[Touch-packages] [Bug 2039873] Re: liblxc-dev was built with LXC_DEVEL=1 in Ubuntu Jammy/Kinetic

2023-10-23 Thread Serge Hallyn
> Looking at the changelog, it appears that Serge simply pulled all changes following 5.0.1 from git, which he likely did mistakenly looking at the master branch rather than the stable-5.0 branch which wouldn't have had that particular change. That sounds like exactly what I would do. -- You

[Touch-packages] [Bug 1729357] Re: unprivileged user can drop supplementary groups

2023-08-29 Thread Serge Hallyn
** Changed in: shadow (Ubuntu) Importance: Undecided => Low -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/1729357 Title: unprivileged user can drop supplementary

[Touch-packages] [Bug 2012437] [NEW] Ship a static libsystemd.a

2023-03-21 Thread Serge Hallyn
Public bug reported: More and more things are requiring linking against libsystemd. In particular, because dbus is now linked against libsystemd, anything that wants to make a dbus client call needs it. By not shipping a static libsystemd.a, all such users are prevented from building

[Touch-packages] [Bug 1700814] Re: Default capability of cap_setfcap+i should be set on setcap

2022-10-18 Thread Serge Hallyn
> FWIW This used to be the default inside the libcap build tree, but the > problems with the container defaults (eventually fixed with > https://github.com/moby/moby/security/advisories/GHSA-2mm7-x5h6-5pvq Thanks for the links. For a moment I was worried that there was an issue with containers

[Touch-packages] [Bug 1700814] Re: Default capability of cap_setfcap+i should be set on setcap

2022-05-20 Thread Serge Hallyn
** Changed in: libcap2 (Ubuntu) Assignee: Serge Hallyn (serge-hallyn) => Balint Reczey (rbalint) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libcap2 in Ubuntu. https://bugs.launchpad.net/bugs/1700814 Ti

[Touch-packages] [Bug 1966590] Re: cups segfault when printing or editing printers

2022-03-27 Thread Serge Hallyn
The permission denied errors appear unrelated: after stopping apparmor and restarting cups, I still get: [932499.635684] cupsd[855122]: segfault at 0 ip 7f39be2ff98c sp 7ffc12737718 error 4 in libc.so.6[7f39be176000+195000] [932499.635695] Code: 1e fa 89 f8 31 d2 62 a1 fd 00 ef c0 09 f0

[Touch-packages] [Bug 1966590] Re: cups segfault when printing or editing printers

2022-03-27 Thread Serge Hallyn
(Forcibly downgrading to the impish packages restored ability to print.) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cups in Ubuntu. https://bugs.launchpad.net/bugs/1966590 Title: cups segfault when printing or editing

[Touch-packages] [Bug 1966590] [NEW] cups segfault when printing or editing printers

2022-03-27 Thread Serge Hallyn
Public bug reported: Editing a printer in localhost:631, cups keeps segfaulting after (possibly related) access denied messages: [932068.059601] audit: type=1400 audit(1648388571.894:566): apparmor="DENIED" operation="connect" profile="/usr/bin/evince" name="/run/user/1000/at-spi/bus_0"

[Touch-packages] [Bug 1966590] Re: cups segfault when printing or editing printers

2022-03-27 Thread Serge Hallyn
This makes it impossible for me to print from my laptop :( -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cups in Ubuntu. https://bugs.launchpad.net/bugs/1966590 Title: cups segfault when printing or editing printers

[Touch-packages] [Bug 1963834] Re: openssl 3.0 - SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED]

2022-03-16 Thread Serge Hallyn
Ok, I did get my case to work by creating ~/ssl.conf containing: openssl_conf = openssl_init [openssl_init] ssl_conf = ssl_sect [ssl_sect] system_default = system_default_sect [system_default_sect] Options = UnsafeLegacyRenegotiation And then did OPENSSL_CONF=~/ssl.conf do-my-command that

[Touch-packages] [Bug 1963834] Re: openssl 3.0 - SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED]

2022-03-16 Thread Serge Hallyn
I tried also adding the following: [openssl_init] providers = provider_sect ssl_conf = ssl_configuration as I wasn't sure whether the [ssl_configuration] section would otherwise get used for anything, but that didn't seem to make a difference. The end of the file is [ssl_configuration] client

[Touch-packages] [Bug 1963834] Re: openssl 3.0 - SSL: UNSAFE_LEGACY_RENEGOTIATION_DISABLED]

2022-03-16 Thread Serge Hallyn
FWIW I'm seeing this with the openconnect-sso (https://github.com/vlaci/openconnect-sso) package on jammy. I just tried adding the following to my /etc/ssl/openssl.cfg: [ssl_configuration] client = client_tls_config [client_tls_config] Options = UnsafeLegacyServerConnect With no luck :( --

[Touch-packages] [Bug 1917187] Re: lxc cgroup2: containers unbootable

2022-02-27 Thread Serge Hallyn
FWIW this is affecting me on jammy too. I'll have to take a look at systemd sources. Adding: lxc.init.cmd = /sbin/init systemd.unified_cgroup_hierarchy to my config does not help, nor does bind mounting a /proc/filesystems without 'cgroup' (v1) in it. -- You received this bug notification

[Touch-packages] [Bug 1869267] Re: /etc/login.defs contains a non-ASCII character

2021-10-27 Thread Serge Hallyn
This is in the debian/login.defs file, and was replaced at least before bionic with a proper ascii ', so I'm targeting this to xenial. ** Changed in: shadow (Ubuntu) Status: New => Fix Released ** Also affects: shadow (Ubuntu Xenial) Importance: Undecided Status: New ** Changed

[Touch-packages] [Bug 1923262] Re: backup /etc/passwd- file should be mode 0600

2021-10-27 Thread Serge Hallyn
I appreciate you bringing this to our attention, but (as shadow upstream maintainer) I'm going to join John in saying this should be wontfix. Now if you want to change the subject to also making /etc/passwd 600, then as Alexander points out that may be doable and have merit. But just hiding the

[Touch-packages] [Bug 1928309] Re: usermod change home directory no tilde

2021-10-27 Thread Serge Hallyn
Well that's just fascinating! :) This would be best reported at https://github.com/shadow- maint/shadow/issues. Would you mind opening an issue there? ** Changed in: shadow (Ubuntu) Status: New => Confirmed ** Changed in: shadow (Ubuntu) Importance: Undecided => Wishlist -- You

[Touch-packages] [Bug 1923232] Re: SRU of LXC 4.0.6 to focal (upstream bugfix release)

2021-04-09 Thread Serge Hallyn
** Changed in: lxc (Ubuntu Focal) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1923232 Title: SRU of LXC 4.0.6 to focal (upstream bugfix

[Touch-packages] [Bug 1923232] Re: SRU of LXC 4.0.6 to focal (upstream bugfix release)

2021-04-09 Thread Serge Hallyn
** No longer affects: lxc (Ubuntu Bionic) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1923232 Title: SRU of LXC 4.0.6 to focal (upstream bugfix release) Status in lxc

[Touch-packages] [Bug 1923232] [NEW] SRU of LXC 4.0.6 to focal (upstream bugfix release)

2021-04-09 Thread Serge Hallyn
built in -proposed are functional. ** Affects: lxc (Ubuntu) Importance: Undecided Status: New ** Affects: lxc (Ubuntu Bionic) Importance: High Assignee: Serge Hallyn (serge-hallyn) Status: New ** Affects: lxc (Ubuntu Focal) Importance: High Assignee

[Touch-packages] [Bug 1532314] Re: Buffer overflow in cgmanager

2020-08-11 Thread Serge Hallyn
I'm not sure 'fix released' is correct. Was a patch posted to fix it? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1532314 Title: Buffer overflow in cgmanager Status in

[Touch-packages] [Bug 73024] Re: unknown item 'FAIL_DELAY'

2020-05-24 Thread Serge Hallyn
Marking invalid as the comment in login.defs says these are handled by pam. ** Changed in: shadow (Ubuntu) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu.

[Touch-packages] [Bug 117736] Re: pam_mount unable to unmount needs root priv

2020-05-24 Thread Serge Hallyn
Marking fix released for shadow based on the openssh and debian status. ** Changed in: shadow (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu.

[Touch-packages] [Bug 621528] Re: package nfs-common 1:1.2.0-4ubuntu4 failed to install/upgrade: el subproceso script post-installation instalado devolvió el código de salida de error 1

2020-05-24 Thread Serge Hallyn
** Package changed: shadow (Ubuntu) => nfs-utils (Ubuntu) ** Changed in: nfs-utils (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu.

[Touch-packages] [Bug 1669156] Re: Fails writing with Caps Lock

2020-05-24 Thread Serge Hallyn
This is not a shadow bug. It's either a bug in the graphical login manager, or X, or a terminal driver. Please re-open if it is still relevant. ** Package changed: shadow (Ubuntu) => lightdm (Ubuntu) ** Changed in: lightdm (Ubuntu) Status: New => Incomplete -- You received this bug

[Touch-packages] [Bug 1608026] Re: package login 1:4.1.5.1-1ubuntu9 failed to install/upgrade: package login is not ready for configuration cannot configure (current status `half-installed')

2020-05-24 Thread Serge Hallyn
** Changed in: shadow (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/1608026 Title: package login 1:4.1.5.1-1ubuntu9 failed to

[Touch-packages] [Bug 1595080] Re: /etc/shadow has wrong ownership

2020-05-24 Thread Serge Hallyn
On my 18.04 laptop it is group shadow and group readable. If anyone can still reproduce this, please re-open this bug. It is likely an intaller bug. ** Changed in: shadow (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch

[Touch-packages] [Bug 1770233] Re: Login package changes MIN_UID in /etc/login.defs -> AccountsService/GDM then ignores existing user (UID 501) -> starts gnome-inital-setup to create user

2020-05-24 Thread Serge Hallyn
** Package changed: shadow (Ubuntu) => gnome-initial-setup (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/1770233 Title: Login package changes MIN_UID in

[Touch-packages] [Bug 914499] Re: 'su --help' exits with error code 2

2020-05-19 Thread Serge Hallyn
** Changed in: shadow (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/914499 Title: 'su --help' exits with error code 2 Status

[Touch-packages] [Bug 1388272] Re: Login screen shows different background picture such as set for desktop background

2020-05-19 Thread Serge Hallyn
This clearly is not related to shadow, but which package it affects would depend on which login manager was being used. In the unlikely event this is still an issue, please re-open this bug and let us know which you are using. ** Changed in: shadow (Ubuntu) Status: New => Incomplete --

[Touch-packages] [Bug 1482786] Re: man-db daily cron job TOCTOU bug when processing catman pages

2020-05-19 Thread Serge Hallyn
@cjwatson - is it safe to assume the fix was entirely in man-db? Or was shadow supposed to do something here as well? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/1482786

[Touch-packages] [Bug 1450880] Re: Impossible to set root password in Ubuntu Touch

2020-05-19 Thread Serge Hallyn
If this is still an issue, please re-open this bug. ** Changed in: shadow (Ubuntu) Status: Confirmed => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/1450880

[Touch-packages] [Bug 1547907] Re: package login 1:4.1.5.1-1ubuntu9.2 failed to install/upgrade: unable to install new version of `/bin/su': Device or resource busy

2020-05-19 Thread Serge Hallyn
Thanks for reporting this bug. Please reply if you have some situation where this might still occur. ** Changed in: shadow (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in

[Touch-packages] [Bug 1565345] Re: ubuntuBSD support

2020-05-19 Thread Serge Hallyn
Hi, looking at the package today, control already has libaudit-dev [linux- any] and --with-audit was dropped from rules, so I believe what you want should already be achieved. Please re-open if that's not the case. ** Changed in: shadow (Ubuntu) Status: New => Fix Released -- You

[Touch-packages] [Bug 1679765] Re: cannot lock password for user created with useradd --extrausers

2020-05-19 Thread Serge Hallyn
Extrausers is a concept introduced by the libnss-extrausers package. shadow and passwd simply know nothing about it. It simply is not a bug in the shadow package. It's a wholly un- implemented feature. It's not clear to me how this would function - after all these are supposed to be accounts

[Touch-packages] [Bug 1817496] Re: Login always shows partitions to be fsck-ed, even after reboot.

2020-04-15 Thread Serge Hallyn
You should be able to manually do fsck /dev/sda5 If the filesystem on sda5 is listed in /etc/fstab, then sixth fstab field for that filesystem should be '2'. If it is 0, then indeed it won't be fsck'd on reboot. fstab is owned by util-linux, but system bringup belongs to systemd, so I'm

[Touch-packages] [Bug 1817496] Re: Login always shows partitions to be fsck-ed, even after reboot.

2020-04-15 Thread Serge Hallyn
Please show the results of 'mount | grep sda5' and the contents of /etc/fstab. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1817496 Title: Login always shows partitions

[Touch-packages] [Bug 1808864] Re: Poor translation of zh_CN gpasswd(1) man page

2020-04-15 Thread Serge Hallyn
Would you mind comparing this to the new version at https://github.com/shadow-maint/shadow/blob/master/po/zh_CN.po ? I looked for the 'administrator' one, and that seems fixed. Any other updates you have which you could post as pull requests against the upstream project would be greatly

[Touch-packages] [Bug 1811893] Re: In Ubuntu on Virtualbox, the screen is blank after sign-in

2020-04-15 Thread Serge Hallyn
Thanks for reporting this bug. This looks to be a bug with either xubuntu login manager or xubuntu default X11 session, so I'm reassigning it to lightdm. ** Package changed: shadow (Ubuntu) => lightdm (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch

[Touch-packages] [Bug 1872443] Re: /etc/securetty missing: dovecot not working

2020-04-15 Thread Serge Hallyn
This was a decision made by the debian package (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=771675 ). Would you mind raising a bug against pam and shadow in debian bringing this up? Perhaps the libpam-modules package should supply it alongside the pam_securetty.so. Please let us know

[Touch-packages] [Bug 998816] Re: Login password is shown in plaintext

2020-04-15 Thread Serge Hallyn
Note this was wishlist in shadow, but i can't find wishlist in the list of options any more. ** Changed in: util-linux (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in

[Touch-packages] [Bug 998816] Re: Login password is shown in plaintext

2020-04-15 Thread Serge Hallyn
This is actually a bug in getty, which accepts the username and then starts login. ** Package changed: shadow (Ubuntu) => util-linux (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to util-linux in Ubuntu.

[Touch-packages] [Bug 600653] Re: passwd man mistake minage -m should be -n

2020-04-15 Thread Serge Hallyn
** Changed in: shadow (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/600653 Title: passwd man mistake minage -m should be -n

[Touch-packages] [Bug 1759247] Re: lxc-copy forgets to change /etc/hostname and /etc/hosts

2020-04-15 Thread Serge Hallyn
Tested this in eoan - hostname had the new name. ** Changed in: lxc (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1759247 Title:

[Touch-packages] [Bug 1321854] Re: useradd doesn't add the default shell to /etc/passwd entry

2020-04-15 Thread Serge Hallyn
Tested this in eoan. New user got the SHELL=zsh which I specified in /etc/default/useradd ** Changed in: shadow (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in

[Touch-packages] [Bug 1840375] Re: groupdel doesn't support extrausers

2019-08-31 Thread Serge Hallyn
Hi, can I interest anyone in pushing the extrausers patch as a PR to github.com/shadow-maint/shadow? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu. https://bugs.launchpad.net/bugs/1840375 Title:

[Touch-packages] [Bug 1782825] [NEW] missing symlink for library

2018-07-20 Thread Serge Hallyn
Public bug reported: On bionic, I needed to ln -s /lib/x86_64-linux-gnu/libdevmapper.so.1.02.1 /lib/x86_64-linux- gnu/libdevmapper.so.1.02 in order for some previously built programs (like skopeo) to continue to work. ** Affects: lvm2 (Ubuntu) Importance: Undecided Status: New

Re: [Touch-packages] [Bug 1303649] Re: systemd-logind spins in cgmanager_ping_sync()

2018-03-24 Thread Serge Hallyn
Could you find the pid of cgmanager ( 353 below)‎ and do Strafe -f -p 353 -o trace.txt for maybe 5 seconds, ctrl-c it, and attach trace.txt here? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu.

[Touch-packages] [Bug 1729357] Re: unprivileged user can drop supplementary groups

2018-03-13 Thread Serge Hallyn
@stgraber @mdeslaur - I'd considered making a release for Ubuntu... but this is the negative acl thing... Your opinions appreciated. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to shadow in Ubuntu.

[Touch-packages] [Bug 1303649] Re: systemd-logind spins in cgmanager_ping_sync()

2018-03-12 Thread Serge Hallyn
Hi, just to get this straight to narrow down scenarios to try to reproduce: 1. Dale with 16.04 you are *not* seeing this, right? You saw it with 14.04 with proposed enabled? 2. Marcelo, you are seeing this with 14.04.5 with proposed enabled? -- You received this bug notification because you

[Touch-packages] [Bug 1700814] Re: Default capability of cap_setfcap+i should be set on setcap

2018-02-26 Thread Serge Hallyn
: (unassigned) => Serge Hallyn (serge-hallyn) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libcap2 in Ubuntu. https://bugs.launchpad.net/bugs/1700814 Title: Default capability of cap_setfcap+i should be set on setcap Sta

[Touch-packages] [Bug 1704416] Re: CAP_AUDIT_READ is not supported on Xenial

2018-02-26 Thread Serge Hallyn
Sorry - if this is still an issue, please reply here. ** Changed in: libcap2 (Ubuntu) Assignee: (unassigned) => Serge Hallyn (serge-hallyn) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libcap2 in Ubuntu. ht

Re: [Touch-packages] [Bug 1729357] Re: unprivileged user can drop supplementary groups

2018-01-15 Thread Serge Hallyn
This sounds acceptable to me. Issues or (even better) PRs against github.com/shadow-maint/shadow would be great :) Indeed the default should be the more permissible. (I won't accept patches which require changes to the container runtime.) On Mon, Jan 15, 2018 at 9:13 AM, Akihiro Suda

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-10-25 Thread Serge Hallyn
Drat. I do think this should still be pushed. I don't know when I'll have time to do it though. Please keep it open. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cgroup-lite in Ubuntu.

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-10-25 Thread Serge Hallyn
I'll still aim to push this for trusty and xenial. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cgroup-lite in Ubuntu. https://bugs.launchpad.net/bugs/1668724 Title: fails to mount cgroupfs inside containers running on

[Touch-packages] [Bug 882147] Re: overlayfs does not implement inotify interfaces correctly

2017-09-07 Thread Serge Hallyn
Nope, tail -f is still broken at least in 4.12. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to coreutils in Ubuntu. https://bugs.launchpad.net/bugs/882147 Title: overlayfs does not implement inotify interfaces correctly

[Touch-packages] [Bug 882147] Re: overlayfs does not implement inotify interfaces correctly

2017-09-07 Thread Serge Hallyn
I've seen reports that this is fixed in 4.10? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to coreutils in Ubuntu. https://bugs.launchpad.net/bugs/882147 Title: overlayfs does not implement inotify interfaces correctly

[Touch-packages] [Bug 1700814] Re: Default capability of cap_setfcap+i should be set on setcap

2017-06-29 Thread Serge Hallyn
Indeed it should be reasonable to do so. Note that there are cases, including unprivileged containers, where file capabilities cannot be set, so the packaging would have to gracefully handle (i.e. ignore) that failure rather than fail the package install. -- You received this bug notification

[Touch-packages] [Bug 1700812] Re: pam_cap is provided by the libpam-cap package on x86_64 xenial

2017-06-27 Thread Serge Hallyn
@mattofak - thanks for filing the bug. I've linked it to the manpage project. It'll get fixed. ** Also affects: ubuntu-manpage-repository Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is

Re: [Touch-packages] [Bug 1700812] [NEW] pam_cap is provided by the libpam-cap package on x86_64 xenial

2017-06-27 Thread Serge Hallyn
Note, the actual manpage makes no mention of the package. Which is how it should be, as the manpage comes from upstream and not from Ubuntu. So if this is a bug, it is a bug against manpages.ubuntu.com. -- You received this bug notification because you are a member of Ubuntu Touch seeded

[Touch-packages] [Bug 1696989] Re: package libpam-cgfs 2.0.7-0ubuntu1~17.04.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128

2017-06-09 Thread Serge Hallyn
Hi, thanks for taking the time to report this bug. This actually appears to be a problem not in libpam-cgfs itself: Setting up libpam-cgfs (2.0.7-0ubuntu1~17.04.1) ... Use of uninitialized value $reply in scalar chomp at /usr/share/perl5/Debconf/FrontEnd/Passthrough.pm line 66. I'm going to

Re: [Touch-packages] [Bug 1695808] Re: tasks killed for nop (-1)

2017-06-08 Thread Serge Hallyn
Note, I'm happy to update a fix for this for a (and a -proposed one for xenial). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libseccomp in Ubuntu. https://bugs.launchpad.net/bugs/1695808 Title: tasks killed for nop

[Touch-packages] [Bug 1695808] [NEW] tasks killed for nop (-1)

2017-06-04 Thread Serge Hallyn
Public bug reported: As the seccomp manpage points out, after seeing a SECCOMP_RET_TRACE, a tracer can set nr to -1 to skip the syscall. Similarly, one task could be debugging another seccomp'd task, simply doing PTRACE_SYSCALL without using SECCOMP_PTRACE, and want to make the tracee skip a

[Touch-packages] [Bug 1690820] Re: killing su does not kill subprocess (SIGTERM not propagated)

2017-05-15 Thread Serge Hallyn
Thanks for filing, Radu. The commit which fixed it is in this PR: https://github.com/shadow-maint/shadow/pull/72 (wget https://github.com/shadow-maint/shadow/pull/72.patch) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to

[Touch-packages] [Bug 1649310] Re: RM Upstart, obsolete, superseded by systemd

2017-04-26 Thread Serge Hallyn
@bryanquigley - no. i had opened one for networkmanager (or planned on it, don't remember how far i got), but in the end to provide meaningful details i'd have to *run* it. Stop trying to get me to run it. Thanks. -- You received this bug notification because you are a member of Ubuntu Touch

[Touch-packages] [Bug 1649310] Re: RM Upstart, obsolete, superseded by systemd

2017-04-25 Thread Serge Hallyn
@bryanquigley that's an odd non-sequitur. I'm avoiding switching to systemd (in part for power usage), and cgroupfs-mount is not the thing being removed. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-touch-meta in

[Touch-packages] [Bug 1649310] Re: RM Upstart, obsolete, superseded by systemd

2017-04-24 Thread Serge Hallyn
I don't expect upstart to be supported, but it would be nice to keep it in universe. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-touch-meta in Ubuntu. https://bugs.launchpad.net/bugs/1649310 Title: RM Upstart,

Re: [Touch-packages] [Bug 1649310] Re: RM Upstart, obsolete, superseeded by systemd

2017-04-24 Thread Serge Hallyn
I'm concerned about upstart in particular. Indeed cgmanager is unsupported. I'm using upstart with cgroupfs-mount. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-touch-meta in Ubuntu.

Re: [Touch-packages] [Bug 1649310] Re: RM Upstart, obsolete, superseeded by systemd

2017-04-24 Thread Serge Hallyn
(and with that, i'll be needing a new distro :( ) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ubuntu-touch-meta in Ubuntu. https://bugs.launchpad.net/bugs/1649310 Title: RM Upstart, obsolete, superseeded by systemd

[Touch-packages] [Bug 1576341] Re: systemd in degraded state on startup in LXD containers

2017-03-28 Thread Serge Hallyn
Thanks, Nish. My thoughts: 1.a sounds good 1.b i'd like another way to do that, but not sure what a better way would be. 1.c does lvm also fail in privileged containers? I can see no use to running it (for now) in an unprivileged container, so the same solution as 1.a seems reasonable. 1.d

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-03-17 Thread Serge Hallyn
Sorry, this got lost in my inbox. I used dput. I seemed to recall that in some recent cycle the it became either ok or preferred to use $release-updates instead of $release-proposed in SRUs. I can trivially change it ack to yakkety-proposed if preferred. For Trusty, I just noticed that the

Re: [Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-03-06 Thread Serge Hallyn
Thanks for looking. I'll push that tonight.   Original Message   From: Cam Cope Sent: Monday, March 6, 2017 3:50 PM To: serge.hal...@gmail.com Reply To: Bug 1668724 Subject: [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04 LGTM -- You received this bug

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-03-03 Thread Serge Hallyn
(s@/tmp/2@/proc/cgroups@ of course) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cgroup-lite in Ubuntu. https://bugs.launchpad.net/bugs/1668724 Title: fails to mount cgroupfs inside containers running on 16.04 Status

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-03-03 Thread Serge Hallyn
FWIW something like: for d in `tail -n +2 /tmp/2 | awk '{ if ($2 == 0) print $1 else if (a[$2]) a[$2] = a[$2]","$1 else a[$2]=$1 };END{ for(i in a) { print a[i] } }'`; do mkdir -p

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-03-03 Thread Serge Hallyn
There is a bug (which is fixed in newer versions) in lxc in that it does not ignore cgroups which are not used by the container. So in your particular case, if you're not using the co-mounted controllers, then indeed fixing the lxc bug should work for you as well. Nevertheless some people will

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-03-03 Thread Serge Hallyn
This bug incidentally also affects the cgroupfs-mount package. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cgroup-lite in Ubuntu. https://bugs.launchpad.net/bugs/1668724 Title: fails to mount cgroupfs inside containers

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-03-03 Thread Serge Hallyn
(Note - this means the patch I just pushed to zesty is in fact wrong. Since zesty requires systemd this doesn't really matter, but we must get a working patch before pushing SRU patches) @ccope, please let me know if you care to write an update patch. -- You received this bug notification

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-03-03 Thread Serge Hallyn
Hm, yes i see (hierarchy 0). I do worry that means that systems with the unified hierarchy will be still more of a problem, since it is mounted as hierarchy 0. But then it's probably fine to just say that cgroup-lite doesn't support unified hierarchy. -- You received this bug notification

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-03-03 Thread Serge Hallyn
** Also affects: cgroup-lite (Ubuntu Trusty) Importance: Undecided Status: New ** Also affects: cgroup-lite (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: cgroup-lite (Ubuntu Yakkety) Importance: Undecided Status: New ** Also affects:

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-03-03 Thread Serge Hallyn
I assume /sys/fs/cgroup/systemd was used because that's where systemd expected to see it. I can't find any version which mounts it at /sys/fs/cgroup/name=systemd - do you have a version that does that? -- You received this bug notification because you are a member of Ubuntu Touch seeded

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-02-28 Thread Serge Hallyn
Thanks for the patches. Note that you've changed the loop variable from d to c, but the loop is still using d, so nothing gets mounted with that patch verbatim. Switching the variable back to d fixes the issue for me. -- You received this bug notification because you are a member of Ubuntu

[Touch-packages] [Bug 1668724] Re: fails to mount cgroupfs inside containers running on 16.04

2017-02-28 Thread Serge Hallyn
** Changed in: cgroup-lite (Ubuntu) Importance: Undecided => High ** Changed in: cgroup-lite (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cgroup-lite in Ubuntu.

[Touch-packages] [Bug 1576341] Re: fails in lxd container

2017-01-14 Thread Serge Hallyn
Seems like just adding ConditionVirtualization=!container to debian//open-iscsi.service should fix it. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lvm2 in Ubuntu. https://bugs.launchpad.net/bugs/1576341 Title: fails

[Touch-packages] [Bug 1639440] Re: [desktop] apps don't start, missing logs

2016-11-07 Thread Serge Hallyn
This is related to the other open bugs caused by systemd starting to mount the unified hierarchy. There had been a branch of cgmanager able to handle unified, around June 2015, but it was only experimental. Does unity still require cgmanager? Note that cgmanager's deprecation

[Touch-packages] [Bug 1611243] Re: lxc-attach "lxc-attach: attach.c: lxc_attach: 730 failed to get the init pid"

2016-08-09 Thread Serge Hallyn
You do not show a 'lxc-start' command. You do need to manually start the container before you can attach to it. ** Changed in: lxc (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc

Re: [Touch-packages] [Bug 1574566] Re: package libvirt-bin 1.3.1-1ubuntu10 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1

2016-07-28 Thread Serge Hallyn
Indeed, that (-d) is a difference in how the upstart and systemctl jobs expect to function. The upstart job was 'expect daemon' and specifies -d in the upstart job itself (not in /etc/default/libvirt-bin) Assuming Ubuntu doesn't drop the upstart job altogether (which would be a problem for me)

Re: [Touch-packages] [Bug 1535058] Re: applications close instantly when launched from the launcher or dash

2016-07-14 Thread Serge Hallyn
I'm sorry, I'm as context-swapped as you are... can you remind me why it is needed, versus simply having libpam-cgfs setup to give you cgroups upon login? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity8 in Ubuntu.

Re: [Touch-packages] [Bug 1535058] Re: applications close instantly when launched from the launcher or dash

2016-07-14 Thread Serge Hallyn
Quoting David Planella (david.plane...@ubuntu.com): > In my case it's disabled, but even after enabling it manually, I'm > getting the same errors that I had a few months back: > > "cgmanager:do_create_main: pid 2118 (uid 1000 gid 1000) may not create > under /run/cgmanager/fs/freezer" This

Re: [Touch-packages] [Bug 1535058] Re: applications close instantly when launched from the launcher or dash

2016-07-14 Thread Serge Hallyn
Why is it being *dis*abled? it's not needed, but it's also not in the way. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unity8 in Ubuntu. https://bugs.launchpad.net/bugs/1535058 Title: applications close instantly when

[Touch-packages] [Bug 1598108] Re: ubuntu/xenial64 slow sstart

2016-07-01 Thread Serge Hallyn
I'm confused as to why you reported this bug against lxc in ubuntu. Were you running vagrant+virtualbox inside an ubuntu lxc container? ** Package changed: lxc (Ubuntu) => cloud-images -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is

[Touch-packages] [Bug 1392176] Re: mounts cgroups unconditionally which causes undesired effects with cpu hotplug

2016-06-18 Thread Serge Hallyn
I recommend opening new bugs against libvirt and docker. Libvirt moves VMS into a cpuset by default. I assume docker does the same. (My xenial laptop runs upstart, so this is not systemd's doing) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages,

[Touch-packages] [Bug 1392176] Re: mounts cgroups unconditionally which causes undesired effects with cpu hotplug

2016-06-17 Thread Serge Hallyn
"LXC cases, like docker and KVM" - did you mean non-lxc cases? xenial by default should now be using libpam-cgfs, should not be using cgmanager, and should not be creating cpusets. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is

Re: [Touch-packages] [Bug 1590547] Re: LXC package for trusty no longer has configuration files

2016-06-09 Thread Serge Hallyn
Hi, I suspect this points to a problem in the packaging - the lxc1 package should probably have a >= versioned dependency on lxc-templates. That way, apt install -t backports lxc1 would have automatically upgraded lxc-templates for you. So I do think this is a real bug in trusty-backports.

[Touch-packages] [Bug 1590547] Re: LXC package for trusty no longer has configuration files

2016-06-09 Thread Serge Hallyn
The version you have of the other lxc templates is from backports, so perhaps you need to manually request that? apt install -t trusty-backports lxc-templates or something. I never use backports, stgraber can probably help you, if the above does not work. -- You received this bug notification

[Touch-packages] [Bug 1590547] Re: LXC package for trusty no longer has configuration files

2016-06-08 Thread Serge Hallyn
Can you show the output of dpkg -l | grep lxc ? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1590547 Title: LXC package for trusty no longer has configuration files

[Touch-packages] [Bug 1529079] Re: Can't start virtual machines with installed systemd-container package on Xenial

2016-06-07 Thread Serge Hallyn
Reminder - see comment #40 for the proposed fix. The pertinent question is, given that that is upstream, why is this apparently not a problem for other systemd-based distros? How does it work in Fedora? -- You received this bug notification because you are a member of Ubuntu Touch seeded

[Touch-packages] [Bug 1584157] Re: Feature Request: setting a custom root directory

2016-05-20 Thread Serge Hallyn
Excellent :) ** Changed in: lxc (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1584157 Title: Feature Request: setting a custom root

Re: [Touch-packages] [Bug 1584157] Re: Feature Request: setting a custom root directory

2016-05-20 Thread Serge Hallyn
If you look at lxc.system.conf(5), there is 'lxc.lxc_path' which equates to the -P lxcpath command line option. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1584157 Title:

Re: [Touch-packages] [Bug 1584157] [NEW] Feature Request: setting a custom root directory

2016-05-20 Thread Serge Hallyn
You can use -P to set the container prefix path. Does that do what you need? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1584157 Title: Feature Request: setting a custom

[Touch-packages] [Bug 1579922] Re: dh_systemd_enable fails due to 'preset' when service file is renamed

2016-05-18 Thread Serge Hallyn
I can reproduce it with the package excerpts at https://code.launchpad.net/~serge-hallyn/+git/pkg1 and https://code.launchpad.net/~serge-hallyn/+git/pkg2 First dpkg -i pkg1_1-1_amd64.deb then dpkg -i pkg1_1-2_amd64.deb pkg2_1-2_amd64.deb On yakkety, this gives me: (Reading

[Touch-packages] [Bug 1580984] Re: procps postinst fails when inside lxd

2016-05-17 Thread Serge Hallyn
procps has a patch to sysctl.c to ignore EACCESS. I guess systemd's systemd-sysctl needs the same kind of patch. ** Also affects: systemd (Ubuntu) Importance: Undecided Status: New ** Changed in: lxd (Ubuntu) Status: Confirmed => Invalid ** Changed in: systemd (Ubuntu)

  1   2   3   4   5   6   7   >