[Touch-packages] [Bug 1932176] [NEW] localed-locale test fails for hirsute systemd armhf

2021-06-16 Thread Łukasz Zemczak
Public bug reported:

For both systemd in release (247.3-3ubuntu3) and proposed
(247.3-3ubuntu3.1) armhf tests seem to either time out or fail on
localed-locale:

autopkgtest [18:35:04]: test localed-locale: [---
Generating locales (this might take a while)...
  en_US.UTF-8... done
Generation complete.
locale 'de_DE.UTF-8' not available
de_DE.UTF-8 UTF-8
FAIL: expected: '' actual: 'Failed to issue method call: Connection 
timed out'
autopkgtest [18:37:14]: test localed-locale: ---]
autopkgtest [18:37:20]: test localed-locale:  - - - - - - - - - - results - - - 
- - - - - - -
localed-locale   FAIL non-zero exit status 1
autopkgtest [18:37:20]: test localed-locale:  - - - - - - - - - - stderr - - - 
- - - - - - -
FAIL: expected: '' actual: 'Failed to issue method call: Connection 
timed out'

Example logs:
https://autopkgtest.ubuntu.com/results/autopkgtest-hirsute/hirsute/armhf/s/systemd/20210607_164324_2051c@/log.gz
https://autopkgtest.ubuntu.com/results/autopkgtest-hirsute/hirsute/armhf/s/systemd/20210602_161751_0b805@/log.gz

** Affects: systemd (Ubuntu)
 Importance: Undecided
 Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1932176

Title:
  localed-locale test fails for hirsute systemd armhf

Status in systemd package in Ubuntu:
  New

Bug description:
  For both systemd in release (247.3-3ubuntu3) and proposed
  (247.3-3ubuntu3.1) armhf tests seem to either time out or fail on
  localed-locale:

  autopkgtest [18:35:04]: test localed-locale: [---
  Generating locales (this might take a while)...
en_US.UTF-8... done
  Generation complete.
  locale 'de_DE.UTF-8' not available
  de_DE.UTF-8 UTF-8
  FAIL: expected: '' actual: 'Failed to issue method call: Connection 
timed out'
  autopkgtest [18:37:14]: test localed-locale: ---]
  autopkgtest [18:37:20]: test localed-locale:  - - - - - - - - - - results - - 
- - - - - - - -
  localed-locale   FAIL non-zero exit status 1
  autopkgtest [18:37:20]: test localed-locale:  - - - - - - - - - - stderr - - 
- - - - - - - -
  FAIL: expected: '' actual: 'Failed to issue method call: Connection 
timed out'

  Example logs:
  
https://autopkgtest.ubuntu.com/results/autopkgtest-hirsute/hirsute/armhf/s/systemd/20210607_164324_2051c@/log.gz
  
https://autopkgtest.ubuntu.com/results/autopkgtest-hirsute/hirsute/armhf/s/systemd/20210602_161751_0b805@/log.gz

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1932176/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1931901] Re: Revert background key patch removal breaks dependent packages

2021-06-15 Thread Łukasz Zemczak
** Tags added: block-proposed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gsettings-desktop-schemas
in Ubuntu.
https://bugs.launchpad.net/bugs/1931901

Title:
  Revert background key patch removal breaks dependent packages

Status in gsettings-desktop-schemas package in Ubuntu:
  New

Bug description:
  in the package gnome-desktop3 there is a custom ubuntu patch that
  tries to write to the draw-background key that has now been removed in
  gsettings-desktop-schemas 40.0-1ubuntu1

  All packages that depend on the gnome-desktop3 library now crash such
  as budgie-desktop

  Suggestion - either re-add the patch again ... or revert the gnome-
  desktop3 custom patch.

  The latter option changes the symbols so probably I'm guessing a so-
  name version bump is needed and any dependent packages need a rebuild?

  I'll try to locally rebuild gnome-desktop3 without the custom ubuntu
  patch to see what happens with budgie-desktop

  ProblemType: Bug
  DistroRelease: Ubuntu 21.10
  Package: gsettings-desktop-schemas 40.0-1ubuntu1
  ProcVersionSignature: Ubuntu 5.11.0-20.21+21.10.1-generic 5.11.21
  Uname: Linux 5.11.0-20-generic x86_64
  ApportVersion: 2.20.11-0ubuntu67
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: Budgie:GNOME
  Date: Mon Jun 14 20:52:16 2021
  InstallationDate: Installed on 2021-06-14 (0 days ago)
  InstallationMedia: Ubuntu-Budgie 21.10 "Impish Indri" - Alpha amd64 (20210614)
  PackageArchitecture: all
  SourcePackage: gsettings-desktop-schemas
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gsettings-desktop-schemas/+bug/1931901/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1929371] Update Released

2021-06-14 Thread Łukasz Zemczak
The verification of the Stable Release Update for pulseaudio has
completed successfully and the package is now being released to
-updates.  Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pulseaudio in Ubuntu.
https://bugs.launchpad.net/bugs/1929371

Title:
  [SRU] there is always a "Rear Microphone - Built-in Audio" option on
  the input device list even if the microphone is unplugged

Status in OEM Priority Project:
  Triaged
Status in alsa-ucm-conf package in Ubuntu:
  Fix Released
Status in pulseaudio package in Ubuntu:
  Fix Released
Status in alsa-ucm-conf source package in Focal:
  Fix Committed
Status in pulseaudio source package in Focal:
  Fix Committed
Status in alsa-ucm-conf source package in Hirsute:
  Fix Released
Status in pulseaudio source package in Hirsute:
  Fix Released

Bug description:
  [Impact]
  In Lenovo P520, which using a codec for front panel, the other codec for rear 
panel and both are on a same card.

  In this case, the rear Mic will present on input devices of "Sound
  Settings" even if attaching nothing to rear mic jack.

  [Fix]
  For alsa-ucm-conf part, the Mic 2 should use "Rear Mic Jack" as JackControl 
because of
  ```
control.18 {
iface CARD
name 'Rear Mic Jack'
value true
comment {
access read
type BOOLEAN
count 1
}
}
  ```
  After applying "Rear Mic Jack", the rear Mic will not always there anymore 
but it's not there as well if hot-plugging audio device on rear mic. Thus, it 
needs to change pulseaudio to handle if all devices are off cases.

  For pulseaudio, if there is no any audio devices attached, then
  attaching an input device on rear mic jack. The port will not be
  selected automatically because the profiles is off. It needs patch
  pulseaudio to check off profiles (for dual codec case).

  [Test]
  After applying these patches, the rear mic jack works good in all cases (boot 
without mic and then attach mic, boot with mic and then hotplug it) and other 
functions (line-in / line-out) work pretty well.

  [Where problems could occur]
  This change only apply the bonus on below cases:
  ```
  if ((has_input_port && found_available_input_port && !has_output_port) ||
  (has_output_port && found_available_output_port && !has_input_port) ||
  (has_input_port && found_available_input_port && has_output_port && 
found_available_output_port)) 
  ```
  and these cases have been tested.
  If there are some complex codec design then it might cause problem but so far 
we didn't see that.

To manage notifications about this bug go to:
https://bugs.launchpad.net/oem-priority/+bug/1929371/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1903351] Update Released

2021-06-14 Thread Łukasz Zemczak
The verification of the Stable Release Update for procps has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to procps in Ubuntu.
https://bugs.launchpad.net/bugs/1903351

Title:
  ignore_eacces and ignore_erofs patches don't work properly

Status in procps package in Ubuntu:
  Fix Released
Status in procps source package in Focal:
  Fix Committed
Status in procps source package in Groovy:
  Fix Committed
Status in procps source package in Hirsute:
  Fix Released

Bug description:
  The patches used to ignore errors in containers no longer work as of
  3.3.16 due to upstream commit https://gitlab.com/procps-
  ng/procps/-/commit/7af88da373bb4d515a98ec2f0f5d56c63904f932

  The ignore_eacces patch was fuzzed and gets applied to ReadSetting, not 
WriteSetting
  Both patches ignore the change that rc is no longer propagated up and instead 
everything is trapped by:

  if (!ignore_failure && errno != ENOENT)
  rc = -1;

  
  Versions affected: focal+

  
  root@bfee89058713:/tmp# cat /etc/os-release 
  NAME="Ubuntu"
  VERSION="20.10 (Groovy Gorilla)"
  ID=ubuntu
  ID_LIKE=debian
  PRETTY_NAME="Ubuntu 20.10"
  VERSION_ID="20.10"
  HOME_URL="https://www.ubuntu.com/;
  SUPPORT_URL="https://help.ubuntu.com/;
  BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/;
  
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy;
  VERSION_CODENAME=groovy
  UBUNTU_CODENAME=groovy

  
  root@bfee89058713:/# dpkg -l procps
  Desired=Unknown/Install/Remove/Purge/Hold
  | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
  |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
  ||/ Name   Version   Architecture Description
  
+++-==-=--=
  ii  procps 2:3.3.16-5ubuntu2 amd64/proc file system utilities

  
  root@bfee89058713:/# echo "kernel.shmmax = 17179869184" > shmmax.conf
  root@bfee89058713:/# sysctl -e -p shmmax.conf; echo $?
  sysctl: setting key "kernel.shmmax": Read-only file system
  255
  root@bfee89058713:/# echo "-kernel.shmmax = 17179869184" > shmmax.conf
  root@bfee89058713:/# sysctl -e -p shmmax.conf; echo $?
  sysctl: setting key "kernel.shmmax": Read-only file system
  0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1903351/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1903351] Re: ignore_eacces and ignore_erofs patches don't work properly

2021-06-14 Thread Łukasz Zemczak
Ok, this SRU has been accepted without a clear test case or regression
potential. I am a bit weary about releasing it in this state. I will
assume there were enough SRU eyes on this one to still consider it 'good
to go' even with this state of affairs - and I guess there has been some
solid verification done as well. I will conditionally release this, but
let's try to have a well defined SRU situation before accepting into
-proposed - there are exceptions, like when it's all clear and doesn't
need any explanation, but it feels a different case here.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to procps in Ubuntu.
https://bugs.launchpad.net/bugs/1903351

Title:
  ignore_eacces and ignore_erofs patches don't work properly

Status in procps package in Ubuntu:
  Fix Released
Status in procps source package in Focal:
  Fix Committed
Status in procps source package in Groovy:
  Fix Committed
Status in procps source package in Hirsute:
  Fix Released

Bug description:
  The patches used to ignore errors in containers no longer work as of
  3.3.16 due to upstream commit https://gitlab.com/procps-
  ng/procps/-/commit/7af88da373bb4d515a98ec2f0f5d56c63904f932

  The ignore_eacces patch was fuzzed and gets applied to ReadSetting, not 
WriteSetting
  Both patches ignore the change that rc is no longer propagated up and instead 
everything is trapped by:

  if (!ignore_failure && errno != ENOENT)
  rc = -1;

  
  Versions affected: focal+

  
  root@bfee89058713:/tmp# cat /etc/os-release 
  NAME="Ubuntu"
  VERSION="20.10 (Groovy Gorilla)"
  ID=ubuntu
  ID_LIKE=debian
  PRETTY_NAME="Ubuntu 20.10"
  VERSION_ID="20.10"
  HOME_URL="https://www.ubuntu.com/;
  SUPPORT_URL="https://help.ubuntu.com/;
  BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/;
  
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy;
  VERSION_CODENAME=groovy
  UBUNTU_CODENAME=groovy

  
  root@bfee89058713:/# dpkg -l procps
  Desired=Unknown/Install/Remove/Purge/Hold
  | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
  |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
  ||/ Name   Version   Architecture Description
  
+++-==-=--=
  ii  procps 2:3.3.16-5ubuntu2 amd64/proc file system utilities

  
  root@bfee89058713:/# echo "kernel.shmmax = 17179869184" > shmmax.conf
  root@bfee89058713:/# sysctl -e -p shmmax.conf; echo $?
  sysctl: setting key "kernel.shmmax": Read-only file system
  255
  root@bfee89058713:/# echo "-kernel.shmmax = 17179869184" > shmmax.conf
  root@bfee89058713:/# sysctl -e -p shmmax.conf; echo $?
  sysctl: setting key "kernel.shmmax": Read-only file system
  0

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1903351/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1664844] Re: No distinction between link-up and link-down interfaces

2021-06-10 Thread Łukasz Zemczak
On a hirsute multipass instance:

$ apt-cache policy systemd
systemd:
  Installed: 247.3-3ubuntu3.1
  Candidate: 247.3-3ubuntu3.1
  Version table:
 *** 247.3-3ubuntu3.1 500
500 http://archive.ubuntu.com/ubuntu hirsute-proposed/main amd64 
Packages
100 /var/lib/dpkg/status

I have tried all 5 combinations of the ActivationPolicy setting for a
dummy interface and confirmed that those work as expected. Same as
before, I also did a reboot while making sure RequiredForOnline is set
to no and things seem to be working as expected. Verified!

** Tags removed: verification-needed verification-needed-hirsute
** Tags added: verification-done verification-done-hirsute

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1664844

Title:
  No distinction between link-up and link-down interfaces

Status in MAAS:
  Triaged
Status in netplan:
  In Progress
Status in netplan.io package in Ubuntu:
  In Progress
Status in systemd package in Ubuntu:
  Fix Released
Status in netplan.io source package in Xenial:
  Won't Fix
Status in systemd source package in Xenial:
  Won't Fix
Status in netplan.io source package in Zesty:
  Won't Fix
Status in systemd source package in Zesty:
  Won't Fix
Status in netplan.io source package in Artful:
  Won't Fix
Status in netplan.io source package in Focal:
  New
Status in systemd source package in Focal:
  Fix Committed
Status in netplan.io source package in Groovy:
  New
Status in systemd source package in Groovy:
  Fix Committed
Status in netplan.io source package in Hirsute:
  New
Status in systemd source package in Hirsute:
  Fix Committed

Bug description:
  [Impact]

  Since very long, we had a feature request in netplan to determine the
  activation mode of a given network interface. We got requests to
  enable marking some interfaces as 'manual', meaning that networkd (or
  any other backend) would not control its state in any way, requiring
  the administrator to bring the interface up or down manually. The
  other request was to mark a interface as 'off', that is: forcing the
  network interface to always be down until the configuration option
  isn't changed.

  This was mainly requested for the networkd backend and requires the
  new feature of specifying ActivationPolicy= for interfaces, alongside
  the required netplan changes.

  This feature is present in systemd 248 - for netplan supported stable
  series we have decided to cherry-pick and backport this feature on top
  of current systemd. The networkd feature basically adds the following
  5 ActivationPolicy modes: always-down, down, manual, up, always-up.
  For netplan purposes we only use 'always-down' and 'manual'.

  The netplan feature, hopefully landing as part of 0.103, is called
  'activation-mode' and supports two values: 'manual' and 'off'.

  [Test Case]

  For the systemd part:

   * Bring up a VM test environment with either a dummy interface or an 
interface that can be safely manipulated.
   * Upgrade systemd to the -proposed version
   * For the target interface, create/modify the networkd configuration to 
include the ActivationPolicy= setting in [Link], for instance:

  [Match]
  Name=dummy0

  [Network]
  Address=192.168.10.30/24
  Gateway=192.168.10.1

  [Link]
  ActivationPolicy=manual

   * Try all 5 combinations of ActivationPolicy values: always-down,
  down, manual, up, always-up - doing `sudo networkctl reload` everytime
  and checking if the interface behaves as expected.

  [Where problems could occur]

  The patchset modifies quite a lot of code in the networkd link
  handling code paths, so regressions could appear in how networkd
  manages links - maybe by suddenly certain interfaces not getting
  brought up as they were before.  By code inspection, the
  implementation defaults to ACTIVATION_POLICY_UP as the default,
  equivalent to the current behavior, so this risk is small.

  ---

  [Original Description]

  [Old Impact]
  Users need to write valid configuration, especially for new features that are 
approved by not yet implemented, such as marking a link "optional".

  [Old Test case]
  Write a netplan configuration:

  network:
    version: 2
    renderer: networkd
    ethernets:
  eth0:
    optional: yes
    dhcp4: yes

  And run 'netplan apply'. Netplan should write configuration for the
  link and not error out with a syntax error.

  [Old Regression potential]
  This has a minimal potential for regression: the new keyword was added to be 
supported already by consumers of netplan (users, cloud-init) so that they 
could start writing config with the new key and that configuration to be seen 
as valid by netplan before the backend is implemented. There is no functional 
change besides allowing for the value to exist in a netplan configuation.

  ---

  If I define an interface in netplan (even one which has no DHCP type
  and no 

[Touch-packages] [Bug 1664844] Re: No distinction between link-up and link-down interfaces

2021-06-10 Thread Łukasz Zemczak
In the meantime, continuing on with the verification. On a groovy
multipass instance:

$ apt-cache policy systemd
systemd:
  Installed: 246.6-1ubuntu1.4
  Candidate: 246.6-1ubuntu1.4
  Version table:
 *** 246.6-1ubuntu1.4 500
500 http://archive.ubuntu.com/ubuntu groovy-proposed/main amd64 Packages
100 /var/lib/dpkg/status

I have tried all 5 combinations of the ActivationPolicy setting for a
dummy interface and confirmed that those work as expected. Reboot tested
with RequiredForOnline=no set manually - all good.

** Tags removed: verification-needed-groovy
** Tags added: verification-done-groovy

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1664844

Title:
  No distinction between link-up and link-down interfaces

Status in MAAS:
  Triaged
Status in netplan:
  In Progress
Status in netplan.io package in Ubuntu:
  In Progress
Status in systemd package in Ubuntu:
  Fix Released
Status in netplan.io source package in Xenial:
  Won't Fix
Status in systemd source package in Xenial:
  Won't Fix
Status in netplan.io source package in Zesty:
  Won't Fix
Status in systemd source package in Zesty:
  Won't Fix
Status in netplan.io source package in Artful:
  Won't Fix
Status in netplan.io source package in Focal:
  New
Status in systemd source package in Focal:
  Fix Committed
Status in netplan.io source package in Groovy:
  New
Status in systemd source package in Groovy:
  Fix Committed
Status in netplan.io source package in Hirsute:
  New
Status in systemd source package in Hirsute:
  Fix Committed

Bug description:
  [Impact]

  Since very long, we had a feature request in netplan to determine the
  activation mode of a given network interface. We got requests to
  enable marking some interfaces as 'manual', meaning that networkd (or
  any other backend) would not control its state in any way, requiring
  the administrator to bring the interface up or down manually. The
  other request was to mark a interface as 'off', that is: forcing the
  network interface to always be down until the configuration option
  isn't changed.

  This was mainly requested for the networkd backend and requires the
  new feature of specifying ActivationPolicy= for interfaces, alongside
  the required netplan changes.

  This feature is present in systemd 248 - for netplan supported stable
  series we have decided to cherry-pick and backport this feature on top
  of current systemd. The networkd feature basically adds the following
  5 ActivationPolicy modes: always-down, down, manual, up, always-up.
  For netplan purposes we only use 'always-down' and 'manual'.

  The netplan feature, hopefully landing as part of 0.103, is called
  'activation-mode' and supports two values: 'manual' and 'off'.

  [Test Case]

  For the systemd part:

   * Bring up a VM test environment with either a dummy interface or an 
interface that can be safely manipulated.
   * Upgrade systemd to the -proposed version
   * For the target interface, create/modify the networkd configuration to 
include the ActivationPolicy= setting in [Link], for instance:

  [Match]
  Name=dummy0

  [Network]
  Address=192.168.10.30/24
  Gateway=192.168.10.1

  [Link]
  ActivationPolicy=manual

   * Try all 5 combinations of ActivationPolicy values: always-down,
  down, manual, up, always-up - doing `sudo networkctl reload` everytime
  and checking if the interface behaves as expected.

  [Where problems could occur]

  The patchset modifies quite a lot of code in the networkd link
  handling code paths, so regressions could appear in how networkd
  manages links - maybe by suddenly certain interfaces not getting
  brought up as they were before.  By code inspection, the
  implementation defaults to ACTIVATION_POLICY_UP as the default,
  equivalent to the current behavior, so this risk is small.

  ---

  [Original Description]

  [Old Impact]
  Users need to write valid configuration, especially for new features that are 
approved by not yet implemented, such as marking a link "optional".

  [Old Test case]
  Write a netplan configuration:

  network:
    version: 2
    renderer: networkd
    ethernets:
  eth0:
    optional: yes
    dhcp4: yes

  And run 'netplan apply'. Netplan should write configuration for the
  link and not error out with a syntax error.

  [Old Regression potential]
  This has a minimal potential for regression: the new keyword was added to be 
supported already by consumers of netplan (users, cloud-init) so that they 
could start writing config with the new key and that configuration to be seen 
as valid by netplan before the backend is implemented. There is no functional 
change besides allowing for the value to exist in a netplan configuation.

  ---

  If I define an interface in netplan (even one which has no DHCP type
  and no addresses), it's not possible to determine if its adminStatus
  should 

[Touch-packages] [Bug 1664844] Re: No distinction between link-up and link-down interfaces

2021-06-10 Thread Łukasz Zemczak
Ok, after discussing with Dan, it seems we'll let this through as-is.
Actually it's not entirely clear to me why this works differently with
248.3 on impish. We decided that currently, by design, this is 'expected
behavior' and requires explicitly setting RequiredForOnline=no. Dan will
propose an upstream patch to change that behavior though.

>From the netplan side we'll make sure to do that.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1664844

Title:
  No distinction between link-up and link-down interfaces

Status in MAAS:
  Triaged
Status in netplan:
  In Progress
Status in netplan.io package in Ubuntu:
  In Progress
Status in systemd package in Ubuntu:
  Fix Released
Status in netplan.io source package in Xenial:
  Won't Fix
Status in systemd source package in Xenial:
  Won't Fix
Status in netplan.io source package in Zesty:
  Won't Fix
Status in systemd source package in Zesty:
  Won't Fix
Status in netplan.io source package in Artful:
  Won't Fix
Status in netplan.io source package in Focal:
  New
Status in systemd source package in Focal:
  Fix Committed
Status in netplan.io source package in Groovy:
  New
Status in systemd source package in Groovy:
  Fix Committed
Status in netplan.io source package in Hirsute:
  New
Status in systemd source package in Hirsute:
  Fix Committed

Bug description:
  [Impact]

  Since very long, we had a feature request in netplan to determine the
  activation mode of a given network interface. We got requests to
  enable marking some interfaces as 'manual', meaning that networkd (or
  any other backend) would not control its state in any way, requiring
  the administrator to bring the interface up or down manually. The
  other request was to mark a interface as 'off', that is: forcing the
  network interface to always be down until the configuration option
  isn't changed.

  This was mainly requested for the networkd backend and requires the
  new feature of specifying ActivationPolicy= for interfaces, alongside
  the required netplan changes.

  This feature is present in systemd 248 - for netplan supported stable
  series we have decided to cherry-pick and backport this feature on top
  of current systemd. The networkd feature basically adds the following
  5 ActivationPolicy modes: always-down, down, manual, up, always-up.
  For netplan purposes we only use 'always-down' and 'manual'.

  The netplan feature, hopefully landing as part of 0.103, is called
  'activation-mode' and supports two values: 'manual' and 'off'.

  [Test Case]

  For the systemd part:

   * Bring up a VM test environment with either a dummy interface or an 
interface that can be safely manipulated.
   * Upgrade systemd to the -proposed version
   * For the target interface, create/modify the networkd configuration to 
include the ActivationPolicy= setting in [Link], for instance:

  [Match]
  Name=dummy0

  [Network]
  Address=192.168.10.30/24
  Gateway=192.168.10.1

  [Link]
  ActivationPolicy=manual

   * Try all 5 combinations of ActivationPolicy values: always-down,
  down, manual, up, always-up - doing `sudo networkctl reload` everytime
  and checking if the interface behaves as expected.

  [Where problems could occur]

  The patchset modifies quite a lot of code in the networkd link
  handling code paths, so regressions could appear in how networkd
  manages links - maybe by suddenly certain interfaces not getting
  brought up as they were before.  By code inspection, the
  implementation defaults to ACTIVATION_POLICY_UP as the default,
  equivalent to the current behavior, so this risk is small.

  ---

  [Original Description]

  [Old Impact]
  Users need to write valid configuration, especially for new features that are 
approved by not yet implemented, such as marking a link "optional".

  [Old Test case]
  Write a netplan configuration:

  network:
    version: 2
    renderer: networkd
    ethernets:
  eth0:
    optional: yes
    dhcp4: yes

  And run 'netplan apply'. Netplan should write configuration for the
  link and not error out with a syntax error.

  [Old Regression potential]
  This has a minimal potential for regression: the new keyword was added to be 
supported already by consumers of netplan (users, cloud-init) so that they 
could start writing config with the new key and that configuration to be seen 
as valid by netplan before the backend is implemented. There is no functional 
change besides allowing for the value to exist in a netplan configuation.

  ---

  If I define an interface in netplan (even one which has no DHCP type
  and no addresses), it's not possible to determine if its adminStatus
  should be enabled (link up) or disabled (link down).

  I can completely exclude an interface from the netplan configuration,
  but I think that implies that not only its adminStatus is "disabled"
  by default, but also netplan 

[Touch-packages] [Bug 1664844] Re: No distinction between link-up and link-down interfaces

2021-06-08 Thread Łukasz Zemczak
Okay, I think I see an issue that I'm investigating right now, this
might be a verification-failed actually. We might need to cherry-pick
something more than just the selected patchset.

I have observed that if you set ActivationPolicy to a mode that doesn't
default to bringing the interface up on boot (like 'manual', 'down' or
'always-down'), systemd will wait indefinitely for the given interface
to become online on reboot. This only happens for the SRUs, impish seems
to be fine - which means that we might be missing a later change to make
sure there is no wait in this case.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1664844

Title:
  No distinction between link-up and link-down interfaces

Status in MAAS:
  Triaged
Status in netplan:
  In Progress
Status in netplan.io package in Ubuntu:
  In Progress
Status in systemd package in Ubuntu:
  Fix Released
Status in netplan.io source package in Xenial:
  Won't Fix
Status in systemd source package in Xenial:
  Won't Fix
Status in netplan.io source package in Zesty:
  Won't Fix
Status in systemd source package in Zesty:
  Won't Fix
Status in netplan.io source package in Artful:
  Won't Fix
Status in netplan.io source package in Focal:
  New
Status in systemd source package in Focal:
  Fix Committed
Status in netplan.io source package in Groovy:
  New
Status in systemd source package in Groovy:
  Fix Committed
Status in netplan.io source package in Hirsute:
  New
Status in systemd source package in Hirsute:
  Fix Committed

Bug description:
  [Impact]

  Since very long, we had a feature request in netplan to determine the
  activation mode of a given network interface. We got requests to
  enable marking some interfaces as 'manual', meaning that networkd (or
  any other backend) would not control its state in any way, requiring
  the administrator to bring the interface up or down manually. The
  other request was to mark a interface as 'off', that is: forcing the
  network interface to always be down until the configuration option
  isn't changed.

  This was mainly requested for the networkd backend and requires the
  new feature of specifying ActivationPolicy= for interfaces, alongside
  the required netplan changes.

  This feature is present in systemd 248 - for netplan supported stable
  series we have decided to cherry-pick and backport this feature on top
  of current systemd. The networkd feature basically adds the following
  5 ActivationPolicy modes: always-down, down, manual, up, always-up.
  For netplan purposes we only use 'always-down' and 'manual'.

  The netplan feature, hopefully landing as part of 0.103, is called
  'activation-mode' and supports two values: 'manual' and 'off'.

  [Test Case]

  For the systemd part:

   * Bring up a VM test environment with either a dummy interface or an 
interface that can be safely manipulated.
   * Upgrade systemd to the -proposed version
   * For the target interface, create/modify the networkd configuration to 
include the ActivationPolicy= setting in [Link], for instance:

  [Match]
  Name=dummy0

  [Network]
  Address=192.168.10.30/24
  Gateway=192.168.10.1

  [Link]
  ActivationPolicy=manual

   * Try all 5 combinations of ActivationPolicy values: always-down,
  down, manual, up, always-up - doing `sudo networkctl reload` everytime
  and checking if the interface behaves as expected.

  [Where problems could occur]

  The patchset modifies quite a lot of code in the networkd link
  handling code paths, so regressions could appear in how networkd
  manages links - maybe by suddenly certain interfaces not getting
  brought up as they were before.  By code inspection, the
  implementation defaults to ACTIVATION_POLICY_UP as the default,
  equivalent to the current behavior, so this risk is small.

  ---

  [Original Description]

  [Old Impact]
  Users need to write valid configuration, especially for new features that are 
approved by not yet implemented, such as marking a link "optional".

  [Old Test case]
  Write a netplan configuration:

  network:
    version: 2
    renderer: networkd
    ethernets:
  eth0:
    optional: yes
    dhcp4: yes

  And run 'netplan apply'. Netplan should write configuration for the
  link and not error out with a syntax error.

  [Old Regression potential]
  This has a minimal potential for regression: the new keyword was added to be 
supported already by consumers of netplan (users, cloud-init) so that they 
could start writing config with the new key and that configuration to be seen 
as valid by netplan before the backend is implemented. There is no functional 
change besides allowing for the value to exist in a netplan configuation.

  ---

  If I define an interface in netplan (even one which has no DHCP type
  and no addresses), it's not possible to determine if its adminStatus
  should be enabled (link up) or disabled (link 

[Touch-packages] [Bug 1664844] Re: No distinction between link-up and link-down interfaces

2021-06-08 Thread Łukasz Zemczak
On a focal multipass instance:

$ apt-cache policy systemd
systemd:
  Installed: 245.4-4ubuntu3.7
  Candidate: 245.4-4ubuntu3.7
  Version table:
 *** 245.4-4ubuntu3.7 500
500 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 Packages
100 /var/lib/dpkg/status

I have tried all 5 combinations of the ActivationPolicy setting for a
dummy interface and confirmed that those work as expected.

** Tags removed: verification-needed-focal
** Tags added: verification-done-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1664844

Title:
  No distinction between link-up and link-down interfaces

Status in MAAS:
  Triaged
Status in netplan:
  In Progress
Status in netplan.io package in Ubuntu:
  In Progress
Status in systemd package in Ubuntu:
  Fix Released
Status in netplan.io source package in Xenial:
  Won't Fix
Status in systemd source package in Xenial:
  Won't Fix
Status in netplan.io source package in Zesty:
  Won't Fix
Status in systemd source package in Zesty:
  Won't Fix
Status in netplan.io source package in Artful:
  Won't Fix
Status in netplan.io source package in Focal:
  New
Status in systemd source package in Focal:
  Fix Committed
Status in netplan.io source package in Groovy:
  New
Status in systemd source package in Groovy:
  Fix Committed
Status in netplan.io source package in Hirsute:
  New
Status in systemd source package in Hirsute:
  Fix Committed

Bug description:
  [Impact]

  Since very long, we had a feature request in netplan to determine the
  activation mode of a given network interface. We got requests to
  enable marking some interfaces as 'manual', meaning that networkd (or
  any other backend) would not control its state in any way, requiring
  the administrator to bring the interface up or down manually. The
  other request was to mark a interface as 'off', that is: forcing the
  network interface to always be down until the configuration option
  isn't changed.

  This was mainly requested for the networkd backend and requires the
  new feature of specifying ActivationPolicy= for interfaces, alongside
  the required netplan changes.

  This feature is present in systemd 248 - for netplan supported stable
  series we have decided to cherry-pick and backport this feature on top
  of current systemd. The networkd feature basically adds the following
  5 ActivationPolicy modes: always-down, down, manual, up, always-up.
  For netplan purposes we only use 'always-down' and 'manual'.

  The netplan feature, hopefully landing as part of 0.103, is called
  'activation-mode' and supports two values: 'manual' and 'off'.

  [Test Case]

  For the systemd part:

   * Bring up a VM test environment with either a dummy interface or an 
interface that can be safely manipulated.
   * Upgrade systemd to the -proposed version
   * For the target interface, create/modify the networkd configuration to 
include the ActivationPolicy= setting in [Link], for instance:

  [Match]
  Name=dummy0

  [Network]
  Address=192.168.10.30/24
  Gateway=192.168.10.1

  [Link]
  ActivationPolicy=manual

   * Try all 5 combinations of ActivationPolicy values: always-down,
  down, manual, up, always-up - doing `sudo networkctl reload` everytime
  and checking if the interface behaves as expected.

  [Where problems could occur]

  The patchset modifies quite a lot of code in the networkd link
  handling code paths, so regressions could appear in how networkd
  manages links - maybe by suddenly certain interfaces not getting
  brought up as they were before.  By code inspection, the
  implementation defaults to ACTIVATION_POLICY_UP as the default,
  equivalent to the current behavior, so this risk is small.

  ---

  [Original Description]

  [Old Impact]
  Users need to write valid configuration, especially for new features that are 
approved by not yet implemented, such as marking a link "optional".

  [Old Test case]
  Write a netplan configuration:

  network:
    version: 2
    renderer: networkd
    ethernets:
  eth0:
    optional: yes
    dhcp4: yes

  And run 'netplan apply'. Netplan should write configuration for the
  link and not error out with a syntax error.

  [Old Regression potential]
  This has a minimal potential for regression: the new keyword was added to be 
supported already by consumers of netplan (users, cloud-init) so that they 
could start writing config with the new key and that configuration to be seen 
as valid by netplan before the backend is implemented. There is no functional 
change besides allowing for the value to exist in a netplan configuation.

  ---

  If I define an interface in netplan (even one which has no DHCP type
  and no addresses), it's not possible to determine if its adminStatus
  should be enabled (link up) or disabled (link down).

  I can completely exclude an interface from the netplan configuration,
  but 

[Touch-packages] [Bug 1664844] Re: No distinction between link-up and link-down interfaces

2021-06-08 Thread Łukasz Zemczak
On it!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1664844

Title:
  No distinction between link-up and link-down interfaces

Status in MAAS:
  Triaged
Status in netplan:
  In Progress
Status in netplan.io package in Ubuntu:
  In Progress
Status in systemd package in Ubuntu:
  Fix Released
Status in netplan.io source package in Xenial:
  Won't Fix
Status in systemd source package in Xenial:
  Won't Fix
Status in netplan.io source package in Zesty:
  Won't Fix
Status in systemd source package in Zesty:
  Won't Fix
Status in netplan.io source package in Artful:
  Won't Fix
Status in netplan.io source package in Focal:
  New
Status in systemd source package in Focal:
  Fix Committed
Status in netplan.io source package in Groovy:
  New
Status in systemd source package in Groovy:
  Fix Committed
Status in netplan.io source package in Hirsute:
  New
Status in systemd source package in Hirsute:
  Fix Committed

Bug description:
  [Impact]

  Since very long, we had a feature request in netplan to determine the
  activation mode of a given network interface. We got requests to
  enable marking some interfaces as 'manual', meaning that networkd (or
  any other backend) would not control its state in any way, requiring
  the administrator to bring the interface up or down manually. The
  other request was to mark a interface as 'off', that is: forcing the
  network interface to always be down until the configuration option
  isn't changed.

  This was mainly requested for the networkd backend and requires the
  new feature of specifying ActivationPolicy= for interfaces, alongside
  the required netplan changes.

  This feature is present in systemd 248 - for netplan supported stable
  series we have decided to cherry-pick and backport this feature on top
  of current systemd. The networkd feature basically adds the following
  5 ActivationPolicy modes: always-down, down, manual, up, always-up.
  For netplan purposes we only use 'always-down' and 'manual'.

  The netplan feature, hopefully landing as part of 0.103, is called
  'activation-mode' and supports two values: 'manual' and 'off'.

  [Test Case]

  For the systemd part:

   * Bring up a VM test environment with either a dummy interface or an 
interface that can be safely manipulated.
   * Upgrade systemd to the -proposed version
   * For the target interface, create/modify the networkd configuration to 
include the ActivationPolicy= setting in [Link], for instance:

  [Match]
  Name=dummy0

  [Network]
  Address=192.168.10.30/24
  Gateway=192.168.10.1

  [Link]
  ActivationPolicy=manual

   * Try all 5 combinations of ActivationPolicy values: always-down,
  down, manual, up, always-up - doing `sudo networkctl reload` everytime
  and checking if the interface behaves as expected.

  [Where problems could occur]

  The patchset modifies quite a lot of code in the networkd link
  handling code paths, so regressions could appear in how networkd
  manages links - maybe by suddenly certain interfaces not getting
  brought up as they were before.  By code inspection, the
  implementation defaults to ACTIVATION_POLICY_UP as the default,
  equivalent to the current behavior, so this risk is small.

  ---

  [Original Description]

  [Old Impact]
  Users need to write valid configuration, especially for new features that are 
approved by not yet implemented, such as marking a link "optional".

  [Old Test case]
  Write a netplan configuration:

  network:
    version: 2
    renderer: networkd
    ethernets:
  eth0:
    optional: yes
    dhcp4: yes

  And run 'netplan apply'. Netplan should write configuration for the
  link and not error out with a syntax error.

  [Old Regression potential]
  This has a minimal potential for regression: the new keyword was added to be 
supported already by consumers of netplan (users, cloud-init) so that they 
could start writing config with the new key and that configuration to be seen 
as valid by netplan before the backend is implemented. There is no functional 
change besides allowing for the value to exist in a netplan configuation.

  ---

  If I define an interface in netplan (even one which has no DHCP type
  and no addresses), it's not possible to determine if its adminStatus
  should be enabled (link up) or disabled (link down).

  I can completely exclude an interface from the netplan configuration,
  but I think that implies that not only its adminStatus is "disabled"
  by default, but also netplan will not be able to do anything "nice"
  for the interface, such as rename it to what the user specified in
  MAAS.

  If I include the interface but don't specify any addresses or DHCP, it
  isn't clear if it will be link up (my current assumption) or link
  down.

  There should be a way to allow an interface to be recognized by
  netplan (and even partially configured, waiting for the 

[Touch-packages] [Bug 1925320] Re: Backport packages for 20.04.3 HWE stack

2021-05-31 Thread Łukasz Zemczak
Hello Timo, or anyone else affected,

Accepted xorg-server into focal-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/xorg-
server/2:1.20.11-1ubuntu1~20.04.1 in a few hours, and then in the
-proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: xorg-server (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1925320

Title:
  Backport packages for 20.04.3 HWE stack

Status in directx-headers package in Ubuntu:
  Invalid
Status in libdrm package in Ubuntu:
  Invalid
Status in llvm-toolchain-12 package in Ubuntu:
  Invalid
Status in mesa package in Ubuntu:
  Invalid
Status in xorg-server package in Ubuntu:
  Invalid
Status in directx-headers source package in Focal:
  Fix Committed
Status in libdrm source package in Focal:
  Fix Committed
Status in llvm-toolchain-12 source package in Focal:
  Fix Committed
Status in mesa source package in Focal:
  Fix Committed
Status in xorg-server source package in Focal:
  Fix Committed

Bug description:
  [Impact]

  These are needed for 20.04.3 images.

  [Test case]

  Boot a daily image, see that it still has the necessary stack
  installed and working.

  [What could go wrong]

  directx-headers: a new package, nothing can go wrong

  libdrm: adds some new api, no changes to old stuff

  llvm-12: a new package, no regression potential on it's own

  mesa: a new major release, but we'll pull the final stable release of
  21.0.x series, so there shouldn't be any regressions left at that
  point

  xserver: a new point-release, 1.20.x series is in deep maintenance
  mode, so there should be little chance of breakage

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/directx-headers/+bug/1925320/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1925320] Re: Backport packages for 20.04.3 HWE stack

2021-05-25 Thread Łukasz Zemczak
Hello Timo, or anyone else affected,

Accepted mesa into focal-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/mesa/21.0.1-2~20.04.1
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: mesa (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1925320

Title:
  Backport packages for 20.04.3 HWE stack

Status in directx-headers package in Ubuntu:
  Invalid
Status in libdrm package in Ubuntu:
  Invalid
Status in llvm-toolchain-12 package in Ubuntu:
  Invalid
Status in mesa package in Ubuntu:
  Invalid
Status in xorg-server package in Ubuntu:
  Invalid
Status in directx-headers source package in Focal:
  Fix Committed
Status in libdrm source package in Focal:
  Fix Committed
Status in llvm-toolchain-12 source package in Focal:
  Fix Committed
Status in mesa source package in Focal:
  Fix Committed
Status in xorg-server source package in Focal:
  New

Bug description:
  [Impact]

  These are needed for 20.04.3 images.

  [Test case]

  Boot a daily image, see that it still has the necessary stack
  installed and working.

  [What could go wrong]

  directx-headers: a new package, nothing can go wrong

  libdrm: adds some new api, no changes to old stuff

  llvm-12: a new package, no regression potential on it's own

  mesa: a new major release, but we'll pull the final stable release of
  21.0.x series, so there shouldn't be any regressions left at that
  point

  xserver: a new point-release, 1.20.x series is in deep maintenance
  mode, so there should be little chance of breakage

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/directx-headers/+bug/1925320/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1925320] Re: Backport packages for 20.04.3 HWE stack

2021-05-25 Thread Łukasz Zemczak
Hello Timo, or anyone else affected,

Accepted llvm-toolchain-12 into focal-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/llvm-
toolchain-12/1:12.0.0-3ubuntu1~20.04.1 in a few hours, and then in the
-proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: llvm-toolchain-12 (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1925320

Title:
  Backport packages for 20.04.3 HWE stack

Status in directx-headers package in Ubuntu:
  Invalid
Status in libdrm package in Ubuntu:
  Invalid
Status in llvm-toolchain-12 package in Ubuntu:
  Invalid
Status in mesa package in Ubuntu:
  Invalid
Status in xorg-server package in Ubuntu:
  Invalid
Status in directx-headers source package in Focal:
  Fix Committed
Status in libdrm source package in Focal:
  Fix Committed
Status in llvm-toolchain-12 source package in Focal:
  Fix Committed
Status in mesa source package in Focal:
  New
Status in xorg-server source package in Focal:
  New

Bug description:
  [Impact]

  These are needed for 20.04.3 images.

  [Test case]

  Boot a daily image, see that it still has the necessary stack
  installed and working.

  [What could go wrong]

  directx-headers: a new package, nothing can go wrong

  libdrm: adds some new api, no changes to old stuff

  llvm-12: a new package, no regression potential on it's own

  mesa: a new major release, but we'll pull the final stable release of
  21.0.x series, so there shouldn't be any regressions left at that
  point

  xserver: a new point-release, 1.20.x series is in deep maintenance
  mode, so there should be little chance of breakage

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/directx-headers/+bug/1925320/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1664844] Re: No distinction between link-up and link-down interfaces

2021-05-25 Thread Łukasz Zemczak
** Description changed:

  [Impact]
  
  Since very long, we had a feature request in netplan to determine the
  activation mode of a given network interface. We got requests to enable
  marking some interfaces as 'manual', meaning that networkd (or any other
  backend) would not control its state in any way, requiring the
  administrator to bring the interface up or down manually. The other
  request was to mark a interface as 'off', that is: forcing the network
  interface to always be down until the configuration option isn't
  changed.
  
  This was mainly requested for the networkd backend and requires the new
  feature of specifying ActivationPolicy= for interfaces, alongside the
  required netplan changes.
  
  This feature is present in systemd 248 - for netplan supported stable
  series we have decided to cherry-pick and backport this feature on top
  of current systemd. The networkd feature basically adds the following 5
  ActivationPolicy modes: always-down, down, manual, up, always-up. For
  netplan purposes we only use 'always-down' and 'manual'.
  
  The netplan feature, hopefully landing as part of 0.103, is called
  'activation-mode' and supports two values: 'manual' and 'off'.
  
  [Test Case]
  
  For the systemd part:
  
-  * Bring up a VM test environment with either a dummy interface or an 
interface that can be safely manipulated.
-  * Upgrade systemd to the -proposed version
-  * For the target interface, create/modify the networkd configuration (for 
instance by adding /etc/systemd/network/20-.network) to include the 
ActivationPolicy= setting in [Link], for instance:
+  * Bring up a VM test environment with either a dummy interface or an 
interface that can be safely manipulated.
+  * Upgrade systemd to the -proposed version
+  * For the target interface, create/modify the networkd configuration to 
include the ActivationPolicy= setting in [Link], for instance:
  
  [Match]
  Name=dummy0
  
  [Network]
  Address=192.168.10.30/24
  Gateway=192.168.10.1
  
  [Link]
  ActivationPolicy=manual
  
-  * Try all 5 combinations of ActivationPolicy values: always-down, down,
+  * Try all 5 combinations of ActivationPolicy values: always-down, down,
  manual, up, always-up - doing `sudo networkctl reload` everytime and
  checking if the interface behaves as expected.
  
  [Where problems could occur]
  
  The patchset modifies quite a lot of code in the networkd link handling
  code paths, so regressions could appear in how networkd manages links -
  maybe by suddenly certain interfaces not getting brought up as they were
  before.
  
  ---
- 
  
  [Original Description]
  
  [Old Impact]
  Users need to write valid configuration, especially for new features that are 
approved by not yet implemented, such as marking a link "optional".
  
  [Old Test case]
  Write a netplan configuration:
  
  network:
    version: 2
    renderer: networkd
    ethernets:
  eth0:
    optional: yes
    dhcp4: yes
  
  And run 'netplan apply'. Netplan should write configuration for the link
  and not error out with a syntax error.
  
  [Old Regression potential]
  This has a minimal potential for regression: the new keyword was added to be 
supported already by consumers of netplan (users, cloud-init) so that they 
could start writing config with the new key and that configuration to be seen 
as valid by netplan before the backend is implemented. There is no functional 
change besides allowing for the value to exist in a netplan configuation.
  
  ---
  
  If I define an interface in netplan (even one which has no DHCP type and
  no addresses), it's not possible to determine if its adminStatus should
  be enabled (link up) or disabled (link down).
  
  I can completely exclude an interface from the netplan configuration,
  but I think that implies that not only its adminStatus is "disabled" by
  default, but also netplan will not be able to do anything "nice" for the
  interface, such as rename it to what the user specified in MAAS.
  
  If I include the interface but don't specify any addresses or DHCP, it
  isn't clear if it will be link up (my current assumption) or link down.
  
  There should be a way to allow an interface to be recognized by netplan
  (and even partially configured, waiting for the user to run something
  like 'ifup ' on a manual but not auto-started interface in
  ifupdown), but marked administratively disabled. (adminStatus down)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1664844

Title:
  No distinction between link-up and link-down interfaces

Status in MAAS:
  Triaged
Status in netplan:
  In Progress
Status in netplan.io package in Ubuntu:
  In Progress
Status in systemd package in Ubuntu:
  Fix Released
Status in netplan.io source package in Xenial:
  Won't Fix
Status in systemd source package in Xenial:
  Won't Fix
Status in netplan.io source 

[Touch-packages] [Bug 1928973] Re: Please merge lvm2 2.03.11-2.1 from Debian unstable

2021-05-24 Thread Łukasz Zemczak
** Changed in: lvm2 (Ubuntu)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lvm2 in Ubuntu.
https://bugs.launchpad.net/bugs/1928973

Title:
  Please merge lvm2 2.03.11-2.1 from Debian unstable

Status in lvm2 package in Ubuntu:
  Fix Committed

Bug description:
  Please merge lvm2 2.03.11-2.1 from Debian unstable.

  Updated changelog and diff against Debian unstable to be attached
  below.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/1928973/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1928973] Re: Please merge lvm2 2.03.11-2.1 from Debian unstable

2021-05-24 Thread Łukasz Zemczak
LGTM, sponsoring!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lvm2 in Ubuntu.
https://bugs.launchpad.net/bugs/1928973

Title:
  Please merge lvm2 2.03.11-2.1 from Debian unstable

Status in lvm2 package in Ubuntu:
  New

Bug description:
  Please merge lvm2 2.03.11-2.1 from Debian unstable.

  Updated changelog and diff against Debian unstable to be attached
  below.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/1928973/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1927796] Re: [SRU]pam_tally2 can cause accounts to be locked by correct password. pam_faillock use is the recommended fix

2021-05-24 Thread Łukasz Zemczak
Hey Marc! What about the postgresql-10/armhf autopkgtest failure for
bionic?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1927796

Title:
  [SRU]pam_tally2 can cause accounts to be locked by correct password.
  pam_faillock use is the recommended fix

Status in pam package in Ubuntu:
  Fix Released
Status in pam source package in Bionic:
  Fix Committed
Status in pam source package in Focal:
  Fix Released
Status in pam source package in Groovy:
  Fix Released
Status in pam source package in Hirsute:
  Fix Released
Status in pam source package in Impish:
  Fix Released

Bug description:
  [IMPACT]
  There is a known issue in pam_tally2 which may cause an account to be lock 
down even with correct password, in a busy node environment where simultaneous 
logins takes place (https://github.com/linux-pam/linux-pam/issues/71).

  There are already two customer cases from Canonical clients
  complaining about this behavior (00297697 and 00303806).

  Also, potentially, this will cause further problems in the future,
  since both STIG benchmarks and CIS benchmarks rely on pam_tally2 to
  lock accounts when wrong passwords are used. And both benchmarks - but
  specially STIG - requires use of a lot of audit rules, which can lead
  to the busy node environment.

  The issue impacts all pam_tally2 versions distributed in all currently
  supported Ubuntu versions and also the next unreleased one. Note that,
  according to https://github.com/linux-pam/linux-pam/issues/71, there
  is no plan to fix this issue!

  [FIX]
  This fix proposes to add pam_faillock module to the PAM package, so users of 
pam_tally2 having issues can migrate to pam_faillock. We also plan to modify 
the current STIG benchmarks to rely on pam_faillock instead of pam_tally2, but 
in order to do so, we need the pam_faillock module to be available.

  Note that we don't propose to remove pam_tally2, since not every user
  of this module is affected.

  [TEST]
  Tested on a VM installed with Focal server iso and on another with Bionic 
server iso. Enabled pam_faillock module as recommeded by its man page. Then 
tried to log over ssh with an incorrect password, until the account got locked. 
Waited for the configured grace time to unlock and logged in using the correct 
password.

  Note that, since the pam_tally2 issue is caused by a racing condition,
  with a hard to recreate environment (we could not even reproduce it
  with pam_tally2), we could not reproduce the conditions to test
  pam_faillock with.

  [REGRESSION POTENTIAL]
  The regression potential for this is small, since we're not removing the old 
pam_tally2 module, just adding another one. So anyone still using pam_tally2 
will be able to do so.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1927796/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1902898] Update Released

2021-05-24 Thread Łukasz Zemczak
The verification of the Stable Release Update for ubuntu-settings has
completed successfully and the package is now being released to
-updates.  Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ubuntu-settings in Ubuntu.
https://bugs.launchpad.net/bugs/1902898

Title:
  power-button action inconsistent between user session and greeter

Status in ubuntu-settings package in Ubuntu:
  Fix Released
Status in ubuntu-settings source package in Focal:
  Fix Released
Status in ubuntu-settings source package in Hirsute:
  Fix Released

Bug description:
  [Impact] 
  When a user is logged in to the Ubuntu desktop, a power button event will 
cause the user to be prompted to choose if they'd like to proceed with a 
shutdown. However, if the system is sitting at a greeter screen, a power button 
event will instead attempt a suspend w/o prompting. This is due to a different 
set of defaults for the greeter and the user.
  This is a fix for this, aligning all power actions between the greeter 
behaviour and the user session one on the user session.

  [Test Plan] 
  1. Install new package and reboot
  2. On the greeter screen (gdm), press the physical power button of your 
machine.
  3. You should be now prompted about what to do, like shutdown. You can 
dismiss it.
  4. Clicking on the physical suspend button should suspend the machine 
immediatly.

  [Where problems could occur]
  We change the scope of when we applied those settings: we were only applying 
them to the GNOME session ran by the user, and it will now be applied as 
default to the GNOME session ran by gdm.
  Impacts is thus limited to the greeter screen.

  
  Diff is available on this commit: 
https://git.launchpad.net/~ubuntu-desktop/ubuntu/+source/ubuntu-settings/commit/?h=focal=ca2f9aa9b03862ff044b64d7ef9506ca87e3dd89

  --
  Original report content:

  For a logged-in desktop user, they
  see:

  $ gsettings get org.gnome.settings-daemon.plugins.power
  power-button-action 'interactive'

  But the gdm user sees:
  $ sudo machinectl shell gdm@ /bin/bash
  Connected to the local host. Press ^] three times within 1s to exit session.
  gdm:~$ gsettings get org.gnome.settings-daemon.plugins.power 
power-button-action
  'suspend'

  Changing the gdm user's setting to "interactive" using gsettings
  causes the greeter to begin prompting, consistent with the logged in
  user experience.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-settings/+bug/1902898/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1902898] Re: power-button action inconsistent between user session and greeter

2021-05-24 Thread Łukasz Zemczak
Dann, please be sure to always include the version number of the package
you have tested next time!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ubuntu-settings in Ubuntu.
https://bugs.launchpad.net/bugs/1902898

Title:
  power-button action inconsistent between user session and greeter

Status in ubuntu-settings package in Ubuntu:
  Fix Released
Status in ubuntu-settings source package in Focal:
  Fix Released
Status in ubuntu-settings source package in Hirsute:
  Fix Released

Bug description:
  [Impact] 
  When a user is logged in to the Ubuntu desktop, a power button event will 
cause the user to be prompted to choose if they'd like to proceed with a 
shutdown. However, if the system is sitting at a greeter screen, a power button 
event will instead attempt a suspend w/o prompting. This is due to a different 
set of defaults for the greeter and the user.
  This is a fix for this, aligning all power actions between the greeter 
behaviour and the user session one on the user session.

  [Test Plan] 
  1. Install new package and reboot
  2. On the greeter screen (gdm), press the physical power button of your 
machine.
  3. You should be now prompted about what to do, like shutdown. You can 
dismiss it.
  4. Clicking on the physical suspend button should suspend the machine 
immediatly.

  [Where problems could occur]
  We change the scope of when we applied those settings: we were only applying 
them to the GNOME session ran by the user, and it will now be applied as 
default to the GNOME session ran by gdm.
  Impacts is thus limited to the greeter screen.

  
  Diff is available on this commit: 
https://git.launchpad.net/~ubuntu-desktop/ubuntu/+source/ubuntu-settings/commit/?h=focal=ca2f9aa9b03862ff044b64d7ef9506ca87e3dd89

  --
  Original report content:

  For a logged-in desktop user, they
  see:

  $ gsettings get org.gnome.settings-daemon.plugins.power
  power-button-action 'interactive'

  But the gdm user sees:
  $ sudo machinectl shell gdm@ /bin/bash
  Connected to the local host. Press ^] three times within 1s to exit session.
  gdm:~$ gsettings get org.gnome.settings-daemon.plugins.power 
power-button-action
  'suspend'

  Changing the gdm user's setting to "interactive" using gsettings
  causes the greeter to begin prompting, consistent with the logged in
  user experience.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-settings/+bug/1902898/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1898026] Re: interruption of dist-upgrade can leave you next release in sources.list

2021-05-24 Thread Łukasz Zemczak
Hello udippel, or anyone else affected,

Accepted ubuntu-release-upgrader into groovy-proposed. The package will
build now and be available at https://launchpad.net/ubuntu/+source
/ubuntu-release-upgrader/1:20.10.16 in a few hours, and then in the
-proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
groovy to verification-done-groovy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-groovy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: ubuntu-release-upgrader (Ubuntu Groovy)
   Status: In Progress => Fix Committed

** Tags removed: verification-done-groovy
** Tags added: verification-needed-groovy

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1898026

Title:
  interruption of dist-upgrade can leave you next release in
  sources.list

Status in apt package in Ubuntu:
  Fix Released
Status in ubuntu-release-upgrader package in Ubuntu:
  Fix Released
Status in apt source package in Bionic:
  New
Status in ubuntu-release-upgrader source package in Bionic:
  New
Status in apt source package in Focal:
  New
Status in ubuntu-release-upgrader source package in Focal:
  Fix Committed
Status in apt source package in Groovy:
  Fix Released
Status in ubuntu-release-upgrader source package in Groovy:
  Fix Committed
Status in apt source package in Hirsute:
  Fix Released
Status in ubuntu-release-upgrader source package in Hirsute:
  Fix Released

Bug description:
  [Impact]
  Calling update() or installing packages from apt clients resets their SIGINT 
and SIGQUIT handlers to SIG_DFL, overriding any signal handlers they might have 
set for them.

  In case of ubuntu-release-upgrader, this results in the release
  upgrader being unable to handle interrupts after it did the initial
  update - the default libc handler will run and the program exits.

  [Test plan]

  [[apt]]
  As a standalone test for apt, we can test the following script:

  import apt
  import time

  apt.Cache().update()
  print("WAITING")
  try:
  time.sleep(1)
  except BaseException as e:
  print("Seen", repr(e))
  print("END")

  Pressing Ctrl+C while WAITING is printed should print Seen
  KeyboardInterrupt, and importantly, also the END line.

  [[ubuntu-release-upgrader]]
  1) On an Ubuntu 18.04 system run do-release-upgrade in a terminal.
  2) At the "Do you want to start the upgrade?" question say Y.
  3) When you see the "Lock screen disabled" message you will also see 
"Inhibiting until Ctrl+C is pressed".
  4) Press "Ctrl+C"

  Your /etc/apt/sources.list file will now have focal in it instead of
  bionic although the upgrade has quit. With the version of ubuntu-
  release-upgrader in -proposed you will not see the "Ctrl+C" message.
  For your sources.list file to be restored you'll need the version of
  apt from bionic-proposed installed before starting the upgrade.

  [Where problems could occur]
  apt: This specific change removes the two lines that SIG_DFL the signal 
handlers after running scripts. AFAWCT those lines are unnecessary - the code 
that calls it temporarily sets the handlers to SIG_IGN but restores previous 
handlers at the end; it was wrongly refactored decades ago. A regression could 
occur in that those signals will now continue to be ignored if we missed a spot.

  ubuntu-release-upgrader: The change is wrapping a bunch of code in a
  try: except: block so if the indentation was off the pyflakes /
  pycodestyle tests would fail but autopkgtest will catch that.

  [Original bug report]
  As a long-time-user of ?ubuntu, with apt-get as tool of choice for 
updates/upgrades I wrote a daily script for updates, with 'dist-upgrade'.
  In all earlier years, it wouldn't actually do an upgrade of a ?ubuntu 
version; just all packages including new ones. Version updates had to be 
initiated manually, and I was always asked if I really wanted the new ?ubuntu 
version. Sounds appropriate.

  Last night when it (dist-upgrade), it just gave me 20.04. No questions asked. 
I for one consider this kind of intrusive, though.
  It *might* have to make 

[Touch-packages] [Bug 1928001] Update Released

2021-05-24 Thread Łukasz Zemczak
The verification of the Stable Release Update for glib2.0 has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to glib2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1928001

Title:
  [SRU] New stable release 2.68.1

Status in glib2.0 package in Ubuntu:
  Fix Released
Status in glib2.0 source package in Hirsute:
  Fix Released

Bug description:
  [ Description ]

  Take this new upstream stable release.

  * Fix a crash in `GKeyFile` when parsing a file which contains translations
using a `GKeyFile` instance which has loaded another file previously (#2361)

  * Pin GIO DLL in memory on Windows (!2016)

  * Bugs fixed:
   - #2361 g_key_file_load_from_file segfaults on "Key[*]="like lines
   - !1997 Backport !1996 “Include glibconfig.h to get the G_OS_UNIX token” to 
glib-2-68
   - !2016 GIO W32: Pin gio DLL
   - !2021 Backport MR !2016 (GIO W32: Pin gio DLL) into glib-2-68
   - !2022 Few fixes and notes for building on Visual Studio 2012 and earlier
   - !2034 Backport MR !2032 (gkeyfile: Drop a redundant check) into glib-2-68
   - !2035 Backport !2026 “Split g_test_log() messages that contain multiple 
lines” to glib-2-68

  [ QA ]

  Upstream release, so QA already performed by maintainers

  https://wiki.ubuntu.com/StableReleaseUpdates/GNOME

  This upload will trigger many autopkgtests that we expect to not be
  regressed by this upload.

  [ What could go wrong ]

  This update contains fixes in multiple places so multiple apps could
  be affected. The consequences of a broken GLib can range from some
  functions returning bad results sometimes, which have minimal runtime
  implications, up to the system simply crashing all the time.

  Pretty much all parts of GNOME use GLib, so test anything in the
  desktop that you can. If you reboot the machine and can get to the
  desktop, that's already tested GLib extensively. But also run
  applications like GNOME terminal, Files and Epiphany.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/1928001/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1928001] Re: [SRU] New stable release 2.68.1

2021-05-24 Thread Łukasz Zemczak
Hints committed, thanks for looking into that!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to glib2.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1928001

Title:
  [SRU] New stable release 2.68.1

Status in glib2.0 package in Ubuntu:
  Fix Released
Status in glib2.0 source package in Hirsute:
  Fix Released

Bug description:
  [ Description ]

  Take this new upstream stable release.

  * Fix a crash in `GKeyFile` when parsing a file which contains translations
using a `GKeyFile` instance which has loaded another file previously (#2361)

  * Pin GIO DLL in memory on Windows (!2016)

  * Bugs fixed:
   - #2361 g_key_file_load_from_file segfaults on "Key[*]="like lines
   - !1997 Backport !1996 “Include glibconfig.h to get the G_OS_UNIX token” to 
glib-2-68
   - !2016 GIO W32: Pin gio DLL
   - !2021 Backport MR !2016 (GIO W32: Pin gio DLL) into glib-2-68
   - !2022 Few fixes and notes for building on Visual Studio 2012 and earlier
   - !2034 Backport MR !2032 (gkeyfile: Drop a redundant check) into glib-2-68
   - !2035 Backport !2026 “Split g_test_log() messages that contain multiple 
lines” to glib-2-68

  [ QA ]

  Upstream release, so QA already performed by maintainers

  https://wiki.ubuntu.com/StableReleaseUpdates/GNOME

  This upload will trigger many autopkgtests that we expect to not be
  regressed by this upload.

  [ What could go wrong ]

  This update contains fixes in multiple places so multiple apps could
  be affected. The consequences of a broken GLib can range from some
  functions returning bad results sometimes, which have minimal runtime
  implications, up to the system simply crashing all the time.

  Pretty much all parts of GNOME use GLib, so test anything in the
  desktop that you can. If you reboot the machine and can get to the
  desktop, that's already tested GLib extensively. But also run
  applications like GNOME terminal, Files and Epiphany.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/1928001/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1925379] Update Released

2021-05-24 Thread Łukasz Zemczak
The verification of the Stable Release Update for gtk+3.0 has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to gtk+3.0 in Ubuntu.
https://bugs.launchpad.net/bugs/1925379

Title:
  Auto-Correct in LibreOffice does not work with 3.24.25-1ubuntu4

Status in gtk+3.0 package in Ubuntu:
  Fix Released
Status in gtk+3.0 source package in Hirsute:
  Fix Released

Bug description:
  * Impact

  The auto-correction in libreoffice is not action as it should

  * Test case

  see comment 9

  * Regression potential

  The changes are in the input handling so check that standard input,
  keyboard layouts, compose and keybinding as worked as expected on
  different layout and language type, include ibus and chinese.

   
  I just did a fresh install of Ubuntu 21.04 (smooth as silk), but then 
discovered that Auto-Correct in LibreOffice does not work. Yesterday, when I 
was still running 20.04, Auto-Correct worked fine -- same LibreOffice version, 
same LibreOffice profile, same LibreOffice document, and no changes on my part 
to my LibreOffice settings since I installed Ubuntu 21.04.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/gtk+3.0/+bug/1925379/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1927796] Update Released

2021-05-24 Thread Łukasz Zemczak
The verification of the Stable Release Update for pam has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1927796

Title:
  [SRU]pam_tally2 can cause accounts to be locked by correct password.
  pam_faillock use is the recommended fix

Status in pam package in Ubuntu:
  Fix Released
Status in pam source package in Bionic:
  Fix Committed
Status in pam source package in Focal:
  Fix Committed
Status in pam source package in Groovy:
  Fix Committed
Status in pam source package in Hirsute:
  Fix Released
Status in pam source package in Impish:
  Fix Released

Bug description:
  [IMPACT]
  There is a known issue in pam_tally2 which may cause an account to be lock 
down even with correct password, in a busy node environment where simultaneous 
logins takes place (https://github.com/linux-pam/linux-pam/issues/71).

  There are already two customer cases from Canonical clients
  complaining about this behavior (00297697 and 00303806).

  Also, potentially, this will cause further problems in the future,
  since both STIG benchmarks and CIS benchmarks rely on pam_tally2 to
  lock accounts when wrong passwords are used. And both benchmarks - but
  specially STIG - requires use of a lot of audit rules, which can lead
  to the busy node environment.

  The issue impacts all pam_tally2 versions distributed in all currently
  supported Ubuntu versions and also the next unreleased one. Note that,
  according to https://github.com/linux-pam/linux-pam/issues/71, there
  is no plan to fix this issue!

  [FIX]
  This fix proposes to add pam_faillock module to the PAM package, so users of 
pam_tally2 having issues can migrate to pam_faillock. We also plan to modify 
the current STIG benchmarks to rely on pam_faillock instead of pam_tally2, but 
in order to do so, we need the pam_faillock module to be available.

  Note that we don't propose to remove pam_tally2, since not every user
  of this module is affected.

  [TEST]
  Tested on a VM installed with Focal server iso and on another with Bionic 
server iso. Enabled pam_faillock module as recommeded by its man page. Then 
tried to log over ssh with an incorrect password, until the account got locked. 
Waited for the configured grace time to unlock and logged in using the correct 
password.

  Note that, since the pam_tally2 issue is caused by a racing condition,
  with a hard to recreate environment (we could not even reproduce it
  with pam_tally2), we could not reproduce the conditions to test
  pam_faillock with.

  [REGRESSION POTENTIAL]
  The regression potential for this is small, since we're not removing the old 
pam_tally2 module, just adding another one. So anyone still using pam_tally2 
will be able to do so.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1927796/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1928931] Re: German strings in deja-dup.mo for en_GB

2021-05-20 Thread Łukasz Zemczak
Hello Iain, or anyone else affected,

Accepted language-pack-gnome-en into hirsute-proposed. The package will
build now and be available at https://launchpad.net/ubuntu/+source
/language-pack-gnome-en/1:21.10+20210415ubuntu1 in a few hours, and then
in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
hirsute to verification-done-hirsute. If it does not fix the bug for
you, please add a comment stating that, and change the tag to
verification-failed-hirsute. In either case, without details of your
testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: language-pack-gnome-en (Ubuntu Hirsute)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-hirsute

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to language-pack-gnome-en in
Ubuntu.
https://bugs.launchpad.net/bugs/1928931

Title:
  German strings in deja-dup.mo for en_GB

Status in language-pack-gnome-en package in Ubuntu:
  In Progress
Status in language-pack-gnome-en source package in Hirsute:
  Fix Committed

Bug description:
  [ Description ]

  Some German strings were accidentally translated under en_GB. They
  affect the default Ubuntu install - some of them are strings which are
  displayed as a notification some time after first logging in, so it's
  quite visible. See the attached screenshot.

  [ Fix ]

  Revert the German and go back to the proper English text. The way to
  fix langpacks is to upload the language-pack-gnome-XX package which
  replaces files in language-pack-gnome-XX-base.

  [ Devel release ]

  I'd like to propose to binary copy forward, and let the normal
  langpack release schedule take care of eventually dominating these
  away in impish.

  [ QA ]

  To verify the diff, compare deja-dup.po from language-pack-gnome-en-
  base to the one in this upload. You'll have to do that manually.

    0. Be in en_GB.
    1. Install the SRU
    2. In an Ubuntu Desktop session, open a terminal and run `deja-dup 
--prompt`.
    3. Note the buttons in the notification that shows up. They should be in 
English.

  [ What could go wrong ]

  1. There could be other instances of this in different packages we haven't 
noticed yet
  2. If I break the .po file, it could either break the build or the 
translations at runtime (but this is English, so if we fall back to C it's not 
too bad)
  3. If my diff is wrong then I might have dropped some en_GB translations or 
made them wrong

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/language-pack-gnome-en/+bug/1928931/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1928931] Re: German strings in deja-dup.mo for en_GB

2021-05-20 Thread Łukasz Zemczak
hm, do we actually know *why* this happened? Does this mean there is a bug in 
langpack-o-matic that causes a mix-up of languages? Or was this an issue on the 
Launchpad translation side of things?
I'd like to understand this better and, if needed, filling in a 
langpack-o-matic bug for this.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to language-pack-gnome-en in
Ubuntu.
https://bugs.launchpad.net/bugs/1928931

Title:
  German strings in deja-dup.mo for en_GB

Status in language-pack-gnome-en package in Ubuntu:
  In Progress
Status in language-pack-gnome-en source package in Hirsute:
  In Progress

Bug description:
  [ Description ]

  Some German strings were accidentally translated under en_GB. They
  affect the default Ubuntu install - some of them are strings which are
  displayed as a notification some time after first logging in, so it's
  quite visible. See the attached screenshot.

  [ Fix ]

  Revert the German and go back to the proper English text. The way to
  fix langpacks is to upload the language-pack-gnome-XX package which
  replaces files in language-pack-gnome-XX-base.

  [ Devel release ]

  I'd like to propose to binary copy forward, and let the normal
  langpack release schedule take care of eventually dominating these
  away in impish.

  [ QA ]

  To verify the diff, compare deja-dup.po from language-pack-gnome-en-
  base to the one in this upload. You'll have to do that manually.

    0. Be in en_GB.
    1. Install the SRU
    2. In an Ubuntu Desktop session, open a terminal and run `deja-dup 
--prompt`.
    3. Note the buttons in the notification that shows up. They should be in 
English.

  [ What could go wrong ]

  1. There could be other instances of this in different packages we haven't 
noticed yet
  2. If I break the .po file, it could either break the build or the 
translations at runtime (but this is English, so if we fall back to C it's not 
too bad)
  3. If my diff is wrong then I might have dropped some en_GB translations or 
made them wrong

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/language-pack-gnome-en/+bug/1928931/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1925320] Please test proposed package

2021-05-19 Thread Łukasz Zemczak
Hello Timo, or anyone else affected,

Accepted directx-headers into focal-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/directx-
headers/1.0.2-1~20.04.1 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1925320

Title:
  Backport packages for 20.04.3 HWE stack

Status in directx-headers package in Ubuntu:
  Invalid
Status in libdrm package in Ubuntu:
  Invalid
Status in llvm-toolchain-12 package in Ubuntu:
  Invalid
Status in mesa package in Ubuntu:
  Invalid
Status in xorg-server package in Ubuntu:
  Invalid
Status in directx-headers source package in Focal:
  Fix Committed
Status in libdrm source package in Focal:
  Fix Committed
Status in llvm-toolchain-12 source package in Focal:
  New
Status in mesa source package in Focal:
  New
Status in xorg-server source package in Focal:
  New

Bug description:
  [Impact]

  These are needed for 20.04.3 images.

  [Test case]

  Boot a daily image, see that it still has the necessary stack
  installed and working.

  [What could go wrong]

  directx-headers: a new package, nothing can go wrong

  libdrm: adds some new api, no changes to old stuff

  llvm-12: a new package, no regression potential on it's own

  mesa: a new major release, but we'll pull the final stable release of
  21.0.x series, so there shouldn't be any regressions left at that
  point

  xserver: a new point-release, 1.20.x series is in deep maintenance
  mode, so there should be little chance of breakage

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/directx-headers/+bug/1925320/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1925320] Re: Backport packages for 20.04.3 HWE stack

2021-05-19 Thread Łukasz Zemczak
** Changed in: directx-headers (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/1925320

Title:
  Backport packages for 20.04.3 HWE stack

Status in directx-headers package in Ubuntu:
  Invalid
Status in libdrm package in Ubuntu:
  Invalid
Status in llvm-toolchain-12 package in Ubuntu:
  Invalid
Status in mesa package in Ubuntu:
  Invalid
Status in xorg-server package in Ubuntu:
  Invalid
Status in directx-headers source package in Focal:
  Fix Committed
Status in libdrm source package in Focal:
  Fix Committed
Status in llvm-toolchain-12 source package in Focal:
  New
Status in mesa source package in Focal:
  New
Status in xorg-server source package in Focal:
  New

Bug description:
  [Impact]

  These are needed for 20.04.3 images.

  [Test case]

  Boot a daily image, see that it still has the necessary stack
  installed and working.

  [What could go wrong]

  directx-headers: a new package, nothing can go wrong

  libdrm: adds some new api, no changes to old stuff

  llvm-12: a new package, no regression potential on it's own

  mesa: a new major release, but we'll pull the final stable release of
  21.0.x series, so there shouldn't be any regressions left at that
  point

  xserver: a new point-release, 1.20.x series is in deep maintenance
  mode, so there should be little chance of breakage

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/directx-headers/+bug/1925320/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1923880] Re: libdrm 2.4.105: Add support for Intel Jasper Lake, Alder Lake

2021-05-19 Thread Łukasz Zemczak
Hello Timo, or anyone else affected,

Accepted libdrm into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/libdrm/2.4.105-3~20.04.1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: libdrm (Ubuntu Focal)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libdrm in Ubuntu.
https://bugs.launchpad.net/bugs/1923880

Title:
  libdrm 2.4.105: Add support for Intel Jasper Lake, Alder Lake

Status in libdrm package in Ubuntu:
  Fix Released
Status in libdrm source package in Focal:
  Fix Committed
Status in libdrm source package in Hirsute:
  Fix Committed

Bug description:
  [Impact]

  There is a new minor release available, which adds support for i915
  Jasper Lake (JSL) and Alder Lake S (ADL-S), among other things.

  With this added, JSL can boot hirsute with the native driver.

  [Test case]

  Boot on JSL/ADL hardware, check that the native drm/dri driver is used
  (mesa support is already included).

  [What could go wrong]

  The worst case would be that the native driver would not be used
  anymore with this version, but there's no chance for that.

  Two regressing commits were reverted for impish, and we'll include
  those too.

  --

  git shortlog since 2.4.104:

  6b4e956d299c6ff Bump version to 2.4.105
  1d13cc1032bf66f amdgpu: add function of INFO ioctl for querying video caps
  50c98335c7b4013 amdgpu: sync up amdgpu_drm.h with latest from kernel
  b362850689d1b00 xf86drmMode: set FB_MODIFIERS flag when modifiers are supplied
  a5a400c9581c3b9 tests/amdgpu: fix bo eviction test issue
  af871ec1a6f017b drm/tests/amdgpu: fix Metadata test failed issue
  6d821612d9a4bc4 xf86drmMode: introduce drmModeGetPropertyType
  f5abbc303361980 test/amdgpu: remove static varible in Syncobj test
  cd3681976c3bbef intel: Keep libdrm working without pread/pwrite ioctls
  52f05d3d896480e meson: use library() instead of shared_library().
  7d6a1759900ffde xf86drm: fix null pointer deref in drmGetBufInfo
  2e67fef5f6c5870 intel: Add support for JSL
  a9bb32cfe1ee87f xf86drm: cap number of reported devices by drmGetDevice(2)
  06844b6eaefb03c Revert "xf86drm: cap number of reported devices by 
drmGetDevice(2)"
  632f59fcbfc790a xf86drm: warn about GEM handle reference counting
  523b3658aa8efa7 xf86drmMode: add drmIsKMS
  1225171bd55f65d amdgpu_drm: sync up with the latest amdgpu_drm.h based on 
drm-next (https://cgit.freedesktop.org/drm/drm)
  3b6cfb20fb3b7dd intel: add INTEL_ADLS_IDS to the pciids list
  9086ff9dafa87f9 intel: sync i915_pciids.h with kernel
  869ef0e4b22b8ba amdgpu: update marketing names
  a43cac24db2876b Avoid some compiler errors for 
tests/util/pattern.c62b9a3eee9bdaaf
  8cb12a2528d795c xf86drm: cap number of reported devices by drmGetDevice(2)
  19f0a9cb878da5b tests/amdgpu/vcn: clean abundant codes
  2315bcddd643b4b tests/amdgpu: add vcn test support for dimgrey_cavefish
  10377d661a31c7a tests/amdgpu: add vcn test support for navy_flounder
  5f85a6d98baba1d tests/util: Add mxsfb-drm driver
  62b9a3eee9bdaaf meson: Also search for rst2man.py
  10dd3eb6d5ab6c1 Use dep_rt in amdgpu/meson.build

  diffstat:
   amdgpu/amdgpu-symbols.txt|1
   amdgpu/amdgpu.h  |   17 +++
   amdgpu/amdgpu_gpu_info.c |   15 ++
   amdgpu/meson.build   |4 -
   core-symbols.txt |1
   data/amdgpu.ids  |6 ++
   etnaviv/meson.build  |2
   exynos/meson.build   |2
   freedreno/meson.build|2
   include/drm/amdgpu_drm.h |   51 +++---
   intel/i915_pciids.h  |  177 
+++--
   intel/intel_bufmgr_gem.c |   96 -
   intel/intel_chipset.c|2
   

[Touch-packages] [Bug 1925320] Re: Backport packages for 20.04.3 HWE stack

2021-05-19 Thread Łukasz Zemczak
Hello Timo, or anyone else affected,

Accepted libdrm into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/libdrm/2.4.105-3~20.04.1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: libdrm (Ubuntu Focal)
   Status: New => Fix Committed

** Tags added: verification-needed verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libdrm in Ubuntu.
https://bugs.launchpad.net/bugs/1925320

Title:
  Backport packages for 20.04.3 HWE stack

Status in directx-headers package in Ubuntu:
  Invalid
Status in libdrm package in Ubuntu:
  Invalid
Status in llvm-toolchain-12 package in Ubuntu:
  Invalid
Status in mesa package in Ubuntu:
  Invalid
Status in xorg-server package in Ubuntu:
  Invalid
Status in directx-headers source package in Focal:
  New
Status in libdrm source package in Focal:
  Fix Committed
Status in llvm-toolchain-12 source package in Focal:
  New
Status in mesa source package in Focal:
  New
Status in xorg-server source package in Focal:
  New

Bug description:
  [Impact]

  These are needed for 20.04.3 images.

  [Test case]

  Boot a daily image, see that it still has the necessary stack
  installed and working.

  [What could go wrong]

  directx-headers: a new package, nothing can go wrong

  libdrm: adds some new api, no changes to old stuff

  llvm-12: a new package, no regression potential on it's own

  mesa: a new major release, but we'll pull the final stable release of
  21.0.x series, so there shouldn't be any regressions left at that
  point

  xserver: a new point-release, 1.20.x series is in deep maintenance
  mode, so there should be little chance of breakage

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/directx-headers/+bug/1925320/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1923880] Re: libdrm 2.4.105: Add support for Intel Jasper Lake, Alder Lake

2021-05-19 Thread Łukasz Zemczak
Hello Timo, or anyone else affected,

Accepted libdrm into hirsute-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/libdrm/2.4.105-3~21.04.1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
hirsute to verification-done-hirsute. If it does not fix the bug for
you, please add a comment stating that, and change the tag to
verification-failed-hirsute. In either case, without details of your
testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: libdrm (Ubuntu Hirsute)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-hirsute

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libdrm in Ubuntu.
https://bugs.launchpad.net/bugs/1923880

Title:
  libdrm 2.4.105: Add support for Intel Jasper Lake, Alder Lake

Status in libdrm package in Ubuntu:
  Fix Released
Status in libdrm source package in Focal:
  Fix Committed
Status in libdrm source package in Hirsute:
  Fix Committed

Bug description:
  [Impact]

  There is a new minor release available, which adds support for i915
  Jasper Lake (JSL) and Alder Lake S (ADL-S), among other things.

  With this added, JSL can boot hirsute with the native driver.

  [Test case]

  Boot on JSL/ADL hardware, check that the native drm/dri driver is used
  (mesa support is already included).

  [What could go wrong]

  The worst case would be that the native driver would not be used
  anymore with this version, but there's no chance for that.

  Two regressing commits were reverted for impish, and we'll include
  those too.

  --

  git shortlog since 2.4.104:

  6b4e956d299c6ff Bump version to 2.4.105
  1d13cc1032bf66f amdgpu: add function of INFO ioctl for querying video caps
  50c98335c7b4013 amdgpu: sync up amdgpu_drm.h with latest from kernel
  b362850689d1b00 xf86drmMode: set FB_MODIFIERS flag when modifiers are supplied
  a5a400c9581c3b9 tests/amdgpu: fix bo eviction test issue
  af871ec1a6f017b drm/tests/amdgpu: fix Metadata test failed issue
  6d821612d9a4bc4 xf86drmMode: introduce drmModeGetPropertyType
  f5abbc303361980 test/amdgpu: remove static varible in Syncobj test
  cd3681976c3bbef intel: Keep libdrm working without pread/pwrite ioctls
  52f05d3d896480e meson: use library() instead of shared_library().
  7d6a1759900ffde xf86drm: fix null pointer deref in drmGetBufInfo
  2e67fef5f6c5870 intel: Add support for JSL
  a9bb32cfe1ee87f xf86drm: cap number of reported devices by drmGetDevice(2)
  06844b6eaefb03c Revert "xf86drm: cap number of reported devices by 
drmGetDevice(2)"
  632f59fcbfc790a xf86drm: warn about GEM handle reference counting
  523b3658aa8efa7 xf86drmMode: add drmIsKMS
  1225171bd55f65d amdgpu_drm: sync up with the latest amdgpu_drm.h based on 
drm-next (https://cgit.freedesktop.org/drm/drm)
  3b6cfb20fb3b7dd intel: add INTEL_ADLS_IDS to the pciids list
  9086ff9dafa87f9 intel: sync i915_pciids.h with kernel
  869ef0e4b22b8ba amdgpu: update marketing names
  a43cac24db2876b Avoid some compiler errors for 
tests/util/pattern.c62b9a3eee9bdaaf
  8cb12a2528d795c xf86drm: cap number of reported devices by drmGetDevice(2)
  19f0a9cb878da5b tests/amdgpu/vcn: clean abundant codes
  2315bcddd643b4b tests/amdgpu: add vcn test support for dimgrey_cavefish
  10377d661a31c7a tests/amdgpu: add vcn test support for navy_flounder
  5f85a6d98baba1d tests/util: Add mxsfb-drm driver
  62b9a3eee9bdaaf meson: Also search for rst2man.py
  10dd3eb6d5ab6c1 Use dep_rt in amdgpu/meson.build

  diffstat:
   amdgpu/amdgpu-symbols.txt|1
   amdgpu/amdgpu.h  |   17 +++
   amdgpu/amdgpu_gpu_info.c |   15 ++
   amdgpu/meson.build   |4 -
   core-symbols.txt |1
   data/amdgpu.ids  |6 ++
   etnaviv/meson.build  |2
   exynos/meson.build   |2
   freedreno/meson.build|2
   include/drm/amdgpu_drm.h |   51 +++---
   intel/i915_pciids.h  |  177 
+++--
   intel/intel_bufmgr_gem.c |   96 -
   

[Touch-packages] [Bug 1664844] Re: No distinction between link-up and link-down interfaces

2021-05-18 Thread Łukasz Zemczak
** Description changed:

  [Impact]
+ 
+ Since very long, we had a feature request in netplan to determine the
+ activation mode of a given network interface. We got requests to enable
+ marking some interfaces as 'manual', meaning that networkd (or any other
+ backend) would not control its state in any way, requiring the
+ administrator to bring the interface up or down manually. The other
+ request was to mark a interface as 'off', that is: forcing the network
+ interface to always be down until the configuration option isn't
+ changed.
+ 
+ This was mainly requested for the networkd backend and requires the new
+ feature of specifying ActivationPolicy= for interfaces, alongside the
+ required netplan changes.
+ 
+ This feature is present in systemd 248 - for netplan supported stable
+ series we have decided to cherry-pick and backport this feature on top
+ of current systemd. The networkd feature basically adds the following 5
+ ActivationPolicy modes: always-down, down, manual, up, always-up. For
+ netplan purposes we only use 'always-down' and 'manual'.
+ 
+ The netplan feature, hopefully landing as part of 0.103, is called
+ 'activation-mode' and supports two values: 'manual' and 'off'.
+ 
+ [Test Case]
+ 
+ For the systemd part:
+ 
+  * Bring up a VM test environment with either a dummy interface or an 
interface that can be safely manipulated.
+  * Upgrade systemd to the -proposed version
+  * For the target interface, create/modify the networkd configuration (for 
instance by adding /etc/systemd/network/20-.network) to include the 
ActivationPolicy= setting in [Link], for instance:
+ 
+ [Match]
+ Name=dummy0
+ 
+ [Network]
+ Address=192.168.10.30/24
+ Gateway=192.168.10.1
+ 
+ [Link]
+ ActivationPolicy=manual
+ 
+  * Try all 5 combinations of ActivationPolicy values: always-down, down,
+ manual, up, always-up - doing `sudo networkctl reload` everytime and
+ checking if the interface behaves as expected.
+ 
+ [Where problems could occur]
+ 
+ The patchset modifies quite a lot of code in the networkd link handling
+ code paths, so regressions could appear in how networkd manages links -
+ maybe by suddenly certain interfaces not getting brought up as they were
+ before.
+ 
+ ---
+ 
+ 
+ [Original Description]
+ 
+ [Old Impact]
  Users need to write valid configuration, especially for new features that are 
approved by not yet implemented, such as marking a link "optional".
  
- [Test case]
+ [Old Test case]
  Write a netplan configuration:
  
  network:
-   version: 2
-   renderer: networkd
-   ethernets:
- eth0:
-   optional: yes
-   dhcp4: yes
+   version: 2
+   renderer: networkd
+   ethernets:
+ eth0:
+   optional: yes
+   dhcp4: yes
  
  And run 'netplan apply'. Netplan should write configuration for the link
  and not error out with a syntax error.
  
- [Regression potential]
+ [Old Regression potential]
  This has a minimal potential for regression: the new keyword was added to be 
supported already by consumers of netplan (users, cloud-init) so that they 
could start writing config with the new key and that configuration to be seen 
as valid by netplan before the backend is implemented. There is no functional 
change besides allowing for the value to exist in a netplan configuation.
  
  ---
  
  If I define an interface in netplan (even one which has no DHCP type and
  no addresses), it's not possible to determine if its adminStatus should
  be enabled (link up) or disabled (link down).
  
  I can completely exclude an interface from the netplan configuration,
  but I think that implies that not only its adminStatus is "disabled" by
  default, but also netplan will not be able to do anything "nice" for the
  interface, such as rename it to what the user specified in MAAS.
  
  If I include the interface but don't specify any addresses or DHCP, it
  isn't clear if it will be link up (my current assumption) or link down.
  
  There should be a way to allow an interface to be recognized by netplan
  (and even partially configured, waiting for the user to run something
  like 'ifup ' on a manual but not auto-started interface in
  ifupdown), but marked administratively disabled. (adminStatus down)

** Changed in: systemd (Ubuntu)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1664844

Title:
  No distinction between link-up and link-down interfaces

Status in MAAS:
  Triaged
Status in netplan:
  In Progress
Status in netplan.io package in Ubuntu:
  In Progress
Status in systemd package in Ubuntu:
  Fix Released
Status in netplan.io source package in Xenial:
  Won't Fix
Status in systemd source package in Xenial:
  Won't Fix
Status in netplan.io source package in Zesty:
  Won't Fix
Status in systemd source package in Zesty:
  Won't Fix
Status in netplan.io source package in Artful:
  Won't Fix
Status in 

[Touch-packages] [Bug 1927796] Re: [SRU]pam_tally2 can cause accounts to be locked by correct password. pam_faillock use is the recommended fix

2021-05-13 Thread Łukasz Zemczak
Hello Richard, or anyone else affected,

Accepted pam into bionic-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/pam/1.1.8-3.6ubuntu2.18.04.3 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
bionic to verification-done-bionic. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-bionic. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: pam (Ubuntu Bionic)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-bionic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1927796

Title:
  [SRU]pam_tally2 can cause accounts to be locked by correct password.
  pam_faillock use is the recommended fix

Status in pam package in Ubuntu:
  Fix Committed
Status in pam source package in Bionic:
  Fix Committed
Status in pam source package in Focal:
  Fix Committed
Status in pam source package in Groovy:
  Fix Committed
Status in pam source package in Hirsute:
  Fix Committed
Status in pam source package in Impish:
  Fix Committed

Bug description:
  [IMPACT]
  There is a known issue in pam_tally2 which may cause an account to be lock 
down even with correct password, in a busy node environment where simultaneous 
logins takes place (https://github.com/linux-pam/linux-pam/issues/71).

  There are already two customer cases from Canonical clients
  complaining about this behavior (00297697 and 00303806).

  Also, potentially, this will cause further problems in the future,
  since both STIG benchmarks and CIS benchmarks rely on pam_tally2 to
  lock accounts when wrong passwords are used. And both benchmarks - but
  specially STIG - requires use of a lot of audit rules, which can lead
  to the busy node environment.

  The issue impacts all pam_tally2 versions distributed in all currently
  supported Ubuntu versions and also the next unreleased one. Note that,
  according to https://github.com/linux-pam/linux-pam/issues/71, there
  is no plan to fix this issue!

  [FIX]
  This fix proposes to add pam_faillock module to the PAM package, so users of 
pam_tally2 having issues can migrate to pam_faillock. We also plan to modify 
the current STIG benchmarks to rely on pam_faillock instead of pam_tally2, but 
in order to do so, we need the pam_faillock module to be available.

  Note that we don't propose to remove pam_tally2, since not every user
  of this module is affected.

  [TEST]
  Tested on a VM installed with Focal server iso and on another with Bionic 
server iso. Enabled pam_faillock module as recommeded by its man page. Then 
tried to log over ssh with an incorrect password, until the account got locked. 
Waited for the configured grace time to unlock and logged in using the correct 
password.

  Note that, since the pam_tally2 issue is caused by a racing condition,
  with a hard to recreate environment (we could not even reproduce it
  with pam_tally2), we could not reproduce the conditions to test
  pam_faillock with.

  [REGRESSION POTENTIAL]
  The regression potential for this is small, since we're not removing the old 
pam_tally2 module, just adding another one. So anyone still using pam_tally2 
will be able to do so.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1927796/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1927796] Re: [SRU]pam_tally2 can cause accounts to be locked by correct password. pam_faillock use is the recommended fix

2021-05-13 Thread Łukasz Zemczak
Hello Richard, or anyone else affected,

Accepted pam into groovy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/pam/1.3.1-5ubuntu6.20.10.1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
groovy to verification-done-groovy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-groovy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: pam (Ubuntu Groovy)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-groovy

** Changed in: pam (Ubuntu Focal)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1927796

Title:
  [SRU]pam_tally2 can cause accounts to be locked by correct password.
  pam_faillock use is the recommended fix

Status in pam package in Ubuntu:
  Fix Committed
Status in pam source package in Bionic:
  In Progress
Status in pam source package in Focal:
  Fix Committed
Status in pam source package in Groovy:
  Fix Committed
Status in pam source package in Hirsute:
  Fix Committed
Status in pam source package in Impish:
  Fix Committed

Bug description:
  [IMPACT]
  There is a known issue in pam_tally2 which may cause an account to be lock 
down even with correct password, in a busy node environment where simultaneous 
logins takes place (https://github.com/linux-pam/linux-pam/issues/71).

  There are already two customer cases from Canonical clients
  complaining about this behavior (00297697 and 00303806).

  Also, potentially, this will cause further problems in the future,
  since both STIG benchmarks and CIS benchmarks rely on pam_tally2 to
  lock accounts when wrong passwords are used. And both benchmarks - but
  specially STIG - requires use of a lot of audit rules, which can lead
  to the busy node environment.

  The issue impacts all pam_tally2 versions distributed in all currently
  supported Ubuntu versions and also the next unreleased one. Note that,
  according to https://github.com/linux-pam/linux-pam/issues/71, there
  is no plan to fix this issue!

  [FIX]
  This fix proposes to add pam_faillock module to the PAM package, so users of 
pam_tally2 having issues can migrate to pam_faillock. We also plan to modify 
the current STIG benchmarks to rely on pam_faillock instead of pam_tally2, but 
in order to do so, we need the pam_faillock module to be available.

  Note that we don't propose to remove pam_tally2, since not every user
  of this module is affected.

  [TEST]
  Tested on a VM installed with Focal server iso and on another with Bionic 
server iso. Enabled pam_faillock module as recommeded by its man page. Then 
tried to log over ssh with an incorrect password, until the account got locked. 
Waited for the configured grace time to unlock and logged in using the correct 
password.

  Note that, since the pam_tally2 issue is caused by a racing condition,
  with a hard to recreate environment (we could not even reproduce it
  with pam_tally2), we could not reproduce the conditions to test
  pam_faillock with.

  [REGRESSION POTENTIAL]
  The regression potential for this is small, since we're not removing the old 
pam_tally2 module, just adding another one. So anyone still using pam_tally2 
will be able to do so.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1927796/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1927796] Please test proposed package

2021-05-13 Thread Łukasz Zemczak
Hello Richard, or anyone else affected,

Accepted pam into focal-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/pam/1.3.1-5ubuntu4.2
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1927796

Title:
  [SRU]pam_tally2 can cause accounts to be locked by correct password.
  pam_faillock use is the recommended fix

Status in pam package in Ubuntu:
  Fix Committed
Status in pam source package in Bionic:
  In Progress
Status in pam source package in Focal:
  Fix Committed
Status in pam source package in Groovy:
  Fix Committed
Status in pam source package in Hirsute:
  Fix Committed
Status in pam source package in Impish:
  Fix Committed

Bug description:
  [IMPACT]
  There is a known issue in pam_tally2 which may cause an account to be lock 
down even with correct password, in a busy node environment where simultaneous 
logins takes place (https://github.com/linux-pam/linux-pam/issues/71).

  There are already two customer cases from Canonical clients
  complaining about this behavior (00297697 and 00303806).

  Also, potentially, this will cause further problems in the future,
  since both STIG benchmarks and CIS benchmarks rely on pam_tally2 to
  lock accounts when wrong passwords are used. And both benchmarks - but
  specially STIG - requires use of a lot of audit rules, which can lead
  to the busy node environment.

  The issue impacts all pam_tally2 versions distributed in all currently
  supported Ubuntu versions and also the next unreleased one. Note that,
  according to https://github.com/linux-pam/linux-pam/issues/71, there
  is no plan to fix this issue!

  [FIX]
  This fix proposes to add pam_faillock module to the PAM package, so users of 
pam_tally2 having issues can migrate to pam_faillock. We also plan to modify 
the current STIG benchmarks to rely on pam_faillock instead of pam_tally2, but 
in order to do so, we need the pam_faillock module to be available.

  Note that we don't propose to remove pam_tally2, since not every user
  of this module is affected.

  [TEST]
  Tested on a VM installed with Focal server iso and on another with Bionic 
server iso. Enabled pam_faillock module as recommeded by its man page. Then 
tried to log over ssh with an incorrect password, until the account got locked. 
Waited for the configured grace time to unlock and logged in using the correct 
password.

  Note that, since the pam_tally2 issue is caused by a racing condition,
  with a hard to recreate environment (we could not even reproduce it
  with pam_tally2), we could not reproduce the conditions to test
  pam_faillock with.

  [REGRESSION POTENTIAL]
  The regression potential for this is small, since we're not removing the old 
pam_tally2 module, just adding another one. So anyone still using pam_tally2 
will be able to do so.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1927796/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1927796] Re: [SRU]pam_tally2 can cause accounts to be locked by correct password. pam_faillock use is the recommended fix

2021-05-13 Thread Łukasz Zemczak
Ok, so this adds quite a big piece of new code, so normally I would be a
bit worried about the maintainability of this. Seeing that Marc is the
sponsor here, I will quietly assume that the maintainability of the new
functionality is fine from the security team's POV and that this will
not be an additional burden.

** Changed in: pam (Ubuntu Hirsute)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-hirsute

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1927796

Title:
  [SRU]pam_tally2 can cause accounts to be locked by correct password.
  pam_faillock use is the recommended fix

Status in pam package in Ubuntu:
  Fix Committed
Status in pam source package in Bionic:
  In Progress
Status in pam source package in Focal:
  In Progress
Status in pam source package in Groovy:
  In Progress
Status in pam source package in Hirsute:
  Fix Committed
Status in pam source package in Impish:
  Fix Committed

Bug description:
  [IMPACT]
  There is a known issue in pam_tally2 which may cause an account to be lock 
down even with correct password, in a busy node environment where simultaneous 
logins takes place (https://github.com/linux-pam/linux-pam/issues/71).

  There are already two customer cases from Canonical clients
  complaining about this behavior (00297697 and 00303806).

  Also, potentially, this will cause further problems in the future,
  since both STIG benchmarks and CIS benchmarks rely on pam_tally2 to
  lock accounts when wrong passwords are used. And both benchmarks - but
  specially STIG - requires use of a lot of audit rules, which can lead
  to the busy node environment.

  The issue impacts all pam_tally2 versions distributed in all currently
  supported Ubuntu versions and also the next unreleased one. Note that,
  according to https://github.com/linux-pam/linux-pam/issues/71, there
  is no plan to fix this issue!

  [FIX]
  This fix proposes to add pam_faillock module to the PAM package, so users of 
pam_tally2 having issues can migrate to pam_faillock. We also plan to modify 
the current STIG benchmarks to rely on pam_faillock instead of pam_tally2, but 
in order to do so, we need the pam_faillock module to be available.

  Note that we don't propose to remove pam_tally2, since not every user
  of this module is affected.

  [TEST]
  Tested on a VM installed with Focal server iso and on another with Bionic 
server iso. Enabled pam_faillock module as recommeded by its man page. Then 
tried to log over ssh with an incorrect password, until the account got locked. 
Waited for the configured grace time to unlock and logged in using the correct 
password.

  Note that, since the pam_tally2 issue is caused by a racing condition,
  with a hard to recreate environment (we could not even reproduce it
  with pam_tally2), we could not reproduce the conditions to test
  pam_faillock with.

  [REGRESSION POTENTIAL]
  The regression potential for this is small, since we're not removing the old 
pam_tally2 module, just adding another one. So anyone still using pam_tally2 
will be able to do so.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1927796/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1927796] Please test proposed package

2021-05-13 Thread Łukasz Zemczak
Hello Richard, or anyone else affected,

Accepted pam into hirsute-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/pam/1.3.1-5ubuntu6.21.04.1 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
hirsute to verification-done-hirsute. If it does not fix the bug for
you, please add a comment stating that, and change the tag to
verification-failed-hirsute. In either case, without details of your
testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/1927796

Title:
  [SRU]pam_tally2 can cause accounts to be locked by correct password.
  pam_faillock use is the recommended fix

Status in pam package in Ubuntu:
  Fix Committed
Status in pam source package in Bionic:
  In Progress
Status in pam source package in Focal:
  In Progress
Status in pam source package in Groovy:
  In Progress
Status in pam source package in Hirsute:
  Fix Committed
Status in pam source package in Impish:
  Fix Committed

Bug description:
  [IMPACT]
  There is a known issue in pam_tally2 which may cause an account to be lock 
down even with correct password, in a busy node environment where simultaneous 
logins takes place (https://github.com/linux-pam/linux-pam/issues/71).

  There are already two customer cases from Canonical clients
  complaining about this behavior (00297697 and 00303806).

  Also, potentially, this will cause further problems in the future,
  since both STIG benchmarks and CIS benchmarks rely on pam_tally2 to
  lock accounts when wrong passwords are used. And both benchmarks - but
  specially STIG - requires use of a lot of audit rules, which can lead
  to the busy node environment.

  The issue impacts all pam_tally2 versions distributed in all currently
  supported Ubuntu versions and also the next unreleased one. Note that,
  according to https://github.com/linux-pam/linux-pam/issues/71, there
  is no plan to fix this issue!

  [FIX]
  This fix proposes to add pam_faillock module to the PAM package, so users of 
pam_tally2 having issues can migrate to pam_faillock. We also plan to modify 
the current STIG benchmarks to rely on pam_faillock instead of pam_tally2, but 
in order to do so, we need the pam_faillock module to be available.

  Note that we don't propose to remove pam_tally2, since not every user
  of this module is affected.

  [TEST]
  Tested on a VM installed with Focal server iso and on another with Bionic 
server iso. Enabled pam_faillock module as recommeded by its man page. Then 
tried to log over ssh with an incorrect password, until the account got locked. 
Waited for the configured grace time to unlock and logged in using the correct 
password.

  Note that, since the pam_tally2 issue is caused by a racing condition,
  with a hard to recreate environment (we could not even reproduce it
  with pam_tally2), we could not reproduce the conditions to test
  pam_faillock with.

  [REGRESSION POTENTIAL]
  The regression potential for this is small, since we're not removing the old 
pam_tally2 module, just adding another one. So anyone still using pam_tally2 
will be able to do so.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1927796/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-10 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted iptables-netflow into focal-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/iptables-
netflow/2.4-2ubuntu0.4 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing networking for them.

  Should dkms modules SRUs always getting published into 

[Touch-packages] [Bug 1926437] Re: [SRU] Backport zstd support, fix bug in python-apt

2021-05-10 Thread Łukasz Zemczak
Hello Julian, or anyone else affected,

Accepted python-apt into focal-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/python-
apt/2.0.0ubuntu0.20.04.5 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: python-apt (Ubuntu Focal)
   Status: New => Fix Committed

** Tags added: verification-needed-focal

** Changed in: python-apt (Ubuntu Bionic)
   Status: New => Fix Committed

** Tags added: verification-needed-bionic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1926437

Title:
  [SRU] Backport zstd support, fix bug in python-apt

Status in apt package in Ubuntu:
  Fix Released
Status in python-apt package in Ubuntu:
  New
Status in apt source package in Xenial:
  Fix Released
Status in python-apt source package in Xenial:
  Fix Committed
Status in python-apt source package in Bionic:
  Fix Committed
Status in python-apt source package in Focal:
  Fix Committed
Status in python-apt source package in Groovy:
  Fix Committed
Status in python-apt source package in Hirsute:
  Fix Committed
Status in python-apt source package in Impish:
  New

Bug description:
  [Impact]
  APT in xenial needs to learn about zstd support to enable Launchpad to work 
with zstd packages.

  python-apt in all releases needs to be adjusted to pass the compressor
  names instead of programs to ExtractTar, as otherwise, if
  /usr/bin/zstd does not exist, it will pass "false" as the compressor,
  and then ExtractTar fails (same for other compressors).

  On hirsute, the python-apt upload also includes some new  
annotations for build-dependencies, as it's a straight upload of the 2.2
  stable series.

  [Test plan]
  The apt regression tests cover the compression methods extensively, including 
even stored compressed lists in /var/lib/apt and fetching Packages files 
compressed with such methods, for all compression methods.

  The final test is to make apt_inst.DebFile("glibc-doc-
  reference_2.33-0ubuntu2~zstd1_all.deb").control.extractall() from
  1923845 work in python3-apt.

  For hirsute, the build dependency changes will verify themselves
  during the build ;)

  [Where problems could occur]

  APT:

  The changes to APT are adding the zstd compression backend to FileFd
  and then linking it into the configuration. The former is adding new
  code, triggered only on zstd files, and should not be able to cause
  regressions.

  The latter is a bunch of small lines here and there, and it caused
  issues during backporting in the test suite because it expected
  compressors in a specific order. However, chances are that nothing
  else has as stringent requirements as the test suite, so I don't
  believe that is a problem for existing users.

  Bugs can of course be in the code dealing with zstd, and that might
  open you up to security vulnerabilities in the zstd code if you pass
  APT zstd compressed files.

  A regression can be if clients used apt-helper cat-file to cat a zstd-
  compressed file ending in .zst - they'll now get uncompressed content,
  rather than compressed.

  python-apt:

  The change just replaces Binary with Name, aligning the code with APT
  itself, so it's so trivial, we don't expect regressions.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1926437/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1926437] Please test proposed package

2021-05-10 Thread Łukasz Zemczak
Hello Julian, or anyone else affected,

Accepted python-apt into bionic-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/python-
apt/1.6.5ubuntu0.6 in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
bionic to verification-done-bionic. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-bionic. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1926437

Title:
  [SRU] Backport zstd support, fix bug in python-apt

Status in apt package in Ubuntu:
  Fix Released
Status in python-apt package in Ubuntu:
  New
Status in apt source package in Xenial:
  Fix Released
Status in python-apt source package in Xenial:
  Fix Committed
Status in python-apt source package in Bionic:
  Fix Committed
Status in python-apt source package in Focal:
  Fix Committed
Status in python-apt source package in Groovy:
  Fix Committed
Status in python-apt source package in Hirsute:
  Fix Committed
Status in python-apt source package in Impish:
  New

Bug description:
  [Impact]
  APT in xenial needs to learn about zstd support to enable Launchpad to work 
with zstd packages.

  python-apt in all releases needs to be adjusted to pass the compressor
  names instead of programs to ExtractTar, as otherwise, if
  /usr/bin/zstd does not exist, it will pass "false" as the compressor,
  and then ExtractTar fails (same for other compressors).

  On hirsute, the python-apt upload also includes some new  
annotations for build-dependencies, as it's a straight upload of the 2.2
  stable series.

  [Test plan]
  The apt regression tests cover the compression methods extensively, including 
even stored compressed lists in /var/lib/apt and fetching Packages files 
compressed with such methods, for all compression methods.

  The final test is to make apt_inst.DebFile("glibc-doc-
  reference_2.33-0ubuntu2~zstd1_all.deb").control.extractall() from
  1923845 work in python3-apt.

  For hirsute, the build dependency changes will verify themselves
  during the build ;)

  [Where problems could occur]

  APT:

  The changes to APT are adding the zstd compression backend to FileFd
  and then linking it into the configuration. The former is adding new
  code, triggered only on zstd files, and should not be able to cause
  regressions.

  The latter is a bunch of small lines here and there, and it caused
  issues during backporting in the test suite because it expected
  compressors in a specific order. However, chances are that nothing
  else has as stringent requirements as the test suite, so I don't
  believe that is a problem for existing users.

  Bugs can of course be in the code dealing with zstd, and that might
  open you up to security vulnerabilities in the zstd code if you pass
  APT zstd compressed files.

  A regression can be if clients used apt-helper cat-file to cat a zstd-
  compressed file ending in .zst - they'll now get uncompressed content,
  rather than compressed.

  python-apt:

  The change just replaces Binary with Name, aligning the code with APT
  itself, so it's so trivial, we don't expect regressions.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1926437/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1926437] Re: [SRU] Backport zstd support, fix bug in python-apt

2021-05-10 Thread Łukasz Zemczak
Hello Julian, or anyone else affected,

Accepted python-apt into groovy-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/python-
apt/2.1.3ubuntu1.4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
groovy to verification-done-groovy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-groovy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: python-apt (Ubuntu Groovy)
   Status: New => Fix Committed

** Tags added: verification-needed-groovy

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1926437

Title:
  [SRU] Backport zstd support, fix bug in python-apt

Status in apt package in Ubuntu:
  Fix Released
Status in python-apt package in Ubuntu:
  New
Status in apt source package in Xenial:
  Fix Released
Status in python-apt source package in Xenial:
  Fix Committed
Status in python-apt source package in Bionic:
  New
Status in python-apt source package in Focal:
  New
Status in python-apt source package in Groovy:
  Fix Committed
Status in python-apt source package in Hirsute:
  Fix Committed
Status in python-apt source package in Impish:
  New

Bug description:
  [Impact]
  APT in xenial needs to learn about zstd support to enable Launchpad to work 
with zstd packages.

  python-apt in all releases needs to be adjusted to pass the compressor
  names instead of programs to ExtractTar, as otherwise, if
  /usr/bin/zstd does not exist, it will pass "false" as the compressor,
  and then ExtractTar fails (same for other compressors).

  On hirsute, the python-apt upload also includes some new  
annotations for build-dependencies, as it's a straight upload of the 2.2
  stable series.

  [Test plan]
  The apt regression tests cover the compression methods extensively, including 
even stored compressed lists in /var/lib/apt and fetching Packages files 
compressed with such methods, for all compression methods.

  The final test is to make apt_inst.DebFile("glibc-doc-
  reference_2.33-0ubuntu2~zstd1_all.deb").control.extractall() from
  1923845 work in python3-apt.

  For hirsute, the build dependency changes will verify themselves
  during the build ;)

  [Where problems could occur]

  APT:

  The changes to APT are adding the zstd compression backend to FileFd
  and then linking it into the configuration. The former is adding new
  code, triggered only on zstd files, and should not be able to cause
  regressions.

  The latter is a bunch of small lines here and there, and it caused
  issues during backporting in the test suite because it expected
  compressors in a specific order. However, chances are that nothing
  else has as stringent requirements as the test suite, so I don't
  believe that is a problem for existing users.

  Bugs can of course be in the code dealing with zstd, and that might
  open you up to security vulnerabilities in the zstd code if you pass
  APT zstd compressed files.

  A regression can be if clients used apt-helper cat-file to cat a zstd-
  compressed file ending in .zst - they'll now get uncompressed content,
  rather than compressed.

  python-apt:

  The change just replaces Binary with Name, aligning the code with APT
  itself, so it's so trivial, we don't expect regressions.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1926437/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1926437] Re: [SRU] Backport zstd support, fix bug in python-apt

2021-05-10 Thread Łukasz Zemczak
Hello Julian, or anyone else affected,

Accepted python-apt into hirsute-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/python-
apt/2.2.0~ubuntu0.21.04.1 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
hirsute to verification-done-hirsute. If it does not fix the bug for
you, please add a comment stating that, and change the tag to
verification-failed-hirsute. In either case, without details of your
testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: python-apt (Ubuntu Hirsute)
   Status: New => Fix Committed

** Tags removed: verification-done
** Tags added: verification-needed verification-needed-hirsute

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1926437

Title:
  [SRU] Backport zstd support, fix bug in python-apt

Status in apt package in Ubuntu:
  Fix Released
Status in python-apt package in Ubuntu:
  New
Status in apt source package in Xenial:
  Fix Released
Status in python-apt source package in Xenial:
  Fix Committed
Status in python-apt source package in Bionic:
  New
Status in python-apt source package in Focal:
  New
Status in python-apt source package in Groovy:
  New
Status in python-apt source package in Hirsute:
  Fix Committed
Status in python-apt source package in Impish:
  New

Bug description:
  [Impact]
  APT in xenial needs to learn about zstd support to enable Launchpad to work 
with zstd packages.

  python-apt in all releases needs to be adjusted to pass the compressor
  names instead of programs to ExtractTar, as otherwise, if
  /usr/bin/zstd does not exist, it will pass "false" as the compressor,
  and then ExtractTar fails (same for other compressors).

  On hirsute, the python-apt upload also includes some new  
annotations for build-dependencies, as it's a straight upload of the 2.2
  stable series.

  [Test plan]
  The apt regression tests cover the compression methods extensively, including 
even stored compressed lists in /var/lib/apt and fetching Packages files 
compressed with such methods, for all compression methods.

  The final test is to make apt_inst.DebFile("glibc-doc-
  reference_2.33-0ubuntu2~zstd1_all.deb").control.extractall() from
  1923845 work in python3-apt.

  For hirsute, the build dependency changes will verify themselves
  during the build ;)

  [Where problems could occur]

  APT:

  The changes to APT are adding the zstd compression backend to FileFd
  and then linking it into the configuration. The former is adding new
  code, triggered only on zstd files, and should not be able to cause
  regressions.

  The latter is a bunch of small lines here and there, and it caused
  issues during backporting in the test suite because it expected
  compressors in a specific order. However, chances are that nothing
  else has as stringent requirements as the test suite, so I don't
  believe that is a problem for existing users.

  Bugs can of course be in the code dealing with zstd, and that might
  open you up to security vulnerabilities in the zstd code if you pass
  APT zstd compressed files.

  A regression can be if clients used apt-helper cat-file to cat a zstd-
  compressed file ending in .zst - they'll now get uncompressed content,
  rather than compressed.

  python-apt:

  The change just replaces Binary with Name, aligning the code with APT
  itself, so it's so trivial, we don't expect regressions.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1926437/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1926437] Re: [SRU] Backport zstd support, fix bug in python-apt

2021-05-10 Thread Łukasz Zemczak
Weirdly there was no acceptance comment regarding python-apt for xenial,
but I confirm that the package has been accepted into xenial-proposed 10
days ago. Let's adjust the status.

Julian, what about the failing autopkgtests for python-apt? Did you have
a moment to take a look at those?

** Changed in: python-apt (Ubuntu Xenial)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1926437

Title:
  [SRU] Backport zstd support, fix bug in python-apt

Status in apt package in Ubuntu:
  Fix Released
Status in python-apt package in Ubuntu:
  New
Status in apt source package in Xenial:
  Fix Released
Status in python-apt source package in Xenial:
  Fix Committed
Status in python-apt source package in Bionic:
  New
Status in python-apt source package in Focal:
  New
Status in python-apt source package in Groovy:
  New
Status in python-apt source package in Hirsute:
  Fix Committed
Status in python-apt source package in Impish:
  New

Bug description:
  [Impact]
  APT in xenial needs to learn about zstd support to enable Launchpad to work 
with zstd packages.

  python-apt in all releases needs to be adjusted to pass the compressor
  names instead of programs to ExtractTar, as otherwise, if
  /usr/bin/zstd does not exist, it will pass "false" as the compressor,
  and then ExtractTar fails (same for other compressors).

  On hirsute, the python-apt upload also includes some new  
annotations for build-dependencies, as it's a straight upload of the 2.2
  stable series.

  [Test plan]
  The apt regression tests cover the compression methods extensively, including 
even stored compressed lists in /var/lib/apt and fetching Packages files 
compressed with such methods, for all compression methods.

  The final test is to make apt_inst.DebFile("glibc-doc-
  reference_2.33-0ubuntu2~zstd1_all.deb").control.extractall() from
  1923845 work in python3-apt.

  For hirsute, the build dependency changes will verify themselves
  during the build ;)

  [Where problems could occur]

  APT:

  The changes to APT are adding the zstd compression backend to FileFd
  and then linking it into the configuration. The former is adding new
  code, triggered only on zstd files, and should not be able to cause
  regressions.

  The latter is a bunch of small lines here and there, and it caused
  issues during backporting in the test suite because it expected
  compressors in a specific order. However, chances are that nothing
  else has as stringent requirements as the test suite, so I don't
  believe that is a problem for existing users.

  Bugs can of course be in the code dealing with zstd, and that might
  open you up to security vulnerabilities in the zstd code if you pass
  APT zstd compressed files.

  A regression can be if clients used apt-helper cat-file to cat a zstd-
  compressed file ending in .zst - they'll now get uncompressed content,
  rather than compressed.

  python-apt:

  The change just replaces Binary with Name, aligning the code with APT
  itself, so it's so trivial, we don't expect regressions.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1926437/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted liblzf into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/liblzf/3.6-2~ubuntu1.20.04.2 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: lime-forensics (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing networking for 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted bcmwl into focal-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/bcmwl/6.30.223.271
+bdcom-0ubuntu7~20.04.2 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: dahdi-linux (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing 

[Touch-packages] [Bug 1923115] Re: Networkd vs udev nic renaming race condition

2021-05-07 Thread Łukasz Zemczak
...as for the autopkgtest failures being marked as failed even thought
they passed, it seems britney wasn't running for bionic since the 27th
of April! It was not caused by any changes or anything, it simply wasn't
running - after digging deeper it seems that there was a stale lockfile
that prevented it from running. I have cleared it and hopefully things
should be working normally now.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1923115

Title:
  Networkd vs udev nic renaming race condition

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Bionic:
  Fix Released
Status in systemd source package in Focal:
  Fix Released

Bug description:
  [Impact]

  systemd-networkd renames nic just after udev renamed it

  e.g

  kernel: [ 2.827368] vmxnet3 :0b:00.0 ens192: renamed from eth0
  kernel: [ 7.562729] vmxnet3 :0b:00.0 eth0: renamed from ens192
  systemd-networkd[511]: ens192: Interface name change detected, ens192 has 
been renamed to eth0.

  This cause netplan or the other network management pkg can't find
  proper nic sometimes.

  This happens on Bionic

  Below commit seems to solve this issue.
  
https://github.com/systemd/systemd/pull/11881/commits/30de2b89d125a8692c22579ef805b03f2054b30b

  There are bunch of related commits but above one the customer tested
  it worked.

  [Test Plan]

  The customer has issue and they could help us to test this.
  Internally they already test this and it worked.

  Please refer to github issue's reproduction step as well.
  https://github.com/systemd/systemd/issues/7293#issue-272917058
  where the test plan is described as:
  "Reboot a couple of times. Sometimes the interface is renamed correctly. 
Sometimes it is not."

  [Where problems could occur]

  systemd-networkd should be restarted for this patch. systemd-networkd
  nic renaming could have issue. renaming may not be happening
  unexpectedly. e.g doesn't rename it properly or rename it when it
  should do.

  [Others]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1923115/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1923841] Update Released

2021-05-07 Thread Łukasz Zemczak
The verification of the Stable Release Update for alsa-utils has
completed successfully and the package is now being released to
-updates.  Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to alsa-utils in Ubuntu.
https://bugs.launchpad.net/bugs/1923841

Title:
  [SRU] Increase recording quality

Status in HWE Next:
  New
Status in alsa-utils package in Ubuntu:
  Fix Released
Status in alsa-utils source package in Focal:
  Fix Released

Bug description:
  [Impact]
  Audio gets recorded by "arecord" has really bad sound quality when the volume 
is low.

  [Fix]
  https://github.com/alsa-project/alsa-utils/pull/69
  Switch the default audio format from 8 bits to 16 bits if hardware supports 
it.

  [Test]
  1. Plug a microphone.
  2. Run `arecord | aplay` and say something to the microphone.
  3. Only noise can be heard.

  With the fix applied, the recording is clear.

  [Where problems could occur]
  If there's any hardware falsely advertised to support 16 bits, this change 
will break them.
  However, this is effectively using `arecord -f cd` or `arecord -f cdr`, so 
that's not likely.

To manage notifications about this bug go to:
https://bugs.launchpad.net/hwe-next/+bug/1923841/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1921452] Update Released

2021-05-07 Thread Łukasz Zemczak
The verification of the Stable Release Update for alsa-lib has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to alsa-lib in Ubuntu.
https://bugs.launchpad.net/bugs/1921452

Title:
  [SRU] alsa-lib: conf: USB - add "Cmedia Audio" to USB-
  Audio.pcm.iec958_device

Status in OEM Priority Project:
  Fix Released
Status in alsa-lib package in Ubuntu:
  Fix Released
Status in alsa-lib source package in Focal:
  Fix Committed
Status in alsa-lib source package in Groovy:
  Fix Released
Status in alsa-lib source package in Hirsute:
  Fix Released

Bug description:
  [Impact]
  On Cmedia Audio, unusable SPDIF can be selected as output from PulseAudio.

  [Fix]
  Disable IEC958 (SPDIF) through ALSA UCM.

  [Test]
  With the UCM applied, `pactl` and audio panel in gnome-control-center no 
longer have SPDIF option.

  [Where problems will occur]
  "Cmedia Audio" is the sound card name of this usb audio dongle, and this 
string is got from usb string descriptor, that is to say the "Cmedia Audio" is 
hard-coded in the firmware of that usb dongle.
  Not all Cmedia usb audio dongle use "Cmedia Audio", most of the dongles don't 
set string descriptor, then the audio driver sets a generic name "USB Audio 
Device" for them, if a dongle has string descriptor, it may have different 
string like "C-Media USB Headphone Set", and all dongles I met before don't 
have SPDIF interface.
  So If this SRU could introduce regression, it will happen on a Cmedia usb 
audio dongle which also hard-codes the "Cmedia Audio" in the string descriptor 
and it has SPDIF interface on it, after this SRU, users couldn't find the SPDIF 
playback device from the gnome-sound-setting. But this regression chance is 
very low since it is very rare a cmedia usb audio dongle uses "Cmedia Audio" in 
the string descriptor and it is very rare a usb audio dongle has SPDIF 
interface. So far we haven't met such a cmedia usb audio dongle.

To manage notifications about this bug go to:
https://bugs.launchpad.net/oem-priority/+bug/1921452/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1923115] Update Released

2021-05-07 Thread Łukasz Zemczak
The verification of the Stable Release Update for systemd has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1923115

Title:
  Networkd vs udev nic renaming race condition

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Bionic:
  Fix Released
Status in systemd source package in Focal:
  Fix Released

Bug description:
  [Impact]

  systemd-networkd renames nic just after udev renamed it

  e.g

  kernel: [ 2.827368] vmxnet3 :0b:00.0 ens192: renamed from eth0
  kernel: [ 7.562729] vmxnet3 :0b:00.0 eth0: renamed from ens192
  systemd-networkd[511]: ens192: Interface name change detected, ens192 has 
been renamed to eth0.

  This cause netplan or the other network management pkg can't find
  proper nic sometimes.

  This happens on Bionic

  Below commit seems to solve this issue.
  
https://github.com/systemd/systemd/pull/11881/commits/30de2b89d125a8692c22579ef805b03f2054b30b

  There are bunch of related commits but above one the customer tested
  it worked.

  [Test Plan]

  The customer has issue and they could help us to test this.
  Internally they already test this and it worked.

  Please refer to github issue's reproduction step as well.
  https://github.com/systemd/systemd/issues/7293#issue-272917058
  where the test plan is described as:
  "Reboot a couple of times. Sometimes the interface is renamed correctly. 
Sometimes it is not."

  [Where problems could occur]

  systemd-networkd should be restarted for this patch. systemd-networkd
  nic renaming could have issue. renaming may not be happening
  unexpectedly. e.g doesn't rename it properly or rename it when it
  should do.

  [Others]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1923115/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1922937] Update Released

2021-05-07 Thread Łukasz Zemczak
The verification of the Stable Release Update for apport has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1922937

Title:
  reading casper-md5check.json fails

Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Focal:
  Fix Released
Status in apport source package in Groovy:
  Fix Released
Status in apport source package in Hirsute:
  Fix Released

Bug description:
  [Impact]
  Bugs reported by apport are not including information about the results of 
the md5 check of the installation media used. Additionally, users are presented 
with a traceback regarding the ubuntu hook which is used with all bug reports.

  [Test Case]
  1) Boot an Ubuntu 20.04 LTS or Ubuntu 20.10 install
  2) Create the file /var/log/installer/casper-md5check.json with mode 0600.
  3) Run 'ubuntu-bug coreutils'

  *** Collecting problem information

  The collected information can be sent to the developers to improve the
  application. This might take a few minutes.
  ..ERROR: hook /usr/share/apport/general-hooks/ubuntu.py crashed:
  Traceback (most recent call last):
    File "/usr/lib/python3/dist-packages/apport/report.py", line 228, in 
_run_hook
  symb['add_info'](report, ui)
    File "/usr/share/apport/general-hooks/ubuntu.py", line 84, in add_info
  apport.hookutils.attach_casper_md5check(report,
    File "/usr/lib/python3/dist-packages/apport/hookutils.py", line 995, in 
attach_casper_md5check
  with open(location) as json_file:
  PermissionError: [Errno 13] Permission denied: 
'/var/log/installer/casper-md5check.json'

  [Where problems could occur]
  We are switching to reading the file with attach_root_command_outputs which 
is a well tested function in apport so the only problem would be a result of 
the new code being added. This works well in Hirsute so there is little chance 
of their being an error.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1922937/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1920837] Update Released

2021-05-07 Thread Łukasz Zemczak
The verification of the Stable Release Update for apport has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1920837

Title:
  apport bugs from official raspi or riscv images are not identified

Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Focal:
  Fix Released
Status in apport source package in Groovy:
  Fix Released

Bug description:
  It would be helpful if bugs reported from images for Raspberry Pi's or
  RISCV systems were tagged so that one could search for bugs from
  systems running those images e.g. 'raspi-image'.

  [Test Case]
  After installing a preinstalled image of Ubuntu for Raspberry Pi do the 
following:
  1) run 'ubuntu-bug apport'
  2) view the bug report and check the Tags field

  With the current version of apport you will not see the tag 'raspi-image'.
  With the version of apport in -proposed you will see the tag 'raspi-image'.

  [Where problems could occur]
  If the code being added is syntactically incorrect then we'd see a Traceback 
which would be bad as it could affect all bug / crash reports.

  [Other Info]
  Since there aren't any Groovy images for RISC-V there will be nothing to test 
there.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1920837/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1821415] Update Released

2021-05-07 Thread Łukasz Zemczak
The verification of the Stable Release Update for apport has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1821415

Title:
  pkexec fails in a non-graphical environment

Status in PolicyKit:
  New
Status in apport package in Ubuntu:
  Fix Released
Status in policykit-1 package in Ubuntu:
  Won't Fix
Status in apport source package in Focal:
  Fix Released
Status in policykit-1 source package in Focal:
  Won't Fix
Status in apport source package in Groovy:
  Fix Released
Status in policykit-1 source package in Groovy:
  Won't Fix

Bug description:
  [Impact]
  The plymouth apport source package hooks wants to gather log files as the 
root user and apport provides a policy kit policy for collecting that 
information. This works fine in a graphical environment but not in a 
non-graphical one.

  [Test Case]
  1) ssh into an Ubuntu Desktop install of Ubuntu 20.04 LTS or Ubuntu 20.10
  2) sudo touch /var/log/plymouth-debug.log
  3) ubuntu@disco:~$ ubuntu-bug plymouth

  *** Collecting problem information

  The collected information can be sent to the developers to improve the
  application. This might take a few minutes.
  .. AUTHENTICATING FOR com.ubuntu.apport.root-info ===
  Authentication is required to collect system information for this problem 
report
  Authenticating as: Ubuntu (ubuntu)
  Password: 
  polkit-agent-helper-1: error response to PolicyKit daemon: 
GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: No session for cookie
   AUTHENTICATION FAILED ===
  Error executing command as another user: Not authorized

  This incident has been reported.

  With the version of apport from -proposed you will not see the
  "AUTHENTICATION FAILED" error and the plymouth-debug.log file will be
  collected.

  [Where Problems Could Occur]
  It's possible that the spawned pkttyagent process does not get cleaned up 
properly and could be left running. When testing the SRU we should confirm it 
is not still running.

To manage notifications about this bug go to:
https://bugs.launchpad.net/policykit-1/+bug/1821415/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1921655] Update Released

2021-05-07 Thread Łukasz Zemczak
The verification of the Stable Release Update for lightdm has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lightdm in Ubuntu.
https://bugs.launchpad.net/bugs/1921655

Title:
  lightdm-guest-session ICEauthority error

Status in Ubuntu MATE:
  New
Status in lightdm package in Ubuntu:
  Fix Released
Status in lightdm source package in Focal:
  Fix Committed
Status in lightdm source package in Groovy:
  Fix Released
Status in lightdm source package in Hirsute:
  Fix Released

Bug description:
  [Impact]

  If you enable the guest session feature on e.g. Ubuntu MATE, you are
  met by an error message when trying to enter a guest session:

  "Could not update file ICEauthority file /run/user/XXX/ICEauthority"

  Even if it's not always a fatal error (the login may succeed after a
  few minutes), the user experience is really bad, and you are inclined
  to conclude that you are completely blocked from using the feature.

  The proposed fix adds a rule to the lightdm-guest-session AppArmor
  profile and prevents the error from happening.

  [Test Plan]

  On an updated Ubuntu MATE installation:

  * Enable guest session

sudo sh -c 'printf "[Seat:*]\nallow-guest=true\n"
  >/etc/lightdm/lightdm.conf.d/50-enable-guest.conf'

  * Install lightdm from {focal,groovy}-proposed

  * Reboot

  You should now be able to enter a guest session without being stopped
  by the ICEauthority error.

  [Where problems could occur]

  This one-liner is a harmless change.

  The guest session is run in an unconfined mode since Ubuntu 16.10.
  That's why the feature is disabled by default.

  So if the additional rule would be wrong somehow (which I have no
  reason to believe), it wouldn't break the AppArmor security layer for
  the simple reason that it's already broken to begin with.

  [Original description]

  Hello I ran into trouble to start the lightdm-guest-session in linux
  mint (cinnamon).

  ## How to reproduce:
   - boot linux mint (20.02) or ubuntu mate (20.04) I haven't tested other 
distros but I think others are also affected.
   - enable guest user session
   - try to login as guest user
  ## Error logs:
  ### Error Message:
  ` Could not update file ICEauthority file /run/user/XXX/ICEauthority`
  ### aa-notify:
  ```
  Profile: /usr/lib/lightdm/lightdm-guest-session
  Operation: open
  Name: /proc/8125/uid_map
  Denied: w
  Logfile: /var/log/kern.log

  Profile: /usr/lib/lightdm/lightdm-guest-session
  Operation: open
  Name: /proc/8125/setgroups
  Denied: w
  Logfile: /var/log/kern.log

  Profile: /usr/lib/lightdm/lightdm-guest-session
  Operation: open
  Name: /proc/8125/gid_map
  Denied: w
  Logfile: /var/log/kern.log

  Profile: /usr/lib/lightdm/lightdm-guest-session
  Operation: open
  Name: /proc/8624/fd/
  Denied: r
  Logfile: /var/log/kern.log
  ```
  ### dmesg:
  ```
  [  218.831289] audit: type=1400 audit(1616864450.287:76): apparmor="DENIED" 
operation="sendmsg" profile="/usr/lib/lightdm/lightdm-guest-session" 
name="/run/systemd/journal/dev-log" pid=3916 comm="cinnamon-sessio" 
requested_mask="w" denied_mask="w" fsuid=999 ouid=0
  [ 1157.263045] audit: type=1400 audit(1616865388.720:1084): apparmor="DENIED" 
operation="open" profile="/usr/lib/lightdm/lightdm-guest-session" 
name="/proc/9899/fd/" pid=9899 comm="gpg-agent" requested_mask="r" 
denied_mask="r" fsuid=999  #ouid=0
  [ 1157.899223] audit: type=1400 audit(1616865389.356:1085): apparmor="DENIED" 
operation="open" profile="/usr/lib/lightdm/lightdm-guest-session" 
name="/proc/1/cgroup" pid=9840 comm="cinnamon-sessio" requested_mask="r" 
denied_mask="r" fsuid=999 ouid=0
  [ 1157.899445] audit: type=1400 audit(1616865389.360:1086): apparmor="DENIED" 
operation="sendmsg" profile="/usr/lib/lightdm/lightdm-guest-session" 
name="/run/systemd/journal/dev-log" pid=9840 comm="cinnamon-sessio" 
requested_mask="w" denied_mask="w" fsuid=999 ouid=0
  [ 1157.903410] audit: type=1400 audit(1616865389.364:1087): apparmor="DENIED" 
operation="link" profile="/usr/lib/lightdm/lightdm-guest-session" 
name="/run/user/999/ICEauthority-l" pid=9840 comm="cinnamon-sessio" 
requested_mask="l" denied_mask="l" fsuid=999 ouid=999 
target="/run/user/999/ICEauthority-c"
  ```
  ## Solutions:
  ### bad but common work around
  Solutions I found in different forums were to move lightdm-guest-session into 
complain mode like this:
  `aa-complain /usr/lib/lightdm/lightdm-guest-session`
  ### maybe better sollution:
  My fix would be to add this to `/etc/apparmor.d/lightdm-guest-session`:
  ```
  ...
  

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted oss4 into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/oss4/4.2-build2010-5ubuntu6~20.04.2
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: r8168 (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing networking for them.

 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted zfs-linux into focal-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/zfs-
linux/0.8.3-1ubuntu12.9 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing networking for them.

  Should dkms modules SRUs always getting published into -security
  

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted lime-forensics into focal-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/lime-
forensics/1.9-1ubuntu0.2 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: lttng-modules (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted virtualbox-hwe into focal-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/virtualbox-
hwe/6.1.16-dfsg-6ubuntu1.20.04.2 in a few hours, and then in the
-proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: zfs-linux (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted iptables-netflow into focal-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/iptables-
netflow/2.4-2ubuntu0.3 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: liblzf (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing networking 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted gost-crypto into focal-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/gost-
crypto/0.3.2-2ubuntu0.2 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: iptables-netflow (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing networking 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted r8168 into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/r8168/8.048.00-1ubuntu0.20.04.2 in
a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: rtl8812au (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing networking for them.


[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted rtl8812au into focal-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/rtl8812au/4.3.8.12175.20140902
+dfsg-0ubuntu13~20.04.2 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: sysdig (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted virtualbox into focal-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/virtualbox/6.1.16-dfsg-6~ubuntu1.20.04.2
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: virtualbox-hwe (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted v4l2loopback into focal-proposed. The package will build now
and be available at
https://launchpad.net/ubuntu/+source/v4l2loopback/0.12.3-1ubuntu0.4 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: virtualbox (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing networking for 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted nvidia-graphics-drivers-340 into focal-proposed. The package
will build now and be available at https://launchpad.net/ubuntu/+source
/nvidia-graphics-drivers-340/340.108-0ubuntu5.20.04.2 in a few hours,
and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: oss4 (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted sysdig into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/sysdig/0.26.4-1ubuntu0.3 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: v4l2loopback (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing networking for them.

  

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted dm-writeboost into focal-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/dm-
writeboost/2.2.9-1ubuntu1.2 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: evdi (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing networking for 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted lttng-modules into focal-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/lttng-
modules/2.12.2-1ubuntu1~20.04.2 in a few hours, and then in the
-proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: nvidia-graphics-drivers-340 (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might 

[Touch-packages] [Bug 1914279] Re: linux from security may force reboots without complete dkms modules

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted acpi-call into focal-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/acpi-
call/1.1.0-5ubuntu0.2 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: acpi-call (Ubuntu Focal)
   Status: New => Fix Committed

** Tags added: verification-needed verification-needed-focal

** Changed in: backport-iwlwifi-dkms (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to 

[Touch-packages] [Bug 1914279] Re: linux from security may force reboots without complete dkms modules

2021-05-07 Thread Łukasz Zemczak
** Also affects: acpi-call (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: backport-iwlwifi-dkms (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: bcmwl (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: dahdi-linux (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: dm-writeboost (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: evdi (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: gost-crypto (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: iptables-netflow (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: liblzf (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: lime-forensics (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: lttng-modules (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: nvidia-graphics-drivers-340 (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: openafs (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: oss4 (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: r8168 (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: rtl8812au (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: sysdig (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: v4l2loopback (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: virtualbox (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: virtualbox-hwe (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: zfs-linux (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing networking for them.

  Should dkms modules SRUs always getting published into -security
  pocket, as well as the -updates pocket?

  Should linux maintainer scripts prevent touching reboot required flag
  if any dkms modules fail to build?

  Should apt / unattanded-upgrades / update-manager always update dkms
  modules with kernels?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/acpi-call/+bug/1914279/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted evdi into focal-proposed. The package will build now and be
available at https://launchpad.net/ubuntu/+source/evdi/1.7.0+dfsg-
1ubuntu1~20.04.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: gost-crypto (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing networking for 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted dahdi-linux into focal-proposed. The package will build now and
be available at https://launchpad.net/ubuntu/+source/dahdi-
linux/1:2.11.1~dfsg-1ubuntu6.2 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: dm-writeboost (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be providing 

[Touch-packages] [Bug 1914279] Please test proposed package

2021-05-07 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted backport-iwlwifi-dkms into focal-proposed. The package will
build now and be available at https://launchpad.net/ubuntu/+source
/backport-iwlwifi-dkms/8324-0ubuntu3~20.04.3 in a few hours, and then in
the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: bcmwl (Ubuntu Focal)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1914279

Title:
  linux from security may force reboots without complete dkms modules

Status in acpi-call package in Ubuntu:
  New
Status in apt package in Ubuntu:
  Invalid
Status in backport-iwlwifi-dkms package in Ubuntu:
  New
Status in bcmwl package in Ubuntu:
  New
Status in dahdi-linux package in Ubuntu:
  New
Status in dkms package in Ubuntu:
  Fix Released
Status in dm-writeboost package in Ubuntu:
  New
Status in evdi package in Ubuntu:
  New
Status in gost-crypto package in Ubuntu:
  New
Status in iptables-netflow package in Ubuntu:
  New
Status in liblzf package in Ubuntu:
  New
Status in lime-forensics package in Ubuntu:
  New
Status in linux package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in lttng-modules package in Ubuntu:
  New
Status in nvidia-graphics-drivers-340 package in Ubuntu:
  New
Status in openafs package in Ubuntu:
  New
Status in oss4 package in Ubuntu:
  New
Status in r8168 package in Ubuntu:
  New
Status in rtl8812au package in Ubuntu:
  New
Status in sysdig package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Invalid
Status in update-manager package in Ubuntu:
  Invalid
Status in v4l2loopback package in Ubuntu:
  New
Status in virtualbox package in Ubuntu:
  New
Status in virtualbox-hwe package in Ubuntu:
  New
Status in zfs-linux package in Ubuntu:
  New
Status in acpi-call source package in Focal:
  Fix Committed
Status in backport-iwlwifi-dkms source package in Focal:
  Fix Committed
Status in bcmwl source package in Focal:
  Fix Committed
Status in dahdi-linux source package in Focal:
  Fix Committed
Status in dm-writeboost source package in Focal:
  Fix Committed
Status in evdi source package in Focal:
  Fix Committed
Status in gost-crypto source package in Focal:
  Fix Committed
Status in iptables-netflow source package in Focal:
  Fix Committed
Status in liblzf source package in Focal:
  Fix Committed
Status in lime-forensics source package in Focal:
  Fix Committed
Status in lttng-modules source package in Focal:
  Fix Committed
Status in nvidia-graphics-drivers-340 source package in Focal:
  Fix Committed
Status in oss4 source package in Focal:
  Fix Committed
Status in r8168 source package in Focal:
  Fix Committed
Status in rtl8812au source package in Focal:
  Fix Committed
Status in sysdig source package in Focal:
  Fix Committed
Status in v4l2loopback source package in Focal:
  Fix Committed
Status in virtualbox source package in Focal:
  Fix Committed
Status in virtualbox-hwe source package in Focal:
  Fix Committed
Status in zfs-linux source package in Focal:
  Fix Committed

Bug description:
  Whilst discussing

  https://discourse.ubuntu.com/t/improvements-for-hardware-support-in-
  ubuntu-desktop-installation-media/20606

  We have noticed a reference to somebody not having working backport-
  iwlwifi-dkms, whilst SRU of that happened before the v5.4 -> v5.8
  switch.

  However, kernel meta switch was pushed to security pocket, but the
  dkms modules are all in -updates only.

  This may result in people automatically installing the new kernel with
  unatanded upgrades; dkms modules failing to build; and a reboot
  required flag left on disk.

  At this point launching update manager will not offer to install dkms
  modules from updates, and will guide the users to reboot. which
  will then cause them to boot the new kernel without the dkms modules
  that might be 

[Touch-packages] [Bug 1821415] Please test proposed package

2021-04-29 Thread Łukasz Zemczak
Hello Brian, or anyone else affected,

Accepted apport into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.17 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1821415

Title:
  pkexec fails in a non-graphical environment

Status in PolicyKit:
  New
Status in apport package in Ubuntu:
  Fix Released
Status in policykit-1 package in Ubuntu:
  Won't Fix
Status in apport source package in Focal:
  Fix Committed
Status in policykit-1 source package in Focal:
  Won't Fix
Status in apport source package in Groovy:
  Fix Committed
Status in policykit-1 source package in Groovy:
  Won't Fix

Bug description:
  [Impact]
  The plymouth apport source package hooks wants to gather log files as the 
root user and apport provides a policy kit policy for collecting that 
information. This works fine in a graphical environment but not in a 
non-graphical one.

  [Test Case]
  1) ssh into an Ubuntu Desktop install of Ubuntu 20.04 LTS or Ubuntu 20.10
  2) sudo touch /var/log/plymouth-debug.log
  3) ubuntu@disco:~$ ubuntu-bug plymouth

  *** Collecting problem information

  The collected information can be sent to the developers to improve the
  application. This might take a few minutes.
  .. AUTHENTICATING FOR com.ubuntu.apport.root-info ===
  Authentication is required to collect system information for this problem 
report
  Authenticating as: Ubuntu (ubuntu)
  Password: 
  polkit-agent-helper-1: error response to PolicyKit daemon: 
GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: No session for cookie
   AUTHENTICATION FAILED ===
  Error executing command as another user: Not authorized

  This incident has been reported.

  With the version of apport from -proposed you will not see the
  "AUTHENTICATION FAILED" error and the plymouth-debug.log file will be
  collected.

  [Where Problems Could Occur]
  It's possible that the spawned pkttyagent process does not get cleaned up 
properly and could be left running. When testing the SRU we should confirm it 
is not still running.

To manage notifications about this bug go to:
https://bugs.launchpad.net/policykit-1/+bug/1821415/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1821415] Re: pkexec fails in a non-graphical environment

2021-04-29 Thread Łukasz Zemczak
Hello Brian, or anyone else affected,

Accepted apport into groovy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu50.6 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
groovy to verification-done-groovy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-groovy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: apport (Ubuntu Groovy)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-groovy

** Changed in: apport (Ubuntu Focal)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1821415

Title:
  pkexec fails in a non-graphical environment

Status in PolicyKit:
  New
Status in apport package in Ubuntu:
  Fix Released
Status in policykit-1 package in Ubuntu:
  Won't Fix
Status in apport source package in Focal:
  Fix Committed
Status in policykit-1 source package in Focal:
  Won't Fix
Status in apport source package in Groovy:
  Fix Committed
Status in policykit-1 source package in Groovy:
  Won't Fix

Bug description:
  [Impact]
  The plymouth apport source package hooks wants to gather log files as the 
root user and apport provides a policy kit policy for collecting that 
information. This works fine in a graphical environment but not in a 
non-graphical one.

  [Test Case]
  1) ssh into an Ubuntu Desktop install of Ubuntu 20.04 LTS or Ubuntu 20.10
  2) sudo touch /var/log/plymouth-debug.log
  3) ubuntu@disco:~$ ubuntu-bug plymouth

  *** Collecting problem information

  The collected information can be sent to the developers to improve the
  application. This might take a few minutes.
  .. AUTHENTICATING FOR com.ubuntu.apport.root-info ===
  Authentication is required to collect system information for this problem 
report
  Authenticating as: Ubuntu (ubuntu)
  Password: 
  polkit-agent-helper-1: error response to PolicyKit daemon: 
GDBus.Error:org.freedesktop.PolicyKit1.Error.Failed: No session for cookie
   AUTHENTICATION FAILED ===
  Error executing command as another user: Not authorized

  This incident has been reported.

  With the version of apport from -proposed you will not see the
  "AUTHENTICATION FAILED" error and the plymouth-debug.log file will be
  collected.

  [Where Problems Could Occur]
  It's possible that the spawned pkttyagent process does not get cleaned up 
properly and could be left running. When testing the SRU we should confirm it 
is not still running.

To manage notifications about this bug go to:
https://bugs.launchpad.net/policykit-1/+bug/1821415/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1920837] Please test proposed package

2021-04-29 Thread Łukasz Zemczak
Hello Brian, or anyone else affected,

Accepted apport into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.17 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1920837

Title:
  apport bugs from official raspi or riscv images are not identified

Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Focal:
  Fix Committed
Status in apport source package in Groovy:
  Fix Committed

Bug description:
  It would be helpful if bugs reported from images for Raspberry Pi's or
  RISCV systems were tagged so that one could search for bugs from
  systems running those images e.g. 'raspi-image'.

  [Test Case]
  After installing a preinstalled image of Ubuntu for Raspberry Pi do the 
following:
  1) run 'ubuntu-bug apport'
  2) view the bug report and check the Tags field

  With the current version of apport you will not see the tag 'raspi-image'.
  With the version of apport in -proposed you will see the tag 'raspi-image'.

  [Where problems could occur]
  If the code being added is syntactically incorrect then we'd see a Traceback 
which would be bad as it could affect all bug / crash reports.

  [Other Info]
  Since there aren't any Groovy images for RISC-V there will be nothing to test 
there.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1920837/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1920837] Re: apport bugs from official raspi or riscv images are not identified

2021-04-29 Thread Łukasz Zemczak
Hello Brian, or anyone else affected,

Accepted apport into groovy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu50.6 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
groovy to verification-done-groovy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-groovy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: apport (Ubuntu Groovy)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-groovy

** Changed in: apport (Ubuntu Focal)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1920837

Title:
  apport bugs from official raspi or riscv images are not identified

Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Focal:
  Fix Committed
Status in apport source package in Groovy:
  Fix Committed

Bug description:
  It would be helpful if bugs reported from images for Raspberry Pi's or
  RISCV systems were tagged so that one could search for bugs from
  systems running those images e.g. 'raspi-image'.

  [Test Case]
  After installing a preinstalled image of Ubuntu for Raspberry Pi do the 
following:
  1) run 'ubuntu-bug apport'
  2) view the bug report and check the Tags field

  With the current version of apport you will not see the tag 'raspi-image'.
  With the version of apport in -proposed you will see the tag 'raspi-image'.

  [Where problems could occur]
  If the code being added is syntactically incorrect then we'd see a Traceback 
which would be bad as it could affect all bug / crash reports.

  [Other Info]
  Since there aren't any Groovy images for RISC-V there will be nothing to test 
there.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1920837/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1922937] Please test proposed package

2021-04-29 Thread Łukasz Zemczak
Hello Brian, or anyone else affected,

Accepted apport into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.17 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1922937

Title:
  reading casper-md5check.json fails

Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Focal:
  Fix Committed
Status in apport source package in Groovy:
  Fix Committed
Status in apport source package in Hirsute:
  Fix Released

Bug description:
  [Impact]
  Bugs reported by apport are not including information about the results of 
the md5 check of the installation media used. Additionally, users are presented 
with a traceback regarding the ubuntu hook which is used with all bug reports.

  [Test Case]
  1) Boot an Ubuntu 20.04 LTS or Ubuntu 20.10 install
  2) Create the file /var/log/installer/caspter-md5check.json with mode 0600.
  3) Run 'ubuntu-bug coreutils'

  *** Collecting problem information

  The collected information can be sent to the developers to improve the
  application. This might take a few minutes.
  ..ERROR: hook /usr/share/apport/general-hooks/ubuntu.py crashed:
  Traceback (most recent call last):
    File "/usr/lib/python3/dist-packages/apport/report.py", line 228, in 
_run_hook
  symb['add_info'](report, ui)
    File "/usr/share/apport/general-hooks/ubuntu.py", line 84, in add_info
  apport.hookutils.attach_casper_md5check(report,
    File "/usr/lib/python3/dist-packages/apport/hookutils.py", line 995, in 
attach_casper_md5check
  with open(location) as json_file:
  PermissionError: [Errno 13] Permission denied: 
'/var/log/installer/casper-md5check.json'

  [Where problems could occur]
  We are switching to reading the file with attach_root_command_outputs which 
is a well tested function in apport so the only problem would be a result of 
the new code being added. This works well in Hirsute so there is little chance 
of their being an error.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1922937/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1922937] Re: reading casper-md5check.json fails

2021-04-29 Thread Łukasz Zemczak
Hello Brian, or anyone else affected,

Accepted apport into groovy-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu50.6 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
groovy to verification-done-groovy. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-groovy. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: apport (Ubuntu Groovy)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-groovy

** Changed in: apport (Ubuntu Focal)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1922937

Title:
  reading casper-md5check.json fails

Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Focal:
  Fix Committed
Status in apport source package in Groovy:
  Fix Committed
Status in apport source package in Hirsute:
  Fix Released

Bug description:
  [Impact]
  Bugs reported by apport are not including information about the results of 
the md5 check of the installation media used. Additionally, users are presented 
with a traceback regarding the ubuntu hook which is used with all bug reports.

  [Test Case]
  1) Boot an Ubuntu 20.04 LTS or Ubuntu 20.10 install
  2) Create the file /var/log/installer/caspter-md5check.json with mode 0600.
  3) Run 'ubuntu-bug coreutils'

  *** Collecting problem information

  The collected information can be sent to the developers to improve the
  application. This might take a few minutes.
  ..ERROR: hook /usr/share/apport/general-hooks/ubuntu.py crashed:
  Traceback (most recent call last):
    File "/usr/lib/python3/dist-packages/apport/report.py", line 228, in 
_run_hook
  symb['add_info'](report, ui)
    File "/usr/share/apport/general-hooks/ubuntu.py", line 84, in add_info
  apport.hookutils.attach_casper_md5check(report,
    File "/usr/lib/python3/dist-packages/apport/hookutils.py", line 995, in 
attach_casper_md5check
  with open(location) as json_file:
  PermissionError: [Errno 13] Permission denied: 
'/var/log/installer/casper-md5check.json'

  [Where problems could occur]
  We are switching to reading the file with attach_root_command_outputs which 
is a well tested function in apport so the only problem would be a result of 
the new code being added. This works well in Hirsute so there is little chance 
of their being an error.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1922937/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1923115] Re: Networkd vs udev nic renaming race condition

2021-04-26 Thread Łukasz Zemczak
There are still some autopkgtest issues for this package - can those get
addressed? Are those irrelevant to the new version?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1923115

Title:
  Networkd vs udev nic renaming race condition

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Bionic:
  Fix Committed
Status in systemd source package in Focal:
  Fix Released

Bug description:
  [Impact]

  systemd-networkd renames nic just after udev renamed it

  e.g

  kernel: [ 2.827368] vmxnet3 :0b:00.0 ens192: renamed from eth0
  kernel: [ 7.562729] vmxnet3 :0b:00.0 eth0: renamed from ens192
  systemd-networkd[511]: ens192: Interface name change detected, ens192 has 
been renamed to eth0.

  This cause netplan or the other network management pkg can't find
  proper nic sometimes.

  This happens on Bionic

  Below commit seems to solve this issue.
  
https://github.com/systemd/systemd/pull/11881/commits/30de2b89d125a8692c22579ef805b03f2054b30b

  There are bunch of related commits but above one the customer tested
  it worked.

  [Test Plan]

  The customer has issue and they could help us to test this.
  Internally they already test this and it worked.

  Please refer to github issue's reproduction step as well.
  https://github.com/systemd/systemd/issues/7293#issue-272917058
  where the test plan is described as:
  "Reboot a couple of times. Sometimes the interface is renamed correctly. 
Sometimes it is not."

  [Where problems could occur]

  systemd-networkd should be restarted for this patch. systemd-networkd
  nic renaming could have issue. renaming may not be happening
  unexpectedly. e.g doesn't rename it properly or rename it when it
  should do.

  [Others]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1923115/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1921562] Update Released

2021-04-26 Thread Łukasz Zemczak
The verification of the Stable Release Update for openldap has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1921562

Title:
  Intermittent hangs during ldap_search_ext when TLS enabled

Status in openldap:
  Fix Released
Status in openldap package in Ubuntu:
  Fix Released
Status in openldap source package in Focal:
  Fix Released
Status in openldap source package in Groovy:
  Fix Released

Bug description:
  [Impact]
  

  When connecting to an LDAP server with TLS, ldap_search_ext can hang
  if during the initial TLS handshake a signal is received by the
  process. The cause of this bug is the same as
  https://bugs.openldap.org/show_bug.cgi?id=8650.

  In our case this bug cause failures in the SSSD LDAP backend at least
  once per day, resulting in authentication errors followed by a sssd_be
  restart after a timeout has been hit.

  
  [Test Plan]
  ===

  When using openldap on 20.04, this bug causes failures in the SSSD
  LDAP backend, resulting in authentication errors followed by a sssd_be
  restart after a timeout has been hit:

  Mar 19 19:05:31 mail auth[867454]: pam_sss(dovecot:auth): received for user 
redacted: 4 (System error)
  Mar 19 19:05:32 mail sssd_be[867455]: Starting up

  With the patched version, this should no longer be a problem.

  
  [Where Problems Could Occur]
  

  With this patch applied, there may be few edge cases in (and varying
  b/w) different versions of GnuTLS. And also some bits that are
  discussed in https://bugs.openldap.org/show_bug.cgi?id=8650.

  But that said, the patched version is already being run in production
  for over two weeks time (at the time of writing - 07/04/21). So I
  believe the SRU will clearly benefit from this and has lower risk of
  regression.

  
  [More Info]
  ===

  A reduced version of the patch linked above can be found attached to
  this bug report. This patch has been applied to version 2.4.49+dfsg-
  2ubuntu1.7 and has been running in production for approximately a week
  and the issue has no longer occurred. No other issues have appeared
  during this period.

To manage notifications about this bug go to:
https://bugs.launchpad.net/openldap/+bug/1921562/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1925344] [NEW] Session not started after reboot (black screen) - requires switching tty back and forth

2021-04-21 Thread Łukasz Zemczak
Public bug reported:

After installation, the first boot works as expected - the system boots
into a graphical shell login screen. However all subsequent reboots end
up with a black screen with a blinking cursor in the top-left corner of
the screen. To get to the login screen, one has to switch to a different
tty (like tty2 with ctrl+alt+f2) and then to tty1.

Running `prime-select query` shows `nvidia`.

Interesting enough, when I change the nvidia-prime settings at least
once, like to on-demand via `prime-select on-demand` - then everything
starts working as expected. Even when I switch back to `nvidia`.

Not sure which package I should fill this under.

ProblemType: Bug
DistroRelease: Ubuntu 21.04
Package: xserver-xorg 1:7.7+22ubuntu1
ProcVersionSignature: Ubuntu 5.11.0-16.17-generic 5.11.12
Uname: Linux 5.11.0-16-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
.proc.driver.nvidia.capabilities.gpu0: Error: [Errno 21] Is a directory: 
'/proc/driver/nvidia/capabilities/gpu0'
.proc.driver.nvidia.capabilities.mig: Error: [Errno 21] Is a directory: 
'/proc/driver/nvidia/capabilities/mig'
.proc.driver.nvidia.gpus..01.00.0: Error: [Errno 21] Is a directory: 
'/proc/driver/nvidia/gpus/:01:00.0'
.proc.driver.nvidia.registry: Binary: ""
.proc.driver.nvidia.suspend: suspend hibernate resume
.proc.driver.nvidia.suspend_depth: default modeset uvm
.proc.driver.nvidia.version:
 NVRM version: NVIDIA UNIX x86_64 Kernel Module  460.67  Thu Mar 11 00:11:45 
UTC 2021
 GCC version:
ApportVersion: 2.20.11-0ubuntu65
Architecture: amd64
BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
CasperMD5CheckResult: pass
CompositorRunning: None
CurrentDesktop: ubuntu:GNOME
Date: Wed Apr 21 15:20:15 2021
DistUpgraded: Fresh install
DistroCodename: hirsute
DistroVariant: ubuntu
ExtraDebuggingInterest: Yes
GraphicsCard:
 Intel Corporation CometLake-H GT2 [UHD Graphics] [8086:9bc4] (rev 05) (prog-if 
00 [VGA controller])
   Subsystem: Dell UHD Graphics [1028:09e1]
 NVIDIA Corporation TU116M [GeForce GTX 1660 Ti Mobile] [10de:2191] (rev a1) 
(prog-if 00 [VGA controller])
   Subsystem: Dell TU116M [GeForce GTX 1660 Ti Mobile] [1028:09e1]
InstallationDate: Installed on 2021-04-21 (0 days ago)
InstallationMedia: Ubuntu 21.04 "Hirsute Hippo" - Release amd64 (20210420)
MachineType: Dell Inc. G3 3500
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=
 LANG=pl_PL.UTF-8
 SHELL=/bin/bash
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.11.0-16-generic 
root=UUID=5b38428b-60e8-4741-8b7f-0e60094a80f7 ro quiet splash vt.handoff=7
SourcePackage: xorg
UpgradeStatus: No upgrade log present (probably fresh install)
dmi.bios.date: 12/04/2020
dmi.bios.release: 1.7
dmi.bios.vendor: Dell Inc.
dmi.bios.version: 1.7.1
dmi.board.name: 06ND9G
dmi.board.vendor: Dell Inc.
dmi.board.version: A00
dmi.chassis.type: 10
dmi.chassis.vendor: Dell Inc.
dmi.modalias: 
dmi:bvnDellInc.:bvr1.7.1:bd12/04/2020:br1.7:svnDellInc.:pnG33500:pvr:rvnDellInc.:rn06ND9G:rvrA00:cvnDellInc.:ct10:cvr:
dmi.product.family: GSeries
dmi.product.name: G3 3500
dmi.product.sku: 09E1
dmi.sys.vendor: Dell Inc.
version.compiz: compiz N/A
version.libdrm2: libdrm2 2.4.104-1build1
version.libgl1-mesa-dri: libgl1-mesa-dri 21.0.1-2
version.libgl1-mesa-glx: libgl1-mesa-glx N/A
version.nvidia-graphics-drivers: nvidia-graphics-drivers-* N/A
version.xserver-xorg-core: xserver-xorg-core 2:1.20.11-1ubuntu1
version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-2
version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20200714-1ubuntu1
version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.17-1

** Affects: nvidia-graphics-drivers-460 (Ubuntu)
 Importance: Undecided
 Status: New

** Affects: nvidia-prime (Ubuntu)
 Importance: Undecided
 Status: New

** Affects: xorg (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug hirsute ubuntu

** Also affects: nvidia-prime (Ubuntu)
   Importance: Undecided
   Status: New

** Also affects: nvidia-graphics-drivers-460 (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/1925344

Title:
  Session not started after reboot (black screen) - requires switching
  tty back and forth

Status in nvidia-graphics-drivers-460 package in Ubuntu:
  New
Status in nvidia-prime package in Ubuntu:
  New
Status in xorg package in Ubuntu:
  New

Bug description:
  After installation, the first boot works as expected - the system
  boots into a graphical shell login screen. However all subsequent
  reboots end up with a black screen with a blinking cursor in the top-
  left corner of the screen. To get to the login screen, one has to
  switch to a different tty (like tty2 with ctrl+alt+f2) and then to
  tty1.

  

[Touch-packages] [Bug 1922266] Re: eth0 interface name change fails on Pi 3/3+

2021-04-20 Thread Łukasz Zemczak
We have also pushed out a new livecd-rootfs that manually adds ubuntu-
raspi-settings as a dependency of the server images (temporary before we
switch to using seeds).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ubuntu-meta in Ubuntu.
https://bugs.launchpad.net/bugs/1922266

Title:
  eth0 interface name change fails on Pi 3/3+

Status in ubuntu-meta package in Ubuntu:
  Fix Released
Status in ubuntu-settings package in Ubuntu:
  Fix Released
Status in ubuntu-meta source package in Hirsute:
  Fix Released
Status in ubuntu-settings source package in Hirsute:
  Fix Released

Bug description:
  The netplan configuration in ubuntu-raspi-settings (and more widely,
  the network-config in the gadget used on the server images) fails to
  rename the internal ethernet interface on Pi 3B and 3B+ models from
  "en" to "eth0". In the netplan case this is because the
  driver matching logic doesn't handle space-separate driver matches
  (although the underlying networkd system does); in the cloud-init case
  it simply refuses to rename interfaces that aren't matched by full MAC
  address.

  The intended fix is to stop attempting to do this via netplan or
  cloud-init, and simply handle this via a networkd .link file in
  ubuntu-raspi-settings. This will require an update to the relevant
  seeds as this package is currently only pulled into ubuntu-desktop-
  raspi, not ubuntu-server-raspi.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/1922266/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1923115] Re: Networkd vs udev nic renaming race condition

2021-04-15 Thread Łukasz Zemczak
Hello Seyeong, or anyone else affected,

Accepted systemd into bionic-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/systemd/237-3ubuntu10.47 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
bionic to verification-done-bionic. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-bionic. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: systemd (Ubuntu Bionic)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-bionic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1923115

Title:
  Networkd vs udev nic renaming race condition

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Bionic:
  Fix Committed
Status in systemd source package in Focal:
  Fix Released

Bug description:
  [Impact]

  systemd-networkd renames nic just after udev renamed it

  e.g

  kernel: [ 2.827368] vmxnet3 :0b:00.0 ens192: renamed from eth0
  kernel: [ 7.562729] vmxnet3 :0b:00.0 eth0: renamed from ens192
  systemd-networkd[511]: ens192: Interface name change detected, ens192 has 
been renamed to eth0.

  This cause netplan or the other network management pkg can't find
  proper nic sometimes.

  This happens on Bionic

  Below commit seems to solve this issue.
  
https://github.com/systemd/systemd/pull/11881/commits/30de2b89d125a8692c22579ef805b03f2054b30b

  There are bunch of related commits but above one the customer tested
  it worked.

  [Test Plan]

  The customer has issue and they could help us to test this.
  Internally they already test this and it worked.

  Please refer to github issue's reproduction step as well.
  https://github.com/systemd/systemd/issues/7293#issue-272917058
  where the test plan is described as:
  "Reboot a couple of times. Sometimes the interface is renamed correctly. 
Sometimes it is not."

  [Where problems could occur]

  systemd-networkd should be restarted for this patch. systemd-networkd
  nic renaming could have issue. renaming may not be happening
  unexpectedly. e.g doesn't rename it properly or rename it when it
  should do.

  [Others]

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1923115/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1908818] Update Released

2021-04-15 Thread Łukasz Zemczak
The verification of the Stable Release Update for nss has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to nss in Ubuntu.
https://bugs.launchpad.net/bugs/1908818

Title:
  pure packaging of libnss3

Status in nss package in Ubuntu:
  Fix Released
Status in nss source package in Groovy:
  Fix Released
Status in nss source package in Hirsute:
  Fix Released

Bug description:
  [Impact]

   * A packaging error in the current version has led library symlinks
 to be broken and in the wrong place.

   * Fix by applying the later change to Groovy as well

  [Test Plan]

   * install libnss3
   * check (path depends on the architecture) the lib links
 $ dpkg -L libnss3 | grep MULTIARCH
 # ^^ should be empty
 $ ll /usr/lib/x86_64-linux-gnu/libfreebl3.so
 # vv should look like that:

  lrwxrwxrwx 1 root root 17 Feb 16 15:18 
/usr/lib/x86_64-linux-gnu/libfreebl3.so -> nss/libfreebl3.so
  root@h:~# ll /usr/lib/x86_64-linux-gnu/libfreebl*
  lrwxrwxrwx 1 root root 18 Feb 16 15:18 
/usr/lib/x86_64-linux-gnu/libfreebl3.chk -> nss/libfreebl3.chk
  lrwxrwxrwx 1 root root 17 Feb 16 15:18 
/usr/lib/x86_64-linux-gnu/libfreebl3.so -> nss/libfreebl3.so
  lrwxrwxrwx 1 root root 22 Feb 16 15:18 
/usr/lib/x86_64-linux-gnu/libfreeblpriv3.chk -> nss/libfreeblpriv3.chk
  lrwxrwxrwx 1 root root 21 Feb 16 15:18 
/usr/lib/x86_64-linux-gnu/libfreeblpriv3.so -> nss/libfreeblpriv3.so

  [Where problems could occur]

   * I first was afraid, that no matter how bad the paths would
 have been we'd need to retain them for anyone using them
 already. But the existing links go into nowhere since they
 are relative therefore the regression risk should be minimal

  root@g:~# ll '/usr/lib/${DEB_HOST_MULTIARCH}/libfreebl3.so' 
'/usr/lib/${DEB_HOST_MULTIARCH}/libfreeblpriv3.so' 
'/usr/lib/${DEB_HOST_MULTIARCH}/libfreebl3.chk' 
'/usr/lib/${DEB_HOST_MULTIARCH}/libfreeblpriv3.chk'
  lrwxrwxrwx 1 root root 18 Sep 29  2020 
'/usr/lib/${DEB_HOST_MULTIARCH}/libfreebl3.chk' -> nss/libfreebl3.chk
  lrwxrwxrwx 1 root root 17 Sep 29  2020 
'/usr/lib/${DEB_HOST_MULTIARCH}/libfreebl3.so' -> nss/libfreebl3.so
  lrwxrwxrwx 1 root root 22 Sep 29  2020 
'/usr/lib/${DEB_HOST_MULTIARCH}/libfreeblpriv3.chk' -> nss/libfreeblpriv3.chk
  lrwxrwxrwx 1 root root 21 Sep 29  2020 
'/usr/lib/${DEB_HOST_MULTIARCH}/libfreeblpriv3.so' -> nss/libfreeblpriv3.so

   * never the less, to be clear - if problems occur they would be in 
 loading these libraries. E.g. a user could have had this package
 and a self built nss on his system, after the change it might load the 
 packaged one.

  [Other Info]
   
   * n/a

  ---

  
  dpkg -L libnss3
  /.
  /usr
  /usr/lib
  /usr/lib/${DEB_HOST_MULTIARCH}
  /usr/lib/x86_64-linux-gnu
  /usr/lib/x86_64-linux-gnu/libnss3.so
  /usr/lib/x86_64-linux-gnu/libnssutil3.so
  /usr/lib/x86_64-linux-gnu/libsmime3.so
  /usr/lib/x86_64-linux-gnu/libssl3.so
  /usr/lib/x86_64-linux-gnu/nss
  /usr/lib/x86_64-linux-gnu/nss/libfreebl3.chk
  /usr/lib/x86_64-linux-gnu/nss/libfreebl3.so
  /usr/lib/x86_64-linux-gnu/nss/libfreeblpriv3.chk
  /usr/lib/x86_64-linux-gnu/nss/libfreeblpriv3.so
  /usr/lib/x86_64-linux-gnu/nss/libnssckbi.so
  /usr/lib/x86_64-linux-gnu/nss/libnssdbm3.chk
  /usr/lib/x86_64-linux-gnu/nss/libnssdbm3.so
  /usr/lib/x86_64-linux-gnu/nss/libsoftokn3.chk
  /usr/lib/x86_64-linux-gnu/nss/libsoftokn3.so
  /usr/share
  /usr/share/doc
  /usr/share/doc/libnss3
  /usr/share/doc/libnss3/changelog.Debian.gz
  /usr/share/doc/libnss3/copyright
  /usr/share/lintian
  /usr/share/lintian/overrides
  /usr/share/lintian/overrides/libnss3
  /usr/lib/${DEB_HOST_MULTIARCH}/libfreebl3.chk
  /usr/lib/${DEB_HOST_MULTIARCH}/libfreebl3.so
  /usr/lib/${DEB_HOST_MULTIARCH}/libfreeblpriv3.chk

  as we can see soft links to libraries do nor resolve
  ${DEB_HOST_MULTIARCH} to x86_64-linux-gnu

  ProblemType: Bug
  DistroRelease: Ubuntu 20.10
  Package: libnss3 2:3.55-1ubuntu3
  ProcVersionSignature: Ubuntu 5.8.0-33.36-generic 5.8.17
  Uname: Linux 5.8.0-33-generic x86_64
  NonfreeKernelModules: nvidia_modeset nvidia
  ApportVersion: 2.20.11-0ubuntu50.3
  Architecture: amd64
  CasperMD5CheckResult: skip
  Date: Sun Dec 20 14:36:10 2020
  SourcePackage: nss
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/nss/+bug/1908818/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : 

[Touch-packages] [Bug 1874824] Update Released

2021-04-15 Thread Łukasz Zemczak
The verification of the Stable Release Update for procps has completed
successfully and the package is now being released to -updates.
Subsequently, the Ubuntu Stable Release Updates Team is being
unsubscribed and will not receive messages about this bug report.  In
the event that you encounter a regression using the package from
-updates please report a new bug using ubuntu-bug and tag the bug report
regression-update so we can easily find any regressions.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to procps in Ubuntu.
https://bugs.launchpad.net/bugs/1874824

Title:
  pgrep reports error "cannot allocate" when run without stack limit

Status in procps package in Ubuntu:
  Fix Released
Status in procps source package in Focal:
  Fix Committed
Status in procps source package in Groovy:
  Fix Released
Status in procps source package in Hirsute:
  Fix Released
Status in procps package in Debian:
  New

Bug description:
  [Impact]

- Users who have ulimit set high would see either slow
  or failed pgrep and pkill commands
- Users who have ulimit set to unlimited would see
  failed pgrep and pkill commands
- This bug occurs because the behavior of sysconf(_SC_ARG_MAX)
  changed with a newer version of the kernel.

  [Test Case]

- set the ulimit to unlimited by running `ulimit -S -s unlimited`
- run `pgrep bash` to see that the "cannot allocate" error is
   printed and the command has failed.

  [Where Problems Could Occur]

- We have set upper and lower limits on the size of the malloc, but
  if further kernel versions break the call to sysconf in
  unexpected ways we could still see problems.

  [Original Description]

  If you have no stack limit (ulimit -S -s unlimited), any pgrep call
  will fail with an error:

  > pgrep vim
  pgrep: cannot allocate 4611686018427387903 bytes

  If you have a high stack limit (e.g. ulimit -S -s 50), pgrep is
  very slow:

  > time pgrep vim
  2196
  real 8.48s user 8.40s syst 0.07s busy 99% rmem 253444

  The relevant upstream bug report could be: 
https://gitlab.com/procps-ng/procps/-/issues/152
  Archlinux bug report: https://bugs.archlinux.org/task/66093

  procps:
    Installed: 2:3.3.16-1ubuntu2
    500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/procps/+bug/1874824/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1891810] Re: Backport 2.5.1 to fix missing openat2 syscall, causing problems for fuse-overlayfs in nspawn containers

2021-04-12 Thread Łukasz Zemczak
For bionic there's a few ADT regressions for libseccomp - I re-ran them,
let's see if they pass now.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1891810

Title:
  Backport 2.5.1 to fix missing openat2 syscall, causing problems for
  fuse-overlayfs in nspawn containers

Status in libseccomp package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  Fix Released
Status in libseccomp source package in Xenial:
  Fix Committed
Status in systemd source package in Xenial:
  Invalid
Status in libseccomp source package in Bionic:
  Fix Committed
Status in systemd source package in Bionic:
  Fix Committed
Status in libseccomp source package in Focal:
  Fix Released
Status in systemd source package in Focal:
  Fix Released
Status in libseccomp source package in Groovy:
  Fix Released
Status in systemd source package in Groovy:
  Fix Released
Status in libseccomp source package in Hirsute:
  Fix Released
Status in systemd source package in Hirsute:
  Fix Released

Bug description:
  [Impact]

  The version of libseccomp2 in X/B/F/G does not know about the openat2
  syscall. As such applications that use libseccomp cannot specify a
  system-call filter against this system-call and so it cannot be
  mediated.

  [Test Plan]

  This can be tested by simply running scmp_sys_resolver from the
  seccomp binary package and specifying this system-call:

  Existing behaviour:

  $ scmp_sys_resolver openat2
  -1

  Expected behaviour:

  $ scmp_sys_resolver openat2
  437

  (Note this value will be different on other architectures)

  [Where problems could occur]

  In version 2.5.1 of libseccomp which adds this new system-call,
  changes were also made in the way the socket system-call is handled by
  libseccomp on PPC platforms - this resulted in a change in the
  expected behaviour and so this has already been noticed and a fix is
  required for the systemd unit tests as a result
  https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1918696

  There was also a similar change for s390x but so far no regressions
  have been observed as a result as systemd already expected that
  behaviour from libseccomp, it was only PPC that was missing.

  In the event that a regression is observed however, we can easily
  either patch the affected package to cope with the new behaviour of
  this updated libseccomp since in each case the change in behaviour
  only affects a few system calls on particular architectures, or we can
  revert this update.

  [Other Info]

   * As usual thorough testing of this update has been performed both
  manually via the QA Regression Testing scripts, and via the
  autopkgtest infrastructure against packages in the Ubuntu Security
  Proposed PPA https://launchpad.net/~ubuntu-security-
  proposed/+archive/ubuntu/ppa/ with results seen
  https://people.canonical.com/~platform/security-britney/current/

  I have attached debdiffs of the prepared updates which are also
  sitting in the Ubuntu Security Proposed PPA.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1891810/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1922266] Re: eth0 interface name change fails on Pi 3/3+

2021-04-08 Thread Łukasz Zemczak
** Changed in: ubuntu-meta (Ubuntu)
Milestone: None => ubuntu-21.04

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ubuntu-meta in Ubuntu.
https://bugs.launchpad.net/bugs/1922266

Title:
  eth0 interface name change fails on Pi 3/3+

Status in ubuntu-meta package in Ubuntu:
  New

Bug description:
  The netplan configuration in ubuntu-raspi-settings (and more widely,
  the network-config in the gadget used on the server images) fails to
  rename the internal ethernet interface on Pi 3B and 3B+ models from
  "en" to "eth0". In the netplan case this is because the
  driver matching logic doesn't handle space-separate driver matches
  (although the underlying networkd system does); in the cloud-init case
  it simply refuses to rename interfaces that aren't matched by full MAC
  address.

  The intended fix is to stop attempting to do this via netplan or
  cloud-init, and simply handle this via a networkd .link file in
  ubuntu-raspi-settings. This will require an update to the relevant
  seeds as this package is currently only pulled into ubuntu-desktop-
  raspi, not ubuntu-server-raspi.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/1922266/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1916485] Re: test -x fails inside shell scripts in containers

2021-04-08 Thread Łukasz Zemczak
I see verification of runc in comment #37 for all series - but groovy
isn't marked as verified. Is there anything missing in the verification?
Or can we release runc for groovy safely?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1916485

Title:
  test -x fails inside shell scripts in containers

Status in docker.io package in Ubuntu:
  New
Status in glibc package in Ubuntu:
  Opinion
Status in libseccomp package in Ubuntu:
  Fix Committed
Status in runc package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  Fix Released
Status in docker.io source package in Xenial:
  New
Status in libseccomp source package in Xenial:
  New
Status in runc source package in Xenial:
  New
Status in systemd source package in Xenial:
  Invalid
Status in docker.io source package in Bionic:
  New
Status in libseccomp source package in Bionic:
  New
Status in runc source package in Bionic:
  Fix Committed
Status in systemd source package in Bionic:
  Fix Committed
Status in docker.io source package in Focal:
  New
Status in libseccomp source package in Focal:
  New
Status in runc source package in Focal:
  Fix Committed
Status in systemd source package in Focal:
  Fix Released
Status in docker.io source package in Groovy:
  New
Status in libseccomp source package in Groovy:
  New
Status in runc source package in Groovy:
  Fix Committed
Status in systemd source package in Groovy:
  Fix Released
Status in docker.io source package in Hirsute:
  New
Status in libseccomp source package in Hirsute:
  Fix Committed
Status in runc source package in Hirsute:
  Fix Released
Status in systemd source package in Hirsute:
  Fix Released
Status in systemd package in Debian:
  Fix Released

Bug description:
  (SRU template for systemd)

  [impact]

  bash (and some other shells) builtin test command -x operation fails

  [test case]

  on any affected host system, start nspawn container, e.g.:

  $ sudo apt install systemd-container
  $ wget 
https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
  $ mkdir h
  $ cd h
  $ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
  $ sudo systemd-nspawn

  Then from a bash shell, verify if test -x works:

  root@h:~# ls -l /usr/bin/gpg
  -rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
  root@h:~# test -x /usr/bin/gpg || echo "fail"
  fail

  [regression potential]

  any regression would likely occur during a syscall, most likely
  faccessat2(), or during other syscalls.

  [scope]

  this is needed for b/f

  this is fixed upstream by commit
  bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so
  this is fixed in h

  this was pulled into Debian at version 246.2 in commit
  e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g

  in x, the entire systemd seccomp code is completely different and the
  patch doesn't apply, nor does it appear to be needed, as the problem
  doesn't reproduce in a h container under x.

  [other info]

  this needs fixing in libseccomp as well

  [original description]

  glibc regression causes test -x to fail inside scripts inside
  docker/podman, dash and bash are broken, mksh and zsh are fine:

  root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
  root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
  Fail
  root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
  Fail
  root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
  root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
  root@0df2ce5d7a46:/#

  root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
  root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
  root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
  Fail
  root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail"
  Fail

  The -f flag works, as does /usr/bin/test:
  # bash -c "test -f /usr/bin/gpg  || echo Fail"
  # bash -c "/usr/bin/test -x /usr/bin/gpg  || echo Fail"
  #

  [Original bug report]
  root@84b750e443f8:/# lsb_release -rd
  Description:  Ubuntu Hirsute Hippo (development branch)
  Release:  21.04
  root@84b750e443f8:/# dpkg -l gnupg apt
  Desired=Unknown/Install/Remove/Purge/Hold
  | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
  |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
  ||/ Name   Version Architecture Description
  
+++-==-===--==
  ii  apt2.1.20  amd64commandline package manager
  ii  gnupg  2.2.20-1ubuntu2 all  GNU privacy guard - a free 
PGP replacement

  Hi,
  for 3 days our CI pipelines to recreate Docker images fails for the Hirsute 
images. From comparison this seems to be caused by apt 2.1.20.

  The build fails with:

  0E: gnupg, gnupg2 and 

[Touch-packages] [Bug 1920837] Re: apport bugs from official raspi or riscv images are not identified

2021-04-06 Thread Łukasz Zemczak
I just looked at the change and I have a question regarding it. I don't
know the apport code-base so I'd like to confirm something: right now I
see you're keying on 'ImageMediaBuild' being provided (is it only on
preinstalled media?) and then adding the 'raspi-image' tag when the arch
is arm64 or armhf. Is this raspberry-pi specific? What I mean is, what
if we start building some preinstalled non-pi arm images? Will those
then get tagged as raspi-image as well then?

I know that currently we don't build any arm preinstalled images like
these, but this feels to me like something we might forget changing in
the future and then start seeing bunch of unrelated bugs tagged as such.
Is there no way we could check for raspi subarch? Or is this the best
way?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1920837

Title:
  apport bugs from official raspi or riscv images are not identified

Status in apport package in Ubuntu:
  Fix Released
Status in apport source package in Focal:
  In Progress
Status in apport source package in Groovy:
  In Progress

Bug description:
  It would be helpful if bugs reported from images for Raspberry Pi's or
  RISCV systems were tagged so that one could search for bugs from
  systems running those images e.g. 'raspi-image'.

  [Test Case]
  After installing a preinstalled image of Ubuntu for Raspberry Pi do the 
following:
  1) run 'ubuntu-bug apport'
  2) view the bug report and check the Tags field

  With the current version of apport you will not see the tag 'raspi-image'.
  With the version of apport in -proposed you will see the tag 'raspi-image'.

  [Where problems could occur]
  If the code being added is syntactically incorrect then we'd see a Traceback 
which would be bad as it could affect all bug / crash reports.

  [Other Info]
  Since there aren't any Groovy images for RISC-V there will be nothing to test 
there.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1920837/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1918696] Re: libseccomp 2.5.1 will break unit tests on ppc

2021-03-29 Thread Łukasz Zemczak
What about xenial? Is xenial unaffected by this?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1918696

Title:
  libseccomp 2.5.1 will break unit tests on ppc

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Bionic:
  Fix Committed
Status in systemd source package in Focal:
  Fix Committed
Status in systemd source package in Groovy:
  Fix Committed

Bug description:
  [impact]

  when libseccomp is upgraded to 2.5.1 on all releases, the systemd
  seccomp unit tests will start failing on ppc, as
  RestrictAddressFamilies= will no longer work on that arch.

  However, the systemd.exec man page has stated that
  RestrictAddressFamiles= doesn't work on ppc since before bionic.

  [test case]

  check systemd autopkgtest on ppc, looking at the
  test_restrict_access_familes unit test

  [regression potential]

  any regression would involve the use of RestrictAddressFamilies=,
  either no longer restricting or incorrectly restricting address
  familes.

  [scope]

  this is needed for b/f/g

  this was fixed upstream by commit
  d5923e38bc0e6cf9d7620ed5f1f8606fe7fe1168 which is included in 247, so
  this is fixed in h already

  This isn't needed in x, because it doesn't include upstream commit
  469830d1426a91e0897c321fdc8ee428f0a750c1 which reworked the code to
  switch from seccomp_rule_add to seccomp_rule_add_exact, so systemd
  could handle lack of arch support itself, instead of allowing the 'not
  exact' seccomp syscall to just ignore the call due to lack of arch
  support.

  [other info]

  libseccomp will be updated to 2.5.1 in the near future so this is
  needed before that update

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1918696/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1913763] Re: hyperv: unable to distinguish PTP devices

2021-03-29 Thread Łukasz Zemczak
Hello Gauthier, or anyone else affected,

Accepted systemd into xenial-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/systemd/229-4ubuntu21.30 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
xenial to verification-done-xenial. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-xenial. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: systemd (Ubuntu Xenial)
   Status: New => Fix Committed

** Tags removed: verification-done
** Tags added: verification-needed verification-needed-xenial

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1913763

Title:
  hyperv: unable to distinguish PTP devices

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Xenial:
  Fix Committed
Status in systemd source package in Bionic:
  Fix Released
Status in systemd source package in Focal:
  Fix Released
Status in systemd source package in Groovy:
  Fix Released

Bug description:
  [impact]

  the /dev/ptp0 device for a hyperv instance may not be the correct,
  hyperv-provided, ptp device.

  [test case]

  on some hyperv instance types, particularly those that might contain
  passthrough network card(s) that also provide ptp, the first ptp
  device may not be the correct one to use for ptp, e.g. there may be
  multiple ones:

  $ ls /dev/ptp*
  /dev/ptp0 /dev/ptp1
  $ cat /sys/class/ptp/ptp0/clock_name
  hyperv
  $ cat /sys/class/ptp/ptp1/clock_name
  mlx5_p2p

  the order can change across boots, so a consistent way of addressing
  the hyperv-provided one is needed

  [regression potential]

  any regression would involve failure to properly create the ptp
  symlink, or other failure while udev is processing newly detected ptp
  device(s)

  [scope]

  this is needed in all releases

  this was fixed upstream with the commit
  32e868f058da8b90add00b2958c516241c532b70 which is not yet included in
  any release

  [original description]

  Hyperv provides a PTP device. On system with multiple PTP devices,
  services like Chrony don't have a way to know which one is which.

  We would like to have a udev rule to create a symlink to the hyperv
  clock. This way, services could be configured to always use this clock
  no matter if it is ptp0, ptp1, etc..

  For example:

  ```
  SUBSYSTEM=="ptp", ATTR{clock_name}=="hyperv", SYMLINK += "ptp_hyperv"
  ```

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1913763/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1891810] Re: Backport 2.5.1 to fix missing openat2 syscall, causing problems for fuse-overlayfs in nspawn containers

2021-03-29 Thread Łukasz Zemczak
I don't see a fix for systemd's LP: #1918696 in the systemd xenial SRU
in the queue - is xenial unaffected by the ppc64el test issues? Also,
SRUs for focal and groovy had some additional systemd changes besides
libseccomp to get things working - are those also not needed in xenial?

I'd like someone to make sure that's the case.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1891810

Title:
  Backport 2.5.1 to fix missing openat2 syscall, causing problems for
  fuse-overlayfs in nspawn containers

Status in libseccomp package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  New
Status in libseccomp source package in Xenial:
  Fix Committed
Status in systemd source package in Xenial:
  New
Status in libseccomp source package in Bionic:
  Fix Committed
Status in systemd source package in Bionic:
  Fix Committed
Status in libseccomp source package in Focal:
  Fix Committed
Status in systemd source package in Focal:
  Fix Committed
Status in libseccomp source package in Groovy:
  Fix Committed
Status in systemd source package in Groovy:
  New
Status in libseccomp source package in Hirsute:
  Fix Released
Status in systemd source package in Hirsute:
  New

Bug description:
  [Impact]

  The version of libseccomp2 in X/B/F/G does not know about the openat2
  syscall. As such applications that use libseccomp cannot specify a
  system-call filter against this system-call and so it cannot be
  mediated.

  [Test Plan]

  This can be tested by simply running scmp_sys_resolver from the
  seccomp binary package and specifying this system-call:

  Existing behaviour:

  $ scmp_sys_resolver openat2
  -1

  Expected behaviour:

  $ scmp_sys_resolver openat2
  437

  (Note this value will be different on other architectures)

  [Where problems could occur]

  In version 2.5.1 of libseccomp which adds this new system-call,
  changes were also made in the way the socket system-call is handled by
  libseccomp on PPC platforms - this resulted in a change in the
  expected behaviour and so this has already been noticed and a fix is
  required for the systemd unit tests as a result
  https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1918696

  There was also a similar change for s390x but so far no regressions
  have been observed as a result as systemd already expected that
  behaviour from libseccomp, it was only PPC that was missing.

  In the event that a regression is observed however, we can easily
  either patch the affected package to cope with the new behaviour of
  this updated libseccomp since in each case the change in behaviour
  only affects a few system calls on particular architectures, or we can
  revert this update.

  [Other Info]

   * As usual thorough testing of this update has been performed both
  manually via the QA Regression Testing scripts, and via the
  autopkgtest infrastructure against packages in the Ubuntu Security
  Proposed PPA https://launchpad.net/~ubuntu-security-
  proposed/+archive/ubuntu/ppa/ with results seen
  https://people.canonical.com/~platform/security-britney/current/

  I have attached debdiffs of the prepared updates which are also
  sitting in the Ubuntu Security Proposed PPA.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1891810/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1878969] Re: time-epoch never changes in SRUs

2021-03-29 Thread Łukasz Zemczak
Hello Dimitri, or anyone else affected,

Accepted systemd into xenial-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/systemd/229-4ubuntu21.30 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
xenial to verification-done-xenial. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-xenial. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: systemd (Ubuntu Xenial)
   Status: New => Fix Committed

** Tags removed: verification-done
** Tags added: verification-needed verification-needed-xenial

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1878969

Title:
  time-epoch never changes in SRUs

Status in ubuntu-core-initramfs:
  Fix Released
Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Xenial:
  Fix Committed
Status in systemd source package in Bionic:
  Fix Released
Status in systemd source package in Focal:
  Fix Released

Bug description:
  [Impact]

   * Systems without hwclock come up with a fixed time epoch which is not 
updated in SRUs
   * Ideally booting with a newer built of systemd should move time epoch to be 
at least when systemd was last built. For example to the value of 
SOURCE_DATE_EPOCH.

  [Test Case]

   * Boot without network NTP or hwclock
   * Observe that the epoch is the same as the time when NEWS entry in the 
systemd source code was last touched.
   * Boot newer update of systemd, observe that the time epoch is at least 2020

  [Regression Potential]

   * Bad epoch, may result in unable to perform TLS connections,
  validated GPG signatures, and snapd assertions. Changing epoch to be
  more recent is desired. Some machines may rely on the fact that
  "bionic" without hwclock always comes up in year 2018. But in practice
  that is incorrect thing to do.

  [Other Info]
   
   * By default

  option('time-epoch', type : 'integer', value : '-1',
 description : 'time epoch for time clients')

  in systemd is set to the modification time of the NEW entry
  time_epoch = run_command(stat, '-c', '%Y', NEWS).stdout().to_int()

  If available, it should be set to SOURCE_DATE_EPOCH=1585051767 value
  to be compliant with the https://reproducible-
  builds.org/docs/timestamps/ specification.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-core-initramfs/+bug/1878969/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1918696] Re: libseccomp 2.5.1 will break unit tests on ppc

2021-03-29 Thread Łukasz Zemczak
Hello Dan, or anyone else affected,

Accepted systemd into bionic-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/systemd/237-3ubuntu10.46 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
bionic to verification-done-bionic. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-bionic. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: systemd (Ubuntu Bionic)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-bionic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1918696

Title:
  libseccomp 2.5.1 will break unit tests on ppc

Status in systemd package in Ubuntu:
  Fix Released
Status in systemd source package in Bionic:
  Fix Committed
Status in systemd source package in Focal:
  Fix Committed
Status in systemd source package in Groovy:
  Fix Committed

Bug description:
  [impact]

  when libseccomp is upgraded to 2.5.1 on all releases, the systemd
  seccomp unit tests will start failing on ppc, as
  RestrictAddressFamilies= will no longer work on that arch.

  However, the systemd.exec man page has stated that
  RestrictAddressFamiles= doesn't work on ppc since before bionic.

  [test case]

  check systemd autopkgtest on ppc, looking at the
  test_restrict_access_familes unit test

  [regression potential]

  any regression would involve the use of RestrictAddressFamilies=,
  either no longer restricting or incorrectly restricting address
  familes.

  [scope]

  this is needed for b/f/g

  this was fixed upstream by commit
  d5923e38bc0e6cf9d7620ed5f1f8606fe7fe1168 which is included in 247, so
  this is fixed in h already

  This isn't needed in x, because it doesn't include upstream commit
  469830d1426a91e0897c321fdc8ee428f0a750c1 which reworked the code to
  switch from seccomp_rule_add to seccomp_rule_add_exact, so systemd
  could handle lack of arch support itself, instead of allowing the 'not
  exact' seccomp syscall to just ignore the call due to lack of arch
  support.

  [other info]

  libseccomp will be updated to 2.5.1 in the near future so this is
  needed before that update

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1918696/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1891810] Please test proposed package

2021-03-29 Thread Łukasz Zemczak
Hello Steve, or anyone else affected,

Accepted libseccomp into xenial-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/libseccomp/2.5.1-1ubuntu1~16.04.1
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
xenial to verification-done-xenial. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-xenial. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1891810

Title:
  Backport 2.5.1 to fix missing openat2 syscall, causing problems for
  fuse-overlayfs in nspawn containers

Status in libseccomp package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  New
Status in libseccomp source package in Xenial:
  Fix Committed
Status in systemd source package in Xenial:
  New
Status in libseccomp source package in Bionic:
  Fix Committed
Status in systemd source package in Bionic:
  Fix Committed
Status in libseccomp source package in Focal:
  Fix Committed
Status in systemd source package in Focal:
  Fix Committed
Status in libseccomp source package in Groovy:
  Fix Committed
Status in systemd source package in Groovy:
  New
Status in libseccomp source package in Hirsute:
  Fix Released
Status in systemd source package in Hirsute:
  New

Bug description:
  [Impact]

  The version of libseccomp2 in X/B/F/G does not know about the openat2
  syscall. As such applications that use libseccomp cannot specify a
  system-call filter against this system-call and so it cannot be
  mediated.

  [Test Plan]

  This can be tested by simply running scmp_sys_resolver from the
  seccomp binary package and specifying this system-call:

  Existing behaviour:

  $ scmp_sys_resolver openat2
  -1

  Expected behaviour:

  $ scmp_sys_resolver openat2
  437

  (Note this value will be different on other architectures)

  [Where problems could occur]

  In version 2.5.1 of libseccomp which adds this new system-call,
  changes were also made in the way the socket system-call is handled by
  libseccomp on PPC platforms - this resulted in a change in the
  expected behaviour and so this has already been noticed and a fix is
  required for the systemd unit tests as a result
  https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1918696

  There was also a similar change for s390x but so far no regressions
  have been observed as a result as systemd already expected that
  behaviour from libseccomp, it was only PPC that was missing.

  In the event that a regression is observed however, we can easily
  either patch the affected package to cope with the new behaviour of
  this updated libseccomp since in each case the change in behaviour
  only affects a few system calls on particular architectures, or we can
  revert this update.

  [Other Info]

   * As usual thorough testing of this update has been performed both
  manually via the QA Regression Testing scripts, and via the
  autopkgtest infrastructure against packages in the Ubuntu Security
  Proposed PPA https://launchpad.net/~ubuntu-security-
  proposed/+archive/ubuntu/ppa/ with results seen
  https://people.canonical.com/~platform/security-britney/current/

  I have attached debdiffs of the prepared updates which are also
  sitting in the Ubuntu Security Proposed PPA.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1891810/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1891810] Please test proposed package

2021-03-29 Thread Łukasz Zemczak
Hello Steve, or anyone else affected,

Accepted systemd into bionic-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/systemd/237-3ubuntu10.46 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
bionic to verification-done-bionic. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-bionic. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: libseccomp (Ubuntu Xenial)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-xenial

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1891810

Title:
  Backport 2.5.1 to fix missing openat2 syscall, causing problems for
  fuse-overlayfs in nspawn containers

Status in libseccomp package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  New
Status in libseccomp source package in Xenial:
  Fix Committed
Status in systemd source package in Xenial:
  New
Status in libseccomp source package in Bionic:
  Fix Committed
Status in systemd source package in Bionic:
  Fix Committed
Status in libseccomp source package in Focal:
  Fix Committed
Status in systemd source package in Focal:
  Fix Committed
Status in libseccomp source package in Groovy:
  Fix Committed
Status in systemd source package in Groovy:
  New
Status in libseccomp source package in Hirsute:
  Fix Released
Status in systemd source package in Hirsute:
  New

Bug description:
  [Impact]

  The version of libseccomp2 in X/B/F/G does not know about the openat2
  syscall. As such applications that use libseccomp cannot specify a
  system-call filter against this system-call and so it cannot be
  mediated.

  [Test Plan]

  This can be tested by simply running scmp_sys_resolver from the
  seccomp binary package and specifying this system-call:

  Existing behaviour:

  $ scmp_sys_resolver openat2
  -1

  Expected behaviour:

  $ scmp_sys_resolver openat2
  437

  (Note this value will be different on other architectures)

  [Where problems could occur]

  In version 2.5.1 of libseccomp which adds this new system-call,
  changes were also made in the way the socket system-call is handled by
  libseccomp on PPC platforms - this resulted in a change in the
  expected behaviour and so this has already been noticed and a fix is
  required for the systemd unit tests as a result
  https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1918696

  There was also a similar change for s390x but so far no regressions
  have been observed as a result as systemd already expected that
  behaviour from libseccomp, it was only PPC that was missing.

  In the event that a regression is observed however, we can easily
  either patch the affected package to cope with the new behaviour of
  this updated libseccomp since in each case the change in behaviour
  only affects a few system calls on particular architectures, or we can
  revert this update.

  [Other Info]

   * As usual thorough testing of this update has been performed both
  manually via the QA Regression Testing scripts, and via the
  autopkgtest infrastructure against packages in the Ubuntu Security
  Proposed PPA https://launchpad.net/~ubuntu-security-
  proposed/+archive/ubuntu/ppa/ with results seen
  https://people.canonical.com/~platform/security-britney/current/

  I have attached debdiffs of the prepared updates which are also
  sitting in the Ubuntu Security Proposed PPA.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1891810/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1916485] Re: test -x fails inside shell scripts in containers

2021-03-29 Thread Łukasz Zemczak
Hello Florian, or anyone else affected,

Accepted systemd into bionic-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/systemd/237-3ubuntu10.46 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
bionic to verification-done-bionic. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-bionic. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: systemd (Ubuntu Bionic)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1916485

Title:
  test -x fails inside shell scripts in containers

Status in docker.io package in Ubuntu:
  New
Status in glibc package in Ubuntu:
  Opinion
Status in libseccomp package in Ubuntu:
  Fix Committed
Status in runc package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  Fix Released
Status in docker.io source package in Xenial:
  New
Status in libseccomp source package in Xenial:
  New
Status in runc source package in Xenial:
  New
Status in systemd source package in Xenial:
  New
Status in docker.io source package in Bionic:
  New
Status in libseccomp source package in Bionic:
  New
Status in runc source package in Bionic:
  Fix Committed
Status in systemd source package in Bionic:
  Fix Committed
Status in docker.io source package in Focal:
  New
Status in libseccomp source package in Focal:
  New
Status in runc source package in Focal:
  Fix Committed
Status in systemd source package in Focal:
  Fix Committed
Status in docker.io source package in Groovy:
  New
Status in libseccomp source package in Groovy:
  New
Status in runc source package in Groovy:
  Fix Committed
Status in systemd source package in Groovy:
  Fix Released
Status in docker.io source package in Hirsute:
  New
Status in libseccomp source package in Hirsute:
  Fix Committed
Status in runc source package in Hirsute:
  Fix Released
Status in systemd source package in Hirsute:
  Fix Released

Bug description:
  (SRU template for systemd)

  [impact]

  bash (and some other shells) builtin test command -x operation fails

  [test case]

  on any affected host system, start nspawn container, e.g.:

  $ sudo apt install systemd-container
  $ wget 
https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz
  $ mkdir h
  $ cd h
  $ tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz
  $ sudo systemd-nspawn

  Then from a bash shell, verify if test -x works:

  root@h:~# ls -l /usr/bin/gpg
  -rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg
  root@h:~# test -x /usr/bin/gpg || echo "fail"
  fail

  [regression potential]

  any regression would likely occur during a syscall, most likely
  faccessat2(), or during other syscalls.

  [scope]

  this is needed for b/f

  this is fixed upstream by commit
  bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so
  this is fixed in h

  this was pulled into Debian at version 246.2 in commit
  e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g

  in x, the entire systemd seccomp code is completely different and the
  patch doesn't apply, nor does it appear to be needed, as the problem
  doesn't reproduce in a h container under x.

  [other info]

  this needs fixing in libseccomp as well

  [original description]

  glibc regression causes test -x to fail inside scripts inside
  docker/podman, dash and bash are broken, mksh and zsh are fine:

  root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail
  root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail"
  Fail
  root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail"
  Fail
  root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail"
  root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail"
  root@0df2ce5d7a46:/#

  root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail"
  root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail"
  root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail"
  Fail
  root@0df2ce5d7a46:/# bash 

[Touch-packages] [Bug 1891810] Re: Backport 2.5.1 to fix missing openat2 syscall, causing problems for fuse-overlayfs in nspawn containers

2021-03-29 Thread Łukasz Zemczak
Hello Steve, or anyone else affected,

Accepted libseccomp into bionic-proposed. The package will build now and
be available at
https://launchpad.net/ubuntu/+source/libseccomp/2.5.1-1ubuntu1~18.04.1
in a few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
bionic to verification-done-bionic. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-bionic. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: libseccomp (Ubuntu Bionic)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-bionic

** Changed in: systemd (Ubuntu Bionic)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1891810

Title:
  Backport 2.5.1 to fix missing openat2 syscall, causing problems for
  fuse-overlayfs in nspawn containers

Status in libseccomp package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  New
Status in libseccomp source package in Xenial:
  Fix Committed
Status in systemd source package in Xenial:
  New
Status in libseccomp source package in Bionic:
  Fix Committed
Status in systemd source package in Bionic:
  Fix Committed
Status in libseccomp source package in Focal:
  Fix Committed
Status in systemd source package in Focal:
  Fix Committed
Status in libseccomp source package in Groovy:
  Fix Committed
Status in systemd source package in Groovy:
  New
Status in libseccomp source package in Hirsute:
  Fix Released
Status in systemd source package in Hirsute:
  New

Bug description:
  [Impact]

  The version of libseccomp2 in X/B/F/G does not know about the openat2
  syscall. As such applications that use libseccomp cannot specify a
  system-call filter against this system-call and so it cannot be
  mediated.

  [Test Plan]

  This can be tested by simply running scmp_sys_resolver from the
  seccomp binary package and specifying this system-call:

  Existing behaviour:

  $ scmp_sys_resolver openat2
  -1

  Expected behaviour:

  $ scmp_sys_resolver openat2
  437

  (Note this value will be different on other architectures)

  [Where problems could occur]

  In version 2.5.1 of libseccomp which adds this new system-call,
  changes were also made in the way the socket system-call is handled by
  libseccomp on PPC platforms - this resulted in a change in the
  expected behaviour and so this has already been noticed and a fix is
  required for the systemd unit tests as a result
  https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1918696

  There was also a similar change for s390x but so far no regressions
  have been observed as a result as systemd already expected that
  behaviour from libseccomp, it was only PPC that was missing.

  In the event that a regression is observed however, we can easily
  either patch the affected package to cope with the new behaviour of
  this updated libseccomp since in each case the change in behaviour
  only affects a few system calls on particular architectures, or we can
  revert this update.

  [Other Info]

   * As usual thorough testing of this update has been performed both
  manually via the QA Regression Testing scripts, and via the
  autopkgtest infrastructure against packages in the Ubuntu Security
  Proposed PPA https://launchpad.net/~ubuntu-security-
  proposed/+archive/ubuntu/ppa/ with results seen
  https://people.canonical.com/~platform/security-britney/current/

  I have attached debdiffs of the prepared updates which are also
  sitting in the Ubuntu Security Proposed PPA.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/1891810/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp


[Touch-packages] [Bug 1887744] Re: systemd dumps core on starting service: Assertion 'u->instance' failed at src/core/load-fragment.c:4798

2021-03-29 Thread Łukasz Zemczak
Hello Jeff, or anyone else affected,

Accepted systemd into focal-proposed. The package will build now and be
available at
https://launchpad.net/ubuntu/+source/systemd/245.4-4ubuntu3.6 in a few
hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
focal to verification-done-focal. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-focal. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: systemd (Ubuntu Focal)
   Status: In Progress => Fix Committed

** Tags added: verification-needed-focal

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1887744

Title:
  systemd dumps core on starting service: Assertion 'u->instance' failed
  at src/core/load-fragment.c:4798

Status in systemd:
  Fix Released
Status in systemd package in Ubuntu:
  In Progress
Status in systemd source package in Xenial:
  Invalid
Status in systemd source package in Bionic:
  Invalid
Status in systemd source package in Focal:
  Fix Committed
Status in systemd source package in Groovy:
  Fix Committed
Status in systemd source package in Hirsute:
  In Progress

Bug description:
  [impact]

  if a non-template service file is created as a symlink to a template
  service file outside the normal unit file paths, systemd will fail
  assertion and crash

  [test case]

  su -
  cat < /crashsystemd@.service
  [Unit]
  Description=Template for instance %i

  [Service]
  ExecStart=/bin/true
  EOF

  cd /etc/systemd/system
  ln -s /crashsystemd@.service crashsystemd.service
  systemctl daemon-reload
  systemctl start crashsystemd

  [regression potential]

  any regression would likely cause a failed assertion and crash, or
  failure to properly parse and/or load a service file that is a symlink

  [scope]

  this is needed in f/g/h

  this is fixed upstream by commit
  3aa57658434e7a95c6000bebb166c31f1c6d051b which is included in
  v248-rc1, so this is not fixed in any release yet

  this was introduced by the changes in commit e8630e69523 which was
  first included in v243, so this bug doesn't exist in b or earlier

  [original description]

  On an Ubuntu 20.04 server, when I started a newly installed systemd
  service 'systemctl start testemail2jira.service', systemd trips on an
  assertion (from journalctl):

  Jul 16 13:49:12 pangolin-jiraconf systemd[1]: Assertion 'u->instance' failed 
at src/core/load-fragment.c:4798, function unit_load_fragment(). Aborting.
  Jul 16 13:49:13 pangolin-jiraconf systemd[1]: Caught , dumped core as 
pid 2906637.
  Jul 16 13:49:13 pangolin-jiraconf systemd[1]: Freezing execution.

  apport generates a core dump which I trust is attached.

  The server still works, but my terminal keeps showing:

  Failed to get properties: Failed to activate service
  'org.freedesktop.systemd1': timed out (service_start_timeout=25000ms)

  and pauses for 25s after each command.

  In case it's relevant, the  i was trying to start had just
  been symlinked into /etc/systemd/system/:

  root@pangolin-jiraconf # ls -la /etc/systemd/system/testemail2jira.service
  lrwxrwxrwx 1 root root 82 Jul 16 13:48 
/etc/systemd/system/testemail2jira.service -> 
/opt/atlassian/jira/current/emailprocessing/testemail2jira/testemail2jira@.service

  File contents:

  [Unit]
  Description=Check that email to %i JIRA works

  [Service]
  #Type=oneshot
  # Note: I keep the config file, testemail2jira.json5 and rsa.* files in 
emailprocessing/, one directory below testemail2jira/, so that they can be 
version-controlled independently.
  # If you want testemail2jira.json5 and rsa.* within testemail2jira/, then add 
testemail2jira/ to WorkingDirectory and remove it from the ExecStart command
  WorkingDirectory=/opt/atlassian/%i/current/emailprocessing
  
ExecStart=/opt/atlassian/%i/current/emailprocessing/testemail2jira/venv/bin/python
 testemail2jira/testemail2jira.py
  User=root

  [Install]
  WantedBy=multi-user.target

  Perhaps the problem is that my service file is a template
  (testemail2jira@.service), but I symlinked it as a regular
  

  1   2   3   4   5   6   7   8   9   10   >