[Bug 2059756] Re: [SRU] adsys 0.14.1
** Description changed: [context] ADSys is a tool designed for administering and implementing Group Policy Objects (GPOs) from Active Directory on Linux systems. It includes a suite of services and commands that empower administrators to efficiently manage policy updates and maintain compliance with organizational business rules. Given that ADSys directly interfaces with Active Directory and needs to align with new business requirements in LTS releases, it has been essential to keep the package consistently updated with the latest changes of ADSys upstream source. As ADSys is a key component of our commercial offerings, our customers anticipate the availability of recently implemented features in the 22.04 release. Now that ADSys has a complete set of features, the request is to proceed with a one-off release of ADSys 0.14.1 to 22.04. Please note that any new features introduced in subsequent versions will be exclusively available in 24.04 and later releases. This version includes a comprehensive end to end automated test suite that runs ADSys against a real Active directory environment. Version 0.14.1 is available for 22.04 in a PPA (https://launchpad.net/~ubuntu-enterprise-desktop/+archive/ubuntu/adsys) and already used in production by customers. At this time of writing the number of open issues is 1 in Launchpad and 16 in GitHub including 6 enhancements. None of them have a high or critical importance. [references] LP: https://launchpad.net/ubuntu/+source/adsys LP Bugs: https://bugs.launchpad.net/ubuntu/+source/adsys GitHub: https://github.com/ubuntu/adsys/ GH Bugs: https://github.com/ubuntu/adsys/issues Documentation: https://canonical-adsys.readthedocs-hosted.com/en/stable/ Initial SRU discussion: https://lists.ubuntu.com/archives/ubuntu-release/2023-June/005650.html [changes] Full LP Changelog: https://launchpad.net/ubuntu/+source/adsys/+changelog * New features * New policies: - Add mount / network shares policy manager - Add AppArmor policy manager - Support multiple AD backends and implement Winbind support - Add system proxy policy manager - Add certificate policy manager for machines - Add adsysctl policy purge command to purge applied policies - Full documentation - Full end to end automated test suite. * Enhancements * Add a --machine / -m flag to adsysctl applied, indicating the policies applied to the current machine * Expose Ubuntu Pro status in the "status" command * Update scripts manager creation * List Pro policy types in service status output * Warn when Pro-only rules are configured * Use systemd via D-Bus instead of systemctl commands * Add placeholder notes for entry types * Rework Kerberos ticket handling logic to satisfy the Heimdal implementation of Kerberos * Rework policy application sync strategy * Print logs when policies are up to date * Update policy definitions to include dconf key for dark mode background * Infer user KRB5CCNAME path via the libkrb5 API (LP: #2049061) * Allow sssd backend to work without ad_domain being set (LP: #2054445) * Update apport hook to include journal errors and package logs * Bug fixes * Fix policy update failing when GPT.INI contains no version key * Fix object lookup for users having a FQDN as their hostname * Support special characters in domains when parsing sssd configuration * Fix DCONF_PROFILE not considering default_domain_suffix on sssd.conf * Ensure empty state for dconf policy * Handle case mismatches in GPT.INI file name * Ensure GPO URLs contain the FQDN of the domain controller * Add runtime dependency on nfs-common * Other * Updates to latest versions of Go (fixing known Go vulnerabilities) * Updates to latest versions of the Go dependencies * Updates and improvements to CI and QoL * Migrate translation support to native approach using go-i18n + gotext and switch to upstream gotext version Dependencies: * Build-dep: golang-go (>= 2:1.22~) * Dependencies to backport to 22.04: * golang-go >= 2:1.22 * ubuntu-proxy-manager (suggest. Required for Proxy support - feature will be disabled otherwise) * python3-cepces (suggest. Required for Certificates autoenrollment support - feature will be disabled otherwise) * Note: Both are currently in the new queue of 22.04 : https://launchpad.net/ubuntu/jammy/+queue?queue_state=0_text= [test plan] # Process Adsys follows a robust continuous integration and testing process. It is covered by a comprehensive automated tests suite (https://github.com/ubuntu/adsys/actions/workflows/qa.yaml) and an automated end to end test suite that runs in a real active directory environment (https://github.com/ubuntu/adsys/actions/workflows/e2e-tests.yaml). The team applied the following quality
[Bug 2059756] Re: [SRU] adsys 0.14.1
** Description changed: [context] ADSys is a tool designed for administering and implementing Group Policy Objects (GPOs) from Active Directory on Linux systems. It includes a suite of services and commands that empower administrators to efficiently manage policy updates and maintain compliance with organizational business rules. Given that ADSys directly interfaces with Active Directory and needs to align with new business requirements in LTS releases, it has been essential to keep the package consistently updated with the latest changes of ADSys upstream source. As ADSys is a key component of our commercial offerings, our customers anticipate the availability of recently implemented features in the 22.04 release. Now that ADSys has a complete set of features, the request is to proceed with a one-off release of ADSys 0.14.1 to 22.04. Please note that any new features introduced in subsequent versions will be exclusively available in 24.04 and later releases. This version includes a comprehensive end to end automated test suite that runs ADSys against a real Active directory environment. Version 0.14.1 is available for 22.04 in a PPA (https://launchpad.net/~ubuntu-enterprise-desktop/+archive/ubuntu/adsys) and already used in production by customers. At this time of writing the number of open issues is 1 in Launchpad and 16 in GitHub including 6 enhancements. None of them have a high or critical importance. [references] LP: https://launchpad.net/ubuntu/+source/adsys LP Bugs: https://bugs.launchpad.net/ubuntu/+source/adsys GitHub: https://github.com/ubuntu/adsys/ GH Bugs: https://github.com/ubuntu/adsys/issues Documentation: https://canonical-adsys.readthedocs-hosted.com/en/stable/ Initial SRU discussion: https://lists.ubuntu.com/archives/ubuntu-release/2023-June/005650.html [changes] Full LP Changelog: https://launchpad.net/ubuntu/+source/adsys/+changelog * New features * New policies: - Add mount / network shares policy manager - Add AppArmor policy manager - Support multiple AD backends and implement Winbind support - Add system proxy policy manager - Add certificate policy manager for machines - Add adsysctl policy purge command to purge applied policies - Full documentation - Full end to end automated test suite. * Enhancements * Add a --machine / -m flag to adsysctl applied, indicating the policies applied to the current machine * Expose Ubuntu Pro status in the "status" command * Update scripts manager creation * List Pro policy types in service status output * Warn when Pro-only rules are configured * Use systemd via D-Bus instead of systemctl commands * Add placeholder notes for entry types * Rework Kerberos ticket handling logic to satisfy the Heimdal implementation of Kerberos * Rework policy application sync strategy * Print logs when policies are up to date * Update policy definitions to include dconf key for dark mode background * Infer user KRB5CCNAME path via the libkrb5 API (LP: #2049061) * Allow sssd backend to work without ad_domain being set (LP: #2054445) * Update apport hook to include journal errors and package logs * Bug fixes * Fix policy update failing when GPT.INI contains no version key * Fix object lookup for users having a FQDN as their hostname * Support special characters in domains when parsing sssd configuration * Fix DCONF_PROFILE not considering default_domain_suffix on sssd.conf * Ensure empty state for dconf policy * Handle case mismatches in GPT.INI file name * Ensure GPO URLs contain the FQDN of the domain controller * Add runtime dependency on nfs-common * Other * Updates to latest versions of Go (fixing known Go vulnerabilities) * Updates to latest versions of the Go dependencies * Updates and improvements to CI and QoL * Migrate translation support to native approach using go-i18n + gotext and switch to upstream gotext version Dependencies: * Build-dep: golang-go (>= 2:1.22~) * Dependencies to backport to 22.04: * golang-go >= 2:1.22 * ubuntu-proxy-manager (suggest. Required for Proxy support - feature will be disabled otherwise) * python3-cepces (suggest. Required for Certificates autoenrollment support - feature will be disabled otherwise) * Note: Both are currently in the new queue of 22.04 : https://launchpad.net/ubuntu/jammy/+queue?queue_state=0_text= [test plan] # Process Adsys follows a robust continuous integration and testing process. It is covered by a comprehensive automated tests suite (https://github.com/ubuntu/adsys/actions/workflows/qa.yaml) and an automated end to end test suite that runs in a real active directory environment (https://github.com/ubuntu/adsys/actions/workflows/e2e-tests.yaml). The team applied the following quality
[Bug 2048232] Re: [SRU] Backport to 22.04 LTS
** Description changed: As part of our entreprise desktop offering, there is the request to backport ubuntu-proxy-manager to 22.04 LTS. The package is in universe for now. Ubuntu Proxy Manager is a D-Bus mediated service intended to be triggered by ADSys, our Active Directory GPO integration. ADSys has been available starting Ubuntu 21.04, and Ubuntu Proxy Manager was first released in Ubuntu 23.04. + + It depends on the new golang 1.22 SRU attached to + https://bugs.launchpad.net/ubuntu/+source/golang-1.22/+bug/2059756 [Impact] * ubuntu-proxy-manager is a new package. Impact is thus only for people installing. * To leverage the functionality of the package, a recent enough ADSys version must be used (at least 0.11.0, not currently in Jammy but there are approved plans to backport ADSys 0.13.2). * In addition to the ADSys requirement above, the machine must be Pro-enabled and a Proxy GPO must be configured on the Windows AD controller. * No impact is expected if the conditions above are not met. * This is a entreprise feature requested by desktop customers running LTS. [Test Plan] 1. Configure your machine with AD, with a correctly configured SSSD and KRB5 (AD user should be able to log in). Instructions can be found on https://github.com/ubuntu/adsys/wiki/2.-Prerequisites 2. Install admx and adml files on your AD controller: https://canonical-adsys.readthedocs-hosted.com/en/stable/how-to/set-up-ad/ 3. Join machine to Ubuntu Pro to enable proxy policy application 4. Configure some proxy settings in AD (https://canonical-adsys.readthedocs-hosted.com/en/stable/explanation/proxy/), for instance: * HTTP Proxy * Ignored hosts 5. Install ADSys (at least version 0.11.0) and ubuntu-proxy-manager, then run `adsysctl update -m` to force a refresh of the policies 6. Ensure GSettings/APT/environment proxy values are correctly set (full list of supported proxy backends can be seen here: https://github.com/ubuntu/ubuntu-proxy-manager#supported-backends) 7. Remove/purge the ubuntu-proxy-manager package and run `adsysctl update -m` again -- a warning should show reflecting that ADSys has detected a configured proxy policy but ubuntu-proxy-manager is not installed for it to be applied. ADSys's exit code will remain 0. [Where problems could occur] * Network access of various programs will be hindered if incorrect proxy settings are configured. [Other Info] * The current version of ADSys in Jammy does not interact with this package whatsoever, but there are plans to backport the latest version. * A passing PPA build for ubuntu-proxy-manager can be seen here: https://launchpad.net/~gabuscus/+archive/ubuntu/ppa/+sourcepub/15678628/+listing-archive-extra - * We have previously requested a FFe for ubuntu-proxy-manager for Focal: https://bugs.launchpad.net/ubuntu/jammy/+source/adsys/+bug/2012371 + * We have previously requested a FFe for ubuntu-proxy-manager for Focal: https://bugs.launchpad.net/ubuntu/jammy/+source/adsys/+bug/2012371 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048232 Title: [SRU] Backport to 22.04 LTS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-proxy-manager/+bug/2048232/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2048514] Re: [SRU] Backport to 22.04 LTS
** Changed in: python-cepces (Ubuntu) Status: In Progress => New ** Changed in: python-requests-gssapi (Ubuntu) Status: In Progress => New ** Also affects: python-requests-gssapi (Ubuntu Jammy) Importance: Undecided Status: New ** Also affects: python-cepces (Ubuntu Jammy) Importance: Undecided Status: New ** Changed in: python-cepces (Ubuntu) Status: New => Fix Released ** Changed in: python-requests-gssapi (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048514 Title: [SRU] Backport to 22.04 LTS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python-cepces/+bug/2048514/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2048232] Re: [SRU] Backport to 22.04 LTS
** Changed in: ubuntu-proxy-manager (Ubuntu) Status: In Progress => New ** Also affects: ubuntu-proxy-manager (Ubuntu Jammy) Importance: Undecided Status: New ** Changed in: ubuntu-proxy-manager (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048232 Title: [SRU] Backport to 22.04 LTS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-proxy-manager/+bug/2048232/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059756] Re: [SRU] adsys 0.14.1
** Changed in: golang-1.22 (Ubuntu) Status: New => Fix Released ** Description changed: [context] ADSys is a tool designed for administering and implementing Group Policy Objects (GPOs) from Active Directory on Linux systems. It includes a suite of services and commands that empower administrators to efficiently manage policy updates and maintain compliance with organizational business rules. Given that ADSys directly interfaces with Active Directory and needs to align with new business requirements in LTS releases, it has been essential to keep the package consistently updated with the latest changes of ADSys upstream source. As ADSys is a key component of our commercial offerings, our customers anticipate the availability of recently implemented features in the 22.04 release. Now that ADSys has a complete set of features, the request is to proceed with a one-off release of ADSys 0.14.1 to 22.04. Please note that any new features introduced in subsequent versions will be exclusively available in 24.04 and later releases. This version includes a comprehensive end to end automated test suite that runs ADSys against a real Active directory environment. Version 0.14.1 is available for 22.04 in a PPA (https://launchpad.net/~ubuntu-enterprise-desktop/+archive/ubuntu/adsys) and already used in production by customers. At this time of writing the number of open issues is 1 in Launchpad and 16 in GitHub including 6 enhancements. None of them have a high or critical importance. [references] LP: https://launchpad.net/ubuntu/+source/adsys LP Bugs: https://bugs.launchpad.net/ubuntu/+source/adsys GitHub: https://github.com/ubuntu/adsys/ GH Bugs: https://github.com/ubuntu/adsys/issues Documentation: https://canonical-adsys.readthedocs-hosted.com/en/stable/ Initial SRU discussion: https://lists.ubuntu.com/archives/ubuntu-release/2023-June/005650.html [changes] Full LP Changelog: https://launchpad.net/ubuntu/+source/adsys/+changelog * New features * New policies: - Add mount / network shares policy manager - Add AppArmor policy manager - Support multiple AD backends and implement Winbind support - Add system proxy policy manager - Add certificate policy manager for machines - Add adsysctl policy purge command to purge applied policies - Full documentation - Full end to end automated test suite. * Enhancements * Add a --machine / -m flag to adsysctl applied, indicating the policies applied to the current machine * Expose Ubuntu Pro status in the "status" command * Update scripts manager creation * List Pro policy types in service status output * Warn when Pro-only rules are configured * Use systemd via D-Bus instead of systemctl commands * Add placeholder notes for entry types * Rework Kerberos ticket handling logic to satisfy the Heimdal implementation of Kerberos * Rework policy application sync strategy * Print logs when policies are up to date * Update policy definitions to include dconf key for dark mode background * Infer user KRB5CCNAME path via the libkrb5 API (LP: #2049061) * Allow sssd backend to work without ad_domain being set (LP: #2054445) * Update apport hook to include journal errors and package logs * Bug fixes * Fix policy update failing when GPT.INI contains no version key * Fix object lookup for users having a FQDN as their hostname * Support special characters in domains when parsing sssd configuration * Fix DCONF_PROFILE not considering default_domain_suffix on sssd.conf * Ensure empty state for dconf policy * Handle case mismatches in GPT.INI file name * Ensure GPO URLs contain the FQDN of the domain controller * Add runtime dependency on nfs-common * Other * Updates to latest versions of Go (fixing known Go vulnerabilities) * Updates to latest versions of the Go dependencies * Updates and improvements to CI and QoL * Migrate translation support to native approach using go-i18n + gotext and switch to upstream gotext version Dependencies: * Build-dep: golang-go (>= 2:1.22~) * Dependencies to backport to 22.04: - * golang-go >= 2:1.22 + * golang-go >= 2:1.22 * ubuntu-proxy-manager (suggest. Required for Proxy support - feature will be disabled otherwise) * python3-cepces (suggest. Required for Certificates autoenrollment support - feature will be disabled otherwise) * Note: Both are currently in the new queue of 22.04 : https://launchpad.net/ubuntu/jammy/+queue?queue_state=0_text= - [test plan] # Process Adsys follows a robust continuous integration and testing process. It is covered by a comprehensive automated tests suite (https://github.com/ubuntu/adsys/actions/workflows/qa.yaml) and an automated end to end test suite that runs in a real active directory environment
[Bug 2061850] Re: Can't authenticate in TTY after installing authd, but sudo works
The issue had been identified to be in GDM. ** Package changed: authd (Ubuntu) => gdm3 (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2061850 Title: Can't authenticate in TTY after installing authd, but sudo works To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gdm3/+bug/2061850/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2048781] Re: [MIR] authd
We decided to remove the authd package in noble for the time being. The current implementation (in particular the one in the PAM module) is not up to our standard in terms of quality and what we are confortable to support in the long term. Rather than releasing as is and having risky SRUs in the future changing a large part of the implementation, we decided against this and rather polishing the code, securing it, adding even more tests and releasing all that as a new package SRUed to the 24.04 LTS in the coming months. That way, we won’t risk to regress any potential users and we will use an architecture we are more confortable supporting for the next 5/10 years of the LTS release. It means that when we reintroduce it, we will rerequest a new MIR too as the PAM module will largely change and we want to ensure we follow the process and quality standard we expect for the Ubuntu distribution. ** Changed in: authd (Ubuntu) Status: In Progress => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048781 Title: [MIR] authd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/authd/+bug/2048781/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060546] Re: [FFe] Update authd to current version
Removing packages from noble: authd 0.2.1 in noble authd 0.2.1 in noble amd64 authd 0.2.1 in noble arm64 authd 0.2.1 in noble armhf authd 0.2.1 in noble ppc64el authd 0.2.1 in noble riscv64 authd 0.2.1 in noble s390x Comment: Removing from noble for now. See the rationale in LP: #2060546 Remove [y|N]? y 1 package successfully removed. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060546 Title: [FFe] Update authd to current version To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/authd/+bug/2060546/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060546] Re: [FFe] Update authd to current version
We decided to remove the authd package in noble for the time being. The current implementation (in particular the one in the PAM module) is not up to our standard in terms of quality and what we are confortable to support in the long term. Rather than releasing as is and having risky SRUs in the future changing a large part of the implementation, we decided against this and rather polishing the code, securing it, adding even more tests and releasing all that as a new package SRUed to the 24.04 LTS in the coming months. That way, we won’t risk to regress any potential users and we will use an architecture we are more confortable supporting for the next 5/10 years of the LTS release. It means that when we reintroduce it, we will rerequest a new MIR too as the PAM module will largely change and we want to ensure we follow the process and quality standard we expect for the Ubuntu distribution. ** Changed in: authd (Ubuntu) Status: Triaged => Won't Fix -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060546 Title: [FFe] Update authd to current version To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/authd/+bug/2060546/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2052495] Re: [MIR] wsl-pro-service
The last security request (having per user certificate to secure the gRPC communication so that they can’t be hijacked cross-users) is now addressed with 0.1.4 with many other enhancements fixing some recommended TODOs. I’m proceeding thus with the promotion. ** Changed in: wsl-pro-service (Ubuntu Noble) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2052495 Title: [MIR] wsl-pro-service To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wsl-pro-service/+bug/2052495/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062133] Re: Migration to the snap issues
yeah, informing the user will go a long way IMHO! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062133 Title: Migration to the snap issues To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/2062133/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2062133] [NEW] Migration to the snap issues
Public bug reported: After migrating to the snap, I noticed the following: - the launcher icon disappeared (I guess it’s because the .desktop file is now "thunderbird_thunderbird.desktop" - the snap migration took a good 5 minutes on my machine (I guess it’s the copy of the email folder), without any feedbacks that something is happening if you don’t look at ps output. You don’t have any visual feedback about the migration and we should have a progress window (maybe zenity?) to reassure on this one time transition - all unread emails triggered notification (I guess it’s because the state is considered "New") on any folders. - I know have 2 15G folders now: ~/snap/thunderbird/common/ and ~/.thunderbird. I think the latter was the old one which is unused right now and it should be cleaned up after the migration to the snap? ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: thunderbird 2:1snap1-0ubuntu1 ProcVersionSignature: Ubuntu 6.8.0-11.11-generic 6.8.0-rc4 Uname: Linux 6.8.0-11-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia zfs ApportVersion: 2.28.0-0ubuntu1 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME Date: Thu Apr 18 09:28:35 2024 InstallationDate: Installed on 2020-04-24 (1455 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) SnapChanges: Identifiant État DescendancePrêt Résumé 700 Done 2024-04-18T09:06:12+02:00 2024-04-18T09:07:34+02:00 Installer le paquet Snap "thunderbird" SourcePackage: thunderbird UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: thunderbird (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug noble -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2062133 Title: Migration to the snap issues To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/thunderbird/+bug/2062133/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2061079] Re: GTK-ngl (new default backend) rendering issues with the nvidia 470 driver
Confirming that it’s fixed on the same machine with 550. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2061079 Title: GTK-ngl (new default backend) rendering issues with the nvidia 470 driver To manage notifications about this bug go to: https://bugs.launchpad.net/gtk/+bug/2061079/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2061079] [NEW] Rendering issues on text with nvidia driver
Public bug reported: With nvidia driver, all GTK4 applications have label rendering issues. They are not refresh until passing the cursor over them, giving blank windows. The corner are white and not themed. Passing from one app scren to another one reproduces the issue. gnome-control-center or files, for instance, are blank by default. As suggested by seb128, exporting GSK_RENDERER=gl fixes the issue. Related upstream bugs and discussions are: - https://blog.gtk.org/2024/01/28/new-renderers-for-gtk/ - https://gitlab.gnome.org/GNOME/gtk/-/issues/6574 - https://gitlab.gnome.org/GNOME/gtk/-/issues/6411 - https://gitlab.gnome.org/GNOME/gtk/-/issues/6542 -- $ glxinfo name of display: :1 display: :1 screen: 0 direct rendering: Yes server glx vendor string: NVIDIA Corporation server glx version string: 1.4 server glx extensions: GLX_ARB_context_flush_control, GLX_ARB_create_context, GLX_ARB_create_context_no_error, GLX_ARB_create_context_profile, GLX_ARB_create_context_robustness, GLX_ARB_fbconfig_float, GLX_ARB_multisample, GLX_EXT_buffer_age, GLX_EXT_create_context_es2_profile, GLX_EXT_create_context_es_profile, GLX_EXT_framebuffer_sRGB, GLX_EXT_import_context, GLX_EXT_libglvnd, GLX_EXT_stereo_tree, GLX_EXT_swap_control, GLX_EXT_swap_control_tear, GLX_EXT_texture_from_pixmap, GLX_EXT_visual_info, GLX_EXT_visual_rating, GLX_NV_copy_image, GLX_NV_delay_before_swap, GLX_NV_float_buffer, GLX_NV_multigpu_context, GLX_NV_robustness_video_memory_purge, GLX_SGIX_fbconfig, GLX_SGIX_pbuffer, GLX_SGI_swap_control, GLX_SGI_video_sync client glx vendor string: NVIDIA Corporation client glx version string: 1.4 client glx extensions: GLX_ARB_context_flush_control, GLX_ARB_create_context, GLX_ARB_create_context_no_error, GLX_ARB_create_context_profile, GLX_ARB_create_context_robustness, GLX_ARB_fbconfig_float, GLX_ARB_get_proc_address, GLX_ARB_multisample, GLX_EXT_buffer_age, GLX_EXT_create_context_es2_profile, GLX_EXT_create_context_es_profile, GLX_EXT_fbconfig_packed_float, GLX_EXT_framebuffer_sRGB, GLX_EXT_import_context, GLX_EXT_stereo_tree, GLX_EXT_swap_control, GLX_EXT_swap_control_tear, GLX_EXT_texture_from_pixmap, GLX_EXT_visual_info, GLX_EXT_visual_rating, GLX_NV_copy_buffer, GLX_NV_copy_image, GLX_NV_delay_before_swap, GLX_NV_float_buffer, GLX_NV_multigpu_context, GLX_NV_multisample_coverage, GLX_NV_robustness_video_memory_purge, GLX_NV_swap_group, GLX_SGIX_fbconfig, GLX_SGIX_pbuffer, GLX_SGI_swap_control, GLX_SGI_video_sync GLX version: 1.4 GLX extensions: GLX_ARB_context_flush_control, GLX_ARB_create_context, GLX_ARB_create_context_no_error, GLX_ARB_create_context_profile, GLX_ARB_create_context_robustness, GLX_ARB_fbconfig_float, GLX_ARB_get_proc_address, GLX_ARB_multisample, GLX_EXT_buffer_age, GLX_EXT_create_context_es2_profile, GLX_EXT_create_context_es_profile, GLX_EXT_framebuffer_sRGB, GLX_EXT_import_context, GLX_EXT_stereo_tree, GLX_EXT_swap_control, GLX_EXT_swap_control_tear, GLX_EXT_texture_from_pixmap, GLX_EXT_visual_info, GLX_EXT_visual_rating, GLX_NV_copy_image, GLX_NV_delay_before_swap, GLX_NV_float_buffer, GLX_NV_multigpu_context, GLX_NV_robustness_video_memory_purge, GLX_SGIX_fbconfig, GLX_SGIX_pbuffer, GLX_SGI_swap_control, GLX_SGI_video_sync Memory info (GL_NVX_gpu_memory_info): Dedicated video memory: 4096 MB Total available memory: 4096 MB Currently available dedicated video memory: 3041 MB OpenGL vendor string: NVIDIA Corporation OpenGL renderer string: NVIDIA GeForce GTX 1050/PCIe/SSE2 OpenGL core profile version string: 4.6.0 NVIDIA 470.239.06 OpenGL core profile shading language version string: 4.60 NVIDIA OpenGL core profile context flags: (none) OpenGL core profile profile mask: core profile OpenGL core profile extensions: GL_AMD_multi_draw_indirect, GL_AMD_seamless_cubemap_per_texture, GL_AMD_vertex_shader_layer, GL_AMD_vertex_shader_viewport_index, GL_ARB_ES2_compatibility, GL_ARB_ES3_1_compatibility, GL_ARB_ES3_2_compatibility, GL_ARB_ES3_compatibility, GL_ARB_arrays_of_arrays, GL_ARB_base_instance, GL_ARB_bindless_texture, GL_ARB_blend_func_extended, GL_ARB_buffer_storage, GL_ARB_clear_buffer_object, GL_ARB_clear_texture, GL_ARB_clip_control, GL_ARB_color_buffer_float, GL_ARB_compressed_texture_pixel_storage, GL_ARB_compute_shader, GL_ARB_compute_variable_group_size, GL_ARB_conditional_render_inverted, GL_ARB_conservative_depth, GL_ARB_copy_buffer, GL_ARB_copy_image, GL_ARB_cull_distance, GL_ARB_debug_output, GL_ARB_depth_buffer_float, GL_ARB_depth_clamp, GL_ARB_depth_texture, GL_ARB_derivative_control, GL_ARB_direct_state_access, GL_ARB_draw_buffers, GL_ARB_draw_buffers_blend, GL_ARB_draw_elements_base_vertex, GL_ARB_draw_indirect, GL_ARB_draw_instanced, GL_ARB_enhanced_layouts,
[Bug 2060546] Re: [FFe] Update authd to current version
** Summary changed: - Update authd to current version + [FFe] Update authd to current version ** Description changed: Authd is a new package in noble, in universe. This package is not shipped by default, we made many improvements and fixes in the current version. We don’t plan to seed it this release, despite the MIR being approved. Update contains a lot of vendoring updates, and code changes (using a C wrapper to wrap around the Go code in the PAM module to fix some instability), multiple thousands of line due to the C wrapper in particular. The diff itself will not be meaningful. Part of meaningful fixes are the default group being added and ssh precheck API. Full changelog is available at https://github.com/ubuntu/authd/pull/237/files. + It also fixes a vulnerability by depending on latest Go and latest + x/net/http. + This is the code level we are testing and relying on. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060546 Title: [FFe] Update authd to current version To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/authd/+bug/2060546/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060548] Re: [FFe] Update and seed wsl-pro-service in the WSL images
** Summary changed: - Update and seed wsl-pro-service in the WSL images + [FFe] Update and seed wsl-pro-service in the WSL images ** Description changed: This is a new package for this release. It’s only functional with a Windows agent which is not publically released and under beta for now. As the end of the beta will be after the 24.04 release, we want to get as close as possible to the current code level, knowing that current code will still certainly grow feature-wise once with the Beta user feedback. However, having it seeded (the MIR is approved and security issues fixed but the certificate one, which has been discussed as minor for now) with the current code level will be great to diminish the diff when the SRU that will be needed then. The impact is on existing non beta users (and beta users are using a ppa with the ppa containing the current code level). Current diff is large as the development is very active and won’t really provide anything more. Note that it contains also a packaging change to fix bug #2057651. + + It also fixes a vulnerability by depending on latest Go and latest + x/net/http. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060548 Title: [FFe] Update and seed wsl-pro-service in the WSL images To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/2060548/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060548] [NEW] Update and seed wsl-pro-service in the WSL images
Public bug reported: This is a new package for this release. It’s only functional with a Windows agent which is not publically released and under beta for now. As the end of the beta will be after the 24.04 release, we want to get as close as possible to the current code level, knowing that current code will still certainly grow feature-wise once with the Beta user feedback. However, having it seeded (the MIR is approved and security issues fixed but the certificate one, which has been discussed as minor for now) with the current code level will be great to diminish the diff when the SRU that will be needed then. The impact is on existing non beta users (and beta users are using a ppa with the ppa containing the current code level). Current diff is large as the development is very active and won’t really provide anything more. Note that it contains also a packaging change to fix bug #2057651. ** Affects: ubuntu-meta (Ubuntu) Importance: Undecided Status: New ** Affects: wsl-pro-service (Ubuntu) Importance: Undecided Status: New ** Also affects: ubuntu-meta (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060548 Title: Update and seed wsl-pro-service in the WSL images To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/2060548/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060546] [NEW] Update authd to current version
Public bug reported: Authd is a new package in noble, in universe. This package is not shipped by default, we made many improvements and fixes in the current version. We don’t plan to seed it this release, despite the MIR being approved. Update contains a lot of vendoring updates, and code changes (using a C wrapper to wrap around the Go code in the PAM module to fix some instability), multiple thousands of line due to the C wrapper in particular. The diff itself will not be meaningful. Part of meaningful fixes are the default group being added and ssh precheck API. Full changelog is available at https://github.com/ubuntu/authd/pull/237/files. This is the code level we are testing and relying on. ** Affects: authd (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060546 Title: Update authd to current version To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/authd/+bug/2060546/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060273] [NEW] secondary users are not listed in polkit graphical prompt
Public bug reported: Tested with 124-1ubuntu1 on noble 1. Create 3 users on the machine: - sudo-user1, part of sudo group - sudo-user2, part of sudo group - normal-user, not part of the sudo group 2. Login with normal-user 3. Try to execute pkexec or any other command prompting for polkit -> only sudo-user1 password auth is proposed, before, we had a listbox to select all eligible user 4. Remove sudo-user1 5. Try pkexec again: -> now sudo-user2 is proposed, showing that the configuration for this user is correct. It seems that only the first "admin" of the machine is taken into account. However, as normal-user, I may not have sudo-user1 around, but only sudo-user2. ** Affects: policykit-1 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060273 Title: secondary users are not listed in polkit graphical prompt To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/2060273/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2054480] Re: [MIR] nbd-client
With this in light (but we have the wider "everything that is in main for a very long time in ubuntu, even being security reviewed and got multiple uploads), I would agree that -server could have another security/fresh look. Do you think it’s something the security team has the capacity to look? Otherwise, we may not want to special case this case, as the problem is really linked to the pre-existing packages in main (even GNOME for instance in general, didn’t get a security review… and even if it did, GNOME has nothing looking like the one released in 2004). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054480 Title: [MIR] nbd-client To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nbd/+bug/2054480/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2004442] Re: [MIR] aom (dependency of libheif)
Confirming that the only REQUIRED TODO is now fixed. Thanks for checking it slyon! -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2004442 Title: [MIR] aom (dependency of libheif) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/aom/+bug/2004442/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2051916] Re: [MIR] promote libtraceevent as a trace-cmd dependency
Hey everyone and Paul. First, sorry for the delayed answered (I was thinking you would get me reassign and for some reason, I missed subscribing to the bug) > But I do not really understand the harm of having these entries kept for documentation, except this could pile up and become a mess at some point. Do we have a policy regarding the removal of these entries (count of version, age)? There is no strict policy, I understand the historical part of having it for documenting. I suggest to keep it for some release, but if this is doable, cleanup after a while. It’s not something we want to keep hanging around forever. I see that you want to remove them in a future upload, good! All the required TODOs are now fullfilled, thanks for working on those! I’m thus happy to MIR ack this package now! ** Changed in: libtraceevent (Ubuntu) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2051916 Title: [MIR] promote libtraceevent as a trace-cmd dependency To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libtraceevent/+bug/2051916/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2048781] Re: [MIR] authd
I continued exploring this topic myself last week and was able to rely on a tool developed for this: https://github.com/coreos/cargo-vendor- filterer/. This tool is not ideal in the sense that: - it vendorize the whole content - then, it filters by replacing entire crates based on some filtering rules, like arch, platform or file exclusion. The replacement is done by empty module, and rechecksumming. So basically, cargo and rustc still thinks the crate is available, it just happens to be empty. Consequently, we wouldn’t know if we are impacted or not by security issue before manual checking. However, I see this as a step in the right direction, so I implemented this in authd: https://github.com/ubuntu/authd/pull/270/files. Here, we are filtering to only keep Linux platform, on all our supported architectures (which is tier 1 and 2 in Rust world). The benefit is that we are now able to remove our manual recheckshumming after purging the binary library archive files which are part of some crates. This tool run during the package source build. I would feel better if this was packaged and maintained in ubuntu (as this injects potentially some code), and part of our standard tooling. I will reach out the Rust maintainer for the incoming engineering sprint. I think we can still trust this repository as it’s part of a well-known organization with multi-decades open source famous maintainers. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048781 Title: [MIR] authd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/authd/+bug/2048781/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2054480] Re: [MIR] nbd-client
OK: - does not FTBFS currently - does have a test suite that runs at build time - test suite fails will fail the build upon error. - does have a non-trivial test suite that runs as autopkgtest - no new python2 dependency Problems: - there is a really trivial autopkgtests (which is good for bootstrapping), but does not cover most of the functionality of the package. We should either get a more exhaustive autopkgtest testsuite or (as a fallback) a manual test plan [Packaging red flags] OK: - Ubuntu does not carry a delta - symbols tracking not applicable for this kind of code. - Upstream update history is good - Debian/Ubuntu update history is good - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far maintained the package - no massive Lintian warnings - debian/rules is rather clean - It is not on the lto-disabled list Problems: - debian/watch is not present, but the debian maintainer is upstream too :) [Upstream red flags] OK: - no Errors/warnings during the build - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody (consider at least `grep -Hrn nobody` for it and run `find . -user nobody` in source and built binaries) - use of setuid, but ok because this is not in the -client package but -server which already had a security review - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - not part of the UI for extra checks - no translation present, but none needed for this case Problems: - Some usage of setuid, but ok as this is not in the -client package but -server. ** Changed in: nbd (Ubuntu) Status: New => Incomplete ** Changed in: nbd (Ubuntu) Assignee: Didier Roche-Tolomelli (didrocks) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2054480 Title: [MIR] nbd-client To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nbd/+bug/2054480/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2048781] Re: [MIR] authd
We agreed during the MIR meeting that a generic tooling as part of debhelper would be the best way, didn’t we? See my arguments above different upstream policies in different source packages, where if we start introducing this in a per-package base, that would create divergences between projects. Does it make sense to have this centrally managed (by our Rust toolchain expert, ideally?). That way, we can go beyond trimming the windows crates, like tree shaking and so on? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048781 Title: [MIR] authd To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/authd/+bug/2048781/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1949776] Re: [MIR] wireplumber
This is a good initial plan, thanks for working on this! Just a side note: maybe precise on the doc that this is both for pipewire AND wireplumber updates (you only mentioned the last). Ack on the armhf build failure too. MIR team ACK then! ** Changed in: wireplumber (Ubuntu) Assignee: Didier Roche (didrocks) => (unassigned) ** Changed in: wireplumber (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1949776 Title: [MIR] wireplumber To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wireplumber/+bug/1949776/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1949776] Re: [MIR] wireplumber
2 things blocking it before definitive ack:
* Current wireplubmer is blocked on proposed due to failing on armhf for now.
* An autopkgtest was added, but this one is only about building the package
which isn’t sufficient IMHO to ensure a good tested package when releasing.
I suggest thus that you link here a global "pipewire" test plan which is
exercising all those related components together.
** Changed in: wireplumber (Ubuntu)
Status: New => Incomplete
** Changed in: wireplumber (Ubuntu)
Assignee: Didier Roche (didrocks) => Sebastien Bacher (seb128)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1949776
Title:
[MIR] wireplumber
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wireplumber/+bug/1949776/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973828] Re: [MIR] gnome-console
[Summary] MIR team ACK under the constraint to resolve the below listed required TODOs and as much as possible having a look at the recommended TODOs. Required TODOs: - The whole testing story is really weak in term of autopkgtests and build tests. I would require a manual test plan to cover for that on each release as if there were none. Recommended TODOs: - (Nitpick): I think it’s the right time, as it’s going to replace gnome-terminal, to explore patching the background color to look more like Ubuntu. I don’t think it’s something we want to reach later on, close to Final Freeze. [Duplication] There is no gnome-terminal in main providing the same functionality, but this application is going to replace it. [Dependencies] OK: - no other Dependencies to MIR due to this - no -dev/-debug/-doc packages that need exclusion - No dependencies in main that are only superficially tested requiring more tests now. [Embedded sources and static linking] OK: - no embedded source present - no static linking - does not have odd Built-Using entries OK: - not a go package, no extra constraints to consider in that regard [Security] OK: - history of CVEs does not look concerning - does not run a daemon as root - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats - does not open a port/socket - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (eg, pam), etc) - does not deal with security attestation (secure boot, tpm, signatures) [Common blockers] OK: - does not FTBFS currently - no new python2 dependency Problems: -> The whole testing story is really weak in term of autopkgtests and build tests. I would require a manual test plan to cover for that on each release as if there were none. [Packaging red flags] OK: - Ubuntu does not carry a delta - symbols tracking not applicable for this kind of code. - d/watch is present and looks ok - Upstream update history is good- warning, this is still a really new project. - Debian/Ubuntu update history is good - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far - no massive Lintian warnings - d/rules is rather clean - It is not on the lto-disabled list [Upstream red flags] OK: - no Errors/warnings during the build - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody - no use of setuid - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - part of the UI, desktop file is ok - translation present ** Changed in: gnome-console (Ubuntu) Status: New => Incomplete ** Changed in: gnome-console (Ubuntu) Assignee: Didier Roche (didrocks) => Jeremy Bicha (jbicha) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973828 Title: [MIR] gnome-console To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-console/+bug/1973828/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1875767] Re: When operating install/removal with apt, zed floods log and apparently crashes snapshoting
** Changed in: zsys (Ubuntu) Assignee: Didier Roche (didrocks) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1875767 Title: When operating install/removal with apt, zed floods log and apparently crashes snapshoting To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/zfs-linux/+bug/1875767/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1867007] Re: zfs-initramfs fails with multiple rpool on separate disks
** Changed in: grub2 (Ubuntu) Assignee: Didier Roche (didrocks) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1867007 Title: zfs-initramfs fails with multiple rpool on separate disks To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1867007/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972153] Re: [MIR] libsoup3
So, after the MIR team meeting, this is a MIR team ACK. There are some concerns from security that there is no rollback plan in case the transition is not over for the next LTS. However, it seems there are enough time and interim releases for this to be completed beforehand. Trust is given to the desktop team to track that and act on it in in case the transition is not fully done before the next LTS. ** Changed in: libsoup3 (Ubuntu) Status: Confirmed => Fix Committed ** Changed in: libsoup3 (Ubuntu) Assignee: Didier Roche (didrocks) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972153 Title: [MIR] libsoup3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libsoup3/+bug/1972153/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972153] Re: [MIR] libsoup3
I haven’t done a full review from scratch as this is a soname bump, but seeing the upstream and packaging changes since the bump, this looks good to me. I’m going to bring that in the MIR team meeting (in particular security) about maintaining potentially 2 libsoup versions in main for one release. Let’s see how it goes and I’ll keep you posted. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972153 Title: [MIR] libsoup3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libsoup3/+bug/1972153/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973784] Re: [MIR] libldac
After a reread, I have nothing to add compared to what Christian mentioned :) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973784 Title: [MIR] libldac To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libldac/+bug/1973784/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1949776] Re: [MIR] wireplumber
** Changed in: wireplumber (Ubuntu) Assignee: (unassigned) => Didier Roche (didrocks) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1949776 Title: [MIR] wireplumber To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wireplumber/+bug/1949776/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972153] Re: [MIR] libsoup3
** Changed in: libsoup3 (Ubuntu) Assignee: (unassigned) => Didier Roche (didrocks) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972153 Title: [MIR] libsoup3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libsoup3/+bug/1972153/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973828] Re: [MIR] gnome-console
** Changed in: gnome-console (Ubuntu) Assignee: (unassigned) => Didier Roche (didrocks) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973828 Title: [MIR] gnome-console To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-console/+bug/1973828/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973033] Re: [MIR] wpebackend-fdo
MIR team ACK under the constraint to have some answer on the weak testing story, aligning it with the wpe library seems to be the best course of action I think This does need a security review, so I'll assign ubuntu-security. Notes: Recommended TODOs: To paraphrase Christian: - You already know the testing is weak, the higher level test in webkit2gtk seems fine for autopkgtest, but is there something we could do at the lower level in the backend itself for build time checks? [Duplication] There is no other package in main providing the same functionality. [Dependencies] OK: - no other Dependencies to MIR due to this - checked with check-mir - not listed in seeded-in-ubuntu - none of the (potentially auto-generated) dependencies (Depends and Recommends) that are present after build are not in main - no -dev/-debug/-doc packages that need exclusion - No dependencies in main that are only superficially tested requiring more tests now. [Embedded sources and static linking] OK: - no embedded source present - no static linking - does not have odd Built-Using entries OK: - not a go package, no extra constraints to consider in that regard [Security] OK: - history of CVEs does not look concerning - does not run a daemon as root - does not use lib*v8 directly - does not open a port/socket - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (eg, pam), etc) - does not deal with security attestation (secure boot, tpm, signatures) Problems: Dependent of webkit, parse web content. Requesting thus a security review. [Common blockers] OK: - does not FTBFS currently - no new python2 dependency Problems: - Testing story is weak both during build and autopktests tests, look at the summary and recommended TODOs. [Packaging red flags] OK: - Ubuntu does not carry a delta - symbols tracking is in place - d/watch is present and looks ok (if needed, e.g. non-native) - Upstream update history is good - Debian/Ubuntu update history is good - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far - no massive Lintian warnings - d/rules is rather clean - It is not on the lto-disabled list [Upstream red flags] OK: - no Errors/warnings during the build - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody - no use of setuid - no important open bugs (crashers, etc) in Debian or Ubuntu - not part of the UI for extra checks - no translation present, but none needed for this case Problems: Parts of webkit-gtk, see above for security review ** Changed in: wpebackend-fdo (Ubuntu) Assignee: Didier Roche (didrocks) => Ubuntu Security Team (ubuntu-security) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973033 Title: [MIR] wpebackend-fdo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpebackend-fdo/+bug/1973033/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1958668] Re: Do not propose to reboot on WSL
You can check if /proc/sys/fs/binfmt_misc/WSLInterop exists and consider that you are running on WSL if so. Do you plan on doing the change on release-upgrader? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1958668 Title: Do not propose to reboot on WSL To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1958668/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972153] Re: [MIR] libsoup3
** Changed in: libsoup3 (Ubuntu) Status: Confirmed => New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972153 Title: [MIR] libsoup3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libsoup3/+bug/1972153/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972153] Re: [MIR] libsoup3
15:08:34 jbicha | didrocks: oh I added libsoup-3.0-dev to Extra-Exclude last week 15:09:48 jbicha | so sysprof wouldn't be pulled in to main currently ** Changed in: libsoup3 (Ubuntu) Status: Incomplete => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972153 Title: [MIR] libsoup3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libsoup3/+bug/1972153/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972153] Re: [MIR] libsoup3
16:28:42 seb128 | didrocks, it probably requires discussion because jbicha said he doesn't believe we will be able to demote libsoup2, so it means we are asking to have 2 versions in main 16:28:55 seb128 | so we should probably focus the MIR on that aspect reopening then so that we can focus the MIR on it. ** Changed in: libsoup3 (Ubuntu) Status: Fix Released => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972153 Title: [MIR] libsoup3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libsoup3/+bug/1972153/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973033] Re: [MIR] wpebackend-fdo
** Changed in: wpebackend-fdo (Ubuntu) Assignee: (unassigned) => Didier Roche (didrocks) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973033 Title: [MIR] wpebackend-fdo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpebackend-fdo/+bug/1973033/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973745] Re: adsys windows admx/adml lts only does not include 22.04
** Also affects: adsys (Ubuntu Jammy) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973745 Title: adsys windows admx/adml lts only does not include 22.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973745/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973751] Re: Machines or Users scripts are not executed
** Also affects: adsys (Ubuntu Jammy) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973751 Title: Machines or Users scripts are not executed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973752] Re: Fix privilege permission which can not be set to disabled
** Also affects: adsys (Ubuntu Jammy) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973752 Title: Fix privilege permission which can not be set to disabled To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973752/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973752] [NEW] Fix privilege permission which can not be set to disabled
Public bug reported: [Impact] Disallowing local administrator does not work as excepted: - on some AD server, setting in the UI this key (and some other similars) to disabled, go to next GPO rule, then back to this one, AD will display the key as enabled. - on the client machine, we can see that the key has no state and nothing is forcibly allowed or disallowed. [Test case] * Install the new admx/adml with this version on the AD server. * On AD, go to disallow local administator, set it to disabled * Go to next GPO rules and then go back * The rule should still be disabled. * On an Ubuntu machine connected with AD by adsys, with ua attached, force a machine refresh with adsysctl policy update -m. * Check in adsysctl policy applied --all that the key is displayed as disabled * Confirm that no local administrator (part of the sudo group) can run "sudo". [Where problems could occur] The privilege manager and other policies impacts both Windows and client: - on Windows, this is in the admx/adml are statically generated and then shipped as thus. There is no runtime exercising this. The consequence of those generated files to be invalid is that Windows AD server will not show up "Ubuntu" in its GPO template. - on the client, the privilege manager is the main consumer of those disabled key types. The other kinds of keys are not impacted. [Additional informations] * New test cases have been added for the client part. ** Affects: adsys (Ubuntu) Importance: Undecided Status: New ** Description changed: [Impact] Disallowing local administrator does not work as excepted: - on some AD server, setting in the UI this key (and some other similars) to disabled, go to next GPO rule, then back to this one, AD will display the key as enabled. - on the client machine, we can see that the key has no state and nothing is forcibly allowed or disallowed. [Test case] * Install the new admx/adml with this version on the AD server. * On AD, go to disallow local administator, set it to disabled * Go to next GPO rules and then go back * The rule should still be disabled. * On an Ubuntu machine connected with AD by adsys, with ua attached, force a machine refresh with adsysctl policy update -m. * Check in adsysctl policy applied --all that the key is displayed as disabled * Confirm that no local administrator (part of the sudo group) can run "sudo". [Where problems could occur] The privilege manager and other policies impacts both Windows and client: - on Windows, this is in the admx/adml are statically generated and then shipped as thus. There is no runtime exercising this. The consequence of those generated files to be invalid is that Windows AD server will not show up "Ubuntu" in its GPO template. - on the client, the privilege manager is the main consumer of those disabled key types. The other kinds of keys are not impacted. + + [Additional informations] + * New test cases have been added for the client part. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973752 Title: Fix privilege permission which can not be set to disabled To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973752/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973751] [NEW] Machines or Users scripts are not executed
Public bug reported: [Impact] Machine and user scripts are not executed on startup/shutdown/login/logoff. /run has been recently changed to be noexec on jammy. Ensure that we can execute the scripts in /run/adsys subdirectories. The scripts mecanism has been reviewed by the security team, so we can reset them as executable. [Test case] * Setup some scripts under AD to be executed, one for machine scripts (on startup), one for user scripts (on login). Those scripts can create some temporary files under /tmp for instance. * Reboot and login on the Ubuntu laptop connected with AD by adsys, with ua attached * Check that the scripts were executed by testing that the created file under /tmp are present. [Where problems could occur] This is technically a new .mount systemd unit service which takes the same mount option than /run, but don’t set noexec. The setup is similar than qemu .mount unit for instance. Worst impact could be that the script policy manager can’t run the scripts as it is already the case today. ** Affects: adsys (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973751 Title: Machines or Users scripts are not executed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973751/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973748] [NEW] Updating any gsettings key makes user dconf database unreadable
Public bug reported: [Impact] Changing any gsettings key in AD resulted in user databases under /etc/dconf, owned by root, with 0600 as permissions. This change was done late in the cycle after passing some permissions checkers to harden the binaries. However, in that case, the user databases needs to be readable by the users so that they can apply those values, so we need to align with ibus profile and makes them 644. [Test case] * Change a gsettings key under AD, like picture-uri one. * Login on the Ubuntu laptop connected with AD by adsys * The background should now be changed to the set value. [Where problems could occur] This code is located in the dconf policy application manager and restricted to it. The negative impact in case of a new bug will be seen by gsettings key not being applied as it is already nowdays. ** Affects: adsys (Ubuntu) Importance: Undecided Status: New ** Affects: adsys (Ubuntu Jammy) Importance: Undecided Status: New ** Also affects: adsys (Ubuntu Jammy) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973748 Title: Updating any gsettings key makes user dconf database unreadable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973748/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1973745] [NEW] adsys windows admx/adml lts only does not include 22.04
Public bug reported: [Impact] Due to some misunterpretation in how the launchpad API works when listing lts only, 22.04 was not included there by the admx/adml files generated by CI. Consequently, when those files are deployed on Windows AD server with LTS only templates, this one is not listed. [Test Plan] * Deploy the admx/adml generated for "LTS Only" use cases on an AD server * Open any GPO rule like changing the background * Ensure there is an "Override for 22.04" entry. [Where problems could occur] Those files are statically generated and then shipped as thus. There is no runtime exercising this. The consequence of those generated files to be invalid is that Windows AD server will not show up "Ubuntu" in its GPO template. ** Affects: adsys (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1973745 Title: adsys windows admx/adml lts only does not include 22.04 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1973745/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971973] Re: [MIR] gnome-text-editor
Review for Package: gnome-text-editor [Summary] MIR team ack under the condition gtksourceview5 is already transition is promoted to main. I think the easiest is to transition to it so that it’s promoted and then promoting this one. This is the reason I switch it to incomplete until the transition is done to avoid promotions by error beforehand. Recommended TODOs: - Maybe fix the only warning present due to unused variable and propose it upstream: ../src/editor-application.c: In function ‘editor_application_command_line’: ../src/editor-application.c:412:22: warning: unused variable ‘self’ [-Wunused-variable] 412 | EditorApplication *self = (EditorApplication *)app; | ^~~~ [Duplication] gedit provides the same functionality, but it will be replaced by this new application. [Dependencies] OK: - no -dev/-debug/-doc packages that need exclusion - No dependencies in main that are only superficially tested requiring more tests now. Problems: - gtksourceview5 is needed. See top suggestion for transition being done before promoting this package. [Embedded sources and static linking] OK: - no embedded source present - no static linking - does not have odd Built-Using entries OK: - not a go package, no extra constraints to consider in that regard [Security] OK: - history of CVEs does not look concerning - does not run a daemon as root - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats - does not open a port/socket - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (eg, pam), etc) - does not deal with security attestation (secure boot, tpm, signatures) [Common blockers] OK: - does not FTBFS currently - does have a test suite that runs at build time - test suite fails will fail the build upon error. - does not have a test suite that runs as autopkgtest but a manual test plan is provided - no new python2 dependency [Packaging red flags] OK: - Ubuntu does not carry a delta - symbols tracking not applicable for this kind of code. - d/watch is present and looks ok - Upstream update history is good - Debian/Ubuntu update history is good - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far - no massive Lintian warnings - d/rules is rather clean - It is not on the lto-disabled list [Upstream red flags] OK: - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody - no use of setuid - use of setuid, but ok because TBD (prefer systemd to set those for services) - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - part of the UI, desktop file is ok - translation present Problems: - One warning during build, see top explanation on recommended TODOs as this one is small. ** Changed in: gnome-text-editor (Ubuntu) Status: New => Incomplete ** Changed in: gnome-text-editor (Ubuntu) Assignee: Didier Roche (didrocks) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971973 Title: [MIR] gnome-text-editor To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-text-editor/+bug/1971973/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1971973] Re: [MIR] gnome-text-editor
I’ll review the rest on the MIR, but to not add more delay, I think we should discuss this: > "- The package does not run an autopkgtest because desktop softwares aren't easy to test in autopkgtest. THe situation isn't a regression compared to gedit which we want ro replace. While it would be nice to get some sort of autopkgtest in place we don't think that should be a blocker to replace gedit." I see more and more packages telling this "It’s already not tested, or the rest of the stack is not tested, so let’s keep this status quo and not improve it". I kind of disagree with this, and I think the MIR process is the right moment to get things right, or at least, in a better state. Otherwise, things will never improve. So my suggestion, is really to follow the MIR guidelines, stating that either autopkgtests are provided, or that, if not feasable (which I agree testing GUI is hard on our infra and it doesn’t seem unfortunately there is assigned capacity to get that situation better), "the subscribed team must provide a written test plan in a comment to the MIR bug, and commit to running that test either at each upload of the package or at least once each release cycle. " I think this latter approach is a mitigation plan, (which won’t protect you though from reverse dependencies to break you, contrary to autopkgtests). Thoughts? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1971973 Title: [MIR] gnome-text-editor To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-text-editor/+bug/1971973/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972153] [NEW] [MIR] libsoup3
Public bug reported: Needs to be MIR. What doesn’t qualify for immediate promotion (soname bump) is the dep on sysprof which is in universe and needs to be checked (either get it promoted or downgrading the dep) ** Affects: libsoup3 (Ubuntu) Importance: Undecided Assignee: Sebastien Bacher (seb128) Status: Incomplete ** Tags: kinetic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972153 Title: [MIR] libsoup3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libsoup3/+bug/1972153/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967086] Re: MIR: mesa-amber
+1 from the MIR team perspective, this is a simple rename, and we have a team subscribed to it. ** Changed in: mesa-amber (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967086 Title: MIR: mesa-amber To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mesa-amber/+bug/1967086/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1967086] Re: MIR: mesa-amber
** Changed in: mesa-amber (Ubuntu) Assignee: (unassigned) => Didier Roche (didrocks) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1967086 Title: MIR: mesa-amber To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mesa-amber/+bug/1967086/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1936907] Re: [MIR] ADSys
$ ./change-override -c main -B adsys Override component to main adsys 0.8.2 in jammy: universe/admin -> main adsys 0.8.2 in jammy amd64: universe/admin/optional/100% -> main adsys 0.8.2 in jammy arm64: universe/admin/optional/100% -> main adsys 0.8.2 in jammy armhf: universe/admin/optional/100% -> main adsys 0.8.2 in jammy ppc64el: universe/admin/optional/100% -> main adsys 0.8.2 in jammy riscv64: universe/admin/optional/100% -> main adsys 0.8.2 in jammy s390x: universe/admin/optional/100% -> main Override [y|N]? y 7 publications overridden. ** Changed in: adsys (Ubuntu) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1936907 Title: [MIR] ADSys To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1936907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962568] Re: [MIR] libadwaita-1
$ ./change-override -s jammy -c main -S libadwaita-1 Override component to main libadwaita-1 1.1~rc-1 in jammy: universe/misc -> main gir1.2-adw-1 1.1~rc-1 in jammy amd64: universe/introspection/optional/100% -> main gir1.2-adw-1 1.1~rc-1 in jammy arm64: universe/introspection/optional/100% -> main gir1.2-adw-1 1.1~rc-1 in jammy armhf: universe/introspection/optional/100% -> main gir1.2-adw-1 1.1~rc-1 in jammy ppc64el: universe/introspection/optional/100% -> main gir1.2-adw-1 1.1~rc-1 in jammy riscv64: universe/introspection/optional/100% -> main gir1.2-adw-1 1.1~rc-1 in jammy s390x: universe/introspection/optional/100% -> main libadwaita-1-0 1.1~rc-1 in jammy amd64: universe/libs/optional/100% -> main libadwaita-1-0 1.1~rc-1 in jammy arm64: universe/libs/optional/100% -> main libadwaita-1-0 1.1~rc-1 in jammy armhf: universe/libs/optional/100% -> main libadwaita-1-0 1.1~rc-1 in jammy ppc64el: universe/libs/optional/100% -> main libadwaita-1-0 1.1~rc-1 in jammy riscv64: universe/libs/optional/100% -> main libadwaita-1-0 1.1~rc-1 in jammy s390x: universe/libs/optional/100% -> main libadwaita-1-dev 1.1~rc-1 in jammy amd64: universe/libdevel/optional/100% -> main libadwaita-1-dev 1.1~rc-1 in jammy arm64: universe/libdevel/optional/100% -> main libadwaita-1-dev 1.1~rc-1 in jammy armhf: universe/libdevel/optional/100% -> main libadwaita-1-dev 1.1~rc-1 in jammy ppc64el: universe/libdevel/optional/100% -> main libadwaita-1-dev 1.1~rc-1 in jammy riscv64: universe/libdevel/optional/100% -> main libadwaita-1-dev 1.1~rc-1 in jammy s390x: universe/libdevel/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy amd64: universe/doc/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy arm64: universe/doc/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy armhf: universe/doc/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy i386: universe/doc/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy ppc64el: universe/doc/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy riscv64: universe/doc/optional/100% -> main libadwaita-1-doc 1.1~rc-1 in jammy s390x: universe/doc/optional/100% -> main libadwaita-1-examples 1.1~rc-1 in jammy amd64: universe/x11/optional/100% -> main libadwaita-1-examples 1.1~rc-1 in jammy arm64: universe/x11/optional/100% -> main libadwaita-1-examples 1.1~rc-1 in jammy armhf: universe/x11/optional/100% -> main libadwaita-1-examples 1.1~rc-1 in jammy ppc64el: universe/x11/optional/100% -> main libadwaita-1-examples 1.1~rc-1 in jammy riscv64: universe/x11/optional/100% -> main libadwaita-1-examples 1.1~rc-1 in jammy s390x: universe/x11/optional/100% -> main Override [y|N]? y 32 publications overridden. ** Changed in: libadwaita-1 (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962568 Title: [MIR] libadwaita-1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libadwaita-1/+bug/1962568/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962568] Re: [MIR] libadwaita-1
Review for Package: libadwaita-1 [Summary] MIR team ACK. To me, it doesn’t seem this needs a security review. It’s well maintained, part of the core GNOME stack now. Desktop packages is already subscribed. Notes: TODO: - add todos, issues or special cases to discuss Required TODOs: TODO: - TBD (Please add them numbered for later reference) Recommended TODOs: RULE: - Does it have a team bug subscriber? (This is not a blocker for a MIR RULE: team ACK, but needs to be provided before the package can be promoted RULE: by an AA) TODO: - The package should get a team bug subscriber before being promoted TODO: - TBD (Please add them numbered for later reference) [Duplication] There is no other package in main providing the same functionality. [Dependencies] OK: - no other Dependencies to MIR due to this - checked with check-mir - not listed in seeded-in-ubuntu - none of the (potentially auto-generated) dependencies (Depends and Recommends) that are present after build are not in main - no -dev/-debug/-doc packages that need exclusion - No dependencies in main that are only superficially tested requiring more tests now. [Embedded sources and static linking] OK: - no embedded source present - no static linking - does not have odd Built-Using entries OK: - not a go package, no extra constraints to consider in that regard [Security] OK: - history of CVEs does not look concerning - does not run a daemon as root - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats - does not open a port/socket - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (eg, pam), etc) - does not deal with security attestation (secure boot, tpm, signatures) [Common blockers] OK: - does not FTBFS currently - does have a test suite that runs at build time - test suite fails will fail the build upon error. - does have a non-trivial test suite that runs as autopkgtest - if special HW does prevent build/autopkgtest is there a test plan, code, log provided? - no new python2 dependency [Packaging red flags] OK: - Ubuntu does not carry a delta - symbols tracking is in place - symbols tracking not applicable for this kind of code. - d/watch is present and looks ok (if needed, e.g. non-native) - Upstream update history is good - Debian/Ubuntu update history is good - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far - no massive Lintian warnings - d/rules is rather clean - It is not on the lto-disabled list (fix, or the work-around should be directly in the package, see https://launchpad.net/ubuntu/+source/lto-disabled-list) [Upstream red flags] OK: - no Errors/warnings during the build - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody - no use of setuid - use of setuid, but ok because TBD (prefer systemd to set those for services) - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - not part of the UI for extra checks - no translation present, but none needed for this case ** Changed in: libadwaita-1 (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962568 Title: [MIR] libadwaita-1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libadwaita-1/+bug/1962568/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1961459] Re: adsys pam issues
** Changed in: adsys (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1961459 Title: adsys pam issues To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961459/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962170] Re: DEP8 failure with samba 4.15.5
For reference, fixed in https://github.com/ubuntu/adsys/pull/289. Thanks Michael for the initial work on this! ** Changed in: adsys (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962170 Title: DEP8 failure with samba 4.15.5 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1962170/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962510] Re: failing tests with new sssd, blocks python3-defaults
The flaky test on armhf is fixed by https://github.com/ubuntu/adsys/pull/292 (couldn’t retrigger the flakyness after multiple builds in ppa with this patch) The ppcel64 issue, introduced by new samba is workarounded in https://github.com/ubuntu/adsys/pull/295 ** Changed in: adsys (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962510 Title: failing tests with new sssd, blocks python3-defaults To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1962510/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962568] Re: [MIR] libadwaita-1
** Changed in: libadwaita-1 (Ubuntu) Assignee: (unassigned) => Didier Roche (didrocks) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962568 Title: [MIR] libadwaita-1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libadwaita-1/+bug/1962568/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960864] Re: [MIR] plocate
** Changed in: plocate (Ubuntu Jammy) Assignee: Canonical Security Team (canonical-security) => Ubuntu Security Team (ubuntu-security) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960864 Title: [MIR] plocate To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/plocate/+bug/1960864/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962556] Re: [FFe] WSL systemd experimental support
** Patch added: "wsl-systemd.diff" https://bugs.launchpad.net/ubuntu/+source/wsl-setup/+bug/1962556/+attachment/5564418/+files/wsl-systemd.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962556 Title: [FFe] WSL systemd experimental support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wsl-setup/+bug/1962556/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962556] [NEW] [FFe] WSL systemd experimental support
Public bug reported: WSL on Ubuntu 22.04 has a strecth goal to ship systemd experimental support. This relies on 3 changes: - a script started up on WSL VM boot, which is shipped as part of this package to start systemd in its own namespace. - a change in the ubuntu Windows launcher executable, which is then looking for the boot= parameter in wsl.conf and if systemd experimental support is enabled, starts any new commands into that systemd namespace - an option in our OOBE installer, under advanced menu, disabled by default, to change the boot= parameter in wsl.conf. The feature will be labeled as experimental. So, this experimental support won’t be enabled by default and paved the way to have a discussion with Microsoft for potential limitations and how we can get this to a wider audience in the long term. This feature is long-awaited for WSL users. ** Affects: wsl-setup (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962556 Title: [FFe] WSL systemd experimental support To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wsl-setup/+bug/1962556/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962170] Re: DEP8 failure with samba 4.15.5
Hum, it seems your patch makes sense and should work on most arch. I saw Michael did an upload with this: https://launchpad.net/ubuntu/+source/adsys/0.8ubuntu1 But it’s failing only on ppcel64: https://launchpadlibrarian.net/588289907/buildlog_ubuntu-jammy-ppc64el.adsys_0.8ubuntu1_BUILDING.txt.gz and passing on other architectures. The issue may be related to the signal installed on libsmbclient: https://github.com/ubuntu/adsys/blob/main/internal/smbsafe/smbsafe.go#L4. This workaround is the only reason of smbsafe (you can’t then exec concurrently subprocesses without cleaning up those signals and the library is doing that at every smb call on your behalf). Another idea is that stderr is not allocated for whatever reason https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L38 but why only on ppcel64? I reastically won’t have the time this week with the sprint to look at this. I hope this gives some hints if you need urgently to have it fixed before next one. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962170 Title: DEP8 failure with samba 4.15.5 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1962170/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1962170] Re: DEP8 failure with samba 4.15.5
Hum, it seems your patch makes sense and should work on most arch. I saw Michael did an upload with this: https://launchpad.net/ubuntu/+source/adsys/0.8ubuntu1 But it’s failing only on ppcel64: https://launchpadlibrarian.net/588289907/buildlog_ubuntu-jammy-ppc64el.adsys_0.8ubuntu1_BUILDING.txt.gz and passing on other architectures. The issue may be related to the signal installed on libsmbclient: https://github.com/ubuntu/adsys/blob/main/internal/smbsafe/smbsafe.go#L4. This workaround is the only reason of smbsafe (you can’t then exec concurrently subprocesses without cleaning up those signals and the library is doing that at every smb call on your behalf). Another idea is that stderr is not allocated for whatever reason https://github.com/ubuntu/adsys/blob/main/internal/testutils/samba.go#L38 but why only on ppcel64? I reastically won’t have the time this week with the sprint to look at this. I hope this gives some hints if you need urgently to have it fixed before next one. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1962170 Title: DEP8 failure with samba 4.15.5 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1962170/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1936907] Re: [MIR] ADSys
Thanks Seth for the review and the overall positive comments! :) Some answers: 1. the potential race is fixed after our discussion and pending some reviews 2. the pam modulefixes are done and merged already (even if upstream don’t deallocate, let’s do it on our side) 3. on the conditions that can be added to adsys-boot.service to make it less likely to spam the journal every five seconds for ten hours when on an airplane? -> We can’t rely on network being up (maybe we never had the network, or the interface is on but not connected yet, or the interface is on, has no Internet, but local network is enough to reach AD). Depending on all those conditions, we can’t link it to the network, it may be too early or too late. Also, we support offline mode once we have a valid cache. Considering that this case only happen the first time you boot your machine (no local cache for offline usage) and don’t have access to AD, this doesn’t seem a big issue and rather something you want to be alerted on, what do you think? 4. on the doc and examples containing a socket in /tmp -> This is more a debug example to run adsysd as non root. The issue with putting real values is then, if you do that on a system where adsysd is running, you end up erroring out on the systemd existing socket and then, it’s a nightmare to recover on the systemd side (you need to reset the state of the .socket unit). This is why the example carefully avoid using the real system socket (in addition to require root to read it). -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1936907 Title: [MIR] ADSys To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1936907/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960864] Re: [MIR] plocate
Uptream informed us that the initial MIR description wrongly that there are no sgid binaries, but /usr/bin/plocate is sgid plocate. I think this warrant then a security review. @enr0n: do you need for this LTS release? If so, please target it to mention that to the security team. If the security team doesn’t have the bandwidth to deal with it before beta, we will then need to revert this to the previous state, being mlocate. ** Changed in: plocate (Ubuntu) Status: Fix Released => New ** Changed in: plocate (Ubuntu) Assignee: (unassigned) => Canonical Security Team (canonical-security) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960864 Title: [MIR] plocate To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/plocate/+bug/1960864/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1961459] Re: adsys pam issues
Ah, thanks! Lurking there and will shamelessly copy what they decide to do! :) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1961459 Title: adsys pam issues To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1961459/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1957050] Re: [MIR] suitesparse-graphblas
Seems this is not enough and it’s again in the graph: o suitesparse-graphblas: libgraphblas-dev libgraphblas-doc libgraphblas6 [Reverse-Depends: Rescued from suitesparse-graphblas, libgraphblas-dev] [Reverse-Recommends: libsuitesparse-dev] Seb, if you have some spare cycle, mind having another look? Let’s reuse this bug to track it. ** Changed in: suitesparse-graphblas (Ubuntu) Assignee: (unassigned) => Sebastien Bacher (seb128) ** Changed in: suitesparse-graphblas (Ubuntu) Status: Invalid => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1957050 Title: [MIR] suitesparse-graphblas To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suitesparse-graphblas/+bug/1957050/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1961023] Re: [MIR] glade
This is still appearing on the component mismatch list. Seb, do you mind having another look? o glade: gir1.2-gladeui-2.0 libgladeui-2-13 libgladeui-common libgladeui-dev libgladeui-doc MIR: #1961023 (Fix Released) [MIR] glade [Reverse-Depends: Rescued from glade, libgladeui-2-13, libhandy-1-dev] I wonder if the graph/detection is not broken for those use cases since we can have -dev packages in universe, which is when things started to be looking weird. However, it still worths a double check. Someone needs to take time at some point to figure out all those false positives, if they are as such. I’m reusing this bug to track the work. ** Changed in: glade (Ubuntu) Assignee: (unassigned) => Sebastien Bacher (seb128) ** Changed in: glade (Ubuntu) Status: Fix Released => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1961023 Title: [MIR] glade To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glade/+bug/1961023/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960864] Re: [MIR] plocate
Review for Package: plocate [Summary] MIR team ACK, given the Required TODO is fixed, as it seems like a potential big issue to me. Notes: Required TODOs: - The source package can include binary content in obj-x86_64-linux-gnu/. Those builds artefacts are included .exe and .o files. They are not present by default on the source package, but nothing prevents really to accidentally include them. I think it’s necessary to fix this and ensure we don’t embeed them in our source files, as those are arch-dependant, binary code results which would potentially override the one during the build due to a more recent timestamp. [Duplication] This is a replacement of mlocate in main which provided the same functionality. [Dependencies] OK: - no other Dependencies to MIR due to this - checked with check-mir - not listed in seeded-in-ubuntu - none of the (potentially auto-generated) dependencies (Depends and Recommends) that are present after build are not in main - no -dev/-debug/-doc packages that need exclusion - No dependencies in main that are only superficially tested requiring more tests now. [Embedded sources and static linking] OK: - no embedded source present - no static linking - does not have odd Built-Using entries - not a go package, no extra constraints to consider in that regard [Security] OK: - history of CVEs does not look concerning - does not run a daemon as root - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats - does not open a port/socket - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (eg, pam), etc) - does not deal with security attestation (secure boot, tpm, signatures) [Common blockers] OK: - does not FTBFS currently - does have a non-trivial test suite that runs as autopkgtest - no new python2 dependency Problems: - does not have a test suite that runs at build time. However, some autopkgtests are presents which covers then it. [Packaging red flags] OK: - Ubuntu does carry a delta, but it is reasonable and maintenance under control - symbols tracking not applicable for this kind of code. - d/watch is not present, but not needed - Upstream update history is good (upstream is debian) - Debian/Ubuntu update history is good - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far - no massive Lintian warnings - d/rules is rather clean - It is not on the lto-disabled list Problems: - The source package can include binary content in obj-x86_64-linux-gnu/. Those builds artefacts are included .exe and .o files. They are not present by default on the source package, but nothing prevents really to accidentally include them. I think it’s necessary to fix this and ensure we don’t embeed them in our source files, as those are arch-dependant, binary code results which would potentially override the one during the build due to a more recent timestamp. [Upstream red flags] OK: - no Errors/warnings during the build - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody - no use of setuid - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - not part of the UI for extra checks - no translation present, but none needed for this case ** Changed in: plocate (Ubuntu) Status: New => Fix Committed ** Changed in: plocate (Ubuntu) Assignee: Didier Roche (didrocks) => (unassigned) ** Changed in: plocate (Ubuntu) Status: Fix Committed => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960864 Title: [MIR] plocate To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/plocate/+bug/1960864/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1961023] [NEW] [MIR] glade
Public bug reported: Either glade should be promoted or libhandy should remove the dep. TBD ** Affects: glade (Ubuntu) Importance: Undecided Status: Incomplete ** Tags: jammy -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1961023 Title: [MIR] glade To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glade/+bug/1961023/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960500] [NEW] [MIR] libxcvt
Public bug reported: TBD ** Affects: libxcvt (Ubuntu) Importance: Undecided Assignee: Timo Aaltonen (tjaalton) Status: Incomplete ** Tags: jammy ** Changed in: libxcvt (Ubuntu) Assignee: (unassigned) => Timo Aaltonen (tjaalton) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960500 Title: [MIR] libxcvt To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libxcvt/+bug/1960500/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1957932] Re: [MIR] rustc, cargo
ride. It would be good looking into this. - the vendor directory has 2 files which were due to patch failure: W: cargo source: debian-adds-patch-failure-file vendor/libnghttp2-sys/build.rs.orig W: cargo source: debian-adds-patch-failure-file vendor/openssl-sys/Cargo.toml.rej Would be good to fix those. [Upstream red flags] OK: - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody - no use of setuid - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - not part of the UI for extra checks - no translation present, but given the usage not being the finale user, this is ok. Problems: - There are a lot of warnings during the package build due to vendored dependencies. Are those logged/worked on upstream? ** Changed in: cargo (Ubuntu) Assignee: Didier Roche (didrocks) => Simon Chopin (schopin) ** Changed in: cargo (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1957932 Title: [MIR] rustc, cargo To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cargo/+bug/1957932/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929038] Re: [SRU] Backport to 20.04 LTS
Hey Łukasz! Thanks for accepting it! impish has a version of adsys. This is an entreprise feature and I doubt we have users there, as by default, this is hilighted for LTSes only. Functionality-wise, as there is no ubuntu-advantage-desktop-daemon, this is equivalent to the version already present there (apart from one bug fix). We can prepare the SRU if you feel this is a deal-breaker, but I think this is more for paperwork than having a real rationale. What’s your opinion on this? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929038 Title: [SRU] Backport to 20.04 LTS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1929038/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929038] Re: [SRU] Backport to 20.04 LTS
Hey Łukasz! Thanks for accepting it! impish has a version of adsys. This is an entreprise feature and I doubt we have users there, as by default, this is hilighted for LTSes only. Functionality-wise, as there is no ubuntu-advantage-desktop-daemon, this is equivalent to the version already present there (apart from one bug fix). We can prepare the SRU if you feel this is a deal-breaker, but I think this is more for paperwork than having a real rationale. What’s your opinion on this? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929038 Title: [SRU] Backport to 20.04 LTS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1929038/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1929038] Re: [SRU] Backport to 20.04 LTS
Thanks Łukasz! This is now in focal NEW. I think this could be accepted, migrate to update even and then, we can think about promoting it to main once #1936907 is approved. What do you think? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1929038 Title: [SRU] Backport to 20.04 LTS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adsys/+bug/1929038/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1954909] Re: [MIR] ubuntu-advantage-desktop-daemon
The source package was not promoted. Doing so now: Override component to main ubuntu-advantage-desktop-daemon 1.6 in jammy: universe/misc -> main Override [y|N]? y 1 publication overridden. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1954909 Title: [MIR] ubuntu-advantage-desktop-daemon To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-desktop-daemon/+bug/1954909/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
Yeah, I don’t think that worths a delta. My general annoyance with this is that when you start having some warnings/errors in a project during build, you start accepting more and more of them until it’s not readable and you miss a valid concern. This is why, I tend to patch and add either linter stenza with explanation or fix the issue to keep something "clean". -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951834] Re: [MIR]: frr
[Summary] Thanks a lot Andreas for the detailed and high quality MIR, with relevant researches and background information. I was first tempted to diff between quagga and frr to do a quick assessement. However, there are too many differences to avoid doing a full package checks. Here are my findings: I can’t give a definitive ack right now until those questions are answered and some few fixes: Notes/required TODOs: * does it need a security review in your opinon? Like, since the first MIR security assessment, a lot of time have passed. Is this the opportunity to benefit from another review or do you think the overall diff from the first MIR in term of security handling is small enough to not justify having a new one? * can you give the exact list of binary packages to promote? You mentioned for instance to keep frr-rpki-rtrlib in universe to avoid pulling librtr to main. I think the definitive will help on the AA side. * It is on the lto-disabled list. Fix, or the work-around should be directly in the package. * There are some compiler warning in the build logs. This is maybe the right time to get them fixed? * finally, once this is promoted, how do we explicitely demote quagga? I don’t find it in the seed. What is going to be uploaded to switch to frr? [Duplication] Fork of quagga, will replace it and the first one will be demoted. [Dependencies] OK: - no -dev/-debug/-doc packages that need exclusion - No dependencies in main that are only superficially tested requiring more tests now. Problems: - new dependencies in main, libyang2: https://launchpad.net/ubuntu/+source/libyang2 #1958293 [Embedded sources and static linking] OK: - no embedded source present - no static linking - does not have odd Built-Using entries [Security] OK: - history of CVEs is expected for this kind of daemon and usage, It does not look concerning - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats - does not open a port/socket - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (eg, pam), etc) - does not deal with security attestation (secure boot, tpm, signatures) Problems: - one run a daemon as root, as explained in the description [Common blockers] OK: - does not FTBFS currently - does have a test suite that runs at build time - test suite fails will fail the build upon error from the MIR description. Note that the summary mentions "TOTAL: 0" - does have a non-trivial test suite that runs as autopkgtest - no new python2 dependency [Packaging red flags] OK: Ubuntu does not carry a delta - symbols tracking not applicable for this kind of code. - d/watch is present and looks ok (if needed, e.g. non-native) - Upstream update history is good - Debian/Ubuntu update history is good - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far maintained the package - no massive Lintian warnings (rather pendantic ones) - d/rules is rather clean Problems: - It is on the lto-disabled list. Fix, or the work-around should be directly in the package, [Upstream red flags] OK: - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - not part of the UI for extra checks Problems: * Some warnings during build logs: bgpd/bgp_community_alias.c: In function ‘bgp_ca_alias_hash_cmp’: bgpd/bgp_community_alias.c:60:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 8192 [-Wstringop-overread] 60 | return (strncmp(ca1->alias, ca2->alias, sizeof(struct community_alias)) | ^~~ bgpd/bgp_community_alias.c: In function ‘bgp_ca_community_hash_cmp’: bgpd/bgp_community_alias.c:43:17: warning: ‘strncmp’ specified bound 8228 exceeds source size 36 [-Wstringop-overread] 43 | return (strncmp(ca1->community, ca2->community, | ^~~ 44 | sizeof(struct community_alias)) | ~~~ In file included from /usr/include/string.h:519, from ./lib/zebra.h:38, from tests/lib/test_nexthop_iter.c:25: In function ‘strncpy’, inlined from ‘str_append’ at tests/lib/test_nexthop_iter.c:37:3, inlined from ‘str_appendf’ at tests/lib/test_nexthop_iter.c:55:2: /usr/include/x86_64-linux-gnu/bits/string_fortified.h:95:10: warning: ‘__builtin_strncpy’ specified bound depends on the length of the source argument [-Wstringop-truncation] 95 | return __builtin___strncpy_chk (__dest, __src, __len, |
[Bug 1951834] Re: [MIR]: frr
** Changed in: frr (Ubuntu) Assignee: (unassigned) => Didier Roche (didrocks) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951834 Title: [MIR]: frr To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/frr/+bug/1951834/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1956444] Re: [MIR] libset-intspan-perl
Review for Package: libset-intspan-perl [Summary] MIR team ACK. Small package, nothing special to note. No TODO or recommendations. Thanks for the complete bug description. Do not forget to subscribe fundation team to the package bugs before asking for promotion. This does not need a security review. [Duplication] There is no other package in main providing the same functionality. [Dependencies] OK: - no other Dependencies to MIR due to this - checked with check-mir - not listed in seeded-in-ubuntu - none of the (potentially auto-generated) dependencies (Depends and Recommends) that are present after build are not in main - no -dev/-debug/-doc packages that need exclusion - No dependencies in main that are only superficially tested requiring more tests now. [Embedded sources and static linking] OK: - no embedded source present - no static linking - does not have odd Built-Using entries OK: - not a go package, no extra constraints to consider in that regard [Security] OK: - history of CVEs does not look concerning - does not run a daemon as root - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats - does not open a port/socket - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (eg, pam), etc) - does not deal with security attestation (secure boot, tpm, signatures) [Common blockers] OK: - does not FTBFS currently - does have a test suite that runs at build time - test suite fails will fail the build upon error. - does have a non-trivial test suite that runs as autopkgtest - no new python2 dependency [Packaging red flags] OK: - Ubuntu does not carry a delta - symbols tracking not applicable for this kind of code. - d/watch is present and looks ok (if needed, e.g. non-native) - Upstream update history is slow, but it does not need regular maintainance. - Debian/Ubuntu update history is slow, but it does not need regular maintainance. - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far - no massive Lintian warnings - d/rules is rather clean - It is not on the lto-disabled list [Upstream red flags] OK: - no Errors/warnings during the build - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody - no use of setuid - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - not part of the UI for extra checks ** Changed in: libset-intspan-perl (Ubuntu) Status: New => Fix Committed ** Changed in: libset-intspan-perl (Ubuntu) Assignee: Didier Roche (didrocks) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1956444 Title: [MIR] libset-intspan-perl To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libset-intspan-perl/+bug/1956444/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953197] Re: [MIR] xdg-desktop-portal-gnome
** Changed in: xdg-desktop-portal-gnome (Ubuntu) Status: Confirmed => Fix Committed ** Changed in: xdg-desktop-portal-gnome (Ubuntu) Assignee: Didier Roche (didrocks) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953197 Title: [MIR] xdg-desktop-portal-gnome To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xdg-desktop-portal-gnome/+bug/1953197/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1956768] Re: [MIR] fwupd-efi
Override component to main fwupd-unsigned 1:1.1-3 in jammy amd64: universe/admin/optional/100% -> main fwupd-unsigned 1:1.1-3 in jammy arm64: universe/admin/optional/100% -> main fwupd-unsigned 1:1.1-3 in jammy armhf: universe/admin/optional/100% -> main fwupd-unsigned-dev 1:1.1-3 in jammy amd64: universe/admin/optional/100% -> main fwupd-unsigned-dev 1:1.1-3 in jammy arm64: universe/admin/optional/100% -> main fwupd-unsigned-dev 1:1.1-3 in jammy armhf: universe/admin/optional/100% -> main Override [y|N]? y 6 publications overridden. ** Changed in: fwupd-efi (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1956768 Title: [MIR] fwupd-efi To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1956768/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953197] Re: [MIR] xdg-desktop-portal-gnome
Review for Package: xdg-desktop-portal-gnome [Summary] MIR team ack from my standpoint. Just a recommended TODO that will be great to look at, but not a blocker. Recommended TODOs: - There are a number of deprecation and compiler warnings. Mind reporting them upstream and check if any could create issues? [Duplication] There is no other package in main providing the same functionality. [Dependencies] OK: - no other Dependencies to MIR due to this - checked with check-mir - not listed in seeded-in-ubuntu - none of the (potentially auto-generated) dependencies (Depends and Recommends) that are present after build are not in main - no -dev/-debug/-doc packages that need exclusion - No dependencies in main that are only superficially tested requiring more tests now. [Embedded sources and static linking] OK: - no embedded source present - no static linking - does not have odd Built-Using entries - not a go package, no extra constraints to consider in that regard - No vendoring used, all Built-Using are in main [Security] OK: - history of CVEs does not look concerning - does not run a daemon as root - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats - does not open a port/socket - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (eg, pam), etc) - does not deal with security attestation (secure boot, tpm, signatures) [Common blockers] OK: - does not FTBFS currently - does not have a test suite that runs at build time, but have a manual test written in the description - does not have a non-trivial test suite that runs as autopkgtest, but have a manual test written in the description - no new python2 dependency [Packaging red flags] OK: - Ubuntu does not carry a delta - symbols tracking not applicable for this kind of code. - d/watch is present and looks ok (if needed, e.g. non-native) - Upstream update history is good - Debian/Ubuntu update history is good - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far - no massive Lintian warnings - d/rules is rather clean - It is not on the lto-disabled list [Upstream red flags] OK: - no Errors but some warnings during the build - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody - no use of setuid - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - part of the UI, but does not need desktop file - translation present Problems: - There are a number of deprecation and compiler warnings. Mind reporting them upstream and check if any could create issues? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953197 Title: [MIR] xdg-desktop-portal-gnome To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xdg-desktop-portal-gnome/+bug/1953197/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1956949] Re: CPC AWS jammy builds fail with: "fuse3 : Breaks: fuse"
** Changed in: gvfs (Ubuntu) Assignee: Didier Roche (didrocks) => Sebastien Bacher (seb128) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1956949 Title: CPC AWS jammy builds fail with: "fuse3 : Breaks: fuse" To manage notifications about this bug go to: https://bugs.launchpad.net/launchpad-buildd/+bug/1956949/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951069] Re: [MIR] raqm
Excellent, thanks @waveform! MIR team ack. Promoting it right away as pillow is trying to pull it already. ** Changed in: raqm (Ubuntu) Status: Incomplete => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951069 Title: [MIR] raqm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/raqm/+bug/1951069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951069] Re: [MIR] raqm
raqm 0.7.0-4ubuntu1 in jammy: universe/misc -> main libraqm-dev 0.7.0-4ubuntu1 in jammy amd64: universe/libdevel/optional/100% -> main libraqm-dev 0.7.0-4ubuntu1 in jammy arm64: universe/libdevel/optional/100% -> main libraqm-dev 0.7.0-4ubuntu1 in jammy armhf: universe/libdevel/optional/100% -> main libraqm-dev 0.7.0-4ubuntu1 in jammy ppc64el: universe/libdevel/optional/100% -> main libraqm-dev 0.7.0-4ubuntu1 in jammy riscv64: universe/libdevel/optional/100% -> main libraqm-dev 0.7.0-4ubuntu1 in jammy s390x: universe/libdevel/optional/100% -> main libraqm0 0.7.0-4ubuntu1 in jammy amd64: universe/libs/optional/100% -> main libraqm0 0.7.0-4ubuntu1 in jammy arm64: universe/libs/optional/100% -> main libraqm0 0.7.0-4ubuntu1 in jammy armhf: universe/libs/optional/100% -> main libraqm0 0.7.0-4ubuntu1 in jammy ppc64el: universe/libs/optional/100% -> main libraqm0 0.7.0-4ubuntu1 in jammy riscv64: universe/libs/optional/100% -> main libraqm0 0.7.0-4ubuntu1 in jammy s390x: universe/libs/optional/100% -> main Override [y|N]? y 13 publications overridden. ** Changed in: raqm (Ubuntu) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951069 Title: [MIR] raqm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/raqm/+bug/1951069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1957050] [NEW] [MIR] suitesparse-graphblas
Public bug reported: Opening a placeholder MIR for now until seb has some time to look at it and decide on a strategy: - either removing the recommends on suitesparse - or handle this MIR. ** Affects: suitesparse-graphblas (Ubuntu) Importance: Undecided Assignee: Sebastien Bacher (seb128) Status: Incomplete ** Tags: jammy ** Changed in: suitesparse-graphblas (Ubuntu) Assignee: (unassigned) => Sebastien Bacher (seb128) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1957050 Title: [MIR] suitesparse-graphblas To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/suitesparse-graphblas/+bug/1957050/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951069] Re: [MIR] raqm
ack, keep me posted once the autopkgtests are uploaded and I’m happy to ack the MIR :) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951069 Title: [MIR] raqm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/raqm/+bug/1951069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951069] Re: [MIR] raqm
Sorry for the delayed response, but EOY holidays and such :) Ack on the new versions. If you can see if we should backport some of the fixes in 0.7.2, I will let that to you… On the autopkgtests, the question is how to protect raqm from it’s dependencies. If a dependency is changing, then only the autopkgtests will be rerun and we will notice any regression. This is in that sense (not in any upload itself, as indeed, this will technically run the same tests twice under the same condition: test during build and test during autopkgtests). However, this protects you in case of a dependency breaking raqm. Does it make sense? If the tests are only unit tests (but it seemed it uses some libraries), feel free to inform me and we can disregard (however, we will thus need a manual test plan as per MIR template request). ** Changed in: raqm (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951069 Title: [MIR] raqm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/raqm/+bug/1951069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953197] Re: [MIR] xdg-desktop-portal-gnome
As discussed together, this will be reviewed post-christmas (letting this for the MIR team on next weekly meeting) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953197 Title: [MIR] xdg-desktop-portal-gnome To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xdg-desktop-portal-gnome/+bug/1953197/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1952924] Re: [MIR] pipewire-media-session
Indeed, thanks for tracking it here. MIR ack then. ** Changed in: pipewire-media-session (Ubuntu) Status: New => Fix Committed ** Changed in: pipewire-media-session (Ubuntu) Assignee: Didier Roche (didrocks) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1952924 Title: [MIR] pipewire-media-session To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pipewire-media-session/+bug/1952924/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1952924] Re: [MIR] pipewire-media-session
Ack on the testplan. The remaining part is some comments on the recommended TODO. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1952924 Title: [MIR] pipewire-media-session To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pipewire-media-session/+bug/1952924/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953197] Re: [MIR] xdg-desktop-portal-gnome
Similarly to https://bugs.launchpad.net/ubuntu/+source/pipewire-media- session/+bug/1952924 and as documented in the MIR template, a written test plan is required and should be linked from the MIR description. Do you mind providing one before I spend some time on the MIR itself? Thanks. ** Changed in: xdg-desktop-portal-gnome (Ubuntu) Assignee: Didier Roche (didrocks) => (unassigned) ** Changed in: xdg-desktop-portal-gnome (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953197 Title: [MIR] xdg-desktop-portal-gnome To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xdg-desktop-portal-gnome/+bug/1953197/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1952924] Re: [MIR] pipewire-media-session
r buffer[1024];
| ^~
Could this be investigated?
** Changed in: pipewire-media-session (Ubuntu)
Assignee: Didier Roche (didrocks) => (unassigned)
** Changed in: pipewire-media-session (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1952924
Title:
[MIR] pipewire-media-session
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/pipewire-media-session/+bug/1952924/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951069] Re: [MIR] raqm
xReview for Package: raqm [Summary] MIR team ACK, under the constraint that the autopktests possible enhancements are a little bit more explored (see below) and that check (I didn’t see any rationale in the request) on why raqm hasn’t been updated despite having new releases for a year now. Recommended TODOs: - check if the autopkgtests can be enhanced - check why 0.7.1 and 0.7.2 ara available (from Nov 2020 for the former) without any update on debian/ubuntu. As the package hasn’t changed for multiple releases. I think those fixes are not distro-patched either. [Duplication] There is no other package in main providing the same functionality. [Dependencies] OK: - no other Dependencies to MIR due to this - checked with check-mir - not listed in seeded-in-ubuntu - none of the (potentially auto-generated) dependencies (Depends and Recommends) that are present after build are not in main - no -dev/-debug/-doc packages that need exclusion - No dependencies in main that are only superficially tested requiring more tests now. [Embedded sources and static linking] OK: - no embedded source present - no static linking - does not have odd Built-Using entries OK: - not a go package, no extra constraints to consider in that regard - No vendoring used, all Built-Using are in main [Security] OK: - history of CVEs does not look concerning - does not run a daemon as root - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats - does not open a port/socket - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (eg, pam), etc) - does not deal with security attestation (secure boot, tpm, signatures) [Common blockers] OK: - does not FTBFS currently - does have a test suite that runs at build time - test suite fails will fail the build upon error. - no new python2 dependency Problems: - the autopkgtest test is trivial: build it, run it, don’t check the output. Can we maybe check the output given known inputs and see what is returned is expected? [Packaging red flags] OK: - Ubuntu does not carry a delta - symbols tracking is in place - d/watch is present and looks ok (if needed, e.g. non-native) - Upstream update history is slow, but seems in maintainance mode - Debian/Ubuntu update history is slow - promoting this does not seem to cause issues for MOTUs that so far maintained the package - no massive Lintian warnings (only older lintian version used) - d/rules is rather clean - It is not on the lto-disabled list (fix, or the work-around should be directly in the package, see https://launchpad.net/ubuntu/+source/lto-disabled-list) Problems: - the current release and previous one is not packaged. The previous release is more than one year old. [Upstream red flags] OK: - no Errors/warnings during the build - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody - no use of setuid - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit, seed or libgoa-* - not part of the UI for extra checks ** Changed in: raqm (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951069 Title: [MIR] raqm To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/raqm/+bug/1951069/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1949776] Re: [MIR] wireplumber
I unsuscribed the MIR team so that we can revisit it all once we are wanting to promote it to main again and review it. Once this is the case, please resuscribe, update any needed information and set the bug report state back to New. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1949776 Title: [MIR] wireplumber To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wireplumber/+bug/1949776/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
