[Touch-packages] [Bug 1977795] [NEW] man page incorrectly lists "--metalink-over-http" as an option
Public bug reported: The man page describes a "--metalink-over-http" option to wget: --metalink-over-http Issues HTTP HEAD request instead of GET and extracts Metalink metadata from response headers. Then it switches to Metalink download. If no valid Metalink metadata is found, it falls back to ordinary HTTP download. Enables Content-Type: application/metalink4+xml files download/processing. However, attempting to use the "--metalink-over-http" option results in an error: $ wget --metalink-over-http https://www.example.com/ wget: unrecognized option '--metalink-over-http' Usage: wget [OPTION]... [URL]... Try `wget --help' for more options. (I assume the error occurs because the Ubuntu version of wget is built without passing the `--with-metalink` flag to `configure`.) Since the man page should correctly describe the options wget can take, the `--metalink-over-http` section of it should be removed. (The same might apply to the man page discussion of `--metalink-index`, `--input-metalink`, `--keep-badhash`, `--preferred-location`, since those options mention metalinks, but I haven't investigated further.) ** Affects: wget (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to wget in Ubuntu. https://bugs.launchpad.net/bugs/1977795 Title: man page incorrectly lists "--metalink-over-http" as an option Status in wget package in Ubuntu: New Bug description: The man page describes a "--metalink-over-http" option to wget: --metalink-over-http Issues HTTP HEAD request instead of GET and extracts Metalink metadata from response headers. Then it switches to Metalink download. If no valid Metalink metadata is found, it falls back to ordinary HTTP download. Enables Content-Type: application/metalink4+xml files download/processing. However, attempting to use the "--metalink-over-http" option results in an error: $ wget --metalink-over-http https://www.example.com/ wget: unrecognized option '--metalink-over-http' Usage: wget [OPTION]... [URL]... Try `wget --help' for more options. (I assume the error occurs because the Ubuntu version of wget is built without passing the `--with-metalink` flag to `configure`.) Since the man page should correctly describe the options wget can take, the `--metalink-over-http` section of it should be removed. (The same might apply to the man page discussion of `--metalink- index`, `--input-metalink`, `--keep-badhash`, `--preferred-location`, since those options mention metalinks, but I haven't investigated further.) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wget/+bug/1977795/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1972654] Re: [security review] Sync policykit-1 0.120-6 (main) from Debian experimental
My understanding is the Debian experimental version doesn't support both at the same time, it's one or the other depending on which binary package you install. We definitely don't want that. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to policykit-1 in Ubuntu. https://bugs.launchpad.net/bugs/1972654 Title: [security review] Sync policykit-1 0.120-6 (main) from Debian experimental Status in policykit-1 package in Ubuntu: Confirmed Bug description: Please sync policykit-1 0.120-6 (main) from Debian experimental Changelog entries since current kinetic version 0.105-33: https://tracker.debian.org/media/packages/p/policykit-1/changelog-0.120-6 In particular, see the 0.120-4 changelog entry. I am filing a bug for Security Team review. Previously, Debian and Ubuntu developers agreed to keep using the last version of policykit before it switched to using JavaScript rules. But that was years ago. I believe Debian & Ubuntu are the only distros to have opted out of the new policykit. It is harder to maintain the old style rules when upstream rules use the new format. And it is a challenge to backport security and other bugfixes from the new series, without making mistakes or missing important details. There was a proposal to use duktape instead of mozjs for the JavaScript interpreter but I don't think that's been merged yet. It appears the Debian maintainer is considering switching Debian to the updated version in time for the next Debian Stable release (so uploading to unstable later this year). My requested deadline is August 25, Ubuntu 22.10 Feature Freeze. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/1972654/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1647285] Re: SSL trust not system-wide
Related: https://bugs.launchpad.net/ubuntu/+source/crypto- policies/+bug/1926664 (I might create a task here for crypto-policies and close the bug above) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ca-certificates in Ubuntu. https://bugs.launchpad.net/bugs/1647285 Title: SSL trust not system-wide Status in ca-certificates package in Ubuntu: Confirmed Status in firefox package in Ubuntu: Confirmed Status in nss package in Ubuntu: Confirmed Status in p11-kit package in Ubuntu: Fix Released Status in sssd package in Ubuntu: Confirmed Status in thunderbird package in Ubuntu: Confirmed Bug description: When I install a corporate CA trust root with update-ca-certificates, it doesn't seem to work everywhere. Various things like Firefox, Evolution, Chrome, etc. all fail to trust the newly-installed trusted CA. This ought to work, and does on other distributions. In p11-kit there is a module p11-kit-trust.so which can be used as a drop-in replacement for NSS's own libnssckbi.so trust root module, but which reads from the system's configured trust setup instead of the hard- coded version. This allows us to install the corporate CAs just once, and then file a bug against any package that *doesn't* then trust them. See https://fedoraproject.org/wiki/Features/SharedSystemCertificates for some of the historical details from when this feature was first implemented, but this is all now supported upstream and not at all distribution-specific. There shouldn't be any significant work required; it's mostly just a case of configuring and building it to make use of this functionality. (With 'alternatives' to let you substitute p11-kit-trust.so for the original NSS libnssckbi.so, etc.) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ca-certificates/+bug/1647285/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1958267] Re: wpa can't connect to servers using TLS 1.1 or older
WPA2 Enterprise PEAP wifi working great with solution https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1958267/comments/76. Thanks for the great work Sebastien! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to wpa in Ubuntu. https://bugs.launchpad.net/bugs/1958267 Title: wpa can't connect to servers using TLS 1.1 or older Status in wpa package in Ubuntu: Fix Released Status in wpa source package in Jammy: Confirmed Status in wpa package in Debian: New Bug description: wpa built with in openssl3 fails to connect to TLS 1.1 or lower server those uses MD5-SHA1 as digest in its signature algorithm which no longer meets OpenSSL default level of security of 80 bits http://lists.infradead.org/pipermail/hostap/2022-May/040563.html Workaround are described in #22 and #36 by basically using CipherString = DEFAULT@SECLEVEL=0 which lowers the security level --- With the current jammy version of wpasupplicant (2:2.10-1), I cannot connect to the WPA Enterprise network eduroam, which is used by Universities worldwide. I get a "Connection failed" message or a request to re-enter the password. - I've re-tried the credentials: no fix ;-) - Tried a 21.10 live session on the same machine: works fine! - Manually downgraded wpasupplicant to the impish version (2:2.9.0-21build1): connected normally. - Upgraded wpasupplicant to the latest version: fails to connect again. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: wpasupplicant 2:2.10-1 ProcVersionSignature: Ubuntu 5.15.0-17.17-generic 5.15.12 Uname: Linux 5.15.0-17-generic x86_64 NonfreeKernelModules: wl ApportVersion: 2.20.11-0ubuntu75 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Tue Jan 18 09:56:23 2022 InstallationDate: Installed on 2021-11-30 (48 days ago) InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Alpha amd64 (20211130) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: wpa UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1958267/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1958267] Re: wpa can't connect to servers using TLS 1.1 or older
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to wpa in Ubuntu. https://bugs.launchpad.net/bugs/1958267 Title: wpa can't connect to servers using TLS 1.1 or older Status in wpa package in Ubuntu: Fix Released Status in wpa source package in Jammy: Confirmed Status in wpa package in Debian: New Bug description: wpa built with in openssl3 fails to connect to TLS 1.1 or lower server those uses MD5-SHA1 as digest in its signature algorithm which no longer meets OpenSSL default level of security of 80 bits http://lists.infradead.org/pipermail/hostap/2022-May/040563.html Workaround are described in #22 and #36 by basically using CipherString = DEFAULT@SECLEVEL=0 which lowers the security level --- With the current jammy version of wpasupplicant (2:2.10-1), I cannot connect to the WPA Enterprise network eduroam, which is used by Universities worldwide. I get a "Connection failed" message or a request to re-enter the password. - I've re-tried the credentials: no fix ;-) - Tried a 21.10 live session on the same machine: works fine! - Manually downgraded wpasupplicant to the impish version (2:2.9.0-21build1): connected normally. - Upgraded wpasupplicant to the latest version: fails to connect again. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: wpasupplicant 2:2.10-1 ProcVersionSignature: Ubuntu 5.15.0-17.17-generic 5.15.12 Uname: Linux 5.15.0-17-generic x86_64 NonfreeKernelModules: wl ApportVersion: 2.20.11-0ubuntu75 Architecture: amd64 CurrentDesktop: ubuntu:GNOME Date: Tue Jan 18 09:56:23 2022 InstallationDate: Installed on 2021-11-30 (48 days ago) InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Alpha amd64 (20211130) ProcEnviron: TERM=xterm-256color PATH=(custom, no user) XDG_RUNTIME_DIR= LANG=en_US.UTF-8 SHELL=/bin/bash SourcePackage: wpa UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wpa/+bug/1958267/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1972654] Re: [security review] Sync policykit-1 0.120-6 (main) from Debian experimental
Marc, the current Debian experimental version supports both PKLA and JS policy files. Are you saying that you only want one style to be supported in an Ubuntu release? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to policykit-1 in Ubuntu. https://bugs.launchpad.net/bugs/1972654 Title: [security review] Sync policykit-1 0.120-6 (main) from Debian experimental Status in policykit-1 package in Ubuntu: Confirmed Bug description: Please sync policykit-1 0.120-6 (main) from Debian experimental Changelog entries since current kinetic version 0.105-33: https://tracker.debian.org/media/packages/p/policykit-1/changelog-0.120-6 In particular, see the 0.120-4 changelog entry. I am filing a bug for Security Team review. Previously, Debian and Ubuntu developers agreed to keep using the last version of policykit before it switched to using JavaScript rules. But that was years ago. I believe Debian & Ubuntu are the only distros to have opted out of the new policykit. It is harder to maintain the old style rules when upstream rules use the new format. And it is a challenge to backport security and other bugfixes from the new series, without making mistakes or missing important details. There was a proposal to use duktape instead of mozjs for the JavaScript interpreter but I don't think that's been merged yet. It appears the Debian maintainer is considering switching Debian to the updated version in time for the next Debian Stable release (so uploading to unstable later this year). My requested deadline is August 25, Ubuntu 22.10 Feature Freeze. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/1972654/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1971305] Re: Merge openldap from Debian unstable for kinetic
** Merge proposal linked:
https://code.launchpad.net/~sergiodj/ubuntu/+source/openldap/+git/openldap/+merge/424013
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1971305
Title:
Merge openldap from Debian unstable for kinetic
Status in openldap package in Ubuntu:
In Progress
Bug description:
Upstream: tbd
Debian: 2.5.11+dfsg-1
Ubuntu: 2.5.11+dfsg-1~exp1ubuntu3
Debian does new releases regularly, so it's likely there will be newer
versions available before FF that we can pick up if this merge is done
later in the cycle.
### New Debian Changes ###
openldap (2.5.11+dfsg-1) unstable; urgency=medium
* Upload to unstable.
-- Ryan Tandy Fri, 11 Mar 2022 19:38:02 -0800
openldap (2.5.11+dfsg-1~exp1) experimental; urgency=medium
* New upstream release.
* Add openssl to Build-Depends to enable more checks in test067-tls.
* Update slapd-contrib's custom-library-search-path override to work with
current Lintian.
-- Ryan Tandy Sun, 23 Jan 2022 17:16:05 -0800
openldap (2.5.8+dfsg-1~exp1) experimental; urgency=medium
* New upstream release.
* Update slapd-contrib's custom-library-search-path override to work with
Lintian 2.108.0.
-- Ryan Tandy Wed, 13 Oct 2021 18:42:55 -0700
openldap (2.5.7+dfsg-1~exp1) experimental; urgency=medium
* New upstream release.
* Don't run autoreconf in contrib/ldapc++. We don't build it, and it is not
yet compatible with autoconf 2.71. (Closes: #993032)
* Stop disabling automake in debian/rules now that upstream removed the
AM_INIT_AUTOMAKE invocation.
* Drop custom config.{guess,sub} handling. dh_update_autotools_config does
the right thing for us.
* Update Standards-Version to 4.6.0; no changes required.
* debian/not-installed: Add the ldapvc.1 man page.
-- Ryan Tandy Mon, 30 Aug 2021 18:54:25 -0700
openldap (2.5.6+dfsg-1~exp1) experimental; urgency=medium
[ Ryan Tandy ]
* New upstream release.
* Export the cn=config database to LDIF format before upgrading from 2.4.
* slapd.README.Debian:
- Remove text about the dropped evolution-ntlm patch.
- Add guidance for recovering from upgrade failures.
* Remove the debconf warning and README text about the unsafe ACL configured
by default in versions before jessie.
* Remove upgrade code for adding the pwdMaxRecordedFailure attribute to the
ppolicy schema. It's obsolete since the schema has been internalized.
[ Sergio Durigan Junior ]
* Implement the 'escape hatch' mechanism.
- d/po/*.po: Update PO files given the new template note.
- d/po/templates.pot: Update file.
- d/slapd.templates: Add note warning user about a postinst failure,
its possible cause and what to do.
- d/slapd.postinst: Make certain upgrade functions return failure
instead of exiting, which allows the postinst script to gracefully
fail when applicable. Also, when the general configuration upgrade
fails, display a critical warning to the user. Implement
ignore_init_failure function.
- d/slapd.prerm: Implement ignore_init_failure function.
- d/slapd.scripts-common: Make certain functions return failure
instead of exiting.
- d/rules: Use dh_installinit's --error-handler to instruct it on how
to handle possible errors with the init script.
- d/slapd.NEWS: Add excerpt mentioning that the postinst script might
error out if it can't migrate the existing (old) database backend.
-- Ryan Tandy Mon, 16 Aug 2021 18:32:29 -0700
openldap (2.5.5+dfsg-1~exp1) experimental; urgency=medium
* New upstream release.
- Drop patches applied upstream: ITS#9544, ITS#9548.
* Mark slapd-contrib as breaking the old version of slapd to reduce the
chance of upgrade failure due to slapd-contrib being unpacked first.
-- Ryan Tandy Fri, 11 Jun 2021 11:43:15 -0700
openldap (2.5.4+dfsg-1~exp1) experimental; urgency=medium
* New upstream release.
- Changing olcAuthzRegexp dynamically is supported. (Closes: #761407)
- Support for LANMAN password hashes has been removed. (Closes: #988033)
- Added pkg-config files for liblber and libldap. (Closes: #670824)
- libldap_r has been merged into libldap. The Debian package will continue
to install a libldap_r.so symlink for backwards compatibility with
applications that still link with -lldap_r.
- The Berkeley DB backends, slapd-bdb(5) and slapd-hdb(5), have been
removed.
- The shell backend, slapd-shell(5), has been removed.
- New backend: slapd-asyncmeta(5).
- New core overlays: slapd-homedir(5), slapd-otp(5), and
slapd-remoteauth(5).
- The ppolicy schema has been merged into the slapo-ppolicy(5)
[Touch-packages] [Bug 1881504] Re: cross-testing essential packages fails
** Changed in: autopkgtest (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apt in Ubuntu. https://bugs.launchpad.net/bugs/1881504 Title: cross-testing essential packages fails Status in apt package in Ubuntu: Won't Fix Status in autopkgtest package in Ubuntu: Confirmed Status in gzip package in Ubuntu: New Bug description: Testing gzip on i386 fails at replacing gzip(:amd64) with gzip:i386. https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest- groovy/groovy/i386/g/gzip/20200528_195150_89f08@/log.gz ... autopkgtest [19:51:38]: testing package gzip version 1.10-2ubuntu1 autopkgtest [19:51:38]: build not needed autopkgtest [19:51:38]: test simple-gzip: preparing testbed Note, using file '/tmp/autopkgtest.1PbIQv/1-autopkgtest-satdep.dsc' to get the build dependencies Reading package lists... Building dependency tree... Reading state information... Starting pkgProblemResolver with broken count: 0 Starting 2 pkgProblemResolver with broken count: 0 Done The following packages will be REMOVED: gzip The following NEW packages will be installed: build-essential cpp cpp-9 g++ g++-9 gcc gcc-10-base:i386 gcc-9 gcc-9-base gzip:i386 libasan5 libatomic1 libc-dev-bin libc6:i386 libc6-dev libcc1-0 libcrypt-dev libcrypt1:i386 libgcc-9-dev libgcc-s1:i386 libgomp1 libisl22 libitm1 liblsan0 libmpc3 libquadmath0 libstdc++-9-dev libtsan0 libubsan1 linux-libc-dev WARNING: The following essential packages will be removed. This should NOT be done unless you know exactly what you are doing! gzip 0 upgraded, 30 newly installed, 1 to remove and 0 not upgraded. E: Essential packages were removed and -y was used without --allow-remove-essential. E: Failed to process build dependencies ... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1881504/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1971305] Re: Merge openldap from Debian unstable for kinetic
** Changed in: openldap (Ubuntu)
Status: New => In Progress
** Changed in: openldap (Ubuntu)
Milestone: ubuntu-22.07 => ubuntu-22.06
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openldap in Ubuntu.
https://bugs.launchpad.net/bugs/1971305
Title:
Merge openldap from Debian unstable for kinetic
Status in openldap package in Ubuntu:
In Progress
Bug description:
Upstream: tbd
Debian: 2.5.11+dfsg-1
Ubuntu: 2.5.11+dfsg-1~exp1ubuntu3
Debian does new releases regularly, so it's likely there will be newer
versions available before FF that we can pick up if this merge is done
later in the cycle.
### New Debian Changes ###
openldap (2.5.11+dfsg-1) unstable; urgency=medium
* Upload to unstable.
-- Ryan Tandy Fri, 11 Mar 2022 19:38:02 -0800
openldap (2.5.11+dfsg-1~exp1) experimental; urgency=medium
* New upstream release.
* Add openssl to Build-Depends to enable more checks in test067-tls.
* Update slapd-contrib's custom-library-search-path override to work with
current Lintian.
-- Ryan Tandy Sun, 23 Jan 2022 17:16:05 -0800
openldap (2.5.8+dfsg-1~exp1) experimental; urgency=medium
* New upstream release.
* Update slapd-contrib's custom-library-search-path override to work with
Lintian 2.108.0.
-- Ryan Tandy Wed, 13 Oct 2021 18:42:55 -0700
openldap (2.5.7+dfsg-1~exp1) experimental; urgency=medium
* New upstream release.
* Don't run autoreconf in contrib/ldapc++. We don't build it, and it is not
yet compatible with autoconf 2.71. (Closes: #993032)
* Stop disabling automake in debian/rules now that upstream removed the
AM_INIT_AUTOMAKE invocation.
* Drop custom config.{guess,sub} handling. dh_update_autotools_config does
the right thing for us.
* Update Standards-Version to 4.6.0; no changes required.
* debian/not-installed: Add the ldapvc.1 man page.
-- Ryan Tandy Mon, 30 Aug 2021 18:54:25 -0700
openldap (2.5.6+dfsg-1~exp1) experimental; urgency=medium
[ Ryan Tandy ]
* New upstream release.
* Export the cn=config database to LDIF format before upgrading from 2.4.
* slapd.README.Debian:
- Remove text about the dropped evolution-ntlm patch.
- Add guidance for recovering from upgrade failures.
* Remove the debconf warning and README text about the unsafe ACL configured
by default in versions before jessie.
* Remove upgrade code for adding the pwdMaxRecordedFailure attribute to the
ppolicy schema. It's obsolete since the schema has been internalized.
[ Sergio Durigan Junior ]
* Implement the 'escape hatch' mechanism.
- d/po/*.po: Update PO files given the new template note.
- d/po/templates.pot: Update file.
- d/slapd.templates: Add note warning user about a postinst failure,
its possible cause and what to do.
- d/slapd.postinst: Make certain upgrade functions return failure
instead of exiting, which allows the postinst script to gracefully
fail when applicable. Also, when the general configuration upgrade
fails, display a critical warning to the user. Implement
ignore_init_failure function.
- d/slapd.prerm: Implement ignore_init_failure function.
- d/slapd.scripts-common: Make certain functions return failure
instead of exiting.
- d/rules: Use dh_installinit's --error-handler to instruct it on how
to handle possible errors with the init script.
- d/slapd.NEWS: Add excerpt mentioning that the postinst script might
error out if it can't migrate the existing (old) database backend.
-- Ryan Tandy Mon, 16 Aug 2021 18:32:29 -0700
openldap (2.5.5+dfsg-1~exp1) experimental; urgency=medium
* New upstream release.
- Drop patches applied upstream: ITS#9544, ITS#9548.
* Mark slapd-contrib as breaking the old version of slapd to reduce the
chance of upgrade failure due to slapd-contrib being unpacked first.
-- Ryan Tandy Fri, 11 Jun 2021 11:43:15 -0700
openldap (2.5.4+dfsg-1~exp1) experimental; urgency=medium
* New upstream release.
- Changing olcAuthzRegexp dynamically is supported. (Closes: #761407)
- Support for LANMAN password hashes has been removed. (Closes: #988033)
- Added pkg-config files for liblber and libldap. (Closes: #670824)
- libldap_r has been merged into libldap. The Debian package will continue
to install a libldap_r.so symlink for backwards compatibility with
applications that still link with -lldap_r.
- The Berkeley DB backends, slapd-bdb(5) and slapd-hdb(5), have been
removed.
- The shell backend, slapd-shell(5), has been removed.
- New backend: slapd-asyncmeta(5).
- New core overlays: slapd-homedir(5), slapd-otp(5), and
slapd-remoteauth(5).
- The ppolicy schema has been merged
[Touch-packages] [Bug 1977619] Re: NetworkManager 1.36.6 no longer prefers DHCPv6 addresses over SLAAC
** Tags added: rls-jj-incoming -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to network-manager in Ubuntu. https://bugs.launchpad.net/bugs/1977619 Title: NetworkManager 1.36.6 no longer prefers DHCPv6 addresses over SLAAC Status in network-manager package in Ubuntu: Confirmed Bug description: Situation: My network has both DHCPv6 and SLAAC (autoconf) for IPv6. From a privacy perspective, for readability reasons and for network management policies, DHCPv6 should *always* be preferred over SLAAC addresses when available. And according to RFC 6724, the smaller /128 scope of the DHCPv6 address should be chosen over the larger /64 scope of the SLAAC address. NetworkManager has always been able to adhere to that by simply setting ip6.privacy=0 for the connection (in nm-connection-editor *not* selecting "Prefer temporary address" for IPv6 privacy extensions). Then it would use the DHCPv6 address as the source for all outgoing traffic. So if you would - for instance - run `curl ifconfig.co`, the DHCPv6 address would be used to connect to the outside world and be echoed back. Regression: Since the update to 1.36.6, this is no longer the case. NetworkManager now routes outgoing traffic through the SLAAC address, even if ip6.privacy=0 is set for the connection. Constantly removing the SLAAC addresses with `ip addr del` or disabling SLAAC RA's on the router are now the only ways to stop NetworkManager from preferring SLAAC over DHCPv6. None of the local options in NetworkManager 1.36.6 are able to restore the previous, desired and correct way of working: the SLAAC address should never be used as the preferred address if a DHCPv6 lease is given. Looking at the changelog of NetworkManager 1.36.6, multiple things regarding IP address order and temporary addresses have been changed in that release, any of them (or a combination) introducing this bug: * Fix a bug in synchronization of IP addresses with kernel that could lead to a wrong address order. * Ignore addresses from DHCPv6 when the Otherconf router advertisement flag is set. * Ensure temporary IPv6 addresses are removed on disconnect and reapply. https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/nm-1-36/NEWS Steps to reproduce: 1. Connect to a network where the router sends "A" and "M" bits in the RA's and has a DHCPv6 server running (e.g. any OpenWrt router). 2. When running `ip -6 a`, the list now sorts SLAAC addresses above DHCPv6 addresses. With NetworkManager 1.36.4 and earlier, this was not the case. (The Linux kernel uses the address highest in the list as preferred.) 3. When running something like `curl ifconfig.co`, the SLAAC address is being returned, which makes sense as that is now preferred by the kernel. (But it shouldn't be.) Desired behaviour: NetworkManager should always sort DHCPv6 addresses above SLAAC addresses, as is the case for all versions prior to 1.36.6 and also corrected again in 1.38.0. In case static addresses are manually set, those should take first priority, with DHCPv6 second and SLAAC/autoconf last. Implications: This can break many real-life use cases. For instance, my router gives out static leases to my machines. Those addresses are whitelisted in all kinds of firewalls to allow me to access servers for my work. Now that the "wrong" address is being preferred for outgoing traffic (a SLAAC address that I have no influence on and cannot centrally configure), I am being locked out of the servers in question unless I forcefully remove the addresses or disable SLAAC on my router, so my outgoing traffic is being routed through the DHCPv6 address again. Note that "just disabling SLAAC RA's on the router" is not something everybody can do, as it requires root access to the device. Moreover, it would break IPv6 connectivity entirely for devices that don't support DHCPv6 (read: Android). Conclusion: So this update introduces a very breaking change in IPv6 source address selection to an LTS release, while LTS releases should be stable. I should note that the bug is not present in NetworkManager 1.38.0 on Debian sid. That just prefers DHCPv6 addresses when available, like it should. As that version is also used in Ubuntu kinetic, most likely this bug is not present there. Looking at the changelog of 1.38.0: * Fix bug setting priority for IP addresses. * Static IPv6 addresses from "ipv6.addresses" are now preferred over addresses from DHCPv6, which are preferred over addresses from autoconf. This affects IPv6 source address selection, if the rules from RFC 6724, section 5 don't give a exhaustive match. https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/blob/nm-1-38/NEWS It looks like Ubuntu just introduced that bug by upgrading to 1.36.6, while a proper
[Touch-packages] [Bug 1923845] Re: Please compress packages with zstd by default
aptly is Fix Release in Kinetic in:
aptly (1.4.0+ds1-7) unstable; urgency=medium
* Team upload.
* Add support for zstd compression (Closes: #1010465)
** Changed in: aptly (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to file in Ubuntu.
https://bugs.launchpad.net/bugs/1923845
Title:
Please compress packages with zstd by default
Status in appstream-glib package in Ubuntu:
New
Status in apt package in Ubuntu:
Fix Released
Status in aptly package in Ubuntu:
Fix Released
Status in boinc package in Ubuntu:
New
Status in busybox package in Ubuntu:
New
Status in cdebootstrap package in Ubuntu:
New
Status in cdist package in Ubuntu:
New
Status in debdelta package in Ubuntu:
New
Status in debian-el package in Ubuntu:
New
Status in debootstrap package in Ubuntu:
Fix Released
Status in debsig-verify package in Ubuntu:
New
Status in debsigs package in Ubuntu:
New
Status in diffoscope package in Ubuntu:
Fix Released
Status in dpkg package in Ubuntu:
Fix Released
Status in dpkg-sig package in Ubuntu:
New
Status in file package in Ubuntu:
New
Status in hello package in Ubuntu:
Fix Released
Status in libsolv package in Ubuntu:
New
Status in lintian package in Ubuntu:
Fix Released
Status in lutris package in Ubuntu:
Invalid
Status in obs-build package in Ubuntu:
New
Status in osc package in Ubuntu:
New
Status in python-debian package in Ubuntu:
Fix Released
Status in radare2 package in Ubuntu:
New
Status in reprepro package in Ubuntu:
Fix Released
Status in vim-scripts package in Ubuntu:
New
Status in zeroinstall-injector package in Ubuntu:
New
Status in reprepro source package in Focal:
Fix Released
Status in reprepro source package in Groovy:
Fix Released
Status in reprepro source package in Hirsute:
Fix Released
Status in debian-el package in Debian:
New
Bug description:
https://people.canonical.com/~rbalint/zstd-debs/ contains a .deb built
on Hirsute having both data and control members of the .deb being
compressed with zstd. It can be handy for testing various tools.
[dpkg]
Decompression support in dpkg landed first in Bionic and is being SRUd to
Xenial in LP: #1764220 enable Launchpad's Xenial systems to process the
zstd-compressed binary packages.
From dpkg's perspective the upgrade path is cleared.
The original plan was compressing only the internal data.tar .deb
member, but dpkg uses uniform compression by default since dpkg 1.19.0
thus I'm collecting all the changes to support control.tar.zst, too,
in this bug.
Reviewed packages from:
https://codesearch.debian.net/search?q=data.tar.xz=1=1
https://codesearch.debian.net/search?q=control.tar.xz=1=1
appstream-glib - needs fix: libappstream-builder/asb-package-deb.c
aptly - needs fix: deb/deb.go
boinc - needs fix: debian/fetch_example_applications.sh
busybox - needs fix: archival/dpkg_deb.c archival/dpkg.c
cdebootstrap- needs fix: src/package.c
cdist - may need fix, can use dpkg-deb:
cdist/preos/debootstrap/files/devuan-debootstrap/functions
debdelta- needs fix: debdelta debpatch.sh
debian-el - needs fix: deb-view.el
debian-handbook - needs fix, maybe later, for Debian
debootstrap - needs fix,
https://salsa.debian.org/installer-team/debootstrap/-/merge_requests/54
debsigs - needs fix, debsigs
debsig-verify - needs fix, src/debsig-verify.c
diffoscope - needs fix, diffoscope/comparators/deb.py
dpkg- needs fix, change default
dpkg-sig- needs fix, dpkg-sig
dpmb- needs fix, maybe later, for Debian
elfutils- may need fix, uses dpkg-deb if it is available, does not
handle .gz either
file- needs fix, magic/Magdir/archive
libsolv - needs fix, ext/repo_deb.c
lintian - needs fix malformed-deb-archive
lutris - needs fix, lutris/util/extract.py
obs-build - needs fix Build/Deb.pm
osc - needs fix osc/util/debquery.py control.tar.zst only
python-apt - needs fix
apt_inst.DebFile("glibc-doc-reference_2.33-0ubuntu2~zstd1_all.deb").control.extractall()
radare2 - needs fix
reprepro- needs fix, debfile.c
vim-scripts - needs fix debPlugin/autoload/deb.vim
winetricks - needs fix when Debian switches src/winetricks
zeroinstall-injector - needs fix src/zeroinstall/archive.ml
acr - skip, does not _have to_ be fixed, just creates packages,
see dist/deb_hand.mak
alien - skip, uses dpkg-deb to extract .deb
ansible - not affected, just test data in dbdata.tar.xz
anthy - not affected, just changelog entry
apt - seems fixed already
ceph- not affected in Ubuntu's version
circlator - not affected, just test data
cowdancer - not
[Touch-packages] [Bug 1977748] Re: apport-bug thinks it's running on Xorg
** Package changed: ubuntu => xorg (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. https://bugs.launchpad.net/bugs/1977748 Title: apport-bug thinks it's running on Xorg Status in xorg package in Ubuntu: New Bug description: Instructed by "ask a question" I tried to file a wayland-targeted bug, but apport-bug thinks I'm running Xorg. See https://answers.launchpad.net/ubuntu/+question/702075 PRETTY_NAME="Ubuntu 22.04 LTS" NAME="Ubuntu" VERSION_ID="22.04" VERSION="22.04 LTS (Jammy Jellyfish)" VERSION_CODENAME=jammy $ ps -ef | grep Xwayland xx 24931685 0 Jun04 ?00:05:36 /usr/bin/Xwayland :0 -rootless -noreset -accessx -core -auth /run/user/1001/.mutter-Xwaylandauth.5ZZYM1 -listen 4 -listen 5 -displayfd 6 -initfd 7 ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: xorg 1:7.7+23ubuntu2 ProcVersionSignature: Ubuntu 5.15.0-35.36-generic 5.15.35 Uname: Linux 5.15.0-35-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.1 Architecture: amd64 BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log' CasperMD5CheckResult: pass CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Mon Jun 6 06:40:48 2022 DistUpgraded: Fresh install DistroCodename: jammy DistroVariant: ubuntu ExtraDebuggingInterest: Yes GraphicsCard: Intel Corporation TigerLake-LP GT2 [Iris Xe Graphics] [8086:9a49] (rev 01) (prog-if 00 [VGA controller]) Subsystem: Dell TigerLake-LP GT2 [Iris Xe Graphics] [1028:0991] InstallationDate: Installed on 2021-10-02 (246 days ago) InstallationMedia: Ubuntu 21.04 "Hirsute Hippo" - Release amd64 (20210420) MachineType: Dell Inc. XPS 13 9310 ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.15.0-35-generic root=UUID=c737013a-1cc7-494f-a1b7-a6efce6f09f7 ro quiet splash vt.handoff=7 SourcePackage: xorg Symptom: display UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 03/17/2022 dmi.bios.release: 3.6 dmi.bios.vendor: Dell Inc. dmi.bios.version: 3.6.0 dmi.board.name: 0MK6WC dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 10 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvr3.6.0:bd03/17/2022:br3.6:svnDellInc.:pnXPS139310:pvr:rvnDellInc.:rn0MK6WC:rvrA00:cvnDellInc.:ct10:cvr:sku0991: dmi.product.family: XPS dmi.product.name: XPS 13 9310 dmi.product.sku: 0991 dmi.sys.vendor: Dell Inc. version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.110-1ubuntu1 version.libgl1-mesa-dri: libgl1-mesa-dri 22.0.1-1ubuntu2 version.libgl1-mesa-glx: libgl1-mesa-glx N/A version.xserver-xorg-core: xserver-xorg-core 2:21.1.3-2ubuntu2 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-2build3 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20210115-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.17-2build1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/1977748/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1977748] [NEW] apport-bug thinks it's running on Xorg
You have been subscribed to a public bug: Instructed by "ask a question" I tried to file a wayland-targeted bug, but apport-bug thinks I'm running Xorg. See https://answers.launchpad.net/ubuntu/+question/702075 PRETTY_NAME="Ubuntu 22.04 LTS" NAME="Ubuntu" VERSION_ID="22.04" VERSION="22.04 LTS (Jammy Jellyfish)" VERSION_CODENAME=jammy $ ps -ef | grep Xwayland xx 24931685 0 Jun04 ?00:05:36 /usr/bin/Xwayland :0 -rootless -noreset -accessx -core -auth /run/user/1001/.mutter-Xwaylandauth.5ZZYM1 -listen 4 -listen 5 -displayfd 6 -initfd 7 ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: xorg 1:7.7+23ubuntu2 ProcVersionSignature: Ubuntu 5.15.0-35.36-generic 5.15.35 Uname: Linux 5.15.0-35-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.1 Architecture: amd64 BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log' CasperMD5CheckResult: pass CompizPlugins: No value set for `/apps/compiz-1/general/screen0/options/active_plugins' CompositorRunning: None CurrentDesktop: ubuntu:GNOME Date: Mon Jun 6 06:40:48 2022 DistUpgraded: Fresh install DistroCodename: jammy DistroVariant: ubuntu ExtraDebuggingInterest: Yes GraphicsCard: Intel Corporation TigerLake-LP GT2 [Iris Xe Graphics] [8086:9a49] (rev 01) (prog-if 00 [VGA controller]) Subsystem: Dell TigerLake-LP GT2 [Iris Xe Graphics] [1028:0991] InstallationDate: Installed on 2021-10-02 (246 days ago) InstallationMedia: Ubuntu 21.04 "Hirsute Hippo" - Release amd64 (20210420) MachineType: Dell Inc. XPS 13 9310 ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.15.0-35-generic root=UUID=c737013a-1cc7-494f-a1b7-a6efce6f09f7 ro quiet splash vt.handoff=7 SourcePackage: xorg Symptom: display UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 03/17/2022 dmi.bios.release: 3.6 dmi.bios.vendor: Dell Inc. dmi.bios.version: 3.6.0 dmi.board.name: 0MK6WC dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 10 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvr3.6.0:bd03/17/2022:br3.6:svnDellInc.:pnXPS139310:pvr:rvnDellInc.:rn0MK6WC:rvrA00:cvnDellInc.:ct10:cvr:sku0991: dmi.product.family: XPS dmi.product.name: XPS 13 9310 dmi.product.sku: 0991 dmi.sys.vendor: Dell Inc. version.compiz: compiz N/A version.libdrm2: libdrm2 2.4.110-1ubuntu1 version.libgl1-mesa-dri: libgl1-mesa-dri 22.0.1-1ubuntu2 version.libgl1-mesa-glx: libgl1-mesa-glx N/A version.xserver-xorg-core: xserver-xorg-core 2:21.1.3-2ubuntu2 version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-2build3 version.xserver-xorg-video-intel: xserver-xorg-video-intel 2:2.99.917+git20210115-1 version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.17-2build1 ** Affects: xorg (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug jammy ubuntu wayland-session -- apport-bug thinks it's running on Xorg https://bugs.launchpad.net/bugs/1977748 You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to xorg in Ubuntu. -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1959993] Re: SRU of LXC 4.0.12 to focal (upstream bugfix release)
This bug was fixed in the package lxc - 1:4.0.12-0ubuntu1~20.04.1 --- lxc (1:4.0.12-0ubuntu1~20.04.1) focal; urgency=medium * Cherry-pick upstream bugfixes (stable-4.0): - 0002-lxc-checkconfig-Fix-bashism.patch - 0003-doc-Fix-reverse-allowlist-denylist.patch * New upstream bugfix release (4.0.12) (LP: #1959993): (https://discuss.linuxcontainers.org/t/lxc-4-0-12-has-been-released/13288) - Fixed CRIU restoration of containers with pre-created veth interfaces - Fixed issue with kernels lacking SMT support - Extended cgroup2 config options in lxc.mount.auto (cgroup2) - lxc-download now relies on HTTPS for validation (avoids GPG issues) * New upstream bugfix release (4.0.11): (https://discuss.linuxcontainers.org/t/lxc-4-0-11-has-been-released/12427) - Core scheduling support (lxc.sched.core) - riscv64 support in lxc.arch - Significantly improved bash completion profile - Greater use of the new VFS mount API (when supported by the kernel) - Fix containers with empty network namespaces - Handle kernels that lack TIOCGPTPEER - Improve CPU bitmask/id handling (handle skipped CPU numbers) - Reworked the tests to run offline * New upstream bugfix release (4.0.10): (https://discuss.linuxcontainers.org/t/lxc-4-0-10-has-been-released/11618) - Fix issues with less common architectures - Support for additional idmap mounts - nft support in lxc-net - Cleaner mount entries for sys:mixed - Switched GPG server to keyserver.ubuntu.com * New upstream bugfix release (4.0.9): (https://discuss.linuxcontainers.org/t/lxc-4-0-9-has-been-released/10999) - Fix incorrect personality setting when running 32bit containers on 64bit * New upstream bugfix release (4.0.8): - Fix CGroup attach against older running containers * New upstream bugfix release (4.0.7): - Testing improvements including fixes from oss-fuzz - Rework of the attach codepath - Cgroup handling rework * Bump to debhelper 12 (allows focal SRUs) * Bump standards to 4.6.0.1 * Add lintian overrides for incorrect bashism detection * Remove bash completion install logic (now done upstream) -- Stéphane Graber Thu, 03 Feb 2022 23:50:20 -0500 ** Changed in: lxc (Ubuntu Focal) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1959993 Title: SRU of LXC 4.0.12 to focal (upstream bugfix release) Status in lxc package in Ubuntu: In Progress Status in lxc source package in Focal: Fix Released Status in lxc source package in Impish: Fix Released Bug description: LXC released 4.0.12 as a bugfix release and is now in jammy. We'd like to line things up in focal. [Impact] The proposed SRU will bump from 4.0.6 all the way to 4.0.12, lining it up with what's currently in jammy. We've been skipping a few of the bugfix releases in focal so far, mostly catching up when we're starting to see problems with the older version. In this case, we've seen a number of issues when running with the HWE kernels as well as autopkgtest issues on foreign architectures (arm64 and s390x), all those will go away with this bump as we've confirmed everything is clean in jammy. Changelog: * Cherry-pick upstream bugfixes (stable-4.0): - 0002-lxc-checkconfig-Fix-bashism.patch - 0003-doc-Fix-reverse-allowlist-denylist.patch * New upstream bugfix release (4.0.12): (https://discuss.linuxcontainers.org/t/lxc-4-0-12-has-been-released/13288) - Fixed CRIU restoration of containers with pre-created veth interfaces - Fixed issue with kernels lacking SMT support - Extended cgroup2 config options in lxc.mount.auto (cgroup2) - lxc-download now relies on HTTPS for validation (avoids GPG issues) * New upstream bugfix release (4.0.11): (https://discuss.linuxcontainers.org/t/lxc-4-0-11-has-been-released/12427) - Core scheduling support (lxc.sched.core) - riscv64 support in lxc.arch - Significantly improved bash completion profile - Greater use of the new VFS mount API (when supported by the kernel) - Fix containers with empty network namespaces - Handle kernels that lack TIOCGPTPEER - Improve CPU bitmask/id handling (handle skipped CPU numbers) - Reworked the tests to run offline * New upstream bugfix release (4.0.10): (https://discuss.linuxcontainers.org/t/lxc-4-0-10-has-been-released/11618) - Fix issues with less common architectures - Support for additional idmap mounts - nft support in lxc-net - Cleaner mount entries for sys:mixed - Switched GPG server to keyserver.ubuntu.com * New upstream bugfix release (4.0.9): (https://discuss.linuxcontainers.org/t/lxc-4-0-9-has-been-released/10999) - Fix incorrect personality
[Touch-packages] [Bug 1962453] Re: Apply default TTL to records obtained from getaddrinfo()
This bug was fixed in the package keyutils - 1.6-6ubuntu1.1 --- keyutils (1.6-6ubuntu1.1) focal; urgency=medium * d/p/apply-default-ttl-to-records.patch: Add patch to apply default TTL to records obtained from getaddrinfo(). (LP: #1962453) -- Utkarsh Gupta Fri, 27 May 2022 14:33:22 +0530 ** Changed in: keyutils (Ubuntu Focal) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to keyutils in Ubuntu. https://bugs.launchpad.net/bugs/1962453 Title: Apply default TTL to records obtained from getaddrinfo() Status in keyutils package in Ubuntu: Fix Released Status in keyutils source package in Bionic: Fix Released Status in keyutils source package in Focal: Fix Released Status in keyutils source package in Impish: Fix Released Status in keyutils source package in Jammy: Fix Released Bug description: [Impact] There's a strong dependency for cifs.ko (and nfs.ko) on keyutils for DNS resolution. The keyutils package contains the userspace utility to update the kernel keyring with the DNS mapping to IP address. Prior to 1.6.2, this utility may erroneously set unlimited lifetime for this keyring in the kernel. [Test plan] === 1. Create a file share on an SMB server (can be a samba server) with two IP addresses. Make sure that FQDN of the server resolves to one of these addresses. 2. mount the created share on the cifs client using the FQDN for the server. Make sure that the mount point is accessible. 3. Using the ss command on the client, to kill the sockets that connect to the server: sudo ss -K dport :445 4. Now update the DNS entry to make sure that the server FQDN now resolves to the second IP address of the server. Make sure that nslookup on the client now resolves to the new IP address. 5. Repeat step 3 to kill the sockets that connect to server to force re-connection again. Without the fix, after step 5, with the "ss -t" command, you'll see that the client has reconnected to the old IP address, even when DNS lookups return the new IP. With the fix (after a reboot of the client machine to make sure that kernel keys are refreshed), you'll see that the client reconnects to the new IP address. The bug is due to unlimited lifetime set by key.dns_resolver (which is part of keyutils package). As a result, even if IP address for the DNS entries change, the kernel filesystems would continue to use old IP address, due to the cached keys. This issue causes clients to misbehave when Azure Files service endpoints move to a different cluster. [Where problems could occur] Address records obtained from getaddrinfo() don't come with any TTL information, even if they're obtained from the DNS, so if someone is relying on this particularly, might face some problem/regression but I don't think they would face that as it would still be highly configurable. [Other information] === This request is essentially from one of our cloud partners and they're highly affected by this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/keyutils/+bug/1962453/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1959993] Re: SRU of LXC 4.0.12 to focal (upstream bugfix release)
This bug was fixed in the package lxc - 1:4.0.12-0ubuntu1~21.10.1 --- lxc (1:4.0.12-0ubuntu1~21.10.1) impish; urgency=medium * Cherry-pick upstream bugfixes (stable-4.0): - 0002-lxc-checkconfig-Fix-bashism.patch - 0003-doc-Fix-reverse-allowlist-denylist.patch * New upstream bugfix release (4.0.12) (LP: #1959993): (https://discuss.linuxcontainers.org/t/lxc-4-0-12-has-been-released/13288) - Fixed CRIU restoration of containers with pre-created veth interfaces - Fixed issue with kernels lacking SMT support - Extended cgroup2 config options in lxc.mount.auto (cgroup2) - lxc-download now relies on HTTPS for validation (avoids GPG issues) * New upstream bugfix release (4.0.11): (https://discuss.linuxcontainers.org/t/lxc-4-0-11-has-been-released/12427) - Core scheduling support (lxc.sched.core) - riscv64 support in lxc.arch - Significantly improved bash completion profile - Greater use of the new VFS mount API (when supported by the kernel) - Fix containers with empty network namespaces - Handle kernels that lack TIOCGPTPEER - Improve CPU bitmask/id handling (handle skipped CPU numbers) - Reworked the tests to run offline * New upstream bugfix release (4.0.10): (https://discuss.linuxcontainers.org/t/lxc-4-0-10-has-been-released/11618) - Fix issues with less common architectures - Support for additional idmap mounts - nft support in lxc-net - Cleaner mount entries for sys:mixed - Switched GPG server to keyserver.ubuntu.com * New upstream bugfix release (4.0.9): (https://discuss.linuxcontainers.org/t/lxc-4-0-9-has-been-released/10999) - Fix incorrect personality setting when running 32bit containers on 64bit * New upstream bugfix release (4.0.8): - Fix CGroup attach against older running containers * New upstream bugfix release (4.0.7): - Testing improvements including fixes from oss-fuzz - Rework of the attach codepath - Cgroup handling rework * Bump to debhelper 12 (allows focal SRUs) * Bump standards to 4.6.0.1 * Add lintian overrides for incorrect bashism detection * Remove bash completion install logic (now done upstream) -- Stéphane Graber Thu, 03 Feb 2022 23:50:20 -0500 ** Changed in: lxc (Ubuntu Impish) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1959993 Title: SRU of LXC 4.0.12 to focal (upstream bugfix release) Status in lxc package in Ubuntu: In Progress Status in lxc source package in Focal: Fix Committed Status in lxc source package in Impish: Fix Released Bug description: LXC released 4.0.12 as a bugfix release and is now in jammy. We'd like to line things up in focal. [Impact] The proposed SRU will bump from 4.0.6 all the way to 4.0.12, lining it up with what's currently in jammy. We've been skipping a few of the bugfix releases in focal so far, mostly catching up when we're starting to see problems with the older version. In this case, we've seen a number of issues when running with the HWE kernels as well as autopkgtest issues on foreign architectures (arm64 and s390x), all those will go away with this bump as we've confirmed everything is clean in jammy. Changelog: * Cherry-pick upstream bugfixes (stable-4.0): - 0002-lxc-checkconfig-Fix-bashism.patch - 0003-doc-Fix-reverse-allowlist-denylist.patch * New upstream bugfix release (4.0.12): (https://discuss.linuxcontainers.org/t/lxc-4-0-12-has-been-released/13288) - Fixed CRIU restoration of containers with pre-created veth interfaces - Fixed issue with kernels lacking SMT support - Extended cgroup2 config options in lxc.mount.auto (cgroup2) - lxc-download now relies on HTTPS for validation (avoids GPG issues) * New upstream bugfix release (4.0.11): (https://discuss.linuxcontainers.org/t/lxc-4-0-11-has-been-released/12427) - Core scheduling support (lxc.sched.core) - riscv64 support in lxc.arch - Significantly improved bash completion profile - Greater use of the new VFS mount API (when supported by the kernel) - Fix containers with empty network namespaces - Handle kernels that lack TIOCGPTPEER - Improve CPU bitmask/id handling (handle skipped CPU numbers) - Reworked the tests to run offline * New upstream bugfix release (4.0.10): (https://discuss.linuxcontainers.org/t/lxc-4-0-10-has-been-released/11618) - Fix issues with less common architectures - Support for additional idmap mounts - nft support in lxc-net - Cleaner mount entries for sys:mixed - Switched GPG server to keyserver.ubuntu.com * New upstream bugfix release (4.0.9): (https://discuss.linuxcontainers.org/t/lxc-4-0-9-has-been-released/10999) - Fix incorrect
[Touch-packages] [Bug 1959993] Update Released
The verification of the Stable Release Update for lxc has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to lxc in Ubuntu. https://bugs.launchpad.net/bugs/1959993 Title: SRU of LXC 4.0.12 to focal (upstream bugfix release) Status in lxc package in Ubuntu: In Progress Status in lxc source package in Focal: Fix Committed Status in lxc source package in Impish: Fix Released Bug description: LXC released 4.0.12 as a bugfix release and is now in jammy. We'd like to line things up in focal. [Impact] The proposed SRU will bump from 4.0.6 all the way to 4.0.12, lining it up with what's currently in jammy. We've been skipping a few of the bugfix releases in focal so far, mostly catching up when we're starting to see problems with the older version. In this case, we've seen a number of issues when running with the HWE kernels as well as autopkgtest issues on foreign architectures (arm64 and s390x), all those will go away with this bump as we've confirmed everything is clean in jammy. Changelog: * Cherry-pick upstream bugfixes (stable-4.0): - 0002-lxc-checkconfig-Fix-bashism.patch - 0003-doc-Fix-reverse-allowlist-denylist.patch * New upstream bugfix release (4.0.12): (https://discuss.linuxcontainers.org/t/lxc-4-0-12-has-been-released/13288) - Fixed CRIU restoration of containers with pre-created veth interfaces - Fixed issue with kernels lacking SMT support - Extended cgroup2 config options in lxc.mount.auto (cgroup2) - lxc-download now relies on HTTPS for validation (avoids GPG issues) * New upstream bugfix release (4.0.11): (https://discuss.linuxcontainers.org/t/lxc-4-0-11-has-been-released/12427) - Core scheduling support (lxc.sched.core) - riscv64 support in lxc.arch - Significantly improved bash completion profile - Greater use of the new VFS mount API (when supported by the kernel) - Fix containers with empty network namespaces - Handle kernels that lack TIOCGPTPEER - Improve CPU bitmask/id handling (handle skipped CPU numbers) - Reworked the tests to run offline * New upstream bugfix release (4.0.10): (https://discuss.linuxcontainers.org/t/lxc-4-0-10-has-been-released/11618) - Fix issues with less common architectures - Support for additional idmap mounts - nft support in lxc-net - Cleaner mount entries for sys:mixed - Switched GPG server to keyserver.ubuntu.com * New upstream bugfix release (4.0.9): (https://discuss.linuxcontainers.org/t/lxc-4-0-9-has-been-released/10999) - Fix incorrect personality setting when running 32bit containers on 64bit * New upstream bugfix release (4.0.8): - Fix CGroup attach against older running containers * New upstream bugfix release (4.0.7): - Testing improvements including fixes from oss-fuzz - Rework of the attach codepath - Cgroup handling rework * Bump to debhelper 12 (allows focal SRUs) * Bump standards to 4.6.0.1 * Add lintian overrides for incorrect bashism detection * Remove bash completion install logic (now done upstream) Just like Ubuntu itself, upstream releases long term support releases, e.g. 4.0, and then periodic point releases including all the accumulated bugfixes. Only the latest upstream release gets full support from the upstream developers, everyone else is expected to first update to it before receiving any kind of support. This should qualify under the minor/micro upstream bugfix release allowance of the SRU policy, letting us SRU this without paperwork for every single change included in this upstream release. [Test Plan] lxc has autopkgtests which will assert that the binaries built in -proposed are functional. [Where problems could occur] This is catching up a fair bit on recent kernel API changes, including cgroup1/cgroup2 support, handling of nftables, riscv64 and core scheduling which were all needed to properly handle the most recent HWE kernels especially as we're getting ready for Ubuntu 22.04's 5.15 to get pushed to focal. We've had all that code running on well over a million of LXD snap users for a few months now without seeing any issues (or more precisely, those issues we found have been all been resolved as of 4.0.12). However what LXD exercises isn't 100% of LXC and it's certainly possible that we missed a corner case in one of those changes. The good news is that this would
[Touch-packages] [Bug 1962453] Re: Apply default TTL to records obtained from getaddrinfo()
This bug was fixed in the package keyutils - 1.6.1-2ubuntu2.1 --- keyutils (1.6.1-2ubuntu2.1) impish; urgency=medium * d/p/apply-default-ttl-to-records.patch: Add patch to apply default TTL to records obtained from getaddrinfo(). (LP: #1962453) -- Utkarsh Gupta Fri, 27 May 2022 14:54:36 +0530 ** Changed in: keyutils (Ubuntu Impish) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to keyutils in Ubuntu. https://bugs.launchpad.net/bugs/1962453 Title: Apply default TTL to records obtained from getaddrinfo() Status in keyutils package in Ubuntu: Fix Released Status in keyutils source package in Bionic: Fix Released Status in keyutils source package in Focal: Fix Committed Status in keyutils source package in Impish: Fix Released Status in keyutils source package in Jammy: Fix Released Bug description: [Impact] There's a strong dependency for cifs.ko (and nfs.ko) on keyutils for DNS resolution. The keyutils package contains the userspace utility to update the kernel keyring with the DNS mapping to IP address. Prior to 1.6.2, this utility may erroneously set unlimited lifetime for this keyring in the kernel. [Test plan] === 1. Create a file share on an SMB server (can be a samba server) with two IP addresses. Make sure that FQDN of the server resolves to one of these addresses. 2. mount the created share on the cifs client using the FQDN for the server. Make sure that the mount point is accessible. 3. Using the ss command on the client, to kill the sockets that connect to the server: sudo ss -K dport :445 4. Now update the DNS entry to make sure that the server FQDN now resolves to the second IP address of the server. Make sure that nslookup on the client now resolves to the new IP address. 5. Repeat step 3 to kill the sockets that connect to server to force re-connection again. Without the fix, after step 5, with the "ss -t" command, you'll see that the client has reconnected to the old IP address, even when DNS lookups return the new IP. With the fix (after a reboot of the client machine to make sure that kernel keys are refreshed), you'll see that the client reconnects to the new IP address. The bug is due to unlimited lifetime set by key.dns_resolver (which is part of keyutils package). As a result, even if IP address for the DNS entries change, the kernel filesystems would continue to use old IP address, due to the cached keys. This issue causes clients to misbehave when Azure Files service endpoints move to a different cluster. [Where problems could occur] Address records obtained from getaddrinfo() don't come with any TTL information, even if they're obtained from the DNS, so if someone is relying on this particularly, might face some problem/regression but I don't think they would face that as it would still be highly configurable. [Other information] === This request is essentially from one of our cloud partners and they're highly affected by this. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/keyutils/+bug/1962453/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1971712] Update Released
The verification of the Stable Release Update for mesa has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to mesa in Ubuntu. https://bugs.launchpad.net/bugs/1971712 Title: Add support for Intel DG2 Status in linux-oem-5.17 package in Ubuntu: Invalid Status in mesa package in Ubuntu: Fix Released Status in linux-oem-5.17 source package in Jammy: Fix Committed Status in mesa source package in Jammy: Fix Released Bug description: [Impact] Ubuntu 22.04 does not support Intel DG2-based hw which is released later this year. [Fix] Mesa: needs a bunch of patches backported to 22.0.x, will be upstream in 22.1 or 22.2 kernel: use a dkms provided by Intel and integrated in the OEM kernel source, the module will be shipped in a separate modules package [Test case] Boot a system with a DG2-based GPU, check that native graphics drivers are used. Test mesa also on gen9-gen12 GPU's to verify that there are no regressions even though the backports are for DG2. [What could go wrong] The Mesa patches are only for DG2 support, should not affect other hardware at all. The kernel driver is in a separate package which isn't installed by default except preinstall machines with this hardware. So other users are not affected. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-oem-5.17/+bug/1971712/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1971712] Re: Add support for Intel DG2
This bug was fixed in the package mesa - 22.0.1-1ubuntu2.1 --- mesa (22.0.1-1ubuntu2.1) jammy; urgency=medium * Add patches to support Intel DG2. (LP: #1971712) -- Timo Aaltonen Mon, 09 May 2022 13:44:31 +0300 ** Changed in: mesa (Ubuntu Jammy) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to mesa in Ubuntu. https://bugs.launchpad.net/bugs/1971712 Title: Add support for Intel DG2 Status in linux-oem-5.17 package in Ubuntu: Invalid Status in mesa package in Ubuntu: Fix Released Status in linux-oem-5.17 source package in Jammy: Fix Committed Status in mesa source package in Jammy: Fix Released Bug description: [Impact] Ubuntu 22.04 does not support Intel DG2-based hw which is released later this year. [Fix] Mesa: needs a bunch of patches backported to 22.0.x, will be upstream in 22.1 or 22.2 kernel: use a dkms provided by Intel and integrated in the OEM kernel source, the module will be shipped in a separate modules package [Test case] Boot a system with a DG2-based GPU, check that native graphics drivers are used. Test mesa also on gen9-gen12 GPU's to verify that there are no regressions even though the backports are for DG2. [What could go wrong] The Mesa patches are only for DG2 support, should not affect other hardware at all. The kernel driver is in a separate package which isn't installed by default except preinstall machines with this hardware. So other users are not affected. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-oem-5.17/+bug/1971712/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1977751] [NEW] Merge ust from Debian for 22.10
Public bug reported: New minor upstream release available: 2.13.3-1 2022-06-03 (National Repeat Day) (National Repeat Day) lttng-ust 2.13.3 * Document ust lock async-signal-safety * Fix: don't use strerror() from ust lock nocheck * Fix: remove non-async-signal-safe fflush from ERR() * Fix: Pointers are rejected by integer element compile time assertion for array and sequence * Fix: statedump: invalid read during iter_end * Fix: bytecode interpreter context_get_index() leaves byte order uninitialized ust (2.13.3-1) unstable; urgency=medium * [92abdd1] New upstream version 2.13.3 -- Michael Jeanson Fri, 03 Jun 2022 16:37:11 -0400 ** Affects: ust (Ubuntu) Importance: Undecided Assignee: Andreas Hasenack (ahasenack) Status: New ** Tags: needs-merge ** Changed in: ust (Ubuntu) Assignee: (unassigned) => Andreas Hasenack (ahasenack) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ust in Ubuntu. https://bugs.launchpad.net/bugs/1977751 Title: Merge ust from Debian for 22.10 Status in ust package in Ubuntu: New Bug description: New minor upstream release available: 2.13.3-1 2022-06-03 (National Repeat Day) (National Repeat Day) lttng-ust 2.13.3 * Document ust lock async-signal-safety * Fix: don't use strerror() from ust lock nocheck * Fix: remove non-async-signal-safe fflush from ERR() * Fix: Pointers are rejected by integer element compile time assertion for array and sequence * Fix: statedump: invalid read during iter_end * Fix: bytecode interpreter context_get_index() leaves byte order uninitialized ust (2.13.3-1) unstable; urgency=medium * [92abdd1] New upstream version 2.13.3 -- Michael Jeanson Fri, 03 Jun 2022 16:37:11 -0400 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ust/+bug/1977751/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1958019]
Sure. songine@DEBIAN-DUET2021:~$ sudo lshw debian-duet2021 description: Detachable product: 82MA (LENOVO_MT_82MA_BU_idea_FM_Yoga DuetITL 2021) vendor: LENOVO version: Yoga DuetITL 2021 serial: YX027470 width: 64 bits capabilities: smbios-3.3.0 dmi-3.3.0 smp vsyscall32 (In reply to Cameron Berkenpas from comment #629) > Songine, > > Can you provide more info about your specific model? You should be able > to get that from running "lshw". > > For the top of my output, I get: > version: Legion 7 16ITHg6 > > On 6/4/22 17:46, bugzilla-dae...@kernel.org wrote: > > https://bugzilla.kernel.org/show_bug.cgi?id=208555 > > > > --- Comment #628 from Songine (donglingluoy...@gmail.com) --- > > Yeah, both the speaker and headphones work fine with correct channel. > > > > And still work after resuming from suspend/hibernate. > > > > Also fine after hotplug events, whatever it is playing or not. > > > > Thanks for your patch a lot! > > > > (In reply to Cameron Berkenpas from comment #627) > >> Great! > >> > >> Some probably silly questions: > >> 1) Do both speakers work? Do you get left channel sound out of the left > >> speaker and right channel sound out of the right speaker? > >> > >> 2) After resuming from suspend/hibernate, does your sound still work? > >> > >> 3) What if you insert headphones and remove them? Does sound still work? > >> Try removing the headphones both while sound is not playing and while > >> it's not. > >> > >> Given that this old quirk works for your laptop, I think all of the > >> above will be fine and I can work toward getting this submitted. > >> > >> > >> On 6/3/2022 5:34 PM, bugzilla-dae...@kernel.org wrote: > >>> https://bugzilla.kernel.org/show_bug.cgi?id=208555 > >>> > >>> --- Comment #626 from Songine (donglingluoy...@gmail.com) --- > >>> (In reply to Cameron Berkenpas from comment #625) > Did you test this yourself? > > On 6/3/22 00:11, bugzilla-dae...@kernel.org wrote: > > https://bugzilla.kernel.org/show_bug.cgi?id=208555 > > > > Songine (donglingluoy...@gmail.com) changed: > > > > What|Removed |Added > > > >> > > > CC| > > |donglingluoy...@gmail.com > > > > --- Comment #624 from Songine (donglingluoy...@gmail.com) --- > > (In reply to Cameron Berkenpas from comment #429) > >> Created attachment 298789 [details] > >> linux-legion-sound-0.0.13.patch > >> > >> auto mute is now properly disabled as per Takashi's suggestion. > >> > >> This patch is against the latest Linus tree, but applies against > 5.14.3 > just > >> fine. > >> > >> This patch includes the presumptive commit message and credit given to > >> various people. > >> > >> Going through the Linux commit log, it seems full names and email > addresses > >> aren't needed, so I have a thank you list in the patch with the > >> following: > >> Andreas Holzer, Vincent Morel, sycxyc, Max Christian Pohle > >> > >> If you want to be mentioned (or if you know of someone who you think > >> that > >> should be included), please let me know! > >> > >> Here's a link to the patch submission: > >> > >> > https://mailman.alsa-project.org/pipermail/alsa-devel/2021-September/189698. > >> html > > Hello, there is a device could use the patch, could you help me add it > to > the > > patch file? > > > > SND_PCI_QUIRK(0x17aa, 0x3802, "Lenovo Yoga DuetITL 2021", > > ALC287_FIXUP_YOGA7_14ITL_SPEAKERS), > > > >>> Yes, tested, and I am enjoging my speaker now.�[U+1F603]� > >>> -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1958019 Title: [Lenovo Legion7 16ACHg6 82N6, Realtek ALC287, Speaker, Internal] No sound at all Status in sound-2.6 (alsa-kernel): Confirmed Status in alsa-driver package in Ubuntu: Confirmed Bug description: On my Lenovo Legion-7-16ACHg6 laptop I can't hear any sound by internal speakers, but it work by headphones connected to standard jack aux. uname -r 5.11.0-44-generic ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: alsa-base 1.0.25+dfsg-0ubuntu5 ProcVersionSignature: Ubuntu 5.11.0-44.48~20.04.2-generic 5.11.22 Uname: Linux 5.11.0-44-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu27.21 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC2: i3draven 1266 F pulseaudio /dev/snd/controlC0: i3draven 1266 F pulseaudio /dev/snd/controlC1: i3draven 1266 F pulseaudio /dev/snd/pcmC1D0p: i3draven 1266 F...m pulseaudio CasperMD5CheckResult: skip CurrentDesktop:
[Touch-packages] [Bug 1958019]
Songine, Can you provide more info about your specific model? You should be able to get that from running "lshw". For the top of my output, I get: version: Legion 7 16ITHg6 On 6/4/22 17:46, bugzilla-dae...@kernel.org wrote: > https://bugzilla.kernel.org/show_bug.cgi?id=208555 > > --- Comment #628 from Songine (donglingluoy...@gmail.com) --- > Yeah, both the speaker and headphones work fine with correct channel. > > And still work after resuming from suspend/hibernate. > > Also fine after hotplug events, whatever it is playing or not. > > Thanks for your patch a lot! > > (In reply to Cameron Berkenpas from comment #627) >> Great! >> >> Some probably silly questions: >> 1) Do both speakers work? Do you get left channel sound out of the left >> speaker and right channel sound out of the right speaker? >> >> 2) After resuming from suspend/hibernate, does your sound still work? >> >> 3) What if you insert headphones and remove them? Does sound still work? >> Try removing the headphones both while sound is not playing and while >> it's not. >> >> Given that this old quirk works for your laptop, I think all of the >> above will be fine and I can work toward getting this submitted. >> >> >> On 6/3/2022 5:34 PM, bugzilla-dae...@kernel.org wrote: >>> https://bugzilla.kernel.org/show_bug.cgi?id=208555 >>> >>> --- Comment #626 from Songine (donglingluoy...@gmail.com) --- >>> (In reply to Cameron Berkenpas from comment #625) Did you test this yourself? On 6/3/22 00:11, bugzilla-dae...@kernel.org wrote: > https://bugzilla.kernel.org/show_bug.cgi?id=208555 > > Songine (donglingluoy...@gmail.com) changed: > > What|Removed |Added > >> > CC| > |donglingluoy...@gmail.com > > --- Comment #624 from Songine (donglingluoy...@gmail.com) --- > (In reply to Cameron Berkenpas from comment #429) >> Created attachment 298789 [details] >> linux-legion-sound-0.0.13.patch >> >> auto mute is now properly disabled as per Takashi's suggestion. >> >> This patch is against the latest Linus tree, but applies against 5.14.3 just >> fine. >> >> This patch includes the presumptive commit message and credit given to >> various people. >> >> Going through the Linux commit log, it seems full names and email addresses >> aren't needed, so I have a thank you list in the patch with the >> following: >> Andreas Holzer, Vincent Morel, sycxyc, Max Christian Pohle >> >> If you want to be mentioned (or if you know of someone who you think >> that >> should be included), please let me know! >> >> Here's a link to the patch submission: >> >> https://mailman.alsa-project.org/pipermail/alsa-devel/2021-September/189698. >> html > Hello, there is a device could use the patch, could you help me add it to the > patch file? > > SND_PCI_QUIRK(0x17aa, 0x3802, "Lenovo Yoga DuetITL 2021", > ALC287_FIXUP_YOGA7_14ITL_SPEAKERS), > >>> Yes, tested, and I am enjoging my speaker now.�[U+1F603]� >>> -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1958019 Title: [Lenovo Legion7 16ACHg6 82N6, Realtek ALC287, Speaker, Internal] No sound at all Status in sound-2.6 (alsa-kernel): Confirmed Status in alsa-driver package in Ubuntu: Confirmed Bug description: On my Lenovo Legion-7-16ACHg6 laptop I can't hear any sound by internal speakers, but it work by headphones connected to standard jack aux. uname -r 5.11.0-44-generic ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: alsa-base 1.0.25+dfsg-0ubuntu5 ProcVersionSignature: Ubuntu 5.11.0-44.48~20.04.2-generic 5.11.22 Uname: Linux 5.11.0-44-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu27.21 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC2: i3draven 1266 F pulseaudio /dev/snd/controlC0: i3draven 1266 F pulseaudio /dev/snd/controlC1: i3draven 1266 F pulseaudio /dev/snd/pcmC1D0p: i3draven 1266 F...m pulseaudio CasperMD5CheckResult: skip CurrentDesktop: ubuntu:GNOME Date: Sat Jan 15 15:10:53 2022 InstallationDate: Installed on 2021-10-11 (96 days ago) InstallationMedia: Ubuntu 20.04.3 LTS "Focal Fossa" - Release amd64 (20210819) PackageArchitecture: all SourcePackage: alsa-driver Symptom: audio Symptom_AlsaPlaybackTest: ALSA playback test through plughw:Generic failed Symptom_Card: Family 17h (Models 10h-1fh) HD Audio Controller - HD-Audio Generic Symptom_DevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC2: i3draven 1266 F pulseaudio /dev/snd/controlC0:
[Touch-packages] [Bug 1965563] Re: gnome-extensions-app fails to start [Error reading events from display: Protocol error]
I report also this bug, which seams to be related to nvidia on Wayland. I made few test on my hybrid graphic laptop (Dell xps with GTX1050 Ti ): - Fresh Ubuntu install on Wayland (no nvidia driver): OK. - With Nvidia 510 driver, on-demand profile set, login Xorg: OK. - With Nvidia 510 driver, on-demand profile set, login with Wayland: FAILED. I got this error: Gdk-Message: 12:20:26.270: Error 71 (Protocol error) dispatching to Wayland display. I got similar result also with Nvidia profile set instead of on-demand. - With Nvidia 510 driver, INTEL profile set, login with Wayland: OK. With Flatpak app (NVIDIA/Wayland): - Install gnome-extensions with flatpak run org.gnome.Extensions: The app start BUT you I can’t access to the extensions settings. The sub-windows can’t open, I got this in logs when I press “setting” button of an listed extension: Sender gnome-shell, WL: error in client communication (pid 16887) Sender: gjs ,Error reading events from display: Protocol error Sender gnome-shell, Window manager warning: Ping serial 2322697 was reused for window W118, previous use was for window W111. -I also test another similar app on flatpak call com.mattjakeman.ExtensionManager: The app start but when trying to open extensions settings, the sub-windows does not open and I got this logs too: Sender: gjs, Error flushing display: Protocol error Sender gnome-shell, WL: error in client communication (pid 17125) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to mesa in Ubuntu. https://bugs.launchpad.net/bugs/1965563 Title: gnome-extensions-app fails to start [Error reading events from display: Protocol error] Status in gnome-shell package in Ubuntu: Confirmed Status in mesa package in Ubuntu: Confirmed Bug description: $ dpkg-query -W gnome-shell-extension-prefs gnome-shell-extension-prefs 42~beta-1ubuntu3 $ gnome-extensions-app Gdk-Message: 17:54:19.697: Error reading events from display: Protocol error Caveat: I currently have a mix of packages from jammy-release and jammy-proposed. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnome-shell/+bug/1965563/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1977710] [NEW] /etc/adduser.conf.dpkg-save created by postinst since 3.121ubuntu1
Public bug reported: Since version 3.121ubuntu1 adduser's postinst script creates /etc/adduser.conf.dpkg-save file on debootstrap's root filesystem, that is, even when /etc/adduser.conf doesn't exist prior to package installation. Because of the change below the postinst script changes packaged /etc/adduser.conf and creates /etc/adduser.conf.dpkg-save as a backup: - Enable private home directories by default (LP: #48734) + Set DIR_MODE=0750 in the default adduser.conf + Change the description and default value to select private home directories by default in debconf template + Change the DIR_MODE when private home directories is configured via debconf from 0751 to 0750 to ensure files are truly private The .dpkg-save file shouldn't be present on debootstrapped system. ** Affects: adduser (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to adduser in Ubuntu. https://bugs.launchpad.net/bugs/1977710 Title: /etc/adduser.conf.dpkg-save created by postinst since 3.121ubuntu1 Status in adduser package in Ubuntu: New Bug description: Since version 3.121ubuntu1 adduser's postinst script creates /etc/adduser.conf.dpkg-save file on debootstrap's root filesystem, that is, even when /etc/adduser.conf doesn't exist prior to package installation. Because of the change below the postinst script changes packaged /etc/adduser.conf and creates /etc/adduser.conf.dpkg-save as a backup: - Enable private home directories by default (LP: #48734) + Set DIR_MODE=0750 in the default adduser.conf + Change the description and default value to select private home directories by default in debconf template + Change the DIR_MODE when private home directories is configured via debconf from 0751 to 0750 to ensure files are truly private The .dpkg-save file shouldn't be present on debootstrapped system. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/adduser/+bug/1977710/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
