AWS Bug verified with the following script:
-----------------------------------
import logging
import os
from pycloudlib.ec2.cloud import EC2
api = EC2(
tag="test-ec2",
access_key_id=os.getenv("UACLIENT_BEHAVE_AWS_ACCESS_KEY_ID"),
secret_access_key=os.getenv("UACLIENT_BEHAVE_AWS_SECRET_ACCESS_KEY")
)
image_id = "ami-0193aa0a9df84a08b" # Focal pro image
private_key_path = "ec2-{}.pem".format("test-key")
key_name = "test-key"
if key_name in api.list_keys():
api.delete_key(key_name)
keypair = api.client.create_key_pair(KeyName=key_name)
with open(private_key_path, "w") as stream:
stream.write(keypair["KeyMaterial"])
os.chmod(private_key_path, 0o600)
api.use_key(private_key_path, private_key_path, key_name)
vpc = api.get_or_create_vpc(name="test-ec2-pro")
instance = api.launch(image_id, vpc=vpc)
print("--- Creating base instance")
print(instance.execute("lsb_release -a"))
instance.execute("sh -c 'sudo apt-get update > /dev/null'")
instance.execute("sh -c 'sudo apt-get install ubuntu-advantage-tools >
/dev/null'")
print(instance.execute("ua version"))
print(instance.execute("sudo ua enable fips --assume-yes"))
print("------------------")
print("--- Updating ua package")
cmd = "sudo sh -c \"echo 'deb http://archive.ubuntu.com/ubuntu/ {}-proposed
restricted main multiverse universe' >>
/etc/apt/sources.list.d/proposed-repositories.list\""
instance.execute(cmd.format("focal"))
instance.execute("sh -c 'sudo apt-get update > /dev/null'")
instance.execute("sh -c 'sudo apt-get install ubuntu-advantage-tools >
/dev/null'")
print(instance.execute("ua version"))
print(instance.execute("sudo ua enable fips --assume-yes"))
print("------------------")
instance.delete()
-----------------------------------------------
To run that script, you need the pycloudlib dependency, which can be found here:
https://github.com/canonical/pycloudlib/tree/main/pycloudlib
Test output:
Test output:
--- Creating base instance
Distributor ID: Ubuntu
Description: Ubuntu 20.04.2 LTS
Release: 20.04
Codename: focal
27.2.2~20.04.1
One moment, checking your subscription first
Updating package lists
Installing FIPS packages
Updating package lists
Could not enable FIPS.
------------------
--- Updating ua package
27.3~20.04.1
One moment, checking your subscription first
Ubuntu Focal does not provide an AWS optimized FIPS kernel
For help see: https://ubuntu.com/advantage.
------------------
PS: This bug only affects focal
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1939932
Title:
Ubuntu PRO Focal on AWS and Azure should not install the generic FIPS
kernel via ubuntu-fips metapackage
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1939932/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
