: Fix Released Status in ssmtp source package in Artful: Invalid Status in gnutls28 package in Debian: Fix Released Bug description: [Impact] Applications using GnuTLS OpenSSL compat layer [1] are be unable to use modern TLS versions (1.1 and 1.2) when relying on the SSLv23_{client,server}_method functions. There is an industry-wide push to use modern TLS versions, see [2] and [3] for example. The proposed fix changes the compat layer to use GnuTLS' "NORMAL" priority [4] instead of hard-coding which protocol versions and ciphers to enable. [Test Case] 1) Setup a mail submission server that uses StartTLS 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay through the mail relay using StartTLS 3) Send an email while capturing with tcpdump/tshark 4) Inspect the submission connection (TCP/587) and look for the protocol version negotiated by the client. Without the fix, you should see TLSv1.0. With the fix, it should be TLSv1.2. Please see the original issue description for more details. [Regression Potential] Regression risk should be low since it's a backport of a simple fix that landed in Debian in April 2017. [References] 1: $ apt-cache rdepends libgnutls-openssl27 libgnutls-openssl27 Reverse Depends: libgnutls-dev libgnutls-dev zoneminder yaskkserv tf5 ssmtp snowdrop sngrep slrnpull slrn sipsak macopix-gtk2 gnss-sdr gkrellm freewheeling boinctui iputils-ping 2: https://lists.debian.org/debian-devel-announce/2017/08/msg4.html 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls 4: https://gnutls.org/manual/html_node/Priority-Strings.html [Original issue description] sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.0 (0x0301) Cipher Suites Length: 30 Cipher Suites (15 suites) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smt
[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer
You can also look at http://people.canonical.com/~ubuntu-archive /pending-sru.html of course, that lists all SRUs in any -proposed suite and mention regressions in autopkgtest in the left column. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer Status in gnutls26 package in Ubuntu: Invalid Status in gnutls28 package in Ubuntu: Fix Released Status in gnutls26 source package in Trusty: Fix Committed Status in gnutls28 source package in Trusty: Won't Fix Status in ssmtp source package in Trusty: Invalid Status in gnutls26 source package in Xenial: Invalid Status in gnutls28 source package in Xenial: Fix Committed Status in ssmtp source package in Xenial: Invalid Status in gnutls26 source package in Zesty: Invalid Status in gnutls28 source package in Zesty: Fix Released Status in ssmtp source package in Zesty: Invalid Status in gnutls26 source package in Artful: Invalid Status in gnutls28 source package in Artful: Fix Released Status in ssmtp source package in Artful: Invalid Status in gnutls28 package in Debian: Fix Released Bug description: [Impact] Applications using GnuTLS OpenSSL compat layer [1] are be unable to use modern TLS versions (1.1 and 1.2) when relying on the SSLv23_{client,server}_method functions. There is an industry-wide push to use modern TLS versions, see [2] and [3] for example. The proposed fix changes the compat layer to use GnuTLS' "NORMAL" priority [4] instead of hard-coding which protocol versions and ciphers to enable. [Test Case] 1) Setup a mail submission server that uses StartTLS 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay through the mail relay using StartTLS 3) Send an email while capturing with tcpdump/tshark 4) Inspect the submission connection (TCP/587) and look for the protocol version negotiated by the client. Without the fix, you should see TLSv1.0. With the fix, it should be TLSv1.2. Please see the original issue description for more details. [Regression Potential] Regression risk should be low since it's a backport of a simple fix that landed in Debian in April 2017. [References] 1: $ apt-cache rdepends libgnutls-openssl27 libgnutls-openssl27 Reverse Depends: libgnutls-dev libgnutls-dev zoneminder yaskkserv tf5 ssmtp snowdrop sngrep slrnpull slrn sipsak macopix-gtk2 gnss-sdr gkrellm freewheeling boinctui iputils-ping 2: https://lists.debian.org/debian-devel-announce/2017/08/msg4.html 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls 4: https://gnutls.org/manual/html_node/Priority-Strings.html [Original issue description] sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.0 (0x0301) Cipher Suites Length: 30 Cipher Suites (15 suites) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smtp 2>/dev/null | grep -E '^[[:space:]]+(Protocol|Cipher)' Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES128-GCM-SHA256 Additional information: $ lsb_release -rd Description: Ubuntu 16.04.3 LTS Release: 16.04 $ apt-cache polic
[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer
@juliank, thanks for the update. I wasn't aware of the autopkgtest failing for some reverse dependencies. Any pointers to those? I'm determined to see this one though, but on Monday ;) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer Status in gnutls26 package in Ubuntu: Invalid Status in gnutls28 package in Ubuntu: Fix Released Status in gnutls26 source package in Trusty: Fix Committed Status in gnutls28 source package in Trusty: Won't Fix Status in ssmtp source package in Trusty: Invalid Status in gnutls26 source package in Xenial: Invalid Status in gnutls28 source package in Xenial: Fix Committed Status in ssmtp source package in Xenial: Invalid Status in gnutls26 source package in Zesty: Invalid Status in gnutls28 source package in Zesty: Fix Released Status in ssmtp source package in Zesty: Invalid Status in gnutls26 source package in Artful: Invalid Status in gnutls28 source package in Artful: Fix Released Status in ssmtp source package in Artful: Invalid Status in gnutls28 package in Debian: Fix Released Bug description: [Impact] Applications using GnuTLS OpenSSL compat layer [1] are be unable to use modern TLS versions (1.1 and 1.2) when relying on the SSLv23_{client,server}_method functions. There is an industry-wide push to use modern TLS versions, see [2] and [3] for example. The proposed fix changes the compat layer to use GnuTLS' "NORMAL" priority [4] instead of hard-coding which protocol versions and ciphers to enable. [Test Case] 1) Setup a mail submission server that uses StartTLS 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay through the mail relay using StartTLS 3) Send an email while capturing with tcpdump/tshark 4) Inspect the submission connection (TCP/587) and look for the protocol version negotiated by the client. Without the fix, you should see TLSv1.0. With the fix, it should be TLSv1.2. Please see the original issue description for more details. [Regression Potential] Regression risk should be low since it's a backport of a simple fix that landed in Debian in April 2017. [References] 1: $ apt-cache rdepends libgnutls-openssl27 libgnutls-openssl27 Reverse Depends: libgnutls-dev libgnutls-dev zoneminder yaskkserv tf5 ssmtp snowdrop sngrep slrnpull slrn sipsak macopix-gtk2 gnss-sdr gkrellm freewheeling boinctui iputils-ping 2: https://lists.debian.org/debian-devel-announce/2017/08/msg4.html 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls 4: https://gnutls.org/manual/html_node/Priority-Strings.html [Original issue description] sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.0 (0x0301) Cipher Suites Length: 30 Cipher Suites (15 suites) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smtp 2>/dev/null | grep -E '^[[:space:]]+(Protocol|Cipher)' Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES128-GCM-SHA256 Additional information: $ lsb_release -rd Description: Ubuntu 16.04.3 LTS Release: 16.04 $ apt-cache policy ssmtp lib
[Touch-packages] [Bug 882147] Re: overlayfs does not implement inotify interfaces correctly
tail -f /var/log/syslog worked for me with 17.10 dev | kernel 4.12. (Tested by turning network on and off). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to coreutils in Ubuntu. https://bugs.launchpad.net/bugs/882147 Title: overlayfs does not implement inotify interfaces correctly Status in coreutils package in Ubuntu: In Progress Status in linux package in Ubuntu: Triaged Status in coreutils source package in Precise: Confirmed Status in linux source package in Precise: Triaged Bug description: When using tail on the liveCD some updates are not reported. This seems to be triggered by tail using inotify to identify modified files. Overlayfs does not appear to be implementing inotify quite the way you might hope reporting only against the underlying filesystems. Related bugs: * bug 1213925: upstart should notice "/etc" inode change ProblemType: Bug DistroRelease: Ubuntu 11.10 Package: linux-image-3.0.0-12-generic 3.0.0-12.20 ProcVersionSignature: Ubuntu 3.0.0-12.20-generic 3.0.4 Uname: Linux 3.0.0-12-generic x86_64 AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.24. ApportVersion: 1.23-0ubuntu3 Architecture: amd64 ArecordDevices: List of CAPTURE Hardware Devices card 0: Intel [HDA Intel], device 0: STAC92xx Analog [STAC92xx Analog] Subdevices: 0/1 Subdevice #0: subdevice #0 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: apw2296 F pulseaudio /dev/snd/pcmC0D0c: apw2296 F...m pulseaudio /dev/snd/pcmC0D0p: apw2296 F...m pulseaudio Card0.Amixer.info: Card hw:0 'Intel'/'HDA Intel at 0xfc70 irq 47' Mixer name : 'Intel Cantiga HDMI' Components : 'HDA:111d7675,1028029f,00100103 HDA:80862802,80860101,0010' Controls : 20 Simple ctrls : 11 Date: Wed Oct 26 17:46:16 2011 EcryptfsInUse: Yes HibernationDevice: RESUME=UUID=d8328455-deac-4bae-877d-c408d371cefe MachineType: Dell Inc. Studio 1537 ProcEnviron: PATH=(custom, user) LANG=en_GB.UTF-8 SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-3.0.0-12-generic root=UUID=cf503727-25f2-4ecd-b0f3-2b894523bcba ro quiet splash vt.handoff=7 RelatedPackageVersions: linux-restricted-modules-3.0.0-12-generic N/A linux-backports-modules-3.0.0-12-generic N/A linux-firmware1.60 SourcePackage: linux UpgradeStatus: Upgraded to oneiric on 2011-10-17 (9 days ago) WpaSupplicantLog: dmi.bios.date: 09/22/2008 dmi.bios.vendor: Dell Inc. dmi.bios.version: A03 dmi.board.vendor: Dell Inc. dmi.board.version: A03 dmi.chassis.type: 8 dmi.chassis.vendor: Dell Inc. dmi.chassis.version: A03 dmi.modalias: dmi:bvnDellInc.:bvrA03:bd09/22/2008:svnDellInc.:pnStudio1537:pvrA03:rvnDellInc.:rn:rvrA03:cvnDellInc.:ct8:cvrA03: dmi.product.name: Studio 1537 dmi.product.version: A03 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/coreutils/+bug/882147/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer
@sdeziel we just hurried the zesty one up yesterday to make place for a new SRU in zesty. And now it is weekend, and I'm not sure, but I don't think updates are released during weekends. You could try pinging in #ubuntu-release on Monday. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer Status in gnutls26 package in Ubuntu: Invalid Status in gnutls28 package in Ubuntu: Fix Released Status in gnutls26 source package in Trusty: Fix Committed Status in gnutls28 source package in Trusty: Won't Fix Status in ssmtp source package in Trusty: Invalid Status in gnutls26 source package in Xenial: Invalid Status in gnutls28 source package in Xenial: Fix Committed Status in ssmtp source package in Xenial: Invalid Status in gnutls26 source package in Zesty: Invalid Status in gnutls28 source package in Zesty: Fix Released Status in ssmtp source package in Zesty: Invalid Status in gnutls26 source package in Artful: Invalid Status in gnutls28 source package in Artful: Fix Released Status in ssmtp source package in Artful: Invalid Status in gnutls28 package in Debian: Fix Released Bug description: [Impact] Applications using GnuTLS OpenSSL compat layer [1] are be unable to use modern TLS versions (1.1 and 1.2) when relying on the SSLv23_{client,server}_method functions. There is an industry-wide push to use modern TLS versions, see [2] and [3] for example. The proposed fix changes the compat layer to use GnuTLS' "NORMAL" priority [4] instead of hard-coding which protocol versions and ciphers to enable. [Test Case] 1) Setup a mail submission server that uses StartTLS 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay through the mail relay using StartTLS 3) Send an email while capturing with tcpdump/tshark 4) Inspect the submission connection (TCP/587) and look for the protocol version negotiated by the client. Without the fix, you should see TLSv1.0. With the fix, it should be TLSv1.2. Please see the original issue description for more details. [Regression Potential] Regression risk should be low since it's a backport of a simple fix that landed in Debian in April 2017. [References] 1: $ apt-cache rdepends libgnutls-openssl27 libgnutls-openssl27 Reverse Depends: libgnutls-dev libgnutls-dev zoneminder yaskkserv tf5 ssmtp snowdrop sngrep slrnpull slrn sipsak macopix-gtk2 gnss-sdr gkrellm freewheeling boinctui iputils-ping 2: https://lists.debian.org/debian-devel-announce/2017/08/msg4.html 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls 4: https://gnutls.org/manual/html_node/Priority-Strings.html [Original issue description] sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.0 (0x0301) Cipher Suites Length: 30 Cipher Suites (15 suites) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smtp 2>/dev/null | grep -E '^[[:space:]]+(Protocol|Cipher)' Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES128-GCM-SHA256 Additional information: $ lsb_release -rd Description: Ubuntu 16.04.3 LT
[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer
@sdeziel One problem here probably being that the updates are stuck due to reverse dependencies failing autopkgtest and you not convincing people that these failures are unrelated. If you don't push hard on that kind of stuff, nothing really happens. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer Status in gnutls26 package in Ubuntu: Invalid Status in gnutls28 package in Ubuntu: Fix Released Status in gnutls26 source package in Trusty: Fix Committed Status in gnutls28 source package in Trusty: Won't Fix Status in ssmtp source package in Trusty: Invalid Status in gnutls26 source package in Xenial: Invalid Status in gnutls28 source package in Xenial: Fix Committed Status in ssmtp source package in Xenial: Invalid Status in gnutls26 source package in Zesty: Invalid Status in gnutls28 source package in Zesty: Fix Released Status in ssmtp source package in Zesty: Invalid Status in gnutls26 source package in Artful: Invalid Status in gnutls28 source package in Artful: Fix Released Status in ssmtp source package in Artful: Invalid Status in gnutls28 package in Debian: Fix Released Bug description: [Impact] Applications using GnuTLS OpenSSL compat layer [1] are be unable to use modern TLS versions (1.1 and 1.2) when relying on the SSLv23_{client,server}_method functions. There is an industry-wide push to use modern TLS versions, see [2] and [3] for example. The proposed fix changes the compat layer to use GnuTLS' "NORMAL" priority [4] instead of hard-coding which protocol versions and ciphers to enable. [Test Case] 1) Setup a mail submission server that uses StartTLS 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay through the mail relay using StartTLS 3) Send an email while capturing with tcpdump/tshark 4) Inspect the submission connection (TCP/587) and look for the protocol version negotiated by the client. Without the fix, you should see TLSv1.0. With the fix, it should be TLSv1.2. Please see the original issue description for more details. [Regression Potential] Regression risk should be low since it's a backport of a simple fix that landed in Debian in April 2017. [References] 1: $ apt-cache rdepends libgnutls-openssl27 libgnutls-openssl27 Reverse Depends: libgnutls-dev libgnutls-dev zoneminder yaskkserv tf5 ssmtp snowdrop sngrep slrnpull slrn sipsak macopix-gtk2 gnss-sdr gkrellm freewheeling boinctui iputils-ping 2: https://lists.debian.org/debian-devel-announce/2017/08/msg4.html 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls 4: https://gnutls.org/manual/html_node/Priority-Strings.html [Original issue description] sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.0 (0x0301) Cipher Suites Length: 30 Cipher Suites (15 suites) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smtp 2>/dev/null | grep -E '^[[:space:]]+(Protocol|Cipher)' Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES128-GCM-SHA256 Additional information: $ lsb_release -rd Description: Ubunt
[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer
The Xenial fix is identical to what went in Artful and Zesty so it shouldn't be subject to any more review. The review was requested to check if the different fix proposed for Trusty was OK. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer Status in gnutls26 package in Ubuntu: Invalid Status in gnutls28 package in Ubuntu: Fix Released Status in gnutls26 source package in Trusty: Fix Committed Status in gnutls28 source package in Trusty: Won't Fix Status in ssmtp source package in Trusty: Invalid Status in gnutls26 source package in Xenial: Invalid Status in gnutls28 source package in Xenial: Fix Committed Status in ssmtp source package in Xenial: Invalid Status in gnutls26 source package in Zesty: Invalid Status in gnutls28 source package in Zesty: Fix Released Status in ssmtp source package in Zesty: Invalid Status in gnutls26 source package in Artful: Invalid Status in gnutls28 source package in Artful: Fix Released Status in ssmtp source package in Artful: Invalid Status in gnutls28 package in Debian: Fix Released Bug description: [Impact] Applications using GnuTLS OpenSSL compat layer [1] are be unable to use modern TLS versions (1.1 and 1.2) when relying on the SSLv23_{client,server}_method functions. There is an industry-wide push to use modern TLS versions, see [2] and [3] for example. The proposed fix changes the compat layer to use GnuTLS' "NORMAL" priority [4] instead of hard-coding which protocol versions and ciphers to enable. [Test Case] 1) Setup a mail submission server that uses StartTLS 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay through the mail relay using StartTLS 3) Send an email while capturing with tcpdump/tshark 4) Inspect the submission connection (TCP/587) and look for the protocol version negotiated by the client. Without the fix, you should see TLSv1.0. With the fix, it should be TLSv1.2. Please see the original issue description for more details. [Regression Potential] Regression risk should be low since it's a backport of a simple fix that landed in Debian in April 2017. [References] 1: $ apt-cache rdepends libgnutls-openssl27 libgnutls-openssl27 Reverse Depends: libgnutls-dev libgnutls-dev zoneminder yaskkserv tf5 ssmtp snowdrop sngrep slrnpull slrn sipsak macopix-gtk2 gnss-sdr gkrellm freewheeling boinctui iputils-ping 2: https://lists.debian.org/debian-devel-announce/2017/08/msg4.html 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls 4: https://gnutls.org/manual/html_node/Priority-Strings.html [Original issue description] sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.0 (0x0301) Cipher Suites Length: 30 Cipher Suites (15 suites) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smtp 2>/dev/null | grep -E '^[[:space:]]+(Protocol|Cipher)' Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES128-GCM-SHA256 Additional information: $ lsb_release -rd Description: Ubuntu 16.04.3 LTS Release: 16.04 $ apt-cache policy ss
[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer
Ignore my last comment. You were asking about Xenial but it was the Trusty SRU that was blocked on ubuntu-security review. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer Status in gnutls26 package in Ubuntu: Invalid Status in gnutls28 package in Ubuntu: Fix Released Status in gnutls26 source package in Trusty: Fix Committed Status in gnutls28 source package in Trusty: Won't Fix Status in ssmtp source package in Trusty: Invalid Status in gnutls26 source package in Xenial: Invalid Status in gnutls28 source package in Xenial: Fix Committed Status in ssmtp source package in Xenial: Invalid Status in gnutls26 source package in Zesty: Invalid Status in gnutls28 source package in Zesty: Fix Released Status in ssmtp source package in Zesty: Invalid Status in gnutls26 source package in Artful: Invalid Status in gnutls28 source package in Artful: Fix Released Status in ssmtp source package in Artful: Invalid Status in gnutls28 package in Debian: Fix Released Bug description: [Impact] Applications using GnuTLS OpenSSL compat layer [1] are be unable to use modern TLS versions (1.1 and 1.2) when relying on the SSLv23_{client,server}_method functions. There is an industry-wide push to use modern TLS versions, see [2] and [3] for example. The proposed fix changes the compat layer to use GnuTLS' "NORMAL" priority [4] instead of hard-coding which protocol versions and ciphers to enable. [Test Case] 1) Setup a mail submission server that uses StartTLS 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay through the mail relay using StartTLS 3) Send an email while capturing with tcpdump/tshark 4) Inspect the submission connection (TCP/587) and look for the protocol version negotiated by the client. Without the fix, you should see TLSv1.0. With the fix, it should be TLSv1.2. Please see the original issue description for more details. [Regression Potential] Regression risk should be low since it's a backport of a simple fix that landed in Debian in April 2017. [References] 1: $ apt-cache rdepends libgnutls-openssl27 libgnutls-openssl27 Reverse Depends: libgnutls-dev libgnutls-dev zoneminder yaskkserv tf5 ssmtp snowdrop sngrep slrnpull slrn sipsak macopix-gtk2 gnss-sdr gkrellm freewheeling boinctui iputils-ping 2: https://lists.debian.org/debian-devel-announce/2017/08/msg4.html 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls 4: https://gnutls.org/manual/html_node/Priority-Strings.html [Original issue description] sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.0 (0x0301) Cipher Suites Length: 30 Cipher Suites (15 suites) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smtp 2>/dev/null | grep -E '^[[:space:]]+(Protocol|Cipher)' Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES128-GCM-SHA256 Additional information: $ lsb_release -rd Description: Ubuntu 16.04.3 LTS Release: 16.04 $ apt-cache policy ssmtp libgnutls-openssl27 ssmtp: Installed: 2.64-8ubuntu1 Can
[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer
@sdeziel ubuntu-security was asked to comment on it a few days ago. I've just freed up enough to take a look. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer Status in gnutls26 package in Ubuntu: Invalid Status in gnutls28 package in Ubuntu: Fix Released Status in gnutls26 source package in Trusty: Fix Committed Status in gnutls28 source package in Trusty: Won't Fix Status in ssmtp source package in Trusty: Invalid Status in gnutls26 source package in Xenial: Invalid Status in gnutls28 source package in Xenial: Fix Committed Status in ssmtp source package in Xenial: Invalid Status in gnutls26 source package in Zesty: Invalid Status in gnutls28 source package in Zesty: Fix Released Status in ssmtp source package in Zesty: Invalid Status in gnutls26 source package in Artful: Invalid Status in gnutls28 source package in Artful: Fix Released Status in ssmtp source package in Artful: Invalid Status in gnutls28 package in Debian: Fix Released Bug description: [Impact] Applications using GnuTLS OpenSSL compat layer [1] are be unable to use modern TLS versions (1.1 and 1.2) when relying on the SSLv23_{client,server}_method functions. There is an industry-wide push to use modern TLS versions, see [2] and [3] for example. The proposed fix changes the compat layer to use GnuTLS' "NORMAL" priority [4] instead of hard-coding which protocol versions and ciphers to enable. [Test Case] 1) Setup a mail submission server that uses StartTLS 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay through the mail relay using StartTLS 3) Send an email while capturing with tcpdump/tshark 4) Inspect the submission connection (TCP/587) and look for the protocol version negotiated by the client. Without the fix, you should see TLSv1.0. With the fix, it should be TLSv1.2. Please see the original issue description for more details. [Regression Potential] Regression risk should be low since it's a backport of a simple fix that landed in Debian in April 2017. [References] 1: $ apt-cache rdepends libgnutls-openssl27 libgnutls-openssl27 Reverse Depends: libgnutls-dev libgnutls-dev zoneminder yaskkserv tf5 ssmtp snowdrop sngrep slrnpull slrn sipsak macopix-gtk2 gnss-sdr gkrellm freewheeling boinctui iputils-ping 2: https://lists.debian.org/debian-devel-announce/2017/08/msg4.html 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls 4: https://gnutls.org/manual/html_node/Priority-Strings.html [Original issue description] sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.0 (0x0301) Cipher Suites Length: 30 Cipher Suites (15 suites) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smtp 2>/dev/null | grep -E '^[[:space:]]+(Protocol|Cipher)' Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES128-GCM-SHA256 Additional information: $ lsb_release -rd Description: Ubuntu 16.04.3 LTS Release: 16.04 $ apt-cache policy ssmtp libgnutls-openssl27 ssmtp: Installed: 2.64-8ubuntu1 Candidate: 2.64-
[Touch-packages] [Bug 1709193] Re: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer
It's been a while since the Xenial -proposed package have been successfully validated. Is there anything preventing it from entering -updates? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gnutls26 in Ubuntu. https://bugs.launchpad.net/bugs/1709193 Title: Unable to use TLSv1.1 or 1.2 with OpenSSL compat layer Status in gnutls26 package in Ubuntu: Invalid Status in gnutls28 package in Ubuntu: Fix Released Status in gnutls26 source package in Trusty: Fix Committed Status in gnutls28 source package in Trusty: Won't Fix Status in ssmtp source package in Trusty: Invalid Status in gnutls26 source package in Xenial: Invalid Status in gnutls28 source package in Xenial: Fix Committed Status in ssmtp source package in Xenial: Invalid Status in gnutls26 source package in Zesty: Invalid Status in gnutls28 source package in Zesty: Fix Released Status in ssmtp source package in Zesty: Invalid Status in gnutls26 source package in Artful: Invalid Status in gnutls28 source package in Artful: Fix Released Status in ssmtp source package in Artful: Invalid Status in gnutls28 package in Debian: Fix Released Bug description: [Impact] Applications using GnuTLS OpenSSL compat layer [1] are be unable to use modern TLS versions (1.1 and 1.2) when relying on the SSLv23_{client,server}_method functions. There is an industry-wide push to use modern TLS versions, see [2] and [3] for example. The proposed fix changes the compat layer to use GnuTLS' "NORMAL" priority [4] instead of hard-coding which protocol versions and ciphers to enable. [Test Case] 1) Setup a mail submission server that uses StartTLS 2) Setup sSMTP (uses GnuTLS OpenSSL compat layer) to relay through the mail relay using StartTLS 3) Send an email while capturing with tcpdump/tshark 4) Inspect the submission connection (TCP/587) and look for the protocol version negotiated by the client. Without the fix, you should see TLSv1.0. With the fix, it should be TLSv1.2. Please see the original issue description for more details. [Regression Potential] Regression risk should be low since it's a backport of a simple fix that landed in Debian in April 2017. [References] 1: $ apt-cache rdepends libgnutls-openssl27 libgnutls-openssl27 Reverse Depends: libgnutls-dev libgnutls-dev zoneminder yaskkserv tf5 ssmtp snowdrop sngrep slrnpull slrn sipsak macopix-gtk2 gnss-sdr gkrellm freewheeling boinctui iputils-ping 2: https://lists.debian.org/debian-devel-announce/2017/08/msg4.html 3: https://blog.pcisecuritystandards.org/migrating-from-ssl-and-early-tls 4: https://gnutls.org/manual/html_node/Priority-Strings.html [Original issue description] sSMTP is limited to using TLSv1.0 and the "old" ciphers that come with it. Here's a packet capture when ssmtp connects to smtp.sdeziel.info:587 that offers TLSv1.0 and higher: $ tshark -ta -Vr submission.pcap | sed -n '/^Frame 14:/,/^Frame 15:/ p' | grep -E '^[[:space:]]+(Version|Cipher|Handshake Protocol)' Version: TLS 1.0 (0x0301) Handshake Protocol: Client Hello Version: TLS 1.0 (0x0301) Cipher Suites Length: 30 Cipher Suites (15 suites) Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f) Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035) Cipher Suite: TLS_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0041) Cipher Suite: TLS_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0084) Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a) Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033) Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x0045) Cipher Suite: TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x0088) Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016) Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032) Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA (0x0044) Cipher Suite: TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA (0x0087) Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013) I would expect ssmtp to use TLSv1.2 and a recent cipher like the openssl s_client is able to do: $ echo | openssl s_client -connect smtp.sdeziel.info:587 -starttls smtp 2>/dev/null | grep -E '^[[:space:]]+(Protocol|Cipher)' Protocol : TLSv1.2 Cipher: ECDHE-RSA-AES128-GCM-SHA256 Additional information: $ lsb_release -rd Description: Ubuntu 16.04.3 LTS Release: 16.04 $ apt-cache policy ssmtp libgnutls-openssl27 ssmtp: Installed: 2
[Touch-packages] [Bug 1716042] [NEW] [Precision 5520, Realtek ALC3266, Speaker, Internal] Underruns, dropouts or crackling sound
Public bug reported: Ubuntu 16.04 LTS Crackling sound comes from only the left speaker! ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: alsa-base 1.0.25+dfsg-0ubuntu5 ProcVersionSignature: Ubuntu 4.4.0-92.115-generic 4.4.76 Uname: Linux 4.4.0-92-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.10 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: francesco 2538 F pulseaudio CurrentDesktop: Unity Date: Fri Sep 8 15:24:37 2017 DistributionChannelDescriptor: # This is a distribution channel descriptor # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor canonical-oem-somerville-xenial-amd64-20160624-2 InstallationDate: Installed on 2017-02-25 (195 days ago) InstallationMedia: Ubuntu 16.04 "Xenial" - Build amd64 LIVE Binary 20160624-10:47 PackageArchitecture: all SourcePackage: alsa-driver Symptom: audio Symptom_AlsaPlaybackTest: ALSA playback test through plughw:PCH failed Symptom_Card: Built-in Audio - HDA Intel PCH Symptom_Jack: Speaker, Internal Symptom_Type: Underruns, dropouts, or "crackling" sound Title: [Precision 5520, Realtek ALC3266, Speaker, Internal] Underruns, dropouts or crackling sound UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 01/18/2017 dmi.bios.vendor: Dell Inc. dmi.bios.version: 1.1.3 dmi.board.name: 0R6JFH dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 10 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvr1.1.3:bd01/18/2017:svnDellInc.:pnPrecision5520:pvr:rvnDellInc.:rn0R6JFH:rvrA00:cvnDellInc.:ct10:cvr: dmi.product.name: Precision 5520 dmi.sys.vendor: Dell Inc. ** Affects: alsa-driver (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug xenial -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1716042 Title: [Precision 5520, Realtek ALC3266, Speaker, Internal] Underruns, dropouts or crackling sound Status in alsa-driver package in Ubuntu: New Bug description: Ubuntu 16.04 LTS Crackling sound comes from only the left speaker! ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: alsa-base 1.0.25+dfsg-0ubuntu5 ProcVersionSignature: Ubuntu 4.4.0-92.115-generic 4.4.76 Uname: Linux 4.4.0-92-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.10 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: francesco 2538 F pulseaudio CurrentDesktop: Unity Date: Fri Sep 8 15:24:37 2017 DistributionChannelDescriptor: # This is a distribution channel descriptor # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor canonical-oem-somerville-xenial-amd64-20160624-2 InstallationDate: Installed on 2017-02-25 (195 days ago) InstallationMedia: Ubuntu 16.04 "Xenial" - Build amd64 LIVE Binary 20160624-10:47 PackageArchitecture: all SourcePackage: alsa-driver Symptom: audio Symptom_AlsaPlaybackTest: ALSA playback test through plughw:PCH failed Symptom_Card: Built-in Audio - HDA Intel PCH Symptom_Jack: Speaker, Internal Symptom_Type: Underruns, dropouts, or "crackling" sound Title: [Precision 5520, Realtek ALC3266, Speaker, Internal] Underruns, dropouts or crackling sound UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 01/18/2017 dmi.bios.vendor: Dell Inc. dmi.bios.version: 1.1.3 dmi.board.name: 0R6JFH dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 10 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvr1.1.3:bd01/18/2017:svnDellInc.:pnPrecision5520:pvr:rvnDellInc.:rn0R6JFH:rvrA00:cvnDellInc.:ct10:cvr: dmi.product.name: Precision 5520 dmi.sys.vendor: Dell Inc. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1716042/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716034] [NEW] Network manager stops managing Ethernet links after upgrade
Public bug reported: After upgrading Ubuntu, it stopped configuring the word connection on my headless computer (super annoying to deal with). In any case, it was an issue with NM config change that caused my wired device to become unmanaged. There are several people discussing this here: https://askubuntu.com/questions/882806/ethernet-device-not-managed ** Affects: network-manager (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1716034 Title: Network manager stops managing Ethernet links after upgrade Status in network-manager package in Ubuntu: New Bug description: After upgrading Ubuntu, it stopped configuring the word connection on my headless computer (super annoying to deal with). In any case, it was an issue with NM config change that caused my wired device to become unmanaged. There are several people discussing this here: https://askubuntu.com/questions/882806/ethernet-device-not-managed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1716034/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716022] [NEW] Mouse cursor jaggy movements
Public bug reported: Ever since the update of libmpfr4:amd64 (3.1.6~rc1-1, 3.1.6-1) on 2017-09-08 12:28:20 the mouse cursor demonstrates a jumpy / jaggy behaviour. Compared to a similar machine or the live cd the mouse seems to jump around. Testing with a handwritten text in Gimp demonstrated the difference. This might not be an Xorg error but rather a Wayland | Mutter | libmpfr issue (I really can't tell but had to make a start) ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: xorg 1:7.7+19ubuntu2 ProcVersionSignature: Ubuntu 4.12.0-13.14-generic 4.12.10 Uname: Linux 4.12.0-13-generic x86_64 ApportVersion: 2.20.7-0ubuntu1 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Fri Sep 8 19:05:34 2017 DistUpgraded: Fresh install DistroCodename: artful DistroVariant: ubuntu DkmsStatus: virtualbox, 5.1.26, 4.12.0-12-generic, x86_64: installed virtualbox, 5.1.26, 4.12.0-13-generic, x86_64: installed ExtraDebuggingInterest: Yes, if not too technical GraphicsCard: Intel Corporation Iris Graphics 6100 [8086:162b] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Apple Inc. Iris Graphics 6100 [106b:013f] InstallationDate: Installed on 2017-09-05 (3 days ago) InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Alpha amd64 (20170902) MachineType: Apple Inc. MacBookPro12,1 ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.12.0-13-generic.efi.signed root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=7 SourcePackage: xorg Symptom: display UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 06/18/2017 dmi.bios.vendor: Apple Inc. dmi.bios.version: MBP121.88Z.0167.B33.1706181928 dmi.board.name: Mac-E43C1C25D4880AD6 dmi.board.vendor: Apple Inc. dmi.board.version: MacBookPro12,1 dmi.chassis.type: 9 dmi.chassis.vendor: Apple Inc. dmi.chassis.version: Mac-E43C1C25D4880AD6 dmi.modalias: dmi:bvnAppleInc.:bvrMBP121.88Z.0167.B33.1706181928:bd06/18/2017:svnAppleInc.:pnMacBookPro12,1:pvr1.0:rvnAppleInc.:rnMac-E43C1C25D4880AD6:rvrMacBookPro12,1:cvnAppleInc.:ct9:cvrMac-E43C1C25D4880AD6: dmi.product.family: MacBook Pro dmi.product.name: MacBookPro12,1 dmi.product.version: 1.0 dmi.sys.vendor: Apple Inc. version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.82-1 version.libgl1-mesa-dri: libgl1-mesa-dri 17.2.0-0ubuntu1 version.libgl1-mesa-glx: libgl1-mesa-glx 17.2.0-0ubuntu1 version.xserver-xorg-core: xserver-xorg-core 2:1.19.3-1ubuntu6 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.9.0-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20170309-0ubuntu1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.15-2 ** Affects: xorg (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug artful performance regression single-occurrence ubuntu -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1716022 Title: Mouse cursor jaggy movements Status in xorg package in Ubuntu: New Bug description: Ever since the update of libmpfr4:amd64 (3.1.6~rc1-1, 3.1.6-1) on 2017-09-08 12:28:20 the mouse cursor demonstrates a jumpy / jaggy behaviour. Compared to a similar machine or the live cd the mouse seems to jump around. Testing with a handwritten text in Gimp demonstrated the difference. This might not be an Xorg error but rather a Wayland | Mutter | libmpfr issue (I really can't tell but had to make a start) ProblemType: Bug DistroRelease: Ubuntu 17.10 Package: xorg 1:7.7+19ubuntu2 ProcVersionSignature: Ubuntu 4.12.0-13.14-generic 4.12.10 Uname: Linux 4.12.0-13-generic x86_64 ApportVersion: 2.20.7-0ubuntu1 Architecture: amd64 CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Fri Sep 8 19:05:34 2017 DistUpgraded: Fresh install DistroCodename: artful DistroVariant: ubuntu DkmsStatus: virtualbox, 5.1.26, 4.12.0-12-generic, x86_64: installed virtualbox, 5.1.26, 4.12.0-13-generic, x86_64: installed ExtraDebuggingInterest: Yes, if not too technical GraphicsCard: Intel Corporation Iris Graphics 6100 [8086:162b] (rev 09) (prog-if 00 [VGA controller]) Subsystem: Apple Inc. Iris Graphics 6100 [106b:013f] InstallationDate: Installed on 2017-09-05 (3 days ago) InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Alpha amd64 (20170902) MachineType: Apple Inc. MacBookPro12,1 ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-4.12.0-13-generic.efi.signed root=/dev/mapper/ubuntu--vg-root ro quiet splash vt.handoff=7 SourcePackage: xorg Symptom: display UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 06/18/2017 dmi.bios.vendor: Apple Inc. dmi.bio
[Touch-packages] [Bug 1715753] Re: ln --relative broken on u14, works on u16
** Tags added: trusty -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to coreutils in Ubuntu. https://bugs.launchpad.net/bugs/1715753 Title: ln --relative broken on u14, works on u16 Status in coreutils package in Ubuntu: New Bug description: in ubuntu14, the behavior of "ln --relative" seems to be quite broken. on ubuntu 16 it works as expected. can we please backport whatever fix from u16 or update coreutils? 8.15 is where they started including the 'realpath' binary, maybe they fixed "ln --relative" too. u14 INCORRECT: $ loop=0; nloops=4; base=/tmp/lntest; rm -rf $base/ && mkdir -p $base/dir && touch $base/dir/file && while ((loop++ < nloops)); do ln -frs $base/dir/file $base/link; readlink -f $base/link; sleep 1; done /tmp/lntest/dir/file /tmp/lntest/file /tmp/lntest/dir/file /tmp/lntest/file u16 CORRECT: $ loop=0; nloops=4; base=/tmp/lntest; rm -rf $base/ && mkdir -p $base/dir && touch $base/dir/file && while ((loop++ < nloops)); do ln -frs $base/dir/file $base/link; readlink -f $base/link; sleep 1; done /tmp/lntest/dir/file /tmp/lntest/dir/file /tmp/lntest/dir/file /tmp/lntest/dir/file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/coreutils/+bug/1715753/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1715931] Re: Update to exiv2 version 0.26
** Tags added: upgrade-software-version -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to exiv2 in Ubuntu. https://bugs.launchpad.net/bugs/1715931 Title: Update to exiv2 version 0.26 Status in exiv2 package in Ubuntu: New Bug description: 0.26 was released in April http://www.exiv2.org/whatsnew.html "This release contains a large collection of new features, new lenses and bugfixes across all areas of Exiv2. " Presumably debian stretch freeze interfered with a prompter update Currently in debian exp here: https://packages.debian.org/experimental/exiv2 I was hoping to to get a new feature release of the very popular Digikam (5.7.0) into artful under a FFE, but that has bumped the minimum exiv2 build depend from 0.25 -> 0.26. If due to rdeps etc an update in artful turns out not to be possible, I would like to target this for early in 18.04 LTS cycle. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exiv2/+bug/1715931/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1715805] Re: system crash
*** This bug is a duplicate of bug 1715804 *** https://bugs.launchpad.net/bugs/1715804 ** This bug has been marked a duplicate of bug 1715804 system crash -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1715805 Title: system crash Status in xorg package in Ubuntu: New Bug description: I dont know why but in between my os crashes and some orange line comes on my screen then i have to restart my pc it is hard when i am doing my projects i have to do it all again please help and i am new tu ubuntu linux ProblemType: Bug DistroRelease: Ubuntu 17.04 Package: xorg 1:7.7+16ubuntu3 ProcVersionSignature: Ubuntu 4.10.0-33.37-generic 4.10.17 Uname: Linux 4.10.0-33-generic x86_64 .tmp.unity_support_test.0: ApportVersion: 2.20.4-0ubuntu4.5 Architecture: amd64 CompositorRunning: compiz CompositorUnredirectDriverBlacklist: '(nouveau|Intel).*Mesa 8.0' CompositorUnredirectFSW: true CurrentDesktop: Unity:Unity7 Date: Fri Sep 8 10:43:01 2017 DistUpgraded: Fresh install DistroCodename: zesty DistroVariant: ubuntu ExtraDebuggingInterest: Yes, if not too technical GraphicsCard: NVIDIA Corporation C61 [GeForce 7025 / nForce 630a] [10de:03d6] (rev a2) (prog-if 00 [VGA controller]) Subsystem: Gigabyte Technology Co., Ltd C61 [GeForce 7025 / nForce 630a] [1458:d000] InstallationDate: Installed on 2017-09-06 (1 days ago) InstallationMedia: Ubuntu 17.04 "Zesty Zapus" - Release amd64 (20170412) Lsusb: Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub Bus 002 Device 003: ID 13ee:0001 MosArt Optical Mouse Bus 002 Device 002: ID 1c4f:0002 SiGma Micro Keyboard TRACER Gamma Ivory Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub MachineType: Gigabyte Technology Co., Ltd. M68MT-D3 ProcEnviron: LANGUAGE=en_IN:en PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_IN SHELL=/bin/bash ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-4.10.0-33-generic root=UUID=40de3290-6e3a-40dc-b4a2-40c6893c2d94 ro quiet splash vt.handoff=7 SourcePackage: xorg Symptom: display Title: Xorg crash UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 06/14/2010 dmi.bios.vendor: Award Software International, Inc. dmi.bios.version: F2 dmi.board.name: M68MT-D3 dmi.board.vendor: Gigabyte Technology Co., Ltd. dmi.board.version: x.x dmi.chassis.type: 3 dmi.chassis.vendor: Gigabyte Technology Co., Ltd. dmi.modalias: dmi:bvnAwardSoftwareInternational,Inc.:bvrF2:bd06/14/2010:svnGigabyteTechnologyCo.,Ltd.:pnM68MT-D3:pvr:rvnGigabyteTechnologyCo.,Ltd.:rnM68MT-D3:rvrx.x:cvnGigabyteTechnologyCo.,Ltd.:ct3:cvr: dmi.product.name: M68MT-D3 dmi.sys.vendor: Gigabyte Technology Co., Ltd. version.compiz: compiz 1:0.9.13.1+17.04.20170109-0ubuntu1 version.ia32-libs: ia32-libs N/A version.libdrm2: libdrm2 2.4.76-1 version.libgl1-mesa-dri: libgl1-mesa-dri 17.0.7-0ubuntu0.17.04.1 version.libgl1-mesa-dri-experimental: libgl1-mesa-dri-experimental N/A version.libgl1-mesa-glx: libgl1-mesa-glx 17.0.7-0ubuntu0.17.04.1 version.xserver-xorg-core: xserver-xorg-core 2:1.19.3-1ubuntu1.1 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:7.9.0-0ubuntu1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20170309-0ubuntu1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.14-0ubuntu1 xserver.bootTime: Fri Sep 8 10:38:46 2017 xserver.configfile: default xserver.errors: Failed to load module "nvidia" (module does not exist, 0) Failed to load module "nvidia" (module does not exist, 0) xserver.logfile: /var/log/Xorg.0.log xserver.version: 2:1.19.3-1ubuntu1.1 xserver.video_driver: nouveau To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1715805/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716018] [NEW] nm-applet often disappears from panel at startup
Public bug reported: i am with ubuntu 16.04 desktop (64-bit) network-manager.service often doesn't start and nm-applet disappears from panel at startup ** Affects: alsa-driver (Ubuntu) Importance: Undecided Status: New ** Summary changed: - nm-applet offten disappears from panel at startup + nm-applet often disappears from panel at startup -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1716018 Title: nm-applet often disappears from panel at startup Status in alsa-driver package in Ubuntu: New Bug description: i am with ubuntu 16.04 desktop (64-bit) network-manager.service often doesn't start and nm-applet disappears from panel at startup To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1716018/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716009] Re: problem with the sound since the latest update
** Package changed: firefox-3.0 (Ubuntu) => alsa-driver (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1716009 Title: problem with the sound since the latest update Status in alsa-driver package in Ubuntu: New Bug description: i am with an old intel chipset motherboard having an integrated realtek alc888 sound, and Ubuntu 16.04 Desktop (64-bit); since the latest update there has had no effect when adjusting sound volume from the sound menu on the menu bar and sound settings, and no sound in counter strike 1.6 linux version, also, there has appeared an effect of a sound interruption/break (for less than a second) when switching between applications, however, i can still adjust the sound volume from gnome alsa mixer the latest update includes: snapd-login-service:amd64 libsnapd-glib1:amd64 linux-firmware:amd64 libgd3:amd64 the previous ——: libpackagekit-glib2-16:amd64 gir1.2-packagekitglib-1.0:amd64 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1716009/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716014] [NEW] Create Volatile Files and Directories without time limit
Public bug reported: I installed Ubuntu 17.04 on Lenovo X270. Works fine so far. But the boot process **sometimes** hangs. Please note the attachment. I don't know if that contributes to the issue, but on the X270, the Trackpoint is very slow. The proposed solution around the Web is: ~# vim /etc/tmpfiles.d/trackpoint.conf #and add the following lines w /sys/devices/platform/i8042/serio1/serio2/speed - - - - 255 w /sys/devices/platform/i8042/serio1/serio2/sensitivity - - - - 200 then ~# systemd-tmpfiles --prefix=/sys --create ** Affects: systemd (Ubuntu) Importance: Undecided Status: New ** Attachment added: "Boot-up Error" https://bugs.launchpad.net/bugs/1716014/+attachment/4946607/+files/IMG_20170908_180312.jpg -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1716014 Title: Create Volatile Files and Directories without time limit Status in systemd package in Ubuntu: New Bug description: I installed Ubuntu 17.04 on Lenovo X270. Works fine so far. But the boot process **sometimes** hangs. Please note the attachment. I don't know if that contributes to the issue, but on the X270, the Trackpoint is very slow. The proposed solution around the Web is: ~# vim /etc/tmpfiles.d/trackpoint.conf #and add the following lines w /sys/devices/platform/i8042/serio1/serio2/speed - - - - 255 w /sys/devices/platform/i8042/serio1/serio2/sensitivity - - - - 200 then ~# systemd-tmpfiles --prefix=/sys --create To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1716014/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1716009] [NEW] problem with the sound since the latest update
You have been subscribed to a public bug: i am with an old intel chipset motherboard having an integrated realtek alc888 sound, and Ubuntu 16.04 Desktop (64-bit); since the latest update there has had no effect when adjusting sound volume from the sound menu on the menu bar and sound settings, and no sound in counter strike 1.6 linux version, also, there has appeared an effect of a sound interruption/break (for less than a second) when switching between applications, however, i can still adjust the sound volume from gnome alsa mixer the latest update includes: snapd-login-service:amd64 libsnapd-glib1:amd64 linux-firmware:amd64 libgd3:amd64 the previous ——: libpackagekit-glib2-16:amd64 gir1.2-packagekitglib-1.0:amd64 ** Affects: alsa-driver (Ubuntu) Importance: Undecided Status: New -- problem with the sound since the latest update https://bugs.launchpad.net/bugs/1716009 You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1692188] Re: journalctl --vacuum* ignores --quiet
Sweet! Thank you! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1692188 Title: journalctl --vacuum* ignores --quiet Status in systemd package in Ubuntu: New Bug description: I am clearing the journal per cron using `journalctl --vacuum-time=1d --quiet`. Unfortunately the `--quiet` is ignored, and the journalctl always outputs something like `Vacuuming done…`. This results in cron sending me an email, and I don’t like that. I think that `--quiet` should suppress normal output of `journalctl --vacuum-time=1d`. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1692188/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1682934] Re: python3 in /usr/local/bin can cause python3 packages to fail to install
** Bug watch added: Debian Bug tracker #852163 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852163 ** Also affects: python3.5 (Debian) via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=852163 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to python2.7 in Ubuntu. https://bugs.launchpad.net/bugs/1682934 Title: python3 in /usr/local/bin can cause python3 packages to fail to install Status in python2.7 package in Ubuntu: Confirmed Status in python3.5 package in Ubuntu: Fix Released Status in python2.7 source package in Xenial: New Status in python3.5 source package in Xenial: New Status in python2.7 source package in Zesty: New Status in python3.5 source package in Zesty: New Status in python3.5 package in Debian: Unknown Bug description: Got this error while using "Transmageddon Video Transcoder" and again while updating 16.10 to 17.04. Seems to have something to do with needing that Python3 version for Teletext decoding in media that is in transport stream format (.ts). ProblemType: Package DistroRelease: Ubuntu 17.04 Package: python3 3.5.1-4 ProcVersionSignature: Ubuntu 4.10.0-19.21-generic 4.10.8 Uname: Linux 4.10.0-19-generic x86_64 ApportVersion: 2.20.4-0ubuntu4 Architecture: amd64 Date: Fri Apr 14 19:27:33 2017 ErrorMessage: pre-dependency problem - not installing python3 InstallationDate: Installed on 2015-05-01 (714 days ago) InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422) RelatedPackageVersions: dpkg 1.18.10ubuntu2 apt 1.4 SourcePackage: python3-defaults Title: package python3 3.5.1-4 failed to install/upgrade: pre-dependency problem - not installing python3 UpgradeStatus: Upgraded to zesty on 2017-04-14 (0 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1682934/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1673984] Re: Can not add google account any more (Zesty)
Having this same issue with 16.04 xenial. signon-ui is at version 0.17+16.04.20151125-0ubuntu1 but apt-get tells me I'm as up to date as I can be for this LTS. Does this fix need pushing to 16.04 also? (unity-control-center:5967): account-plugin-CRITICAL **: Couldn't store identity: GDBus.Error:com.google.code.AccountsSSO.SingleSignOn.Error.InternalServer: Server internal error occurred.Could not access Signon Database. (unity-control-center:5967): credentials-cc-panel-CRITICAL **: cc- credentials-authorization-page.vala:182: Error completing auth session process: GDBus.Error:com.google.code.AccountsSSO.SingleSignOn.Error.InternalServer: Server internal error occurred.Could not access Signon Database -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to signon-ui in Ubuntu. https://bugs.launchpad.net/bugs/1673984 Title: Can not add google account any more (Zesty) Status in Canonical System Image: New Status in signon-ui package in Ubuntu: Fix Released Bug description: After updating Unity-Control-Center to 15.04.0+17.04.20170314-0ubuntu2 and liboxidecore to 1.20.4-0ubuntu1 on Zesty I could not able to add to add Google account. ### How to reproduce: 1. Go online account try adding google account. 2. Infobar will appear for a moment and the it will disappear. Screenshot: https://i.imgur.com/evDPZSv.png 3. The login page doesn't load at all. Running online-accounts-preferences from terminal gives: -- (unity-control-center:7866): credentials-cc-panel-CRITICAL **: cc-credentials-authorization-page.vala:182: Error completing auth session process: GDBus.Error:com.google.code.AccountsSSO.SingleSignOn.Error.UserInteraction: userActionFinished error: 2 -- Installed Packages (Ubuntu 17.04 32 bit): account-plugin-google: 0.13+17.04.20161206-0ubuntu1 signon-ui-x11: 0.17+17.04.20161109-0ubuntu1 unity-control-center: 15.04.0+17.04.20170314-0ubuntu2 unity-control-center-signon: 0.1.9+16.10.20160825-0ubuntu1 All other packages are up-to-date To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-devices-system-image/+bug/1673984/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1715931] Re: Update to eviv2 version 0.26
** Summary changed: - Update to evi2 version 0.26 + Update to eviv2 version 0.26 ** Summary changed: - Update to eviv2 version 0.26 + Update to exiv2 version 0.26 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to exiv2 in Ubuntu. https://bugs.launchpad.net/bugs/1715931 Title: Update to exiv2 version 0.26 Status in exiv2 package in Ubuntu: New Bug description: 0.26 was released in April http://www.exiv2.org/whatsnew.html "This release contains a large collection of new features, new lenses and bugfixes across all areas of Exiv2. " Presumably debian stretch freeze interfered with a prompter update Currently in debian exp here: https://packages.debian.org/experimental/exiv2 I was hoping to to get a new feature release of the very popular Digikam (5.7.0) into artful under a FFE, but that has bumped the minimum exiv2 build depend from 0.25 -> 0.26. If due to rdeps etc an update in artful turns out not to be possible, I would like to target this for early in 18.04 LTS cycle. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exiv2/+bug/1715931/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1587142] Re: Shutdown hangs in md kworker after "Reached target Shutdown."
This very much looks like this ancient issue in RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=752593 It got fixed at some point in 2012 … https://bugzilla.redhat.com/show_bug.cgi?id=785739 Is Ubuntu still running mdmon from inside the root fs and killing it before r/o remount? I am now pondering what to do with a set of file servers running 16.04 and root on an IMSM RAID. I got a number of systems with similar hardware running CentOS 7 just fine with no issue on reboot. I see elaborate handling of mdmon in systemd units on CentOS … including the --offroot command line parameter that I don't see documented anywhere. KillMode=none might also play a role in the mdmon@.service file. ** Bug watch added: Red Hat Bugzilla #752593 https://bugzilla.redhat.com/show_bug.cgi?id=752593 ** Bug watch added: Red Hat Bugzilla #785739 https://bugzilla.redhat.com/show_bug.cgi?id=785739 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1587142 Title: Shutdown hangs in md kworker after "Reached target Shutdown." Status in systemd package in Ubuntu: Confirmed Bug description: I'm booting a fully patched 16.04 from an Intel Rapid Storage Technology enterprise RAID1 volume (ThinkServer TS140 with two SATA ST1000NM0033-9ZM drives, ext4 root partition, no LVM, UEFI mode). If the RAID volume is recovering or resyncing for whatever reason, then `sudo systemctl reboot` and `sudo systemctl poweroff` work fine (I had to `sudo systemctl --now disable lvm2-lvmetad lvm2-lvmpolld lvm2-monitor` in order to consistently get that). However, once the recovery/resync is complete and clean, the reboot and poweroff commands above hang forever after "Reached target Shutdown.". Note that issuing `sudo swapoff -a` beforehand (suggested in the bug #1464917) does not help. [EDIT]Actually, the shutdown also hangs from time to time during a resync. But I've never seen it succeed once the resync is complete.[/EDIT] Then, if the server has been forcibly restarted with the power button, the Intel Matrix Storage Manager indicates a "Normal" status for the RAID1 volume, but Ubuntu then resyncs the volume anyway: [1.223649] md: bind [1.228426] md: bind [1.230030] md: bind [1.230738] md: bind [1.232985] usbcore: registered new interface driver usbhid [1.233494] usbhid: USB HID core driver [1.234022] md: raid1 personality registered for level 1 [1.234876] md/raid1:md126: not clean -- starting background reconstruction [1.234956] input: CHESEN USB Keyboard as /devices/pci:00/:00:14.0/usb3/3-10/3-10:1.0/0003:0A81:0101.0001/input/input5 [1.236273] md/raid1:md126: active with 2 out of 2 mirrors [1.236797] md126: detected capacity change from 0 to 1000202043392 [1.246271] md: md126 switched to read-write mode. [1.246834] md: resync of RAID array md126 [1.247325] md: minimum _guaranteed_ speed: 1000 KB/sec/disk. [1.247503] md126: p1 p2 p3 p4 [1.248269] md: using maximum available idle IO bandwidth (but not more than 20 KB/sec) for resync. [1.248774] md: using 128k window, over a total of 976759940k. Note that the pain of "resync upon every (re)boot" cannot even be a bit relieved thanks to bitmaps because mdadm does not support them for IMSM containers: $ sudo mdadm --grow --bitmap=internal /dev/md126 mdadm: Cannot add bitmaps to sub-arrays yet I also get this in syslog during boot when the individual drives are detected, but this seems to be harmless: May 30 17:26:07 wssrv1 systemd-udevd[608]: Process '/sbin/mdadm --incremental /dev/sdb --offroot' failed with exit code 1. May 30 17:26:07 wssrv1 systemd-udevd[608]: Process '/lib/udev/hdparm' failed with exit code 1. May 30 17:26:07 wssrv1 systemd-udevd[606]: Process '/sbin/mdadm --incremental /dev/sda --offroot' failed with exit code 1. May 30 17:26:07 wssrv1 systemd-udevd[606]: Process '/lib/udev/hdparm' failed with exit code 1. During a resync, `sudo sh -c 'echo idle > /sys/block/md126/md/sync_action'` actually stops it as expected, but it restarts immediately though nothing seems to have triggered it: May 30 18:17:02 wssrv1 kernel: [ 3106.826710] md: md126: resync interrupted. May 30 18:17:02 wssrv1 kernel: [ 3106.836320] md: checkpointing resync of md126. May 30 18:17:02 wssrv1 kernel: [ 3106.836623] md: resync of RAID array md126 May 30 18:17:02 wssrv1 kernel: [ 3106.836625] md: minimum _guaranteed_ speed: 1000 KB/sec/disk. May 30 18:17:02 wssrv1 kernel: [ 3106.836626] md: using maximum available idle IO bandwidth (but not more than 20 KB/sec) for resync. May 30 18:17:02 wssrv1 kernel: [ 3106.836627] md: using 128k window, over a total of 976759940k. May 30 18:17:02 wssrv1 kernel: [ 3106.836628] md: resuming resync of md126 from checkpoint. May 30 18:17:02 wssrv1
[Touch-packages] [Bug 1715931] [NEW] Update to evi2 version 0.26
Public bug reported: 0.26 was released in April http://www.exiv2.org/whatsnew.html "This release contains a large collection of new features, new lenses and bugfixes across all areas of Exiv2. " Presumably debian stretch freeze interfered with a prompter update Currently in debian exp here: https://packages.debian.org/experimental/exiv2 I was hoping to to get a new feature release of the very popular Digikam (5.7.0) into artful under a FFE, but that has bumped the minimum exiv2 build depend from 0.25 -> 0.26. If due to rdeps etc an update in artful turns out not to be possible, I would like to target this for early in 18.04 LTS cycle. ** Affects: exiv2 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to exiv2 in Ubuntu. https://bugs.launchpad.net/bugs/1715931 Title: Update to evi2 version 0.26 Status in exiv2 package in Ubuntu: New Bug description: 0.26 was released in April http://www.exiv2.org/whatsnew.html "This release contains a large collection of new features, new lenses and bugfixes across all areas of Exiv2. " Presumably debian stretch freeze interfered with a prompter update Currently in debian exp here: https://packages.debian.org/experimental/exiv2 I was hoping to to get a new feature release of the very popular Digikam (5.7.0) into artful under a FFE, but that has bumped the minimum exiv2 build depend from 0.25 -> 0.26. If due to rdeps etc an update in artful turns out not to be possible, I would like to target this for early in 18.04 LTS cycle. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/exiv2/+bug/1715931/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1676547] Re: No network connectivity after upgrade from 16.04 to 16.10
> The problem persists if you upgrade from 16.04.3 directly to 17.04 ( as described https://bugs.launchpad.net/ubuntu/+source/network- manager/+bug/1658921/comments/23 ) I can confirm this. My upgrade path was xenial -> zesty -> artful and I had to run "touch /etc/NetworkManager/conf.d/10-globally-managed- devices.conf" so network-manager could handle my enp2s0 device. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1676547 Title: No network connectivity after upgrade from 16.04 to 16.10 Status in network-manager package in Ubuntu: In Progress Status in network-manager source package in Yakkety: Fix Released Bug description: Impact -- When upgrading from Xenial (with all updates installed) to Yakkety you will boot to a system without networking - sad! Test Case - 1) Boot a xenial desktop system 2) Ensure network-manager version 1.2.6-0ubuntu0.16.04.1 from -updates is installed 3) Upgrade to yakkety 4) Reboot 5) Observe you have no network If you install the version of network-manager from yakkety-proposed before rebooting you should have a network connection after you reboot. 1) Boot a xenial desktop system. 2) ensure network-manager version 1.2.6-0ubuntu0.16.04.1 from -updates is installed. 3) Install netplan, configure to set up static network on an ethernet device using netplan. 4) Upgrade to yakkety 5) Reboot 6) Observe that your system is still being managed by networkd rather than NetworkManager. Regression Potential Any failure to manage ethernet or wireless devices after upgrade, or issues with the use of netplan in conjunction with NetworkManager should be investigated as potential regressions. For example, if after upgrading, ethernet devices are no longer managed, or if devices that should be explicitly ignored by NetworkManager due to existing user configuration are now managed, these would indicate a possible regression caused by this update. Original Description nplan was installed during the upgrade process but I had no network connectivity after upgrading. Apparently, no package wanted to manage my ethernet connection. ProblemType: BugDistroRelease: Ubuntu 16.10 Package: ubuntu-release-upgrader-core 1:16.10.10 ProcVersionSignature: Ubuntu 4.8.0-41.44-generic 4.8.17 Uname: Linux 4.8.0-41-generic x86_64 NonfreeKernelModules: nvidia_uvm nvidia_drm nvidia_modeset nvidia ApportVersion: 2.20.3-0ubuntu8.2 Architecture: amd64 CrashDB: ubuntu CurrentDesktop: Unity Date: Mon Mar 27 11:34:04 2017 EcryptfsInUse: Yes InstallationDate: Installed on 2013-01-16 (1531 days ago) InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Alpha amd64 (20130116) PackageArchitecture: allSourcePackage: ubuntu-release-upgrader Symptom: ubuntu-release-upgrader UpgradeStatus: Upgraded to yakkety on 2017-03-17 (10 days ago) VarLogDistupgradeTermlog: modified.conffile..etc.update-manager.meta-release: [modified] mtime.conffile..etc.update-manager.meta-release: 2013-10-08T06:39:09.818913 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1676547/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 962616] Re: mii-tool assumes NIC names of the form eth* when given no interface(s) as argument
do we still need it in 2017? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to net-tools in Ubuntu. https://bugs.launchpad.net/bugs/962616 Title: mii-tool assumes NIC names of the form eth* when given no interface(s) as argument Status in net-tools package in Ubuntu: Fix Released Status in net-tools source package in Trusty: Won't Fix Status in net-tools source package in Xenial: Won't Fix Bug description: On a system with biosdevname enabled, which names NICs in the forms em* and p*p*, mii-tool will return the message "no MII interfaces found" if mii-tool is called without specifying an interface. The correct behavior would be to iterate through em* and p*p*. (More information on biosdevname can be found at http://linux.dell.com/files/whitepapers/consistent_network_device_naming_in_linux.pdf.) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/net-tools/+bug/962616/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1692188] Re: journalctl --vacuum* ignores --quiet
https://github.com/systemd/systemd/pull/6771 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1692188 Title: journalctl --vacuum* ignores --quiet Status in systemd package in Ubuntu: New Bug description: I am clearing the journal per cron using `journalctl --vacuum-time=1d --quiet`. Unfortunately the `--quiet` is ignored, and the journalctl always outputs something like `Vacuuming done…`. This results in cron sending me an email, and I don’t like that. I think that `--quiet` should suppress normal output of `journalctl --vacuum-time=1d`. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1692188/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1715857] Re: package python-gobject-2 2.28.6-12build1 failed to install/upgrade: 子进程 已安装 post-installation 脚本 返回错误状态 127
** Tags removed: need-duplicate-check -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pygobject-2 in Ubuntu. https://bugs.launchpad.net/bugs/1715857 Title: package python-gobject-2 2.28.6-12build1 failed to install/upgrade: 子进程 已安装 post-installation 脚本 返回错误状态 127 Status in pygobject-2 package in Ubuntu: New Bug description: package python-gobject-2 2.28.6-12build1 failed to install ProblemType: Package DistroRelease: Ubuntu 15.10 Package: python-gobject-2 2.28.6-12build1 ProcVersionSignature: Ubuntu 4.2.0-42.49-generic 4.2.8-ckt12 Uname: Linux 4.2.0-42-generic x86_64 ApportVersion: 2.19.1-0ubuntu5 Architecture: amd64 Date: Fri Sep 8 19:38:39 2017 DuplicateSignature: package:python-gobject-2:2.28.6-12build1:子进程 已安装 post-installation 脚本 返回错误状态 127 ErrorMessage: 子进程 已安装 post-installation 脚本 返回错误状态 127 InstallationDate: Installed on 2016-11-17 (295 days ago) InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021) RelatedPackageVersions: dpkg 1.18.2ubuntu5.1 apt 1.0.10.2ubuntu3 SourcePackage: pygobject-2 Title: package python-gobject-2 2.28.6-12build1 failed to install/upgrade: 子进程 已安装 post-installation 脚本 返回错误状态 127 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pygobject-2/+bug/1715857/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1715857] [NEW] package python-gobject-2 2.28.6-12build1 failed to install/upgrade: 子进程 已安装 post-installation 脚本 返回错误状态 127
Public bug reported: package python-gobject-2 2.28.6-12build1 failed to install ProblemType: Package DistroRelease: Ubuntu 15.10 Package: python-gobject-2 2.28.6-12build1 ProcVersionSignature: Ubuntu 4.2.0-42.49-generic 4.2.8-ckt12 Uname: Linux 4.2.0-42-generic x86_64 ApportVersion: 2.19.1-0ubuntu5 Architecture: amd64 Date: Fri Sep 8 19:38:39 2017 DuplicateSignature: package:python-gobject-2:2.28.6-12build1:子进程 已安装 post-installation 脚本 返回错误状态 127 ErrorMessage: 子进程 已安装 post-installation 脚本 返回错误状态 127 InstallationDate: Installed on 2016-11-17 (295 days ago) InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021) RelatedPackageVersions: dpkg 1.18.2ubuntu5.1 apt 1.0.10.2ubuntu3 SourcePackage: pygobject-2 Title: package python-gobject-2 2.28.6-12build1 failed to install/upgrade: 子进程 已安装 post-installation 脚本 返回错误状态 127 UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: pygobject-2 (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-package wily -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pygobject-2 in Ubuntu. https://bugs.launchpad.net/bugs/1715857 Title: package python-gobject-2 2.28.6-12build1 failed to install/upgrade: 子进程 已安装 post-installation 脚本 返回错误状态 127 Status in pygobject-2 package in Ubuntu: New Bug description: package python-gobject-2 2.28.6-12build1 failed to install ProblemType: Package DistroRelease: Ubuntu 15.10 Package: python-gobject-2 2.28.6-12build1 ProcVersionSignature: Ubuntu 4.2.0-42.49-generic 4.2.8-ckt12 Uname: Linux 4.2.0-42-generic x86_64 ApportVersion: 2.19.1-0ubuntu5 Architecture: amd64 Date: Fri Sep 8 19:38:39 2017 DuplicateSignature: package:python-gobject-2:2.28.6-12build1:子进程 已安装 post-installation 脚本 返回错误状态 127 ErrorMessage: 子进程 已安装 post-installation 脚本 返回错误状态 127 InstallationDate: Installed on 2016-11-17 (295 days ago) InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021) RelatedPackageVersions: dpkg 1.18.2ubuntu5.1 apt 1.0.10.2ubuntu3 SourcePackage: pygobject-2 Title: package python-gobject-2 2.28.6-12build1 failed to install/upgrade: 子进程 已安装 post-installation 脚本 返回错误状态 127 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pygobject-2/+bug/1715857/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1700753] Re: Merge adduser 3.116 (main) from Debian unstable (main)
** Description changed: - Please merge adduser 3.115 (main) from Debian unstable (main) + Please merge adduser 3.116 (main) from Debian unstable (main) Sorry, I cannot work on the merge myself. I am filing this for reference. Explanation of the Ubuntu delta: * testsuite/runsuite.sh: Add the testsuite directory to @INC, so it can find the tests. * extrausers support for adduser (LP: #1323732) * Add autopkgtest. (LP: #1246331) * Move ecryptfs-utils from recommends, to suggests. (LP: #1188108) Adduser has moved from required to minimal set, and thus started to pull ecryptfs-utils and cryptsetup into minimal installs, which is an undesired effect. * Merge from Debian unstable, remaining changes: - AdduserCommon.pm, adduser, adduser.8, adduser.conf.5: Allow uppercase letters in the names of system users. This is done by having a separate NAME_REGEX_SYSTEM configuration setting which applies when --system is specified. (Soren Hansen) - Add support for encrypting home directories: + adduser: Add --encrypt-home option, which calls ecryptfs-setup-private for the hard work. + doc/adduser.8: document the --encrypt-home option + debian/control: recommend ecryptfs-utils >= 67-1 + deluser: remove all of /var/lib/ecryptfs/$user with --remove-home * Dropped changes, included in Debian: - Mark adduser Multi-Arch: foreign. Changelog entries since current artful version 3.113+nmu3ubuntu5: adduser (3.116) unstable; urgency=medium - * Advise installation of 'perl' rather than 'perl-modules' - (Closes: #840982) - * Improve distinction between informational and essential messages - (Closes: #763055) - * Improve message accompanying error code for creating system user - (Closes: #708073, #759740) - * testsuite: add current directory to Perl module search path - * Use /usr/sbin/nologin instead of /bin/false for default system shell - (Closes: #845791) - * Bump Standards-Version to 4.0.1 + * Advise installation of 'perl' rather than 'perl-modules' + (Closes: #840982) + * Improve distinction between informational and essential messages + (Closes: #763055) + * Improve message accompanying error code for creating system user + (Closes: #708073, #759740) + * testsuite: add current directory to Perl module search path + * Use /usr/sbin/nologin instead of /bin/false for default system shell + (Closes: #845791) + * Bump Standards-Version to 4.0.1 - -- Afif Elghraoui Sat, 12 Aug 2017 16:05:34 -0400 + -- Afif Elghraoui Sat, 12 Aug 2017 16:05:34 -0400 adduser (3.115) unstable; urgency=medium [ Afif Elghraoui ] * Adopt package (Closes: #811411) * Set Vcs-* fields to point to Git repository * Bump Standards-Version to 3.9.8 * Extend last_{u,g}id to 5 to match policy update from 3.9.0 (Closes: #776203) * Note to work on the lintian error for debconf template. * Fix path to rpcinfo, used for NIS support. (Thanks to Nis Martensen for report and patch). * Update Vietnamese translations (Closes: #825610) Thanks to all translators for providing updates [ Helge Kreutzmann ] * Debconf: * Update Turkish translation. Closes: #676356. * Fix language field in Norwegian translation. Closes: #695997. * Program (translation): * Use "--previous" when generating the updated po files. * Mention "--add_extra_groups" in --help output. Closes: #547911. * Update Japanese translation. Closes: #697109. * Update Czech translation. Closes: #825734. * Update Slovak translation. Closes: #825770. * Updated Danish translation. Closes: #825778. * Update Portuguese translation. Closes: #825867. * Update Russian translation. Closes: #825876. * Update Japanese translation. Closes: #825973. * Update Swedish translation. Closes: #826947. * Update Brazilian Portuguese translation. Closes: #826965. * Update Italian translation. Closes: #827011. * Update French translation. Closes: #827140. * Update Hungarian translation. * Update Polish translation. * Update Basque translation. * Update Norwegian translation. * Manpage: * Improve pointer to customization files. Closes: #611898. * Improve pointer to NAME_REGEX. Closes: #508740. * Document --only-if-empty in delgroup.8. Closes: #722583. * Format SEE ALSO section correctly in all man pages. * Various formatting and minor language updates noted by the German translator(s). * Fixes in the German translation. Closes: #685529, #698483. * Update Portuguese translation. Closes: #756180, #825867. * Update Danish translation. Closes: #825777. * Update Russian translation. Closes: #825944. * Update Italian
[Touch-packages] [Bug 1691848] Re: Python not compiled with -fexceptions in ppc64le
What about Python v2.7? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to python2.7 in Ubuntu. https://bugs.launchpad.net/bugs/1691848 Title: Python not compiled with -fexceptions in ppc64le Status in python2.7 package in Ubuntu: New Status in python3.6 package in Ubuntu: Fix Released Bug description: Pytorch (https://github.com/pytorch/pytorch) is an application that is written in python, C and C++. There's high interoperalibity between code written in these languages therex. The issue is that there are cases when an exception is thrown by C++ code that subsequentely calls some C code before being caught. In ppc64le builds, without the -fexceptions gcc flag, such exceptions are not caught when the execution returns to C++ code from C code. This makes some Pytorch tests fail. Compiling CPython with -fexceptions seems to solve this issue. This was also reported to Debian: https://bugs.debian.org/cgi- bin/bugreport.cgi?bug=862925 ProblemType: Bug DistroRelease: Ubuntu 17.04 Package: python2.7 2.7.13-2 ProcVersionSignature: Ubuntu 4.10.0-19.21-generic 4.10.8 Uname: Linux 4.10.0-19-generic ppc64le .var.log.platform: Error: [Errno 13] Permission denied: '/var/log/platform' ApportVersion: 2.20.4-0ubuntu4 Architecture: ppc64el Date: Thu May 18 15:35:54 2017 InstallationDate: Installed on 2015-11-05 (560 days ago) InstallationMedia: Ubuntu-Server 15.04 "Vivid Vervet" - Release ppc64el (20150422) JournalErrors: Error: command ['journalctl', '-b', '--priority=warning', '--lines=1000'] failed with exit code 1: Hint: You are currently not seeing messages from other users and the system. Users in the 'systemd-journal' group can see all messages. Pass -q to turn off this notice. No journal files were opened due to insufficient permissions. ProcLoadAvg: 0.07 0.33 0.43 1/348 20166 ProcSwaps: Filename TypeSizeUsed Priority ProcVersion: Linux version 4.10.0-19-generic (buildd@bos01-ppc64el-009) (gcc version 6.3.0 20170321 (Ubuntu 6.3.0-10ubuntu1) ) #21-Ubuntu SMP Thu Apr 6 17:03:05 UTC 2017 SourcePackage: python2.7 UpgradeStatus: Upgraded to zesty on 2017-04-17 (30 days ago) cpu_cores: Number of cores present = 2 cpu_coreson: Number of cores online = 2 cpu_smt: SMT=8 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1691848/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1702823] Re: Systemd fails to serialize tasks correctly on daemon-reload
# Before upgrade ./test.sh accounts-daemon.service : Tasks: 3 (limit: 4915) atd.service : Tasks: 1 (limit: 4915) cron.service : Tasks: 1 (limit: 4915) dbus.service : Tasks: 1 (limit: 4915) iscsid.service : Tasks: 2 (limit: 4915) polkit.service : Tasks: 3 (limit: 4915) rsyslog.service : Tasks: 4 (limit: 4915) snapd.service : Tasks: 9 (limit: 4915) ssh.service : Tasks: 1 (limit: 4915) systemd-journald.service : Tasks: 1 (limit: 4915) systemd-logind.service : Tasks: 1 (limit: 4915) systemd-resolved.service : Tasks: 1 (limit: 4915) accounts-daemon.service : atd.service : cron.service : dbus.service : iscsid.service : polkit.service : rsyslog.service : snapd.service : ssh.service : systemd-journald.service : systemd-logind.service : systemd-resolved.service : accounts-daemon.service : Tasks: 3 (limit: 4915) atd.service : Tasks: 1 (limit: 4915) cron.service : Tasks: 1 (limit: 4915) dbus.service : Tasks: 1 (limit: 4915) iscsid.service : Tasks: 2 (limit: 4915) polkit.service : Tasks: 3 (limit: 4915) rsyslog.service : Tasks: 4 (limit: 4915) snapd.service : Tasks: 9 (limit: 4915) ssh.service : Tasks: 1 (limit: 4915) systemd-journald.service : Tasks: 1 (limit: 4915) systemd-logind.service : Tasks: 1 (limit: 4915) systemd-resolved.service : Tasks: 1 (limit: 4915) # Confirmed still failing # Upgrade install root@zesty-test:~# vim /etc/apt/sources.list root@zesty-test:~# apt update Hit:1 http://archive.ubuntu.com/ubuntu zesty InRelease Hit:2 http://archive.ubuntu.com/ubuntu zesty-updates InRelease Hit:3 http://archive.ubuntu.com/ubuntu zesty-backports InRelease Get:4 http://archive.ubuntu.com/ubuntu zesty-proposed InRelease [240 kB] Hit:5 http://security.ubuntu.com/ubuntu zesty-security InRelease Get:6 http://archive.ubuntu.com/ubuntu zesty-proposed/universe Sources [15.7 kB] Get:7 http://archive.ubuntu.com/ubuntu zesty-proposed/main Sources [12.4 kB] Get:8 http://archive.ubuntu.com/ubuntu zesty-proposed/main amd64 Packages [22.2 kB] Get:9 http://archive.ubuntu.com/ubuntu zesty-proposed/main Translation-en [13.7 kB] Get:10 http://archive.ubuntu.com/ubuntu zesty-proposed/universe amd64 Packages [27.4 kB] Get:11 http://archive.ubuntu.com/ubuntu zesty-proposed/universe Translation-en [16.8 kB] Fetched 349 kB in 0s (565 kB/s) Reading package lists... Done Building dependency tree Reading state information... Done 29 packages can be upgraded. Run 'apt list --upgradable' to see them. root@zesty-test:~# apt upgrade Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following packages will be upgraded: apt apt-transport-https apt-utils base-files cloud-init libapt-inst2.0 libapt-pkg5.0 libgnutls-openssl27 libgnutls28-dev libgnutls30 libgnutlsxx28 libnss-resolve libpam-systemd libpq-dev libpq5 libsystemd0 libudev-dev libudev1 linux-libc-dev openssh-client openssh-server openssh-sftp-server python3-update-manager snapd systemd systemd-sysv udev unattended-upgrades update-manager-core 29 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 17.7 MB of archives. After this operation, 43.0 kB of additional disk space will be used. Do you want to continue? [Y/n] n Abort. root@zesty-test:~# apt install systemd systemd-sysv Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: libnss-resolve libpam-systemd libsystemd0 Suggested packages: systemd-ui systemd-container The following packages will be upgraded: libnss-resolve libpam-systemd libsystemd0 systemd systemd-sysv 5 upgraded, 0 newly installed, 0 to remove and 24 not upgraded. Need to get 2816 kB of archives. After this operation, 4096 B of additional disk space will be used. Do you want to continue? [Y/n] y Get:1 http://archive.ubuntu.com/ubuntu zesty-proposed/main amd64 libnss-resolve amd64 232-21ubuntu6 [114 kB] Get:2 http://archive.ubuntu.com/ubuntu zesty-proposed/main amd64 systemd-sysv amd64 232-21ubu