Ubuntu 12.04 is EOL and real world usage of RC4 is probably at an
historical low due to being broken. OpenSSL 1.1.0 dropped RC4 from the
DEFAULT ciphersuites which means that only 16.04 has support for it now.
This was confirmed by running the following on 16.04, 18.04 and 20.04:
openssl ciphers
Hi Orvar,
The problem seems to be due to a local configuration error where the
parameter "mydomain" is not valid:
newaliases: warning: valid_hostname: numeric hostname: 04
newaliases: fatal: file /etc/postfix/main.cf: parameter mydomain: bad parameter
value: 04
dpkg: error processing package
I've deployed a test package with all 3 git commits included. I will
report here after few days of testing and hopefully a debdiff to propose
;)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1894879
Public bug reported:
haproxy 2.0.13-2 keeps crashing for us:
# journalctl --since yesterday -u haproxy --grep ALERT | grep -F 'exited with
code '
Sep 07 18:14:57 foo haproxy[16831]: [ALERT] 250/181457 (16831) : Current worker
#1 (16839) exited with code 139 (Segmentation fault)
Sep 07 19:45:23
For what it's worth, Bionic's bind9 version should support EdDSA according to
https://bind.isc.org/doc/arm/9.11/man.dnssec-keygen.html
I dunno how well it would work on 9.11.3 though.
It would be nice to have EdDSA support enabled in Bionic if that can
work reliably. It would help with the
** Bug watch added: Debian Bug tracker #969198
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969198
** Also affects: msmtp (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=969198
Importance: Unknown
Status: Unknown
--
You received this bug notification because
This was fixed in 1.8.3-1 which means Ubuntu Eaon and later are fixed.
Marking as fix released.
** Changed in: msmtp (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
The Debian but was solved in 1.8.5-1 which means it automatically got
fixed in Ubuntu Focal and later. Marking as fix released in Ubuntu as
well.
** Changed in: msmtp (Ubuntu)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of Ubuntu
@Heikki, I would suggest you report this to Debian as msmtp(-mta) is
simply sync'ed from Debian to Ubuntu. Once you've done it, please add
the link to the bug in here. Thanks!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Bionic shipped with 1.2.4-1 so it has the fix, as such marking as fix
released.
** Changed in: zfs-auto-snapshot (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Xenial and later have the fix so marking as fix released.
** Changed in: open-iscsi (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1268240
Title:
Hi Robie,
I filled the SRU template and would appreciate if you/your team could
take a look at the debdiff for Bionic (I don't intent to get one for
Xenial). I tested it, in various scenarios (R/W, R/O, super R/O) and it
worked fine.
Regards,
Simon
** Patch added:
** Description changed:
- Updates of the mysql-server-5.7 package fail to install (error during
- postinst) if operating in (super) read-only mode. A read-only replica is
- common in redundant/HA setups.
+ [Impact]
- Steps to reproduce:
+ Updates of the mysql-server-5.7 package fail to install
Public bug reported:
# Issue description:
On 2 Linode VMs that are used as lxd hosts, we noticed that
/run/systemd/resolve/*resolv.conf were re-created quite frequently (~
once per second). We noticed because of the log noise from lxd's dnsmasq
instance using inotify to watch the target of
strace'ing systemd-resolved showed that files under
/run/systemd/netif/links/ are re-created as well when a RA comes in but
their content never changes yet the stub-resolv.conf is created over and
over:
root@lxd02:~# cat /run/systemd/netif/links/*
/run/systemd/resolve/stub-resolv.conf | md5sum;
This change was done in https://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=815475 to comply with this policy:
https://www.debian.org/doc/packaging-manuals/java-policy/ch02.html
#policy-programs
As such, marking as invalid.
** Bug watch added: Debian Bug tracker #815475
Eoan is EOL now and supported releases ship with 8u265 and 11.0.8 ATM so
marking as fix released.
** Changed in: openjdk-8 (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Artful is EOL and other supported releases have received a newer openjdk
version so marking as fix released.
** Changed in: openjdk-8 (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Marking as fix released because 8u111 has long been released to all
supported releases.
** Changed in: openjdk-8 (Ubuntu)
Status: Triaged => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Public bug reported:
Whenever I start chromium's snap, I get the following messages:
Aug 6 10:50:08 simon-lemur kernel: [10608.138795] audit: type=1326
audit(1596725407.998:159): auid=1000 uid=1000 gid=1000 ses=2 pid=32290
comm="chrome"
Hi Lars,
The freeze mode looked promising but it bypasses a lot of good bits of
the configure script like Apparmor profile activation, directories
perms/owner fixes, etc. Also, the postinst script stops the MySQL
service unconditionally and the configure aborts early in freeze mode,
leaving the
Hi Robie,
I took a look at mysql-server-core-5.7 based on IRC discussions with
you. Unfortunately, this package doesn't create the mysql user and
group, doesn't provide the systemd unit and doesn't integrate well with
other tooling (like the mysql puppet module maintained by puppetlabs).
For
Public bug reported:
Running 'netplan apply' leaves leftover directories under /tmp.
Steps to reproduce:
1) Create a container
$ lxc launch images:ubuntu/focal f-netplan
2) Run 'netplan apply'
$ lxc exec f-netplan netplan apply
$ lxc exec f-netplan netplan apply
3) Check for leftovers
$ lxc
** Description changed:
Updates of the mysql-server-5.7 package fail to install (error during
postinst) if operating in (super) read-only mode. A read-only replica is
common in redundant/HA setups.
Steps to reproduce:
1) Setup a container (bionic or xenial would do)
$ lxc launch
Hi Paride, thanks for having a look. Would you consider the provided
patch for inclusion? It worked in my local tests.
** Patch added: "Skip mysql_upgrade when in (super) read-only mode"
The mysql-server packages (8.0) provided in later releases (focal+) are
not affected.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1889472
Title:
mysql-server-5.7 postinst fails when in read-only
Public bug reported:
Updates of the mysql-server-5.7 package fail to install (error during
postinst) if operating in (super) read-only mode. A read-only replica is
common in redundant/HA setups.
Steps to reproduce:
1) Setup a container (bionic or xenial would do)
$ lxc launch
OpenSSL did a re-licensing that was completed in 2017. This, I believe,
makes it compatible with Ubuntu/Debian because it is now under the
Apache License v. 2.0. I've reported it to Debian as it would be best to
not incur a delta in Ubuntu for that.
** Bug watch added: Debian Bug tracker #966395
Reproduction procedure followed for all verification:
1) initial problem:
apt install --no-install-recommends -y openvpn
touch /etc/openvpn/lp1868127.conf
chmod 0600 /etc/openvpn/lp1868127.conf
cat << EOF > /etc/openvpn/lp1868127.conf
...
EOF
systemctl start openvpn@lp1868127
systemctl
[Test Case]
$ lxc launch ubuntu:20.04/amd64 sudo-sru-lp1857036-test
$ lxc shell sudo-sru-lp1857036-test
Reproduce the problem
root@sudo-sru-lp1857036-test:~# sudo true
sudo: setrlimit(RLIMIT_CORE): Operation not permitted
Enable -proposed and update
root@sudo-sru-lp1857036-test:~# apt install
I personally don't think this is worth a SRU but if someone believes
otherwise, I'll be happy to provide the steps to reproduce and help get
this through.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Thanks Bryce for the PPA. I can confirm it does work:
# reproduce the problem:
root@sudo-sru-lp1857036-test:~# sudo true
sudo: setrlimit(RLIMIT_CORE): Operation not permitted
# get the fix from the PPA:
root@sudo-sru-lp1857036-test:~# apt-add-repository -yus
*** This bug is a duplicate of bug 1857036 ***
https://bugs.launchpad.net/bugs/1857036
** This bug has been marked a duplicate of bug 1857036
`sudo --login --user USERNAME` throws `setrlimit(RLIMIT_CORE): Operation not
permitted` error when run inside a container.
--
You received this
*** This bug is a duplicate of bug 1857036 ***
https://bugs.launchpad.net/bugs/1857036
** This bug has been marked a duplicate of bug 1857036
`sudo --login --user USERNAME` throws `setrlimit(RLIMIT_CORE): Operation not
permitted` error when run inside a container.
--
You received this
Reproducing the issue *before* the patch:
root@foo:~# dpkg -l| grep -wF ' systemd '
ii systemd 245.4-4ubuntu3.1 amd64system
and service manager
root@foo:~# systemctl status test.service
● test.service - Test Truncate
Loaded: loaded
When systemd-resolved is used, you are better off using the openvpn-
systemd-resolved package instead. To do so, you need to `apt install
openvpn-systemd-resolved` and add the following lines to your config:
script-security 2
setenv PATH
On 2020-07-03 3:37 a.m., Christian Ehrhardt wrote:
> Also subscribing Simon who submitted the bug report
I had forgotten about it, thanks for the reminder! I turned the patch
into a merge request [1] which tested fine on Debian/Sid. I'm waiting a
few more days for feedback but will merge it
A SRU to Focal would be greatly appreciated as dehydrated (Let's Encrypt
client) is also affected, probably because it's in essence just a bash
script. Here are the logs where it seems to indicate the certificate
doesn't need to to be renewed just yet:
Jun 25 00:26:10 rproxy dehydrated[21256]: +
@Christian,
https://code.launchpad.net/~sdeziel/ubuntu/+source/rsyslog/+git/rsyslog/+merge/382345
was a 'drive-by' merge proposal not associated with any LP (is that
OK?). As such, I don't consider it related to this bug which can be
closed now AFAICT.
--
You received this bug notification
Public bug reported:
* Use case
An admin wants to tune ssl_protocols and ssl_prefer_server_ciphers so
he/she drops a snippet file in /etc/nginx/conf.d/ like other parameters
are usually configured.
* Problem
This doesn't work as those 2 parameters are already set in the global
config shipped
On 2020-06-02 8:50 p.m., Chris Halse Rogers wrote:
> You don't *have* to include the full output of the test cases when
> verifying a bug (although, depending on how much output there is, it can
> be nice).
OK, good, thanks for clarifying!
> I don't think it was clear that you *had* gone through
@Brian, I did go through the full test case when marking it as verified
in comment #20.
Do I really need to repeat the full test case when verifying a bug?
$ lxc launch images:ubuntu/focal fb1
$ lxc exec fb1 -- apt update && lxc exec fb1 -- apt install apparmor -y
$ lxc exec fb1 -- apt install
** Tags removed: verification-needed verification-needed-focal
** Tags added: verification-done verification-done-focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1872564
Title:
On 2020-05-29 9:27 a.m., Simon Déziel wrote:
> On 2020-05-29 9:15 a.m., Andreas Hasenack wrote:
>> Note for the future: do-release-upgrade can be used with --allow-third-
>> party which will keep the ppa enabled and also switch it to fetch
>> packages from the new releas
On 2020-05-29 9:15 a.m., Andreas Hasenack wrote:
> Note for the future: do-release-upgrade can be used with --allow-third-
> party which will keep the ppa enabled and also switch it to fetch
> packages from the new release.
Ah, thanks! I will try to enable $distro-proposed as it it was a
The cat's out of the bag already thanks to the releases to $distro-
security keeping your patch! I did a verification nevertheless as it's
now easier with the package being readily available so no need to use
the trick in comment 33 (will keep it in mind for the future though,
thanks Bryce!).
So
@Dirk, can't reproduce it here:
$ lxc launch images:ubuntu/focal postfix01
$ lxc exec postfix01 -- apt-get install -y postfix
$ lxc exec postfix01 -- systemctl status postfix
● postfix.service - Postfix Mail Transport Agent
Loaded: loaded (/lib/systemd/system/postfix.service; enabled; vendor
I'd like to mention that `systemctl $action openvpn@$foo` is using the
legacy systemd unit.
On 18.04 and newer, you are better off moving your config to
/etc/openvpn/client or /etc/openvpn/server and use corresponding and
modern systemd units: openvpn-client@$foo and openvpn-server@$foo
--
You
@bryce, I am sorry but I don't know how to verify what landed in
-proposed (or even your PPA).
All attempts with do-release-update failed and I ended up filling LP:
#1880760 to ask for an easy way to validate packages in the $distro-
proposed.
--
You received this bug notification because you
Public bug reported:
It seems there is no way to do a release upgrade to $distro-proposed.
do-release-upgrade has the --proposed flag but that only tells it to use
the upgrader from $distro-proposed.
When validating bug fixes for distro upgrade problem (like LP:
#1865218), it would be handy to
I tried various things to validate either the package from -proposed or
from Bryce's PPA but to no avail.
The problem is that do-release-upgrade doesn't let me use $distro-
proposed despite using do-release-upgrade -p and Bryce's PPA is
deactivated during the upgrade.
--
You received this bug
** Description changed:
[Impact]
A normal upgrade of a properly functioning PHP website server can
unexpectedly result in disabling PHP, when there are no misconfigurations or
other actual errors. It's also easy to miss the error message, thus making it
more challenging to notice the site
** Description changed:
[Impact]
A normal upgrade of a properly functioning PHP website server can
unexpectedly result in disabling PHP, when there are no misconfigurations or
other actual errors. It's also easy to miss the error message, thus making it
more challenging to notice the site
** Description changed:
[Impact]
A normal upgrade of a properly functioning PHP website server can
unexpectedly result in disabling PHP, when there are no misconfigurations or
other actual errors. It's also easy to miss the error message, thus making it
more challenging to notice the site
On 2020-05-25 4:17 a.m., Łukasz Zemczak wrote:
> This is fine right now, but please be sure to be a bit more verbose
> about what kind of testing has been performed on the selected package!
I went through the [test case] steps before and after the -proposed
update. Should I simply explicitly
On Focal, I can confirm the bug and the fix from 245.4-4ubuntu3.1
(focal-proposed). Thanks for working on this!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1860926
Title:
Ubuntu 20.04 Systemd
Public bug reported:
Description:
When installing zfsutils-linux, failure to `modprobe zfs` cause the package
installation to fail.
Ideally, modprobe should be attempted but not fatal.
Steps to reproduce:
# Prevent module loading
$ sudo sysctl kernel.modules_disabled=1
# Install the package
After pulling apparmor 2.13.3-7ubuntu5.1 from focal-proposed:
Get:18 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 apparmor
amd64 2.13.3-7ubuntu5.1 [494 kB]
...
Unpacking apparmor (2.13.3-7ubuntu5.1) over (2.13.3-7ubuntu5) ...
Setting up libapparmor1:amd64 (2.13.3-7ubuntu5.1) ...
To save you some work, I'll be happy to do the verification as soon as
something lands in focal-proposed. Thanks
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1872564
Title:
It tested fine with 237-3ubuntu10.41:
(Reading database ... 54686 files and directories currently installed.)
Preparing to unpack libnss-systemd_237-3ubuntu10.41_amd64.deb ...
Unpacking libnss-systemd:amd64 (237-3ubuntu10.41) over (237-3ubuntu10.40) ...
Preparing to unpack
@ddstreet, PersistentKeepalive is not needed as you'll see in the steps
to reproduce.
** Description changed:
[impact]
systemd-networkd uses incorrect netlink attribute length for wireguard's
persistent keepalive interval, which logs error messages from the
kernel, and may incorrectly
Steps to reproduce:
lxc launch images:ubuntu/bionic --vm -c security.secureboot=false foo
sleep 10 # allow booting
lxc exec foo -- apt install -y software-properties-common
lxc exec foo -- add-apt-repository -y ppa:wireguard/wireguard
lxc exec foo -- apt install -y wireguard-tools
cat << EOF |
Indeed, install wireguard-tools on Focal doesn't pull the wireguard-dkms
package.
I believe only 2) and 3) from comment 9 remain to be addressed.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1873288
Thanks for getting back. I'll mark the bug as invalid. If you feel the
documentation around logging could be improved, I would encourage you to
discuss with upstream on ways to improve it.
It's hard to come up with a default logging that's a good fit for
everyone. Those using /etc/msmtprc
Here is a strace of systemd-networkd when it was consuming 100% CPU:
https://paste.ubuntu.com/p/2XwxWwW99q/
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1877159
Title:
netlink: 'systemd-network':
On 2020-05-06 4:09 p.m., Rick Poleshuck wrote:
> I will try that. If that works,
It's what I use on all my machines.
> then the bug is only in the documentation referencing /var/log/msmtp.
I couldn't find any reference to that file in either the man page or
upstream doc [*] so please let us
The msmtp group was created to allow one to protect /etc/msmtprc from
regular users as it can contain plaintext passwords. If you join users
to that group, you lose the ability to protect those passwords.
Have you considered using 'syslog LOG_MAIL'? It should have everyone's
logs ending in
The missing rule for boot_id was added to Apparmor 2.13
(https://gitlab.com/apparmor/apparmor/-/blob/apparmor-2.13/profiles/apparmor.d/abstractions/nameservice#L35)
and was later refined in the master branch. As such, marking as fix
committed.
** Changed in: apparmor (Ubuntu)
Status: New
On 2020-05-06 2:49 p.m., Andreas Hasenack wrote:
> There are many alternatives here.
IIRC, `chmod -x` snippets from /etc/update-motd.d/ was the way to go a
few releases ago when it was consumed by run-parts.
> I think fixing this doesn't warrant an SRU, but should be considered for
> the devel
Public bug reported:
This morning, our 2 Bionic machine configured with the wireguard's PPA
and using systemd-networkd to configure the wireguard tunnel started
misbehaving. Why this started just now is unclear ATM but their dmesg
was filled with this:
validate_nla: 100 callbacks suppressed
*** This bug is a duplicate of bug 1633485 ***
https://bugs.launchpad.net/bugs/1633485
** This bug has been marked a duplicate of bug 1633485
Backport login throttling plugin to 5.6 and 5.7
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
The new version(s) were released and announced today:
https://usn.ubuntu.com/4350-1/
** Changed in: mysql-5.7 (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to the bug report.
This was fixed some time ago it seems:
$ dpkg -l| grep mysql-server-5.7
ii mysql-server-5.75.7.30-0ubuntu0.16.04.1
amd64MySQL database server binaries and system database setup
$ dpkg -L mysql-server-5.7 | grep control
squid in focal is indeed another package that triggers that denial but
it is non fatal there as mentioned by Andreas.
@ahasenack, with 4.11, squid's systemd unit moved from Type=forking to
Type=notify and with the error you showed, I would expect you to see a
denial trying to write to
`snap info lxd` says:
installed: 4.0.1 (14890) 72MB -
And indeed, there is a tmpfs mounted there:
root@bind:~# mount | grep boot
none on /proc/sys/kernel/random/boot_id type tmpfs
(ro,nosuid,nodev,noexec,relatime,size=492k,mode=755,uid=1524288,gid=1524288)
That said,
@Adriaan, are there really 2 sshd running? Or is it only one binding to
the 2 ports and applying different parameter using Match conditions?
Beware what on 20.04, there is support for additional config snippets
dropped in /etc/ssh/sshd_config.d/*.conf.
To check for 2 daemons:
sudo ss -nltp |
On a stock install, adding "Port 7722" to /etc/ssh/sshd_config and
restarting sshd gives me this:
# ss -nltp | grep sshd
LISTEN0 128 0.0.0.0:77220.0.0.0:*
users:(("sshd",pid=10651,fd=3))
LISTEN0 128 [::]:7722
If the libipsec plugin is not loaded then I cannot explain why it would
try to use /dev/net/tun so it's hard to make a case of extending the
profile.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Public bug reported:
Description:
motd-news complains that curl is missing on every run. motd-news.timer
firing every ~12 hours, this useless message ends up in the logs
regularly.
Steps to reproduce:
$ lxc launch images:ubuntu/focal motd
Creating motd
Starting motd
$ lxc exec motd --
I suspect you using kernel-libipsec which would explain why you are
running into this, right? Could you please try the following:
cat << EOF | sudo tee -a /etc/apparmor.d/local/usr.sbin.swanctl
# libcharon-extra-plugins: kernel-libipsec
/dev/net/tun rw,
EOF
sudo apparmor_parser
Thanks for following up!
** Changed in: msmtp (Ubuntu)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1875313
Title:
msmtp password lookup fails after
Now that msmtp is asking for password, can you send emails with it?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1875313
Title:
msmtp password lookup fails after upgrade to eoan
To manage
@karlsebal, it's possible the Apparmor profile is blocking access to
something. Could you attach the output of this command please: "sudo
journalctl -kb0 | grep msmtp".
** Changed in: msmtp (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member
Looks like some other process was left behind listening on the socket
thus preventing nginx from binding that IP/port:
Apr 24 18:49:59 xeonux systemd[1]: Starting A high performance web server and a
reverse proxy server...
Apr 24 18:49:59 xeonux nginx[22466]: nginx: [emerg] bind() to 0.0.0.0:443
I can confirm the problem and the workaround. For those interested
here's the how to fix the code in place:
cd /usr/share/cacti/site/lib
sed -i.orig "/if (sizeof(\$ids)) {/ s/sizeof/strlen/; /\$ids = array();/
s/array()/''/" utility.php
--
You received this bug notification because you are a
Thanks Jason and Andy for the very quick turnaround, it's much
appreciated!
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1873288
Title:
wireguard-tools should NOT recommend wireguard-dkms
To
linux-image-generic only ships the vmlinuz so I believe that's why it
doesn't directly "Provides: wireguard-modules". This is missing from
linux-modules-5.4.0-XX-generic though which outta have it because does
provides the .ko
--
You received this bug notification because you are a member of
I don't see wireguard-modules as being provided anywhere:
$ apt-cache show linux-image-generic linux-image-5.4.0-24-generic
linux-modules-5.4.0-24-generic | grep Provides
Provides: virtualbox-guest-modules (= 6.1.4-dfsg-2), zfs-modules (=
0.8.3-1ubuntu11)
Provides: aufs-dkms, fuse-module,
FYI, there is no wireguard-modules package on Ubuntu and the
wireguard.ko is shipped by linux-modules-5.4.0-XX-generic directly.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1873288
Title:
Public bug reported:
With 20.04, the wireguard-dkms is not strictly needed as the
wireguard.ko is now shipped with kernel packages.
# apt-cache show wireguard-tools | grep Recommends
Recommends: nftables | iptables, wireguard-dkms (>= 0.0.20191219) |
wireguard-modules (>= 0.0.20171001)
**
Scratch that. Using 'owner' on a root-owned but world readable file is
probably ill-advised in an abstraction. It seems plausible for an
application to do NSS lookup for user/group while running as non-root.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
On all my machines and using various daemons, the denial messages always
have fsuid==ouid. As such, I believe it would be OK to use the 'owner'
specifier like this:
owner @{PROC}/sys/kernel/random/boot_id r,
--
You received this bug notification because you are a member of Ubuntu
Bugs, which
The 1st SRU for Bionic failed because I typo'ed the path to the binary (rsyslog
!= rsyslogd).
Focal is fixed and Bionic is left with a 'bad' package in bionic-proposed. I
don't think redoing the SRU for Bionic is worth it, it's a default *disabled*
profile after all.
I'd leave things as is or
Oops, it should have been LOW, not LEGACY. Here it is again to avoid any
confusion:
As a workaround, can you try lowering the profile from MEDIUM [1] to LOW
[2]:
sudo mkdir /etc/gnutls
cat << EOF | sudo tee -a /etc/gnutls/config
[overrides]
default-priority-string =
As a workaround, can you try lowering the profile from MEDIUM [1] to
LEGACY:
sudo mkdir /etc/gnutls
cat << EOF | sudo tee -a /etc/gnutls/config
[overrides]
default-priority-string =
NORMAL:-VERS-ALL:+VERS-TLS1.3:+VERS-TLS1.2:+VERS-DTLS1.2:%PROFILE_LEGACY
EOF
1:
*** This bug is a duplicate of bug 1872778 ***
https://bugs.launchpad.net/bugs/1872778
As a workaround, can you try lowering the profile from MEDIUM [1] to LOW
[2]:
sudo mkdir /etc/gnutls
cat << EOF | sudo tee -a /etc/gnutls/config
[overrides]
default-priority-string =
** This bug is no longer a duplicate of bug 1872778
update-crypto-policies not affecting Gnome Online Accounts
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1860461
Title:
libgnutls30
On 2020-04-11 9:04 p.m., Simon Déziel wrote:
> On 2020-04-10 1:16 p.m., Jamie Strandboge wrote:
>> The abstraction is meant to cover the client, not systemd internal
>> specifics. A client simply accessing that DBus API won't need it and a
>> client simply accessing tho
Public bug reported:
# Description
On a default Focal install, systemd is used when looking up passwd and
group information:
# grep systemd /etc/nsswitch.conf
passwd: files systemd
group: files systemd
Daemons confined by Apparmor that also query those "databases" will
cause
With a fix landing for LP: #1850933, I thought I'd test upgrading from
Bionic to Focal. Unfortunately is doesn't work:
root@ba:~# do-release-upgrade -d
...
libapache2-mod-php7.4: php7.2 module already enabled, not enabling PHP 7.4
Setting up apache2 (2.4.41-4ubuntu2) ...
Job for apache2.service
201 - 300 of 2435 matches
Mail list logo