** Description changed: [Availability] The package resources is already in Ubuntu universe. The package resources build for the architectures it is designed to work on. TODO: It currently builds and works for architectures: TBD Link to package https://launchpad.net/ubuntu/+source/resources [Rationale] - The package resources is required in Ubuntu main for shipping as the default system monitor application in Ubuntu Desktop - The package resources will generally be useful for a large part of our user base - Additionally new use-cases enabled by this are: + monitoring of the GPU usage, including GPU-accelerated video encode and decode + advanced monitoring of virtual filesystems and virtual network devices + retirement of legacy applications "System Monitor" and "Power Statistics" - Package resources covers the same use case as gnome-system-monitor, but is better because: + it shows a beautiful UI that fits the modern Ubuntu desktop + it provides more information while being easier to read + it provides clear immediate control over graphical applications and not just individual processes + it is much better accessible for visually impaired users thereby we want to replace it. - There is no other/better way to solve this that is already in main or should go universe->main instead of this. - This is the first time package will be in main - The binary packages resources needs to be in main to be seeded in Ubuntu Desktop - There are no other produced binary packages - The package resources is required in Ubuntu main no later than Feb 19 due to Resolute Raccoon feature freeze. [Security] - No CVEs/security issues in this software in the past - no `suid` or `sgid` binaries - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs + - Security has been kept in mind and common isolation/risk-mitigation + patterns are in place utilizing the following features: + polkit for privilege escalation when needed to signal processes owned + by other users, with only an extremely minimal binary running privileged: + - The binary that will run privileged: https://salsa.debian.org/ubuntu-dev-team/resources/-/blob/ubuntu/latest/src/bin/resources-kill.rs + - The polkit policy: https://salsa.debian.org/ubuntu-dev-team/resources/-/blob/ubuntu/latest/data/net.nokyan.Resources.policy.in.in - Packages does not open privileged ports (ports < 1024). - Package does not expose any external endpoints - Packages does not contain extensions to security-sensitive software (filters, scanners, plugins, UI skins, ...) [Quality assurance - function/usage] - The package works well right after install [Quality assurance - maintenance] - The package is new in Ubuntu - https://bugs.launchpad.net/ubuntu/+source/resources/+bug - The package is on its way to Debian - The package is maintained well Upstream and does not have too many, long-term & critical, open bugs - https://github.com/nokyan/resources/issues - The package does not deal with exotic hardware we cannot support [Quality assurance - testing] - The package runs a test suite on build time, if it fails it makes the build fail, link to build log https://launchpadlibrarian.net/836385964/buildlog_ubuntu-resolute-amd64.resources_1.9.1-0ubuntu1~ppa4_BUILDING.txt.gz - The package only runs superficial autopkgtests because upstream does not provide an installed-tests suite. This is a graphical application so integration-testing should be done graphically, with tools like YARF, but this level of automation is not ready yet for Ubuntu. In its place, a manual test plan has been prepared at https://wiki.ubuntu.com/DesktopTeam/TestPlans/Resources - The package does have not failing autopkgtests right now [Quality assurance - packaging] - debian/watch is not present, instead it has `Archive: GitHub` in debian/upstream/metadata, which is equivalently picked up by `uscan` - debian/control defines a correct Maintainer field - This package does not yield massive lintian Warnings, Errors - Please link to a recent build log of the package <TBD> - Output of `lintian --pedantic`: W: resources: no-manual-page [usr/bin/resources] - Lintian overrides are not present - This package does not rely on obsolete or about to be demoted packages. - This package has no python2 or GTK2 dependencies - The package will be installed by default, but does not ask debconf questions higher than medium - Packaging and build is easy, link to debian/rules https://salsa.debian.org/ubuntu-dev- team/resources/-/blob/ubuntu/latest/debian/rules [UI standards] - Application is end-user facing, Translation is present, via standard intltool/gettext or similar build and runtime internationalization system see https://salsa.debian.org/ubuntu-dev-team/resources/-/tree/ubuntu/latest/po - End-user applications that ships a standard conformant desktop file, see https://salsa.debian.org/ubuntu-dev-team/resources/-/blob/ubuntu/latest/data/net.nokyan.Resources.desktop.in.in [Dependencies] - Used check-mir from ubuntu-dev-tools to validate all dependencies or recommends are in main. [Standards compliance] - This package correctly follows FHS and Debian Policy [Maintenance/Owner] - I Suggest the owning team to be ~desktop-packages - The future owning team is not yet subscribed, but will subscribe to the package before promotion - The team ~ubuntu-desktop is aware of the implications by a static build and commits to test no-change-rebuilds and to fix any issues found for the lifetime of the release (including ESM) - The team ~ubuntu-desktop is aware of the implications of vendored code and (as alerted by the security team) commits to provide updates and backports to the security team for any affected vendored code for the lifetime of the release (including ESM). - This package uses vendored rust code tracked in Cargo.lock, refreshing that code is outlined in debian/README.source - This package is rust based and vendors all non language-runtime dependencies - The package has been built within the last 3 months in the archive TODO: - Build link on launchpad: TBD This change will not impact other teams [Background information] The Package description explains the package well Upstream Name is nokyan Link to upstream project https://github.com/nokyan/resources Resources has been announced as the new system monitor application in the public Desktop roadmap for 26.04: https://discourse.ubuntu.com/t/ubuntu-26-04-lts-the-roadmap/72740
** Description changed: [Availability] The package resources is already in Ubuntu universe. The package resources build for the architectures it is designed to work on. TODO: It currently builds and works for architectures: TBD Link to package https://launchpad.net/ubuntu/+source/resources [Rationale] - The package resources is required in Ubuntu main for shipping as the default system monitor application in Ubuntu Desktop - The package resources will generally be useful for a large part of our user base - Additionally new use-cases enabled by this are: + monitoring of the GPU usage, including GPU-accelerated video encode and decode + advanced monitoring of virtual filesystems and virtual network devices + retirement of legacy applications "System Monitor" and "Power Statistics" - Package resources covers the same use case as gnome-system-monitor, but is better because: + it shows a beautiful UI that fits the modern Ubuntu desktop + it provides more information while being easier to read + it provides clear immediate control over graphical applications and not just individual processes + it is much better accessible for visually impaired users thereby we want to replace it. - There is no other/better way to solve this that is already in main or should go universe->main instead of this. - This is the first time package will be in main - The binary packages resources needs to be in main to be seeded in Ubuntu Desktop - There are no other produced binary packages - The package resources is required in Ubuntu main no later than Feb 19 due to Resolute Raccoon feature freeze. [Security] - No CVEs/security issues in this software in the past - no `suid` or `sgid` binaries - no executables in `/sbin` and `/usr/sbin` - Package does not install services, timers or recurring jobs - Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features: polkit for privilege escalation when needed to signal processes owned by other users, with only an extremely minimal binary running privileged: - The binary that will run privileged: https://salsa.debian.org/ubuntu-dev-team/resources/-/blob/ubuntu/latest/src/bin/resources-kill.rs - The polkit policy: https://salsa.debian.org/ubuntu-dev-team/resources/-/blob/ubuntu/latest/data/net.nokyan.Resources.policy.in.in - Packages does not open privileged ports (ports < 1024). - Package does not expose any external endpoints - Packages does not contain extensions to security-sensitive software (filters, scanners, plugins, UI skins, ...) [Quality assurance - function/usage] - The package works well right after install [Quality assurance - maintenance] - The package is new in Ubuntu - https://bugs.launchpad.net/ubuntu/+source/resources/+bug - The package is on its way to Debian - The package is maintained well Upstream and does not have too many, long-term & critical, open bugs - https://github.com/nokyan/resources/issues - The package does not deal with exotic hardware we cannot support [Quality assurance - testing] - The package runs a test suite on build time, if it fails - it makes the build fail, link to build log https://launchpadlibrarian.net/836385964/buildlog_ubuntu-resolute-amd64.resources_1.9.1-0ubuntu1~ppa4_BUILDING.txt.gz + it makes the build fail, link to build log TBD - The package only runs superficial autopkgtests because upstream does not provide an installed-tests suite. This is a graphical application so integration-testing should be done graphically, with tools like YARF, but this level of automation is not ready yet for Ubuntu. In its place, a manual test plan has been prepared at https://wiki.ubuntu.com/DesktopTeam/TestPlans/Resources - The package does have not failing autopkgtests right now [Quality assurance - packaging] - debian/watch is not present, instead it has `Archive: GitHub` in debian/upstream/metadata, which is equivalently picked up by `uscan` - debian/control defines a correct Maintainer field - This package does not yield massive lintian Warnings, Errors - Please link to a recent build log of the package <TBD> - Output of `lintian --pedantic`: W: resources: no-manual-page [usr/bin/resources] - Lintian overrides are not present - This package does not rely on obsolete or about to be demoted packages. - This package has no python2 or GTK2 dependencies - The package will be installed by default, but does not ask debconf questions higher than medium - Packaging and build is easy, link to debian/rules https://salsa.debian.org/ubuntu-dev- team/resources/-/blob/ubuntu/latest/debian/rules [UI standards] - Application is end-user facing, Translation is present, via standard intltool/gettext or similar build and runtime internationalization system see https://salsa.debian.org/ubuntu-dev-team/resources/-/tree/ubuntu/latest/po - End-user applications that ships a standard conformant desktop file, see https://salsa.debian.org/ubuntu-dev-team/resources/-/blob/ubuntu/latest/data/net.nokyan.Resources.desktop.in.in [Dependencies] - Used check-mir from ubuntu-dev-tools to validate all dependencies or recommends are in main. [Standards compliance] - This package correctly follows FHS and Debian Policy [Maintenance/Owner] - I Suggest the owning team to be ~desktop-packages - The future owning team is not yet subscribed, but will subscribe to the package before promotion - The team ~ubuntu-desktop is aware of the implications by a static build and commits to test no-change-rebuilds and to fix any issues found for the lifetime of the release (including ESM) - The team ~ubuntu-desktop is aware of the implications of vendored code and (as alerted by the security team) commits to provide updates and backports to the security team for any affected vendored code for the lifetime of the release (including ESM). - This package uses vendored rust code tracked in Cargo.lock, refreshing that code is outlined in debian/README.source - This package is rust based and vendors all non language-runtime dependencies - The package has been built within the last 3 months in the archive TODO: - Build link on launchpad: TBD This change will not impact other teams [Background information] The Package description explains the package well Upstream Name is nokyan Link to upstream project https://github.com/nokyan/resources Resources has been announced as the new system monitor application in the public Desktop roadmap for 26.04: https://discourse.ubuntu.com/t/ubuntu-26-04-lts-the-roadmap/72740 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2134467 Title: [MIR] resources To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2134467/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
