[Touch-packages] [Bug 1860826] Re: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory
** Changed in: pam (Ubuntu Groovy) Status: Confirmed => Won't Fix ** Changed in: pam (Ubuntu) Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/1860826 Title: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory Status in pam package in Ubuntu: Fix Committed Status in pam source package in Focal: Confirmed Status in pam source package in Groovy: Won't Fix Status in pam package in Debian: Fix Released Bug description: Hello, after upgrading to focal I found the following in my journalctl output: Jan 24 23:07:00 millbarge sudo[32120]: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory Jan 24 23:07:01 millbarge sudo[32120]: pam_unix(sudo:auth): Couldn't open /etc/securetty: No such file or directory The login package stopped packaging this file: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=731656 and now forcibly removes the file: https://paste.ubuntu.com/p/myh9cGWrHD/ However, the pam package's pam_unix.so module has not yet been adapted to ignore this file: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=674857#25 Thanks ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: libpam-modules 1.3.1-5ubuntu4 ProcVersionSignature: Ubuntu 5.4.0-9.12-generic 5.4.3 Uname: Linux 5.4.0-9-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu15 Architecture: amd64 Date: Fri Jan 24 23:35:33 2020 ProcEnviron: TERM=rxvt-unicode-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: pam UpgradeStatus: Upgraded to focal on 2020-01-24 (0 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/1860826/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1933828] Re: NTP servers from DHCP are not propagated to timesyncd
The server is set via a configuration file. The default config file is /etc/systemd/timesyncd.conf and it can be overridden by dropping files in /etc/systemd/timesyncd.conf.d/. There is a pool of free ntp servers available on https://www.ntppool.org/en/. To test this fix you also need a DHCP server that returns NTP records. With VMs, you can use dnsmasq to provide NTP records by changing the values in dnsmasq.conf # Set the NTP time server addresses to 192.168.0.4 and 10.10.0.5 #dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5 Or if you're using libvirt, edit the configuration with "virsh net-edit default" (or the name of the network your VMs are attached to) then pass the option directly to dnsmasq (cf https://libvirt.org/formatnetwork.html for reference) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1933828 Title: NTP servers from DHCP are not propagated to timesyncd Status in OEM Priority Project: New Status in network-manager package in Ubuntu: New Status in network-manager source package in Focal: New Bug description: Network manager gets NTP servers from DHCP but do not update timesyncd to use it which keeps using ntp.ubuntu.com. This is a problem on private networks which do not have access to public internet. On this type of network the configuration of timesyncd must be updated manually instead of inheriting the conf from the dhcp servers. This can be integrated with a NM dispatcher script such as below: etc/NetworkManager/dispatcher.d/10-update-timesyncd for example: ==8<=8<=8<=8<=8<== #! /usr/bin/bash [ -n "$CONNECTION_UUID" ] || exit INTERFACE=$1 ACTION=$2 case $ACTION in up | dhcp4-change | dhcp6-change) [ -n "$DHCP4_NTP_SERVERS" ] || exit mkdir -p /etc/systemd/timesyncd.conf.d/ cat< /etc/systemd/timesyncd.conf.d/$CONNECTION_UUID.conf [Time] NTP=$DHCP4_NTP_SERVERS RootDistanceMaxSec=15 EOF systemctl restart systemd-timesyncd ;; down) rm -f /etc/systemd/timesyncd.conf.d/$CONNECTION_UUID.conf systemctl restart systemd-timesyncd ;; esac ==8<=8<=8<=8<=8<== ProblemType: Bug DistroRelease: Ubuntu 21.10 Package: network-manager 1.30.0-1ubuntu3 ProcVersionSignature: Ubuntu 5.11.0-18.19+21.10.1-generic 5.11.17 Uname: Linux 5.11.0-18-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu67 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME Date: Mon Jun 28 14:08:52 2021 InstallationDate: Installed on 2020-05-31 (393 days ago) InstallationMedia: Ubuntu 20.10 "Groovy Gorilla" - Alpha amd64 (20200527) RebootRequiredPkgs: linux-image-5.11.0-20-generic linux-base SourcePackage: network-manager UpgradeStatus: No upgrade log present (probably fresh install) nmcli-nm: RUNNING VERSION STATE STARTUP CONNECTIVITY NETWORKING WIFI-HW WIFI WWAN-HW WWAN running 1.30.0 connected started full enabled enabled disabled enabled enabled To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1933828/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1933828] Re: NTP servers from DHCP are not propagated to timesyncd
I tried to reproduce this, to test the fix, but I am stuck trying to figure out how to manually set the ntp server. I can't see any difference between when the vm (with no network) has this /etc/NetworkManager/dispatcher.d/10-update-timesyncd file in place or not. I think that's good but maybe not so relevant without “seeing” the problem. I've been looking at the commands: ◇ systemctl status systemd-timesyncd ◇ timedatectl show ◇ timedatectl status I believe timedatectl is the way a user would interact with timesyncd and there's a timedatectl command to set the time zone or even time, but nothing to set the server. So how the heck do you change the NTP server to something other than ntp.ubuntu.com? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1933828 Title: NTP servers from DHCP are not propagated to timesyncd Status in OEM Priority Project: New Status in network-manager package in Ubuntu: New Status in network-manager source package in Focal: New Bug description: Network manager gets NTP servers from DHCP but do not update timesyncd to use it which keeps using ntp.ubuntu.com. This is a problem on private networks which do not have access to public internet. On this type of network the configuration of timesyncd must be updated manually instead of inheriting the conf from the dhcp servers. This can be integrated with a NM dispatcher script such as below: etc/NetworkManager/dispatcher.d/10-update-timesyncd for example: ==8<=8<=8<=8<=8<== #! /usr/bin/bash [ -n "$CONNECTION_UUID" ] || exit INTERFACE=$1 ACTION=$2 case $ACTION in up | dhcp4-change | dhcp6-change) [ -n "$DHCP4_NTP_SERVERS" ] || exit mkdir -p /etc/systemd/timesyncd.conf.d/ cat< /etc/systemd/timesyncd.conf.d/$CONNECTION_UUID.conf [Time] NTP=$DHCP4_NTP_SERVERS RootDistanceMaxSec=15 EOF systemctl restart systemd-timesyncd ;; down) rm -f /etc/systemd/timesyncd.conf.d/$CONNECTION_UUID.conf systemctl restart systemd-timesyncd ;; esac ==8<=8<=8<=8<=8<== ProblemType: Bug DistroRelease: Ubuntu 21.10 Package: network-manager 1.30.0-1ubuntu3 ProcVersionSignature: Ubuntu 5.11.0-18.19+21.10.1-generic 5.11.17 Uname: Linux 5.11.0-18-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu67 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME Date: Mon Jun 28 14:08:52 2021 InstallationDate: Installed on 2020-05-31 (393 days ago) InstallationMedia: Ubuntu 20.10 "Groovy Gorilla" - Alpha amd64 (20200527) RebootRequiredPkgs: linux-image-5.11.0-20-generic linux-base SourcePackage: network-manager UpgradeStatus: No upgrade log present (probably fresh install) nmcli-nm: RUNNING VERSION STATE STARTUP CONNECTIVITY NETWORKING WIFI-HW WIFI WWAN-HW WWAN running 1.30.0 connected started full enabled enabled disabled enabled enabled To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1933828/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1942031] Re: gnome-shell crashed with SIGSEGV in _XSend() from XQueryExtension() from InitDisplayInfoEntry() from __glXLookupDisplay() from CommonMakeCurrent()
** Changed in: mutter (Ubuntu) Status: Opinion => Confirmed ** Changed in: mutter (Ubuntu) Assignee: Bernard Stafford (bernard010) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libx11 in Ubuntu. https://bugs.launchpad.net/bugs/1942031 Title: gnome-shell crashed with SIGSEGV in _XSend() from XQueryExtension() from InitDisplayInfoEntry() from __glXLookupDisplay() from CommonMakeCurrent() Status in Mutter: Unknown Status in gnome-shell package in Ubuntu: Confirmed Status in libx11 package in Ubuntu: Confirmed Status in mutter package in Ubuntu: Confirmed Bug description: The Ubuntu Error Tracker has been receiving reports about a problem regarding gnome-shell. This problem was most recently seen with package version 40.2-1ubuntu1, the problem page at https://errors.ubuntu.com/problem/11d90a7db51d11df7d99a6ef6e5aa31eb678d273 contains more details, including versions of packages affected, stacktrace or traceback, and individual crash reports. If you do not have access to the Ubuntu Error Tracker and are a software developer, you can request it at http://forms.canonical.com/reports/. To manage notifications about this bug go to: https://bugs.launchpad.net/mutter/+bug/1942031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1942031] Re: gnome-shell crashed with SIGSEGV in _XSend() from XQueryExtension() from InitDisplayInfoEntry() from __glXLookupDisplay() from CommonMakeCurrent()
** Changed in: mutter (Ubuntu) Assignee: (unassigned) => Bernard Stafford (bernard010) ** Changed in: mutter (Ubuntu) Status: Confirmed => Opinion -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libx11 in Ubuntu. https://bugs.launchpad.net/bugs/1942031 Title: gnome-shell crashed with SIGSEGV in _XSend() from XQueryExtension() from InitDisplayInfoEntry() from __glXLookupDisplay() from CommonMakeCurrent() Status in Mutter: Unknown Status in gnome-shell package in Ubuntu: Confirmed Status in libx11 package in Ubuntu: Confirmed Status in mutter package in Ubuntu: Opinion Bug description: The Ubuntu Error Tracker has been receiving reports about a problem regarding gnome-shell. This problem was most recently seen with package version 40.2-1ubuntu1, the problem page at https://errors.ubuntu.com/problem/11d90a7db51d11df7d99a6ef6e5aa31eb678d273 contains more details, including versions of packages affected, stacktrace or traceback, and individual crash reports. If you do not have access to the Ubuntu Error Tracker and are a software developer, you can request it at http://forms.canonical.com/reports/. To manage notifications about this bug go to: https://bugs.launchpad.net/mutter/+bug/1942031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1943277] Re: libxml2 2.9.12+dfsg-3 causes regression
This bug was fixed in the package libxml2 - 2.9.12+dfsg-4
---
libxml2 (2.9.12+dfsg-4) unstable; urgency=medium
* Team upload.
* Add a few patches from upstream:
+ Work around lxml API abuse.
+ Fix regression in xmlNodeDumpOutputInternal. LP: #1943277
+ Fix whitespace when serializing empty HTML documents.
+ Forbid epsilon-reduction of final states.
+ Fix buffering in xmlOutputBufferWrite.
-- Mattia Rizzolo Fri, 10 Sep 2021 22:13:09 +0200
** Changed in: libxml2 (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libxml2 in Ubuntu.
https://bugs.launchpad.net/bugs/1943277
Title:
libxml2 2.9.12+dfsg-3 causes regression
Status in libxml2 package in Ubuntu:
Fix Released
Bug description:
root@i1:~# cat example.xml
fake-name
root@i1:~# cat xml.py
from lxml import etree
def parseXML(xmlFile):
# Parse the xml
with open(xmlFile) as fobj:
xml = fobj.read()
doc = etree.fromstring(xml)
ret = doc.findall('./devices/interface')
node_xml = etree.tostring(ret[0]).decode()
print("node_xml={}".format(node_xml))
if __name__ == "__main__":
parseXML("example.xml")
== Expected result ==
root@i1:~# python3 xml.py
node_xml=
== Actual Result ==
root@i1:~# python3 xml.py
node_xml=
This is broken in 2.9.12+dfsg-3 on impish.
It is not broken in 2.9.10+dfsg-6.3ubuntu0.1 on hirsute.
There are some fixes in master since the 2.9.12 release was cut.
https://gitlab.gnome.org/GNOME/libxml2/-/commits/master
I'm planning to pick all 3 of the following commits from upstream
master since they are all intertwined. With this patches the
regression is fixed.
85b1792e37b131e7a51af98a37f92472e8de5f3f:
Work around lxml API abuse. Make xmlNodeDumpOutput and
htmlNodeDumpFormatOutput work with corrupted parent pointers.
13ad8736d294536da4cbcd70a96b0a2fbf47070c:
Add patch from upstream to fix regression in xmlNodeDumpOutputInternal.
Commit 85b1792e could cause additional whitespace if xmlNodeDump was called
with a non-zero starting level.
92d9ab4c28842a09ca2b76d3ff2f933e01b6cd6f:
Add patch from upstream to fix whitespace when serializing empty HTML
documents.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libxml2/+bug/1943277/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1941799] Re: Please merge openssh 1:8.4p1-6 from Debian unstable
>From the original debdiff, two items catch the eye: +- Cherry-pick seccomp fixes for glibc 2.33 thanks to Dave Jones for + reports on armhf. This is a carried delta so I shouldn't think it creates a new issue, however I note we're now on glibc 2.34 in impish so wonder if there's some additional adjustment required for this fix. + * debian/tests/regress: Don't fail cleanup if haveged isn't running. This is a change to the test that is failing, so seems suspect, however the actual change is just this: - start-stop-daemon --stop --quiet \ + start-stop-daemon --stop --quiet --oknodo \ -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1941799 Title: Please merge openssh 1:8.4p1-6 from Debian unstable Status in openssh package in Ubuntu: In Progress Bug description: This merge is needed because there are changes in Ubuntu that are not present in Debian. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1941799/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1776381] Re: lxc-test-api-reboot will hang with autopkgtest
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1776381 Title: lxc-test-api-reboot will hang with autopkgtest Status in ubuntu-kernel-tests: Confirmed Status in lxc package in Ubuntu: New Bug description: Steps: 1. Deploy Bionic on a bare-metal system. 2. Enable deb-src, install the autopkgtest package 3. sudo autopkgtest lxc -- null Result: * The test will hang, a "reboot" lxc container will be created. The last message on the screen will be: make[1]: Entering directory '/tmp/autopkgtest.JxRLRE/build.bSQ/src' make[1]: Nothing to be done for 'all-am'. make[1]: Leaving directory '/tmp/autopkgtest.JxRLRE/build.bSQ/src' * Tried to connect to the "reboot" container with "sudo lxc-console reboot", but nothing there: Connected to tty 1 Type to exit the console, to enter Ctrl+a itself * If you kill the job and run it again, this time the test will go on (fail with the lxc-test-api-reboot test, as the container has already been created) This issue can be reproduced on an amd64 box and a s390x zKVM. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-kernel-tests/+bug/1776381/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1942031] Re: gnome-shell crashed with SIGSEGV in _XSend() from XQueryExtension() from InitDisplayInfoEntry() from __glXLookupDisplay() from CommonMakeCurrent()
** Tags added: rls-ii-incoming -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libx11 in Ubuntu. https://bugs.launchpad.net/bugs/1942031 Title: gnome-shell crashed with SIGSEGV in _XSend() from XQueryExtension() from InitDisplayInfoEntry() from __glXLookupDisplay() from CommonMakeCurrent() Status in Mutter: Unknown Status in gnome-shell package in Ubuntu: Confirmed Status in libx11 package in Ubuntu: Confirmed Status in mutter package in Ubuntu: Confirmed Bug description: The Ubuntu Error Tracker has been receiving reports about a problem regarding gnome-shell. This problem was most recently seen with package version 40.2-1ubuntu1, the problem page at https://errors.ubuntu.com/problem/11d90a7db51d11df7d99a6ef6e5aa31eb678d273 contains more details, including versions of packages affected, stacktrace or traceback, and individual crash reports. If you do not have access to the Ubuntu Error Tracker and are a software developer, you can request it at http://forms.canonical.com/reports/. To manage notifications about this bug go to: https://bugs.launchpad.net/mutter/+bug/1942031/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1941799] Re: Please merge openssh 1:8.4p1-6 from Debian unstable
This is stuck in -proposed due to some test failures. a. snapd's autopkgtests are failing. I'm not sure why but it's failing against a bunch of stuff, and unlikely to be related to openssh. For this, I think just wait until snapd gets sorted. b. openssh's autopkgtest for armhf fails: https://autopkgtest.ubuntu.com/results/autopkgtest- impish/impish/armhf/o/openssh/20210915_153813_9f0ec@/log.gz 15:37:47.745132692 E: run test sftp-chroot.sh ... 15:37:47.815324958 O: 15:37:47.818687482 O: WARNING: Unsafe (group or world writable) directory permissions found: 15:37:47.821470734 O: /tmp/autopkgtest.BMCGDj /tmp 15:37:47.824349161 O: 15:37:47.828068207 O: These could be abused to locally escalate privileges. If you are 15:37:47.831098208 O: sure that this is not a risk (eg there are no other users), you can 15:37:47.834369382 O: bypass this check by setting TEST_SSH_UNSAFE_PERMISSIONS=1 15:37:47.838832596 O: 15:37:48.389593715 O: test sftp in chroot: get 15:37:49.220480056 O: FATAL: Fetch testdata_openssh-tests.10274 failed 15:37:49.272336819 E: make: *** [Makefile:214: t-exec] Error 1 15:37:49.272732416 O: make: Leaving directory '/tmp/autopkgtest.BMCGDj/autopkgtest_tmp/user/regress' 15:37:49.275848416 O: ==> /tmp/autopkgtest.BMCGDj/autopkgtest_tmp/user/regress/failed-regress.log <== 15:37:49.278666043 O: trace: test sftp in chroot: get 15:37:49.279119015 E: tail: error writing 'standard output': Resource temporarily unavailable 15:37:49.281732694 O: Connection closed 15:37:49.284391098 O: Connection closed. 15:37:49.287049577 O: FATAL: Fetch testdata_openssh-tests.10274 failed 15:37:49.289863204 O: 15:37:49.292443584 O: trace: test sftp in chroot: get 15:37:49.295060163 O: Connection closed 15:37:49.297757192 O: Connection closed. 15:37:49.300477945 O: FATAL: Fetch testdata_openssh-tests.10274 failed 15:37:49.303095599 O: FAIL: Fetch testdata_openssh-tests.10274 failed 15:37:49.308296783 O: ==> /tmp/autopkgtest.BMCGDj/autopkgtest_tmp/user/regress/failed-ssh.log <== ... 15:37:51.474372804 O: debug3: channel 0: status: The following connections are open: 15:37:51.477102508 O: #0 server-session (t4 r0 i3/0 o3/0 e[closed]/0 fd -1/-1/-1 sock -1 cc -1) 15:37:51.479741212 O: 15:37:51.482360441 O: debug3: receive packet: type 1 15:37:51.485060819 O: Received disconnect from 127.0.0.1 port 51114:11: disconnected by user 15:37:51.487996046 O: Disconnected from user openssh-tests 127.0.0.1 port 51114 15:37:51.490691200 O: debug1: do_cleanup 15:37:51.493366103 O: debug1: temporarily_use_uid: 1001/1001 (e=1001/1001) 15:37:51.501159391 O: debug1: restore_uid: (unprivileged) 15:37:51.503932169 O: debug3: mm_request_receive entering 15:37:51.506765122 O: debug1: do_cleanup 15:37:51.509590624 O: debug1: temporarily_use_uid: 1001/1001 (e=0/0) 15:37:51.512431677 O: debug1: restore_uid: 0/0 15:37:51.515012731 O: debug1: audit_event: unhandled event 12 15:37:51.517875458 O: debug1: main_sigchld_handler: Child exited 15:37:51.520917709 O: FATAL: Fetch testdata_openssh-tests.10274 failed 15:37:51.523740937 O: -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1941799 Title: Please merge openssh 1:8.4p1-6 from Debian unstable Status in openssh package in Ubuntu: In Progress Bug description: This merge is needed because there are changes in Ubuntu that are not present in Debian. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1941799/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1941799] Re: Please merge openssh 1:8.4p1-6 from Debian unstable
** Tags added: update-excuse -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1941799 Title: Please merge openssh 1:8.4p1-6 from Debian unstable Status in openssh package in Ubuntu: In Progress Bug description: This merge is needed because there are changes in Ubuntu that are not present in Debian. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1941799/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1928989] Re: expiring trust anchor compatibility issue
@xnox I'm working on an update for Debian Jessie (1.0.1t) as part of Debian ELTS. I got one test suite failure in 'verify_extra_test' that I fixed by partially reverting https://github.com/openssl/openssl/commit/cb22d2ae5a5b6069dbf66dbcce07223ac15a16de (hence aligning the test with later OpenSSL versions). Attached is my current debdiff, I'm open to exchanging code reviews :) ** Attachment added: "debdiff.txt" https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1928989/+attachment/5525428/+files/debdiff.txt -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1928989 Title: expiring trust anchor compatibility issue Status in openssl package in Ubuntu: Fix Released Status in openssl source package in Trusty: Confirmed Status in openssl source package in Xenial: Fix Released Bug description: [Impact] * openssl fails to talk to letsencrypt website past September 2021, despite trusting the letsencrypt root certificate. [Test Plan] * Import staging cert equivalent to ISRG Root X1 https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem * Import expired staging cert equivalen tto DST Root CA X3 https://letsencrypt.org/certs/staging/letsencrypt-stg-root-dst.pem * Test connectivity to the expired-root-ca test website https://expired-root-ca-test.germancoding.com setup: apt install openssl ca-certificates wget wget https://letsencrypt.org/certs/staging/letsencrypt-stg-root-x1.pem wget https://letsencrypt.org/certs/staging/letsencrypt-stg-root-dst.pem cat letsencrypt-stg-root-x1.pem letsencrypt-stg-root-dst.pem >> ca.pem test case: openssl s_client -connect expired-root-ca-test.germancoding.com:443 -servername expired-root-ca-test.germancoding.com -verify 1 -verifyCAfile ca.pem bad result: connection failed verify depth is 1 CONNECTED(0003) depth=3 C = US, O = (STAGING) Internet Security Research Group, CN = (STAGING) Doctored Durian Root CA X3 verify error:num=10:certificate has expired notAfter=Jan 30 14:01:15 2021 GMT 140672978626200:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:s3_clnt.c:1264: good result: connection successful verify depth is 1 CONNECTED(0003) depth=2 C = US, O = (STAGING) Internet Security Research Group, CN = (STAGING) Pretend Pear X1 verify return:1 depth=1 C = US, O = (STAGING) Let's Encrypt, CN = (STAGING) Artificial Apricot R3 verify return:1 depth=0 CN = expired-root-ca-test.germancoding.com verify return:1 --- Certificate chain 0 s:/CN=expired-root-ca-test.germancoding.com i:/C=US/O=(STAGING) Let's Encrypt/CN=(STAGING) Artificial Apricot R3 1 s:/C=US/O=(STAGING) Let's Encrypt/CN=(STAGING) Artificial Apricot R3 i:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Pretend Pear X1 2 s:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Pretend Pear X1 i:/C=US/O=(STAGING) Internet Security Research Group/CN=(STAGING) Doctored Durian Root CA X3 --- Server certificate -BEGIN CERTIFICATE- Connection should be successful and trusted with correctly working openssl s_client that can manage to ignore expired CA, and build a valid trust path using non-expired CA in the chain. [Testcase #2] $ sudo apt install ca-certificates wget faketime # Good connectivity $ wget -O /dev/null https://canonical.com --2021-07-13 11:54:20-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2b, 2001:67c:1360:8001::2c, 91.189.88.181, ... Connecting to canonical.com (canonical.com)|2001:67c:1360:8001::2b|:443... connected. HTTP request sent, awaiting response... 200 OK Length: 30933 (30K) [text/html] Saving to: '/dev/null' /dev/null 100%[>] 30.21K --.-KB/sin 0.001s 2021-07-13 11:54:20 (22.3 MB/s) - '/dev/null' saved [30933/30933] # Jump to october to experience failure $ faketime '2021-10-01' wget -O /dev/null https://canonical.com --2021-10-01 00:00:00-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2b, 2001:67c:1360:8001::2c, 91.189.88.181, ... Connecting to canonical.com (canonical.com)|2001:67c:1360:8001::2b|:443... connected. ERROR: cannot verify canonical.com's certificate, issued by 'CN=R3,O=Let\'s Encrypt,C=US': Issued certificate has expired. To connect to canonical.com insecurely, use `--no-check-certificate'. # upgrade to new openssl, to see that connectivity is restored, even in october $ dpkg-query -W libssl1.0.0 libssl1.0.0:amd64 1.0.2g-1ubuntu4.20 $ faketime '2021-10-01' wget -O /dev/null https://canonical.com --2021-10-01 00:00:00-- https://canonical.com/ Resolving canonical.com (canonical.com)... 2001:67c:1360:8001::2c, 2001:67c:1360:8001::2b, 91.18
[Touch-packages] [Bug 1941799] Re: Please merge openssh 1:8.4p1-6 from Debian unstable
** Tags removed: server-next -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1941799 Title: Please merge openssh 1:8.4p1-6 from Debian unstable Status in openssh package in Ubuntu: In Progress Bug description: This merge is needed because there are changes in Ubuntu that are not present in Debian. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1941799/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1778073] Re: dnsmasq and resolvconf hangs on start
Hi, I had another look at this one and Ciaby's analysis looks correct to me, however I want to setup a full reproducer before attempting a fix. I assigned the bug to myself. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1778073 Title: dnsmasq and resolvconf hangs on start Status in dnsmasq package in Ubuntu: Incomplete Status in dnsmasq package in Debian: New Bug description: I installed today dnsmasq and I use resolvconf in background. Problem is, that systemd takes 1 minute or so after service start and than reports: root@proxy:~# service dnsmasq status dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled) Drop-In: /run/systemd/generator/dnsmasq.service.d 50-dnsmasq-$named.conf, 50-insserv.conf-$named.conf Active: failed (Result: timeout) since Do 2018-06-21 15:58:13 CEST; 2min 10s ago Process: 3295 ExecStop=/etc/init.d/dnsmasq systemd-stop-resolvconf (code=killed, signal=TERM) Process: 3865 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=killed, signal=TERM) Process: 3837 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS) Process: 3825 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS) Main PID: 3862 (code=exited, status=0/SUCCESS) Jun 21 15:56:43 proxy dnsmasq[3862]: Benutze Namensserver 192.168.23.1#53 Jun 21 15:56:43 proxy dnsmasq[3865]: * Awakening mail retriever agent: Jun 21 15:56:43 proxy dnsmasq[3865]:...done. Jun 21 15:56:43 proxy postfix[3951]: Postfix is running with backwards-compatible default settings Jun 21 15:56:43 proxy postfix[3951]: See http://www.postfix.org/COMPATIBILITY_README.html for details Jun 21 15:56:43 proxy postfix[3951]: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload" Jun 21 15:58:13 proxy systemd[1]: dnsmasq.service: Start-post operation timed out. Stopping. Jun 21 15:58:13 proxy systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server. Jun 21 15:58:13 proxy systemd[1]: dnsmasq.service: Unit entered failed state. Jun 21 15:58:13 proxy systemd[1]: dnsmasq.service: Failed with result 'timeout'. when I look into the start script /etc/init.d/dnsmasq there is a func systemd-start-resolvconf which points to start-resolvconf. There is this part: for interface in $DNSMASQ_EXCEPT do [ $interface = lo ] && return done Before I had not defined DNSMASQ_EXCEPT in /etc/defaults/dnsmasq. Problem is, that this part MUST be faulty! When I commend it out, I can start dnsmasq! It looks like it loops forever there?! Also if I define DNSMASQ_EXCEPT to my listen interface, it works - but is is really needed? I found a other user which had the same problem: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871958 ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: dnsmasq 2.75-1ubuntu0.16.04.4 [modified: etc/default/dnsmasq] ProcVersionSignature: Ubuntu 4.15.0-23.25~16.04.1-generic 4.15.18 Uname: Linux 4.15.0-23-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.18 Architecture: amd64 Date: Thu Jun 21 16:12:14 2018 InstallationDate: Installed on 2017-02-27 (479 days ago) InstallationMedia: Ubuntu-Server 16.04.2 LTS "Xenial Xerus" - Release amd64 (20170215.8) PackageArchitecture: all ProcEnviron: TERM=xterm SHELL=/bin/bash PATH=(custom, no user) LANG=de_DE.UTF-8 SourcePackage: dnsmasq UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.default.dnsmasq: 2018-06-21T16:07:24.818774 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1778073/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1778073] Re: dnsmasq and resolvconf hangs on start
** Changed in: dnsmasq (Ubuntu) Assignee: (unassigned) => Paride Legovini (paride) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/1778073 Title: dnsmasq and resolvconf hangs on start Status in dnsmasq package in Ubuntu: Incomplete Status in dnsmasq package in Debian: New Bug description: I installed today dnsmasq and I use resolvconf in background. Problem is, that systemd takes 1 minute or so after service start and than reports: root@proxy:~# service dnsmasq status dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled) Drop-In: /run/systemd/generator/dnsmasq.service.d 50-dnsmasq-$named.conf, 50-insserv.conf-$named.conf Active: failed (Result: timeout) since Do 2018-06-21 15:58:13 CEST; 2min 10s ago Process: 3295 ExecStop=/etc/init.d/dnsmasq systemd-stop-resolvconf (code=killed, signal=TERM) Process: 3865 ExecStartPost=/etc/init.d/dnsmasq systemd-start-resolvconf (code=killed, signal=TERM) Process: 3837 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=0/SUCCESS) Process: 3825 ExecStartPre=/usr/sbin/dnsmasq --test (code=exited, status=0/SUCCESS) Main PID: 3862 (code=exited, status=0/SUCCESS) Jun 21 15:56:43 proxy dnsmasq[3862]: Benutze Namensserver 192.168.23.1#53 Jun 21 15:56:43 proxy dnsmasq[3865]: * Awakening mail retriever agent: Jun 21 15:56:43 proxy dnsmasq[3865]:...done. Jun 21 15:56:43 proxy postfix[3951]: Postfix is running with backwards-compatible default settings Jun 21 15:56:43 proxy postfix[3951]: See http://www.postfix.org/COMPATIBILITY_README.html for details Jun 21 15:56:43 proxy postfix[3951]: To disable backwards compatibility use "postconf compatibility_level=2" and "postfix reload" Jun 21 15:58:13 proxy systemd[1]: dnsmasq.service: Start-post operation timed out. Stopping. Jun 21 15:58:13 proxy systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server. Jun 21 15:58:13 proxy systemd[1]: dnsmasq.service: Unit entered failed state. Jun 21 15:58:13 proxy systemd[1]: dnsmasq.service: Failed with result 'timeout'. when I look into the start script /etc/init.d/dnsmasq there is a func systemd-start-resolvconf which points to start-resolvconf. There is this part: for interface in $DNSMASQ_EXCEPT do [ $interface = lo ] && return done Before I had not defined DNSMASQ_EXCEPT in /etc/defaults/dnsmasq. Problem is, that this part MUST be faulty! When I commend it out, I can start dnsmasq! It looks like it loops forever there?! Also if I define DNSMASQ_EXCEPT to my listen interface, it works - but is is really needed? I found a other user which had the same problem: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871958 ProblemType: Bug DistroRelease: Ubuntu 16.04 Package: dnsmasq 2.75-1ubuntu0.16.04.4 [modified: etc/default/dnsmasq] ProcVersionSignature: Ubuntu 4.15.0-23.25~16.04.1-generic 4.15.18 Uname: Linux 4.15.0-23-generic x86_64 ApportVersion: 2.20.1-0ubuntu2.18 Architecture: amd64 Date: Thu Jun 21 16:12:14 2018 InstallationDate: Installed on 2017-02-27 (479 days ago) InstallationMedia: Ubuntu-Server 16.04.2 LTS "Xenial Xerus" - Release amd64 (20170215.8) PackageArchitecture: all ProcEnviron: TERM=xterm SHELL=/bin/bash PATH=(custom, no user) LANG=de_DE.UTF-8 SourcePackage: dnsmasq UpgradeStatus: No upgrade log present (probably fresh install) mtime.conffile..etc.default.dnsmasq: 2018-06-21T16:07:24.818774 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1778073/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1916485] Re: test -x fails inside shell scripts in containers
** Changed in: docker.io (Ubuntu) Status: New => Invalid ** Tags removed: server-next -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1916485 Title: test -x fails inside shell scripts in containers Status in Ubuntu on IBM z Systems: New Status in docker.io package in Ubuntu: Invalid Status in glibc package in Ubuntu: Opinion Status in libseccomp package in Ubuntu: Fix Committed Status in runc package in Ubuntu: Fix Released Status in systemd package in Ubuntu: Fix Released Status in docker.io source package in Xenial: New Status in libseccomp source package in Xenial: New Status in runc source package in Xenial: New Status in systemd source package in Xenial: Invalid Status in docker.io source package in Bionic: New Status in libseccomp source package in Bionic: New Status in runc source package in Bionic: Fix Released Status in systemd source package in Bionic: Fix Released Status in docker.io source package in Focal: New Status in libseccomp source package in Focal: New Status in runc source package in Focal: Fix Released Status in systemd source package in Focal: Fix Released Status in docker.io source package in Groovy: Won't Fix Status in libseccomp source package in Groovy: Won't Fix Status in runc source package in Groovy: Fix Released Status in systemd source package in Groovy: Fix Released Status in docker.io source package in Hirsute: New Status in libseccomp source package in Hirsute: Fix Committed Status in runc source package in Hirsute: Fix Released Status in systemd source package in Hirsute: Fix Released Status in systemd package in Debian: Fix Released Bug description: (SRU template for systemd) [impact] bash (and some other shells) builtin test command -x operation fails [test case] on any affected host system, start nspawn container, e.g.: $ sudo apt install systemd-container $ wget https://cloud-images.ubuntu.com/hirsute/current/hirsute-server-cloudimg-amd64-root.tar.xz $ mkdir h $ cd h $ sudo tar xvf ../hirsute-server-cloudimg-amd64-root.tar.xz $ sudo systemd-nspawn Then from a bash shell, verify if test -x works: root@h:~# ls -l /usr/bin/gpg -rwxr-xr-x 1 1000 1000 1083472 Jan 16 09:53 /usr/bin/gpg root@h:~# test -x /usr/bin/gpg || echo "fail" fail [regression potential] any regression would likely occur during a syscall, most likely faccessat2(), or during other syscalls. [scope] this is needed for b/f this is fixed upstream by commit bcf08acbffdee0d6360d3c31d268e73d0623e5dc which is in 247 and later, so this is fixed in h this was pulled into Debian at version 246.2 in commit e80c5e5371ab77792bae94e0f8c5e85a4237e6eb, so this is fixed in g in x, the entire systemd seccomp code is completely different and the patch doesn't apply, nor does it appear to be needed, as the problem doesn't reproduce in a h container under x. [other info] this needs fixing in libseccomp as well [original description] glibc regression causes test -x to fail inside scripts inside docker/podman, dash and bash are broken, mksh and zsh are fine: root@0df2ce5d7a46:/# test -x /usr/bin/gpg || echo Fail root@0df2ce5d7a46:/# dash -c "test -x /usr/bin/gpg || echo Fail" Fail root@0df2ce5d7a46:/# bash -c "test -x /usr/bin/gpg || echo Fail" Fail root@0df2ce5d7a46:/# mksh -c "test -x /usr/bin/gpg || echo Fail" root@0df2ce5d7a46:/# zsh -c "test -x /usr/bin/gpg || echo Fail" root@0df2ce5d7a46:/# root@0df2ce5d7a46:/# zsh -c "[ -x /usr/bin/gpg ] || echo Fail" root@0df2ce5d7a46:/# mksh -c "[ -x /usr/bin/gpg ] || echo Fail" root@0df2ce5d7a46:/# dash -c "[ -x /usr/bin/gpg ] || echo Fail" Fail root@0df2ce5d7a46:/# bash -c "[ -x /usr/bin/gpg ] || echo Fail" Fail The -f flag works, as does /usr/bin/test: # bash -c "test -f /usr/bin/gpg || echo Fail" # bash -c "/usr/bin/test -x /usr/bin/gpg || echo Fail" # [Original bug report] root@84b750e443f8:/# lsb_release -rd Description: Ubuntu Hirsute Hippo (development branch) Release: 21.04 root@84b750e443f8:/# dpkg -l gnupg apt Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-==-===--== ii apt2.1.20 amd64commandline package manager ii gnupg 2.2.20-1ubuntu2 all GNU privacy guard - a free PGP replacement Hi, for 3 days our CI pipelines to recreate Docker images fails for the Hirsute images. From comparison this seems to be caused by apt 2.1.20. The build fails with: 0E: gnupg, gnupg2 and unupg1 do not seem to be installed
[Touch-packages] [Bug 1938259] Re: Add ACCEL_LOCATION=base property for Dell clamshell models
this was marked fix-released for f/h just due to the tooling matching the bug number; this was actually reverted as shown in the changelogs posted in the above comments. I'll just correct f/h to indicate this is wontfix, and a new bug will or has been opened to fix this correctly. ** Changed in: systemd (Ubuntu Hirsute) Status: Fix Released => Won't Fix ** Changed in: systemd (Ubuntu Focal) Status: Fix Released => Won't Fix -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1938259 Title: Add ACCEL_LOCATION=base property for Dell clamshell models Status in OEM Priority Project: Won't Fix Status in systemd package in Ubuntu: Won't Fix Status in systemd source package in Focal: Won't Fix Status in systemd source package in Hirsute: Won't Fix Status in systemd source package in Impish: Won't Fix Bug description: We are planning to do SRU to systemd in focal, to avoid unwanted screen rotations on some Dell laptop models. [Impact] * This fixes unwanted rotations on certain Dell clamshell laptop models with accelerometer. [Test Plan] * On Dell laptops with model SKU 0A3E or 0E0E, install this package and kernel 5.13, or kernel with this patch backported: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e26f023e01ef26b4138bc1099af309bdc4523d23 * Rotate the laptop and the display should not be rotated. [Where problems could occur] * This is to add parameters for certain models in hwdb, and does not affect any other part of systemd. * This fix would only take effect with kernel 5.13 or the above patch backported. [scope] this is needed for all releases this is being fixed upstream by https://github.com/systemd/systemd/pull/20314 [Other info] * The patch mentioned above is going to have a separated SRU for linux-oem-5.10 and linux-hwe-5.11 (LP: #1938143) To manage notifications about this bug go to: https://bugs.launchpad.net/oem-priority/+bug/1938259/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1943441] Re: lxc: lxc-test-parse-config-file failure
Also observed with impish linux-aws 5.13.0-1000.1 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1943441 Title: lxc: lxc-test-parse-config-file failure Status in lxc package in Ubuntu: In Progress Bug description: I'm getting the following error with the lxc kernel autotest on impish: 08:46:04 DEBUG| parse_config_file.c: 60: set_get_compare_clear_save_load: expected value "system_u:system_r:lxc_t:s0:c22" and retrieved value "" for config key "lxc.selinux.context" do not match 08:46:04 DEBUG| 08:46:04 DEBUG| parse_config_file.c: 382: main: lxc.selinux.context 08:46:06 INFO | ERRORubuntu_lxc.lxc-test-parse-config-file ubuntu_lxc.lxc-test-parse-config-filetimestamp=1631090766localtime=Sep 08 08:46:06Command failed, rc=1, Command returned non-zero exit status * Command: /tmp/lxc-pkg-ubuntu/src/tests/lxc-test-parse-config-file Exit status: 1 Duration: 0.0550210475922 stderr: parse_config_file.c: 60: set_get_compare_clear_save_load: expected value "system_u:system_r:lxc_t:s0:c22" and retrieved value "" for config key "lxc.selinux.context" do not match parse_config_file.c: 382: main: lxc.selinux.context I haven't investigated very much, but it looks like a (mis)configuration change / issue. Does it ring any bell? Otherwise I'll investigate more. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1943441/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1939455] Re: Upgrading from 20.0.4-2ubuntu1 to 21.0.3-0ubuntu0.2~20.04.1 breaks vlc video output
So, I upgraded from 20.04 to 21.04 to answer that question. And no, it doesn't work in 21.04 hirsute either. And now, since the last known working version 20.0.4-2ubuntu1 is not in hirsute repos I can't downgrade to a working state. :/ ``` $ apt policy mesa-vdpau-drivers mesa-vdpau-drivers: Installed: 21.0.3-0ubuntu0.3 Candidate: 21.0.3-0ubuntu0.3 Version table: *** 21.0.3-0ubuntu0.3 500 500 http://archive.ubuntu.com/ubuntu hirsute-updates/main amd64 Packages 100 /var/lib/dpkg/status 21.0.1-2 500 500 http://archive.ubuntu.com/ubuntu hirsute/main amd64 Packages $ ``` This is the o/p I get: ``` VLC media player 3.0.12 Vetinari (revision 3.0.12-1-0-gd147bb5e7e) [55d36139f5b0] main libvlc: Running vlc with the default interface. Use 'cvlc' to use vlc without interface. Icon theme "elementary" not found. [7fe1700038f0] gl gl: Initialized libplacebo v2.72.0 (API v72) libva info: VA-API version 1.10.0 libva info: Trying to open /usr/lib/x86_64-linux-gnu/dri/radeonsi_drv_video.so libva info: Found init function __vaDriverInit_1_10 libva info: va_openDriver() returns 0 mesa: for the --simplifycfg-sink-common option: may only occur zero or one times! mesa: for the --global-isel-abort option: may only occur zero or one times! mesa: for the --amdgpu-atomic-optimizations option: may only occur zero or one times! mesa: for the --structurizecfg-skip-uniform-regions option: may only occur zero or one times! [7fe1700038f0] glconv_vaapi_x11 gl error: vaCreateSurfaces: resource allocation failed [7fe1740477d0] main video output error: video output creation failed [7fe1f655eae0] main decoder error: failed to create video output [7fe1708d14f0] gl gl: Initialized libplacebo v2.72.0 (API v72) [7fe1f655eae0] avcodec decoder: Using G3DVL VDPAU Driver Shared Library version 1.0 for hardware decoding [h264 @ 0x7fe1f656d100] hardware accelerator failed to decode picture [h264 @ 0x7fe1f65546c0] hardware accelerator failed to decode picture [h264 @ 0x7fe1f655ca40] hardware accelerator failed to decode picture [h264 @ 0x7fe1f65efb80] hardware accelerator failed to decode picture ... ``` -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to mesa in Ubuntu. https://bugs.launchpad.net/bugs/1939455 Title: Upgrading from 20.0.4-2ubuntu1 to 21.0.3-0ubuntu0.2~20.04.1 breaks vlc video output Status in mesa package in Ubuntu: Incomplete Bug description: Hello! As reported here https://bugs.launchpad.net/ubuntu/+source/vlc/+bug/1939447 upgrading mesa-vdpau-drivers package from 20.0.4-2ubuntu1 to 21.0.3-0ubuntu0.2~20.04.1 breaks vlc video hardware acceleration. Thanks! ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: mesa-vdpau-drivers 21.0.3-0ubuntu0.2~20.04.1 ProcVersionSignature: Ubuntu 5.4.0-80.90-generic 5.4.124 Uname: Linux 5.4.0-80-generic x86_64 ApportVersion: 2.20.11-0ubuntu27.18 Architecture: amd64 BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log' CasperMD5CheckResult: skip CompositorRunning: None CurrentDesktop: XFCE Date: Wed Aug 11 02:21:08 2021 DistUpgraded: Fresh install DistroCodename: focal DistroVariant: ubuntu ExtraDebuggingInterest: Yes GraphicsCard: Advanced Micro Devices, Inc. [AMD/ATI] Mullins [Radeon R4/R5 Graphics] [1002:9851] (rev 40) (prog-if 00 [VGA controller]) Subsystem: Hewlett-Packard Company Mullins [Radeon R4/R5 Graphics] [103c:81e5] MachineType: HP HP 245 G5 Notebook PC ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.4.0-80-generic root=UUID=e8820090-c9e5-4245-bcb4-92818bd91e34 ro quiet splash vt.handoff=7 SourcePackage: mesa UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 04/21/2016 dmi.bios.vendor: Insyde dmi.bios.version: F.08 dmi.board.asset.tag: Base Board Asset Tag dmi.board.name: 81E5 dmi.board.vendor: HP dmi.board.version: KBC Version 73.14 dmi.chassis.asset.tag: Chassis Asset Tag dmi.chassis.type: 10 dmi.chassis.vendor: HP dmi.chassis.version: Chassis Version dmi.modalias: dmi:bvnInsyde:bvrF.08:bd04/21/2016:svnHP:pnHP245G5NotebookPC:pvrType1ProductConfigId:rvnHP:rn81E5:rvrKBCVersion73.14:cvnHP:ct10:cvrChassisVersion: dmi.product.family: 103C_5336AN G=N L=SMB B=HP S=245 dmi.product.name: HP 245 G5 Notebook PC dmi.product.sku: Y9Q66PC#ACJ dmi.product.version: Type1ProductConfigId dmi.sys.vendor: HP modified.conffile..etc.default.apport: # set this to 0 to disable apport, or to 1 to enable it # you can temporarily override this with # sudo service apport start force_start=1 enabled=0 mtime.conffile..etc.default.apport: 2020-08-12T15:11:08.785042 version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.105-3~20.04.1 version.libgl1-mesa-dri: libgl1-mesa-dri 21.0.3-0ubuntu0.2~20.04.1 version.libgl1-mesa-glx: libgl1-mesa-glx N/A version.xserver-xorg-core: xserver-xorg-core 2:1.20.11-1ubuntu
[Touch-packages] [Bug 1938144] Re: monitor_read: unpermitted request 48 on server while attempting GSSAPI key exchange
Thanks for building the packages for focal. I can confirm that this fixes the problem for me! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/1938144 Title: monitor_read: unpermitted request 48 on server while attempting GSSAPI key exchange Status in portable OpenSSH: Unknown Status in openssh package in Ubuntu: Triaged Bug description: I'm using openssh 1:8.2p1-4ubuntu0.2 on Ubuntu 20.04.2 LTS (client and server) with the option "GSSAPIKeyExchange=yes", and this causes the connection to fail. The server has GSSAPI (Kerberos authentication) enabled, but is is only used for non-root users (root uses SSH keys). Client command: ssh -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex root@server -v -p -o GSSAPIKeyExchange=yes Client log: OpenSSH_8.2p1 Ubuntu-4ubuntu0.2, OpenSSL 1.1.1f 31 Mar 2020 debug1: Reading configuration data /home/user/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files debug1: /etc/ssh/ssh_config line 21: Applying options for * debug1: Connecting to compute-test [130.75.80.46] port . debug1: Connection established. debug1: identity file /home/rother/.ssh/id_rsa type 0 debug1: identity file /home/rother/.ssh/id_rsa-cert type -1 debug1: identity file /home/rother/.ssh/id_dsa type -1 debug1: identity file /home/rother/.ssh/id_dsa-cert type -1 debug1: identity file /home/rother/.ssh/id_ecdsa type -1 debug1: identity file /home/rother/.ssh/id_ecdsa-cert type -1 debug1: identity file /home/rother/.ssh/id_ecdsa_sk type -1 debug1: identity file /home/rother/.ssh/id_ecdsa_sk-cert type -1 debug1: identity file /home/rother/.ssh/id_ed25519 type -1 debug1: identity file /home/rother/.ssh/id_ed25519-cert type -1 debug1: identity file /home/rother/.ssh/id_ed25519_sk type -1 debug1: identity file /home/rother/.ssh/id_ed25519_sk-cert type -1 debug1: identity file /home/rother/.ssh/id_xmss type -1 debug1: identity file /home/rother/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.2 debug1: Remote protocol version 2.0, remote software version OpenSSH_8.2p1 Ubuntu-4ubuntu0.2 debug1: match: OpenSSH_8.2p1 Ubuntu-4ubuntu0.2 pat OpenSSH* compat 0x0400 debug1: Authenticating to server: as 'root' debug1: Offering GSSAPI proposal: gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group14-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-gex-sha1-eipGX3TCiQSrx573bT1o1Q==,gss-group14-sha1-eipGX3TCiQSrx573bT1o1Q== debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: gss-gex-sha1-toWM5Slw5Ew8Mqkay+al2g== debug1: kex: host key algorithm: ecdsa-sha2-nistp256 debug1: kex: server->client cipher: chacha20-poly1...@openssh.com MAC: compression: none debug1: kex: client->server cipher: chacha20-poly1...@openssh.com MAC: compression: none debug1: Doing group exchange debug1: Calling gss_init_sec_context debug1: Delegating credentials debug1: Received GSSAPI_COMPLETE debug1: Calling gss_init_sec_context debug1: Delegating credentials debug1: Rekey has happened - updating saved versions debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 134217728 blocks debug1: Will attempt key: /home/rother/.ssh/id_rsa RSA SHA256:n/EY/cGjgd/r+7JpuqODxIotHHLsYptGXYx9GlKCWSM agent debug1: Will attempt key: /home/rother/.ssh/root_id_rsa RSA SHA256:yCLAID9FMILharHmDpCB8wW8eiA+iHa4oQKLODbbzKw agent debug1: Will attempt key: /home/user/.ssh/id_dsa debug1: Will attempt key: /home/user/.ssh/id_ecdsa debug1: Will attempt key: /home/user/.ssh/id_ecdsa_sk debug1: Will attempt key: /home/user/.ssh/id_ed25519 debug1: Will attempt key: /home/user/.ssh/id_ed25519_sk debug1: Will attempt key: /home/user/.ssh/id_xmss debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs= debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: gssapi-with-mic debug1: Delegating credentials debug1: Delegating credentials debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password debug1: Next authentication method: gssapi-keyex Connection closed by 1.2.3.4 port Server log: debug1: sshd version OpenSSH_8.2, OpenSSL 1.1.1f 31 Mar 2020 debug1: private host key #0: ssh-rsa SHA256:REDACTED debug1: private host key #1: ecdsa-sha2-nistp256 SHA256:REDACTED debug1: private host key #2: ssh-ed25519 SHA256:REDACTED debug1: rexec
[Touch-packages] [Bug 1850667] Re: Switch to "unified" cgroup hierarchy (cgroupv2)
** Changed in: snapd Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1850667 Title: Switch to "unified" cgroup hierarchy (cgroupv2) Status in lxc: Fix Released Status in lxd: Fix Released Status in snapd: Fix Committed Status in docker.io package in Ubuntu: Fix Released Status in lxc package in Ubuntu: Fix Released Status in snapd package in Ubuntu: In Progress Status in systemd package in Ubuntu: Confirmed Status in lxc package in Debian: Fix Released Status in systemd package in Debian: Fix Released Bug description: Systemd upstream switched the default cgroup hierarchy to unified with v243. This change is reverted by the Ubuntu systemd packages, but as unified is the way to go per upstream support should be added to all relevant Ubuntu packges (and snaps): https://github.com/systemd/systemd/blob/v243/NEWS#L56 * systemd now defaults to the "unified" cgroup hierarchy setup during build-time, i.e. -Ddefault-hierarchy=unified is now the build-time default. Previously, -Ddefault-hierarchy=hybrid was the default. This change reflects the fact that cgroupsv2 support has matured substantially in both systemd and in the kernel, and is clearly the way forward. Downstream production distributions might want to continue to use -Ddefault-hierarchy=hybrid (or even =legacy) for their builds as unfortunately the popular container managers have not caught up with the kernel API changes. Systemd is rebuilt using the new default and is available from the following PPA for testing: https://launchpad.net/~rbalint/+archive/ubuntu/systemd-unified-cgh The autopkgtest results against other packges are available here: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest- eoan-rbalint-systemd-unified-cgh/?format=plain https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest- focal-rbalint-systemd-unified-cgh/?format=plain lxc autopkgtest failing: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest- eoan-rbalint-systemd-unified- cgh/eoan/amd64/d/docker.io/20191030_155944_2331e@/log.gz snapd autopkgtest failing: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest- eoan-rbalint-systemd-unified- cgh/eoan/amd64/s/snapd/20191030_161354_94b26@/log.gz docker.io autopkgtest failing: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest- eoan-rbalint-systemd-unified- cgh/eoan/amd64/d/docker.io/20191030_155944_2331e@/log.gz To manage notifications about this bug go to: https://bugs.launchpad.net/lxc/+bug/1850667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1943704] Re: lxc fails autopkgtests on (pure) cgroups v2 enabled system
** Attachment added: "lxc-vs-old-systemd.log"
https://bugs.launchpad.net/ubuntu/+source/lxc/+bug/1943704/+attachment/5525407/+files/lxc-vs-old-systemd.log
** Description changed:
lxc fails 4 autopkgtests if ran on a cgroups v2 enabled systemd
(248.3-1ubuntu7) using a pure unified hierarchy (in favor of the hybrid
hierarchy used before).
https://autopkgtest.ubuntu.com/packages/lxc
FAIL: lxc-tests: lxc-test-apparmor-mount (0s)
FAIL: lxc-tests: lxc-test-autostart (360s)
FAIL: lxc-tests: lxc-test-no-new-privs (361s)
FAIL: lxc-tests: lxc-test-unpriv (0s)
I needed to skip the "lxc-test-exit-code" test to avoid my local autopkgtest
to hang but that seems to be working on the Ubuntu infrastructure, so its
probably related to my local environment:
diff --git a/debian/tests/exercise b/debian/tests/exercise
index 4a22f33..70231ee 100755
--- a/debian/tests/exercise
+++ b/debian/tests/exercise
@@ -88,6 +88,10 @@ for testbin in lxc-test-*; do
- echo "${testbin}" | grep -qv "\.in$" || continue
- STRING="lxc-tests: $testbin"
-
+ echo "${testbin}" | grep -qv "\.in$" || continue
+ STRING="lxc-tests: $testbin"
+
+# Skip some tests because for testing
+[ "$testbin" = "lxc-test-exit-code" ] && \
+ignore "$STRING" && continue
+
- # Some tests can't be run standalone
- [ "$testbin" = "lxc-test-may-control" ] && continue
-
+ # Some tests can't be run standalone
+ [ "$testbin" = "lxc-test-may-control" ] && continue
- Reproducer:
+ Reproducer (while being connected to the Canonical VPN, or setup another
squid proxy):
$ autopkgtest-buildvm-ubuntu-cloud -v -r impish
$ autopkgtest lxc -s -U --apt-pocket=proposed=src:systemd --env
"http_proxy=http://squid.internal:3128"; --env
"https_proxy=http://squid.internal:3128"; --env
"no_proxy=127.0.0.1,127.0.1.1,localhost,localdomain,novalocal,internal,archive.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpad.net,10.24.0.0/24"
-- qemu autopkgtest-impish-amd64.img
I used "../lxc_4.0.10-0ubuntu4+wip0_amd64.changes" instead of the "lxc"
SRCPKG name, to use a custom package, skipping the additional "lxc-test-
exit-code" test.
+
+ Interestingly, the same set of tests fails if I run the test using the
+ old (non cgroups v2) systemd (248.3-1ubuntu3), i.e. by leaving out the "
+ --apt-pocket=proposed=src:systemd" parameter. Although, they fail in a
+ slightly different way (see attached lxc-vs-old-systemd.log). Running a
+ baseline test using the old systemd passed on the Ubuntu infrastructure.
+ – I cannot really explain this infra-baseline vs local-autopkgtest
+ difference... But it doesn't matter too much either, as we need to fix
+ the situation for the new (cgroupv2) enabled systemd.
Logs (full logs attached):
FAIL: lxc-tests: lxc-test-apparmor-mount (0s)
---
/usr/sbin/deluser: The user `lxcunpriv' does not exist.
./lxc-test-apparmor-mount: 152: cannot create
/sys/fs/cgroup/-.mount/lxctest/tasks: Permission denied
lxc-destroy: tmp.6hX6BylHCU: tools/lxc_destroy.c: main: 242 Container is not
defined
umount: /sys/kernel/security/apparmor/features/mount: not mounted.
sed: can't read /run/lxc/nics: No such file or directory
---
=> "./lxc-test-apparmor-mount: 152: cannot create
/sys/fs/cgroup/-.mount/lxctest/tasks: Permission denied" seems to be
relevant/related to unified cgroup hierarchy here.
=> fails in a different way with old (non cgroup v2) systemd, locally
-
FAIL: lxc-tests: lxc-test-autostart (21s)
---
Setting up the GPG keyring
Downloading the image index
ERROR: Failed to download
http://images.linuxcontainers.org//meta/1.0/index-system
lxc-create: lxc-test-auto: lxccontainer.c: create_run_template: 1621 Failed
to create container from template
lxc-create: lxc-test-auto: tools/lxc_create.c: main: 319 Failed to create
container lxc-test-auto
FAIL
---
=> fails in the same way with old (non cgroup v2) systemd, locally.
FAIL: lxc-tests: lxc-test-no-new-privs (22s)
---
+ DONE=0
+ trap cleanup EXIT SIGHUP SIGINT SIGTERM
+ '[' '!' -d /etc/lxc ']'
+ ARCH=i386
+ type dpkg
++ dpkg --print-architecture
+ ARCH=amd64
+ lxc-create -t download -n c1 -- -d ubuntu -r xenial -a amd64
Setting up the GPG keyring
Downloading the image index
ERROR: Failed to download
http://images.linuxcontainers.org//meta/1.0/index-system
lxc-create: c1: lxccontainer.c: create_run_template: 1621 Failed to create
container from template
lxc-create: c1: tools/lxc_create.c: main: 319 Failed to create container c1
+ cleanup
+ cd /
+ lxc-destroy -n c1 -f
lxc-destroy: c1: tools/lxc_destroy.c: main: 242 Container is not defined
+ true
+ '[' 0 -eq 0 ']'
+ echo FAIL
FAIL
+ exit 1
---
=> fails in the same way with old (non cgroup v2) systemd, locally.
FAIL: lxc-tests: lxc-test-unpriv (0s)
---
./lxc-test-unpriv: line 163: /sys/fs/cgroup/-.mount/lxctest/
[Touch-packages] [Bug 1943704] [NEW] lxc fails autopkgtests on (pure) cgroups v2 enabled system
Public bug reported:
lxc fails 4 autopkgtests if ran on a cgroups v2 enabled systemd
(248.3-1ubuntu7) using a pure unified hierarchy (in favor of the hybrid
hierarchy used before).
https://autopkgtest.ubuntu.com/packages/lxc
FAIL: lxc-tests: lxc-test-apparmor-mount (0s)
FAIL: lxc-tests: lxc-test-autostart (360s)
FAIL: lxc-tests: lxc-test-no-new-privs (361s)
FAIL: lxc-tests: lxc-test-unpriv (0s)
I needed to skip the "lxc-test-exit-code" test to avoid my local autopkgtest to
hang but that seems to be working on the Ubuntu infrastructure, so its probably
related to my local environment:
diff --git a/debian/tests/exercise b/debian/tests/exercise
index 4a22f33..70231ee 100755
--- a/debian/tests/exercise
+++ b/debian/tests/exercise
@@ -88,6 +88,10 @@ for testbin in lxc-test-*; do
echo "${testbin}" | grep -qv "\.in$" || continue
STRING="lxc-tests: $testbin"
+# Skip some tests because for testing
+[ "$testbin" = "lxc-test-exit-code" ] && \
+ignore "$STRING" && continue
+
# Some tests can't be run standalone
[ "$testbin" = "lxc-test-may-control" ] && continue
Reproducer (while being connected to the Canonical VPN, or setup another squid
proxy):
$ autopkgtest-buildvm-ubuntu-cloud -v -r impish
$ autopkgtest lxc -s -U --apt-pocket=proposed=src:systemd --env
"http_proxy=http://squid.internal:3128"; --env
"https_proxy=http://squid.internal:3128"; --env
"no_proxy=127.0.0.1,127.0.1.1,localhost,localdomain,novalocal,internal,archive.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpad.net,10.24.0.0/24"
-- qemu autopkgtest-impish-amd64.img
I used "../lxc_4.0.10-0ubuntu4+wip0_amd64.changes" instead of the "lxc"
SRCPKG name, to use a custom package, skipping the additional "lxc-test-
exit-code" test.
Interestingly, the same set of tests fails if I run the test using the
old (non cgroups v2) systemd (248.3-1ubuntu3), i.e. by leaving out the "
--apt-pocket=proposed=src:systemd" parameter. Although, they fail in a
slightly different way (see attached lxc-vs-old-systemd.log). Running a
baseline test using the old systemd passed on the Ubuntu infrastructure.
– I cannot really explain this infra-baseline vs local-autopkgtest
difference... But it doesn't matter too much either, as we need to fix
the situation for the new (cgroupv2) enabled systemd.
Logs (full logs attached):
FAIL: lxc-tests: lxc-test-apparmor-mount (0s)
---
/usr/sbin/deluser: The user `lxcunpriv' does not exist.
./lxc-test-apparmor-mount: 152: cannot create
/sys/fs/cgroup/-.mount/lxctest/tasks: Permission denied
lxc-destroy: tmp.6hX6BylHCU: tools/lxc_destroy.c: main: 242 Container is not
defined
umount: /sys/kernel/security/apparmor/features/mount: not mounted.
sed: can't read /run/lxc/nics: No such file or directory
---
=> "./lxc-test-apparmor-mount: 152: cannot create
/sys/fs/cgroup/-.mount/lxctest/tasks: Permission denied" seems to be
relevant/related to unified cgroup hierarchy here.
=> fails in a different way with old (non cgroup v2) systemd, locally
FAIL: lxc-tests: lxc-test-autostart (21s)
---
Setting up the GPG keyring
Downloading the image index
ERROR: Failed to download
http://images.linuxcontainers.org//meta/1.0/index-system
lxc-create: lxc-test-auto: lxccontainer.c: create_run_template: 1621 Failed to
create container from template
lxc-create: lxc-test-auto: tools/lxc_create.c: main: 319 Failed to create
container lxc-test-auto
FAIL
---
=> fails in the same way with old (non cgroup v2) systemd, locally.
FAIL: lxc-tests: lxc-test-no-new-privs (22s)
---
+ DONE=0
+ trap cleanup EXIT SIGHUP SIGINT SIGTERM
+ '[' '!' -d /etc/lxc ']'
+ ARCH=i386
+ type dpkg
++ dpkg --print-architecture
+ ARCH=amd64
+ lxc-create -t download -n c1 -- -d ubuntu -r xenial -a amd64
Setting up the GPG keyring
Downloading the image index
ERROR: Failed to download
http://images.linuxcontainers.org//meta/1.0/index-system
lxc-create: c1: lxccontainer.c: create_run_template: 1621 Failed to create
container from template
lxc-create: c1: tools/lxc_create.c: main: 319 Failed to create container c1
+ cleanup
+ cd /
+ lxc-destroy -n c1 -f
lxc-destroy: c1: tools/lxc_destroy.c: main: 242 Container is not defined
+ true
+ '[' 0 -eq 0 ']'
+ echo FAIL
FAIL
+ exit 1
---
=> fails in the same way with old (non cgroup v2) systemd, locally.
FAIL: lxc-tests: lxc-test-unpriv (0s)
---
./lxc-test-unpriv: line 163: /sys/fs/cgroup/-.mount/lxctest/tasks: Permission
denied
cat: /tmp/tmp.w4zIOZHyAA: No such file or directory
---
=> "./lxc-test-unpriv: line 163: /sys/fs/cgroup/-.mount/lxctest/tasks:
Permission denied" seems to be relevant/related to unified cgroup hierarchy
here.
=> fails in a different way with old (non cgroup v2) systemd, locally.
** Affects: lxc (Ubuntu)
Importance: Undecided
Status: New
** Tags: update-excuse
** Attachment added: "lxc-vs-new-systemd.log"
https://bugs.launchpad.net/bugs/1943704/+attachment/5525406/+files/lxc-vs-new-systemd.log
--
You received this bug notifi
[Touch-packages] [Bug 1782984] Re: Assertion `!xcb_xlib_threads_sequence_lost' failed with multiple applications
It looks like I was wrong, and the crash is still occurring with libx11-6 2:1.7.0-2ubuntu0.1 in hirsute, for example: https://errors.ubuntu.com/oops/91f6b2d4-1353-11ec-a828-fa163e102db1 The fact that the crash frequency dropped way off after 20.04 could just be explained by: * Most people stick to LTS and so haven't upgraded yet; and * Those who are using 21.04 are more likely to be using Wayland (the new default) which would avoid the bug. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libx11 in Ubuntu. https://bugs.launchpad.net/bugs/1782984 Title: Assertion `!xcb_xlib_threads_sequence_lost' failed with multiple applications Status in libx11 package in Ubuntu: Fix Released Status in libx11 source package in Bionic: Fix Committed Status in libx11 source package in Focal: Fix Committed Status in libx11 source package in Groovy: Won't Fix Bug description: [Impact] There is a race in libx11 causing applications to randomly abort. It's not trivial to reproduce, but there are enough duplicates that this deserves an SRU to bionic & focal. [Fix] Backport a commit from upstream: From dbb55e1a5e82870466b095097d9e46046680ec25 Mon Sep 17 00:00:00 2001 From: Frediano Ziglio Date: Wed, 29 Jan 2020 09:06:54 + Subject: [PATCH] Fix poll_for_response race condition In poll_for_response is it possible that event replies are skipped and a more up to date message reply is returned. This will cause next poll_for_event call to fail aborting the program. This was proved using some slow ssh tunnel or using some program to slow down server replies (I used a combination of xtrace and strace). How the race happens: - program enters into poll_for_response; - poll_for_event is called but the server didn't still send the reply; - pending_requests is not NULL because we send a request (see call to append_pending_request in _XSend); - xcb_poll_for_reply64 is called from poll_for_response; - xcb_poll_for_reply64 will read from server, at this point server reply with an event (say sequence N) and the reply to our last request (say sequence N+1); - xcb_poll_for_reply64 returns the reply for the request we asked; - last_request_read is set to N+1 sequence in poll_for_response; - poll_for_response returns the response to the request; - poll_for_event is called (for instance from another poll_for_response); - event with sequence N is retrieved; - the N sequence is widen, however, as the "new" number computed from last_request_read is less than N the number is widened to N + 2^32 (assuming last_request_read is still contained in 32 bit); - poll_for_event enters the nested if statement as req is NULL; - we compare the widen N (which now does not fit into 32 bit) with request (which fits into 32 bit) hitting the throw_thread_fail_assert. To avoid the race condition and to avoid the sequence to go back I check again for new events after getting the response and return this last event if present saving the reply to return it later. To test the race and the fix it's helpful to add a delay (I used a "usleep(5000)") before calling xcb_poll_for_reply64. Original patch written by Frediano Ziglio, see https://gitlab.freedesktop.org/xorg/lib/libx11/-/merge_requests/34 Reworked primarily for readability by Peter Hutterer, see https://gitlab.freedesktop.org/xorg/lib/libx11/-/merge_requests/53 Signed-off-by: Peter Hutterer bionic needs another commit so that the real fix applies. [Test case] It's a race condition, the SRU sponsor (tjaalton) does not have a test case for this, but the bug subscribers seem to. [Where things could go wrong] In theory there might be a case where a race still happens, but since this has been upstream for a year now with no follow-up commits, it's safe to assume that there are no regressions. -- STEPS TO REPRODUCE == The bug seems to occur when clicking on a file or folder. It is random and difficult to provide clear steps to reproduce. It is, however, a common situation. EXPECTED RESULTS pcmanfm works without problem. ACTUAL RESULTS == All pcmanfm windows become unresponsive, though background processes (e.g. copying) may continue without problem. with the same error message in ~/.cache/lxsession/LXDE/run.log: [xcb] Unknown sequence number while processing queue [xcb] Most likely this is a multi-threaded client and XInitThreads has not been called [xcb] Aborting, sorry about that. pcmanfm: xcb_io.c:259: poll_for_event: Assertion `!xcb_xlib_threads_sequence_lost' failed. ** Message: 19:58:49.267: app.vala:130: pcmanfm exit with this type of exit: 6 ** Message: 19:58:49.268: app.vala:148: Exit not normal, try to reload (note the timestamp on the message will vary) AFFECTED VERSIONS =
[Touch-packages] [Bug 1850667] Re: Switch to "unified" cgroup hierarchy (cgroupv2)
snapd landed the support in upstream git as of yesterday (https://github.com/snapcore/snapd) and it is expected to be shipped with snapd v2.53 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/1850667 Title: Switch to "unified" cgroup hierarchy (cgroupv2) Status in lxc: Fix Released Status in lxd: Fix Released Status in snapd: Confirmed Status in docker.io package in Ubuntu: Fix Released Status in lxc package in Ubuntu: Fix Released Status in snapd package in Ubuntu: In Progress Status in systemd package in Ubuntu: Confirmed Status in lxc package in Debian: Fix Released Status in systemd package in Debian: Fix Released Bug description: Systemd upstream switched the default cgroup hierarchy to unified with v243. This change is reverted by the Ubuntu systemd packages, but as unified is the way to go per upstream support should be added to all relevant Ubuntu packges (and snaps): https://github.com/systemd/systemd/blob/v243/NEWS#L56 * systemd now defaults to the "unified" cgroup hierarchy setup during build-time, i.e. -Ddefault-hierarchy=unified is now the build-time default. Previously, -Ddefault-hierarchy=hybrid was the default. This change reflects the fact that cgroupsv2 support has matured substantially in both systemd and in the kernel, and is clearly the way forward. Downstream production distributions might want to continue to use -Ddefault-hierarchy=hybrid (or even =legacy) for their builds as unfortunately the popular container managers have not caught up with the kernel API changes. Systemd is rebuilt using the new default and is available from the following PPA for testing: https://launchpad.net/~rbalint/+archive/ubuntu/systemd-unified-cgh The autopkgtest results against other packges are available here: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest- eoan-rbalint-systemd-unified-cgh/?format=plain https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest- focal-rbalint-systemd-unified-cgh/?format=plain lxc autopkgtest failing: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest- eoan-rbalint-systemd-unified- cgh/eoan/amd64/d/docker.io/20191030_155944_2331e@/log.gz snapd autopkgtest failing: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest- eoan-rbalint-systemd-unified- cgh/eoan/amd64/s/snapd/20191030_161354_94b26@/log.gz docker.io autopkgtest failing: https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest- eoan-rbalint-systemd-unified- cgh/eoan/amd64/d/docker.io/20191030_155944_2331e@/log.gz To manage notifications about this bug go to: https://bugs.launchpad.net/lxc/+bug/1850667/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
