[Touch-packages] [Bug 1931725] Re: initramfs-tools: use zstd as the default compression method

2021-06-11 Thread Dimitri John Ledkov
** Changed in: initramfs-tools (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1931725 Title: initramfs-tools: use

[Touch-packages] [Bug 1928989] Re: expiring trust anchor compatibility issue

2021-05-19 Thread Dimitri John Ledkov
** Information type changed from Public to Public Security ** Tags removed: letsencrypt ** Tags added: letsencryptexpiry -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu.

[Touch-packages] [Bug 1928989] [NEW] expiring trust anchor compatibility issue

2021-05-19 Thread Dimitri John Ledkov
Public bug reported: [Impact] * openssl fails to talk to letsencrypt website past September 2021, despite trusting the letsencrypt root certificate. [Test Plan] * Import staging cert equivalent to ISRG Root X1 https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem * Import

[Touch-packages] [Bug 1914279] Re: linux from security may force reboots without complete dkms modules

2021-05-17 Thread Dimitri John Ledkov
** Tags removed: verification-needed verification-needed-focal ** Tags added: verification-done verification-done-focal -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unattended-upgrades in Ubuntu.

[Touch-packages] [Bug 1914279] Re: linux from security may force reboots without complete dkms modules

2021-05-14 Thread Dimitri John Ledkov
sru-release comments: virtualbox-hwe/6.1.16-dfsg-6ubuntu1.20.04.2 (s390x, ppc64el, armhf, arm64) -> autopkgtest failures are a false negative. It only is built and supported on amd64 sysdig/riscv64 - ftbfs is not a regression, never built on riscv64 in focal zfs-linux/riscv64 - ftbfs is not a

[Touch-packages] [Bug 1914279] Re: linux from security may force reboots without complete dkms modules

2021-05-10 Thread Dimitri John Ledkov
virtualbox-hwe/6.1.16-dfsg-6ubuntu1.20.04.2 (s390x, ppc64el, armhf, arm64) -> is a false negative. virtualbox-hwe is only supported on amd64 i thought. https://autopkgtest.ubuntu.com/packages/v/virtualbox https://autopkgtest.ubuntu.com/packages/v/virtualbox-hwe Suggests that to be the case. --

[Touch-packages] [Bug 1914279] Re: linux from security may force reboots without complete dkms modules

2021-04-30 Thread Dimitri John Ledkov
debdiffs are on https://bileto.ubuntu.com/#/ticket/4543 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1914279 Title: linux from security may force reboots without complete

[Touch-packages] [Bug 1914279] Re: linux from security may force reboots without complete dkms modules

2021-04-30 Thread Dimitri John Ledkov
I've rebuilt all the packages mentioned above in bileto ppa against security pocket and pushed them to focal-proposed queue, ready for sru review and accept. All, but openafs which ftbfs now, and will need to be fixed up for v5.11 anyway. So it will be rebuild in security pocket with v5.11 fixes

[Touch-packages] [Bug 1923464] Re: ideally should boot rootfs from a matching hard drive

2021-04-30 Thread Dimitri John Ledkov
My understanding of resilient boot is that there are multiple ESPs trying to boot the same raid device. If there is only one rootfs filesystem, boot that one. Which in case of raid, there will be only one. I'm more concerned about the case of two ubuntu-server preinstalled images on two usb

[Touch-packages] [Bug 1903890] Re: libffi7 missing from Ubuntu (pip's python3-openssl appears to be built against the wrong version of libffi)

2021-04-28 Thread Dimitri John Ledkov
I am glad that this worked out fine now. I am not sure there is time to fix this in 20.10, as it has only a few months of support left. I hope that having libffi7 in 21.04 is enough. ** Changed in: pyopenssl (Ubuntu Groovy) Status: Incomplete => Invalid ** Changed in: pyopenssl (Ubuntu)

[Touch-packages] [Bug 1779721] Re: systemd-networkd does not configure DHCPv4

2021-04-16 Thread Dimitri John Ledkov
** Changed in: systemd (Ubuntu) Assignee: Dimitri John Ledkov (xnox) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1779721 Title: systemd-netwo

[Touch-packages] [Bug 1923150] Re: unexpected error pop-up after 'apt install nvidia-driver-455'

2021-04-15 Thread Dimitri John Ledkov
20.04.1 is obsolete point release. Can you please try with 20.04.2? ** Changed in: nvidia-graphics-drivers-455 (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu.

[Touch-packages] [Bug 1923150] Re: unexpected error pop-up after 'apt install nvidia-driver-455'

2021-04-15 Thread Dimitri John Ledkov
** Also affects: apt (Ubuntu) Importance: Undecided Status: New ** Tags added: rls-hh-incoming -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1923150 Title:

[Touch-packages] [Bug 1920781] Re: Mobile phone hotspot unusable due to systemd-resolved not liking the DNS

2021-04-13 Thread Dimitri John Ledkov
@callegar It would be nice to see the full resolvectl status. Because depending on which things you have configured it might be expected to have DNSSEC validation working, and the request is routed to multiple interfaces, and none of them return results or the results fail to validate. Also

[Touch-packages] [Bug 1923464] [NEW] ideally should boot rootfs from a matching hard drive

2021-04-12 Thread Dimitri John Ledkov
Public bug reported: Ideally we should strive to boot rootfs from a matching hard drive. I.e. if we are booting rootfs by UUID, we should try to find the one that came from the same drive as where ESP (UEFI) came from, or u-boot spl / u-boot got loaded from (loader1/loader2). Such that for

[Touch-packages] [Bug 1920640] Re: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016)

2021-04-06 Thread Dimitri John Ledkov
It is possible that you have the key in _two_ keyrings in trusted.gpg.d/ & in trusted.gpg itself. It would be best for you to do the following: 1) sudo apt remove --purge ubuntu-dbgsym-keyring 2) sudo apt-key del 0xC8CAB6595FDFF622 3) sudo apt-key list | grep C8CAB6595FDFF622 => it should be

[Touch-packages] [Bug 1918970] Re: Unable to netboot Ubuntu 18.04 and older on an IBM Z DPM Partition - no manual nor automatic qeth device configuration

2021-03-31 Thread Dimitri John Ledkov
Alternative to all of the above, you could choose to "enable all the devices" hack on 18.04. Aka if the MAAS initrd includes a script to do `chzdev -e --all` by default on 18.04. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed

[Touch-packages] [Bug 1918970] Re: Unable to boot Ubuntu 18.04 and older on an IBM Z DPM Partition

2021-03-31 Thread Dimitri John Ledkov
In https://launchpad.net/ubuntu/+source/initramfs-tools/0.133ubuntu3 in eoan+ manual chzdev -e got added to activate qeth devices, if they have been specified in the ip= command, i.e. if enc300 is the device in the ip= command. This has not been backported to bionic. To boot without specifying

[Touch-packages] [Bug 1920640] Re: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016)

2021-03-29 Thread Dimitri John Ledkov
** Description changed: [Impact] - * Cannot update apt metadata from ddebs.ubuntu.com whilst using ubuntu- +  * Cannot update apt metadata from ddebs.ubuntu.com whilst using ubuntu- dbgsym-keyring package [Test Plan] +  * Install ubuntu-dbgsym-keyring package +  * Add

[Touch-packages] [Bug 1920640] Re: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016)

2021-03-26 Thread Dimitri John Ledkov
** Changed in: ubuntu-keyring (Ubuntu Hirsute) Status: Fix Released => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-keyring in Ubuntu. https://bugs.launchpad.net/bugs/1920640 Title: EXPKEYSIG

[Touch-packages] [Bug 1921546] Re: [FFe] ubuntu-server to recommend needrestart

2021-03-26 Thread Dimitri John Ledkov
** Description changed: needrestart MIR has been completed. https://bugs.launchpad.net/ubuntu/+source/needrestart/+bug/1907422 We are post FF, thus I am asking FFe to include needrestart as recommends in the ubuntu-server package. This change will results in needrestart being

[Touch-packages] [Bug 1921546] [NEW] [FFe] ubuntu-server to recommend needrestart

2021-03-26 Thread Dimitri John Ledkov
Public bug reported: needrestart MIR has been completed. https://bugs.launchpad.net/ubuntu/+source/needrestart/+bug/1907422 We are post FF, thus I am asking FFe to include needrestart as recommends in the ubuntu-server package. This change will results in needrestart being installed by default

[Touch-packages] [Bug 1920987] Re: IANA tzdata file format cannot represent different country code for a given timezone in different time periods [ i.e. Europe/Simferopol country code changes ]; iso 3

2021-03-25 Thread Dimitri John Ledkov
"America" does not maintain neither tzdata nor ISO 3166-2 database, both of which are delegated to international community of Internet Standards via RFC & to a committee headquartered in Genera with delegates from all around the world. All of which has lots of experience with classifying and

[Touch-packages] [Bug 1920640] Re: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016)

2021-03-25 Thread Dimitri John Ledkov
** Changed in: ubuntu-keyring (Ubuntu Focal) Status: Confirmed => In Progress ** Changed in: ubuntu-keyring (Ubuntu Bionic) Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1920640] Re: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016)

2021-03-25 Thread Dimitri John Ledkov
** Changed in: ubuntu-keyring (Ubuntu Groovy) Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-keyring in Ubuntu. https://bugs.launchpad.net/bugs/1920640 Title: EXPKEYSIG

[Touch-packages] [Bug 1920640] Re: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016)

2021-03-25 Thread Dimitri John Ledkov
** Description changed: + [Impact] + + * Cannot update apt metadata from ddebs.ubuntu.com whilst using ubuntu- + dbgsym-keyring package + + [Test Plan] + + * Install ubuntu-dbgsym-keyring package + * Add ddebs.ubuntu.com repository for your release + * sudo apt update must be successful +

[Touch-packages] [Bug 1920987] Re: IANA tzdata file format cannot represent different country code for a given timezone in different time periods [ i.e. Europe/Simferopol country code changes ]; iso 3

2021-03-24 Thread Dimitri John Ledkov
To be fair, Sevastopol has always had a special status of a federal city - across all times. Closes analogy being Vatican City. It was federal city separate from Crimea during whichever government defacto government ruling be it USSR, Ukranian SSR, Ukrain or Russian Federation. -- You received

[Touch-packages] [Bug 1920987] Re: IANA tzdata file format cannot represent different country code for a given timezone in different time periods [ i.e. Europe/Simferopol country code changes ]

2021-03-24 Thread Dimitri John Ledkov
In the iso-codes package there is a related issue, ISO 3166-2:RU contains no codes for the Russian-administered Republic of Crimea and Federal City of Sevastopol. Instead the UA codes are still specified, i.e. UA-43 for Crimea. ** Also affects: iso-codes (Ubuntu) Importance: Undecided

[Touch-packages] [Bug 1917780] Re: initramfs-tools does not include fsck binaries in the initrd if all mount pass are 0

2021-03-24 Thread Dimitri John Ledkov
** Description changed: - initramfs-tools does not include fsck in initrd if MNT_PASS equals zero - in the fstab entries. + [Impact] + + * initramfs-tools does not include fsck in initrd if MNT_PASS equals + zero in the fstab entries. This has lead to the following situation : when

[Touch-packages] [Bug 1920987] Re: Europe/Simferopol, Crimea is RUSSIA

2021-03-24 Thread Dimitri John Ledkov
The upstream IANA tzdata file format is very restrictive and cannot change and reflect country codes correctly, across correct historical dates. >From "europe" file: Zone Europe/Simferopol 2:16:24 - LMT 1880 2:16 - SMT 1924 May 2 # Simferopol Mean

[Touch-packages] [Bug 1920987] Re: IANA tzdata file format cannot represent different country code for a given timezone in different time periods [ i.e. Europe/Simferopol country code changes ]

2021-03-24 Thread Dimitri John Ledkov
Setting the status of the bug report to Opinion, as it doesn't fit the scope of Ubuntu project. It has to be fixed by IANA in upstream releases of tzdata. Once they come up with a better solution in the file format, the bug can change to confirmed to be integrated in Ubuntu. -- You received this

[Touch-packages] [Bug 1920987] Re: Europe/Simferopol, Crimea is RUSSIA

2021-03-24 Thread Dimitri John Ledkov
Is there anything in particular about all the other packages that you marked them as affected? I suspect that they all use Ubuntu's provided tzdata as the source of information, and hence they will all be reflecting simply whatever tzdata tells them. Hence any changes will be automatically

[Touch-packages] [Bug 1920933] Re: live desktop system booted with ip=dhcp has the right lease, hostname not set at all

2021-03-23 Thread Dimitri John Ledkov
Also note https://bugs.launchpad.net/subiquity/+bug/1905932 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1920933 Title: live desktop system booted with ip=dhcp has the

[Touch-packages] [Bug 1920933] Re: live desktop system booted with ip=dhcp has the right lease, hostname not set at all

2021-03-23 Thread Dimitri John Ledkov
** Also affects: netplan.io (Ubuntu) Importance: Undecided Status: New ** Also affects: initramfs-tools (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd

[Touch-packages] [Bug 1920804] Re: Apt does not seem to automatically consider non-candidates when resolving deps

2021-03-22 Thread Dimitri John Ledkov
As per private conversation, it's not a bug but a feature to only consider candidates by default. ** Changed in: apt (Ubuntu) Status: New => Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu.

[Touch-packages] [Bug 1920804] Re: Apt does not seem to automatically consider non-candidates when resolving deps

2021-03-22 Thread Dimitri John Ledkov
never mind `apt build-dep` also fails. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1920804 Title: Apt does not seem to automatically consider non-candidates when

[Touch-packages] [Bug 1920804] Re: Apt does not seem to automatically consider non-candidates when resolving deps

2021-03-22 Thread Dimitri John Ledkov
Btw. $external_commands = { 'build-deps-failed-commands' => ['%s'], }; Is useful when debugging build-deps not installable, as that exposes the dummy build-depends package ; archive; and one can redo commands that sbuild tries to run to install them. ** Description changed:

[Touch-packages] [Bug 1920804] [NEW] Apt does not seem to automatically consider non-candidates when resolving deps

2021-03-22 Thread Dimitri John Ledkov
Public bug reported: # apt show sbuild-build-depends-main-dummy Package: sbuild-build-depends-main-dummy Version: 0.invalid.0 Maintainer: Debian buildd-tools Developers Installed-Size: unknown Depends: debhelper (>= 9), debhelper-compat (= 12), dpkg-dev (>= 1.17.14), python3, cargo (>=

[Touch-packages] [Bug 1835660] Re: initramfs unpacking failed

2021-03-22 Thread Dimitri John Ledkov
@Fred eldmannen+launchpad This issue is only fixed in the Ubuntu patchset for the Linux Kernel. Although I have submitted this fix upstream, it has not been picked up yet by kernel.org vanilla kernels. See https://lkml.org/lkml/2021/1/14/1091 The mainline builds you point to, do not contain

[Touch-packages] [Bug 1920610] Re: The repository 'http://ddebs.ubuntu.com groovy Release' is not signed

2021-03-21 Thread Dimitri John Ledkov
*** This bug is a duplicate of bug 1920640 *** https://bugs.launchpad.net/bugs/1920640 ** This bug has been marked a duplicate of bug 1920640 EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016) -- You received this bug notification because you are a

[Touch-packages] [Bug 1920640] Re: EXPKEYSIG C8CAB6595FDFF622 Ubuntu Debug Symbol Archive Automatic Signing Key (2016)

2021-03-21 Thread Dimitri John Ledkov
** Also affects: ubuntu-keyring (Ubuntu Focal) Importance: Undecided Status: New ** Also affects: ubuntu-keyring (Ubuntu Groovy) Importance: Undecided Status: New ** Also affects: ubuntu-keyring (Ubuntu Hirsute) Importance: High Status: Confirmed ** Also affects:

[Touch-packages] [Bug 1917625] Re: OpenSSL TLS 1.1 handshake fails internal error

2021-03-18 Thread Dimitri John Ledkov
Opened https://github.com/openssl/openssl/issues/14607 ** Bug watch added: github.com/openssl/openssl/issues #14607 https://github.com/openssl/openssl/issues/14607 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl

[Touch-packages] [Bug 1917625] Re: OpenSSL TLS 1.1 handshake fails internal error

2021-03-18 Thread Dimitri John Ledkov
> to change the security level. Here Ubuntu deviates from standard OpenSSL 1.1.1 policies. So I ask again: Should we detect and special case the deviation and document it? I am reluctant to say yes here. But also want to ask how would you detect that it's an Ubuntu, or ubuntu derived openssl. I

[Touch-packages] [Bug 1917625] Re: OpenSSL TLS 1.1 handshake fails internal error

2021-03-18 Thread Dimitri John Ledkov
> Could you hook up the check to SSL_CTX_set_min_proto_version() and return an error code when level and security policy don't match? It's a modern setter, so it can return 0 on error. That is interesting proposal. However, need to be careful as to potentially not break configs, i.e. if they

[Touch-packages] [Bug 1917780] Re: initramfs-tools does not include fsck binaries in the initrd if all mount pass are 0

2021-03-18 Thread Dimitri John Ledkov
so looking into that hook, it should ignore passno & always include fscks. Will try to upload that. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1917780 Title:

[Touch-packages] [Bug 1916705] Re: glib2.0 >=2.67.3 breaks include from an extern C context

2021-03-15 Thread Dimitri John Ledkov
** Changed in: wireshark (Ubuntu) Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to glib2.0 in Ubuntu. https://bugs.launchpad.net/bugs/1916705 Title: glib2.0 >=2.67.3 breaks include

[Touch-packages] [Bug 1899878] Re: Python's test_ssl fails starting from Ubuntu 20.04

2021-03-12 Thread Dimitri John Ledkov
On SSLcontext, security callback has prototype /* Security callback */ int (*sec_cb) (const SSL *s, const SSL_CTX *ctx, int op, int bits, int nid, void *other, void *ex); if one calls that function, with context passed in, "op" set to SSL_SECOP_VERSION, "bits" set to zero,

[Touch-packages] [Bug 1917625] Re: OpenSSL TLS 1.1 handshake fails internal error

2021-03-12 Thread Dimitri John Ledkov
Oooh, can we add bindings for: s->cert->sec_cb() and then call it with SSL_SECOP_VERSION operation with nbits set to TLS1.1 version? then it will return and tell us if it is acceptable or not, by the security level. -- You received this bug notification because you are a member of Ubuntu Touch

[Touch-packages] [Bug 1917625] Re: OpenSSL TLS 1.1 handshake fails internal error

2021-03-12 Thread Dimitri John Ledkov
ideally it would be nice if we could access sec_cb and call it with the protocol versions to check the versions there. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1917625

[Touch-packages] [Bug 1917625] Re: OpenSSL TLS 1.1 handshake fails internal error

2021-03-12 Thread Dimitri John Ledkov
I feel that openssl upstream needs to add: server_context.verify_consistent() Because in the above example, even before trying to establish the connection between the two context, the server context is already internally inconsistent. And upstream has changed the meaning of security levels in

[Touch-packages] [Bug 1870408] Re: casper-md5check should leave a breadcrumb which apport, ubiquity, subiquity could use

2021-03-11 Thread Dimitri John Ledkov
** Changed in: casper (Ubuntu) Status: In Progress => Fix Committed ** Changed in: casper (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu.

[Touch-packages] [Bug 1917780] Re: initramfs-tools does not include fsck in initrd if mount pass is 0

2021-03-11 Thread Dimitri John Ledkov
wait what?! =/ fsck binaries should totally be there! that sounds very broken if they are not there. ** Changed in: initramfs-tools (Ubuntu) Importance: Medium => Critical ** Summary changed: - initramfs-tools does not include fsck in initrd if mount pass is 0 + initramfs-tools does not

[Touch-packages] [Bug 1917625] Re: OpenSSL TLS 1.1 handshake fails internal error

2021-03-11 Thread Dimitri John Ledkov
Please note that: OpenSSL upstream security level 3 only allows TLS v1.1 and above OpenSSL upstream security level 4 only allows TLS v1.2 and above, DTLS v1.2 and above On Ubuntu, these restrictions are brought in earlier at security level 2. Thus, if one builds upstream OpenSSL with security

[Touch-packages] [Bug 1917625] Re: OpenSSL TLS 1.1 handshake fails internal error

2021-03-11 Thread Dimitri John Ledkov
I need to verify a few things, but I believe it is to do with chiphersuites, seclevel callback, and protocol versions. When setting chiphersuite string ; or changing security level; or changing the security level callback; or setting min/mas protocol versions. All of those things are not checked

[Touch-packages] [Bug 1917625] Re: OpenSSL TLS 1.1 handshake fails internal error

2021-03-11 Thread Dimitri John Ledkov
** Also affects: openssl (Ubuntu Hirsute) Importance: Undecided Status: Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1917625 Title: OpenSSL TLS 1.1

[Touch-packages] [Bug 1917780] Re: initramfs-tools does not include fsck in initrd if mount pass is 0

2021-03-11 Thread Dimitri John Ledkov
*** This bug is a duplicate of bug 1902103 *** https://bugs.launchpad.net/bugs/1902103 We must honor MNT_PASS. The actual bug is that many things do not set it to 1 by default as they should have. I.e. bits in curtin, maas, subiquity, cloud-images. It is correctly set to 1 on ubiquity

[Touch-packages] [Bug 1915966] Re: Please merge initramfs-tools 0.139 from Debian unstable

2021-03-09 Thread Dimitri John Ledkov
** Changed in: initramfs-tools (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu. https://bugs.launchpad.net/bugs/1915966 Title: Please merge

[Touch-packages] [Bug 1915966] Re: Please merge initramfs-tools 0.139 from Debian unstable

2021-03-09 Thread Dimitri John Ledkov
> git range-diff old/debian..logical/0.137ubuntu12 new/debian..merge/0.139ubuntu1 i see this and i have no clue what i am looking at! i guess i need to go and learn how to read range-diffs! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is

[Touch-packages] [Bug 1917920] Re: magic-proxy broke with iptables 1.8.7-1ubuntu2

2021-03-09 Thread Dimitri John Ledkov
The nat fiddles are not visible inside the container network namespace. Thus I am wondering if there is an odd interaction between namespace, nftables based iptables vs legacy iptables. I.e. whilst the host is configured using legacy iptables, maybe the lxd guests must be using legacy iptables

[Touch-packages] [Bug 1917920] Re: magic-proxy broke with iptables 1.8.7-1ubuntu2

2021-03-09 Thread Dimitri John Ledkov
i think either -L or -S "made everything work". Note that there is no iptables installs in the lxd container, and we install iptables on the fly. nftables are not installed either, because that's not in main. So when lxd container started, nothing did "restore" of any default chains I don't

[Touch-packages] [Bug 1917920] Re: magic-proxy broke with iptables 1.8.7-1ubuntu2

2021-03-09 Thread Dimitri John Ledkov
However I do not think that google.com is a good test, as it will try to redirect to https, no? and magic proxy only does things with http. We are failing to reach http ftpmaster.internal. I am now trying to rewrite bits of magic-proxy to use more of urllib and surface more HTTP and IO errors.

[Touch-packages] [Bug 1917920] Re: magic-proxy broke with iptables 1.8.7-1ubuntu2

2021-03-09 Thread Dimitri John Ledkov
@alex Thanks for trying this. And yes, we have been unable to reproduce this outside of launchpad. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https://bugs.launchpad.net/bugs/1917920 Title:

[Touch-packages] [Bug 1917920] Re: magic-proxy broke with iptables 1.8.7-1ubuntu2

2021-03-05 Thread Dimitri John Ledkov
** Tags added: hirsute -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https://bugs.launchpad.net/bugs/1917920 Title: magic-proxy broke with iptables 1.8.7-1ubuntu2 Status in Launchpad itself: New

[Touch-packages] [Bug 1917920] [NEW] magic-proxy broke with iptables 1.8.7-1ubuntu2

2021-03-05 Thread Dimitri John Ledkov
Public bug reported: when iptables got upgraded from 1.8.5-3ubuntu4 to 1.8.7-1ubuntu2 magic proxy stopped working in livecd-rootfs. It does very simple thing: iptables -t nat -A OUTPUT -p tcp --dport 80 -m owner ! --uid-owner daemon -j REDIRECT --to 8080 inside hirsute lxd container, with

[Touch-packages] [Bug 1878969] Re: time-epoch never changes in SRUs

2021-03-05 Thread Dimitri John Ledkov
with core-initrd v40, each new initrd build increases time epoch. This still means that for brand new account keys, one needs to wait or build a new kernel to be able to boot in UC20. ** Changed in: ubuntu-core-initramfs Status: In Progress => Fix Released -- You received this bug

[Touch-packages] [Bug 1905472] Re: Something starts dhcclient for every intrface on boot

2021-03-04 Thread Dimitri John Ledkov
aoetools is effectively unchanged, and their initramfs_hook is the same since xenial. in the initramfs-tools the changes between 18.04 LTS and 20.04 LTS are that for automatic IP bring up, more methods are now supported with more robust IPv4 DHCP and IPv6 DHCP. Was your 18.04 LTS installation

[Touch-packages] [Bug 1905472] Re: Something starts dhcclient for every intrface on boot

2021-03-04 Thread Dimitri John Ledkov
aoe hook is provided by https://packages.ubuntu.com/source/hirsute/aoetools If you need this package, but you do not want aoe hook to fire in the initramfs, you can as a local override dissable it with: dpkg-statoverride --add --update root root 0644 /usr/share/initramfs-

[Touch-packages] [Bug 1905472] Re: Something starts dhcclient for every intrface on boot

2021-03-04 Thread Dimitri John Ledkov
I marked the bug incomplete, when asking for additional information. Which is a normal bug processing procedure. This happened _before_ your comment #4 and #5. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ifupdown in

[Touch-packages] [Bug 1905472] Re: Something starts dhcclient for every intrface on boot

2021-03-04 Thread Dimitri John Ledkov
ubuntu-core-initramfs project is not used on Ubuntu 20.04 LTS servers and desktops. However I also don't think this is caused by initramfs. It would help for you to check your NetworkManager configuration, netplan configuration and ifupdwon configurations. ** Project changed:

[Touch-packages] [Bug 1878969] Re: time-epoch never changes in SRUs

2021-03-04 Thread Dimitri John Ledkov
** Changed in: ubuntu-core-initramfs Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1878969 Title: time-epoch never changes in SRUs

[Touch-packages] [Bug 1899878] Re: Python's test_ssl fails starting from Ubuntu 20.04

2021-03-03 Thread Dimitri John Ledkov
But Debian & Fedora implementation are buggy, because they break 1.0.2x users & they do not prohibit DTLSv1.1 whilst enforcing TLSv1.2+. So although Debian & Fedora look "nice" they are security vulnerable configurations. I can set min_version to TLSv1.2, in addition to security level 2 but that

[Touch-packages] [Bug 1899878] Re: Python's test_ssl fails starting from Ubuntu 20.04

2021-03-03 Thread Dimitri John Ledkov
Fedora & Debian & Ubuntu implement openssl differently. In Ubuntu, as an Ubuntu-specific patch, we set default security level to 2, and prohibit protocols lower than TLSv1.2 / DTLSv1.2. This is documented in the Ubuntu manpages for OpenSSL

[Touch-packages] [Bug 1915005] Re: Please merge findutils 4.8.0 from Debian unstable

2021-03-01 Thread Dimitri John Ledkov
** Changed in: findutils (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to findutils in Ubuntu. https://bugs.launchpad.net/bugs/1915005 Title: Please merge findutils

[Touch-packages] [Bug 1914740] Re: IPs are not assigned for Hipersockets in DHCP mode

2021-03-01 Thread Dimitri John Ledkov
https://github.com/systemd/systemd/pull/18829 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1914740 Title: IPs are not assigned for Hipersockets in DHCP mode Status in

[Touch-packages] [Bug 1914740] Re: IPs are not assigned for Hipersockets in DHCP mode

2021-03-01 Thread Dimitri John Ledkov
I have made this PPA https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/4477 It has packages for focal versioned above current focal-updates version, but lower than the next SRU. sudo add-apt-repository ppa:ci-train-ppa-service/4477 sudo apt install systemd Should be enough to upgrade

[Touch-packages] [Bug 1914740] Re: IPs are not assigned for Hipersockets in DHCP mode

2021-03-01 Thread Dimitri John Ledkov
** Patch added: "focal_qeth_l3_request_broadcast.patch" https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1914740/+attachment/5471480/+files/focal_qeth_l3_request_broadcast.patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is

[Touch-packages] [Bug 1914740] Re: IPs are not assigned for Hipersockets in DHCP mode

2021-03-01 Thread Dimitri John Ledkov
** Patch added: "0001-s390x-For-qeth_l3-set-dhcp_broadcast-to-true-by-defa.patch" https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1914740/+attachment/5471481/+files/0001-s390x-For-qeth_l3-set-dhcp_broadcast-to-true-by-defa.patch -- You received this bug notification because you are a

[Touch-packages] [Bug 1914740] Re: IPs are not assigned for Hipersockets in DHCP mode

2021-03-01 Thread Dimitri John Ledkov
** Patch removed: "dhcp_broadcast_qeth_l3.patch" https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1914740/+attachment/5467722/+files/dhcp_broadcast_qeth_l3.patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1914740] Re: IPs are not assigned for Hipersockets in DHCP mode

2021-02-26 Thread Dimitri John Ledkov
I've started drafting this patch. I want to prepare a PPA for you to try, can you please let me know which Ubuntu release is best / easiest for you to test? Hirsute? Focal? Bionic? ** Patch added: "dhcp_broadcast_qeth_l3.patch"

[Touch-packages] [Bug 1914740] Re: IPs are not assigned for Hipersockets in DHCP mode

2021-02-24 Thread Dimitri John Ledkov
My preference would be to fix networkd, if that fails netplan, and isc- dhcp only if there is syntax to online the device in the right l2/l3 state via kernel cmdline and that one needs to complete install over it. For example, does automatic chzdev device enablement provides autoconfiguration for

[Touch-packages] [Bug 1914740] Re: IPs are not assigned for Hipersockets in DHCP mode

2021-02-24 Thread Dimitri John Ledkov
Would turning on RequestBroadcast=yes for ID_NET_DRIVER=qeth_l3 interfaces be good enough in networkd? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1914740 Title: IPs

[Touch-packages] [Bug 1914279] Re: linux from security may force reboots without complete dkms modules

2021-02-23 Thread Dimitri John Ledkov
@kernel team please check which dkms packages in -updates fix FTBFS, and if they need to be rebuilt in -security pocket and released in -security pocket. ** Changed in: linux-meta (Ubuntu) Status: New => Triaged ** Changed in: linux (Ubuntu) Status: Confirmed => Triaged -- You

[Touch-packages] [Bug 1916117] Re: CVE-2021-3177 in python2.7

2021-02-20 Thread Dimitri John Ledkov
doko merged above pull request already. ** Information type changed from Public to Public Security -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to python2.7 in Ubuntu. https://bugs.launchpad.net/bugs/1916117 Title:

[Touch-packages] [Bug 1916105] [NEW] pkgbinarymangler slows down all builds, unnecessory

2021-02-18 Thread Dimitri John Ledkov
Public bug reported: pkgbinarymangler slows down all builds, unnecessarily. pkgbinarymangler prevents running the io intensive dpkg-builddeb in parrallel which is the default. instead of making the builds use dpkg-builddeb in parallel, it makes all packages getting processed serially for the

[Touch-packages] [Bug 1915307] Re: Please merge sudo 1.9.5p2-2 (main) from Debian unstable (main)

2021-02-18 Thread Dimitri John Ledkov
** Tags removed: block-proposed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1915307 Title: Please merge sudo 1.9.5p2-2 (main) from Debian unstable (main) Status in sudo

[Touch-packages] [Bug 1915789] Re: sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set

2021-02-18 Thread Dimitri John Ledkov
** Tags removed: block-proposed ** Changed in: sudo (Ubuntu) Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to sudo in Ubuntu. https://bugs.launchpad.net/bugs/1915789 Title: sudo:

[Touch-packages] [Bug 1915250] Re: buildd file owner/group for shared libraries

2021-02-17 Thread Dimitri John Ledkov
fakeroot with glibc broke dpkg-deb for packages that do not use "Rules- Requires-Root: no" was broken. binutils stopped preserving permissions from objcopy & strip, leading to incorrect permissions of files after stripping. fakeroot is now patched with better glibc 2.33 support. TODO upstream

[Touch-packages] [Bug 1915250] Re: buildd file owner/group for shared libraries

2021-02-16 Thread Dimitri John Ledkov
** Changed in: glibc (Ubuntu) Status: Confirmed => Invalid ** Changed in: debhelper (Ubuntu) Importance: Undecided => Wishlist -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu.

[Touch-packages] [Bug 1915250] Re: buildd file owner/group for shared libraries

2021-02-16 Thread Dimitri John Ledkov
** Changed in: fakeroot (Ubuntu) Importance: High => Critical -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1915250 Title: buildd file owner/group for shared

[Touch-packages] [Bug 1906671] Re: [MIR] usrmerge

2021-02-15 Thread Dimitri John Ledkov
letting just the dep update of ubuntu-meta through. ** Tags removed: block-proposed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-meta in Ubuntu. https://bugs.launchpad.net/bugs/1906671 Title: [MIR] usrmerge

[Touch-packages] [Bug 1915250] Re: buildd file owner/group for shared libraries

2021-02-15 Thread Dimitri John Ledkov
@mvo we know, we are tracing them all. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to binutils in Ubuntu. https://bugs.launchpad.net/bugs/1915250 Title: buildd file owner/group for shared libraries Status in binutils

[Touch-packages] [Bug 1906671] Re: [MIR] usrmerge

2021-02-14 Thread Dimitri John Ledkov
Ok, need to patch debootstrap to switch to usrmerge by default + make it list usrmerge package; then update script in ubuntu-meta adds it to minimal. Will upload all that to bileto ppa and test upgrades since non- usrmerged systems. ** Also affects: debootstrap (Ubuntu) Importance: Undecided

[Touch-packages] [Bug 1906671] Re: [MIR] usrmerge

2021-02-14 Thread Dimitri John Ledkov
oh the binary is in main, it's the source that is in the universe never mind. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-meta in Ubuntu. https://bugs.launchpad.net/bugs/1906671 Title: [MIR] usrmerge Status in

[Touch-packages] [Bug 1906671] Re: [MIR] usrmerge

2021-02-14 Thread Dimitri John Ledkov
seems it has gone back to universe, preparing upload of ubuntu-meta and will block it proposed to ensure we can test any fallouts. ** Also affects: ubuntu-meta (Ubuntu) Importance: Undecided Status: New ** Tags added: block-proposed -- You received this bug notification because you

[Touch-packages] [Bug 1867465] Re: Installer disconnects wifi (after choosing download while installing, 3rd party)

2021-02-12 Thread Dimitri John Ledkov
Sorry, this bug is not fixed. After getting better wifi driver, it gains a different kernel name. And hence NetworkManager "disconnects" and doesn't reconnect. When this happens, you need to setup Wifi connection again. I do not know how to fix this, and/or anticipate the new wifi card name.

[Touch-packages] [Bug 1914062] Re: NetworkManager-wait-online.service in 1.28.0-2ubuntu1 fails to start in LXC

2021-02-11 Thread Dimitri John Ledkov
We should probably ignore failure to start NetworkManager-wait- online.service in the autopkgtests for now. ** Changed in: systemd (Ubuntu) Importance: High => Wishlist -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1874381] Re: LVM device unavailable after 18.04 to 20.04 upgrade Timed out waiting for device /dev/mapper/s5lp8--v g-home

2021-02-08 Thread Dimitri John Ledkov
> So one solution to this would be to run "vgck --updatemetadata" on each vg in postinst... would there be downside to that? how slow is it on very very large LVMs? Is it distructive? Maybe something to check with devops-y people, like I.S. / bootstack? -- You received this bug notification

[Touch-packages] [Bug 1903890] Re: libffi7 missing from Ubuntu (pip's python3-openssl appears to be built against the wrong version of libffi)

2021-02-06 Thread Dimitri John Ledkov
libffi7 (3.3-5ubuntu1) hirsute; urgency=medium * Provide libffi7 runtime library for the 3rd party app compatiblity. LP: #1903890 -- Dimitri John Ledkov Fri, 05 Feb 2021 13:34:22 + I have now shipped libffi7 in hirsute. Such that if one installs third-party binaries, on hirsute

[Touch-packages] [Bug 1892915] Re: gnome-shell crashing (libffi8ubuntu1 upgrade issue)

2021-02-05 Thread Dimitri John Ledkov
** Changed in: libffi (Ubuntu) Status: Incomplete => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libffi in Ubuntu. https://bugs.launchpad.net/bugs/1892915 Title: gnome-shell crashing (libffi8ubuntu1

[Touch-packages] [Bug 1903890] Re: python3-openssl appears to be built against the wrong version of libffi

2021-02-05 Thread Dimitri John Ledkov
** Description changed: + Ubuntu groovy and up upgraded to libffi8ubuntu1, thus making Ubuntu + incompatible with 3rd-party binaries that desire to use libffi7. + + Let's backport and provide libffi7 runtime library only, for those. + + Not sure how that would work with ctypes though. + + +

  1   2   3   4   5   6   7   8   9   10   >