[Touch-packages] [Bug 1973733] Re: no change rebuild to get security update out on riscv64

2022-06-01 Thread Dimitri John Ledkov
There was another security upload on 27th of may which is built on all arches, thus this rebuild is no longer needed. please reject cups from focal unapproved. ** Changed in: cups (Ubuntu Focal) Status: In Progress => Fix Released ** Changed in: cups (Ubuntu Focal) Status: Fix

[Touch-packages] [Bug 1973733] Re: no change rebuild to get security update out on riscv64

2022-06-01 Thread Dimitri John Ledkov
Ah - is it that the same version is now built and published in Groovy and we can't safely copy the binary backwards? => correct. I didn't check if we can or cannot safely copy the binary backwards, but imho we should not. This is not going via focal-security, because the security issue has

[Touch-packages] [Bug 1974056] Re: iptables-1.8.7/iptables/tests/shell/testcases/nft-only/0009-needless-bitwise_0 fails on s390x

2022-05-18 Thread Dimitri John Ledkov
** Tags added: rls-kk-incoming ** Description changed: In Ubuntu, we execute the full iptables shell testcases across all architectures. They seem to all pass everywhere, however iptables-1.8.7/iptables/tests/shell/testcases/nft-only/0009-needless- bitwise_0 is currently

[Touch-packages] [Bug 1974056] [NEW] iptables-1.8.7/iptables/tests/shell/testcases/nft-only/0009-needless-bitwise_0 fails on s390x

2022-05-18 Thread Dimitri John Ledkov
Public bug reported: In Ubuntu, we execute the full iptables shell testcases across all architectures. They seem to all pass everywhere, however iptables-1.8.7/iptables/tests/shell/testcases/nft-only/0009-needless- bitwise_0 is currently failing on s390x like so: command17FAIL

[Touch-packages] [Bug 1973734] [NEW] FTBFS on riscv64 in focal

2022-05-17 Thread Dimitri John Ledkov
Public bug reported: [Impact] * FTBFS on riscv64 in focal in unittest of volume test * Disable that unit test, as later releases do not run unittests on riscv64, and it's better to have up to date pulseaudio on riscv64 (with many security fixes), even if it doesn't completely correctly work.

[Touch-packages] [Bug 1973733] [NEW] no change rebuild to get security update out on riscv64

2022-05-17 Thread Dimitri John Ledkov
Public bug reported: no change rebuild to get riscv64 build out [Impact]  * riscv64 build of cups security update failed, and then succeeded in groovy. See https://launchpad.net/ubuntu/+source/cups/2.3.1-9ubuntu1.1  * it means that focal-updates & focal-security are lacking a security update

[Touch-packages] [Bug 1962332] Re: xenial systemd fails to start if unified-only (non-hybrid) cgroup2 is mounted on jammy hosts

2022-05-10 Thread Dimitri John Ledkov
I've attempted to prepare naive SRUs and it doesn't get me far yet. The issue is that unified cgroups2 support in xenial's systemd is rudimental, and falls apart very quickly with none of the xenial userspace expecting or able to work correctly with unified cgroups2 setup. I fear that it will not

[Touch-packages] [Bug 1961427] Re: zlib: compressBound() returns an incorrect result on z15

2022-05-10 Thread Dimitri John Ledkov
Usually we try to avoid using embedded copies of code. Is it at all possible to convert some of the affected packages to use/reuse a shared library instead? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to zlib in Ubuntu.

[Touch-packages] [Bug 1962332] Re: xenial systemd fails to start if cgroup2 is mounted

2022-05-06 Thread Dimitri John Ledkov
** Description changed: [impact] now that jammy has moved to using unified cgroup2, containers started on jammy must also use unified cgroup2 (since the cgroup subsystems can only be mounted as v1 or v2 throughout the entire system, including inside containers). However, the

[Touch-packages] [Bug 1949603] Re: iptables-save -c shows incorrect counters with iptables-nft

2022-04-27 Thread Dimitri John Ledkov
And s390x =( -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https://bugs.launchpad.net/bugs/1949603 Title: iptables-save -c shows incorrect counters with iptables-nft Status in iptables package in

[Touch-packages] [Bug 1949603] Re: iptables-save -c shows incorrect counters with iptables-nft

2022-04-27 Thread Dimitri John Ledkov
The newly enabled autopkgtest appears to regress on i386 =/ -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https://bugs.launchpad.net/bugs/1949603 Title: iptables-save -c shows incorrect counters with

[Touch-packages] [Bug 1933491] Re: kmod add zstd support

2022-04-27 Thread Dimitri John Ledkov
# dpkg-query -W kmod kmod27-1ubuntu2 # modinfo ./zstd.ko.zst modinfo: ERROR: Module alias ./zstd.ko.zst not found. upgraded to new kmod: # dpkg-query -W kmod kmod27-1ubuntu2.1 # modinfo ./zstd.ko.zst filename: /lib/modules/5.4.0-109-generic/kernel/crypto/./zstd.ko.zst alias:

[Touch-packages] [Bug 1933491] Re: kmod add zstd support

2022-04-27 Thread Dimitri John Ledkov
initramfs-tools ADT test passed on retry. the kernel tests mentioned above are now for EOL kernels that have since all rolled to 5.13. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to kmod in Ubuntu.

[Touch-packages] [Bug 1940528] Re: curl 7.68 does not init OpenSSL correctly

2022-04-27 Thread Dimitri John Ledkov
1) downgraded openssl to 1.1.1f-1ubuntu2.9 such that it doesn't have double free fix that was released in https://launchpad.net/ubuntu/+source/openssl/1.1.1f-1ubuntu2.10 2) installed old pka module from commit b0f32fa05298bf9e3997ea43fc1c11b90e0d662f 3) installed focal-updates version of curl

[Touch-packages] [Bug 1968912] Re: vim.tiny reports 'E1187: Failed to source defaults.vim' on execution in default install

2022-04-19 Thread Dimitri John Ledkov
It seems that view, as provided by vim.tiny now attempts to load defaults.vim, which is shipped in the large vim-runtime package. All vims depend on vim-common. It would seem to me that we should move defaults.vim from vim-runtime to vim-common. -- You received this bug notification because you

[Touch-packages] [Bug 1967593] Re: kernel modules going missing after reboot

2022-04-04 Thread Dimitri John Ledkov
** Also affects: ubuntu-meta (Ubuntu) Importance: Undecided Status: New ** Changed in: ubuntu-meta (Ubuntu) Importance: Undecided => Critical ** Changed in: ubuntu-meta (Ubuntu) Milestone: None => ubuntu-22.04 ** Tags added: rls-ff-incoming ** Tags removed: rls-ff-incoming **

[Touch-packages] [Bug 1949603] Re: iptables-save -c shows incorrect counters with iptables-nft

2022-04-01 Thread Dimitri John Ledkov
** Changed in: iptables (Ubuntu Impish) Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https://bugs.launchpad.net/bugs/1949603 Title: iptables-save -c shows

[Touch-packages] [Bug 1965293] Re: systemd/248.3-1ubuntu8.2 ADT test failure (tests-in-lxd) with linux/5.13.0-37.42

2022-03-17 Thread Dimitri John Ledkov
** Tags added: rls-ii-incoming ** Tags added: rls-jj-incoming -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1965293 Title: systemd/248.3-1ubuntu8.2 ADT test failure

[Touch-packages] [Bug 1962332] Re: xenial systemd fails to start if cgroup2 is mounted

2022-03-07 Thread Dimitri John Ledkov
Backporting 099619957a0 to xenial will mean that systemd will gain ability to use cgroups2 as shipped in the xenial's ga v4.4 kernel. it will mean that xenial containers on top of bionic's ga kernel will fail to use cgroups2. however at the time it was an experimental feature which was not

[Touch-packages] [Bug 1962332] Re: xenial systemd fails to start if cgroup2 is mounted

2022-03-07 Thread Dimitri John Ledkov
** Description changed: [impact] now that jammy has moved to using unified cgroup2, containers started on jammy must also use unified cgroup2 (since the cgroup subsystems can only be mounted as v1 or v2 throughout the entire system, including inside containers). However, the

[Touch-packages] [Bug 1962332] Re: xenial systemd fails to start if cgroup2 is mounted

2022-03-04 Thread Dimitri John Ledkov
hm, $ lxc launch --vm ubuntu:xenial fails for me ** Description changed: [impact] now that jammy has moved to using unified cgroup2, containers started on jammy must also use unified cgroup2 (since the cgroup subsystems can only be mounted as v1 or v2 throughout the entire system,

[Touch-packages] [Bug 1962332] Re: xenial systemd fails to start if cgroup2 is mounted

2022-03-04 Thread Dimitri John Ledkov
** Description changed: [impact] now that jammy has moved to using unified cgroup2, containers started on jammy must also use unified cgroup2 (since the cgroup subsystems can only be mounted as v1 or v2 throughout the entire system, including inside containers). However, the

[Touch-packages] [Bug 1962332] Re: xenial systemd fails to start if cgroup2 is mounted

2022-03-04 Thread Dimitri John Ledkov
Irrespective of ESM status, we have always had extremely long support overlaps both backwards and forwards between ubuntu releases. At the moment, my only solution is to use lxd vms; i.e. do $ lxc launch --vm ubuntu:xenial However, I say for the sake of ease of development, testing, upgrades,

[Touch-packages] [Bug 1959085] Re: Ubuntu 22.04 boot stuck in initramfs, when installed with zfs encryption

2022-02-25 Thread Dimitri John Ledkov
On 21.10, zfs-linux packages 2.0.6-1ubuntu2 generate incorrect boot entries for snapshoted systems, please upgrade to 2.0.6-1ubuntu2.1. Snapshots created with the broken old version are not bootable. ** Changed in: zfs-linux (Ubuntu) Status: Incomplete => Fix Released ** Changed in:

[Touch-packages] [Bug 1959085] Re: Ubuntu 22.04 boot stuck in initramfs, when installed with zfs encryption

2022-02-25 Thread Dimitri John Ledkov
Ubuntu 22.04 daily images testing issues have been resolved and a new image promoted, jammy installs are now working correctly. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.

[Touch-packages] [Bug 1959085] Re: Ubuntu 21.10 boot stuck in initramfs

2022-02-24 Thread Dimitri John Ledkov
This is fixed release in pending images; which are failing installation due to other bugs. Once those bugs are resolved, and a new image is promoted, it shouldn't experience this zfs issue. So we are blocked on getting Ubuntu Desktop ISO passing the daily automated testing and getting promoted.

[Touch-packages] [Bug 1961196] Re: apparmor autotest failure on jammy with linux 5.15

2022-02-21 Thread Dimitri John Ledkov
Ah, it is president's day & night time in australia. I will upload this, to unblock releasing jammy kernels. And we can revisit this once everyone is back to back this out; or get a different implementation in. Blocking kernel testing with app armor test suite is developer time critical, and

[Touch-packages] [Bug 1961196] Re: apparmor autotest failure on jammy with linux 5.15

2022-02-21 Thread Dimitri John Ledkov
@alexmurray @jjohansen When are updated apparmor going to be upload that continues to pass existing test-suites / adt? At this point failing apparmor ADT, blocks releasing all kernels in jammy, preventing development of all kernels, and prevents security kernel fixes. To unblock kernel

[Touch-packages] [Bug 1947311] Re: Unexpected partition growth on first boot on impish for raspberry pi

2022-02-18 Thread Dimitri John Ledkov
systemd stuff did either partition or fs but not both. we used the cloud initramfs implementation on the desktop, because yes, it doesn't do cloud-init. probably moving that out of the common seed will help. -- You received this bug notification because you are a member of Ubuntu Touch seeded

[Touch-packages] [Bug 1960083] Re: dirname applet missing from initramfs

2022-02-15 Thread Dimitri John Ledkov
Downloaded the iso today doesn't mean the iso was built today, or if it contains this update. jammy installer iso are attempted to be built daily, but are only published once they pass automated smoke testing and validation. The last image that passed that was built on 2nd of February. And builds

[Touch-packages] [Bug 1960083] Re: dirname applet missing from initramfs

2022-02-15 Thread Dimitri John Ledkov
Fix was released in busybox 1:1.30.1-7ubuntu3 and requires initramfs rebuild your screenshot clearly shows version number 1:1.30.1-7ubuntu2 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu.

[Touch-packages] [Bug 1958594] Re: Boot error: libgcc_s.so.1 must be installed for pthread_exit to work

2022-02-08 Thread Dimitri John Ledkov
To be fair we don't need the empty pthread in the initramfs, we only need the non-empty dynamically opened libgcc_s, but it shouldn't hurt either. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.

[Touch-packages] [Bug 1950996] Re: Missing all modules for usb nics in initrd which makes PXE boot impossible

2022-02-08 Thread Dimitri John Ledkov
** Changed in: initramfs-tools (Ubuntu Jammy) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1950996 Title: Missing

[Touch-packages] [Bug 1958594] Re: Boot error: libgcc_s.so.1 must be installed for pthread_exit to work

2022-02-08 Thread Dimitri John Ledkov
** Changed in: initramfs-tools (Ubuntu Jammy) Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1958594 Title: Boot error:

[Touch-packages] [Bug 1958594] Re: Boot error: libgcc_s.so.1 must be installed for pthread_exit to work

2022-02-08 Thread Dimitri John Ledkov
With above, when testing I now get: Adding binary /usr/lib/initramfs-tools/bin/gcc_s1-stub Adding binary /lib/x86_64-linux-gnu/libgcc_s.so.1 Adding binary /lib/x86_64-linux-gnu/libc.so.6 Adding binary-link /usr/lib64/ld-linux-x86-64.so.2 Adding binary

[Touch-packages] [Bug 1958594] Re: Boot error: libgcc_s.so.1 must be installed for pthread_exit to work

2022-02-08 Thread Dimitri John Ledkov
$ gcc -Wl,--no-as-needed -shared -l:libpthread.so.0 -l:libgcc_s.so.1 -o bla $ ldd bla linux-vdso.so.1 (0x7ffe0e7e6000) libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x7feeeaa32000) libgcc_s.so.1 => /lib/x86_64-linux-gnu/libgcc_s.so.1

[Touch-packages] [Bug 1958594] Re: Boot error: libgcc_s.so.1 must be installed for pthread_exit to work

2022-02-08 Thread Dimitri John Ledkov
With that branch rebased, and typpos fixed up testing locally does produce this: Adding binary /usr/lib/initramfs-tools/bin/gcc_s1-stub Adding binary /lib/x86_64-linux-gnu/libgcc_s.so.1 Adding binary /lib/x86_64-linux-gnu/libc.so.6 Adding binary-link /usr/lib64/ld-linux-x86-64.so.2 Adding binary

[Touch-packages] [Bug 1950996] Re: Missing all modules for usb nics in initrd which makes PXE boot impossible

2022-02-08 Thread Dimitri John Ledkov
** Changed in: initramfs-tools (Ubuntu Jammy) Status: Triaged => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1950996 Title: Missing all

[Touch-packages] [Bug 1958594] Re: Boot error: libgcc_s.so.1 must be installed for pthread_exit to work

2022-02-08 Thread Dimitri John Ledkov
We have been bitten by this before. And Last time I did proposed to do this: - create a stub binary tha tis linked with pthread and libgcc_s - copy_exec that into the initramfs https://code.launchpad.net/~xnox/ubuntu/+source/initramfs- tools/+git/initramfs-tools/+merge/385243 This ensures that

[Touch-packages] [Bug 1958904] Re: autopkgtest is failing on jammy with "no space left on device"

2022-02-02 Thread Dimitri John Ledkov
Autopkgtests completed successfully on both impish and focal. ** Tags removed: verification-needed verification-needed-focal verification-needed-impish ** Tags added: verification-done verification-done-focal verification-done-impish -- You received this bug notification because you are a

[Touch-packages] [Bug 1933491] Re: kmod add zstd support

2022-02-01 Thread Dimitri John Ledkov
@sil2100 --disable-test-modules \ override_dh_auto_test: + dh_auto_test --builddir=build-deb are needed together to enable building and running unittests during build. Note previously focal builds did not run unittests at all. The autoconf help text for the option says "disable

[Touch-packages] [Bug 1933491] Re: kmod add zstd support

2022-01-31 Thread Dimitri John Ledkov
** Bug watch added: Debian Bug tracker #990092 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990092 ** Also affects: kmod (Debian) via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=990092 Importance: Unknown Status: Unknown -- You received this bug notification because

[Touch-packages] [Bug 1958594] Re: Boot error: libgcc_s.so.1 must be installed for pthread_exit to work

2022-01-31 Thread Dimitri John Ledkov
It feels like we should just copy libgcc_s.so.1 and libpthread always. It is tiny in size and something is bound to use them. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.

[Touch-packages] [Bug 1932329] Re: Benchmark if we can compress kernel modules

2022-01-28 Thread Dimitri John Ledkov
: Dimitri John Ledkov (xnox) Status: In Progress ** Also affects: initramfs-tools (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Focal) Importance: Undecided Status: New ** No longer affects: linux (Ubuntu Impish) ** No longer affects: linux

[Touch-packages] [Bug 1942260] Re: compress firmware in /lib/firmware

2022-01-28 Thread Dimitri John Ledkov
** Description changed: + -- initramfs-tools + + [Impact] + + * linux supports xz compressed linux-firmware which saves disk space. + In focal, initramfs-tools only knows how to included uncompressed + firmware files (even when kernel supports loading compressed ones). + Newer releases of

[Touch-packages] [Bug 1933491] Re: kmod add zstd support

2022-01-28 Thread Dimitri John Ledkov
** Description changed: - kmod add zstd support + [Impact] - * v27+ needs patches cherrypicked from v28 + * To safe diskspace, upcoming devel series / hwe kernels may turn on + zstd kernel module compression. Kmod since impish support zstd support. + But in order to keep hwe kernels at

[Touch-packages] [Bug 1958904] Re: autopkgtest is failing on jammy with "no space left on device"

2022-01-28 Thread Dimitri John Ledkov
I wonder if I should have included feature backports to support compressed kernel modules & coompressed firmware files https://launchpad.net/ubuntu/+source/initramfs-tools/0.140ubuntu8 This would be actually useful, and would allow us to enable compressed kernel modules for jammy and hwe-5.15

[Touch-packages] [Bug 1958904] Re: autopkgtest is failing on jammy with "no space left on device"

2022-01-26 Thread Dimitri John Ledkov
uploaded into unapproved queue -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1958904 Title: autopkgtest is failing on jammy with "no space left on device"

[Touch-packages] [Bug 1958904] Re: autopkgtest is failing on jammy with "no space left on device"

2022-01-26 Thread Dimitri John Ledkov
@brian-murray Unfortunately, it would mean that kernel-teams adt-matrix would still need to be hinted, as it does strict adt test runs against each kernel flavour, against packages in updates only, and enforces that every kernel flavour is tested. However, I also think that this adt test may not

[Touch-packages] [Bug 1958904] Re: autopkgtest is failing on jammy with "no space left on device"

2022-01-25 Thread Dimitri John Ledkov
** Changed in: initramfs-tools (Ubuntu) Status: New => Fix Committed ** Changed in: initramfs-tools (Ubuntu) Importance: Undecided => Critical ** Changed in: initramfs-tools (Ubuntu) Assignee: (unassigned) => Dimitri John Ledkov (xnox) -- You received this bug not

[Touch-packages] [Bug 1958676] Re: error: too early for operation, device not yet seeded or device model not acknowledged Install failed

2022-01-22 Thread Dimitri John Ledkov
I guess i can modify init-system-helpers again, to dump journal from the build such that we can see what is going on. ** Also affects: launchpad-buildd Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages,

[Touch-packages] [Bug 1958676] Re: error: too early for operation, device not yet seeded or device model not acknowledged Install failed

2022-01-22 Thread Dimitri John Ledkov
** Summary changed: - Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 142. + error: too early for operation, device not yet seeded or device model not acknowledged Install failed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages,

[Touch-packages] [Bug 1958676] Re: Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 142.

2022-01-21 Thread Dimitri John Ledkov
even with reverted init-system-helps snapd units fail to start during launchpad-buildd https://launchpad.net/~ubuntu-core-service/+snap/core22/+build/1650698 Setting up snapd (2.54.2+22.04ubuntu1) ... Created symlink /etc/systemd/system/multi-user.target.wants/snapd.apparmor.service →

[Touch-packages] [Bug 1958676] [NEW] Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 142.

2022-01-21 Thread Dimitri John Ledkov
Public bug reported: https://launchpad.net/~ubuntu-core-service/+snap/core22/+build/1650565 New deb-systemd-invoke added functionality for systemd v250 which ubuntu does not have yet. But it also appears to break postinst calls to deb- systemd-invoke, at least as seen during snap builds in lxd

[Touch-packages] [Bug 1951943] Re: Engine crashes when loading the configuration more than once

2021-11-23 Thread Dimitri John Ledkov
** Description changed: [Impact] - * Engine crashes when loading the configuration more than once +  * Engine crashes when loading the configuration more than once - * Upstream started to avoid loading engines twice by using dynamic ids +  * Upstream started to avoid loading engines

[Touch-packages] [Bug 1949603] Re: iptables-save -c shows incorrect counters with iptables-nft

2021-11-23 Thread Dimitri John Ledkov
** Changed in: iptables (Ubuntu Jammy) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https://bugs.launchpad.net/bugs/1949603 Title: iptables-save -c shows incorrect

Re: [Touch-packages] [Bug 1892798] Re: systemd package missing resolvconf(8) compatibility symlink, and a Provides: resolvconf

2021-11-23 Thread Dimitri John Ledkov
On Tue, Nov 23, 2021 at 1:40 PM Jason A. Donenfeld <1892...@bugs.launchpad.net> wrote: > > I think he meant to post this on > https://bugs.launchpad.net/ubuntu/+source/wireguard/+bug/1950317 > That makes a lot more sense. Commented my opinion there about the need for key generation tooling.

[Touch-packages] [Bug 1892798] Re: systemd package missing resolvconf(8) compatibility symlink, and a Provides: resolvconf

2021-11-23 Thread Dimitri John Ledkov
@ahasenack I feel a bit lost here. This bug report is about how one should or shouldn't propagate DNS servers after establishing a wireguard based connection. This has nothing to do w.r.t. creating keys. -- You received this bug notification because you are a member of Ubuntu Touch seeded

[Touch-packages] [Bug 1921518] Re: OpenSSL "double free" error

2021-11-23 Thread Dimitri John Ledkov
Thank you for working with OpenSSL upstream, explaining the issue at hand, for everyone to eventually understand what is going on, and finally coming up with a solution on the OpenSSL side of the APIs that is accepted by upstream into development v3 branch and stable 1.1.1 branch. I have started

[Touch-packages] [Bug 1951943] [NEW] Engine crashes when loading the configuration more than once

2021-11-23 Thread Dimitri John Ledkov
Public bug reported: [Impact] * Engine crashes when loading the configuration more than once * Upstream started to avoid loading engines twice by using dynamic ids to track the loaded engines correctly * OpenSSL 3 merge https://github.com/openssl/openssl/pull/17073 (bugfix & testcase) *

[Touch-packages] [Bug 1943530] Re: link libkrb5 with openssl

2021-11-18 Thread Dimitri John Ledkov
> Do we even know for sure this krb5-k5tls is enough for fips compliance, and that it replaces *all* crypto code in kerberos with openssl calls? No it does not. But intention is to make the over the network communications with TLS to be FIPS-TLS compliant which is cheaper to certify when reusing

[Touch-packages] [Bug 1940528] Re: curl 7.68 does not init OpenSSL correctly

2021-11-18 Thread Dimitri John Ledkov
Autopkgtests have now all passed. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1940528 Title: curl 7.68 does not init OpenSSL correctly Status in curl package in Ubuntu:

[Touch-packages] [Bug 1949603] Re: iptables-save -c shows incorrect counters with iptables-nft

2021-11-18 Thread Dimitri John Ledkov
@arighi suggests used to be installed when one used to provide "needs- suggests" restrictions or some such, but that got deprecated, so no suggests are not getting installed by default. However, we have a multi year MIR to seed and install nftables by default let me check the status of that

[Touch-packages] [Bug 1950996] Re: Missing all modules for usb nics in initrd which makes PXE boot impossible

2021-11-15 Thread Dimitri John Ledkov
** Changed in: initramfs-tools (Ubuntu) Status: New => Triaged ** Changed in: initramfs-tools (Ubuntu) Assignee: (unassigned) => Dimitri John Ledkov (xnox) ** Also affects: initramfs-tools (Ubuntu Hirsute) Importance: Undecided Status: New ** Also affects: initramfs

[Touch-packages] [Bug 1921518] Re: OpenSSL "double free" error

2021-11-12 Thread Dimitri John Ledkov
> How will you test that the change does not regress any wget behavior? In default Ubuntu configuration, either no openssl configuration is provided, or it contains no settings that affect wget. This code path changes how/when openssl configuration is loaded and used by openssl. One should

[Touch-packages] [Bug 1940528] Re: curl 7.68 does not init OpenSSL correctly

2021-11-12 Thread Dimitri John Ledkov
Not only patch was missing, it was partially missing. reuploading again. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1940528 Title: curl 7.68 does not init OpenSSL

[Touch-packages] [Bug 1940528] Re: curl 7.68 does not init OpenSSL correctly

2021-11-12 Thread Dimitri John Ledkov
Reuploaded curl into focal proposed, with series fix & on top of security upload that has happened since. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1940528 Title: curl

[Touch-packages] [Bug 1940656] Re: Potential use after free bugs in 1.1.1

2021-11-12 Thread Dimitri John Ledkov
** Tags removed: verification-needed verification-needed-focal ** Tags added: verification-done verification-done-focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu.

[Touch-packages] [Bug 1940656] Re: Potential use after free bugs in 1.1.1

2021-11-12 Thread Dimitri John Ledkov
I currently do not have a more regular smartcard setup to test out a hardware pk11 engine with openssl, which is typically the most common one. But I can use software gost engine to test out that algos provided by the engine operate correctly. Installed openssl from proposed, and gost engine. $

[Touch-packages] [Bug 1949603] Re: iptables-save -c shows incorrect counters with iptables-nft

2021-11-12 Thread Dimitri John Ledkov
In addition to the changelog versions it seems to me that the debdiff is potentially a bit missleading: 1) the shell testcases are not executed neither during build, nor during autopkgtest. As they seem to need root, it would be nice to add autopkgtest that would do: cd iptables/tests/shell;

[Touch-packages] [Bug 1949603] Re: iptables-save -c shows incorrect counters with iptables-nft

2021-11-12 Thread Dimitri John Ledkov
The proposed patch looks ok. The version numbers are interesting. Impish release is at 1.8.7-1ubuntu2, and impish upload 1.8.7-1ubuntu3 got only published into Jammy. So the correct version numbers to use will be ubuntu4 for jammy and 2.1 for impish, I will correct that for SRU. -- You

[Touch-packages] [Bug 1940656] Re: Potential use after free bugs in 1.1.1

2021-11-11 Thread Dimitri John Ledkov
There is now only a transient ADT regression in Regression in linux- hwe-5.13 (armhf), which is not a valid ADT because armhf ADT runs in lxd containers and does not boot the requested kernel. Please release this package. -- You received this bug notification because you are a member of Ubuntu

[Touch-packages] [Bug 1946965] Re: python3-defaults: py3versions -i does not list python3.10 when it is installed

2021-10-20 Thread Dimitri John Ledkov
Is this needed in focal too? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to python3-defaults in Ubuntu. https://bugs.launchpad.net/bugs/1946965 Title: python3-defaults: py3versions -i does not list python3.10 when it is

[Touch-packages] [Bug 1942260] Re: compress firmware in /lib/firmware

2021-10-19 Thread Dimitri John Ledkov
** Also affects: linux-firmware-raspi2 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1942260 Title: compress

[Touch-packages] [Bug 1932329] Re: Benchmark if we can compress kernel modules

2021-10-19 Thread Dimitri John Ledkov
** Also affects: initramfs-tools (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1932329 Title: Benchmark if

[Touch-packages] [Bug 1942260] Re: compress firmware in /lib/firmware

2021-10-19 Thread Dimitri John Ledkov
** Also affects: initramfs-tools (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1942260 Title: compress

[Touch-packages] [Bug 1671536] Re: Default initrd is LZMA compressed, yet rebuilt initramfs are gzip?

2021-10-18 Thread Dimitri John Ledkov
I believe livecd-rootfs and live-build have been fixed for this. ** Changed in: cloud-images Status: New => Fix Released ** Changed in: initramfs-tools (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded

[Touch-packages] [Bug 1944082] Re: initramfs-tools: zstd uses too much memory in mkinitramfs

2021-10-18 Thread Dimitri John Ledkov
In general we optimize for bootspeed, at the expense of generation time. It is often the case that we can complete the boot on systems smaller than required to recreate files for such boot. I.e. impossible to install/upgrade packages. Are you experiencing failure to create initrd, where

[Touch-packages] [Bug 1941649] Re: switch to zstd by default breaks booting focal LTS kernel

2021-10-18 Thread Dimitri John Ledkov
partial upgrades are not supported, and during upgrades we generally do not recreate initrds for old kernels. Meaning one should have at least .old kernel+initrd pair bootable. It is more of linux bug maybe that v5.4 does not support zstd compressed initrd? -- You received this bug

[Touch-packages] [Bug 1946343] Re: Stale os-release file after possible upgrade from 20.04.2 to 20.04.3

2021-10-08 Thread Dimitri John Ledkov
It looks like it is this platform: http://oem.archive.canonical.com/dists/focal-somerville-bulbasaur/ But I don't see any packages called oem-release or where they came from. Dear reporter, what's the output of: $ apt-cache policy oem-release ? ** Also affects: dell Importance: Undecided

[Touch-packages] [Bug 1946343] Re: Stale os-release file after possible upgrade from 20.04.2 to 20.04.3

2021-10-08 Thread Dimitri John Ledkov
** Also affects: oem-priority Importance: Undecided Status: New ** Changed in: oem-priority Importance: Undecided => Critical -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to base-files in Ubuntu.

[Touch-packages] [Bug 1942357] Re: Regression in openssl 1.0.1f for trusty/esm after last update

2021-09-21 Thread Dimitri John Ledkov
** Changed in: openssl (Ubuntu) Status: In Progress => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1942357 Title: Regression in openssl 1.0.1f for

[Touch-packages] [Bug 1940528] Re: curl 7.68 does not init OpenSSL correctly

2021-09-14 Thread Dimitri John Ledkov
** Changed in: curl (Ubuntu Focal) Assignee: (unassigned) => Dimitri John Ledkov (xnox) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to curl in Ubuntu. https://bugs.launchpad.net/bugs/1940528 Title: curl 7.68 d

[Touch-packages] [Bug 1940656] Re: Potential use after free bugs in 1.1.1

2021-09-14 Thread Dimitri John Ledkov
** Changed in: openssl (Ubuntu Focal) Status: Incomplete => In Progress ** Changed in: openssl (Ubuntu Focal) Assignee: (unassigned) => Robie Basak (racb) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl

[Touch-packages] [Bug 1940656] Re: Potential use after free bugs in 1.1.1

2021-09-14 Thread Dimitri John Ledkov
I would agree that any hypothetical use-after-free / double-free errors are usually also security vulnerabilities. But these ones were discovered with static analysis and/or affecting engine use, in error conditions only. Thus connectivity must already be failing / denied, before one can trip

[Touch-packages] [Bug 1921518] Re: OpenSSL "double free" error

2021-09-14 Thread Dimitri John Ledkov
No I'm not able to reproduce the issues anymore. Hence I need detailed logs from you. Including tracebacks with debug symbols installed, and strace too. Because I have never seen "bus error" on my side. -- You received this bug notification because you are a member of Ubuntu Touch seeded

[Touch-packages] [Bug 1943530] Re: link libkrb5 with openssl

2021-09-14 Thread Dimitri John Ledkov
krb5 (1.13~alpha1+dfsg-1) experimental; urgency=low [ Benjamin Kaduk ] * New upstream prerelease: - Add support for accessing KDCs via an https proxy using the MS-KKDCP protocol, using a plugin provided by the new krb5-k5tls package, which uses openssl for the TLS

[Touch-packages] [Bug 1943530] Re: link libkrb5 with openssl

2021-09-14 Thread Dimitri John Ledkov
** Tags added: rls-ii-incoming rls-jj-incoming -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/1943530 Title: link libkrb5 with openssl Status in krb5 package in Ubuntu:

[Touch-packages] [Bug 1921518] Re: OpenSSL "double free" error

2021-08-27 Thread Dimitri John Ledkov
@Vladimir This is an improvement. Previously we were getting: double free or corruption (out) But now it is: Bus error So some progress has been made. Can you please install debug symbols, and generate a complete traceback with debug symbols? or a core dump with debug symbols? (libcurl4-dbgsym

[Touch-packages] [Bug 1928989] Re: expiring trust anchor compatibility issue

2021-08-27 Thread Dimitri John Ledkov
Attempted trusty backport, but failing at making it pass all the existing unit tests. Asking for help. At the moment it seems to me that trusty will remain unfixed. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in

[Touch-packages] [Bug 1940635] Re: systemd-networkd failing to acquire a DHCP6 lease from dnsmasq on armhf

2021-08-26 Thread Dimitri John Ledkov
We must build armhf glibc which is y2038 safe, like our v5.1+ kernels are (bionic-hwe and up). Thus yes, glibc should assume TIME64 SYSCALLS, on armhf. Also, maybe our farm can move to focal and focal kernel; or like at least to bionic-hwe kernel. -- You received this bug notification because

[Touch-packages] [Bug 1921518] Re: OpenSSL "double free" error

2021-08-26 Thread Dimitri John Ledkov
Vladimir, I did this in the same location as before - https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/4654 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1921518

[Touch-packages] [Bug 1921518] Re: OpenSSL "double free" error

2021-08-25 Thread Dimitri John Ledkov
1.1.1f-1ubuntu2.8 is security-only update to address CVE-2021-3711 & CVE-2021-3712 The fixes from this bug report have been rebased on top of the security- only update in the PPA provided earlier. It has been carrying 1.1.1f-1ubuntu2.9 since yesterday. ** CVE added:

[Touch-packages] [Bug 1939544] Re: Merge the 1.1.1k version from Debian

2021-08-25 Thread Dimitri John Ledkov
Please merge 1.1.1l with the CVE fixes -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1939544 Title: Merge the 1.1.1k version from Debian Status in openssl package in

[Touch-packages] [Bug 1921518] Re: OpenSSL "double free" error

2021-08-24 Thread Dimitri John Ledkov
The updated openssl package does not change any behaviour w.r.t. config or engine use. It only has three patches applied to prevent potential use-after-free errors. It also relies on installing the new PKA engine with patches from github. Has the new PKA engine been recompiled and installed

[Touch-packages] [Bug 1921518] Re: OpenSSL "double free" error

2021-08-23 Thread Dimitri John Ledkov
@vladimir sokolovsky Note, that the proposed PPA is built for all architectures, and all configurations of the packages in questions as used in Ubuntu. Meaning, they are all compiled in multiple configurations, which are mutually incompatible. To ensure one installs the upgraded packages suitable

[Touch-packages] [Bug 1832356] Re: Upgrade OpenSSH to 7.9p1-10 or better in stable series

2021-08-23 Thread Dimitri John Ledkov
** Changed in: openssh (Ubuntu Bionic) Status: Confirmed => Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1832356 Title: Upgrade OpenSSH to 7.9p1-10 or

[Touch-packages] [Bug 1921518] Re: OpenSSL "double free" error

2021-08-20 Thread Dimitri John Ledkov
New curl & openssl will take some time to appear in focal-updates, as focal-updates are frozen for 20.04.3 release on 26th of August at the moment. See https://discourse.ubuntu.com/t/focal-fossa-20-04-3-lts-point- release-status-tracking/22948 -- You received this bug notification because you

[Touch-packages] [Bug 1921518] Re: OpenSSL "double free" error

2021-08-20 Thread Dimitri John Ledkov
Whilst I have identified broken/racy/incomplete behaviours in both curl and openssl in ubuntu focal 20.04 and created SRUs for them in the above mentioned bug reports; these do not fix crashes of the old PKA 1.0.0 engine. Also PKA 1.0.0 does not appear to be compatible with 20.04 userspace

[Touch-packages] [Bug 1921518] Re: OpenSSL "double free" error

2021-08-20 Thread Dimitri John Ledkov
Openssl bug report https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1940656 ** Changed in: openssl (Ubuntu) Status: New => Incomplete ** Changed in: openssl (Ubuntu Focal) Status: New => Incomplete ** Changed in: openssl (Ubuntu Focal) Importance: Critical => Undecided

  1   2   3   4   5   6   7   8   9   10   >