date:20231024

** Also affects: libpam-mount (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to pam in Ubuntu.
https://bugs.launchpad.net/bugs/2040281

Title:
  mkhomedir and pam_mount incompatibility

Status in libpam-mount package in Ubuntu:
  New
Status in pam package in Ubuntu:
  New

Bug description:
  Hello
  I have use realm to join a domain without difficulty and use
  pam-auth-update --enable mkhomedir, as suggest by the documentation
  The problem is, when a new user log into the system, the content of /etc/skel 
is not copy into the new home directory, even if Download Desktop are 
created.
  Adduser work normally and the homedirectory is created fine.
  The problem come from the additional pam module pam_mount, in my case this 
one try to mount a shared ressource in the homedir of the user.
  By default in /etc/pam.d/common.session pam_mount is called before 
pam_mkhomedir.so.
  If I deplace the pam_mkhomedir line before the pam_mount everything is 
working fine

  
  Thanks for your attention

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libpam-mount/+bug/2040281/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2040292] [NEW] network-manager SRU flags system for restart required but also restarted the service

Public bug reported:

After applying the network-manager SRU in mantic, I get a notification
that a system restart is required to fully apply updates.

This immediately raised a question, because I KNOW my network connection
was restarted when the SRU was installed (I have a VPN that did not
auto-reconnect).

And I checked the state of the process - it was definitely restarted and
is running from the binary currently on disk.

The network-manager postinst has the following code:

# request a reboot (NM tears down interfaces on restart
# which is not the way we want to go)
[ -x /usr/share/update-notifier/notify-reboot-required ] && \
/usr/share/update-notifier/notify-reboot-required

But the service restart is also happening. debian/rules currently has:

override_dh_installsystemd:
dh_installsystemd -pnetwork-manager --no-start 
NetworkManager-dispatcher.service NetworkManager-wait-online.service 
nm-priv-helper.service
dh_installsystemd -pnetwork-manager --no-also NetworkManager.service

No other systemd overrides. Nothing inhibits the restart of the service.

It needs to be one or the other.  And if we're doing SRUs of network-
manager, then this is bad UX for users applying their daily updates and
should be fixed in SRU.

ProblemType: Bug
DistroRelease: Ubuntu 23.10
Package: network-manager 1.44.2-1ubuntu1.1
ProcVersionSignature: Ubuntu 6.5.0-9.9-generic 6.5.3
Uname: Linux 6.5.0-9-generic x86_64
NonfreeKernelModules: zfs
ApportVersion: 2.27.0-0ubuntu5
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: ubuntu:GNOME
Date: Tue Oct 24 08:19:38 2023
InstallationDate: Installed on 2019-12-23 (1401 days ago)
InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017)
RebootRequiredPkgs: Error: path contained symlinks.
SourcePackage: network-manager
UpgradeStatus: Upgraded to mantic on 2023-10-16 (8 days ago)
nmcli-nm:
 RUNNING  VERSION  STATE  STARTUP  CONNECTIVITY  NETWORKING  WIFI-HW  WIFI  
   WWAN-HW  WWAN
 running  1.44.2   connected  started  full  enabled enabled  
enabled  missing  enabled

** Affects: network-manager (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug mantic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2040292

Title:
  network-manager SRU flags system for restart required but also
  restarted the service

Status in network-manager package in Ubuntu:
  New

Bug description:
  After applying the network-manager SRU in mantic, I get a notification
  that a system restart is required to fully apply updates.

  This immediately raised a question, because I KNOW my network
  connection was restarted when the SRU was installed (I have a VPN that
  did not auto-reconnect).

  And I checked the state of the process - it was definitely restarted
  and is running from the binary currently on disk.

  The network-manager postinst has the following code:

  # request a reboot (NM tears down interfaces on restart
  # which is not the way we want to go)
  [ -x /usr/share/update-notifier/notify-reboot-required ] && \
  /usr/share/update-notifier/notify-reboot-required

  But the service restart is also happening. debian/rules currently has:

  override_dh_installsystemd:
  dh_installsystemd -pnetwork-manager --no-start 
NetworkManager-dispatcher.service NetworkManager-wait-online.service 
nm-priv-helper.service
  dh_installsystemd -pnetwork-manager --no-also NetworkManager.service

  No other systemd overrides. Nothing inhibits the restart of the
  service.

  It needs to be one or the other.  And if we're doing SRUs of network-
  manager, then this is bad UX for users applying their daily updates
  and should be fixed in SRU.

  ProblemType: Bug
  DistroRelease: Ubuntu 23.10
  Package: network-manager 1.44.2-1ubuntu1.1
  ProcVersionSignature: Ubuntu 6.5.0-9.9-generic 6.5.3
  Uname: Linux 6.5.0-9-generic x86_64
  NonfreeKernelModules: zfs
  ApportVersion: 2.27.0-0ubuntu5
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Oct 24 08:19:38 2023
  InstallationDate: Installed on 2019-12-23 (1401 days ago)
  InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017)
  RebootRequiredPkgs: Error: path contained symlinks.
  SourcePackage: network-manager
  UpgradeStatus: Upgraded to mantic on 2023-10-16 (8 days ago)
  nmcli-nm:
   RUNNING  VERSION  STATE  STARTUP  CONNECTIVITY  NETWORKING  WIFI-HW  
WIFI WWAN-HW  WWAN
   running  1.44.2   connected  started  full  enabled enabled  
enabled  missing  enabled

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/2040292/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touc

[Touch-packages] [Bug 2039974] Re: package linux-image-6.2.0-35-generic 6.2.0-35.35~22.04.1 failed to install/upgrade: run-parts: /etc/kernel/postinst.d/initramfs-tools exited with return code 1

2023-10-24 Thread Eduardo Barretto

Thanks for taking the time to report this bug and helping to make Ubuntu
better. We appreciate the difficulties you are facing, but this appears
to be a "regular" (non-security) bug.  I have unmarked it as a security
issue since this bug does not show evidence of allowing attackers to
cross privilege boundaries nor directly cause loss of data/privacy.
Please feel free to report any other bugs you may find.

** Information type changed from Private Security to Public

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to initramfs-tools in Ubuntu.
https://bugs.launchpad.net/bugs/2039974

Title:
  package linux-image-6.2.0-35-generic 6.2.0-35.35~22.04.1 failed to
  install/upgrade: run-parts: /etc/kernel/postinst.d/initramfs-tools
  exited with return code 1

Status in initramfs-tools package in Ubuntu:
  New

Bug description:
  message recieved

  ProblemType: Package
  DistroRelease: Ubuntu 22.04
  Package: linux-image-6.2.0-35-generic 6.2.0-35.35~22.04.1
  ProcVersionSignature: Ubuntu 6.2.0-34.34~22.04.1-generic 6.2.16
  Uname: Linux 6.2.0-34-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82.5
  Architecture: amd64
  CasperMD5CheckResult: pass
  Date: Fri Oct 20 08:24:18 2023
  ErrorMessage: run-parts: /etc/kernel/postinst.d/initramfs-tools exited with 
return code 1
  InstallationDate: Installed on 2022-10-18 (366 days ago)
  InstallationMedia: Ubuntu 22.04.1 LTS "Jammy Jellyfish" - Release amd64 
(20220809.1)
  Python3Details: /usr/bin/python3.10, Python 3.10.12, python3-minimal, 
3.10.6-1~22.04
  PythonDetails: N/A
  RelatedPackageVersions:
   dpkg 1.21.1ubuntu2.2
   apt  2.4.10
  SourcePackage: initramfs-tools
  Title: package linux-image-6.2.0-35-generic 6.2.0-35.35~22.04.1 failed to 
install/upgrade: run-parts: /etc/kernel/postinst.d/initramfs-tools exited with 
return code 1
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/2039974/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2040292] Re: network-manager SRU flags system for restart required but also restarted the service

2023-10-24 Thread Jeremy Bícha

When I added notify-reboot-required years ago, I believe I also
suppressed the automatic restart of NetworkManager. At the time, I
figured it was better for users to not temporarily lose network
connectivity during the upgrade.

However, the snippet disabling restarting NetworkManager was later
dropped.

I agree that it does not make sense to both restart NetworkManager and
have NetworkManager request restarting the computer.

I do not believe we have a desktop policy to help us determine when it
is better to either restart services or notify that a computer restart
is recommended.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2040292

Title:
  network-manager SRU flags system for restart required but also
  restarted the service

Status in network-manager package in Ubuntu:
  Confirmed

Bug description:
  After applying the network-manager SRU in mantic, I get a notification
  that a system restart is required to fully apply updates.

  This immediately raised a question, because I KNOW my network
  connection was restarted when the SRU was installed (I have a VPN that
  did not auto-reconnect).

  And I checked the state of the process - it was definitely restarted
  and is running from the binary currently on disk.

  The network-manager postinst has the following code:

  # request a reboot (NM tears down interfaces on restart
  # which is not the way we want to go)
  [ -x /usr/share/update-notifier/notify-reboot-required ] && \
  /usr/share/update-notifier/notify-reboot-required

  But the service restart is also happening. debian/rules currently has:

  override_dh_installsystemd:
  dh_installsystemd -pnetwork-manager --no-start 
NetworkManager-dispatcher.service NetworkManager-wait-online.service 
nm-priv-helper.service
  dh_installsystemd -pnetwork-manager --no-also NetworkManager.service

  No other systemd overrides. Nothing inhibits the restart of the
  service.

  It needs to be one or the other.  And if we're doing SRUs of network-
  manager, then this is bad UX for users applying their daily updates
  and should be fixed in SRU.

  ProblemType: Bug
  DistroRelease: Ubuntu 23.10
  Package: network-manager 1.44.2-1ubuntu1.1
  ProcVersionSignature: Ubuntu 6.5.0-9.9-generic 6.5.3
  Uname: Linux 6.5.0-9-generic x86_64
  NonfreeKernelModules: zfs
  ApportVersion: 2.27.0-0ubuntu5
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Oct 24 08:19:38 2023
  InstallationDate: Installed on 2019-12-23 (1401 days ago)
  InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017)
  RebootRequiredPkgs: Error: path contained symlinks.
  SourcePackage: network-manager
  UpgradeStatus: Upgraded to mantic on 2023-10-16 (8 days ago)
  nmcli-nm:
   RUNNING  VERSION  STATE  STARTUP  CONNECTIVITY  NETWORKING  WIFI-HW  
WIFI WWAN-HW  WWAN
   running  1.44.2   connected  started  full  enabled enabled  
enabled  missing  enabled

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/2040292/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2040292] Re: network-manager SRU flags system for restart required but also restarted the service

Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: network-manager (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2040292

Title:
  network-manager SRU flags system for restart required but also
  restarted the service

Status in network-manager package in Ubuntu:
  Confirmed

Bug description:
  After applying the network-manager SRU in mantic, I get a notification
  that a system restart is required to fully apply updates.

  This immediately raised a question, because I KNOW my network
  connection was restarted when the SRU was installed (I have a VPN that
  did not auto-reconnect).

  And I checked the state of the process - it was definitely restarted
  and is running from the binary currently on disk.

  The network-manager postinst has the following code:

  # request a reboot (NM tears down interfaces on restart
  # which is not the way we want to go)
  [ -x /usr/share/update-notifier/notify-reboot-required ] && \
  /usr/share/update-notifier/notify-reboot-required

  But the service restart is also happening. debian/rules currently has:

  override_dh_installsystemd:
  dh_installsystemd -pnetwork-manager --no-start 
NetworkManager-dispatcher.service NetworkManager-wait-online.service 
nm-priv-helper.service
  dh_installsystemd -pnetwork-manager --no-also NetworkManager.service

  No other systemd overrides. Nothing inhibits the restart of the
  service.

  It needs to be one or the other.  And if we're doing SRUs of network-
  manager, then this is bad UX for users applying their daily updates
  and should be fixed in SRU.

  ProblemType: Bug
  DistroRelease: Ubuntu 23.10
  Package: network-manager 1.44.2-1ubuntu1.1
  ProcVersionSignature: Ubuntu 6.5.0-9.9-generic 6.5.3
  Uname: Linux 6.5.0-9-generic x86_64
  NonfreeKernelModules: zfs
  ApportVersion: 2.27.0-0ubuntu5
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Oct 24 08:19:38 2023
  InstallationDate: Installed on 2019-12-23 (1401 days ago)
  InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017)
  RebootRequiredPkgs: Error: path contained symlinks.
  SourcePackage: network-manager
  UpgradeStatus: Upgraded to mantic on 2023-10-16 (8 days ago)
  nmcli-nm:
   RUNNING  VERSION  STATE  STARTUP  CONNECTIVITY  NETWORKING  WIFI-HW  
WIFI WWAN-HW  WWAN
   running  1.44.2   connected  started  full  enabled enabled  
enabled  missing  enabled

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/2040292/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2039712] Re: Two critical CVEs in zbar

2023-10-24 Thread Eduardo Barretto

Thanks for taking the time to report this bug and helping to make Ubuntu 
better. Both CVEs are already in our tracker[1][2]. We don't consider this 
issue to be a critical and have rated it to medium Priority [3]. Currently 
there are no fix available on upstream for those CVEs, see [4]. 
Since the package referred to in this bug is in universe or multiverse, it is 
community maintained. If you are able, I suggest coordinating with upstream and 
posting a debdiff for this issue. When a debdiff is available, members of the 
security team will review it and publish the package. See the following link 
for more information: https://wiki.ubuntu.com/SecurityTeam/UpdateProcedures

[1] https://ubuntu.com/security/CVE-2023-40889
[2] https://ubuntu.com/security/CVE-2023-40890
[3] https://people.canonical.com/~ubuntu-security/priority.html
[4] https://github.com/mchehab/zbar/issues/263

** Bug watch added: github.com/mchehab/zbar/issues #263
   https://github.com/mchehab/zbar/issues/263

** Changed in: zbar (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to zbar in Ubuntu.
https://bugs.launchpad.net/bugs/2039712

Title:
  Two critical CVEs in zbar

Status in zbar package in Ubuntu:
  Confirmed

Bug description:
  There are two CVEs with a score of 9.8 CRITICAL published on
  29-08-2023:

  * https://nvd.nist.gov/vuln/detail/CVE-2023-40889
  * https://nvd.nist.gov/vuln/detail/CVE-2023-40890

  No new release seems to be available that fixes these vulnerabilities.
  The latest package version seems to be zbar-tools (0.23.92-7).

  Additional information:

  ~ $ lsb_release -rd
  No LSB modules are available.
  Description:  Ubuntu 23.04
  Release:  23.04
  ~ $ apt-cache policy zbar-tools
  zbar-tools:
    Installed: 0.23.92-7
    Candidate: 0.23.92-7
    Version table:
   *** 0.23.92-7 500
  500 http://ch.archive.ubuntu.com/ubuntu lunar/universe amd64 Packages
  100 /var/lib/dpkg/status

  # Expected

  No CVE

  # Actual

  There are two known CVEs

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/zbar/+bug/2039712/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2039217] Re: python apt Cache(memonly=True) does not behave as if memonly.

2023-10-24 Thread Eduardo Barretto

** Information type changed from Private Security to Public Security

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python-apt in Ubuntu.
https://bugs.launchpad.net/bugs/2039217

Title:
  python apt Cache(memonly=True) does not behave as if memonly.

Status in python-apt package in Ubuntu:
  New

Bug description:
  When I use the python constructor for apt.Cache with a
  rootdir=/mnt/host (which is mounted read-only) and memonly=True, it
  isn't behaving as if it's memonly. It's trying to create directories
  on the mounted system.

  Here's my stack: (note, python click module takes up a bit of the top
  of the stack)

  ```
  Collecting apt-based metrics...
  Traceback (most recent call last):
File "./restart_check.py", line 165, in 
  _main()
File "/usr/local/lib/python3.8/dist-packages/click/core.py", line 1157, in 
__call__
  return self.main(*args, **kwargs)
File "/usr/local/lib/python3.8/dist-packages/click/core.py", line 1078, in 
main
  rv = self.invoke(ctx)
File "/usr/local/lib/python3.8/dist-packages/click/core.py", line 1434, in 
invoke
  return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python3.8/dist-packages/click/core.py", line 783, in 
invoke
  return __callback(*args, **kwargs)
File "./restart_check.py", line 139, in _main
  cache = apt.cache.Cache(rootdir=root_dir, memonly=True)
File "/usr/lib/python3/dist-packages/apt/cache.py", line 161, in __init__
  self._check_and_create_required_dirs(rootdir)
File "/usr/lib/python3/dist-packages/apt/cache.py", line 201, in 
_check_and_create_required_dirs
  os.makedirs(rootdir + d)
File "/usr/lib/python3.8/os.py", line 213, in makedirs
  makedirs(head, exist_ok=exist_ok)
File "/usr/lib/python3.8/os.py", line 213, in makedirs
  makedirs(head, exist_ok=exist_ok)
File "/usr/lib/python3.8/os.py", line 223, in makedirs
  mkdir(name, mode)
  OSError: [Errno 30] Read-only file system: '/mnt/host/var'
  ```

  Why are those create-dir calls not protected from the memonly flag?
  Are they truly needed to be able to set up the cache?

  Ya know what, this could be a security vulnerability, making writes to
  a system that was supposed to be treated as read-only, particularly
  for those that mounted to a disk in a non-read-only way. memonly is
  not as advertised.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/python-apt/+bug/2039217/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2038567] Re: Disable restricting unprivileged change_profile by default, due to LXD latest/stable not yet compatible with this new apparmor feature

This bug is awaiting verification that the linux-
azure-6.5/6.5.0-1007.7~22.04.1 kernel in -proposed solves the problem.
Please test the kernel and update this bug with the results. If the
problem is solved, change the tag 'verification-needed-jammy-linux-
azure-6.5' to 'verification-done-jammy-linux-azure-6.5'. If the problem
still exists, change the tag 'verification-needed-jammy-linux-azure-6.5'
to 'verification-failed-jammy-linux-azure-6.5'.


If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.


See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: kernel-spammed-jammy-linux-azure-6.5-v2 
verification-needed-jammy-linux-azure-6.5

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2038567

Title:
  Disable restricting unprivileged change_profile by default, due to LXD
  latest/stable not yet compatible with this new apparmor feature

Status in Release Notes for Ubuntu:
  New
Status in apparmor package in Ubuntu:
  Confirmed
Status in linux package in Ubuntu:
  Fix Released
Status in lxd package in Ubuntu:
  Triaged
Status in snapd package in Ubuntu:
  Confirmed

Bug description:
  Following upgrade to 6.5.0-7 kernel in mantic cloud images we are
  seeing a regression in our cloud image tests. The test runs the
  following:

  ```
  lxd init --auto --storage-backend dir
  lxc launch ubuntu-daily:mantic mantic
  lxc info mantic
  lxc exec mantic -- cloud-init status --wait
  ```

  The `lxc exec mantic -- cloud-init status --wait` times out after 240s
  and will fail our test as a result.

  I have been able to replicate in a local VM

  ```
  wget 
http://cloud-images.ubuntu.com/mantic/20231005/mantic-server-cloudimg-amd64.img 
  wget --output-document=launch-qcow2-image-qemu.sh 
https://gist.githubusercontent.com/philroche/14c241c086a5730481e24178b654268f/raw/7af95cd4dfc8e1d0600e6118803d2c866765714e/gistfile1.txt
 
  chmod +x launch-qcow2-image-qemu.sh 

  ./launch-qcow2-image-qemu.sh --password passw0rd --image 
./mantic-server-cloudimg-amd64.img 
  cat < "./reproducer.sh"
  #!/bin/bash -eux
  lxd init --auto --storage-backend dir
  lxc launch ubuntu-daily:mantic mantic
  lxc info mantic
  lxc exec mantic -- cloud-init status --wait
  EOF
  chmod +x ./reproducer.sh
  sshpass -p passw0rd scp -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o 
StrictHostKeyChecking=no -P  ./reproducer.sh ubuntu@127.0.0.1:~/
  sshpass -p passw0rd ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o 
StrictHostKeyChecking=no -p  ubuntu@127.0.0.1 sudo apt-get update
  sshpass -p passw0rd ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o 
StrictHostKeyChecking=no -p  ubuntu@127.0.0.1 sudo apt-get upgrade 
--assume-yes
  sshpass -p passw0rd ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o 
StrictHostKeyChecking=no -p  ubuntu@127.0.0.1 ./reproducer.sh
  ```

  The issue is not present with the 6.5.0-5 kernel and the issue is
  present regardless of the container launched. I tried the jammy
  container to test this.

  From my test VM

  ```
  ubuntu@cloudimg:~$ uname --all
  Linux cloudimg 6.5.0-7-generic #7-Ubuntu SMP PREEMPT_DYNAMIC Fri Sep 29 
09:14:56 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
  ubuntu@cloudimg:~$ uname --kernel-release
  6.5.0-7-generic
  ```

  This is a regression in our test that will block 23.10 cloud image
  release next week.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-release-notes/+bug/2038567/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2036968] Re: Mantic minimized/minimal cloud images do not receive IP address during provisioning; systemd regression with wait-online

This bug is awaiting verification that the linux-
azure-6.5/6.5.0-1007.7~22.04.1 kernel in -proposed solves the problem.
Please test the kernel and update this bug with the results. If the
problem is solved, change the tag 'verification-needed-jammy-linux-
azure-6.5' to 'verification-done-jammy-linux-azure-6.5'. If the problem
still exists, change the tag 'verification-needed-jammy-linux-azure-6.5'
to 'verification-failed-jammy-linux-azure-6.5'.


If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.


See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: kernel-spammed-jammy-linux-azure-6.5-v2 
verification-needed-jammy-linux-azure-6.5

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2036968

Title:
  Mantic minimized/minimal cloud images do not receive IP address during
  provisioning; systemd regression with wait-online

Status in cloud-images:
  New
Status in linux package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  Triaged

Bug description:
  Following a recent change from linux-kvm kernel to linux-generic
  kernel in the mantic minimized images, there is a reproducable bug
  where a guest VM does not have an IP address assigned as part of
  cloud-init provisioning.

  This is easiest to reproduce when emulating arm64 on amd64 host. The
  bug is a race condition, so there could exist fast enough
  virtualisation on fast enough hardware where this bug is not present
  but in all my testing I have been able to reproduce.

  The latest mantic minimized images from http://cloud-
  images.ubuntu.com/minimal/daily/mantic/ have force initrdless boot and
  no initrd to fallback to.

  This but is not present in the non minimized/base images @
  http://cloud-images.ubuntu.com/mantic/ as these boot with initrd with
  the required drivers present for virtio-net.

  Reproducer

  ```
  wget -O "launch-qcow2-image-qemu-arm64.sh" 
https://people.canonical.com/~philroche/20230921-cloud-images-mantic-fail-to-provision/launch-qcow2-image-qemu-arm64.sh

  chmod +x ./launch-qcow2-image-qemu-arm64.sh
  wget 
https://people.canonical.com/~philroche/20230921-cloud-images-mantic-fail-to-provision/livecd.ubuntu-cpc.img
  ./launch-qcow2-image-qemu-arm64.sh --password passw0rd --image 
./livecd.ubuntu-cpc.img
  ```

  You will then be able to log in with user `ubuntu` and password
  `passw0rd`.

  You can run `ip a` and see that there is a network interface present
  (separate to `lo`) but no IP address has been assigned.

  ```
  ubuntu@cloudimg:~$ ip a
  1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group 
default qlen 1000
  link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  inet 127.0.0.1/8 scope host lo
     valid_lft forever preferred_lft forever
  inet6 ::1/128 scope host
     valid_lft forever preferred_lft forever
  2: enp0s1:  mtu 1500 qdisc noop state DOWN group default 
qlen 1000
  link/ether 52:54:00:12:34:56 brd ff:ff:ff:ff:ff:ff

  ```

  This is because when cloud-init is trying to configure network
  interfaces it doesn't find any so it doesn't configure any. But by the
  time boot is complete the network interface is present but cloud-init
  provisioning has already completed.

  You can verify this by running `sudo cloud-init clean && sudo cloud-
  init init`

  You can then see a successfully configured network interface

  ```
  ubuntu@cloudimg:~$ ip a
  1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group 
default qlen 1000
  link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  inet 127.0.0.1/8 scope host lo
     valid_lft forever preferred_lft forever
  inet6 ::1/128 scope host
     valid_lft forever preferred_lft forever
  2: enp0s1:  mtu 1500 qdisc pfifo_fast state 
UP group default qlen 1000
  link/ether 52:54:00:12:34:56 brd ff:ff:ff:ff:ff:ff
  inet 10.0.2.15/24 metric 100 brd 10.0.2.255 scope global dynamic enp0s1
     valid_lft 86391sec preferred_lft 86391sec
  inet6 fec0::5054:ff:fe12:3456/64 scope site dynamic mngtmpaddr 
noprefixroute
     valid_lft 86393sec preferred_lft 14393sec
  inet6 fe80::5054:ff:fe12:3456/64 scope link
     valid_lft forever preferred_lft forever

  ```

  The bug is also reproducible with amd64 guest on adm64 host on
  older/slower hardware.

  The suggested fixes while debugging this issue are:

  * to include `virtio-net` as a built-in in the mantic generic kernel
  * understand what needs to change in cloud-init so that it can react to late 
additions of network interfaces

  I will file a separate bug against cloud-init to address the race
  condition on emulated guest/older hardware.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-images/+bug/2036968/+subscriptio

[Touch-packages] [Bug 2032602] Re: [FFe] apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic

This bug is awaiting verification that the linux-
azure-6.5/6.5.0-1007.7~22.04.1 kernel in -proposed solves the problem.
Please test the kernel and update this bug with the results. If the
problem is solved, change the tag 'verification-needed-jammy-linux-
azure-6.5' to 'verification-done-jammy-linux-azure-6.5'. If the problem
still exists, change the tag 'verification-needed-jammy-linux-azure-6.5'
to 'verification-failed-jammy-linux-azure-6.5'.


If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.


See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: kernel-spammed-jammy-linux-azure-6.5-v2 
verification-needed-jammy-linux-azure-6.5

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2032602

Title:
  [FFe] apparmor-4.0.0-alpha2 for unprivileged user namespace
  restrictions in mantic

Status in apparmor package in Ubuntu:
  Fix Released

Bug description:
  As per the spec documented at https://discourse.ubuntu.com/t/spec-
  unprivileged-user-namespace-restrictions-via-apparmor-in-
  ubuntu-23-10/37626 the Security team is enhancing AppArmor to allow
  the use of unprivileged user namespaces to be restricted to only those
  packages which require this.

  This change requires changes in both AppArmor within the kernel, as
  well as the apparmor package in the Ubuntu archive to ensure it
  supports the new syntax required.

  This has been extensively tested via the AppArmor regression test
  script in the QA Regression Testing repo:
  https://git.launchpad.net/qa-regression-testing/tree/scripts/test-
  apparmor.py

  This script runs various tests against the installed apparmor package, as 
well as building and running the various upstream regression and other test 
suites against this installed package:
    - 
https://gitlab.com/apparmor/apparmor/-/tree/master/tests/regression/apparmor?ref_type=heads
    - 
https://gitlab.com/apparmor/apparmor/-/tree/master/utils/test?ref_type=heads
    - 
https://gitlab.com/apparmor/apparmor/-/tree/master/parser/tst?ref_type=heads
    - 
https://gitlab.com/apparmor/apparmor/-/tree/master/libraries/libapparmor/testsuite?ref_type=heads

  The package can be found in
  https://launchpad.net/~alexmurray/+archive/ubuntu/apparmor-4.0.0-alpha2-for-
  mantic-take2

  This includes build logs etc (e.g. for amd64 this is found at
  https://launchpad.net/~alexmurray/+archive/ubuntu/apparmor-4.0.0-alpha2-for-
  mantic-take2/+build/26530996)

  Note there is no ChangeLog file in upstream apparmor so instead I am
  attaching the git history between the current version of apparmor in
  mantic (3.0.8) and 4.0.0-alpha2.

  Also note that this new version of apparmor does not actually enable
  the user namespaces restriction yet - that is planned for a future
  upload (and hence a future FFe) - however, it lays all the groundwork
  to enable this, once sufficient testing and integration has been done
  across the rest of the Ubuntu archive and package ecosystem.

  As such, there is no risk of regression at this time due to that
  change - and the extensive regression testing also supports this
  conclusion as well.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2032602/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2016908] Re: udev fails to make prctl() syscall with apparmor=0 (as used by maas by default)

This bug is awaiting verification that the linux-
azure-6.5/6.5.0-1007.7~22.04.1 kernel in -proposed solves the problem.
Please test the kernel and update this bug with the results. If the
problem is solved, change the tag 'verification-needed-jammy-linux-
azure-6.5' to 'verification-done-jammy-linux-azure-6.5'. If the problem
still exists, change the tag 'verification-needed-jammy-linux-azure-6.5'
to 'verification-failed-jammy-linux-azure-6.5'.


If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.


See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: kernel-spammed-jammy-linux-azure-6.5-v2 
verification-needed-jammy-linux-azure-6.5

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2016908

Title:
  udev fails to make prctl() syscall with apparmor=0 (as used by maas by
  default)

Status in AppArmor:
  Fix Released
Status in MAAS:
  Fix Released
Status in maas-images:
  Invalid
Status in apparmor package in Ubuntu:
  Invalid
Status in linux package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  Invalid
Status in apparmor source package in Lunar:
  Invalid
Status in linux source package in Lunar:
  Fix Released
Status in systemd source package in Lunar:
  Invalid

Bug description:
  I'm assuming the image being used for these deploys is 20230417 or
  20230417.1 based on the fact that I saw a 6.2 kernel being used which
  I don't believe was part of the 20230319 serial. I don't have access
  to the maas server, so I can't directly check any log files.

  MAAS Version: 3.3.2

  Here's where the serial log indicates it can't download the squashfs. The 
full log is attached as scobee-lunar-no-squashfs.log (there are some other 
console message intermixed):
  no search or nameservers found in /run/net-BOOTIF.conf /run/net-*.conf 
/run/net6
  -*.conf
  :: 
root=squash:http://10.229.32.21:5248/images/ubuntu/arm64/ga-23.04/lunar/candi
  date/squa[  206.804704] Btrfs loaded, crc32c=crc32c-generic, zoned=yes, 
fsverity
  =yes
  shfs
  :: mount_squash downloading 
http://10.229.32.21:5248/images/ubuntu/arm64/ga-23.0
  4/lunar/candidate/squashfs to /root.tmp.img
  Connecting to 10.229.32.21:5248 (10.229.32.21:5248)
  wget: can't connect to remote host (10.229.32.21): Network is unreachable
  :: mount -t squashfs -o loop  '/root.tmp.img' '/root.tmp'
  mount: mounting /root.tmp.img on /root.tmp failed: No such file or directory
  done.

  Still gathering logs and info and will update as I go.

  
  Kernel Bug / Apparmor
  reproducer

  $ wget 
https://images.maas.io/ephemeral-v3/candidate/lunar/amd64/20230419/ga-23.04/generic/boot-kernel
  $ wget 
https://images.maas.io/ephemeral-v3/candidate/lunar/amd64/20230419/ga-23.04/generic/boot-initrd
  $ qemu-system-x86_64 -nographic -m 2G -kernel ./boot-kernel -initrd 
./boot-initrd -append 'console=ttyS0 break=modules apparmor=0'

  #start the VM
  
  Starting systemd-udevd version 252.5-2ubuntu3
  Spawning shell within the initramfs

  BusyBox v1.35.0 (Ubuntu 1:1.35.0-4ubuntu1) built-in shell (ash)
  Enter 'help' for a list of built-in commands.

  (initramfs) udevadm info --export-db
  Failed to set death signal: Invalid argument

  Observe that udevadm fails to setup death signal, with in systemd code
  is this

  
https://github.com/systemd/systemd/blob/08c2f9c626e0f0052d505b1b7e52f335c0fbfa1d/src/basic/process-
  util.c#L1252

  if (flags & (FORK_DEATHSIG|FORK_DEATHSIG_SIGINT))
  if (prctl(PR_SET_PDEATHSIG, (flags & FORK_DEATHSIG_SIGINT) ? 
SIGINT : SIGTERM) < 0) {
  log_full_errno(prio, errno, "Failed to set death 
signal: %m");
  _exit(EXIT_FAILURE);
  }

  
  workaround set kernel commandline to `apparmor=1`
  

  MAAS bug
  Why is maas setting `apparmor=0` ? Ubuntu shouldn't be used without apparmor. 
Even for deployment and commisioning.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/2016908/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2040153] Re: Network Manager will not remove Netplan YAMLs when connections are deleted

2023-10-24 Thread Brian Murray

Hello Danilo, or anyone else affected,

Accepted network-manager into mantic-proposed. The package will build
now and be available at https://launchpad.net/ubuntu/+source/network-
manager/1.44.2-1ubuntu1.2 in a few hours, and then in the -proposed
repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.  Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, what testing has been
performed on the package and change the tag from verification-needed-
mantic to verification-done-mantic. If it does not fix the bug for you,
please add a comment stating that, and change the tag to verification-
failed-mantic. In either case, without details of your testing we will
not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance for helping!

N.B. The updated package will be released to -updates after the bug(s)
fixed by this package have been verified and the package has been in
-proposed for a minimum of 7 days.

** Changed in: network-manager (Ubuntu Mantic)
   Status: In Progress => Fix Committed

** Tags added: verification-needed verification-needed-mantic

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2040153

Title:
  Network Manager will not remove Netplan YAMLs when connections are
  deleted

Status in netplan.io package in Ubuntu:
  Triaged
Status in network-manager package in Ubuntu:
  In Progress
Status in netplan.io source package in Mantic:
  Invalid
Status in network-manager source package in Mantic:
  Fix Committed

Bug description:
  [ Impact ]

  Desktop users, or any users with YAML files in /usr/lib/netplan, can't delete
  Network Manager connections persistently. That means that, when the 
connection is
  deliberately deleted by the user, it will re-appear when the system is 
rebooted or
  netplan apply is executed.

  This is happening because the systemd service unit is setting the property 
"ProtectSystem"
  to true. Because of that, /usr is being presented to the Network Manager 
daemon as read-only.
  When connections are deleted, libnetplan will try to open its YAML files with 
writing permissions
  and will fail for files from /usr/lib/netplan. Even if the user hasn't added 
any files there manually,
  the file /usr/lib/netplan/00-network-manager-all.yaml will be installed by 
the package ubuntu-settings.

  This issue is fixed by allow-listing /usr/lib/netplan with 
ReadWritePaths=/usr/lib/netplan in systemd
  so the Network Manager's daemon will be able to write to that directory.

  This upload also improves the autopkgtests related to Netplan. Network 
Manager will be
  started by systemd, which ensures we are testing in the same environment 
conditions
  used by a desktop installation. It also adds a few more instances of 
connections deletions so
  we can test a bit more that YAML files are being removed. It also adds all 
the dependencies
  required by the test script (which sadly was causing the nm_netplan.py tests 
to be skipped).

  [ Test Plan ]

  Launch a new Mantic VM:

  $ lxc launch ubuntu:mantic --vm

  Install network-manager and ubuntu-settings:

  # apt install network-manager ubuntu-settings

  Run Netplan

  # netplan apply

  Create a dummy connection via nmcli:

  # nmcli con add type dummy connection.interface-name dummy0

  Check a new YAML will be created in /etc/netplan

  Delete the connection with nmcli

  # nmcli con del dummy-dummy0

  Check the YAML WAS NOT removed from /etc/netplan

  You will see the error below in the NetworkManager's journal

  netplan_delete_connection: Cannot write output state: Read-only file
  system

  Add the PPA containing the fix and run the same test described above

  # add-apt-repository ppa:danilogondolfo/network-manager
  # apt update
  # apt upgrade

  Check that the YAML will be created when the connection is added and
  deleted and the connection is removed.

  [ Where problems could occur ]

  As the only change is a relaxation of the restrictions applied by systemd on 
the environment where Network Manager
  runs, we are not expecting any regression.

  As for the changes in the autopkgtest related to Netplan, they are
  passing on all architectures.

  Autopkgtests

  amd64 - 
https://autopkgtest.ubuntu.com/results/autopkgtest-mantic-danilogondolfo-network-manager/mantic/amd64/n/network-manager/20231023_175203_b2798@/log.gz
  ppc64 - 
https://autopkgtest.ubuntu.com/results/autopkgtest-mantic-danilogondolfo-network-manager/mantic/ppc64el/n/network-manager/20231023_182332_f0497@/log.gz
  s390x - 
https://autopkgtest.ubuntu.com/

[Touch-packages] [Bug 2040051] Re: systemd-networkd-wait-online terminates with "Could not create manager: Invalid argument"

2023-10-24 Thread Matthias Nagel

FYI: I found the package `usrmerge` installed it and the directories
`/[bin|sbin|lib]` directories were successfully merged with their and
`/usr/[bin|sbin|lib]` counterparts. The complaint in `systemctl satus`
is gone. However, it was not the solution to my problem. Hence, my shot
in the dark in the previous message was a wrong one. The issue still
persists.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2040051

Title:
  systemd-networkd-wait-online terminates with "Could not create
  manager: Invalid argument"

Status in systemd package in Ubuntu:
  Incomplete

Bug description:
  # lsb_release -rd
  No LSB modules are available.
  Description:Ubuntu 23.10
  Release:23.10

  # aptitude show systemd
  Package: systemd 
  Version: 253.5-1ubuntu6
  State: installed

  systemd-networkd-wait-online terminates with "Could not create
  manager: Invalid argument".

  This lets the corresponding service (systemd-networkd-wait-
  online.service) fail as well. The error also appears when one directly
  invokes /lib/systemd/systemd-networkd-wait-online from a shell.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2040051/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2038901] Re: Ubuntu default/minimal installation is only ~11% smaller than full installation

2023-10-24 Thread John Kizer

Sorry if this is the wrong place to discuss this, but - is the thought
on this to look at what programs/capabilities are available to the user
on a fresh install and evaluate options to prune those, or to look at
reducing the installed size required to deliver the same capabilities as
the mantic default install? (Things like the other bug mentioned in the
Discourse post, https://bugs.launchpad.net/ubuntu/+source/livecd-
rootfs/+bug/2038906 , I assume)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ubuntu-meta in Ubuntu.
https://bugs.launchpad.net/bugs/2038901

Title:
  Ubuntu default/minimal installation is only ~11% smaller than full
  installation

Status in ubuntu-meta package in Ubuntu:
  New

Bug description:
  Ubuntu default/minimal installation should be made smaller in future.
  It's a little too close to the full install size right now. As of
  mantic 2023-10-10, the default/minimal install ends up 8.4 GB whereas
  the full install is 9.4 GB.

  
https://docs.google.com/spreadsheets/d/e/2PACX-1vSmQLXuDO0E-tKnWcgjL3Ua2bWDeUg4ICZIfuMrrZndBrYjbVLKAWlKuiZLZ9EOrj4N1WV37DRg8GyW/pubchart?oid=2040836911&format=interactive

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/2038901/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Re: [Touch-packages] [Bug 2040292] Re: network-manager SRU flags system for restart required but also restarted the service

On Tue, Oct 24, 2023 at 04:04:25PM -, Jeremy Bícha wrote:
> I do not believe we have a desktop policy to help us determine when it
> is better to either restart services or notify that a computer restart
> is recommended.

As a user I would prefer to not have my vpn connection drop during a
network-manager upgrade; or, barring that, to have it re-established after
the service is restarted.

And since that's not currently implemented, as a user it would be less
annoying for me if the service was not restarted.

HOWEVER, the default policy is to always restart services on upgrade, and
this policy exists for a reason.  Indeed, Lukas tells me we specifically
need to restart NM on upgrade from lunar to mantic because without a
restart, we can't do the connection migration - so in the most immediately
interesting case a restart is mandatory anyway.

The only system service we make an exception for is dbus because the whole
system loses its mind if dbus goes away.

So I think, given the set of knobs we currently have available for tweaking,
the right answer is to drop the reboot-required bit.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2040292

Title:
  network-manager SRU flags system for restart required but also
  restarted the service

Status in network-manager package in Ubuntu:
  Confirmed

Bug description:
  After applying the network-manager SRU in mantic, I get a notification
  that a system restart is required to fully apply updates.

  This immediately raised a question, because I KNOW my network
  connection was restarted when the SRU was installed (I have a VPN that
  did not auto-reconnect).

  And I checked the state of the process - it was definitely restarted
  and is running from the binary currently on disk.

  The network-manager postinst has the following code:

  # request a reboot (NM tears down interfaces on restart
  # which is not the way we want to go)
  [ -x /usr/share/update-notifier/notify-reboot-required ] && \
  /usr/share/update-notifier/notify-reboot-required

  But the service restart is also happening. debian/rules currently has:

  override_dh_installsystemd:
  dh_installsystemd -pnetwork-manager --no-start 
NetworkManager-dispatcher.service NetworkManager-wait-online.service 
nm-priv-helper.service
  dh_installsystemd -pnetwork-manager --no-also NetworkManager.service

  No other systemd overrides. Nothing inhibits the restart of the
  service.

  It needs to be one or the other.  And if we're doing SRUs of network-
  manager, then this is bad UX for users applying their daily updates
  and should be fixed in SRU.

  ProblemType: Bug
  DistroRelease: Ubuntu 23.10
  Package: network-manager 1.44.2-1ubuntu1.1
  ProcVersionSignature: Ubuntu 6.5.0-9.9-generic 6.5.3
  Uname: Linux 6.5.0-9-generic x86_64
  NonfreeKernelModules: zfs
  ApportVersion: 2.27.0-0ubuntu5
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Oct 24 08:19:38 2023
  InstallationDate: Installed on 2019-12-23 (1401 days ago)
  InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017)
  RebootRequiredPkgs: Error: path contained symlinks.
  SourcePackage: network-manager
  UpgradeStatus: Upgraded to mantic on 2023-10-16 (8 days ago)
  nmcli-nm:
   RUNNING  VERSION  STATE  STARTUP  CONNECTIVITY  NETWORKING  WIFI-HW  
WIFI WWAN-HW  WWAN
   running  1.44.2   connected  started  full  enabled enabled  
enabled  missing  enabled

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/2040292/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2039611] Re: [SRU] Fix fcc-unlock script for Lenovo X13s

2023-10-24 Thread Dan Bungert

** Also affects: modemmanager (Ubuntu Noble)
   Importance: Undecided
   Status: New

** Also affects: modemmanager (Ubuntu Mantic)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to modemmanager in Ubuntu.
https://bugs.launchpad.net/bugs/2039611

Title:
   [SRU] Fix fcc-unlock script for Lenovo X13s

Status in modemmanager package in Ubuntu:
  New
Status in modemmanager source package in Mantic:
  New
Status in modemmanager source package in Noble:
  New

Bug description:
  [ Impact ]

  Some of the Lenovo X13s laptop SKUs, based on the Qualcomm Snapdragon
  8cx, come with an integrated 4G/5G modem. The modem on the X13s is
  manufactured by foxconn, and is based on the Qualcomm Snapdragon X55
  PCIe modem.

  Here is the output of mmcli -m 0 on an X13s

Hardware  |manufacturer: foxconn
  |   model: Qualcomm Snapdragon X55 5G
  |   firmware revision: T99W175.F0.6.0.0.6.OG.005
  |  045  1  [Feb 03 2023 10:00:00]
   
  All Linux kernel drivers are upstream to support this data modem, and 
included in the Ubuntu kernel for mantic. The support for this modem is also 
merged in modemmanager, including the fcc-unlock script for this modem model 
(https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/commit/ac06052b97cc02e60ae1ed7a551727b3c14d6a22).
 

  We are however missing the symlink for the specific PCIe ID link
  reported on the X13s for this modem, which is shown by lspci as:

  0004:01:00.0 Wireless controller [0d40]: Foxconn International, Inc.
  T99W175 5G Modem [Snapdragon X55] [105b:e0c3]

  This is already fixed upstream with
  https://gitlab.freedesktop.org/mobile-
  broadband/ModemManager/-/commit/8061bcd9c03c26946b6fa3356313e069203f8838.

  With the backport of this patch the modem on the X13S can be enabled
  by laptop users using the fcc-unlock generic guidelines. And mobile
  broadband is working out of the box. Without it, the modem won't work.

  
  [ Test Plan ]

  Without the ability to FCC unlock this modem model, any attempt to
  enable/start the modem will fail / stall, as detailed on
  https://modemmanager.org/docs/modemmanager/fcc-unlock/.

  With this backport/fix, the Ubuntu Mobile network settings/UI can be
  used to enabled the modem, unlock the SIM card and connect to the
  4G/5G network (assuming the user has a SIM card with an appropriate
  data plan).

  
  [ Where problems could occur ]

  The patch is fairly isolated change. The purpose of this change is to
  create an additional symlink in /usr/share/ModemManager/fcc-
  unlock.available.d/ whose name is the PCIe ID of this specific device.
  PCIe IDs are documented here: https://cateee.net/lkddb/web-
  lkddb/MHI_BUS.html.

  Also links in this folder have no effect on the system, unless the
  user manually enable the appropriate fcc unlock script, typically by
  adding a link in /etc/ModemManager/fcc-unlock.d/ to the appropriate
  modem model script.

  [ Other Info ]
   
  I am working on a debdiff, and will upload shortly

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/modemmanager/+bug/2039611/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2038567] Re: Disable restricting unprivileged change_profile by default, due to LXD latest/stable not yet compatible with this new apparmor feature

This bug is awaiting verification that the linux-
aws-6.5/6.5.0-1008.8~22.04.1 kernel in -proposed solves the problem.
Please test the kernel and update this bug with the results. If the
problem is solved, change the tag 'verification-needed-jammy-linux-
aws-6.5' to 'verification-done-jammy-linux-aws-6.5'. If the problem
still exists, change the tag 'verification-needed-jammy-linux-aws-6.5'
to 'verification-failed-jammy-linux-aws-6.5'.


If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.


See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: kernel-spammed-jammy-linux-aws-6.5-v2 
verification-needed-jammy-linux-aws-6.5

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2038567

Title:
  Disable restricting unprivileged change_profile by default, due to LXD
  latest/stable not yet compatible with this new apparmor feature

Status in Release Notes for Ubuntu:
  New
Status in apparmor package in Ubuntu:
  Confirmed
Status in linux package in Ubuntu:
  Fix Released
Status in lxd package in Ubuntu:
  Triaged
Status in snapd package in Ubuntu:
  Confirmed

Bug description:
  Following upgrade to 6.5.0-7 kernel in mantic cloud images we are
  seeing a regression in our cloud image tests. The test runs the
  following:

  ```
  lxd init --auto --storage-backend dir
  lxc launch ubuntu-daily:mantic mantic
  lxc info mantic
  lxc exec mantic -- cloud-init status --wait
  ```

  The `lxc exec mantic -- cloud-init status --wait` times out after 240s
  and will fail our test as a result.

  I have been able to replicate in a local VM

  ```
  wget 
http://cloud-images.ubuntu.com/mantic/20231005/mantic-server-cloudimg-amd64.img 
  wget --output-document=launch-qcow2-image-qemu.sh 
https://gist.githubusercontent.com/philroche/14c241c086a5730481e24178b654268f/raw/7af95cd4dfc8e1d0600e6118803d2c866765714e/gistfile1.txt
 
  chmod +x launch-qcow2-image-qemu.sh 

  ./launch-qcow2-image-qemu.sh --password passw0rd --image 
./mantic-server-cloudimg-amd64.img 
  cat < "./reproducer.sh"
  #!/bin/bash -eux
  lxd init --auto --storage-backend dir
  lxc launch ubuntu-daily:mantic mantic
  lxc info mantic
  lxc exec mantic -- cloud-init status --wait
  EOF
  chmod +x ./reproducer.sh
  sshpass -p passw0rd scp -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o 
StrictHostKeyChecking=no -P  ./reproducer.sh ubuntu@127.0.0.1:~/
  sshpass -p passw0rd ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o 
StrictHostKeyChecking=no -p  ubuntu@127.0.0.1 sudo apt-get update
  sshpass -p passw0rd ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o 
StrictHostKeyChecking=no -p  ubuntu@127.0.0.1 sudo apt-get upgrade 
--assume-yes
  sshpass -p passw0rd ssh -o UserKnownHostsFile=/dev/null -o CheckHostIP=no -o 
StrictHostKeyChecking=no -p  ubuntu@127.0.0.1 ./reproducer.sh
  ```

  The issue is not present with the 6.5.0-5 kernel and the issue is
  present regardless of the container launched. I tried the jammy
  container to test this.

  From my test VM

  ```
  ubuntu@cloudimg:~$ uname --all
  Linux cloudimg 6.5.0-7-generic #7-Ubuntu SMP PREEMPT_DYNAMIC Fri Sep 29 
09:14:56 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
  ubuntu@cloudimg:~$ uname --kernel-release
  6.5.0-7-generic
  ```

  This is a regression in our test that will block 23.10 cloud image
  release next week.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-release-notes/+bug/2038567/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2036968] Re: Mantic minimized/minimal cloud images do not receive IP address during provisioning; systemd regression with wait-online

This bug is awaiting verification that the linux-
aws-6.5/6.5.0-1008.8~22.04.1 kernel in -proposed solves the problem.
Please test the kernel and update this bug with the results. If the
problem is solved, change the tag 'verification-needed-jammy-linux-
aws-6.5' to 'verification-done-jammy-linux-aws-6.5'. If the problem
still exists, change the tag 'verification-needed-jammy-linux-aws-6.5'
to 'verification-failed-jammy-linux-aws-6.5'.


If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.


See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: kernel-spammed-jammy-linux-aws-6.5-v2 
verification-needed-jammy-linux-aws-6.5

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2036968

Title:
  Mantic minimized/minimal cloud images do not receive IP address during
  provisioning; systemd regression with wait-online

Status in cloud-images:
  New
Status in linux package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  Triaged

Bug description:
  Following a recent change from linux-kvm kernel to linux-generic
  kernel in the mantic minimized images, there is a reproducable bug
  where a guest VM does not have an IP address assigned as part of
  cloud-init provisioning.

  This is easiest to reproduce when emulating arm64 on amd64 host. The
  bug is a race condition, so there could exist fast enough
  virtualisation on fast enough hardware where this bug is not present
  but in all my testing I have been able to reproduce.

  The latest mantic minimized images from http://cloud-
  images.ubuntu.com/minimal/daily/mantic/ have force initrdless boot and
  no initrd to fallback to.

  This but is not present in the non minimized/base images @
  http://cloud-images.ubuntu.com/mantic/ as these boot with initrd with
  the required drivers present for virtio-net.

  Reproducer

  ```
  wget -O "launch-qcow2-image-qemu-arm64.sh" 
https://people.canonical.com/~philroche/20230921-cloud-images-mantic-fail-to-provision/launch-qcow2-image-qemu-arm64.sh

  chmod +x ./launch-qcow2-image-qemu-arm64.sh
  wget 
https://people.canonical.com/~philroche/20230921-cloud-images-mantic-fail-to-provision/livecd.ubuntu-cpc.img
  ./launch-qcow2-image-qemu-arm64.sh --password passw0rd --image 
./livecd.ubuntu-cpc.img
  ```

  You will then be able to log in with user `ubuntu` and password
  `passw0rd`.

  You can run `ip a` and see that there is a network interface present
  (separate to `lo`) but no IP address has been assigned.

  ```
  ubuntu@cloudimg:~$ ip a
  1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group 
default qlen 1000
  link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  inet 127.0.0.1/8 scope host lo
     valid_lft forever preferred_lft forever
  inet6 ::1/128 scope host
     valid_lft forever preferred_lft forever
  2: enp0s1:  mtu 1500 qdisc noop state DOWN group default 
qlen 1000
  link/ether 52:54:00:12:34:56 brd ff:ff:ff:ff:ff:ff

  ```

  This is because when cloud-init is trying to configure network
  interfaces it doesn't find any so it doesn't configure any. But by the
  time boot is complete the network interface is present but cloud-init
  provisioning has already completed.

  You can verify this by running `sudo cloud-init clean && sudo cloud-
  init init`

  You can then see a successfully configured network interface

  ```
  ubuntu@cloudimg:~$ ip a
  1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group 
default qlen 1000
  link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  inet 127.0.0.1/8 scope host lo
     valid_lft forever preferred_lft forever
  inet6 ::1/128 scope host
     valid_lft forever preferred_lft forever
  2: enp0s1:  mtu 1500 qdisc pfifo_fast state 
UP group default qlen 1000
  link/ether 52:54:00:12:34:56 brd ff:ff:ff:ff:ff:ff
  inet 10.0.2.15/24 metric 100 brd 10.0.2.255 scope global dynamic enp0s1
     valid_lft 86391sec preferred_lft 86391sec
  inet6 fec0::5054:ff:fe12:3456/64 scope site dynamic mngtmpaddr 
noprefixroute
     valid_lft 86393sec preferred_lft 14393sec
  inet6 fe80::5054:ff:fe12:3456/64 scope link
     valid_lft forever preferred_lft forever

  ```

  The bug is also reproducible with amd64 guest on adm64 host on
  older/slower hardware.

  The suggested fixes while debugging this issue are:

  * to include `virtio-net` as a built-in in the mantic generic kernel
  * understand what needs to change in cloud-init so that it can react to late 
additions of network interfaces

  I will file a separate bug against cloud-init to address the race
  condition on emulated guest/older hardware.

To manage notifications about this bug go to:
https://bugs.launchpad.net/cloud-images/+bug/2036968/+subscriptions


-- 
Maili

[Touch-packages] [Bug 2032602] Re: [FFe] apparmor-4.0.0-alpha2 for unprivileged user namespace restrictions in mantic

This bug is awaiting verification that the linux-
aws-6.5/6.5.0-1008.8~22.04.1 kernel in -proposed solves the problem.
Please test the kernel and update this bug with the results. If the
problem is solved, change the tag 'verification-needed-jammy-linux-
aws-6.5' to 'verification-done-jammy-linux-aws-6.5'. If the problem
still exists, change the tag 'verification-needed-jammy-linux-aws-6.5'
to 'verification-failed-jammy-linux-aws-6.5'.


If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.


See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: kernel-spammed-jammy-linux-aws-6.5-v2 
verification-needed-jammy-linux-aws-6.5

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2032602

Title:
  [FFe] apparmor-4.0.0-alpha2 for unprivileged user namespace
  restrictions in mantic

Status in apparmor package in Ubuntu:
  Fix Released

Bug description:
  As per the spec documented at https://discourse.ubuntu.com/t/spec-
  unprivileged-user-namespace-restrictions-via-apparmor-in-
  ubuntu-23-10/37626 the Security team is enhancing AppArmor to allow
  the use of unprivileged user namespaces to be restricted to only those
  packages which require this.

  This change requires changes in both AppArmor within the kernel, as
  well as the apparmor package in the Ubuntu archive to ensure it
  supports the new syntax required.

  This has been extensively tested via the AppArmor regression test
  script in the QA Regression Testing repo:
  https://git.launchpad.net/qa-regression-testing/tree/scripts/test-
  apparmor.py

  This script runs various tests against the installed apparmor package, as 
well as building and running the various upstream regression and other test 
suites against this installed package:
    - 
https://gitlab.com/apparmor/apparmor/-/tree/master/tests/regression/apparmor?ref_type=heads
    - 
https://gitlab.com/apparmor/apparmor/-/tree/master/utils/test?ref_type=heads
    - 
https://gitlab.com/apparmor/apparmor/-/tree/master/parser/tst?ref_type=heads
    - 
https://gitlab.com/apparmor/apparmor/-/tree/master/libraries/libapparmor/testsuite?ref_type=heads

  The package can be found in
  https://launchpad.net/~alexmurray/+archive/ubuntu/apparmor-4.0.0-alpha2-for-
  mantic-take2

  This includes build logs etc (e.g. for amd64 this is found at
  https://launchpad.net/~alexmurray/+archive/ubuntu/apparmor-4.0.0-alpha2-for-
  mantic-take2/+build/26530996)

  Note there is no ChangeLog file in upstream apparmor so instead I am
  attaching the git history between the current version of apparmor in
  mantic (3.0.8) and 4.0.0-alpha2.

  Also note that this new version of apparmor does not actually enable
  the user namespaces restriction yet - that is planned for a future
  upload (and hence a future FFe) - however, it lays all the groundwork
  to enable this, once sufficient testing and integration has been done
  across the rest of the Ubuntu archive and package ecosystem.

  As such, there is no risk of regression at this time due to that
  change - and the extensive regression testing also supports this
  conclusion as well.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2032602/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2016908] Re: udev fails to make prctl() syscall with apparmor=0 (as used by maas by default)

This bug is awaiting verification that the linux-
aws-6.5/6.5.0-1008.8~22.04.1 kernel in -proposed solves the problem.
Please test the kernel and update this bug with the results. If the
problem is solved, change the tag 'verification-needed-jammy-linux-
aws-6.5' to 'verification-done-jammy-linux-aws-6.5'. If the problem
still exists, change the tag 'verification-needed-jammy-linux-aws-6.5'
to 'verification-failed-jammy-linux-aws-6.5'.


If verification is not done by 5 working days from today, this fix will
be dropped from the source code, and this bug will be closed.


See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how
to enable and use -proposed. Thank you!


** Tags added: kernel-spammed-jammy-linux-aws-6.5-v2 
verification-needed-jammy-linux-aws-6.5

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2016908

Title:
  udev fails to make prctl() syscall with apparmor=0 (as used by maas by
  default)

Status in AppArmor:
  Fix Released
Status in MAAS:
  Fix Released
Status in maas-images:
  Invalid
Status in apparmor package in Ubuntu:
  Invalid
Status in linux package in Ubuntu:
  Fix Released
Status in systemd package in Ubuntu:
  Invalid
Status in apparmor source package in Lunar:
  Invalid
Status in linux source package in Lunar:
  Fix Released
Status in systemd source package in Lunar:
  Invalid

Bug description:
  I'm assuming the image being used for these deploys is 20230417 or
  20230417.1 based on the fact that I saw a 6.2 kernel being used which
  I don't believe was part of the 20230319 serial. I don't have access
  to the maas server, so I can't directly check any log files.

  MAAS Version: 3.3.2

  Here's where the serial log indicates it can't download the squashfs. The 
full log is attached as scobee-lunar-no-squashfs.log (there are some other 
console message intermixed):
  no search or nameservers found in /run/net-BOOTIF.conf /run/net-*.conf 
/run/net6
  -*.conf
  :: 
root=squash:http://10.229.32.21:5248/images/ubuntu/arm64/ga-23.04/lunar/candi
  date/squa[  206.804704] Btrfs loaded, crc32c=crc32c-generic, zoned=yes, 
fsverity
  =yes
  shfs
  :: mount_squash downloading 
http://10.229.32.21:5248/images/ubuntu/arm64/ga-23.0
  4/lunar/candidate/squashfs to /root.tmp.img
  Connecting to 10.229.32.21:5248 (10.229.32.21:5248)
  wget: can't connect to remote host (10.229.32.21): Network is unreachable
  :: mount -t squashfs -o loop  '/root.tmp.img' '/root.tmp'
  mount: mounting /root.tmp.img on /root.tmp failed: No such file or directory
  done.

  Still gathering logs and info and will update as I go.

  
  Kernel Bug / Apparmor
  reproducer

  $ wget 
https://images.maas.io/ephemeral-v3/candidate/lunar/amd64/20230419/ga-23.04/generic/boot-kernel
  $ wget 
https://images.maas.io/ephemeral-v3/candidate/lunar/amd64/20230419/ga-23.04/generic/boot-initrd
  $ qemu-system-x86_64 -nographic -m 2G -kernel ./boot-kernel -initrd 
./boot-initrd -append 'console=ttyS0 break=modules apparmor=0'

  #start the VM
  
  Starting systemd-udevd version 252.5-2ubuntu3
  Spawning shell within the initramfs

  BusyBox v1.35.0 (Ubuntu 1:1.35.0-4ubuntu1) built-in shell (ash)
  Enter 'help' for a list of built-in commands.

  (initramfs) udevadm info --export-db
  Failed to set death signal: Invalid argument

  Observe that udevadm fails to setup death signal, with in systemd code
  is this

  
https://github.com/systemd/systemd/blob/08c2f9c626e0f0052d505b1b7e52f335c0fbfa1d/src/basic/process-
  util.c#L1252

  if (flags & (FORK_DEATHSIG|FORK_DEATHSIG_SIGINT))
  if (prctl(PR_SET_PDEATHSIG, (flags & FORK_DEATHSIG_SIGINT) ? 
SIGINT : SIGTERM) < 0) {
  log_full_errno(prio, errno, "Failed to set death 
signal: %m");
  _exit(EXIT_FAILURE);
  }

  
  workaround set kernel commandline to `apparmor=1`
  

  MAAS bug
  Why is maas setting `apparmor=0` ? Ubuntu shouldn't be used without apparmor. 
Even for deployment and commisioning.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/2016908/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2039611] Re: [SRU] Fix fcc-unlock script for Lenovo X13s

2023-10-24 Thread Dan Bungert

Thanks Nicholas.

I have adjusted the patch slightly to target noble instead of mantic -
noble will need to be first, now. When modemmanager is synced from
Debian this patch looks to already be present there, but I thought it
interesting to upload this now to facilitate the SRU process.

Uploading for noble.

** Changed in: modemmanager (Ubuntu Noble)
Assignee: (unassigned) => Dan Bungert (dbungert)

** Changed in: modemmanager (Ubuntu Noble)
Status: New => In Progress

** Changed in: modemmanager (Ubuntu Noble)
Status: In Progress => Fix Committed

--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to modemmanager in Ubuntu.
https://bugs.launchpad.net/bugs/2039611

Title:
[SRU] Fix fcc-unlock script for Lenovo X13s

Status in modemmanager package in Ubuntu:
Fix Committed
Status in modemmanager source package in Mantic:
New
Status in modemmanager source package in Noble:
Fix Committed

Bug description:
[ Impact ]

Some of the Lenovo X13s laptop SKUs, based on the Qualcomm Snapdragon
8cx, come with an integrated 4G/5G modem. The modem on the X13s is
manufactured by foxconn, and is based on the Qualcomm Snapdragon X55
PCIe modem.

Here is the output of mmcli -m 0 on an X13s

Hardware |manufacturer: foxconn
| model: Qualcomm Snapdragon X55 5G
| firmware revision: T99W175.F0.6.0.0.6.OG.005
| 045 1 [Feb 03 2023 10:00:00]

All Linux kernel drivers are upstream to support this data modem, and
included in the Ubuntu kernel for mantic. The support for this modem is also
merged in modemmanager, including the fcc-unlock script for this modem model
(https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/commit/ac06052b97cc02e60ae1ed7a551727b3c14d6a22).

We are however missing the symlink for the specific PCIe ID link
reported on the X13s for this modem, which is shown by lspci as:

0004:01:00.0 Wireless controller [0d40]: Foxconn International, Inc.
T99W175 5G Modem [Snapdragon X55] [105b:e0c3]

This is already fixed upstream with
https://gitlab.freedesktop.org/mobile-
broadband/ModemManager/-/commit/8061bcd9c03c26946b6fa3356313e069203f8838.

With the backport of this patch the modem on the X13S can be enabled
by laptop users using the fcc-unlock generic guidelines. And mobile
broadband is working out of the box. Without it, the modem won't work.

[ Test Plan ]

Without the ability to FCC unlock this modem model, any attempt to
enable/start the modem will fail / stall, as detailed on
https://modemmanager.org/docs/modemmanager/fcc-unlock/.

With this backport/fix, the Ubuntu Mobile network settings/UI can be
used to enabled the modem, unlock the SIM card and connect to the
4G/5G network (assuming the user has a SIM card with an appropriate
data plan).

[ Where problems could occur ]

The patch is fairly isolated change. The purpose of this change is to
create an additional symlink in /usr/share/ModemManager/fcc-
unlock.available.d/ whose name is the PCIe ID of this specific device.
PCIe IDs are documented here: https://cateee.net/lkddb/web-
lkddb/MHI_BUS.html.

Also links in this folder have no effect on the system, unless the
user manually enable the appropriate fcc unlock script, typically by
adding a link in /etc/ModemManager/fcc-unlock.d/ to the appropriate
modem model script.

[ Other Info ]

I am working on a debdiff, and will upload shortly

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/modemmanager/+bug/2039611/+subscriptions

--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2039611] Re: [SRU] Fix fcc-unlock script for Lenovo X13s

2023-10-24 Thread Dan Bungert

I'm unsubscribing sponsors for the moment, when you are content with the
results on noble please provide a modified debdiff with a SRU-friendly
version number for mantic and subscribe sponsors again. Thanks.

--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to modemmanager in Ubuntu.
https://bugs.launchpad.net/bugs/2039611

Title:
[SRU] Fix fcc-unlock script for Lenovo X13s

Status in modemmanager package in Ubuntu:
Fix Committed
Status in modemmanager source package in Mantic:
New
Status in modemmanager source package in Noble:
Fix Committed

Bug description:
[ Impact ]

Here is the output of mmcli -m 0 on an X13s

Hardware |manufacturer: foxconn
| model: Qualcomm Snapdragon X55 5G
| firmware revision: T99W175.F0.6.0.0.6.OG.005
| 045 1 [Feb 03 2023 10:00:00]

We are however missing the symlink for the specific PCIe ID link
reported on the X13s for this modem, which is shown by lspci as:

0004:01:00.0 Wireless controller [0d40]: Foxconn International, Inc.
T99W175 5G Modem [Snapdragon X55] [105b:e0c3]

This is already fixed upstream with
https://gitlab.freedesktop.org/mobile-
broadband/ModemManager/-/commit/8061bcd9c03c26946b6fa3356313e069203f8838.

[ Test Plan ]

Without the ability to FCC unlock this modem model, any attempt to
enable/start the modem will fail / stall, as detailed on
https://modemmanager.org/docs/modemmanager/fcc-unlock/.

[ Where problems could occur ]

[ Other Info ]

I am working on a debdiff, and will upload shortly

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/modemmanager/+bug/2039611/+subscriptions

--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2040270] Re: Default page size A4 not selected properly and duplex print failing

2023-10-24 Thread Benjamin_L

I have the same issue on arch so most likely a cups issue

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to cups in Ubuntu.
https://bugs.launchpad.net/bugs/2040270

Title:
  Default page size A4 not selected properly and duplex print failing

Status in cups package in Ubuntu:
  New

Bug description:
  With HP OfficeJet 7740 Pro A3/A4 duplex printer the A4 page size is
  not selected properly and results in an incorrectly sized test page:
  "Media limits: 0.42 x 0.42 to 27.52 x 35.14 cm".  In the printer set-
  up summary the media is described as "unknown" when A4 is selected as
  the default.  If either A5 or A3 are selected, the media is described
  correctly in the summary - "iso_a5_148x210mm" or "iso_a3_297x420mm" -
  and the test pages print perfectly, with correct media limits shown.

  When attempting to print A4 duplex the print fails due to a printer
  "jam", though printing the same document in duplex works properly
  using both the HP-Smart app on an Android phone and CUPS version
  2.2.7-15.3.51.2 on an OpenSuSE Leap 15.5 system.  Therefore I
  think the "jam" is the printer thinking the paper should be larger
  than it is, expecting 35.66cm (35.14 + 0.42) when the A4 paper is of
  course only 29.7cm long.

  On the OpenSuSE system the media is described correctly in the printer
  summary for the default A4 size paper.

  I've looked at and compared PPD files in /etc/cups/ppd/ and cannot see
  anything amiss with the sizes mentioned for A4.  I think the problem
  must lie in it assuming a size of 35.66cm when A4 is selected, i.e. it
  defaulting to "unknown" media, whatever that is.

  ProblemType: Bug
  DistroRelease: Ubuntu 23.04
  Package: cups 2.4.2-3ubuntu2.5
  ProcVersionSignature: Ubuntu 6.2.0-35.35-generic 6.2.16
  Uname: Linux 6.2.0-35-generic x86_64
  ApportVersion: 2.26.1-0ubuntu2.1
  Architecture: amd64
  CasperMD5CheckResult: pass
  CupsErrorLog:
   W [24/Oct/2023:11:30:09 +0100] Printer drivers are deprecated and will stop 
working in a future version of CUPS. See 
https://github.com/OpenPrinting/cups/issues/103
   W [24/Oct/2023:11:30:16 +0100] CreateProfile failed: 
org.freedesktop.ColorManager.AlreadyExists:profile id 
\'HP_OfficeJet_Pro_7740_series_B7D1A6-Gray..\' already exists
   W [24/Oct/2023:11:30:16 +0100] CreateProfile failed: 
org.freedesktop.ColorManager.AlreadyExists:profile id 
\'HP_OfficeJet_Pro_7740_series_B7D1A6-DeviceN..\' already exists
  CurrentDesktop: KDE
  Date: Tue Oct 24 12:07:03 2023
  InstallationDate: Installed on 2023-02-27 (238 days ago)
  InstallationMedia: Kubuntu 22.10 "Kinetic Kudu" - Release amd64 (20221020)
  KernLog:
   
  Lpstat:
   device for HP7740: socket://hp7740c:9100
   device for HP_OfficeJet_Pro_7740_series_B7D1A6: 
implicitclass://HP_OfficeJet_Pro_7740_series_B7D1A6/
   device for OfficeJet_Pro_7740-HPLIP: 
hp:/net/OfficeJet_Pro_7740_series?ip=192.168.10.22
  MachineType: Intel(R) Client Systems NUC12WSHi5
  Papersize: A4
  PpdFiles:
   Error: command ['fgrep', '-H', '*NickName', 
'/etc/cups/ppd/OfficeJet_Pro_7740-HPLIP.ppd', '/etc/cups/ppd/HP7740.ppd', 
'/etc/cups/ppd/HP_OfficeJet_Pro_7740_series_B7D1A6.ppd'] failed with exit code 
2: grep: /etc/cups/ppd/OfficeJet_Pro_7740-HPLIP.ppd: Permission denied
   grep: /etc/cups/ppd/HP7740.ppd: Permission denied
   grep: /etc/cups/ppd/HP_OfficeJet_Pro_7740_series_B7D1A6.ppd: Permission 
denied
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-6.2.0-35-generic 
root=/dev/mapper/vgkubuntu-root ro quiet splash vt.handoff=7
  SourcePackage: cups
  UpgradeStatus: Upgraded to lunar on 2023-05-22 (154 days ago)
  dmi.bios.date: 07/18/2022
  dmi.bios.release: 5.26
  dmi.bios.vendor: Intel Corp.
  dmi.bios.version: WSADL357.0085.2022.0718.1739
  dmi.board.name: NUC12WSBi5
  dmi.board.vendor: Intel Corporation
  dmi.board.version: M46425-302
  dmi.chassis.type: 35
  dmi.chassis.vendor: Intel Corporation
  dmi.chassis.version: 2.0
  dmi.modalias: 
dmi:bvnIntelCorp.:bvrWSADL357.0085.2022.0718.1739:bd07/18/2022:br5.26:svnIntel(R)ClientSystems:pnNUC12WSHi5:pvrM46655-302:rvnIntelCorporation:rnNUC12WSBi5:rvrM46425-302:cvnIntelCorporation:ct35:cvr2.0:skuNUC12WSHi5000:
  dmi.product.family: WS
  dmi.product.name: NUC12WSHi5
  dmi.product.sku: NUC12WSHi5000
  dmi.product.version: M46655-302
  dmi.sys.vendor: Intel(R) Client Systems

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2040270/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2040318] [NEW] GPU not found

2023-10-24 Thread Justin Klassen

Public bug reported:

Trying to workout an issue where my GPU is not being detected, ran
apport-bug xorg and it took me here

ProblemType: Bug
DistroRelease: Ubuntu 23.04
Package: xorg 1:7.7+23ubuntu2
ProcVersionSignature: Ubuntu 6.2.0-35.35-generic 6.2.16
Uname: Linux 6.2.0-35-generic x86_64
NonfreeKernelModules: wl
.tmp.unity_support_test.0:
 
ApportVersion: 2.26.1-0ubuntu2.1
Architecture: amd64
BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
CasperMD5CheckResult: pass
CompositorRunning: None
CurrentDesktop: ubuntu:GNOME
Date: Tue Oct 24 13:33:03 2023
DistUpgraded: 2023-10-21 10:19:12,691 DEBUG Running PostInstallScript: 
'/usr/lib/ubuntu-advantage/upgrade_lts_contract.py'
DistroCodename: lunar
DistroVariant: ubuntu
DkmsStatus:
 broadcom-sta/6.30.223.271, 6.2.0-34-generic, x86_64: installed
 broadcom-sta/6.30.223.271, 6.2.0-35-generic, x86_64: installed
ExtraDebuggingInterest: Yes, if not too technical
GraphicsCard:
 Intel Corporation Device [8086:0d22] (rev 08) (prog-if 00 [VGA controller])
   Subsystem: Apple Inc. Device [106b:0122]
InstallationDate: Installed on 2023-04-29 (178 days ago)
InstallationMedia: Ubuntu 22.04.2 LTS "Jammy Jellyfish" - Release amd64 
(20230223)
Lsusb:
 Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
 Bus 001 Device 006: ID 05ac:828d Apple, Inc. Bluetooth USB Host Controller
 Bus 001 Device 003: ID 0a5c:4500 Broadcom Corp. BCM2046B1 USB 2.0 Hub (part of 
BCM2046 Bluetooth)
 Bus 001 Device 002: ID 05ac:8511 Apple, Inc. FaceTime HD Camera (Built-in)
 Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
MachineType: Apple Inc. iMac14,1
ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-6.2.0-35-generic 
root=UUID=25be08ed-269b-48f4-b449-432add52d238 ro quiet splash vt.handoff=7
SourcePackage: xorg
UpgradeStatus: Upgraded to lunar on 2023-10-21 (3 days ago)
dmi.bios.date: 06/10/2020
dmi.bios.release: 0.1
dmi.bios.vendor: Apple Inc.
dmi.bios.version: 146.0.0.0.0
dmi.board.asset.tag: Base Board Asset Tag#
dmi.board.name: Mac-031B6874CF7F642A
dmi.board.vendor: Apple Inc.
dmi.board.version: iMac14,1
dmi.chassis.type: 13
dmi.chassis.vendor: Apple Inc.
dmi.chassis.version: Mac-031B6874CF7F642A
dmi.modalias: 
dmi:bvnAppleInc.:bvr146.0.0.0.0:bd06/10/2020:br0.1:svnAppleInc.:pniMac14,1:pvr1.0:rvnAppleInc.:rnMac-031B6874CF7F642A:rvriMac14,1:cvnAppleInc.:ct13:cvrMac-031B6874CF7F642A:skuSystemSKU#:
dmi.product.family: iMac
dmi.product.name: iMac14,1
dmi.product.sku: System SKU#
dmi.product.version: 1.0
dmi.sys.vendor: Apple Inc.
version.compiz: compiz N/A
version.libdrm2: libdrm2 2.4.114-1
version.libgl1-mesa-dri: libgl1-mesa-dri 23.2.0.20230712.1-2073~22.04
version.libgl1-mesa-glx: libgl1-mesa-glx N/A
version.xserver-xorg-core: xserver-xorg-core 2:21.1.7-1ubuntu3
version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-3
version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20210115-1
version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 1:1.0.17-2build1

** Affects: xorg (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug lunar third-party-packages ubuntu wayland-session

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/2040318

Title:
  GPU not found

Status in xorg package in Ubuntu:
  New

Bug description:
  Trying to workout an issue where my GPU is not being detected, ran
  apport-bug xorg and it took me here

  ProblemType: Bug
  DistroRelease: Ubuntu 23.04
  Package: xorg 1:7.7+23ubuntu2
  ProcVersionSignature: Ubuntu 6.2.0-35.35-generic 6.2.16
  Uname: Linux 6.2.0-35-generic x86_64
  NonfreeKernelModules: wl
  .tmp.unity_support_test.0:
   
  ApportVersion: 2.26.1-0ubuntu2.1
  Architecture: amd64
  BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
  CasperMD5CheckResult: pass
  CompositorRunning: None
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Oct 24 13:33:03 2023
  DistUpgraded: 2023-10-21 10:19:12,691 DEBUG Running PostInstallScript: 
'/usr/lib/ubuntu-advantage/upgrade_lts_contract.py'
  DistroCodename: lunar
  DistroVariant: ubuntu
  DkmsStatus:
   broadcom-sta/6.30.223.271, 6.2.0-34-generic, x86_64: installed
   broadcom-sta/6.30.223.271, 6.2.0-35-generic, x86_64: installed
  ExtraDebuggingInterest: Yes, if not too technical
  GraphicsCard:
   Intel Corporation Device [8086:0d22] (rev 08) (prog-if 00 [VGA controller])
 Subsystem: Apple Inc. Device [106b:0122]
  InstallationDate: Installed on 2023-04-29 (178 days ago)
  InstallationMedia: Ubuntu 22.04.2 LTS "Jammy Jellyfish" - Release amd64 
(20230223)
  Lsusb:
   Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
   Bus 001 Device 006: ID 05ac:828d Apple, Inc. Bluetooth USB Host Controller
   Bus 001 Device 003: ID 0a5c:4500 Broadcom Corp. BCM2046B1 USB 2.0 Hub (part 
of BCM2046 Bluetooth)
   Bus 001 Device 002: ID 0

[Touch-packages] [Bug 2040292] Re: network-manager SRU flags system for restart required but also restarted the service

2023-10-24 Thread Jeremy Bícha

What are the consequences of delaying NetworkManager's restart until
reboot? It is "mandatory" to reboot after the upgrade to 23.10, but we
don't force it to happen immediately.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2040292

Title:
  network-manager SRU flags system for restart required but also
  restarted the service

Status in network-manager package in Ubuntu:
  Confirmed

Bug description:
  After applying the network-manager SRU in mantic, I get a notification
  that a system restart is required to fully apply updates.

  This immediately raised a question, because I KNOW my network
  connection was restarted when the SRU was installed (I have a VPN that
  did not auto-reconnect).

  And I checked the state of the process - it was definitely restarted
  and is running from the binary currently on disk.

  The network-manager postinst has the following code:

  # request a reboot (NM tears down interfaces on restart
  # which is not the way we want to go)
  [ -x /usr/share/update-notifier/notify-reboot-required ] && \
  /usr/share/update-notifier/notify-reboot-required

  But the service restart is also happening. debian/rules currently has:

  override_dh_installsystemd:
  dh_installsystemd -pnetwork-manager --no-start 
NetworkManager-dispatcher.service NetworkManager-wait-online.service 
nm-priv-helper.service
  dh_installsystemd -pnetwork-manager --no-also NetworkManager.service

  No other systemd overrides. Nothing inhibits the restart of the
  service.

  It needs to be one or the other.  And if we're doing SRUs of network-
  manager, then this is bad UX for users applying their daily updates
  and should be fixed in SRU.

  ProblemType: Bug
  DistroRelease: Ubuntu 23.10
  Package: network-manager 1.44.2-1ubuntu1.1
  ProcVersionSignature: Ubuntu 6.5.0-9.9-generic 6.5.3
  Uname: Linux 6.5.0-9-generic x86_64
  NonfreeKernelModules: zfs
  ApportVersion: 2.27.0-0ubuntu5
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Oct 24 08:19:38 2023
  InstallationDate: Installed on 2019-12-23 (1401 days ago)
  InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017)
  RebootRequiredPkgs: Error: path contained symlinks.
  SourcePackage: network-manager
  UpgradeStatus: Upgraded to mantic on 2023-10-16 (8 days ago)
  nmcli-nm:
   RUNNING  VERSION  STATE  STARTUP  CONNECTIVITY  NETWORKING  WIFI-HW  
WIFI WWAN-HW  WWAN
   running  1.44.2   connected  started  full  enabled enabled  
enabled  missing  enabled

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/2040292/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Re: [Touch-packages] [Bug 2040292] Re: network-manager SRU flags system for restart required but also restarted the service

On Tue, Oct 24, 2023 at 07:36:16PM -, Jeremy Bícha wrote:
> What are the consequences of delaying NetworkManager's restart until
> reboot?

This is not an option on upgrade from <= 23.04 to >= 23.10 because the
postinst needs the new NetworkManager running for the connections migration.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2040292

Title:
  network-manager SRU flags system for restart required but also
  restarted the service

Status in network-manager package in Ubuntu:
  Confirmed

Bug description:
  After applying the network-manager SRU in mantic, I get a notification
  that a system restart is required to fully apply updates.

  This immediately raised a question, because I KNOW my network
  connection was restarted when the SRU was installed (I have a VPN that
  did not auto-reconnect).

  And I checked the state of the process - it was definitely restarted
  and is running from the binary currently on disk.

  The network-manager postinst has the following code:

  # request a reboot (NM tears down interfaces on restart
  # which is not the way we want to go)
  [ -x /usr/share/update-notifier/notify-reboot-required ] && \
  /usr/share/update-notifier/notify-reboot-required

  But the service restart is also happening. debian/rules currently has:

  override_dh_installsystemd:
  dh_installsystemd -pnetwork-manager --no-start 
NetworkManager-dispatcher.service NetworkManager-wait-online.service 
nm-priv-helper.service
  dh_installsystemd -pnetwork-manager --no-also NetworkManager.service

  No other systemd overrides. Nothing inhibits the restart of the
  service.

  It needs to be one or the other.  And if we're doing SRUs of network-
  manager, then this is bad UX for users applying their daily updates
  and should be fixed in SRU.

  ProblemType: Bug
  DistroRelease: Ubuntu 23.10
  Package: network-manager 1.44.2-1ubuntu1.1
  ProcVersionSignature: Ubuntu 6.5.0-9.9-generic 6.5.3
  Uname: Linux 6.5.0-9-generic x86_64
  NonfreeKernelModules: zfs
  ApportVersion: 2.27.0-0ubuntu5
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Oct 24 08:19:38 2023
  InstallationDate: Installed on 2019-12-23 (1401 days ago)
  InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017)
  RebootRequiredPkgs: Error: path contained symlinks.
  SourcePackage: network-manager
  UpgradeStatus: Upgraded to mantic on 2023-10-16 (8 days ago)
  nmcli-nm:
   RUNNING  VERSION  STATE  STARTUP  CONNECTIVITY  NETWORKING  WIFI-HW  
WIFI WWAN-HW  WWAN
   running  1.44.2   connected  started  full  enabled enabled  
enabled  missing  enabled

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/2040292/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2038998] Re: [amdgpu] Screen artifacts/UI oddities on Wayland

2023-10-24 Thread Noctis Bennington

https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/7062

Seems it's closed. However, I'm still seeing this in 23.10. I see it
when I open Steam. Definitely it has something to do with XWayland.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/2038998

Title:
  [amdgpu] Screen artifacts/UI oddities on Wayland

Status in linux package in Ubuntu:
  Confirmed
Status in mesa package in Ubuntu:
  Confirmed

Bug description:
  Laptop is a Lenovo ThinkPad P14s Gen 2 AMD.
  Ryzen 7 PRO 5850U
  with Radeon (RX Vega 8?) integrated graphics
  16 GB RAM

  Running Ubuntu 23.10 (GNOME) from a clean install performed October 9,
  2023 from a daily-live/current .iso generated on October 4, 2023.

  Wayland
  Kernel 6.5.0-9-generic

  * * * * *

  Installed a pre-release build of Ubuntu 23.10 to my ThinkPad the other
  day, was going through setting up and testing the usual programs.

  Installed Steam through apt from the 'mantic' repositories. Installed
  Proton 8.0 and Steam Linux Runtime 3.0 (Sniper) alongside two
  compatible titles.

  Screen corruption (white and grey streaks) present in-game when GNOME
  UI elements appeared on-screen (e.g., volume, brightness, and keyboard
  backlight indicators) and omnipresent after closing either game.

  Artifacts remain on screen until log-out or reboot. Artifacts were not
  present beforehand.

  Artifacts only appeared in Wayland session; not X11/Xorg.

  I previously had been running the same games on Ubuntu 22.04 LTS
  (GNOME, Wayland) and Kubuntu 22.04 LTS (Plasma, X11/Xorg) on this
  computer without issue (kernel 6.2).

  * * * * *

  Please see subsequent posts for video/images.

  Happy to provide any other information as needed. Thanks!

  * * * * *

  ProblemType: Bug
  DistroRelease: Ubuntu 23.10
  Package: xorg 1:7.7+23ubuntu2
  ProcVersionSignature: Ubuntu 6.5.0-9.9-generic 6.5.3
  Uname: Linux 6.5.0-9-generic x86_64
  ApportVersion: 2.27.0-0ubuntu5
  Architecture: amd64
  BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
  CasperMD5CheckResult: unknown
  CompositorRunning: None
  CurrentDesktop: ubuntu:GNOME
  Date: Wed Oct 11 01:17:43 2023
  DistUpgraded: Fresh install
  DistroCodename: mantic
  DistroVariant: ubuntu
  ExtraDebuggingInterest: Yes, if not too technical
  GraphicsCard:
   Advanced Micro Devices, Inc. [AMD/ATI] Cezanne [Radeon Vega Series / Radeon 
Vega Mobile Series] [1002:1638] (rev d1) (prog-if 00 [VGA controller])
     Subsystem: Lenovo Cezanne [Radeon Vega Series / Radeon Vega Mobile Series] 
[17aa:509b]
  MachineType: {report['dmi.sys.vendor']} {report['dmi.product.name']}
  ProcEnviron:
   LANG=en_US.UTF-8
   PATH=(custom, no user)
   SHELL=/bin/bash
   TERM=xterm-256color
   XDG_RUNTIME_DIR=
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-6.5.0-9-generic 
root=/dev/mapper/ubuntu--vg-ubuntu--lv ro quiet splash vt.handoff=7
  SourcePackage: xorg
  Symptom: display
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 05/15/2023
  dmi.bios.release: 1.24
  dmi.bios.vendor: LENOVO
  dmi.bios.version: R1MET54W (1.24 )
  dmi.board.asset.tag: Not Available
  dmi.board.name: 21A00068US
  dmi.board.vendor: LENOVO
  dmi.board.version: SDK0T76530 WIN
  dmi.chassis.asset.tag: No Asset Information
  dmi.chassis.type: 10
  dmi.chassis.vendor: LENOVO
  dmi.chassis.version: None
  dmi.ec.firmware.release: 1.24
  dmi.modalias: 
dmi:bvnLENOVO:bvrR1MET54W(1.24):bd05/15/2023:br1.24:efr1.24:svnLENOVO:pn21A00068US:pvrThinkPadP14sGen2a:rvnLENOVO:rn21A00068US:rvrSDK0T76530WIN:cvnLENOVO:ct10:cvrNone:skuLENOVO_MT_21A0_BU_Think_FM_ThinkPadP14sGen2a:
  dmi.product.family: ThinkPad P14s Gen 2a
  dmi.product.name: 21A00068US
  dmi.product.sku: LENOVO_MT_21A0_BU_Think_FM_ThinkPad P14s Gen 2a
  dmi.product.version: ThinkPad P14s Gen 2a
  dmi.sys.vendor: LENOVO
  version.compiz: compiz N/A
  version.libdrm2: libdrm2 2.4.115-1
  version.libgl1-mesa-dri: libgl1-mesa-dri 23.2.1-1ubuntu3
  version.libgl1-mesa-glx: libgl1-mesa-glx N/A
  version.xserver-xorg-core: xserver-xorg-core 2:21.1.7-3ubuntu2
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-3
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20210115-1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.17-2build1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2038998/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2038998] Re: [amdgpu] Screen artifacts/UI oddities on Wayland

** Also affects: gnome-shell via
   https://gitlab.gnome.org/GNOME/gnome-shell/-/issues/7062
   Importance: Unknown
   Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to mesa in Ubuntu.
https://bugs.launchpad.net/bugs/2038998

Title:
  [amdgpu] Screen artifacts/UI oddities on Wayland

Status in GNOME Shell:
  Unknown
Status in linux package in Ubuntu:
  Confirmed
Status in mesa package in Ubuntu:
  Confirmed

Bug description:
  Laptop is a Lenovo ThinkPad P14s Gen 2 AMD.
  Ryzen 7 PRO 5850U
  with Radeon (RX Vega 8?) integrated graphics
  16 GB RAM

  Running Ubuntu 23.10 (GNOME) from a clean install performed October 9,
  2023 from a daily-live/current .iso generated on October 4, 2023.

  Wayland
  Kernel 6.5.0-9-generic

  * * * * *

  Installed a pre-release build of Ubuntu 23.10 to my ThinkPad the other
  day, was going through setting up and testing the usual programs.

  Installed Steam through apt from the 'mantic' repositories. Installed
  Proton 8.0 and Steam Linux Runtime 3.0 (Sniper) alongside two
  compatible titles.

  Screen corruption (white and grey streaks) present in-game when GNOME
  UI elements appeared on-screen (e.g., volume, brightness, and keyboard
  backlight indicators) and omnipresent after closing either game.

  Artifacts remain on screen until log-out or reboot. Artifacts were not
  present beforehand.

  Artifacts only appeared in Wayland session; not X11/Xorg.

  I previously had been running the same games on Ubuntu 22.04 LTS
  (GNOME, Wayland) and Kubuntu 22.04 LTS (Plasma, X11/Xorg) on this
  computer without issue (kernel 6.2).

  * * * * *

  Please see subsequent posts for video/images.

  Happy to provide any other information as needed. Thanks!

  * * * * *

  ProblemType: Bug
  DistroRelease: Ubuntu 23.10
  Package: xorg 1:7.7+23ubuntu2
  ProcVersionSignature: Ubuntu 6.5.0-9.9-generic 6.5.3
  Uname: Linux 6.5.0-9-generic x86_64
  ApportVersion: 2.27.0-0ubuntu5
  Architecture: amd64
  BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
  CasperMD5CheckResult: unknown
  CompositorRunning: None
  CurrentDesktop: ubuntu:GNOME
  Date: Wed Oct 11 01:17:43 2023
  DistUpgraded: Fresh install
  DistroCodename: mantic
  DistroVariant: ubuntu
  ExtraDebuggingInterest: Yes, if not too technical
  GraphicsCard:
   Advanced Micro Devices, Inc. [AMD/ATI] Cezanne [Radeon Vega Series / Radeon 
Vega Mobile Series] [1002:1638] (rev d1) (prog-if 00 [VGA controller])
     Subsystem: Lenovo Cezanne [Radeon Vega Series / Radeon Vega Mobile Series] 
[17aa:509b]
  MachineType: {report['dmi.sys.vendor']} {report['dmi.product.name']}
  ProcEnviron:
   LANG=en_US.UTF-8
   PATH=(custom, no user)
   SHELL=/bin/bash
   TERM=xterm-256color
   XDG_RUNTIME_DIR=
  ProcKernelCmdLine: BOOT_IMAGE=/vmlinuz-6.5.0-9-generic 
root=/dev/mapper/ubuntu--vg-ubuntu--lv ro quiet splash vt.handoff=7
  SourcePackage: xorg
  Symptom: display
  UpgradeStatus: No upgrade log present (probably fresh install)
  dmi.bios.date: 05/15/2023
  dmi.bios.release: 1.24
  dmi.bios.vendor: LENOVO
  dmi.bios.version: R1MET54W (1.24 )
  dmi.board.asset.tag: Not Available
  dmi.board.name: 21A00068US
  dmi.board.vendor: LENOVO
  dmi.board.version: SDK0T76530 WIN
  dmi.chassis.asset.tag: No Asset Information
  dmi.chassis.type: 10
  dmi.chassis.vendor: LENOVO
  dmi.chassis.version: None
  dmi.ec.firmware.release: 1.24
  dmi.modalias: 
dmi:bvnLENOVO:bvrR1MET54W(1.24):bd05/15/2023:br1.24:efr1.24:svnLENOVO:pn21A00068US:pvrThinkPadP14sGen2a:rvnLENOVO:rn21A00068US:rvrSDK0T76530WIN:cvnLENOVO:ct10:cvrNone:skuLENOVO_MT_21A0_BU_Think_FM_ThinkPadP14sGen2a:
  dmi.product.family: ThinkPad P14s Gen 2a
  dmi.product.name: 21A00068US
  dmi.product.sku: LENOVO_MT_21A0_BU_Think_FM_ThinkPad P14s Gen 2a
  dmi.product.version: ThinkPad P14s Gen 2a
  dmi.sys.vendor: LENOVO
  version.compiz: compiz N/A
  version.libdrm2: libdrm2 2.4.115-1
  version.libgl1-mesa-dri: libgl1-mesa-dri 23.2.1-1ubuntu3
  version.libgl1-mesa-glx: libgl1-mesa-glx N/A
  version.xserver-xorg-core: xserver-xorg-core 2:21.1.7-3ubuntu2
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-3
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20210115-1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.17-2build1

To manage notifications about this bug go to:
https://bugs.launchpad.net/gnome-shell/+bug/2038998/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2038901] Re: Ubuntu default/minimal installation is only ~11% smaller than full installation

The purpose here is to evaluate what can be moved from Minimal to Full.
The size of the Full install would not change but the size of Minimal
should be smaller.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ubuntu-meta in Ubuntu.
https://bugs.launchpad.net/bugs/2038901

Title:
  Ubuntu default/minimal installation is only ~11% smaller than full
  installation

Status in ubuntu-meta package in Ubuntu:
  New

Bug description:
  Ubuntu default/minimal installation should be made smaller in future.
  It's a little too close to the full install size right now. As of
  mantic 2023-10-10, the default/minimal install ends up 8.4 GB whereas
  the full install is 9.4 GB.

  
https://docs.google.com/spreadsheets/d/e/2PACX-1vSmQLXuDO0E-tKnWcgjL3Ua2bWDeUg4ICZIfuMrrZndBrYjbVLKAWlKuiZLZ9EOrj4N1WV37DRg8GyW/pubchart?oid=2040836911&format=interactive

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-meta/+bug/2038901/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2040318] Re: GPU not found

Your GPU is detected and working as far as I can tell.

What is the problem you are seeing?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/2040318

Title:
  GPU not found

Status in Ubuntu:
  Invalid

Bug description:
  Trying to workout an issue where my GPU is not being detected, ran
  apport-bug xorg and it took me here

  ProblemType: Bug
  DistroRelease: Ubuntu 23.04
  Package: xorg 1:7.7+23ubuntu2
  ProcVersionSignature: Ubuntu 6.2.0-35.35-generic 6.2.16
  Uname: Linux 6.2.0-35-generic x86_64
  NonfreeKernelModules: wl
  .tmp.unity_support_test.0:
   
  ApportVersion: 2.26.1-0ubuntu2.1
  Architecture: amd64
  BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
  CasperMD5CheckResult: pass
  CompositorRunning: None
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Oct 24 13:33:03 2023
  DistUpgraded: 2023-10-21 10:19:12,691 DEBUG Running PostInstallScript: 
'/usr/lib/ubuntu-advantage/upgrade_lts_contract.py'
  DistroCodename: lunar
  DistroVariant: ubuntu
  DkmsStatus:
   broadcom-sta/6.30.223.271, 6.2.0-34-generic, x86_64: installed
   broadcom-sta/6.30.223.271, 6.2.0-35-generic, x86_64: installed
  ExtraDebuggingInterest: Yes, if not too technical
  GraphicsCard:
   Intel Corporation Device [8086:0d22] (rev 08) (prog-if 00 [VGA controller])
 Subsystem: Apple Inc. Device [106b:0122]
  InstallationDate: Installed on 2023-04-29 (178 days ago)
  InstallationMedia: Ubuntu 22.04.2 LTS "Jammy Jellyfish" - Release amd64 
(20230223)
  Lsusb:
   Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
   Bus 001 Device 006: ID 05ac:828d Apple, Inc. Bluetooth USB Host Controller
   Bus 001 Device 003: ID 0a5c:4500 Broadcom Corp. BCM2046B1 USB 2.0 Hub (part 
of BCM2046 Bluetooth)
   Bus 001 Device 002: ID 05ac:8511 Apple, Inc. FaceTime HD Camera (Built-in)
   Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
  MachineType: Apple Inc. iMac14,1
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-6.2.0-35-generic 
root=UUID=25be08ed-269b-48f4-b449-432add52d238 ro quiet splash vt.handoff=7
  SourcePackage: xorg
  UpgradeStatus: Upgraded to lunar on 2023-10-21 (3 days ago)
  dmi.bios.date: 06/10/2020
  dmi.bios.release: 0.1
  dmi.bios.vendor: Apple Inc.
  dmi.bios.version: 146.0.0.0.0
  dmi.board.asset.tag: Base Board Asset Tag#
  dmi.board.name: Mac-031B6874CF7F642A
  dmi.board.vendor: Apple Inc.
  dmi.board.version: iMac14,1
  dmi.chassis.type: 13
  dmi.chassis.vendor: Apple Inc.
  dmi.chassis.version: Mac-031B6874CF7F642A
  dmi.modalias: 
dmi:bvnAppleInc.:bvr146.0.0.0.0:bd06/10/2020:br0.1:svnAppleInc.:pniMac14,1:pvr1.0:rvnAppleInc.:rnMac-031B6874CF7F642A:rvriMac14,1:cvnAppleInc.:ct13:cvrMac-031B6874CF7F642A:skuSystemSKU#:
  dmi.product.family: iMac
  dmi.product.name: iMac14,1
  dmi.product.sku: System SKU#
  dmi.product.version: 1.0
  dmi.sys.vendor: Apple Inc.
  version.compiz: compiz N/A
  version.libdrm2: libdrm2 2.4.114-1
  version.libgl1-mesa-dri: libgl1-mesa-dri 23.2.0.20230712.1-2073~22.04
  version.libgl1-mesa-glx: libgl1-mesa-glx N/A
  version.xserver-xorg-core: xserver-xorg-core 2:21.1.7-1ubuntu3
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-3
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20210115-1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.17-2build1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/2040318/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2040318] Re: GPU not found

Oh I see you have unsupported Mesa packages installed and I can't tell
where those came from:

  23.2.0.20230712.1-2073~22.04

You can get the correct packages from:

https://launchpad.net/ubuntu/+source/mesa/23.0.4-0ubuntu1~23.04.1/+build/26314308

but it might be easier to just reinstall Ubuntu. And please avoid using
PPAs.

** Package changed: xorg (Ubuntu) => ubuntu

** Changed in: ubuntu
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to xorg in Ubuntu.
https://bugs.launchpad.net/bugs/2040318

Title:
  GPU not found

Status in Ubuntu:
  Invalid

Bug description:
  Trying to workout an issue where my GPU is not being detected, ran
  apport-bug xorg and it took me here

  ProblemType: Bug
  DistroRelease: Ubuntu 23.04
  Package: xorg 1:7.7+23ubuntu2
  ProcVersionSignature: Ubuntu 6.2.0-35.35-generic 6.2.16
  Uname: Linux 6.2.0-35-generic x86_64
  NonfreeKernelModules: wl
  .tmp.unity_support_test.0:
   
  ApportVersion: 2.26.1-0ubuntu2.1
  Architecture: amd64
  BootLog: Error: [Errno 13] Permission denied: '/var/log/boot.log'
  CasperMD5CheckResult: pass
  CompositorRunning: None
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Oct 24 13:33:03 2023
  DistUpgraded: 2023-10-21 10:19:12,691 DEBUG Running PostInstallScript: 
'/usr/lib/ubuntu-advantage/upgrade_lts_contract.py'
  DistroCodename: lunar
  DistroVariant: ubuntu
  DkmsStatus:
   broadcom-sta/6.30.223.271, 6.2.0-34-generic, x86_64: installed
   broadcom-sta/6.30.223.271, 6.2.0-35-generic, x86_64: installed
  ExtraDebuggingInterest: Yes, if not too technical
  GraphicsCard:
   Intel Corporation Device [8086:0d22] (rev 08) (prog-if 00 [VGA controller])
 Subsystem: Apple Inc. Device [106b:0122]
  InstallationDate: Installed on 2023-04-29 (178 days ago)
  InstallationMedia: Ubuntu 22.04.2 LTS "Jammy Jellyfish" - Release amd64 
(20230223)
  Lsusb:
   Bus 002 Device 001: ID 1d6b:0003 Linux Foundation 3.0 root hub
   Bus 001 Device 006: ID 05ac:828d Apple, Inc. Bluetooth USB Host Controller
   Bus 001 Device 003: ID 0a5c:4500 Broadcom Corp. BCM2046B1 USB 2.0 Hub (part 
of BCM2046 Bluetooth)
   Bus 001 Device 002: ID 05ac:8511 Apple, Inc. FaceTime HD Camera (Built-in)
   Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
  MachineType: Apple Inc. iMac14,1
  ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-6.2.0-35-generic 
root=UUID=25be08ed-269b-48f4-b449-432add52d238 ro quiet splash vt.handoff=7
  SourcePackage: xorg
  UpgradeStatus: Upgraded to lunar on 2023-10-21 (3 days ago)
  dmi.bios.date: 06/10/2020
  dmi.bios.release: 0.1
  dmi.bios.vendor: Apple Inc.
  dmi.bios.version: 146.0.0.0.0
  dmi.board.asset.tag: Base Board Asset Tag#
  dmi.board.name: Mac-031B6874CF7F642A
  dmi.board.vendor: Apple Inc.
  dmi.board.version: iMac14,1
  dmi.chassis.type: 13
  dmi.chassis.vendor: Apple Inc.
  dmi.chassis.version: Mac-031B6874CF7F642A
  dmi.modalias: 
dmi:bvnAppleInc.:bvr146.0.0.0.0:bd06/10/2020:br0.1:svnAppleInc.:pniMac14,1:pvr1.0:rvnAppleInc.:rnMac-031B6874CF7F642A:rvriMac14,1:cvnAppleInc.:ct13:cvrMac-031B6874CF7F642A:skuSystemSKU#:
  dmi.product.family: iMac
  dmi.product.name: iMac14,1
  dmi.product.sku: System SKU#
  dmi.product.version: 1.0
  dmi.sys.vendor: Apple Inc.
  version.compiz: compiz N/A
  version.libdrm2: libdrm2 2.4.114-1
  version.libgl1-mesa-dri: libgl1-mesa-dri 23.2.0.20230712.1-2073~22.04
  version.libgl1-mesa-glx: libgl1-mesa-glx N/A
  version.xserver-xorg-core: xserver-xorg-core 2:21.1.7-1ubuntu3
  version.xserver-xorg-input-evdev: xserver-xorg-input-evdev N/A
  version.xserver-xorg-video-ati: xserver-xorg-video-ati 1:19.1.0-3
  version.xserver-xorg-video-intel: xserver-xorg-video-intel 
2:2.99.917+git20210115-1
  version.xserver-xorg-video-nouveau: xserver-xorg-video-nouveau 
1:1.0.17-2build1

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+bug/2040318/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2040153] Autopkgtest regression report (network-manager/1.44.2-1ubuntu1.2)

2023-10-24 Thread Ubuntu SRU Bot

All autopkgtests for the newly accepted network-manager (1.44.2-1ubuntu1.2) for 
mantic have finished running.
The following regressions have been reported in tests triggered by the package:

network-manager/1.44.2-1ubuntu1.2 (arm64)


Please visit the excuses page listed below and investigate the failures, 
proceeding afterwards as per the StableReleaseUpdates policy regarding 
autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-
migration/mantic/update_excuses.html#network-manager

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2040153

Title:
  Network Manager will not remove Netplan YAMLs when connections are
  deleted

Status in netplan.io package in Ubuntu:
  Triaged
Status in network-manager package in Ubuntu:
  In Progress
Status in netplan.io source package in Mantic:
  Invalid
Status in network-manager source package in Mantic:
  Fix Committed

Bug description:
  [ Impact ]

  Desktop users, or any users with YAML files in /usr/lib/netplan, can't delete
  Network Manager connections persistently. That means that, when the 
connection is
  deliberately deleted by the user, it will re-appear when the system is 
rebooted or
  netplan apply is executed.

  This is happening because the systemd service unit is setting the property 
"ProtectSystem"
  to true. Because of that, /usr is being presented to the Network Manager 
daemon as read-only.
  When connections are deleted, libnetplan will try to open its YAML files with 
writing permissions
  and will fail for files from /usr/lib/netplan. Even if the user hasn't added 
any files there manually,
  the file /usr/lib/netplan/00-network-manager-all.yaml will be installed by 
the package ubuntu-settings.

  This issue is fixed by allow-listing /usr/lib/netplan with 
ReadWritePaths=/usr/lib/netplan in systemd
  so the Network Manager's daemon will be able to write to that directory.

  This upload also improves the autopkgtests related to Netplan. Network 
Manager will be
  started by systemd, which ensures we are testing in the same environment 
conditions
  used by a desktop installation. It also adds a few more instances of 
connections deletions so
  we can test a bit more that YAML files are being removed. It also adds all 
the dependencies
  required by the test script (which sadly was causing the nm_netplan.py tests 
to be skipped).

  [ Test Plan ]

  Launch a new Mantic VM:

  $ lxc launch ubuntu:mantic --vm

  Install network-manager and ubuntu-settings:

  # apt install network-manager ubuntu-settings

  Run Netplan

  # netplan apply

  Create a dummy connection via nmcli:

  # nmcli con add type dummy connection.interface-name dummy0

  Check a new YAML will be created in /etc/netplan

  Delete the connection with nmcli

  # nmcli con del dummy-dummy0

  Check the YAML WAS NOT removed from /etc/netplan

  You will see the error below in the NetworkManager's journal

  netplan_delete_connection: Cannot write output state: Read-only file
  system

  Add the PPA containing the fix and run the same test described above

  # add-apt-repository ppa:danilogondolfo/network-manager
  # apt update
  # apt upgrade

  Check that the YAML will be created when the connection is added and
  deleted and the connection is removed.

  [ Where problems could occur ]

  As the only change is a relaxation of the restrictions applied by systemd on 
the environment where Network Manager
  runs, we are not expecting any regression.

  As for the changes in the autopkgtest related to Netplan, they are
  passing on all architectures.

  Autopkgtests

  amd64 - 
https://autopkgtest.ubuntu.com/results/autopkgtest-mantic-danilogondolfo-network-manager/mantic/amd64/n/network-manager/20231023_175203_b2798@/log.gz
  ppc64 - 
https://autopkgtest.ubuntu.com/results/autopkgtest-mantic-danilogondolfo-network-manager/mantic/ppc64el/n/network-manager/20231023_182332_f0497@/log.gz
  s390x - 
https://autopkgtest.ubuntu.com/results/autopkgtest-mantic-danilogondolfo-network-manager/mantic/s390x/n/network-manager/20231023_190810_ced8d@/log.gz
  arm64 - 
https://autopkgtest.ubuntu.com/results/autopkgtest-mantic-danilogondolfo-network-manager/mantic/arm64/n/network-manager/20231024_084542_ac017@/log.gz
  armhf - 
https://autopkgtest.ubuntu.com/results/autopkgtest-mantic-danilogondolfo-network-manager/mantic/armhf/n/network-manager/20231024_083545_ac017@/log.gz

  [ Other Info ]

  
  --- Original description ---

  When a connection is deleted using any NM facility, libnetplan is
  failing to delete the YAML file. Because of that, the connection will
  be recreated when "netplan generate" runs again.

  This is probably being caused by a combination of two things. First,
  the NM's systemd unit has this setting "ProtectSystem=true", which
  w

[Touch-packages] [Bug 2032932] Re: rsync 3.1.3-8ubuntu0.6 : old or new argument protection?

[Expired for rsync (Ubuntu) because there has been no activity for 60
days.]

** Changed in: rsync (Ubuntu)
   Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to rsync in Ubuntu.
https://bugs.launchpad.net/bugs/2032932

Title:
  rsync 3.1.3-8ubuntu0.6 : old or new argument protection?

Status in rsync package in Ubuntu:
  Expired

Bug description:
  Does rsync 3.1.3-8ubuntu0.6 in focal do use the old or new "argument
  protection" by default?

  I ask because to my knowledge ubuntu-rsync do not follow upstream-
  rsync in all aspects.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rsync/+bug/2032932/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2026235] Re: Merge a5e6c8498ca, corrupted resolfconf results in inability to talk to link local DNS servers

[Expired for systemd (Ubuntu) because there has been no activity for 60
days.]

** Changed in: systemd (Ubuntu)
   Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2026235

Title:
  Merge a5e6c8498ca, corrupted resolfconf results in inability to talk
  to link local DNS servers

Status in systemd package in Ubuntu:
  Expired

Bug description:
  Package: systemd 249.11-0ubuntu3.9 
https://packages.ubuntu.com/jammy/systemd
  Description: Ubuntu 22.04.2 LTS
  Release: 22.04

  Please merge https://github.com/systemd/systemd/commit/a5e6c8498ca for
  the Ubuntu LTS release. It's a one-line fix that sets an uninitialized
  variable to zero.

  Until this fix is implemented, resolveconf generates incorrect DNS
  configuration for link-local IPv6 addresses discovered from Router
  Advertisements (RA). It retrieves the correct address, but then
  appends a random interface index. So, instead of fe80:::, the
  DNS server reads fe80:::%NNN This results in the client no
  longer being able to reach the locally configured DNS server.

  This bug can be reproduced by installing a DNS server and radvd
  (Router Advertisement demon) in an LXC container that shares a network
  bridge with another container running Ubuntu Jammy. If Jammy is
  configured to accept RDNSS information from RA, it will set the wrong
  server address.

  I believe this only works if radvd advertises a link-local addresses
  as part of the RDNSS information. If instead, it advertises a globally
  routable address (e.g. 2001:::) there is no issue.

  While uninitialized memory is always scary, I don't believe this is
  worse than maybe a denial-of-service attack? So, not quite sure
  whether this is an exploitable security issue. But that probably
  depends on exactly how the network topology looks like and whether an
  attacker can gain (limited) control over manipulating RA packets. It
  is possible that some clusters and/or containers would suffer security
  issues because of this problem.

  Also, this is technically a way to leak memory from within a systemd-
  related process. But I don't see an obvious way how to exploit this
  very limited data leak.

  Out of an abundance of precaution, I am marking this as a security
  issue. Please feel free to unflag, if you think that assessment isn't
  warranted.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2026235/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2029045] Re: package grub-common 2.06-2ubuntu7.2 failed to install/upgrade: »installiertes grub-common-Skript des Paketes post-installation«-Unterprozess gab den Fehlerwert 1 zur

[Expired for systemd (Ubuntu) because there has been no activity for 60
days.]

** Changed in: systemd (Ubuntu)
   Status: Incomplete => Expired

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/2029045

Title:
  package grub-common 2.06-2ubuntu7.2 failed to install/upgrade:
  »installiertes grub-common-Skript des Paketes post-
  installation«-Unterprozess gab den Fehlerwert 1 zurück

Status in systemd package in Ubuntu:
  Expired

Bug description:
  happened during do-release-upgrade from focal to jammy

  ProblemType: Package
  DistroRelease: Ubuntu 22.04
  Package: grub-common 2.06-2ubuntu7.2
  ProcVersionSignature: Ubuntu 5.4.0-155.172-generic 5.4.235
  Uname: Linux 5.4.0-155-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82.5
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CloudArchitecture: x86_64
  CloudID: nocloud
  CloudName: unknown
  CloudPlatform: nocloud
  CloudSubPlatform: seed-dir (/var/lib/cloud/seed/nocloud-net)
  Date: Sun Jul 30 13:28:32 2023
  ErrorMessage: »installiertes grub-common-Skript des Paketes 
post-installation«-Unterprozess gab den Fehlerwert 1 zurück
  EtcDefaultGrubD.50-curtin-settings.cfg:
   GRUB_CMDLINE_LINUX_DEFAULT=""
   # Curtin disable grub os prober that might find other OS installs.
   GRUB_DISABLE_OS_PROBER=true
   GRUB_TERMINAL=console
  ProcCmdLine: BOOT_IMAGE=/@root/boot/vmlinuz-5.4.0-155-generic 
root=UUID=26c4f664-69bc-435c-b36b-38a4cd850770 ro rootflags=subvol=@root 
rootflags=subvol=@root elevator=deadline transparent_hugepage=never 
swapaccount=1
  Python3Details: /usr/bin/python3.10, Python 3.10.6, python3-minimal, 
3.10.6-1~22.04
  PythonDetails: /usr/bin/python2.7, Python 2.7.18, python-is-python2, 2.7.17-4
  RebootRequiredPkgs: Error: path contained symlinks.
  RelatedPackageVersions:
   dpkg 1.21.1ubuntu2.2
   apt  2.4.9
  SourcePackage: grub2
  Title: package grub-common 2.06-2ubuntu7.2 failed to install/upgrade: 
»installiertes grub-common-Skript des Paketes post-installation«-Unterprozess 
gab den Fehlerwert 1 zurück
  UpgradeStatus: Upgraded to jammy on 2023-07-30 (0 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2029045/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2040389] [NEW] Merge libmnl from Debian unstable for noble

Public bug reported:

Scheduled-For: Backlog
Upstream: tbd
Debian:   1.0.4-3
Ubuntu:   1.0.4-3ubuntu1


There is nothing yet to merge for libmnl currently, but this ticket is
filed prospectfully for tracking purposes in case a merge does become
available later this cycle.

If it turns out this needs a sync rather than a merge, please change the
tag 'needs-merge' to 'needs-sync', and (optionally) update the title as
desired.


### Old Ubuntu Delta ###

libmnl (1.0.4-3ubuntu1) kinetic; urgency=medium

  * Static build does not work for libmnl (-lmnl) (LP: #1971523)

 -- Michal Maloszewski   Thu, 21 Jul
2022 14:02:16 +0200

libmnl (1.0.4-3build2) jammy; urgency=high

  * No change rebuild for ppc64el baseline bump.

 -- Julian Andres Klode   Thu, 24 Mar 2022 13:13:28
+0100

libmnl (1.0.4-3build1) impish; urgency=medium

  * No-change rebuild to build packages with zstd compression.

 -- Matthias Klose   Thu, 07 Oct 2021 12:16:42 +0200

** Affects: libmnl (Ubuntu)
 Importance: Undecided
 Status: Incomplete


** Tags: needs-merge upgrade-software-version

** Changed in: libmnl (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libmnl in Ubuntu.
https://bugs.launchpad.net/bugs/2040389

Title:
  Merge libmnl from Debian unstable for noble

Status in libmnl package in Ubuntu:
  Incomplete

Bug description:
  Scheduled-For: Backlog
  Upstream: tbd
  Debian:   1.0.4-3
  Ubuntu:   1.0.4-3ubuntu1


  There is nothing yet to merge for libmnl currently, but this ticket is
  filed prospectfully for tracking purposes in case a merge does become
  available later this cycle.

  If it turns out this needs a sync rather than a merge, please change
  the tag 'needs-merge' to 'needs-sync', and (optionally) update the
  title as desired.

  
  ### Old Ubuntu Delta ###

  libmnl (1.0.4-3ubuntu1) kinetic; urgency=medium

* Static build does not work for libmnl (-lmnl) (LP: #1971523)

   -- Michal Maloszewski   Thu, 21 Jul
  2022 14:02:16 +0200

  libmnl (1.0.4-3build2) jammy; urgency=high

* No change rebuild for ppc64el baseline bump.

   -- Julian Andres Klode   Thu, 24 Mar 2022
  13:13:28 +0100

  libmnl (1.0.4-3build1) impish; urgency=medium

* No-change rebuild to build packages with zstd compression.

   -- Matthias Klose   Thu, 07 Oct 2021 12:16:42 +0200

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libmnl/+bug/2040389/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2040385] [NEW] Merge init-system-helpers from Debian unstable for noble

Public bug reported:

Scheduled-For: Backlog
Upstream: tbd
Debian:   1.65.2
Ubuntu:   1.65.2ubuntu1


If it turns out this needs a sync rather than a merge, please change the
tag 'needs-merge' to 'needs-sync', and (optionally) update the title as
desired.


### New Debian Changes ###

init-system-helpers (1.65.2) unstable; urgency=low

  * Undo yet another hostile and baseless NMU.

 -- Luca Boccassi   Sun, 18 Sep 2022 02:53:19 +0100

init-system-helpers (1.65.1) unstable; urgency=low

  * Undo hostile NMU.

 -- Luca Boccassi   Sun, 18 Sep 2022 01:53:32 +0100

init-system-helpers (1.65) unstable; urgency=low

  * Upload to unstable.

 -- Luca Boccassi   Sat, 17 Sep 2022 21:11:07 +0100

init-system-helpers (1.65~exp2) experimental; urgency=medium

  * fakechroot tests: skip on architectures where it is not available

 -- Luca Boccassi   Thu, 15 Sep 2022 21:14:08 +0100

init-system-helpers (1.65~exp1) experimental; urgency=medium

  [ Luca Boccassi ]
  * Drop outdated conflict with file-rc
  * Add myself to Uploaders
  * d/rules: use execute_after instead of override
  * Add a dependency on usrmerge | usr-is-merged to complete the
transition. As per ctte decision and discussion at:
https://lists.debian.org/debian-ctte/2022/07/msg00019.html
https://lists.debian.org/debian-ctte/2022/07/msg00061.html
https://lists.debian.org/debian-ctte/2022/08/msg6.html

  [ Victor Westerhuis ]
  * Make deb-systemd-helper work on template units with DefaultInstance.
DefaultInstance only influences the meaning of WantedBy/RequiredBy.
Alias and Also are not impacted. This patch does not enable changing
template instantiations, so `deb-systemd-helper enable
getty@tty2.service` will still fail.
  * Fix tests depending on ordering of lines in state file. The previous
commit changes the order in which lines are written to the state file.
Because correctness does not depend on the order in which the state
file is written, ignore the order in the test.

 -- Luca Boccassi   Sat, 10 Sep 2022 13:27:16 +0100

init-system-helpers (1.64) unstable; urgency=medium

  * Team upload.
  * d-s-h: break infinite recursion on symlinks. (Closes: #1014119)
  * Bump Standards-Version to 4.6.1, no changes
  * Update date ranges in d/copyright

 -- Luca Boccassi   Mon, 04 Jul 2022 11:19:08 +0100

init-system-helpers (1.63) unstable; urgency=medium

  [ Debian Janitor ]
  * Remove constraints unnecessary since buster
* init-system-helpers: Drop versioned constraint on perl-base in Depends.
* init: Drop versioned constraint on init-system-helpers in Depends.

  [ Johannes Schauer Marin Rodrigues ]
  * t/helpers.pm: use installed version of deb-systemd-helper if
TEST_INSTALLED is set
  * add DPKG_ROOT support (Closes: #983421)

  [ Niels Thykier ]
  * Add additional error checking on write operations.
The `close()` call can fail on both read and write - while the read is
usually relatively benign, for the write counter part can include 'fun'
errors. Most of these would most likely be persistent issues, but it makes
sense to detect errors as early possible.

  [ Ville Skyttä ]
  * service: use `grep -F` instead of `egrep`
`egrep` and `fgrep` have been deprecated in GNU grep since 2007, and in
current post 3.7 Git they have been made to emit obsolescence warnings.
The occurrence in `service` uses a non-regex argument, so switch to `grep
-F` instead of `-E`.

 -- Michael Biebl   Mon, 23 May 2022 22:48:30 +0200

init-system-helpers (1.62) unstable; urgency=medium

  * Team upload.

  [ Johannes Schauer Marin Rodrigues ]
  * use fakechroot instead of unsharing the mount namespace and mounting tmpfs

  [ Luca Boccassi ]
  * deb-systemd-invoke: systemctl --machine @ is now available in
v249.10. Adjust the version check accordingly
  * Skip build-time tests if DEB_BUILD_OPTIONS=nocheck is set
  * Fix typos found by Lintian
  * Set Rules-Requires-Root: no


### Old Ubuntu Delta ###

init-system-helpers (1.65.2ubuntu1) mantic; urgency=medium

  * Drop dependency on usrmerge; this transition is long completed in
Ubuntu.  LP: #2027712.

 -- Steve Langasek   Mon, 17 Jul 2023
08:32:00 -0700

** Affects: init-system-helpers (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: needs-merge upgrade-software-version

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to init-system-helpers in
Ubuntu.
https://bugs.launchpad.net/bugs/2040385

Title:
  Merge init-system-helpers from Debian unstable for noble

Status in init-system-helpers package in Ubuntu:
  New

Bug description:
  Scheduled-For: Backlog
  Upstream: tbd
  Debian:   1.65.2
  Ubuntu:   1.65.2ubuntu1


  If it turns out this needs a sync rather than a merge, please change
  the tag 'needs-merge' to 'needs-sync', and (optionally) update the
  title as desired.

  
  ### New Debian Changes ###

  init-system-helpers (1.65.2) unst

[Touch-packages] [Bug 2040386] [NEW] Merge krb5 from Debian unstable for noble

Public bug reported:

Upstream: tbd
Debian:   1.20.1-5
Ubuntu:   1.20.1-3ubuntu1


Debian does new releases regularly, so it's likely there will be newer
versions available before FF that we can pick up if this merge is done
later in the cycle.

If it turns out this needs a sync rather than a merge, please change the
tag 'needs-merge' to 'needs-sync', and (optionally) update the title as
desired.


### New Debian Changes ###

krb5 (1.20.1-5) unstable; urgency=medium

  [ Helmut Grohne ]
  * Annotate test dependencies . (Closes: #1054461)

  [ Sam Hartman ]
  * Fix keyutils to be linux-any

 -- Helmut Grohne   Tue, 24 Oct 2023 07:17:27 +0200

krb5 (1.20.1-4) unstable; urgency=low

  [ Steve Langasek ]
  * libkrb5support0: require strict binary dependency to deal with glibc 2.38, 
Closes: #1043184

  [Jelmer Vernooij]
  * krb5-user: Use alternatives for kinit, klist, kswitch, ksu, kpasswd,
kdestroy, kadmin and ktutil. This allows installation
together with heimdal-clients. Closes: #213316, #751203

  [ Sam Hartman ]
  * Enable build-time tests, Thanks Andreas Hasenack, Closes: #1017763
  * Work around doxygen change that breaks doc build, Thanks Greg
Hudson, Closes: #1051523

 -- Sam Hartman   Mon, 11 Sep 2023 11:06:57 -0600

krb5 (1.20.1-3) unstable; urgency=high

  * Fixes CVE-2023-36054: a  remote authenticated attacker can cause
kadmind to free an uninitialized pointer.  Upstream believes remote
code execusion is unlikely, Closes: #1043431 

 -- Sam Hartman   Mon, 14 Aug 2023 14:06:53 -0600

krb5 (1.20.1-2) unstable; urgency=medium

  * Tighten dependencies on libkrb5support0.  This means that the entire
upgrade from bullseye to bookworm needs to be lockstep, but it appears
that's what is required, Closes: #1036055
  

 -- Sam Hartman   Mon, 15 May 2023 17:44:41 -0600

krb5 (1.20.1-1) unstable; urgency=high

  [ Bastian Germann ]
  * Sync debian/copyright with NOTICE from upstream

  [ Debian Janitor ]
  * Trim trailing whitespace.
  * Strip unusual field spacing from debian/control.
  * Use secure URI in Homepage field.
  * Merge upstream signing key files.
  * Update renamed lintian tag names in lintian overrides.
  * Update standards version to 4.6.1, no changes needed.
  * Remove field Section on binary package krb5-gss-samples that
duplicates source.
  * Fix field name cases in debian/control (VCS-Browser => Vcs-Browser,
VCS-Git => Vcs-Git).

  [ Sam Hartman ]
  * New upstream release
- Integer overflows in PAC parsing; potentially critical for 32-bit
KDCs or when cross-realm acts maliciously; DOS in other conditions;
CVE-2022-42898, Closes: #1024267
  * Tighten version dependencies around crypto library, Closes: 1020424
  * krb5-user reccomends rather than Depends on krb5-config.  This avoids
a hard dependency on bind9-host, but also supports cases where
krb5-config is externally managed, Closes: #1005821

 -- Sam Hartman   Thu, 17 Nov 2022 10:34:28 -0700

krb5 (1.20-1) unstable; urgency=medium

  * New Upstream Version
  * Do not specify master key type to avoid weak crypto, Closes: #1009927

 -- Sam Hartman   Fri, 22 Jul 2022 16:32:38 -0600

krb5 (1.20~beta1-1) experimental; urgency=medium

  * New Upstream version

 -- Sam Hartman   Thu, 07 Apr 2022 11:57:27 -0600

krb5 (1.19.2-2) unstable; urgency=medium

  * Standards version 4.6.0; no change
  * kpropd: run after network.target, Closes: #948820
  * krb5-kdc: Remove /var from PidFile, Closes: #982009

 -- Sam Hartman   Mon, 21 Feb 2022 13:05:20 -0700

krb5 (1.19.2-1) experimental; urgency=medium

  * New Upstream version
  * Include patch to work with OpenSSL 3.0, Closes: #995152
  * Depend on tex-gyre, Closes: #997407


### Old Ubuntu Delta ###

krb5 (1.20.1-3ubuntu1) mantic; urgency=medium

  * Make krb5int_strl(cat|copy) optional symbols, since they are not needed
when built against glibc 2.38.  Closes: #1043184.
  * Declare Breaks: against older packages using these symbols.
  * Make dependencies on libkrb5support0 strict to avoid future symbol skew.

 -- Steve Langasek   Thu, 24 Aug 2023
18:07:33 +

** Affects: krb5 (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: needs-merge upgrade-software-version

** Changed in: krb5 (Ubuntu)
Milestone: None => ubuntu-24.01

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to krb5 in Ubuntu.
https://bugs.launchpad.net/bugs/2040386

Title:
  Merge krb5 from Debian unstable for noble

Status in krb5 package in Ubuntu:
  New

Bug description:
  Upstream: tbd
  Debian:   1.20.1-5
  Ubuntu:   1.20.1-3ubuntu1


  Debian does new releases regularly, so it's likely there will be newer
  versions available before FF that we can pick up if this merge is done
  later in the cycle.

  If it turns out this needs a sync rather than a merge, please change
  the tag 'needs-merge' to 'needs-sync', and (optionally) update the
  title as desired.

  
  ### New

[Touch-packages] [Bug 2040384] [NEW] Merge heimdal from Debian unstable for noble

Public bug reported:

Upstream: tbd
Debian:   7.8.git20221117.28daf24+dfsg-3
Ubuntu:   7.8.git20221117.28daf24+dfsg-3ubuntu1


Debian does new releases regularly, so it's likely there will be newer
versions available before FF that we can pick up if this merge is done
later in the cycle.

If it turns out this needs a sync rather than a merge, please change the
tag 'needs-merge' to 'needs-sync', and (optionally) update the title as
desired.


### New Debian Changes ###

heimdal (7.8.git20221117.28daf24+dfsg-3) unstable; urgency=medium

  * Fix random 'Ticket expired' and 'Clock skew too great' errors by setting
kdc_offset correctly. Closes: #1039992.

 -- Brian May   Tue, 04 Jul 2023 10:09:56 +1000

heimdal (7.8.git20221117.28daf24+dfsg-2) unstable; urgency=medium

  * Fix incorrect license of Debian files.
  * Fix deprecated dependancies.
  * gsskrb5: fix accidental logic inversions (CVE-2022-45142)
(Closes: #1030849) - change applied from NMU version
7.8.git20221117.28daf24+dfsg-1.1
  * Add ro.po file. Closes: #1031897.

 -- Brian May   Sat, 25 Feb 2023 09:32:57 +1100

heimdal (7.8.git20221117.28daf24+dfsg-1) unstable; urgency=medium

  * New upstream release.

 -- Brian May   Sat, 10 Dec 2022 16:29:20 +1100

heimdal (7.8.git20221115.a6cf945+dfsg-3) unstable; urgency=medium

  * Source-only upload to enable migration to testingi (2nd attempt).

 -- Brian May   Sun, 04 Dec 2022 09:56:06 +1100

heimdal (7.8.git20221115.a6cf945+dfsg-2) unstable; urgency=medium

  * Source-only upload to enable migration to testing.

 -- Brian May   Sun, 04 Dec 2022 09:09:44 +1100

heimdal (7.8.git20221115.a6cf945+dfsg-1) unstable; urgency=medium

  * New upstream version.
  * Numerous security fixes (Closes: #1024187).
  * asn1: Invalid free in ASN.1 codec (CVE-2022-44640)
  * krb5: PAC parse integer overflows (CVE-2022-42898)
  * gsskrb5: Use constant-time memcmp() for arcfour unwrap (CVE-2022-3437)
  * gsskrb5: Use constant-time memcmp() in unwrap_des3() (CVE-2022-3437)
  * gsskrb5: Don't pass NULL pointers to memcpy() in DES unwrap
(CVE-2022-3437)
  * gsskrb5: Avoid undefined behaviour in _gssapi_verify_pad()
(CVE-2022-3437)
  * gsskrb5: Check the result of _gsskrb5_get_mech() (CVE-2022-3437)
  * gsskrb5: Check buffer length against overflow for DES{,3} unwrap
(CVE-2022-3437)
  * gsskrb5: Check for overflow in _gsskrb5_get_mech() (CVE-2022-3437)
  * gsskrb5: Pass correct length to _gssapi_verify_pad() (CVE-2022-3437)
  * libhx509: Fix denial of service vulnerability (CVE-2022-41916)
  * spnego: send_reject when no mech selected (CVE-2021-44758)
  * Fix regression in _krb5_get_int64 on 32 bit systems.
https://github.com/heimdal/heimdal/pull/1025
  * Increment soname for libroken.
  * Increment soname for libhcrypto.
  * Remove legacy shared library version requirements.
  * Add symbols to libkadm5srv8.

 -- Brian May   Sun, 27 Nov 2022 10:44:26 +1100

heimdal (7.7.0+dfsg-6) unstable; urgency=medium

  * Retry deleting dangling windc.so again. Closes: #857215.
  * Create /var/lib/heimdal-kdc/m-key not /var/lib/heimdal-kdc/heimdal.mkey.
Closes: #964008.
  * Disable use of -rpath in krb5-config.heimdal. Closes: #868840.

 -- Brian May   Mon, 05 Sep 2022 08:35:33 +1000

heimdal (7.7.0+dfsg-5) unstable; urgency=medium

  * Fix missing closefrom symbol. Closes: #1016884, #1017244.
  * Fix spelling of dependency in changelog.
  * Fix override_dh_fixperms typo, use 700 for /var/lib/heimdal-kdc/
  * Remove default --parallel from dh call.
  * Remove unused debian/upstream/signing-key.asc key.
  * Fix Multi-Arch headers. heimdal-multidev is not co-installable, so
heimdal-dev cannot be co-installable either.

 -- Brian May   Fri, 02 Sep 2022 07:59:59 +1000

heimdal (7.7.0+dfsg-4) unstable; urgency=medium

  * Delete dependency on install-info. Closes: #1013735.
  * Non-maintainer upload.
  * Reduce Build-Depends: (Closes: #980531)
+ Drop unused libhesiod-dev.
+ Drop unused libperl4-corelibs-perl as cf/make-proto.pl no longer uses
  it.
+ Drop unused libx11-dev, libxau-dev, libxt-dev, ss-dev, and
  x11proto-core-dev.
+ Clean generated C tables to actually rebuild them using python3.

 -- Brian May   Mon, 27 Jun 2022 10:36:10 +1000

heimdal (7.7.0+dfsg-3) unstable; urgency=high


### Old Ubuntu Delta ###

heimdal (7.8.git20221117.28daf24+dfsg-3ubuntu1) mantic; urgency=medium

  * Merge from Debian unstable. Remaining changes:
- d/rules: Disable lto, to regain dep on roken, otherwise
  dependencies on amd64 are different than i386 resulting in
  different files on amd64 and i386.

 -- Steve Langasek   Tue, 18 Jul 2023
09:23:55 -0700

** Affects: heimdal (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: needs-merge upgrade-software-version

** Changed in: heimdal (Ubuntu)
Milestone: None => ubuntu-24.01

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to heimdal in Ubuntu.

[Touch-packages] [Bug 2040369] [NEW] Merge bridge-utils from Debian unstable for noble

Public bug reported:

Scheduled-For: Backlog
Upstream: tbd
Debian:   1.7.1-1
Ubuntu:   1.7.1-1ubuntu1


There is nothing yet to merge for bridge-utils currently, but this
ticket is filed prospectfully for tracking purposes in case a merge does
become available later this cycle.

If it turns out this needs a sync rather than a merge, please change the
tag 'needs-merge' to 'needs-sync', and (optionally) update the title as
desired.


### New Debian Changes ###

bridge-utils (1.7.1-1) unstable; urgency=low

  * New upstream version.
Only some fixes for compilation warnings and the man page.
  * Update standards version to 4.6.1, no changes needed.
  * Set debhelper-compat version in Build-Depends.
  * Trim trailing whitespace.

 -- Santiago García Mantiñán   Wed, 25 Jan 2023
22:11:52 +0100

bridge-utils (1.7-2) unstable; urgency=medium

  * Add BRIDGE_DISABLE_LINKLOCAL_IPV6_ALSO_PHYS to /etc/default/bridge-utils
to stop disabling IPv6 on physical interfaces of vlan ports if set to no. 
Closes: #989162.
  * Update interfaces man page, IPv6 works with STP on after DAD was fixed.
Closes: #980507.
  * Treat vlan ports the same as ifupdown, avoid octal vlans. Closes: #995627.
  * Update NEWS file to fix us blaming the kernel for the MAC address
selection that is really overridden by systemd.

 -- Santiago García Mantiñán   Mon, 03 Oct 2022
23:11:46 +0200

bridge-utils (1.7-1) unstable; urgency=medium

  * New upstream version.
Only messages related changes and compilation fixes.
  * Remove preserve_gcc_flags patch (in upstream now).
  * Bump standards, no change needed.
  * Clarify portprio and fix example.
  * Update upstream url.
  * Fix NEWS versioning of last entry :-?

 -- Santiago Garcia Mantinan   Wed, 24 Feb 2021
12:34:03 +0100

bridge-utils (1.6-6) unstable; urgency=medium

  * Fix IPv6 address getting assigned on hotplug devices.
Closes: #980752.
  * Fix waiting so that DAD works again. Closes: #982943.
  * Move mac setting before brctl addif to ensure mac setting.
Closes: #980856.
  * Update documentation and add examples. Closes: #765098.
  * Update manpages. Closes: #981253.
  * Add a note on MTU settings. Closes: #292088.
  * Hook also on down to recreate the bridge so that multiple
stanzas work Ok on ifdown. Closes: #319832.

 -- Santiago Garcia Mantinan   Tue, 16 Feb 2021
13:29:04 +0100

bridge-utils (1.6-5) unstable; urgency=low

  * Overload bridge_hw to allow do specify an interface as well as the
MAC address. Closes: #966244.
  * Change man page for bridge-utils-interfaces and news fileto document
this overloading.

 -- Santiago Garcia Mantinan   Fri, 22 Jan 2021
11:08:47 +0100

bridge-utils (1.6-4) unstable; urgency=low

  * Add en* to the device regex so that all catches them. Closes: #966319.
  * Document MAC address changes on news. Closes: #980505.

 -- Santiago Garcia Mantinan   Thu, 21 Jan 2021
10:51:31 +0100

bridge-utils (1.6-3) unstable; urgency=medium

  * Support VLAN aware setups where we need vlan filtering.
Thanks Benedikt Spranger for the patch. Closes: #950879.
  * Clarify on manual page that stp will get IPv6 lost. Closes: #736336.
  * Add a 1 second sleep if hw address needs to be changed. Closes: #945466.

 -- Santiago Garcia Mantinan   Thu, 30 Apr 2020
10:06:38 +0200

bridge-utils (1.6-2) unstable; urgency=medium

  * Bump Standards-Version.
  * Preserve gcc flags set when building the lib.

 -- Santiago Garcia Mantinan   Mon, 28 Jan 2019
00:25:14 +0100

bridge-utils (1.6-1) unstable; urgency=low

  * New upstream version.
  * Change default back to not hotplug. Closes: #892277.
  * Allow mtu to be set on the bridge by propagating it to the bridged
interfaces. Closes: #661711.
  * Remove kernel headers from the package.

 -- Santiago Garcia Mantinan   Tue, 15 Jan 2019
13:18:33 +0100

bridge-utils (1.5-16) unstable; urgency=medium

  * Don't set dev globally at bridge-utils.sh. Closes: #873086.

 -- Santiago Garcia Mantinan   Sun, 08 Apr 2018
23:06:30 +0200

bridge-utils (1.5-15) unstable; urgency=medium


### Old Ubuntu Delta ###

bridge-utils (1.7.1-1ubuntu1) lunar; urgency=medium

  * Merge from Debian unstable, remaining changes:
- Don't call ifup from bridge-network-interface, instead just call brctl
  and let udev/upstart bring the interface up.
- debian/ifupdown.sh: Handle bridge params which use port and value
- debian/bridge-utils-interface.5:
  + Update unsettable gcint value for newer kernels
  * Dropped changes, no longer applicable:
- debian/bridge-utils-interface.5:
  + Update max, default value for path cost

 -- Graham Inggs   Thu, 23 Feb 2023 15:07:42 +

** Affects: bridge-utils (Ubuntu)
 Importance: Undecided
 Status: Incomplete


** Tags: needs-merge upgrade-software-version

** Changed in: bridge-utils (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscrib

[Touch-packages] [Bug 2040406] [NEW] Merge openssh from Debian unstable for noble

Public bug reported:

Scheduled-For: Backlog
Upstream: tbd
Debian:   1:9.4p1-1
Ubuntu:   1:9.3p1-1ubuntu3


The NOT SERVER TEAM team has maintained this package in the past and may be 
handling this merge.

If it turns out this needs a sync rather than a merge, please change the
tag 'needs-merge' to 'needs-sync', and (optionally) update the title as
desired.


### New Debian Changes ###

openssh (1:9.4p1-1) unstable; urgency=medium

  * New upstream release (https://www.openssh.com/releasenotes.html#9.4p1):
- ssh-agent(1): PKCS#11 modules must now be specified by their full
  paths. Previously dlopen(3) could search for them in system library
  directories.
- ssh(1): allow forwarding Unix Domain sockets via ssh -W.
- ssh(1): add support for configuration tags to ssh(1). This adds a
  ssh_config(5) 'Tag' directive and corresponding 'Match tag' predicate
  that may be used to select blocks of configuration similar to the
  pf.conf(5) keywords of the same name.
- ssh(1): add a 'match localnetwork' predicate. This allows matching on
  the addresses of available network interfaces and may be used to vary
  the effective client configuration based on network location.
- ssh(1), sshd(8), ssh-keygen(1): infrastructure support for KRL
  extensions. This defines wire formats for optional KRL extensions and
  implements parsing of the new submessages. No actual extensions are
  supported at this point.
- sshd(8): AuthorizedPrincipalsCommand and AuthorizedKeysCommand now
  accept two additional %-expansion sequences: %D which expands to the
  routing domain of the connected session and %C which expands to the
  addresses and port numbers for the source and destination of the
  connection.
- ssh-keygen(1): increase the default work factor (rounds) for the
  bcrypt KDF used to derive symmetric encryption keys for passphrase
  protected key files by 50%.
- ssh-agent(1): improve isolation between loaded PKCS#11 modules by
  running separate ssh-pkcs11-helpers for each loaded provider.
- ssh(1): make -f (fork after authentication) work correctly with
  multiplexed connections, including ControlPersist (closes: #348741).
- ssh(1): make ConnectTimeout apply to multiplexing sockets and not just
  to network connections.
- ssh-agent(1), ssh(1): improve defences against invalid PKCS#11 modules
  being loaded by checking that the requested module contains the
  required symbol before loading it.
- sshd(8): fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand
  appears before it in sshd_config. Since OpenSSH 8.7 the
  AuthorizedPrincipalsCommand directive was incorrectly ignored in this
  situation.
- sshd(8), ssh(1), ssh-keygen(1): remove vestigial support for KRL
  signatures. When the KRL format was originally defined, it included
  support for signing of KRL objects. However, the code to sign KRLs and
  verify KRL signatues was never completed in OpenSSH. This release
  removes the partially-implemented code to verify KRLs. All OpenSSH
  tools now ignore KRL_SECTION_SIGNATURE sections in KRL files.
- All: fix a number of memory leaks and unreachable/harmless integer
  overflows.
- ssh-agent(1), ssh(1): don't truncate strings logged from PKCS#11
  modules.
- sshd(8), ssh(1): better validate CASignatureAlgorithms in ssh_config
  and sshd_config. Previously this directive would accept certificate
  algorithm names, but these were unusable in practice as OpenSSH does
  not support CA chains.
- ssh(1): make `ssh -Q CASignatureAlgorithms` only list signature
  algorithms that are valid for CA signing. Previous behaviour was to
  list all signing algorithms, including certificate algorithms.
- ssh-keyscan(1): gracefully handle systems where rlimits or the maximum
  number of open files is larger than INT_MAX.
- ssh-keygen(1): fix 'no comment' not showing on when running
  `ssh-keygen -l` on multiple keys where one has a comment and other
  following keys do not. bz3580
- scp(1), sftp(1): adjust ftruncate() logic to handle servers that
  reorder requests. Previously, if the server reordered requests then
  the resultant file would be erroneously truncated.
- ssh(1): don't incorrectly disable hostname canonicalization when
  CanonicalizeHostname=yes and ProxyJump was explicitly set to 'none'.
- scp(1): when copying local->remote, check that the source file exists
  before opening an SFTP connection to the server (closes: #59255).
- sshd(8): provide a replacement for the SELinux matchpathcon()
  function, which is deprecated.
- All: relax libcrypto version checks for OpenSSL >=3 (closes:
  #1035623). Beyond OpenSSL 3.0, the ABI compatibility guarantees are
  wider (only the library major must match instead of major and minor in
  earlier versions)

[Touch-packages] [Bug 2040405] [NEW] Merge openldap from Debian unstable for noble

Public bug reported:

Upstream: tbd
Debian:   2.5.13+dfsg-52.6.6+dfsg-1~exp2
Ubuntu:   2.6.6+dfsg-1~exp1ubuntu1


Debian new has 2.6.6+dfsg-1~exp2, which may be available for merge soon.

If it turns out this needs a sync rather than a merge, please change the
tag 'needs-merge' to 'needs-sync', and (optionally) update the title as
desired.


### New Debian Changes ###

openldap (2.5.13+dfsg-5) unstable; urgency=medium

  * Fix sha2-contrib autopkgtest failure. Call slappasswd using its full path.
(Closes: #1030814)
  * Disable flaky test test069-delta-multiprovider-starttls.

 -- Ryan Tandy   Tue, 07 Feb 2023 17:56:12 -0800

openldap (2.5.13+dfsg-4) unstable; urgency=medium

  [ Andreas Hasenack ]
  * d/rules: Fix passwd/sha2 build (Closes: #1030716, LP: #2000817)
  * d/t/sha2-contrib: add test for sha2 module

 -- Ryan Tandy   Mon, 06 Feb 2023 19:21:05 -0800

openldap (2.5.13+dfsg-3) unstable; urgency=medium

  [ Ryan Tandy ]
  * Disable flaky test test063-delta-multiprovider. Mitigates #1010608.

  [ Gioele Barabucci ]
  * slapd.scripts-common: Avoid double-UTF8-encoding org name (Closes: #1016185)
  * d/slapd.scripts-common: Remove outdated `migrate_to_slapd_d_style`
  * d/slapd.postinst: Remove test for ancient version
  * slapd.scripts-common: Remove unused `normalize_ldif`
  * d/slapd.scripts-common: Use sed instead of perl in `release_diagnostics`

 -- Ryan Tandy   Fri, 13 Jan 2023 16:29:59 -0800

openldap (2.5.13+dfsg-2) unstable; urgency=medium

  * d/tests/smbk5pwd: Grant slapd access to /var/lib/heimdal-kdc. Fixes the
autopkgtest failure due to heimdal setting mode 700 on this directory.
(Closes: #1020442)
  * d/source/lintian-overrides: Add wildcards to make overrides compatible
with both older and newer versions of lintian.
  * d/slapd-contrib.lintian-overrides: Remove unused
custom-library-search-path override now that krb5-config no longer sets
-rpath.

 -- Ryan Tandy   Sat, 24 Sep 2022 12:40:21 -0700

openldap (2.5.13+dfsg-1) unstable; urgency=medium

  * d/rules: Remove get-orig-source, now unnecessary.
  * Check PGP signature when running uscan.
  * d/watch: Modernize watch file; use repacksuffix.
  * d/copyright: Update according to DEP-5.
  * d/control: Add myself to Uploaders.
  * New upstream release.

 -- Sergio Durigan Junior   Sun, 18 Sep 2022
18:29:46 -0400

openldap (2.5.12+dfsg-2) unstable; urgency=medium

  * Stop slapd explicitly in prerm as a workaround for #1006147, which caused
dpkg-reconfigure to not restart the service, so the new configuration was
not applied. See also #994204. (Closes: #1010971)

 -- Ryan Tandy   Mon, 23 May 2022 10:14:53 -0700

openldap (2.5.12+dfsg-1) unstable; urgency=medium

  * New upstream release.
- Fixed SQL injection in back-sql (ITS#9815) (CVE-2022-29155)
  * Update debconf translations:
- German, thanks to Helge Kreutzmann. (Closes: #1007728)
- Spanish, thanks to Camaleón. (Closes: #1008529)
- Dutch, thanks to Frans Spiesschaert. (Closes: #1010034)

 -- Ryan Tandy   Wed, 04 May 2022 18:00:16 -0700

openldap (2.5.11+dfsg-1) unstable; urgency=medium

  * Upload to unstable.

 -- Ryan Tandy   Fri, 11 Mar 2022 19:38:02 -0800

openldap (2.5.11+dfsg-1~exp1) experimental; urgency=medium

  * New upstream release.
  * Add openssl to Build-Depends to enable more checks in test067-tls.
  * Update slapd-contrib's custom-library-search-path override to work with
current Lintian.

 -- Ryan Tandy   Sun, 23 Jan 2022 17:16:05 -0800

openldap (2.5.8+dfsg-1~exp1) experimental; urgency=medium

  * New upstream release.
  * Update slapd-contrib's custom-library-search-path override to work with
Lintian 2.108.0.

 -- Ryan Tandy   Wed, 13 Oct 2021 18:42:55 -0700

openldap (2.5.7+dfsg-1~exp1) experimental; urgency=medium

  * New upstream release.
  * Don't run autoreconf in contrib/ldapc++. We don't build it, and it is not


### Old Ubuntu Delta ###

openldap (2.6.6+dfsg-1~exp1ubuntu1) mantic; urgency=medium

  * Merge with Debian unstable (LP: #2028721). Remaining changes:
- Enable AppArmor support:
  + d/apparmor-profile: add AppArmor profile
  + d/rules: use dh_apparmor
  + d/control: Build-Depends on dh-apparmor
  + d/slapd.README.Debian: add note about AppArmor
- Enable ufw support:
  + d/control: suggest ufw.
  + d/rules: install ufw profile.
  + d/slapd.ufw.profile: add ufw profile.
- d/{rules,slapd.py}: Add apport hook.
- d/rules: better regexp to match the Maintainer tag in d/control,
  needed in the Ubuntu case because of XSBC-Original-Maintainer
  (Closes #960448, LP #1875697)
- d/t/smbk5pwd: Allow the openldap user to read the Heimdal master key in 
the
  smbk5pwd DEP8 test (LP #2004560)
  [ Partially incorporated by Debian. ]

 -- Sergio Durigan Junior   Wed, 02 Aug
2023 19:53:17 -0400

** Affects: openldap (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: needs-merge upgrade-software-version

** Changed in: ope

[Touch-packages] [Bug 2040403] [NEW] Merge net-tools from Debian unstable for noble

Public bug reported:

Scheduled-For: Backlog
Upstream: tbd
Debian:   2.10-0.1
Ubuntu:   2.10-0.1ubuntu3


There is nothing yet to merge for net-tools currently, but this ticket
is filed prospectfully for tracking purposes in case a merge does become
available later this cycle.

If it turns out this needs a sync rather than a merge, please change the
tag 'needs-merge' to 'needs-sync', and (optionally) update the title as
desired.


### New Debian Changes ###

net-tools (2.10-0.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Update Martina's name and email address.
  * Drop DECnet support (Closes: #1024730)
  * Revert 'Fix d/watch to point to upstream git repository'
  * New upstream version 2.10 (Closes: #1000281)

 -- Bastian Germann   Fri, 25 Nov 2022 15:15:20 +0100

net-tools (1.60+git20181103.0eebece-1) unstable; urgency=medium

  * New upstream version 1.60+git20181103.0eebece
- Fix nstrcmp() to prevent ifconfig from showing
  duplicate interfaces. (Closes: #812886)
  * Fix d/watch to point to upstream git repository
  * Add patch to fix decoding of MII vendor ids. (Closes: #549397)
- Thanks, Ben Hutchings, for the patch.
  * Add patch to fix Japanese translation which uses a wrong
Kanji character. (Closes: #621752)
- Thanks, Takeshi Hamasaki, for the patch.
  * Add patch to fix wrong indentation of 'collisions' in  the
Japanese translation. (Closes: #653117)
- Thanks, NODA, Kai, for the patch.
  * Fix Uploaders' field.
- Add myself as an uploader.
- Fix Tina's details.

 -- Utkarsh Gupta   Fri, 02 Oct 2020 15:01:04 +0530

net-tools (1.60+git20180626.aebd88e-1) unstable; urgency=medium

  * New upstream snapshot
  * Refresh patches.
  * Fix typos in German manpages. Thanks to Prof. Dr. Steffen Wendzel and
Dr. Tobias Quathamer for the patch. Closes: #900962.

 -- Martina Ferrari   Mon, 24 Sep 2018 19:08:57 +

net-tools (1.60+git20161116.90da8a0-4) unstable; urgency=medium

  * Update maintainer email address. Closes: #899617.
  * Update Standards-Version with no changes.

 -- Martina Ferrari   Mon, 24 Sep 2018 17:16:31 +

net-tools (1.60+git20161116.90da8a0-3) unstable; urgency=medium

  * debian/control: Update Vcs-* and Standards-Version.
  * debian/control: remove references to ancient package ja-trans.
  * debian/gbp.conf: Update repo layout.

 -- Martina Ferrari   Tue, 31 Jul 2018 19:09:00 +

net-tools (1.60+git20161116.90da8a0-2) unstable; urgency=medium

  * Fix typo in French manpage. Thanks to  Michel Grigaut for the patch.
  * Add manpage for iptunnel, thanks to Sergio Durigan Junior.
Closes: #88910
  * Rename patches so CME does not choke on them.
  * Automated cme fixes; packaging improvements.
  * Remove unused and ancient patch.

 -- Martina Ferrari   Sun, 11 Feb 2018 17:29:24 +

net-tools (1.60+git20161116.90da8a0-1) unstable; urgency=medium

  * New upstream snapshot.
  * Re-synced translations.patch.
  * Acknowledge NMUs. Thanks a lot to Andrey Rahmatullin for the
fixes and uploads. Closes: 846509.
  * Fix FTCBFS, thanks to Helmut Grohne for the patch. Closes: #811561.
+ Really assign CC for cross compilation.
+ Use triplet prefixed pkg-config.
  * Add debian/NEWS warning about changing output in net-tools commands.
Closing bugs that reported problems in 3rd-party scripts arising from these
changes.  Closes: #845153, #843892, #820212.
  * Update Standards-Version, with no changes.

 -- Martina Ferrari   Mon, 26 Dec 2016 05:58:42 +

net-tools (1.60+git20150829.73cef8a-2.2) unstable; urgency=medium

  * Non-maintainer upload.
  * Apply an additional fix for the previous FTBFS for some architectures.

 -- Andrey Rahmatullin   Thu, 01 Dec 2016 22:49:27
+0500

net-tools (1.60+git20150829.73cef8a-2.1) unstable; urgency=medium

  * Non-maintainer upload.
  * Fix FTBFS by applying the upstream patch (Closes: #844073).

 -- Andrey Rahmatullin   Sun, 20 Nov 2016 15:23:12
+0500

net-tools (1.60+git20150829.73cef8a-2) unstable; urgency=medium

  [ Laurent Bigonville ]
  * Enable SELinux support. Closes: #666204.


### Old Ubuntu Delta ###

net-tools (2.10-0.1ubuntu3) lunar; urgency=medium

  * Further fixes for mismerge.

 -- Steve Langasek   Tue, 13 Dec 2022
13:49:51 -0800

net-tools (2.10-0.1ubuntu2) lunar; urgency=medium

  * Fix mismerge of Ubuntu units patch.

 -- Steve Langasek   Tue, 13 Dec 2022
13:40:24 -0800

net-tools (2.10-0.1ubuntu1) lunar; urgency=low

  * Merge from Debian unstable. Remaining changes:
- Ubuntu_unit_conversion.patch:
  + Ubuntu Policy: output using standard SI unit multiples:
KB (10^3), MB (10^6), GB (10^9), TB (10^12) and PB (10^15).
Includes manpage update to remove comment about IEC units.
- Add new DEP8 tests for hostname and ifconfig.

 -- Steve Langasek   Tue, 13 Dec 2022
13:27:00 -0800

** Affects: net-tools (Ubuntu)
 Importance: Undecided
 Status: Incomplete


** Tags: needs-merge upgrade-software-version

** Changed in: ne

[Touch-packages] [Bug 2040391] [NEW] Merge libseccomp from Debian unstable for noble

Public bug reported:

Scheduled-For: Backlog
Upstream: tbd
Debian:   2.5.4-1
Ubuntu:   2.5.4-1ubuntu3


The NOT SERVER TEAM team has maintained this package in the past and may be 
handling this merge.

If it turns out this needs a sync rather than a merge, please change the
tag 'needs-merge' to 'needs-sync', and (optionally) update the title as
desired.


### Old Ubuntu Delta ###

libseccomp (2.5.4-1ubuntu3) lunar; urgency=medium

  * Rebuild to drop Python 3.10 extension

 -- Jeremy Bicha   Tue, 28 Feb 2023 17:23:34 -0500

libseccomp (2.5.4-1ubuntu2) lunar; urgency=medium

  * No-change rebuild with Python 3.11 as supported

 -- Graham Inggs   Wed, 02 Nov 2022 10:24:36 +

libseccomp (2.5.4-1ubuntu1) kinetic; urgency=medium

  * Merge from Debian unstable; remaining changes:
- Add autopkgtests

 -- Alex Murray   Tue, 03 May 2022 11:43:10
+0930

** Affects: libseccomp (Ubuntu)
 Importance: Undecided
 Status: Incomplete


** Tags: needs-merge upgrade-software-version

** Changed in: libseccomp (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libseccomp in Ubuntu.
https://bugs.launchpad.net/bugs/2040391

Title:
  Merge libseccomp from Debian unstable for noble

Status in libseccomp package in Ubuntu:
  Incomplete

Bug description:
  Scheduled-For: Backlog
  Upstream: tbd
  Debian:   2.5.4-1
  Ubuntu:   2.5.4-1ubuntu3

  
  The NOT SERVER TEAM team has maintained this package in the past and may be 
handling this merge.

  If it turns out this needs a sync rather than a merge, please change
  the tag 'needs-merge' to 'needs-sync', and (optionally) update the
  title as desired.

  
  ### Old Ubuntu Delta ###

  libseccomp (2.5.4-1ubuntu3) lunar; urgency=medium

* Rebuild to drop Python 3.10 extension

   -- Jeremy Bicha   Tue, 28 Feb 2023 17:23:34 -0500

  libseccomp (2.5.4-1ubuntu2) lunar; urgency=medium

* No-change rebuild with Python 3.11 as supported

   -- Graham Inggs   Wed, 02 Nov 2022 10:24:36 +

  libseccomp (2.5.4-1ubuntu1) kinetic; urgency=medium

* Merge from Debian unstable; remaining changes:
  - Add autopkgtests

   -- Alex Murray   Tue, 03 May 2022 11:43:10
  +0930

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/2040391/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Re: [Touch-packages] [Bug 1951491] Re: Can't run snaps: .slice/session-1.scope is not a snap cgroup

2023-10-24 Thread Tim Richardson

Hi, if you connect with VNC, then you are starting the session with the VNC
scripts, and this is actually an instance of the bug as I understand it, a
non-standard login. If this is how you reproduce it, you are simply
repeating what is common to the reports already here. There is something
wrong with the login process missing some part of the systemd setup. This
means it is not an Ubuntu or gnome or snapd or systemd problem, which is
why no one from this packages is interested in fixing it. It is not a snap
problem because snap is perfectly allowed to assume cgroups v2 are working
in our sessions.

On Sat, 21 Oct 2023 at 20:46, Andy Ruddock <1951...@bugs.launchpad.net>
wrote:

> Install VNC on a remote box (or VM), connect using VNC client, try to run
> firefox.
> Stop telling users it's their fault for having mis-configured machines or
> using "non-standard logins" (whatever one of those is).
> Jeez, I've been a fan of Ubuntu over the years, but this piece of
> functionality is simply broken for certain use-cases.
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1951491
>
> Title:
>   Can't run snaps: .slice/session-1.scope is not a snap cgroup
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/x2go/+bug/1951491/+subscriptions
>
>

-- 
Tim Richardson

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to systemd in Ubuntu.
https://bugs.launchpad.net/bugs/1951491

Title:
  Can't run snaps: .slice/session-1.scope is not a snap cgroup

Status in X2Go:
  New
Status in Xpra Terminal Server:
  New
Status in snapd package in Ubuntu:
  Confirmed
Status in systemd package in Ubuntu:
  Incomplete
Status in x2goserver package in Ubuntu:
  Confirmed
Status in snapd package in Debian:
  New
Status in snapd package in Fedora:
  New

Bug description:
  I just upgraded from hirsute to impish using do-release-upgrade. On
  the upgraded system, I can't run either firefox or chromium (both of
  which worked fine under hirsute). Both fail with:

  /user.slice/user-NNN.slice/session-1.scope is not a snap cgroup where
  NNN is my uid

  With firefox, I was able to fix the problem with:

  snap remove --purge firefox
  apt purge firefox
  apt install firefox

  Now firefox works. But I tried the same thing substituting chromium-
  browser for firefox, and it didn't help: chromium fails with the same
  error message.

  I guess there must be something left over from the hirsute version of
  snapd that isn't getting noticed or cleared by the impish version?

  Someone suggested this might be related to bug 1850667, but that bug
  is marked fixed as of a couple months ago, and I just did this upgrade
  today. Also, it doesn't mention the error message I'm seeing.

  ProblemType: Bug
  DistroRelease: Ubuntu 21.10
  Package: snapd 2.53+21.10ubuntu1
  ProcVersionSignature: Ubuntu 5.13.0-21.21-generic 5.13.18
  Uname: Linux 5.13.0-21-generic x86_64
  ApportVersion: 2.20.11-0ubuntu71
  Architecture: amd64
  CasperMD5CheckResult: unknown
  Date: Thu Nov 18 18:12:45 2021
  InstallationDate: Installed on 2020-04-29 (568 days ago)
  InstallationMedia: Ubuntu 20.04 LTS "Focal Fossa" - Release amd64 (20200423)
  SourcePackage: snapd
  UpgradeStatus: Upgraded to impish on 2021-11-18 (0 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/x2go/+bug/1951491/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2018094] Re: Merge openssh from Debian unstable for mantic