[Touch-packages] [Bug 2064096] Re: Services fail to start in noble deployed with TPM+FDE
Thanks for the great debug work so far already, I think it is "apparmor or kernel" enough that we should add those packages and subscribe a few folks we know dealing with those details - I'd start with jjohansen as he'd be the best to map us to either knowledge or a known case. ** Also affects: apparmor (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cups in Ubuntu. https://bugs.launchpad.net/bugs/2064096 Title: Services fail to start in noble deployed with TPM+FDE Status in apparmor package in Ubuntu: New Status in cups package in Ubuntu: Confirmed Status in rsyslog package in Ubuntu: Confirmed Status in sssd package in Ubuntu: Confirmed Bug description: What's known so far: - 24.04 desktop deployed with TPM+FDE shows this bug - services confined with apparmor that need to access something in /run/systemd (like the notify socket) fail to do so, even if the apparmor profile is in complain mode. And the apparmor profile does already have rules to allow that access - only after running aa-disable can the service start fine - paths logged by the apparmor DENIED or ALLOWED messages are missing the "/run" prefix from "/run/systemd/..". - When we add rules to the profile using "/systemd/" (i.e., also dropping the /run prefix), then it works - other access in /run/systemd/ are also blocked, but the most noticeable one is the notify mechanism - comment #2 also states that azure CVM images are also impacted - comment #4 has instructions on how to create such a VM locally with LXD vms Original description follows: This might be related to #2064088 The rsyslog service is continually timing out and restarting. If I use a service drop-in file and change the 'Type' from 'notify' to 'simple', the service starts and appears to work normally. In the journal, I can see the attached apparmor errors. I can't make sense of them, but if it's a similar issue to #2064088, then I suspect apparmor is preventing the systemd notify function from alerting systemd that the service is up and running. ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: rsyslog 8.2312.0-3ubuntu9 ProcVersionSignature: Ubuntu 6.8.0-31.31-generic 6.8.1 Uname: Linux 6.8.0-31-generic x86_64 ApportVersion: 2.28.1-0ubuntu2 Architecture: amd64 CasperMD5CheckMismatches: ./boot/grub/grub.cfg CasperMD5CheckResult: fail CurrentDesktop: ubuntu:GNOME Date: Mon Apr 29 10:37:46 2024 ProcEnviron: LANG=en_GB.UTF-8 PATH=(custom, no user) SHELL=/bin/bash TERM=xterm-256color XDG_RUNTIME_DIR= SourcePackage: rsyslog UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2064096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1958019]
After continued use of 6.8.7 and later 6.8.8, I can confirm using the `./tas2781-2dev-on.sh 2` in my case as root regularly whenever audio goes out works fine. What needs to happen at the kernel level / in a patch to resolve this? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1958019 Title: [Lenovo Legion7 16ACHg6 82N6, Realtek ALC287, Speaker, Internal] No sound at all Status in sound-2.6 (alsa-kernel): Confirmed Status in alsa-driver package in Ubuntu: Confirmed Bug description: On my Lenovo Legion-7-16ACHg6 laptop I can't hear any sound by internal speakers, but it work by headphones connected to standard jack aux. uname -r 5.11.0-44-generic ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: alsa-base 1.0.25+dfsg-0ubuntu5 ProcVersionSignature: Ubuntu 5.11.0-44.48~20.04.2-generic 5.11.22 Uname: Linux 5.11.0-44-generic x86_64 NonfreeKernelModules: nvidia_modeset nvidia ApportVersion: 2.20.11-0ubuntu27.21 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC2: i3draven 1266 F pulseaudio /dev/snd/controlC0: i3draven 1266 F pulseaudio /dev/snd/controlC1: i3draven 1266 F pulseaudio /dev/snd/pcmC1D0p: i3draven 1266 F...m pulseaudio CasperMD5CheckResult: skip CurrentDesktop: ubuntu:GNOME Date: Sat Jan 15 15:10:53 2022 InstallationDate: Installed on 2021-10-11 (96 days ago) InstallationMedia: Ubuntu 20.04.3 LTS "Focal Fossa" - Release amd64 (20210819) PackageArchitecture: all SourcePackage: alsa-driver Symptom: audio Symptom_AlsaPlaybackTest: ALSA playback test through plughw:Generic failed Symptom_Card: Family 17h (Models 10h-1fh) HD Audio Controller - HD-Audio Generic Symptom_DevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC2: i3draven 1266 F pulseaudio /dev/snd/controlC0: i3draven 1266 F pulseaudio /dev/snd/controlC1: i3draven 1266 F pulseaudio /dev/snd/pcmC1D0p: i3draven 1266 F...m pulseaudio Symptom_Jack: Speaker, Internal Symptom_Type: No sound at all Title: [82N6, Realtek ALC287, Speaker, Internal] No sound at all UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 11/08/2021 dmi.bios.release: 1.49 dmi.bios.vendor: LENOVO dmi.bios.version: GKCN49WW dmi.board.asset.tag: NO Asset Tag dmi.board.name: LNVNB161216 dmi.board.vendor: LENOVO dmi.board.version: SDK0R32862 WIN dmi.chassis.asset.tag: NO Asset Tag dmi.chassis.type: 10 dmi.chassis.vendor: LENOVO dmi.chassis.version: Legion 7 16ACHg6 dmi.ec.firmware.release: 1.49 dmi.modalias: dmi:bvnLENOVO:bvrGKCN49WW:bd11/08/2021:br1.49:efr1.49:svnLENOVO:pn82N6:pvrLegion716ACHg6:skuLENOVO_MT_82N6_BU_idea_FM_Legion716ACHg6:rvnLENOVO:rnLNVNB161216:rvrSDK0R32862WIN:cvnLENOVO:ct10:cvrLegion716ACHg6: dmi.product.family: Legion 7 16ACHg6 dmi.product.name: 82N6 dmi.product.sku: LENOVO_MT_82N6_BU_idea_FM_Legion 7 16ACHg6 dmi.product.version: Legion 7 16ACHg6 dmi.sys.vendor: LENOVO To manage notifications about this bug go to: https://bugs.launchpad.net/sound-2.6/+bug/1958019/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064360] Re: libpam-doc: doc-base reports missing files
** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/2064360 Title: libpam-doc: doc-base reports missing files Status in pam package in Ubuntu: Fix Committed Status in pam source package in Noble: In Progress Status in pam package in Debian: Fix Released Bug description: [ Impact ] * In the pam 1.5.3-1 merge, documents formerly found in libpam-doc were omitted. Just a few documents remain in a package that formerly had many in /usr/share/doc/libpam-doc/{html,txt}. * A debdiff of the dropped files can be found in attachment 1.5.2-9.1ubuntu3_to_1.5.3-5ubuntu5_libpam-doc.debdiff * The fix takes the form of correcting a build dependency, which results in the docs being again available. [ Test Plan ] * debdiff * Obtain a copy of the current pam binary packages, perhaps with `pull-lp-debs libpam-doc 1.5.3-5ubuntu5` * Obtain a copy of the proposed pam binary packages, perhaps with `pull-lp-debs libpam-doc 1.5.3-5ubuntu5.1` * `debdiff libpam-doc_1.5.3-5ubuntu5{,.1}_all.deb` and verify that the documents are present * upgrade * Obtain a mantic test system - I personally used a mantic chroot * `apt install libpam-doc doc-base` * Adjust apt sources to change mantic to noble and ensure noble-proposed is present * `apt update; apt install libpam-doc/noble-proposed` * Verify that the "Error in /usr/share/doc-base" messages are no longer present [ Where problems could occur ] * As usual, no SRU has zero risk * Any change to pam risks problems in user logins failing, so that is reflected in the regression test plan on LP: #2064350 [ Other Info ] * None at this time original description follows: --- Imported from Debian bug http://bugs.debian.org/1065064: Package: libpam-doc Version: 1.5.3-4 Severity: normal An upgrade reported: Error in `/usr/share/doc-base/libpam-doc.pam-admin-guide', line 14: all `Format' sections are invalid. Error in `/usr/share/doc-base/libpam-doc.pam-applications-guide', line 17: all `Format' sections are invalid. Error in `/usr/share/doc-base/libpam-doc.pam-modules-guide', line 14: all `Format' sections are invalid. This is true; all of /usr/share/doc/libpam-doc/html/Linux-PAM_SAG.html, /usr/share/doc/libpam-doc/html/sag-*.html, /usr/share/doc/libpam-doc/txt/Linux-PAM_SAG.txt.gz, /usr/share/doc/libpam-doc/html/Linux-PAM_ADG.html, /usr/share/doc/libpam-doc/html/adg*.html, /usr/share/doc/libpam-doc/txt/Linux-PAM_ADG.txt.gz, /usr/share/doc/libpam-doc/html/Linux-PAM_MWG.html, /usr/share/doc/libpam-doc/html/mwg*.html, and /usr/share/doc/libpam-doc/txt/Linux-PAM_MWG.txt.gz are listed in those doc-base files but are in fact missing. I don't know whether this is intentional (in which case the doc-base registrations should be removed to match), or an accidental build issue that should be fixed. -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.6.0-14-generic (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: unable to detect -- no debconf information -- Colin Watson (he/him) [cjwat...@debian.org] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/2064360/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064363] Re: thunderbird snap on live systems "already running" but not responsive
@u-jjohansen, You ask: ``` what kind of configuration have you done? ``` I just: ``` sudo apt update sudo apt install thunderbird cp -R /media/lubuntu/drive/startup/thunderbird /home/lubuntu/snap/thunderbird/common/.thunderbird cp /media/lubuntu/drive/startup/lubuntu_thunder/profiles.ini /home/lubuntu/snap/thunderbird/common/.thunderbird/ ``` None of these are symlinked as far as I know. That profiles.ini has a few profiles in it that tell Thunderbird to look for the PATH on the local hard drive as opposed to the RAMdisk, e.g. ``` Path=/media/lubuntu/drive/hq/email/thunderbird/certainprofilegoeshere ``` Beyond the above, I haven't really done any config. I'm no expert, but your #2 and #3 solutions seem too complicated for my enduser use cases. Maybe #1 would be the easiest? #4 also might be a longterm solution. #5 seems too risky. So yeah, I'm thinking either #1 or #4 ... but not sure :\ -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2064363 Title: thunderbird snap on live systems "already running" but not responsive Status in apparmor package in Ubuntu: New Bug description: Moving this here from https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2046844 snap policy on an overlay system is preventing thunderbird from running. This is related to the snapcraft form report https://forum.snapcraft.io/t/unexplained-thunderbird-already-running- but-is-not-responding-message/39990 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2064363/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064360] Re: libpam-doc: doc-base reports missing files
** Patch added: "1.5.2-9.1ubuntu3_to_1.5.3-5ubuntu5_libpam-doc.debdiff" https://bugs.launchpad.net/ubuntu/+source/pam/+bug/2064360/+attachment/5773775/+files/1.5.2-9.1ubuntu3_to_1.5.3-5ubuntu5_libpam-doc.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/2064360 Title: libpam-doc: doc-base reports missing files Status in pam package in Ubuntu: Fix Committed Status in pam source package in Noble: In Progress Status in pam package in Debian: Fix Released Bug description: [ Impact ] * In the pam 1.5.3-1 merge, documents formerly found in libpam-doc were omitted. Just a few documents remain in a package that formerly had many in /usr/share/doc/libpam-doc/{html,txt}. * A debdiff of the dropped files can be found in attachment 1.5.2-9.1ubuntu3_to_1.5.3-5ubuntu5_libpam-doc.debdiff * The fix takes the form of correcting a build dependency, which results in the docs being again available. [ Test Plan ] * debdiff * Obtain a copy of the current pam binary packages, perhaps with `pull-lp-debs libpam-doc 1.5.3-5ubuntu5` * Obtain a copy of the proposed pam binary packages, perhaps with `pull-lp-debs libpam-doc 1.5.3-5ubuntu5.1` * `debdiff libpam-doc_1.5.3-5ubuntu5{,.1}_all.deb` and verify that the documents are present * upgrade * Obtain a mantic test system - I personally used a mantic chroot * `apt install libpam-doc doc-base` * Adjust apt sources to change mantic to noble and ensure noble-proposed is present * `apt update; apt install libpam-doc/noble-proposed` * Verify that the "Error in /usr/share/doc-base" messages are no longer present [ Where problems could occur ] * As usual, no SRU has zero risk * Any change to pam risks problems in user logins failing, so that is reflected in the regression test plan on LP: #2064350 [ Other Info ] * None at this time original description follows: --- Imported from Debian bug http://bugs.debian.org/1065064: Package: libpam-doc Version: 1.5.3-4 Severity: normal An upgrade reported: Error in `/usr/share/doc-base/libpam-doc.pam-admin-guide', line 14: all `Format' sections are invalid. Error in `/usr/share/doc-base/libpam-doc.pam-applications-guide', line 17: all `Format' sections are invalid. Error in `/usr/share/doc-base/libpam-doc.pam-modules-guide', line 14: all `Format' sections are invalid. This is true; all of /usr/share/doc/libpam-doc/html/Linux-PAM_SAG.html, /usr/share/doc/libpam-doc/html/sag-*.html, /usr/share/doc/libpam-doc/txt/Linux-PAM_SAG.txt.gz, /usr/share/doc/libpam-doc/html/Linux-PAM_ADG.html, /usr/share/doc/libpam-doc/html/adg*.html, /usr/share/doc/libpam-doc/txt/Linux-PAM_ADG.txt.gz, /usr/share/doc/libpam-doc/html/Linux-PAM_MWG.html, /usr/share/doc/libpam-doc/html/mwg*.html, and /usr/share/doc/libpam-doc/txt/Linux-PAM_MWG.txt.gz are listed in those doc-base files but are in fact missing. I don't know whether this is intentional (in which case the doc-base registrations should be removed to match), or an accidental build issue that should be fixed. -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.6.0-14-generic (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: unable to detect -- no debconf information -- Colin Watson (he/him) [cjwat...@debian.org] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/2064360/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064360] Re: libpam-doc: doc-base reports missing files
** Description changed: + [ Impact ] + + * In the pam 1.5.3-1 merge, documents formerly found in libpam-doc +were omitted. Just a few documents remain in a package that +formerly had many in /usr/share/doc/libpam-doc/{html,txt}. + * A debdiff of the dropped files can be found in attachment +1.5.2-9.1ubuntu3_to_1.5.3-5ubuntu5_libpam-doc.debdiff + * The fix takes the form of correcting a build dependency, which +results in the docs being again available. + + [ Test Plan ] + + * debdiff +* Obtain a copy of the current pam binary packages, perhaps with + `pull-lp-debs libpam-doc 1.5.3-5ubuntu5` +* Obtain a copy of the proposed pam binary packages, perhaps with + `pull-lp-debs libpam-doc 1.5.3-5ubuntu5.1` +* `debdiff libpam-doc_1.5.3-5ubuntu5{,.1}_all.deb` + and verify that the documents are present + * upgrade +* Obtain a mantic test system - I personally used a mantic chroot +* `apt install libpam-doc doc-base` +* Adjust apt sources to change mantic to noble and ensure + noble-proposed is present +* `apt update; apt install libpam-doc/noble-proposed` +* Verify that the "Error in /usr/share/doc-base" messages are no + longer present + + [ Where problems could occur ] + + * As usual, no SRU has zero risk + * Any change to pam risks problems in user logins failing, so that is +reflected in the regression test plan on LP: #2064350 + + [ Other Info ] + + * None at this time + + original description follows: + --- + Imported from Debian bug http://bugs.debian.org/1065064: Package: libpam-doc Version: 1.5.3-4 Severity: normal An upgrade reported: - Error in `/usr/share/doc-base/libpam-doc.pam-admin-guide', line 14: all `Format' sections are invalid. - Error in `/usr/share/doc-base/libpam-doc.pam-applications-guide', line 17: all `Format' sections are invalid. - Error in `/usr/share/doc-base/libpam-doc.pam-modules-guide', line 14: all `Format' sections are invalid. + Error in `/usr/share/doc-base/libpam-doc.pam-admin-guide', line 14: all `Format' sections are invalid. + Error in `/usr/share/doc-base/libpam-doc.pam-applications-guide', line 17: all `Format' sections are invalid. + Error in `/usr/share/doc-base/libpam-doc.pam-modules-guide', line 14: all `Format' sections are invalid. This is true; all of /usr/share/doc/libpam-doc/html/Linux-PAM_SAG.html, /usr/share/doc/libpam-doc/html/sag-*.html, /usr/share/doc/libpam-doc/txt/Linux-PAM_SAG.txt.gz, /usr/share/doc/libpam-doc/html/Linux-PAM_ADG.html, /usr/share/doc/libpam-doc/html/adg*.html, /usr/share/doc/libpam-doc/txt/Linux-PAM_ADG.txt.gz, /usr/share/doc/libpam-doc/html/Linux-PAM_MWG.html, /usr/share/doc/libpam-doc/html/mwg*.html, and /usr/share/doc/libpam-doc/txt/Linux-PAM_MWG.txt.gz are listed in those doc-base files but are in fact missing. I don't know whether this is intentional (in which case the doc-base registrations should be removed to match), or an accidental build issue that should be fixed. -- System Information: Debian Release: trixie/sid - APT prefers unstable - APT policy: (500, 'unstable'), (1, 'experimental') + APT prefers unstable + APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.6.0-14-generic (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: unable to detect -- no debconf information - -- + -- Colin Watson (he/him) [cjwat...@debian.org] -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/2064360 Title: libpam-doc: doc-base reports missing files Status in pam package in Ubuntu: In Progress Status in pam package in Debian: Fix Released Bug description: [ Impact ] * In the pam 1.5.3-1 merge, documents formerly found in libpam-doc were omitted. Just a few documents remain in a package that formerly had many in /usr/share/doc/libpam-doc/{html,txt}. * A debdiff of the dropped files can be found in attachment 1.5.2-9.1ubuntu3_to_1.5.3-5ubuntu5_libpam-doc.debdiff * The fix takes the form of correcting a build dependency, which results in the docs being again available. [ Test Plan ] * debdiff * Obtain a copy of the current pam binary packages, perhaps with `pull-lp-debs libpam-doc 1.5.3-5ubuntu5` * Obtain a copy of the proposed pam binary packages, perhaps with `pull-lp-debs libpam-doc 1.5.3-5ubuntu5.1` * `debdiff libpam-doc_1.5.3-5ubuntu5{,.1}_all.deb` and verify that the documents are present * upgrade * Obtain a mantic test system - I personally used a mantic chroot * `apt
[Touch-packages] [Bug 2064360] Re: libpam-doc: doc-base reports missing files
** Attachment added: "1.5.2-9.1ubuntu3_to_1.5.3-5ubuntu5_libpam-doc.debdiff.notapatch" https://bugs.launchpad.net/ubuntu/+source/pam/+bug/2064360/+attachment/5773776/+files/1.5.2-9.1ubuntu3_to_1.5.3-5ubuntu5_libpam-doc.debdiff.notapatch -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/2064360 Title: libpam-doc: doc-base reports missing files Status in pam package in Ubuntu: Fix Committed Status in pam source package in Noble: In Progress Status in pam package in Debian: Fix Released Bug description: [ Impact ] * In the pam 1.5.3-1 merge, documents formerly found in libpam-doc were omitted. Just a few documents remain in a package that formerly had many in /usr/share/doc/libpam-doc/{html,txt}. * A debdiff of the dropped files can be found in attachment 1.5.2-9.1ubuntu3_to_1.5.3-5ubuntu5_libpam-doc.debdiff * The fix takes the form of correcting a build dependency, which results in the docs being again available. [ Test Plan ] * debdiff * Obtain a copy of the current pam binary packages, perhaps with `pull-lp-debs libpam-doc 1.5.3-5ubuntu5` * Obtain a copy of the proposed pam binary packages, perhaps with `pull-lp-debs libpam-doc 1.5.3-5ubuntu5.1` * `debdiff libpam-doc_1.5.3-5ubuntu5{,.1}_all.deb` and verify that the documents are present * upgrade * Obtain a mantic test system - I personally used a mantic chroot * `apt install libpam-doc doc-base` * Adjust apt sources to change mantic to noble and ensure noble-proposed is present * `apt update; apt install libpam-doc/noble-proposed` * Verify that the "Error in /usr/share/doc-base" messages are no longer present [ Where problems could occur ] * As usual, no SRU has zero risk * Any change to pam risks problems in user logins failing, so that is reflected in the regression test plan on LP: #2064350 [ Other Info ] * None at this time original description follows: --- Imported from Debian bug http://bugs.debian.org/1065064: Package: libpam-doc Version: 1.5.3-4 Severity: normal An upgrade reported: Error in `/usr/share/doc-base/libpam-doc.pam-admin-guide', line 14: all `Format' sections are invalid. Error in `/usr/share/doc-base/libpam-doc.pam-applications-guide', line 17: all `Format' sections are invalid. Error in `/usr/share/doc-base/libpam-doc.pam-modules-guide', line 14: all `Format' sections are invalid. This is true; all of /usr/share/doc/libpam-doc/html/Linux-PAM_SAG.html, /usr/share/doc/libpam-doc/html/sag-*.html, /usr/share/doc/libpam-doc/txt/Linux-PAM_SAG.txt.gz, /usr/share/doc/libpam-doc/html/Linux-PAM_ADG.html, /usr/share/doc/libpam-doc/html/adg*.html, /usr/share/doc/libpam-doc/txt/Linux-PAM_ADG.txt.gz, /usr/share/doc/libpam-doc/html/Linux-PAM_MWG.html, /usr/share/doc/libpam-doc/html/mwg*.html, and /usr/share/doc/libpam-doc/txt/Linux-PAM_MWG.txt.gz are listed in those doc-base files but are in fact missing. I don't know whether this is intentional (in which case the doc-base registrations should be removed to match), or an accidental build issue that should be fixed. -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.6.0-14-generic (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: unable to detect -- no debconf information -- Colin Watson (he/him) [cjwat...@debian.org] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/2064360/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064350] Re: pam_userdb.so is missing
** Description changed: + [ Impact ] + + * In the process of bootstrapping pam for time_t, libdb-dev was +deliberately removed in salsa commit 65621d8 to allow libdb-dev to +undergo time_t transition. + * The result of that is no pam_userdb.so in libpam-modules + * The fix takes the form of correcting a build dependency, which +results in pam_userdb.so being again available. + + [ Test Plan ] + + * regression +* obtain a noble test system - I personally used a noble chroot +* adjust apt sources and ensure noble-proposed is present +* install libpam-modules 1.5.3-5ubuntu5.1 +* login to the test machine with appropriate credentials - the + literal `login` command is useful here + * userdb functionality +* start with the same test machine from the regression test +* install db5.3-util +* modify /etc/pam.d/login to comment out all `auth` lines, and add + this instead + ``` + auth requisite pam_userdb.so db=/etc/dbtest + ``` +* create a textfile named `input` that looks like + ``` + your_username + test_password - different than /etc/shadow + ``` +* `db5.3_load -T -f input -t hash /etc/dbtest.db` +* login to the test machine with your_username and the + test_password - the literal `login` command is useful here + + [ Where problems could occur ] + + * As usual, no SRU has zero risk + * Any change to pam risks problems in user logins failing, so a +basic regression test has been provided + + [ Other Info ] + + * None at this time + + original description follows + --- + The file is missing from libpam-modules. This breaks, for example, existing vsftp configs if it is configured to use pam_userdb.so Log: vsftpd: PAM unable to dlopen(pam_userdb.so): /usr/lib/security/pam_userdb.so: cannot open shared object file: No such file or directory vsftpd: PAM adding faulty module: pam_userdb.so Apparently there was a change which removed this in the past, and it might be the removal has not been undone, while the package has been released nevertheless. http://changelogs.ubuntu.com/changelogs/pool/main/p/pam/pam_1.5.3-5ubuntu5/changelog * For now remove libdb-dev so that libdb-dev can undergo time_t transition. That means this version of pam does not include pam_userdb, which makes pam unsuitable for release. - $ lsb_release -rd No LSB modules are available. Description:Ubuntu 24.04 LTS Release:24.04 $ apt-cache policy libpam-modules libpam-modules: - Installed: 1.5.3-5ubuntu5 - Candidate: 1.5.3-5ubuntu5 - Version table: - *** 1.5.3-5ubuntu5 500 - 500 http://de.archive.ubuntu.com/ubuntu noble/main amd64 Packages - 100 /var/lib/dpkg/status + Installed: 1.5.3-5ubuntu5 + Candidate: 1.5.3-5ubuntu5 + Version table: + *** 1.5.3-5ubuntu5 500 + 500 http://de.archive.ubuntu.com/ubuntu noble/main amd64 Packages + 100 /var/lib/dpkg/status -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/2064350 Title: pam_userdb.so is missing Status in pam package in Ubuntu: In Progress Status in pam source package in Noble: New Status in pam package in Debian: Fix Released Bug description: [ Impact ] * In the process of bootstrapping pam for time_t, libdb-dev was deliberately removed in salsa commit 65621d8 to allow libdb-dev to undergo time_t transition. * The result of that is no pam_userdb.so in libpam-modules * The fix takes the form of correcting a build dependency, which results in pam_userdb.so being again available. [ Test Plan ] * regression * obtain a noble test system - I personally used a noble chroot * adjust apt sources and ensure noble-proposed is present * install libpam-modules 1.5.3-5ubuntu5.1 * login to the test machine with appropriate credentials - the literal `login` command is useful here * userdb functionality * start with the same test machine from the regression test * install db5.3-util * modify /etc/pam.d/login to comment out all `auth` lines, and add this instead ``` auth requisite pam_userdb.so db=/etc/dbtest ``` * create a textfile named `input` that looks like ``` your_username test_password - different than /etc/shadow ``` * `db5.3_load -T -f input -t hash /etc/dbtest.db` * login to the test machine with your_username and the test_password - the literal `login` command is useful here [ Where problems could occur ] * As usual, no SRU has zero risk * Any change to pam risks problems in user logins failing, so a basic regression test has been provided [ Other Info ] * None at this time original description follows --- The file is missing from libpam-modules. This breaks, for example, existing vsftp configs if it is configured t
[Touch-packages] [Bug 2064360] Re: libpam-doc: doc-base reports missing files
** Also affects: pam (Ubuntu Noble) Importance: Undecided Status: New ** Changed in: pam (Ubuntu) Importance: Undecided => High ** Changed in: pam (Ubuntu) Status: In Progress => Fix Committed ** Changed in: pam (Ubuntu Noble) Status: New => In Progress ** Changed in: pam (Ubuntu Noble) Importance: Undecided => High ** Changed in: pam (Ubuntu Noble) Assignee: (unassigned) => Dan Bungert (dbungert) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/2064360 Title: libpam-doc: doc-base reports missing files Status in pam package in Ubuntu: Fix Committed Status in pam source package in Noble: In Progress Status in pam package in Debian: Fix Released Bug description: [ Impact ] * In the pam 1.5.3-1 merge, documents formerly found in libpam-doc were omitted. Just a few documents remain in a package that formerly had many in /usr/share/doc/libpam-doc/{html,txt}. * A debdiff of the dropped files can be found in attachment 1.5.2-9.1ubuntu3_to_1.5.3-5ubuntu5_libpam-doc.debdiff * The fix takes the form of correcting a build dependency, which results in the docs being again available. [ Test Plan ] * debdiff * Obtain a copy of the current pam binary packages, perhaps with `pull-lp-debs libpam-doc 1.5.3-5ubuntu5` * Obtain a copy of the proposed pam binary packages, perhaps with `pull-lp-debs libpam-doc 1.5.3-5ubuntu5.1` * `debdiff libpam-doc_1.5.3-5ubuntu5{,.1}_all.deb` and verify that the documents are present * upgrade * Obtain a mantic test system - I personally used a mantic chroot * `apt install libpam-doc doc-base` * Adjust apt sources to change mantic to noble and ensure noble-proposed is present * `apt update; apt install libpam-doc/noble-proposed` * Verify that the "Error in /usr/share/doc-base" messages are no longer present [ Where problems could occur ] * As usual, no SRU has zero risk * Any change to pam risks problems in user logins failing, so that is reflected in the regression test plan on LP: #2064350 [ Other Info ] * None at this time original description follows: --- Imported from Debian bug http://bugs.debian.org/1065064: Package: libpam-doc Version: 1.5.3-4 Severity: normal An upgrade reported: Error in `/usr/share/doc-base/libpam-doc.pam-admin-guide', line 14: all `Format' sections are invalid. Error in `/usr/share/doc-base/libpam-doc.pam-applications-guide', line 17: all `Format' sections are invalid. Error in `/usr/share/doc-base/libpam-doc.pam-modules-guide', line 14: all `Format' sections are invalid. This is true; all of /usr/share/doc/libpam-doc/html/Linux-PAM_SAG.html, /usr/share/doc/libpam-doc/html/sag-*.html, /usr/share/doc/libpam-doc/txt/Linux-PAM_SAG.txt.gz, /usr/share/doc/libpam-doc/html/Linux-PAM_ADG.html, /usr/share/doc/libpam-doc/html/adg*.html, /usr/share/doc/libpam-doc/txt/Linux-PAM_ADG.txt.gz, /usr/share/doc/libpam-doc/html/Linux-PAM_MWG.html, /usr/share/doc/libpam-doc/html/mwg*.html, and /usr/share/doc/libpam-doc/txt/Linux-PAM_MWG.txt.gz are listed in those doc-base files but are in fact missing. I don't know whether this is intentional (in which case the doc-base registrations should be removed to match), or an accidental build issue that should be fixed. -- System Information: Debian Release: trixie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 6.6.0-14-generic (SMP w/4 CPU threads; PREEMPT) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_FIRMWARE_WORKAROUND, TAINT_OOT_MODULE Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: unable to detect -- no debconf information -- Colin Watson (he/him) [cjwat...@debian.org] To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/2064360/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064350] Re: pam_userdb.so is missing
** Changed in: pam (Ubuntu) Status: In Progress => Fix Committed ** Changed in: pam (Ubuntu Noble) Status: New => In Progress ** Changed in: pam (Ubuntu Noble) Importance: Undecided => High ** Changed in: pam (Ubuntu Noble) Assignee: (unassigned) => Dan Bungert (dbungert) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to pam in Ubuntu. https://bugs.launchpad.net/bugs/2064350 Title: pam_userdb.so is missing Status in pam package in Ubuntu: Fix Committed Status in pam source package in Noble: In Progress Status in pam package in Debian: Fix Released Bug description: [ Impact ] * In the process of bootstrapping pam for time_t, libdb-dev was deliberately removed in salsa commit 65621d8 to allow libdb-dev to undergo time_t transition. * The result of that is no pam_userdb.so in libpam-modules * The fix takes the form of correcting a build dependency, which results in pam_userdb.so being again available. [ Test Plan ] * regression * obtain a noble test system - I personally used a noble chroot * adjust apt sources and ensure noble-proposed is present * install libpam-modules 1.5.3-5ubuntu5.1 * login to the test machine with appropriate credentials - the literal `login` command is useful here * userdb functionality * start with the same test machine from the regression test * install db5.3-util * modify /etc/pam.d/login to comment out all `auth` lines, and add this instead ``` auth requisite pam_userdb.so db=/etc/dbtest ``` * create a textfile named `input` that looks like ``` your_username test_password - different than /etc/shadow ``` * `db5.3_load -T -f input -t hash /etc/dbtest.db` * login to the test machine with your_username and the test_password - the literal `login` command is useful here [ Where problems could occur ] * As usual, no SRU has zero risk * Any change to pam risks problems in user logins failing, so a basic regression test has been provided [ Other Info ] * None at this time original description follows --- The file is missing from libpam-modules. This breaks, for example, existing vsftp configs if it is configured to use pam_userdb.so Log: vsftpd: PAM unable to dlopen(pam_userdb.so): /usr/lib/security/pam_userdb.so: cannot open shared object file: No such file or directory vsftpd: PAM adding faulty module: pam_userdb.so Apparently there was a change which removed this in the past, and it might be the removal has not been undone, while the package has been released nevertheless. http://changelogs.ubuntu.com/changelogs/pool/main/p/pam/pam_1.5.3-5ubuntu5/changelog * For now remove libdb-dev so that libdb-dev can undergo time_t transition. That means this version of pam does not include pam_userdb, which makes pam unsuitable for release. $ lsb_release -rd No LSB modules are available. Description:Ubuntu 24.04 LTS Release:24.04 $ apt-cache policy libpam-modules libpam-modules: Installed: 1.5.3-5ubuntu5 Candidate: 1.5.3-5ubuntu5 Version table: *** 1.5.3-5ubuntu5 500 500 http://de.archive.ubuntu.com/ubuntu noble/main amd64 Packages 100 /var/lib/dpkg/status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/pam/+bug/2064350/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2061995] Re: ULTS 22, 24: FontConfig broken by including ".conf" file
After several hundred package updates over time this problem is no longer occurring, I suspect that it was something buggy in the XML library used by FotnConfig. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to fontconfig in Ubuntu. https://bugs.launchpad.net/bugs/2061995 Title: ULTS 22,24: FontConfig broken by including ".conf" file Status in Ubuntu: New Status in fontconfig package in Ubuntu: New Bug description: This happens to me on both ULTS 22 and ULKTS 24 on FotnConfig in somewhat different ways: * In ULTS 24 if there is a file '/etc/fonts/local.conf' then all fonts are rendered as if the font were not hinted or 'hinting' were 'false'. This is not noticeable if antialiasing is on, and most users default to antialiasing. * In ULTS 22 if there is a file '$XDG_CONFIG_HOME/fontconfig/fonts.conf' then some fonts are no longer found, or get rendered with rectangular shapes. I guess not many users customize their font settings. A telling example from ULTS 22: $ cat /etc/fonts/conf.d/10-antialias.conf false $ cp -p /etc/fonts/conf.d/10-antialias.conf $XDG_CONFIG_HOME/fontconfig/fonts.conf $ fc-list 'dejavu sans mono' family $ rm $XDG_CONFIG_HOME/fontconfig/fonts.conf $ fc-list 'dejavu sans mono' family DejaVu Sans Mono This happens also with a skeleton '$XDG_CONFIG_HOME/fontconfig/fonts.conf' (or '/etc/fonts/local.conf') too: $ cat > $XDG_CONFIG_HOME/fontconfig/fonts.conf $ fc-list 'dejavu sans mono' family $ rm $XDG_CONFIG_HOME/fontconfig/fonts.conf $ fc-list 'dejavu sans mono' family DejaVu Sans Mono None of these anomalies happen under ULST 20. My impression: symptoms vary and are weird, so probably it is something like a buffer overflow when reading the ".conf" files or the use of not-initialized memory. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+bug/2061995/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064457] Re: Merge rsync from Debian unstable for oracular
** Changed in: rsync (Ubuntu) Assignee: Sergio Durigan Junior (sergiodj) => Mitchell Dzurick (mitchdz) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsync in Ubuntu. https://bugs.launchpad.net/bugs/2064457 Title: Merge rsync from Debian unstable for oracular Status in rsync package in Ubuntu: New Bug description: Upstream: tbd Debian: 3.3.0-1 Ubuntu: 3.2.7-1ubuntu1 Debian does new releases regularly, so it's likely there will be newer versions available before FF that we can pick up if this merge is done later in the cycle. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### rsync (3.3.0-1) unstable; urgency=medium [ Aquila Macedo Costa ] * d/control: Bump Standards-Version to 4.6.2 [ Samuel Henrique ] * New upstream version 3.3.0 (closes: #1068630) * Bump Standards-Version to 4.7.0 * Update patches * d/patches: Drop merged patches * d/control: Drop dependency on lsb-base * d/rsync.lintian-overrides: Update overrides -- Samuel Henrique Fri, 12 Apr 2024 00:28:29 +0100 rsync (3.2.7-1) unstable; urgency=medium [ Juri Grabowski ] * New upstream version 3.2.7 * Remove patches included in new release [ Helmut Grohne ] * Fix FTCBFS: Use native instances for python build depends (closes: #1022988). [ Samuel Henrique ] * d/rsync.lintian-overrides: Update findings as per lintian changes * d/patches: Add two upstream patches to fix issues post 3.2.7 release: - trust_the_sender_on_a_local_transfer.patch - avoid_quoting_of_tilde_when_its_a_destination_arg.patch -- Samuel Henrique Sun, 18 Dec 2022 14:10:54 + rsync (3.2.6-4) unstable; urgency=medium * Upload to unstable - d/patches: ~ fix_files_from.patch: Upstream patch to address the files-from issue. ~ fix_relative.patch: Upstream patch to fix exclusion of /. with --relative. ~ fix_remote_filter_rules_validation.patch: Upstream patch to fix bug with validating remote filter rules. (closes: #1018296, #1019561) -- Samuel Henrique Wed, 21 Sep 2022 18:58:57 +0100 rsync (3.2.6-3) experimental; urgency=medium * d/patches: - fix_files_from.patch: Upstream patch to address the files-from issue, likely to also be related to #1019561 and #1018296 - fix_relative.patch: Upstream patch to fix exclusion of /. with --relative -- Samuel Henrique Wed, 14 Sep 2022 19:25:19 +0100 rsync (3.2.6-2) experimental; urgency=medium * d/p/fix_remote_filter_rules_validation.patch: New upstream patch to try to fix #1019561 and #1018296 -- Samuel Henrique Tue, 13 Sep 2022 20:55:01 +0100 rsync (3.2.6-1) unstable; urgency=medium * New upstream version 3.2.6 - Added a safety check that prevents the sender from removing destination files when a local copy using --remove-source-files has some files that are shared between the sending & receiving hierarchies, including the case where the source dir & destination dir are identical (closes: #1016102) * Bump Standards-Version to 4.6.1 -- Samuel Henrique Sat, 10 Sep 2022 20:03:51 +0100 rsync (3.2.5-1) unstable; urgency=medium * New upstream version 3.2.5 - Added some file-list safety checking that helps to ensure that a rogue sending rsync can't add unrequested top-level names and/or include recursive names that should have been excluded by the sender. These extra safety checks only require the receiver rsync to be updated. When dealing with an untrusted sending host, it is safest to copy into a dedicated destination directory for the remote content (i.e. don't copy into a destination directory that contains files that aren't from the remote host unless you trust the remote host) (closes: #1016543, CVE-2022-29154). - The build date that goes into the manpages is now based on the developer's release date, not on the build's local-timezone interpretation of the date (closes: #1009981) -- Samuel Henrique Tue, 16 Aug 2022 11:03:48 +0100 rsync (3.2.4-1) unstable; urgency=medium [ Samuel Henrique ] * New upstream version 3.2.4 - Work around a glibc bug where lchmod() breaks in a chroot w/o /proc mounted (closes: #995046). - rsync.1: remove prepended backticks which broke --stop-after and --stop-at formatting (closes: #1007990). ### Old Ubuntu Delta ### rsync (3.2.7-1ubuntu1) noble; urgency=medium * add d/p/
[Touch-packages] [Bug 2064535] [NEW] jammy update from 23.0.4 to 23.2.1 dropped transitional packages
Public bug reported: I happened to notice that the bump from 23.0.4 to 23.2.1 in jammy included a change that dropped a number of transitional packages: mesa (23.1.4-1) unstable; urgency=medium [ Diederik de Haas ] * Drop transitional libegl1-mesa package (Closes: #1032712) * Drop transitional libgles2-mesa package (Closes: #1032718) * Drop transitional libwayland-egl1-mesa package (Closes: #1032737) * Drop transitional libgl1-mesa-glx package (Closes: #1032738) * d/README.source: Update git repo location to Salsa Since I did not see that discussed in the SRU bug 2037604, I thought I'd call attention to it. No objection to this being closed as Won't Fix. I don't think this impacts any supported upgrade paths - focal GA'd w/ 20.0.4-2ubuntu1 which seems to have already had these transitional packages in place. This is presumably a practical regression for someone upgrading an old bionic install straight to jammy but that, of course, is not supported. ** Affects: mesa (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to mesa in Ubuntu. https://bugs.launchpad.net/bugs/2064535 Title: jammy update from 23.0.4 to 23.2.1 dropped transitional packages Status in mesa package in Ubuntu: New Bug description: I happened to notice that the bump from 23.0.4 to 23.2.1 in jammy included a change that dropped a number of transitional packages: mesa (23.1.4-1) unstable; urgency=medium [ Diederik de Haas ] * Drop transitional libegl1-mesa package (Closes: #1032712) * Drop transitional libgles2-mesa package (Closes: #1032718) * Drop transitional libwayland-egl1-mesa package (Closes: #1032737) * Drop transitional libgl1-mesa-glx package (Closes: #1032738) * d/README.source: Update git repo location to Salsa Since I did not see that discussed in the SRU bug 2037604, I thought I'd call attention to it. No objection to this being closed as Won't Fix. I don't think this impacts any supported upgrade paths - focal GA'd w/ 20.0.4-2ubuntu1 which seems to have already had these transitional packages in place. This is presumably a practical regression for someone upgrading an old bionic install straight to jammy but that, of course, is not supported. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mesa/+bug/2064535/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2059734] Re: Tar fails to extract archives that include folders with certain permissions on armhf
If you compile tar from scratch within the Docker container, then you do not see the error. ``` wget https://ftp.gnu.org/gnu/tar/tar-1.35.tar.gz tar -xzf tar-1.35.tar.gz ``` Ignore the errors from the tar process :-) ``` apt install build-essential libacl1-dev -y cd tar-1.35 FORCE_UNSAFE_CONFIGURE=1 ./configure --prefix=/usr make install ``` Now `tar -xf` works as expected. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tar in Ubuntu. https://bugs.launchpad.net/bugs/2059734 Title: Tar fails to extract archives that include folders with certain permissions on armhf Status in tar package in Ubuntu: Confirmed Bug description: When running Ubuntu Noble in an arm32 Docker container, on certain hosts (Azure VM CI agents), tar fails to extract certain archives that include folders with specific permissions set. Here's a concise repro. The error occurs in when building the Dockerfile. I can only get this to work on Azure VMs, but can't find out why. ```Dockerfile FROM ubuntu.azurecr.io/ubuntu:noble # Create the problematic archive RUN mkdir /test \ && chmod 775 /test \ && cd /test \ && mkdir 775 \ && chmod 775 775 \ && touch 775/test.txt \ && chmod 644 775/test.txt \ && tar -czvf /test.tar.gz . # Extracting it gives an error RUN mkdir -p /test2 \ && tar -tzvf /test.tar.gz \ && tar -oxzf /test.tar.gz -C /test2 ``` What I expected to happen: The test.tar.gz archive should be successfully extracted to the /test2 directory. What happened instead: Tar throws the following error: ``` tar: ./775: Cannot change mode to rwxrwxr-x: Operation not permitted tar: Exiting with failure status due to previous errors ``` The Ubuntu container is running as root so there shouldn't be any permission errors. Since this is running in a container, I observed this happening on the following kernel: `Linux version 5.15.148.2-2.cm2 (root@CBL-Mariner) (gcc (GCC) 11.2.0, GNU ld (GNU Binutils) 2.37) #1 SMP Fri Feb 23 23:38:33 UTC 2024` As well as `Linux 6.5.0-1017-azure #17~22.04.1-Ubuntu SMP Sat Mar 9 10:04:07 UTC 2024 aarch64 aarch64 aarch64 GNU/Linux` I was not able to reproduce it using Ubuntu 22.04 Jammy (ubuntu.azurecr.io/ubuntu:jammy), using the same kernel as above. Additionally I was not able to reproduce this on the kernel `Linux cb0507859b24 5.15.146.1-microsoft-standard-WSL2 #1 SMP Thu Jan 11 04:09:03 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux`, which is running on my work machine, using Docker qemu emulation for the arm32 image. Ubuntu version: Ubuntu Noble Numbat (development branch) 24.04 (from ubuntu.azurecr.io/ubuntu:noble) tar version: `1.35+dfsg-3` To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tar/+bug/2059734/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2059734] Re: Tar fails to extract archives that include folders with certain permissions on armhf
This also affects ppc64le Docker images. These commands work fine on x86_64, arm64 and s390 but fail on POWER9. ``` docker run -it --rm ubuntu:noble apt-get -y update apt install -y wget cd /tmp wget a-tar-file-of-your-choice.tar.gz tar -xzf a-tar-file-of-your-choice.tar.gz ``` Error message: ... tar: your/file.1: Cannot change mode to rwxrwxr-x: Operation not permitted tar: your/file.2: Cannot change mode to rwxrwxr-x: Operation not permitted tar: your/file.3: Cannot change mode to rwxrwxr-x: Operation not permitted tar: Exiting with failure status due to previous errors ``` -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tar in Ubuntu. https://bugs.launchpad.net/bugs/2059734 Title: Tar fails to extract archives that include folders with certain permissions on armhf Status in tar package in Ubuntu: Confirmed Bug description: When running Ubuntu Noble in an arm32 Docker container, on certain hosts (Azure VM CI agents), tar fails to extract certain archives that include folders with specific permissions set. Here's a concise repro. The error occurs in when building the Dockerfile. I can only get this to work on Azure VMs, but can't find out why. ```Dockerfile FROM ubuntu.azurecr.io/ubuntu:noble # Create the problematic archive RUN mkdir /test \ && chmod 775 /test \ && cd /test \ && mkdir 775 \ && chmod 775 775 \ && touch 775/test.txt \ && chmod 644 775/test.txt \ && tar -czvf /test.tar.gz . # Extracting it gives an error RUN mkdir -p /test2 \ && tar -tzvf /test.tar.gz \ && tar -oxzf /test.tar.gz -C /test2 ``` What I expected to happen: The test.tar.gz archive should be successfully extracted to the /test2 directory. What happened instead: Tar throws the following error: ``` tar: ./775: Cannot change mode to rwxrwxr-x: Operation not permitted tar: Exiting with failure status due to previous errors ``` The Ubuntu container is running as root so there shouldn't be any permission errors. Since this is running in a container, I observed this happening on the following kernel: `Linux version 5.15.148.2-2.cm2 (root@CBL-Mariner) (gcc (GCC) 11.2.0, GNU ld (GNU Binutils) 2.37) #1 SMP Fri Feb 23 23:38:33 UTC 2024` As well as `Linux 6.5.0-1017-azure #17~22.04.1-Ubuntu SMP Sat Mar 9 10:04:07 UTC 2024 aarch64 aarch64 aarch64 GNU/Linux` I was not able to reproduce it using Ubuntu 22.04 Jammy (ubuntu.azurecr.io/ubuntu:jammy), using the same kernel as above. Additionally I was not able to reproduce this on the kernel `Linux cb0507859b24 5.15.146.1-microsoft-standard-WSL2 #1 SMP Thu Jan 11 04:09:03 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux`, which is running on my work machine, using Docker qemu emulation for the arm32 image. Ubuntu version: Ubuntu Noble Numbat (development branch) 24.04 (from ubuntu.azurecr.io/ubuntu:noble) tar version: `1.35+dfsg-3` To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tar/+bug/2059734/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2061825] Re: [SRU] ucf fails to work for local diversions on Jammy
I wondered if ucf is expected to handle dpkg-divert -ed files in the first place, since that seemed odd to me. It does seem like that's a feature the code was intended to support, although it's unclear to me if it ever worked, and it's not really documented anywhere I can find except that is implied by the manpage. So it seems like it's debatable as to whether this is a bugfix or a request to add a feature. Looking at your description of "Impact", please could you expand on what you're trying to achieve? Why are you using dpkg-divert to divert configuration files installed by ucf? Did this method work in a previous release? Why aren't you writing chrony.conf and then using UCF_FORCE_CONFFOLD=1 instead, or just overwriting chrony.conf after installation, given that ucf is intended to gracefully handle local configuration file changes? I ask because this seems like a risky change to make. ucf is widely used, we don't have the means to test a broad set of uses, it ships with no automated tests, and this particular "fix" was uploaded in a Debian NMU that has yet to be acknowledged by the maintainer. I'd like to understand the use case and why it is essential to fix this in order to weigh up the risk please. If we do decide to go ahead, then there are a few things that need fixing, please. The Test Plan must include the common case - that ucf continues to work as expected when there is no diversion. Since there are no automated tests whatsoever, please include exercise of the common cases that ucf handles (installation, upgrade when packaging changes the configuration file, with and without local user modification, package removal/purge, etc). Please fix the changelog description to explain what the actual user story is that is being fixed, so that users can easily see if the fix is relevant to them or not. For example: "Fix handling of configuration files diverted with dpkg-divert (LP: #...)". Feel free to mention other things like the syntax error if you wish, but just saying that you're fixing a syntax error doesn't really convey anything useful to most readers. ** Changed in: ucf (Ubuntu Jammy) Status: In Progress => Incomplete -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ucf in Ubuntu. https://bugs.launchpad.net/bugs/2061825 Title: [SRU] ucf fails to work for local diversions on Jammy Status in ucf package in Ubuntu: Fix Released Status in ucf source package in Jammy: Incomplete Bug description: [ Impact ] When a dpkg-diversion is used to setup a package diversion and ucf for managing the configuration files for chrony package, the postinst script of ucf fails when installing chrony. This issue isn't specific to chrony but can happen for any package whose config files are managed by ucf. This affects users on Jammy who use ucf. Newer versions of ucf have this bug fixed already. [ Test Plan ] 1. Create a Jammy container or VM 2. Setup a diversion for chrony.conf: dpkg-divert --package chrony --add --rename --divert /etc/chrony/chrony.conf.custom /etc/chrony/chrony.conf 3. Install chrony: apt install chrony -y 4. Notice the postinst script fail with syntax errors such as: ``` Preparing to unpack .../chrony_4.2-2ubuntu2_amd64.deb ... Unpacking chrony (4.2-2ubuntu2) ... Setting up chrony (4.2-2ubuntu2) ... /usr/bin/ucf: 444: [: missing ] grep: ]: No such file or directory /usr/bin/ucf: 444: [: missing ] grep: ]: No such file or directory ``` 5. Install the package with the fix from the PPA: https://launchpad.net/~pponnuvel/+archive/ubuntu/ucf-jammy (to be replaced with the package from the -proposed pocket) 6. Repeat the same from steps 1 to 4 and notice no failures at step4. [ Where problems could occur ] Can further introduce similar bugs if the patch contains similar syntax errors. Consequently local diversion may not take effect for packages using ucf to manage configuration files. [ Other Info ] Upstream bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979354 It's been fixed in version ucf/3.0043+nmu1. Lunar/Mantic/Noble all have the ucf version with this patch. Affects Jammy only and thus backported to only Jammy. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ucf/+bug/2061825/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2061825] Re: [SRU] ucf fails to work for local diversions on Jammy
> * run update-maintainer script FWIW, it's not necessary to mention this directly. It is correct to do it, but convention is to skip mentioning it in the changelog because otherwise we'd have to unnecessarily mention it on nearly every Ubuntu upload. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to ucf in Ubuntu. https://bugs.launchpad.net/bugs/2061825 Title: [SRU] ucf fails to work for local diversions on Jammy Status in ucf package in Ubuntu: Fix Released Status in ucf source package in Jammy: Incomplete Bug description: [ Impact ] When a dpkg-diversion is used to setup a package diversion and ucf for managing the configuration files for chrony package, the postinst script of ucf fails when installing chrony. This issue isn't specific to chrony but can happen for any package whose config files are managed by ucf. This affects users on Jammy who use ucf. Newer versions of ucf have this bug fixed already. [ Test Plan ] 1. Create a Jammy container or VM 2. Setup a diversion for chrony.conf: dpkg-divert --package chrony --add --rename --divert /etc/chrony/chrony.conf.custom /etc/chrony/chrony.conf 3. Install chrony: apt install chrony -y 4. Notice the postinst script fail with syntax errors such as: ``` Preparing to unpack .../chrony_4.2-2ubuntu2_amd64.deb ... Unpacking chrony (4.2-2ubuntu2) ... Setting up chrony (4.2-2ubuntu2) ... /usr/bin/ucf: 444: [: missing ] grep: ]: No such file or directory /usr/bin/ucf: 444: [: missing ] grep: ]: No such file or directory ``` 5. Install the package with the fix from the PPA: https://launchpad.net/~pponnuvel/+archive/ubuntu/ucf-jammy (to be replaced with the package from the -proposed pocket) 6. Repeat the same from steps 1 to 4 and notice no failures at step4. [ Where problems could occur ] Can further introduce similar bugs if the patch contains similar syntax errors. Consequently local diversion may not take effect for packages using ucf to manage configuration files. [ Other Info ] Upstream bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=979354 It's been fixed in version ucf/3.0043+nmu1. Lunar/Mantic/Noble all have the ucf version with this patch. Affects Jammy only and thus backported to only Jammy. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ucf/+bug/2061825/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064435] Re: Merge openssh from Debian unstable for oracular
** Changed in: openssh (Ubuntu) Milestone: None => ubuntu-24.10-beta -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssh in Ubuntu. https://bugs.launchpad.net/bugs/2064435 Title: Merge openssh from Debian unstable for oracular Status in openssh package in Ubuntu: New Bug description: Scheduled-For: Backlog Upstream: tbd Debian: 1:9.7p1-4 Ubuntu: 1:9.6p1-3ubuntu13 NOT SERVER TEAM has maintained this package's merge in the past. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### openssh (1:9.7p1-4) unstable; urgency=medium * Rework systemd readiness notification and socket activation patches to not link against libsystemd (the former via an upstream patch). * Force -fzero-call-used-regs=used not to be used on ppc64el (it's unsupported, but configure fails to detect this). -- Colin Watson Wed, 03 Apr 2024 12:06:08 +0100 openssh (1:9.7p1-3) unstable; urgency=medium * Fix gssapi-keyex declaration further (thanks, Andreas Hasenack; LP: #2053146). * Extend -fzero-call-used-regs check to catch m68k gcc bug (closes: #1067243). * debian/tests/regress: Set a different IP address for UNKNOWN. * Re-enable ssh-askpass-gnome on all architectures. * regress: Redirect conch stdin from /dev/zero (re-enables conch interop tests). * Drop 'Work around RSA SHA-2 signature issues in conch' patch (no longer needed now that Twisted is fixed). -- Colin Watson Sun, 31 Mar 2024 11:55:38 +0100 openssh (1:9.7p1-2) unstable; urgency=medium [ Simon McVittie ] * d/control, d/rules: Disable ssh-askpass-gnome on 32-bit, except i386 (closes: #1066847). -- Colin Watson Thu, 14 Mar 2024 11:45:12 + openssh (1:9.7p1-1) unstable; urgency=medium * Add the isolation-container restriction to the 'regress' autopkgtest. Our setup code wants to ensure that the haveged service is running, and furthermore at least the agent-subprocess test assumes that there's an init to reap zombie processes and doesn't work in (e.g.) autopkgtest-virt-unshare. * New upstream release (https://www.openssh.com/releasenotes.html#9.7p1): - ssh(1), sshd(8): add a 'global' ChannelTimeout type that watches all open channels and will close all open channels if there is no traffic on any of them for the specified interval. This is in addition to the existing per-channel timeouts added recently. This supports situations like having both session and x11 forwarding channels open where one may be idle for an extended period but the other is actively used. The global timeout could close both channels when both have been idle for too long (closes: #165185). - All: make DSA key support compile-time optional, defaulting to on. - sshd(8): don't append an unnecessary space to the end of subsystem arguments (bz3667) - ssh(1): fix the multiplexing 'channel proxy' mode, broken when keystroke timing obfuscation was added. (GHPR#463) - ssh(1), sshd(8): fix spurious configuration parsing errors when options that accept array arguments are overridden (bz3657). - ssh-agent(1): fix potential spin in signal handler (bz3670) - Many fixes to manual pages and other documentation. - Greatly improve interop testing against PuTTY. * Skip utimensat test on ZFS, since it seems to leave the atime set to 0. * Allow passing extra options to debian/tests/regress, for debugging. * Fix gssapi-keyex declaration, broken when rebasing onto 8.9p1 (LP: #2053146). -- Colin Watson Thu, 14 Mar 2024 10:47:58 + openssh (1:9.6p1-5) unstable; urgency=medium * Restore systemd template unit for per-connection sshd instances, although without any corresponding .socket unit for now; this is mainly for use with the forthcoming systemd-ssh-generator (closes: #1061516). It's now called sshd@.service, since unlike the main service there's no need to be concerned about compatibility with the slightly confusing 'ssh' service name that Debian has traditionally used. -- Colin Watson Wed, 06 Mar 2024 09:45:56 + openssh (1:9.6p1-4) unstable; urgency=medium * Add sshd_config checksums for 1:9.2p1-1 to ucf reference file, and add a test to ensure it doesn't get out of date again. * Drop manual adjustment of OpenSSL dependencies; OpenSSH relaxed its checks for OpenSSL >= 3 in 9.4p1. * Build-depend on pkgconf rather than pkg-config. * Adjust debian/c
[Touch-packages] [Bug 2064411] Re: Merge krb5 from Debian unstable for oracular
** Changed in: krb5 (Ubuntu) Milestone: None => ubuntu-24.10-beta -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/2064411 Title: Merge krb5 from Debian unstable for oracular Status in krb5 package in Ubuntu: Incomplete Bug description: Scheduled-For: Backlog Upstream: tbd Debian: 1.20.1-6 Ubuntu: 1.20.1-6ubuntu2 There is nothing yet to merge for krb5 currently, but this ticket is filed prospectfully for tracking purposes in case a merge does become available later this cycle. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### krb5 (1.20.1-6) unstable; urgency=medium * Fix up libverto1*->libverto1*t64, Closes: #1065702 -- Sam Hartman Sun, 10 Mar 2024 19:36:33 -0600 krb5 (1.20.1-5.1) unstable; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1064164 -- Lukas Märdian Wed, 28 Feb 2024 15:25:37 + krb5 (1.20.1-5) unstable; urgency=medium [ Helmut Grohne ] * Annotate test dependencies . (Closes: #1054461) [ Sam Hartman ] * Fix keyutils to be linux-any -- Helmut Grohne Tue, 24 Oct 2023 07:17:27 +0200 krb5 (1.20.1-4) unstable; urgency=low [ Steve Langasek ] * libkrb5support0: require strict binary dependency to deal with glibc 2.38, Closes: #1043184 [Jelmer Vernooij] * krb5-user: Use alternatives for kinit, klist, kswitch, ksu, kpasswd, kdestroy, kadmin and ktutil. This allows installation together with heimdal-clients. Closes: #213316, #751203 [ Sam Hartman ] * Enable build-time tests, Thanks Andreas Hasenack, Closes: #1017763 * Work around doxygen change that breaks doc build, Thanks Greg Hudson, Closes: #1051523 -- Sam Hartman Mon, 11 Sep 2023 11:06:57 -0600 krb5 (1.20.1-3) unstable; urgency=high * Fixes CVE-2023-36054: a remote authenticated attacker can cause kadmind to free an uninitialized pointer. Upstream believes remote code execusion is unlikely, Closes: #1043431 -- Sam Hartman Mon, 14 Aug 2023 14:06:53 -0600 krb5 (1.20.1-2) unstable; urgency=medium * Tighten dependencies on libkrb5support0. This means that the entire upgrade from bullseye to bookworm needs to be lockstep, but it appears that's what is required, Closes: #1036055 -- Sam Hartman Mon, 15 May 2023 17:44:41 -0600 krb5 (1.20.1-1) unstable; urgency=high [ Bastian Germann ] * Sync debian/copyright with NOTICE from upstream [ Debian Janitor ] * Trim trailing whitespace. * Strip unusual field spacing from debian/control. * Use secure URI in Homepage field. * Merge upstream signing key files. * Update renamed lintian tag names in lintian overrides. * Update standards version to 4.6.1, no changes needed. * Remove field Section on binary package krb5-gss-samples that duplicates source. * Fix field name cases in debian/control (VCS-Browser => Vcs-Browser, VCS-Git => Vcs-Git). [ Sam Hartman ] * New upstream release - Integer overflows in PAC parsing; potentially critical for 32-bit KDCs or when cross-realm acts maliciously; DOS in other conditions; CVE-2022-42898, Closes: #1024267 * Tighten version dependencies around crypto library, Closes: 1020424 * krb5-user reccomends rather than Depends on krb5-config. This avoids a hard dependency on bind9-host, but also supports cases where krb5-config is externally managed, Closes: #1005821 -- Sam Hartman Thu, 17 Nov 2022 10:34:28 -0700 krb5 (1.20-1) unstable; urgency=medium * New Upstream Version * Do not specify master key type to avoid weak crypto, Closes: #1009927 -- Sam Hartman Fri, 22 Jul 2022 16:32:38 -0600 krb5 (1.20~beta1-1) experimental; urgency=medium * New Upstream version -- Sam Hartman Thu, 07 Apr 2022 11:57:27 -0600 krb5 (1.19.2-2) unstable; urgency=medium ### Old Ubuntu Delta ### krb5 (1.20.1-6ubuntu2) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek Sun, 31 Mar 2024 07:42:10 + krb5 (1.20.1-6ubuntu1) noble; urgency=medium * Fix tests with Python 3.12. -- Matthias Klose Sun, 24 Mar 2024 12:51:41 +0100 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/2064411/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.laun
[Touch-packages] [Bug 2064399] Re: Merge cyrus-sasl2 from Debian unstable for oracular
** Changed in: cyrus-sasl2 (Ubuntu) Assignee: (unassigned) => Andreas Hasenack (ahasenack) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to cyrus-sasl2 in Ubuntu. https://bugs.launchpad.net/bugs/2064399 Title: Merge cyrus-sasl2 from Debian unstable for oracular Status in cyrus-sasl2 package in Ubuntu: New Bug description: Upstream: tbd Debian: 2.1.28+dfsg1-6 Ubuntu: 2.1.28+dfsg1-5ubuntu3 Debian does new releases regularly, so it's likely there will be newer versions available before FF that we can pick up if this merge is done later in the cycle. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### cyrus-sasl2 (2.1.28+dfsg1-6) unstable; urgency=medium * Team upload * Patch: Prevent six import (Closes: #1067425) -- Bastian Germann Thu, 21 Mar 2024 19:19:46 + cyrus-sasl2 (2.1.28+dfsg1-5) unstable; urgency=medium * Team upload * Fix implicit function declaration (Closes: #1066214) * Prevent linking via intersphinx (Closes: #1065436) * Extend the time_t format specifiers to long long (Closes: #1066811) -- Bastian Germann Wed, 20 Mar 2024 19:03:11 + cyrus-sasl2 (2.1.28+dfsg1-4) unstable; urgency=medium * Team upload * Clean docsrc/exts/themes (Closes: #1045111) * Drop gen-auth and saslfinger * Remove Uploaders who contributed more than a decade ago * Remove myself from Uploaders -- Bastian Germann Sat, 11 Nov 2023 22:17:13 +0100 cyrus-sasl2 (2.1.28+dfsg1-3) unstable; urgency=medium * Let libsasl2-dev depend on libssl-dev (Closes: #1042937) -- Bastian Germann Fri, 04 Aug 2023 00:35:18 +0200 cyrus-sasl2 (2.1.28+dfsg1-2) unstable; urgency=medium * Eliminate RSA-MD from binaries (Closes: #748061) -- Bastian Germann Tue, 01 Aug 2023 16:16:30 +0200 cyrus-sasl2 (2.1.28+dfsg1-1) unstable; urgency=medium * Exclude crypto-compat * New upstream version 2.1.28+dfsg1 * Get rid of BSD-4-clause-KTH * Use SPDX name for the primary license * Add Turkish translation (Closes: #1036910) [ Andreas Hasenack ] * d/t/saslauthd: fix test flakiness (Closes: #1036893) -- Bastian Germann Mon, 05 Jun 2023 23:24:14 +0200 cyrus-sasl2 (2.1.28+dfsg-11) unstable; urgency=medium [ Debian Janitor ] * Apply multi-arch hints. + cyrus-sasl2-doc: Add Multi-Arch: foreign. [ Bastian Germann ] * Add Romanian translation (Closes: #1031499) * Fix lintian depends-on-obsolete-package (lsb-base) * Add saslauthd.service (Closes: #981438) * Remove dh_installinit params * Install saslauthd.service similar to saslauthd.init * Drop old NEWS * Fix systemd-service-file-missing-documentation-key -- Bastian Germann Wed, 01 Mar 2023 00:52:04 +0100 cyrus-sasl2 (2.1.28+dfsg-10) unstable; urgency=medium [ Helmut Grohne ] * Explicitly B-D on libcrypt-dev (Closes: #1024644) -- Bastian Germann Tue, 22 Nov 2022 17:48:33 +0100 cyrus-sasl2 (2.1.28+dfsg-9) unstable; urgency=medium * d/watch: Scan GitHub release API [ Helmut Grohne ] * Depend on ABI-less libc-dev rather than libc6-dev (Closes: #1023838) -- Bastian Germann Fri, 11 Nov 2022 12:27:36 +0100 cyrus-sasl2 (2.1.28+dfsg-8) unstable; urgency=medium [ Andreas Hasenack ] * Add SASL channel binding support for GSSAPI and GSS-SPNEGO (LP: #1912256): - d/p/0034-channel-binding-gssapi-gss-spnego.patch: add SASL channel binding support for GSSAPI and GSS-SPNEGO - d/p/0035-Add-support-for-setting-max-ssf-0-to-GSS-SPNEGO-1.patch: allow setting maxssf to 0 when using GSS-SPNEGO inside SSL/TLS - d/p/0035-Add-support-for-setting-max-ssf-0-to-GSS-SPNEGO-2.patch: be more conformant to RFC4752 -- Bastian Germann Mon, 05 Sep 2022 14:30:39 +0200 cyrus-sasl2 (2.1.28+dfsg-7) unstable; urgency=medium * d/tests: Relicense to GPL-3 ### Old Ubuntu Delta ### cyrus-sasl2 (2.1.28+dfsg1-5ubuntu3) noble; urgency=medium * No-change rebuild for time_t transition. -- Sergio Durigan Junior Fri, 05 Apr 2024 15:59:59 -0400 cyrus-sasl2 (2.1.28+dfsg1-5ubuntu2) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek Sun, 31 Mar 2024 07:31:27 + cyrus-sasl2 (2.1.28+dfsg1-5ubuntu1) noble; urgency=medium * Add Depends: python3-six -- Jeremy Bícha Thu, 21 Mar 2024 09:33:35 -0400 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cyrus-sasl2/+bug/2064399/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-pa
[Touch-packages] [Bug 2064420] Re: Merge libseccomp from Debian unstable for oracular
** Changed in: libseccomp (Ubuntu) Milestone: None => ubuntu-24.10-beta -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to libseccomp in Ubuntu. https://bugs.launchpad.net/bugs/2064420 Title: Merge libseccomp from Debian unstable for oracular Status in libseccomp package in Ubuntu: Incomplete Bug description: Scheduled-For: Backlog Upstream: tbd Debian: 2.5.5-1 Ubuntu: 2.5.5-1ubuntu3 NOT SERVER TEAM has maintained this package's merge in the past. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### Old Ubuntu Delta ### libseccomp (2.5.5-1ubuntu3) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek Sun, 31 Mar 2024 07:58:07 + libseccomp (2.5.5-1ubuntu2) noble; urgency=medium * No-change rebuild to build with python3.12 only. -- Matthias Klose Sat, 16 Mar 2024 23:14:35 +0100 libseccomp (2.5.5-1ubuntu1) noble; urgency=medium * Merge from Debian unstable; remaining changes: - Add autopkgtests * Added changes: - d/t/test-filter: generate syscalls list from src/syscalls.csv rather than shipping a static list to ensure all get tested via autopkgtests * Dropped changes: - d/t/data/all-5.16-rc1.filter: remove static syscall list -- Alex Murray Fri, 02 Feb 2024 13:30:43 +1030 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libseccomp/+bug/2064420/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064407] Re: Merge heimdal from Debian unstable for oracular
** Changed in: heimdal (Ubuntu) Assignee: (unassigned) => Andreas Hasenack (ahasenack) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to heimdal in Ubuntu. https://bugs.launchpad.net/bugs/2064407 Title: Merge heimdal from Debian unstable for oracular Status in heimdal package in Ubuntu: New Bug description: Upstream: tbd Debian: 7.8.git20221117.28daf24+dfsg-5 Ubuntu: 7.8.git20221117.28daf24+dfsg-5ubuntu3 Debian does new releases regularly, so it's likely there will be newer versions available before FF that we can pick up if this merge is done later in the cycle. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### heimdal (7.8.git20221117.28daf24+dfsg-5) unstable; urgency=medium * Apply NMU patches. Closes: #1065373. -- Brian May Sat, 09 Mar 2024 11:01:27 +1100 heimdal (7.8.git20221117.28daf24+dfsg-4.2) unstable; urgency=medium [ Matthias Klose ] * Filter-out -Werror=implicit-function-declaration, unconditionally set by abi=time64. -- Steve Langasek Fri, 08 Mar 2024 08:21:09 + heimdal (7.8.git20221117.28daf24+dfsg-4.1) unstable; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1064097 -- Lukas Märdian Wed, 28 Feb 2024 08:36:52 + heimdal (7.8.git20221117.28daf24+dfsg-4) unstable; urgency=medium * Always build the rk_strlcat and rk_strlcpy symbols even if included in glibc. Closes: #1055316. -- Brian May Wed, 03 Jan 2024 11:43:58 +1100 heimdal (7.8.git20221117.28daf24+dfsg-3) unstable; urgency=medium * Fix random 'Ticket expired' and 'Clock skew too great' errors by setting kdc_offset correctly. Closes: #1039992. -- Brian May Tue, 04 Jul 2023 10:09:56 +1000 heimdal (7.8.git20221117.28daf24+dfsg-2) unstable; urgency=medium * Fix incorrect license of Debian files. * Fix deprecated dependancies. * gsskrb5: fix accidental logic inversions (CVE-2022-45142) (Closes: #1030849) - change applied from NMU version 7.8.git20221117.28daf24+dfsg-1.1 * Add ro.po file. Closes: #1031897. -- Brian May Sat, 25 Feb 2023 09:32:57 +1100 heimdal (7.8.git20221117.28daf24+dfsg-1) unstable; urgency=medium * New upstream release. -- Brian May Sat, 10 Dec 2022 16:29:20 +1100 heimdal (7.8.git20221115.a6cf945+dfsg-3) unstable; urgency=medium * Source-only upload to enable migration to testingi (2nd attempt). -- Brian May Sun, 04 Dec 2022 09:56:06 +1100 heimdal (7.8.git20221115.a6cf945+dfsg-2) unstable; urgency=medium * Source-only upload to enable migration to testing. -- Brian May Sun, 04 Dec 2022 09:09:44 +1100 heimdal (7.8.git20221115.a6cf945+dfsg-1) unstable; urgency=medium * New upstream version. * Numerous security fixes (Closes: #1024187). * asn1: Invalid free in ASN.1 codec (CVE-2022-44640) * krb5: PAC parse integer overflows (CVE-2022-42898) * gsskrb5: Use constant-time memcmp() for arcfour unwrap (CVE-2022-3437) * gsskrb5: Use constant-time memcmp() in unwrap_des3() (CVE-2022-3437) * gsskrb5: Don't pass NULL pointers to memcpy() in DES unwrap (CVE-2022-3437) * gsskrb5: Avoid undefined behaviour in _gssapi_verify_pad() (CVE-2022-3437) * gsskrb5: Check the result of _gsskrb5_get_mech() (CVE-2022-3437) * gsskrb5: Check buffer length against overflow for DES{,3} unwrap (CVE-2022-3437) * gsskrb5: Check for overflow in _gsskrb5_get_mech() (CVE-2022-3437) * gsskrb5: Pass correct length to _gssapi_verify_pad() (CVE-2022-3437) * libhx509: Fix denial of service vulnerability (CVE-2022-41916) * spnego: send_reject when no mech selected (CVE-2021-44758) * Fix regression in _krb5_get_int64 on 32 bit systems. https://github.com/heimdal/heimdal/pull/1025 * Increment soname for libroken. * Increment soname for libhcrypto. * Remove legacy shared library version requirements. * Add symbols to libkadm5srv8. -- Brian May Sun, 27 Nov 2022 10:44:26 +1100 heimdal (7.7.0+dfsg-6) unstable; urgency=medium * Retry deleting dangling windc.so again. Closes: #857215. * Create /var/lib/heimdal-kdc/m-key not /var/lib/heimdal-kdc/heimdal.mkey. Closes: #964008. * Disable use of -rpath in krb5-config.heimdal. Closes: #868840. -- Brian May Mon, 05 Sep 2022 08:35:33 +1000 ### Old Ubuntu Delta ### heimdal (7.8.git20221117.28daf24+dfsg-5ubuntu3) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek Sun, 31 Mar 2024 18:24:27 + heimdal (7.8.git20221117.28
[Touch-packages] [Bug 2064408] Re: Merge init-system-helpers from Debian unstable for oracular
** Changed in: init-system-helpers (Ubuntu) Milestone: None => ubuntu-24.10-beta -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to init-system-helpers in Ubuntu. https://bugs.launchpad.net/bugs/2064408 Title: Merge init-system-helpers from Debian unstable for oracular Status in init-system-helpers package in Ubuntu: Incomplete Bug description: Scheduled-For: Backlog Upstream: tbd Debian: 1.66 Ubuntu: 1.66ubuntu1 foundations team has maintained this package's merge in the past. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### init-system-helpers (1.66) unstable; urgency=medium [ Samuel Thibault ] * Add hurd-amd64 case. [ Gioele Barabucci ] * d/init.lintian-overrides: Silence warning about 'Important' field `Important: yes` instructs APT to warn the user before removing this package. [ Johannes Schauer Marin Rodrigues ] * script/update-rc.d: DPKG_ROOT support for sysvinit [ Ansgar ] * Add 'Protected: yes' to package 'init' The 'Protected' field does the same as 'Important' already did in apt, but is also understood by dpkg (since dpkg 1.20.1). [ Luca Boccassi ] * Bump Standards-Version to 4.6.2, no changes * Override Lintian warning for Protected: yes * deb-systemd-invoke: support reload/reexec. This is useful for the --user case, to provide a shortcut that loops over all active user sessions over D-Bus. * deb-systemd-invoke: support --no-dbus for reload/reexec. Provide common implementation for SIGHUP/SIGRTMIN+25 to reload/reexec the system or user instances. -- Luca Boccassi Sun, 26 Nov 2023 20:42:28 + init-system-helpers (1.65.2) unstable; urgency=low * Undo yet another hostile and baseless NMU. -- Luca Boccassi Sun, 18 Sep 2022 02:53:19 +0100 init-system-helpers (1.65.1) unstable; urgency=low * Undo hostile NMU. -- Luca Boccassi Sun, 18 Sep 2022 01:53:32 +0100 init-system-helpers (1.65) unstable; urgency=low * Upload to unstable. -- Luca Boccassi Sat, 17 Sep 2022 21:11:07 +0100 init-system-helpers (1.65~exp2) experimental; urgency=medium * fakechroot tests: skip on architectures where it is not available -- Luca Boccassi Thu, 15 Sep 2022 21:14:08 +0100 init-system-helpers (1.65~exp1) experimental; urgency=medium [ Luca Boccassi ] * Drop outdated conflict with file-rc * Add myself to Uploaders * d/rules: use execute_after instead of override * Add a dependency on usrmerge | usr-is-merged to complete the transition. As per ctte decision and discussion at: https://lists.debian.org/debian-ctte/2022/07/msg00019.html https://lists.debian.org/debian-ctte/2022/07/msg00061.html https://lists.debian.org/debian-ctte/2022/08/msg6.html [ Victor Westerhuis ] * Make deb-systemd-helper work on template units with DefaultInstance. DefaultInstance only influences the meaning of WantedBy/RequiredBy. Alias and Also are not impacted. This patch does not enable changing template instantiations, so `deb-systemd-helper enable getty@tty2.service` will still fail. * Fix tests depending on ordering of lines in state file. The previous commit changes the order in which lines are written to the state file. Because correctness does not depend on the order in which the state file is written, ignore the order in the test. -- Luca Boccassi Sat, 10 Sep 2022 13:27:16 +0100 init-system-helpers (1.64) unstable; urgency=medium * Team upload. * d-s-h: break infinite recursion on symlinks. (Closes: #1014119) * Bump Standards-Version to 4.6.1, no changes * Update date ranges in d/copyright -- Luca Boccassi Mon, 04 Jul 2022 11:19:08 +0100 init-system-helpers (1.63) unstable; urgency=medium [ Debian Janitor ] * Remove constraints unnecessary since buster * init-system-helpers: Drop versioned constraint on perl-base in Depends. * init: Drop versioned constraint on init-system-helpers in Depends. [ Johannes Schauer Marin Rodrigues ] * t/helpers.pm: use installed version of deb-systemd-helper if TEST_INSTALLED is set * add DPKG_ROOT support (Closes: #983421) ### Old Ubuntu Delta ### init-system-helpers (1.66ubuntu1) noble; urgency=medium * Merge from Debian unstable. Remaining changes: - Drop dependency on usrmerge. -- Steve Langasek Tue, 05 Dec 2023 23:50:15 -0800 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/init-system-helpers/
[Touch-packages] [Bug 2064411] Re: Merge krb5 from Debian unstable for oracular
** Changed in: krb5 (Ubuntu) Assignee: (unassigned) => Andreas Hasenack (ahasenack) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to krb5 in Ubuntu. https://bugs.launchpad.net/bugs/2064411 Title: Merge krb5 from Debian unstable for oracular Status in krb5 package in Ubuntu: Incomplete Bug description: Scheduled-For: Backlog Upstream: tbd Debian: 1.20.1-6 Ubuntu: 1.20.1-6ubuntu2 There is nothing yet to merge for krb5 currently, but this ticket is filed prospectfully for tracking purposes in case a merge does become available later this cycle. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### krb5 (1.20.1-6) unstable; urgency=medium * Fix up libverto1*->libverto1*t64, Closes: #1065702 -- Sam Hartman Sun, 10 Mar 2024 19:36:33 -0600 krb5 (1.20.1-5.1) unstable; urgency=medium * Non-maintainer upload. * Rename libraries for 64-bit time_t transition. Closes: #1064164 -- Lukas Märdian Wed, 28 Feb 2024 15:25:37 + krb5 (1.20.1-5) unstable; urgency=medium [ Helmut Grohne ] * Annotate test dependencies . (Closes: #1054461) [ Sam Hartman ] * Fix keyutils to be linux-any -- Helmut Grohne Tue, 24 Oct 2023 07:17:27 +0200 krb5 (1.20.1-4) unstable; urgency=low [ Steve Langasek ] * libkrb5support0: require strict binary dependency to deal with glibc 2.38, Closes: #1043184 [Jelmer Vernooij] * krb5-user: Use alternatives for kinit, klist, kswitch, ksu, kpasswd, kdestroy, kadmin and ktutil. This allows installation together with heimdal-clients. Closes: #213316, #751203 [ Sam Hartman ] * Enable build-time tests, Thanks Andreas Hasenack, Closes: #1017763 * Work around doxygen change that breaks doc build, Thanks Greg Hudson, Closes: #1051523 -- Sam Hartman Mon, 11 Sep 2023 11:06:57 -0600 krb5 (1.20.1-3) unstable; urgency=high * Fixes CVE-2023-36054: a remote authenticated attacker can cause kadmind to free an uninitialized pointer. Upstream believes remote code execusion is unlikely, Closes: #1043431 -- Sam Hartman Mon, 14 Aug 2023 14:06:53 -0600 krb5 (1.20.1-2) unstable; urgency=medium * Tighten dependencies on libkrb5support0. This means that the entire upgrade from bullseye to bookworm needs to be lockstep, but it appears that's what is required, Closes: #1036055 -- Sam Hartman Mon, 15 May 2023 17:44:41 -0600 krb5 (1.20.1-1) unstable; urgency=high [ Bastian Germann ] * Sync debian/copyright with NOTICE from upstream [ Debian Janitor ] * Trim trailing whitespace. * Strip unusual field spacing from debian/control. * Use secure URI in Homepage field. * Merge upstream signing key files. * Update renamed lintian tag names in lintian overrides. * Update standards version to 4.6.1, no changes needed. * Remove field Section on binary package krb5-gss-samples that duplicates source. * Fix field name cases in debian/control (VCS-Browser => Vcs-Browser, VCS-Git => Vcs-Git). [ Sam Hartman ] * New upstream release - Integer overflows in PAC parsing; potentially critical for 32-bit KDCs or when cross-realm acts maliciously; DOS in other conditions; CVE-2022-42898, Closes: #1024267 * Tighten version dependencies around crypto library, Closes: 1020424 * krb5-user reccomends rather than Depends on krb5-config. This avoids a hard dependency on bind9-host, but also supports cases where krb5-config is externally managed, Closes: #1005821 -- Sam Hartman Thu, 17 Nov 2022 10:34:28 -0700 krb5 (1.20-1) unstable; urgency=medium * New Upstream Version * Do not specify master key type to avoid weak crypto, Closes: #1009927 -- Sam Hartman Fri, 22 Jul 2022 16:32:38 -0600 krb5 (1.20~beta1-1) experimental; urgency=medium * New Upstream version -- Sam Hartman Thu, 07 Apr 2022 11:57:27 -0600 krb5 (1.19.2-2) unstable; urgency=medium ### Old Ubuntu Delta ### krb5 (1.20.1-6ubuntu2) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek Sun, 31 Mar 2024 07:42:10 + krb5 (1.20.1-6ubuntu1) noble; urgency=medium * Fix tests with Python 3.12. -- Matthias Klose Sun, 24 Mar 2024 12:51:41 +0100 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/krb5/+bug/2064411/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help
[Touch-packages] [Bug 2064431] Re: Merge net-tools from Debian unstable for oracular
** Changed in: net-tools (Ubuntu) Assignee: (unassigned) => Lena Voytek (lvoytek) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to net-tools in Ubuntu. https://bugs.launchpad.net/bugs/2064431 Title: Merge net-tools from Debian unstable for oracular Status in net-tools package in Ubuntu: New Bug description: A merge of net-tools appears to be available presently. Upstream: tbd Debian: 2.10-1.1 Ubuntu: 2.10-0.1ubuntu4 If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### net-tools (2.10-1.1) unstable; urgency=medium * Non-maintainer upload. * Release to unstable. (Closes: #1059409) -- Chris Hofstaedtler Mon, 22 Apr 2024 01:55:29 +0200 net-tools (2.10-1) experimental; urgency=medium * Move to /usr-merge (DEP17). -- Utkarsh Gupta Thu, 23 Nov 2023 14:41:07 + net-tools (2.10-0.1) unstable; urgency=medium * Non-maintainer upload. * Update Martina's name and email address. * Drop DECnet support (Closes: #1024730) * Revert 'Fix d/watch to point to upstream git repository' * New upstream version 2.10 (Closes: #1000281) -- Bastian Germann Fri, 25 Nov 2022 15:15:20 +0100 net-tools (1.60+git20181103.0eebece-1) unstable; urgency=medium * New upstream version 1.60+git20181103.0eebece - Fix nstrcmp() to prevent ifconfig from showing duplicate interfaces. (Closes: #812886) * Fix d/watch to point to upstream git repository * Add patch to fix decoding of MII vendor ids. (Closes: #549397) - Thanks, Ben Hutchings, for the patch. * Add patch to fix Japanese translation which uses a wrong Kanji character. (Closes: #621752) - Thanks, Takeshi Hamasaki, for the patch. * Add patch to fix wrong indentation of 'collisions' in the Japanese translation. (Closes: #653117) - Thanks, NODA, Kai, for the patch. * Fix Uploaders' field. - Add myself as an uploader. - Fix Tina's details. -- Utkarsh Gupta Fri, 02 Oct 2020 15:01:04 +0530 net-tools (1.60+git20180626.aebd88e-1) unstable; urgency=medium * New upstream snapshot * Refresh patches. * Fix typos in German manpages. Thanks to Prof. Dr. Steffen Wendzel and Dr. Tobias Quathamer for the patch. Closes: #900962. -- Martina Ferrari Mon, 24 Sep 2018 19:08:57 + net-tools (1.60+git20161116.90da8a0-4) unstable; urgency=medium * Update maintainer email address. Closes: #899617. * Update Standards-Version with no changes. -- Martina Ferrari Mon, 24 Sep 2018 17:16:31 + net-tools (1.60+git20161116.90da8a0-3) unstable; urgency=medium * debian/control: Update Vcs-* and Standards-Version. * debian/control: remove references to ancient package ja-trans. * debian/gbp.conf: Update repo layout. -- Martina Ferrari Tue, 31 Jul 2018 19:09:00 + net-tools (1.60+git20161116.90da8a0-2) unstable; urgency=medium * Fix typo in French manpage. Thanks to Michel Grigaut for the patch. * Add manpage for iptunnel, thanks to Sergio Durigan Junior. Closes: #88910 * Rename patches so CME does not choke on them. * Automated cme fixes; packaging improvements. * Remove unused and ancient patch. -- Martina Ferrari Sun, 11 Feb 2018 17:29:24 + net-tools (1.60+git20161116.90da8a0-1) unstable; urgency=medium * New upstream snapshot. * Re-synced translations.patch. * Acknowledge NMUs. Thanks a lot to Andrey Rahmatullin for the fixes and uploads. Closes: 846509. * Fix FTCBFS, thanks to Helmut Grohne for the patch. Closes: #811561. + Really assign CC for cross compilation. + Use triplet prefixed pkg-config. * Add debian/NEWS warning about changing output in net-tools commands. Closing bugs that reported problems in 3rd-party scripts arising from these changes. Closes: #845153, #843892, #820212. * Update Standards-Version, with no changes. -- Martina Ferrari Mon, 26 Dec 2016 05:58:42 + net-tools (1.60+git20150829.73cef8a-2.2) unstable; urgency=medium * Non-maintainer upload. * Apply an additional fix for the previous FTBFS for some architectures. -- Andrey Rahmatullin Thu, 01 Dec 2016 22:49:27 +0500 ### Old Ubuntu Delta ### net-tools (2.10-0.1ubuntu4) noble; urgency=high * No change rebuild for 64-bit time_t and frame pointers. -- Julian Andres Klode Mon, 08 Apr 2024 18:14:15 +0200 net-tools (2.10-0.1ubuntu3) lunar; urgency=medium * Further fixes for mismerge. -- Steve Langasek Tue, 13 Dec 2022 13:49:51 -0800 net-tools (2.10-0.1ubuntu2) lunar;
[Touch-packages] [Bug 2064434] Re: Merge openldap from Debian unstable for oracular
** Changed in: openldap (Ubuntu) Assignee: (unassigned) => Sergio Durigan Junior (sergiodj) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openldap in Ubuntu. https://bugs.launchpad.net/bugs/2064434 Title: Merge openldap from Debian unstable for oracular Status in openldap package in Ubuntu: New Bug description: Upstream: tbd Debian: 2.5.17+dfsg-12.6.7+dfsg-1~exp1 Ubuntu: 2.6.7+dfsg-1~exp1ubuntu8 Debian new has 2.6.7+dfsg-1~exp1, which may be available for merge soon. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### openldap (2.5.17+dfsg-1) unstable; urgency=medium * New upstream release. - fixed slapo-dynlist so it can't be global (ITS#10091) (Closes: #1040382) * debian/copyright: Exclude doc/guide/admin/guide.html from the upstream source, because the tool required to build it from source is not packaged in Debian. Fixes a Lintian error (source-is-missing). * Update Swedish debconf translation. (Closes: #1056955) Thanks to Martin Bagge and Anders Jonsson. * debian/salsa-ci.yml: Enable Salsa CI pipeline. -- Ryan Tandy Fri, 26 Apr 2024 16:09:29 -0700 openldap (2.5.16+dfsg-2) unstable; urgency=medium * debian/patches/64-bit-time-t-compat: handle sizeof(time_t) > sizeof(long) in format strings. -- Steve Langasek Tue, 12 Mar 2024 06:26:07 + openldap (2.5.16+dfsg-1) unstable; urgency=medium [ Ryan Tandy ] * New upstream release. - fixed possible null pointer dereferences if strdup fails (ITS#9904) (Closes: #1036995, CVE-2023-2953) - fixed unaligned accesses in LMDB on sparc64 (ITS#9916) (Closes: #1020319) * Update Turkish debconf translation. (Closes: #1029758) Thanks to Atila KOÇ. * Add Romanian debconf translation. (Closes: #1033177) Thanks to Remus-Gabriel Chelu. * Create an autopkgtest covering basic TLS functionality. Thanks to John Scott. * Drop transitional package slapd-smbk5pwd. (Closes: #1032742) * Drop dbgsym migration for slapd-dbg. * Build and install the ppm module in slapd-contrib. (Closes: #1039740) * Fix implicit declaration of kadm5_s_init_with_password_ctx. (Closes: #1065633) [ Sergio Durigan Junior ] * d/control: Bump Standards-Version to 4.6.2; no changes needed. * d/control: Bump debhelper-compat to 13. * d/control: Drop lsb-base from slapd's Depends. * Enable SASL/GSSAPI tests. Thanks to Andreas Hasenack -- Ryan Tandy Fri, 08 Mar 2024 21:46:26 -0800 openldap (2.5.13+dfsg-5) unstable; urgency=medium * Fix sha2-contrib autopkgtest failure. Call slappasswd using its full path. (Closes: #1030814) * Disable flaky test test069-delta-multiprovider-starttls. -- Ryan Tandy Tue, 07 Feb 2023 17:56:12 -0800 openldap (2.5.13+dfsg-4) unstable; urgency=medium [ Andreas Hasenack ] * d/rules: Fix passwd/sha2 build (Closes: #1030716, LP: #2000817) * d/t/sha2-contrib: add test for sha2 module -- Ryan Tandy Mon, 06 Feb 2023 19:21:05 -0800 openldap (2.5.13+dfsg-3) unstable; urgency=medium [ Ryan Tandy ] * Disable flaky test test063-delta-multiprovider. Mitigates #1010608. [ Gioele Barabucci ] * slapd.scripts-common: Avoid double-UTF8-encoding org name (Closes: #1016185) * d/slapd.scripts-common: Remove outdated `migrate_to_slapd_d_style` * d/slapd.postinst: Remove test for ancient version * slapd.scripts-common: Remove unused `normalize_ldif` * d/slapd.scripts-common: Use sed instead of perl in `release_diagnostics` -- Ryan Tandy Fri, 13 Jan 2023 16:29:59 -0800 openldap (2.5.13+dfsg-2) unstable; urgency=medium * d/tests/smbk5pwd: Grant slapd access to /var/lib/heimdal-kdc. Fixes the autopkgtest failure due to heimdal setting mode 700 on this directory. (Closes: #1020442) * d/source/lintian-overrides: Add wildcards to make overrides compatible with both older and newer versions of lintian. * d/slapd-contrib.lintian-overrides: Remove unused custom-library-search-path override now that krb5-config no longer sets -rpath. -- Ryan Tandy Sat, 24 Sep 2022 12:40:21 -0700 openldap (2.5.13+dfsg-1) unstable; urgency=medium * d/rules: Remove get-orig-source, now unnecessary. * Check PGP signature when running uscan. * d/watch: Modernize watch file; use repacksuffix. * d/copyright: Update according to DEP-5. * d/control: Add myself to Uploaders. * New upstream release. ### Old Ubuntu Delta ### openldap (2.6.7+dfsg-1~exp1ubuntu8) noble; urgency=medium
[Touch-packages] [Bug 2064457] Re: Merge rsync from Debian unstable for oracular
** Changed in: rsync (Ubuntu) Assignee: (unassigned) => Sergio Durigan Junior (sergiodj) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsync in Ubuntu. https://bugs.launchpad.net/bugs/2064457 Title: Merge rsync from Debian unstable for oracular Status in rsync package in Ubuntu: New Bug description: Upstream: tbd Debian: 3.3.0-1 Ubuntu: 3.2.7-1ubuntu1 Debian does new releases regularly, so it's likely there will be newer versions available before FF that we can pick up if this merge is done later in the cycle. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### rsync (3.3.0-1) unstable; urgency=medium [ Aquila Macedo Costa ] * d/control: Bump Standards-Version to 4.6.2 [ Samuel Henrique ] * New upstream version 3.3.0 (closes: #1068630) * Bump Standards-Version to 4.7.0 * Update patches * d/patches: Drop merged patches * d/control: Drop dependency on lsb-base * d/rsync.lintian-overrides: Update overrides -- Samuel Henrique Fri, 12 Apr 2024 00:28:29 +0100 rsync (3.2.7-1) unstable; urgency=medium [ Juri Grabowski ] * New upstream version 3.2.7 * Remove patches included in new release [ Helmut Grohne ] * Fix FTCBFS: Use native instances for python build depends (closes: #1022988). [ Samuel Henrique ] * d/rsync.lintian-overrides: Update findings as per lintian changes * d/patches: Add two upstream patches to fix issues post 3.2.7 release: - trust_the_sender_on_a_local_transfer.patch - avoid_quoting_of_tilde_when_its_a_destination_arg.patch -- Samuel Henrique Sun, 18 Dec 2022 14:10:54 + rsync (3.2.6-4) unstable; urgency=medium * Upload to unstable - d/patches: ~ fix_files_from.patch: Upstream patch to address the files-from issue. ~ fix_relative.patch: Upstream patch to fix exclusion of /. with --relative. ~ fix_remote_filter_rules_validation.patch: Upstream patch to fix bug with validating remote filter rules. (closes: #1018296, #1019561) -- Samuel Henrique Wed, 21 Sep 2022 18:58:57 +0100 rsync (3.2.6-3) experimental; urgency=medium * d/patches: - fix_files_from.patch: Upstream patch to address the files-from issue, likely to also be related to #1019561 and #1018296 - fix_relative.patch: Upstream patch to fix exclusion of /. with --relative -- Samuel Henrique Wed, 14 Sep 2022 19:25:19 +0100 rsync (3.2.6-2) experimental; urgency=medium * d/p/fix_remote_filter_rules_validation.patch: New upstream patch to try to fix #1019561 and #1018296 -- Samuel Henrique Tue, 13 Sep 2022 20:55:01 +0100 rsync (3.2.6-1) unstable; urgency=medium * New upstream version 3.2.6 - Added a safety check that prevents the sender from removing destination files when a local copy using --remove-source-files has some files that are shared between the sending & receiving hierarchies, including the case where the source dir & destination dir are identical (closes: #1016102) * Bump Standards-Version to 4.6.1 -- Samuel Henrique Sat, 10 Sep 2022 20:03:51 +0100 rsync (3.2.5-1) unstable; urgency=medium * New upstream version 3.2.5 - Added some file-list safety checking that helps to ensure that a rogue sending rsync can't add unrequested top-level names and/or include recursive names that should have been excluded by the sender. These extra safety checks only require the receiver rsync to be updated. When dealing with an untrusted sending host, it is safest to copy into a dedicated destination directory for the remote content (i.e. don't copy into a destination directory that contains files that aren't from the remote host unless you trust the remote host) (closes: #1016543, CVE-2022-29154). - The build date that goes into the manpages is now based on the developer's release date, not on the build's local-timezone interpretation of the date (closes: #1009981) -- Samuel Henrique Tue, 16 Aug 2022 11:03:48 +0100 rsync (3.2.4-1) unstable; urgency=medium [ Samuel Henrique ] * New upstream version 3.2.4 - Work around a glibc bug where lchmod() breaks in a chroot w/o /proc mounted (closes: #995046). - rsync.1: remove prepended backticks which broke --stop-after and --stop-at formatting (closes: #1007990). ### Old Ubuntu Delta ### rsync (3.2.7-1ubuntu1) noble; urgency=medium * add d/p/fix_crashes_wi
[Touch-packages] [Bug 2064370] Re: Blank screen after boot in raspberry pi 4
** Package changed: software-properties (Ubuntu) => linux-raspi (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to software-properties in Ubuntu. https://bugs.launchpad.net/bugs/2064370 Title: Blank screen after boot in raspberry pi 4 Status in linux-raspi package in Ubuntu: New Bug description: I just flashed noble arm64+raspi image and booted it in my raspberry pi 4, and after initial rainbow screen kernel boots with 4 raspberries on the top and boot text appears as normal. But then, before it finishes booting, the screen goes blank. Image is ubuntu-24.04-preinstalled-server-arm64+raspi.img.xz downloaded at Apr/30. ubuntu@ubuntu:~$ uname -a Linux ubuntu 6.8.0-1004-raspi #4-Ubuntu SMP PREEMPT_DYNAMIC Sat Apr 20 02:29:55 UTC 2024 aarch64 aarch64 aarch64 GNU/Linux I know the system booted because I can access it over the network and I even plugged a usb-serial adapter in the uart GPIOs and from there I can see the boot does progress to completion and offers me a prompt where I can use the system normally. But the HDMI screen stays blank. The funny thing is that I have been trying daily builds for quite some time now and they used to work well, this is the first one that does this (the official release). After testing some config options I found that if I change "dtoverlay=vc4-kms-v3d" for "dtoverlay=vc4-fkms-v3d" in config.txt then it boots ok and the screen stays on (note the change from kms to fkms). I also tried appending ",cma-128" to that line (it is present on other lines -- like for pi3 and pi0 -- but not on this one), it does not help. I don't think the issue is with my monitor since it works well for a long time. Also I checked EDIDs, they are detected when using fkms but they are blank when using kms: With KMS: ubuntu@ubuntu:~$ edid-decode /sys/class/drm/card0-HDMI-A-1/edid EDID of '/sys/class/drm/card0-HDMI-A-1/edid' was empty. With fKMS: ubuntu@ubuntu:~$ edid-decode /sys/class/drm/card0-HDMI-A-1/edid edid-decode (hex): 00 ff ff ff ff ff ff 00 49 f7 00 00 00 00 00 00 01 1a 01 03 80 00 00 00 0a d7 a5 a2 59 4a 96 24 .. (supressed) I do not use a graphical environment on this unit so I don't know the consequences of this change (to me it just fixes the issue, but I guess it was there for a reason). Let me know if you need any other information from the environment. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux-raspi/+bug/2064370/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2056758] Re: ubuntu-bug doesn't let me file bugs for Snap thunderbird
Filing a bug with `ubuntu-bug thunderbird` now works for me on apport (2.28.1-0ubuntu3). -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apport in Ubuntu. https://bugs.launchpad.net/bugs/2056758 Title: ubuntu-bug doesn't let me file bugs for Snap thunderbird Status in Apport: Fix Committed Status in apport package in Ubuntu: Fix Committed Status in thunderbird package in Ubuntu: Invalid Status in apport source package in Noble: Fix Committed Bug description: I'm trying to report a bug in the new Snap for Thunderbird. When I run "ubuntu-bug thunderbird", it: * Collects information correctly after I input the sudo password * Opens a page like https://bugs.launchpad.net/distros/+filebug/a9564134-dfa6-11ee-85a7-c7116d9f638e?, which does not seem to be valid. This is not the case for Firefox, which works fine with ubuntu-bug. ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: apport 2.28.0-0ubuntu1 ProcVersionSignature: Ubuntu 6.8.0-11.11-generic 6.8.0-rc4 Uname: Linux 6.8.0-11-generic x86_64 NonfreeKernelModules: wl ApportVersion: 2.28.0-0ubuntu1 Architecture: amd64 CasperMD5CheckResult: pass CrashReports: 640:1000:124:483410:2024-03-11 14:47:26.874792575 +0400:2024-03-11 14:47:27.874792575 +0400:/var/crash/_opt_Citrix_ICAClient_util_storebrowse.1000.crash 640:0:124:29135:2024-03-10 17:02:30.124656623 +0400:2024-03-10 17:02:30.124656623 +0400:/var/crash/_usr_share_apport_apport.0.crash CurrentDesktop: KDE Date: Mon Mar 11 16:54:18 2024 InstallationDate: Installed on 2022-08-29 (560 days ago) InstallationMedia: Kubuntu 22.04.1 LTS "Jammy Jellyfish" - Release amd64 (20220809.1) PackageArchitecture: all SourcePackage: apport UpgradeStatus: Upgraded to noble on 2024-02-23 (17 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/apport/+bug/2056758/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1898483] Re: [Inspiron 7591, Realtek ALC3254, Speaker, Internal] No sound at all despite the sound bars moving fine and device detected
@trurl42, seems you have different machine which I will need alsa-info and dmesg for your config. Could you file another bug and attached the detail information as comment #1. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to alsa-driver in Ubuntu. https://bugs.launchpad.net/bugs/1898483 Title: [Inspiron 7591, Realtek ALC3254, Speaker, Internal] No sound at all despite the sound bars moving fine and device detected Status in alsa-driver package in Ubuntu: Incomplete Bug description: The volume bars in sound settings react to what sound is played correctly but I can't hear any sounds ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: alsa-base 1.0.25+dfsg-0ubuntu5 ProcVersionSignature: Ubuntu 5.4.0-49.53-generic 5.4.65 Uname: Linux 5.4.0-49-generic x86_64 ApportVersion: 2.20.11-0ubuntu27.9 Architecture: amd64 AudioDevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: paramvir 1924 F pulseaudio /dev/snd/pcmC0D0p: paramvir 1924 F...m pulseaudio /dev/snd/pcmC0D6c: paramvir 1924 F...m pulseaudio CasperMD5CheckResult: skip CurrentDesktop: ubuntu:GNOME Date: Mon Oct 5 02:22:25 2020 InstallationDate: Installed on 2020-04-26 (161 days ago) InstallationMedia: Ubuntu 18.04.4 LTS "Bionic Beaver" - Release amd64 (20200203.1) PackageArchitecture: all SourcePackage: alsa-driver Symptom: audio Symptom_AlsaPlaybackTest: ALSA playback test through plughw:sofhdadsp failed Symptom_Card: Cannon Lake PCH cAVS - sof-hda-dsp Symptom_DevicesInUse: USERPID ACCESS COMMAND /dev/snd/controlC0: paramvir 1924 F pulseaudio /dev/snd/pcmC0D0p: paramvir 1924 F...m pulseaudio /dev/snd/pcmC0D6c: paramvir 1924 F...m pulseaudio Symptom_Jack: Speaker, Internal Symptom_Type: No sound at all Title: [Inspiron 7591, Realtek ALC3254, Speaker, Internal] No sound at all UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 07/22/2019 dmi.bios.vendor: Dell Inc. dmi.bios.version: 1.3.0 dmi.board.name: 0K1VDX dmi.board.vendor: Dell Inc. dmi.board.version: A00 dmi.chassis.type: 10 dmi.chassis.vendor: Dell Inc. dmi.modalias: dmi:bvnDellInc.:bvr1.3.0:bd07/22/2019:svnDellInc.:pnInspiron7591:pvr:rvnDellInc.:rn0K1VDX:rvrA00:cvnDellInc.:ct10:cvr: dmi.product.family: Inspiron dmi.product.name: Inspiron 7591 dmi.product.sku: 0923 dmi.sys.vendor: Dell Inc. mtime.conffile..etc.modprobe.d.alsa-base.conf: 2020-10-04T03:10:08.906233 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/1898483/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064096] Re: rsyslog service timeout on noble numbat
I think neither rsyslog, nor cups, or sssd, are the correct packages for this bug, but I agree that spreading out the investigation over two different bugs is not good. I'll mark https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/2064088 as a duplicate, and add cups and sssd tasks to this one for tracking purposes, but I suspect the fix will be elsewhere in the end. ** Also affects: sssd (Ubuntu) Importance: Undecided Status: New ** Also affects: cups (Ubuntu) Importance: Undecided Status: New ** Summary changed: - rsyslog service timeout on noble numbat + Services fail to start in noble deployed with TPM+FDE ** Changed in: sssd (Ubuntu) Status: New => Confirmed ** Changed in: cups (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/2064096 Title: Services fail to start in noble deployed with TPM+FDE Status in cups package in Ubuntu: Confirmed Status in rsyslog package in Ubuntu: Confirmed Status in sssd package in Ubuntu: Confirmed Bug description: What's known so far: - 24.04 desktop deployed with TPM+FDE shows this bug - services confined with apparmor that need to access something in /run/systemd (like the notify socket) fail to do so, even if the apparmor profile is in complain mode. And the apparmor profile does already have rules to allow that access - only after running aa-disable can the service start fine - paths logged by the apparmor DENIED or ALLOWED messages are missing the "/run" prefix from "/run/systemd/..". - When we add rules to the profile using "/systemd/" (i.e., also dropping the /run prefix), then it works - other access in /run/systemd/ are also blocked, but the most noticeable one is the notify mechanism - comment #2 also states that azure CVM images are also impacted - comment #4 has instructions on how to create such a VM locally with LXD vms Original description follows: This might be related to #2064088 The rsyslog service is continually timing out and restarting. If I use a service drop-in file and change the 'Type' from 'notify' to 'simple', the service starts and appears to work normally. In the journal, I can see the attached apparmor errors. I can't make sense of them, but if it's a similar issue to #2064088, then I suspect apparmor is preventing the systemd notify function from alerting systemd that the service is up and running. ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: rsyslog 8.2312.0-3ubuntu9 ProcVersionSignature: Ubuntu 6.8.0-31.31-generic 6.8.1 Uname: Linux 6.8.0-31-generic x86_64 ApportVersion: 2.28.1-0ubuntu2 Architecture: amd64 CasperMD5CheckMismatches: ./boot/grub/grub.cfg CasperMD5CheckResult: fail CurrentDesktop: ubuntu:GNOME Date: Mon Apr 29 10:37:46 2024 ProcEnviron: LANG=en_GB.UTF-8 PATH=(custom, no user) SHELL=/bin/bash TERM=xterm-256color XDG_RUNTIME_DIR= SourcePackage: rsyslog UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/cups/+bug/2064096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064096] Re: Services fail to start in noble deployed with TPM+FDE
** Description changed: + What's known so far: + - 24.04 desktop deployed with TPM+FDE shows this bug + - services confined with apparmor that need to access something in /run/systemd (like the notify socket) fail to do so, even if the apparmor profile is in complain mode + - only after running aa-disable can the service start fine + - paths logged by the apparmor DENIED or ALLOWED messages are missing the "/run" prefix from "/run/systemd/.." + - other access in /run/systemd/ are also blocked, but the most noticeable one is the notify mechanism + - comment #2 also states that azure CVM images are also impacted + + + Original description follows: + This might be related to #2064088 The rsyslog service is continually timing out and restarting. If I use a service drop-in file and change the 'Type' from 'notify' to 'simple', the service starts and appears to work normally. In the journal, I can see the attached apparmor errors. I can't make sense of them, but if it's a similar issue to #2064088, then I suspect apparmor is preventing the systemd notify function from alerting systemd that the service is up and running. ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: rsyslog 8.2312.0-3ubuntu9 ProcVersionSignature: Ubuntu 6.8.0-31.31-generic 6.8.1 Uname: Linux 6.8.0-31-generic x86_64 ApportVersion: 2.28.1-0ubuntu2 Architecture: amd64 CasperMD5CheckMismatches: ./boot/grub/grub.cfg CasperMD5CheckResult: fail CurrentDesktop: ubuntu:GNOME Date: Mon Apr 29 10:37:46 2024 ProcEnviron: - LANG=en_GB.UTF-8 - PATH=(custom, no user) - SHELL=/bin/bash - TERM=xterm-256color - XDG_RUNTIME_DIR= + LANG=en_GB.UTF-8 + PATH=(custom, no user) + SHELL=/bin/bash + TERM=xterm-256color + XDG_RUNTIME_DIR= SourcePackage: rsyslog UpgradeStatus: No upgrade log present (probably fresh install) ** Description changed: What's known so far: - 24.04 desktop deployed with TPM+FDE shows this bug - services confined with apparmor that need to access something in /run/systemd (like the notify socket) fail to do so, even if the apparmor profile is in complain mode - only after running aa-disable can the service start fine - paths logged by the apparmor DENIED or ALLOWED messages are missing the "/run" prefix from "/run/systemd/.." - other access in /run/systemd/ are also blocked, but the most noticeable one is the notify mechanism - comment #2 also states that azure CVM images are also impacted - + - comment #4 has instructions on how to create such a VM locally with LXD vms Original description follows: This might be related to #2064088 The rsyslog service is continually timing out and restarting. If I use a service drop-in file and change the 'Type' from 'notify' to 'simple', the service starts and appears to work normally. In the journal, I can see the attached apparmor errors. I can't make sense of them, but if it's a similar issue to #2064088, then I suspect apparmor is preventing the systemd notify function from alerting systemd that the service is up and running. ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: rsyslog 8.2312.0-3ubuntu9 ProcVersionSignature: Ubuntu 6.8.0-31.31-generic 6.8.1 Uname: Linux 6.8.0-31-generic x86_64 ApportVersion: 2.28.1-0ubuntu2 Architecture: amd64 CasperMD5CheckMismatches: ./boot/grub/grub.cfg CasperMD5CheckResult: fail CurrentDesktop: ubuntu:GNOME Date: Mon Apr 29 10:37:46 2024 ProcEnviron: LANG=en_GB.UTF-8 PATH=(custom, no user) SHELL=/bin/bash TERM=xterm-256color XDG_RUNTIME_DIR= SourcePackage: rsyslog UpgradeStatus: No upgrade log present (probably fresh install) ** Description changed: What's known so far: - 24.04 desktop deployed with TPM+FDE shows this bug - - services confined with apparmor that need to access something in /run/systemd (like the notify socket) fail to do so, even if the apparmor profile is in complain mode + - services confined with apparmor that need to access something in /run/systemd (like the notify socket) fail to do so, even if the apparmor profile is in complain mode. And the apparmor profile does already have rules to allow that access - only after running aa-disable can the service start fine - - paths logged by the apparmor DENIED or ALLOWED messages are missing the "/run" prefix from "/run/systemd/.." + - paths logged by the apparmor DENIED or ALLOWED messages are missing the "/run" prefix from "/run/systemd/..". When we add rules to the profile using "/systemd/" (i.e., also dropping the /run prefix), then it works - other access in /run/systemd/ are also blocked, but the most noticeable one is the notify mechanism - comment #2 also states that azure CVM images are also impacted - comment #4 has instructions on how to create such a VM locally with LXD vms Original description follows: This might be related to #2064088 The rsyslog service is cont
[Touch-packages] [Bug 2057687] Re: systemctl hibernate error: "Call to Hibernate failed: Invalid argument"
My workaround is this command: "sudo fwts s4" It hibernates the system without any change to the setup. It is not very nice but works for now. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to systemd in Ubuntu. https://bugs.launchpad.net/bugs/2057687 Title: systemctl hibernate error: "Call to Hibernate failed: Invalid argument" Status in systemd package in Ubuntu: Confirmed Bug description: After upgrading systemd to 255(255.2-3ubuntu2) hibernate stopped working. Trying to hibernate: systemctl hibernate I get: Call to Hibernate failed: Invalid argument systemctl status systemd-hibernate.service - × systemd-hibernate.service - Hibernate Loaded: loaded (/usr/lib/systemd/system/systemd-hibernate.service; static) Active: failed (Result: exit-code) since Tue 2024-03-12 18:48:12 MSK; 1min 33s ago Docs: man:systemd-hibernate.service(8) Process: 4473 ExecStart=/usr/lib/systemd/systemd-sleep hibernate (code=exited, status=1/FAILURE) Main PID: 4473 (code=exited, status=1/FAILURE) CPU: 5ms мар 12 18:48:12 ASUSPRO-P3540FA systemd[1]: Starting systemd-hibernate.service - Hibernate... мар 12 18:48:12 ASUSPRO-P3540FA systemd-sleep[4473]: Failed to find location to hibernate to: Invalid argument мар 12 18:48:12 ASUSPRO-P3540FA systemd[1]: systemd-hibernate.service: Main process exited, code=exited, status=1/FAILURE мар 12 18:48:12 ASUSPRO-P3540FA systemd[1]: systemd-hibernate.service: Failed with result 'exit-code'. мар 12 18:48:12 ASUSPRO-P3540FA systemd[1]: Failed to start systemd-hibernate.service - Hibernate. -- Previous version (254.x) worked: swapfile(on EXT4 fs) is used to hibernate/resume, resume with resume_offset kernel parameters. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/2057687/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064485] Re: Discover crasFrequent crashes in plasma-discover with libglib-2.0 errorshes after click on apps or extension for apps or plasma extensions
Thanks but I'm deleting that file since it might include private/sensitive information and shouldn't be attached to a public report, please follow the instruction from the previous post to submit it properly to the error tracker instead ** Attachment removed: "_usr_bin_plasma-discover.1000.crash" https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/2064485/+attachment/5773561/+files/_usr_bin_plasma-discover.1000.crash -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to glib2.0 in Ubuntu. https://bugs.launchpad.net/bugs/2064485 Title: Discover crasFrequent crashes in plasma-discover with libglib-2.0 errorshes after click on apps or extension for apps or plasma extensions Status in glib2.0 package in Ubuntu: Invalid Bug description: Description: I am experiencing frequent crashes with the application plasma-discover on Ubuntu 22.04.4 LTS. These crashes occur when I attempt to access the update functions within the Discover UI. Terminal outputs and system logs indicate issues with libglib-2.0, showing repeated trap int3 errors, which are typically used for debug breakpoints in development builds. Expected Behavior: Plasma Discover should run smoothly, allowing the management of software updates and installations without crashing. Actual Behavior: Discover crashes frequently, especially when trying to access the updates section or other specific parts of the application. Steps Attempted: Resetting configuration files for Discover. Running Discover from the terminal to capture any error outputs. System update and reinstallation of plasma-discover and its dependencies. Analyzing system logs with journalctl, which showed repeated issues with libglib-2.0. System and Package Information: Ubuntu Version: 22.04.4 LTS Package Versions: libglib2.0-0: Installed: 2.72.4-0ubuntu2.2 plasma-discover: Installed: 5.24.7-0ubuntu0.1 This issue significantly impacts the functionality of the Discover application, hindering routine software management and updates. Any assistance or resolution would be greatly appreciated. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: libglib2.0-0 2.72.4-0ubuntu2.2 ProcVersionSignature: Ubuntu 6.5.0-28.29~22.04.1-generic 6.5.13 Uname: Linux 6.5.0-28-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.5 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: KDE Date: Wed May 1 09:58:53 2024 SourcePackage: glib2.0 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/2064485/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2055776] Re: After updating ubuntu, the network to which the subnet address is assigned does not become active in KVM.
I'm sorry, but if this means that in the default configuration this is no longer working, how is this not a regression ? Should the default configuration not be so that both bind9 and libvirtd can be installed and used without issue as was the case before the dnsmasq update? Breaking this within an LTS release does not sounds right to me. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to dnsmasq in Ubuntu. https://bugs.launchpad.net/bugs/2055776 Title: After updating ubuntu, the network to which the subnet address is assigned does not become active in KVM. Status in dnsmasq package in Ubuntu: Invalid Bug description: phenomenon: After updating ubuntu, the network to which the subnet address is assigned does not become active in KVM. Cause: This is because the following dnsmasq update operation performed by apt's automatic update causes an error. It worked properly with dnsmasq 2.80, but does not work properly with 2.90. $ cat /var/log/apt/history.log (snip) Start-Date: 2024-02-27 06:17:31 Commandline: /usr/bin/unattended-upgrade Upgrade: dnsmasq-base:amd64 (2.80-1.1ubuntu1.7, 2.90-0ubuntu0.20.04.1) End-Date: 2024-02-27 06:17:44 (snip) $ Cause details: As a premise, bind-dynamic is set in the dnsmasq config file for KVM. Below is an example. $ cat default.conf ##WARNING: THIS IS AN AUTO-GENERATED FILE. CHANGES TO IT ARE LIKELY TO BE ##OVERWRITTEN AND LOST. Changes to this configuration should be made using: ##virsh net-edit default ## or other application using the libvirt API. ## ## dnsmasq conf file created by libvirt strict-order user=libvirt-dnsmasq pid-file=/run/libvirt/network/default.pid except-interface=lo bind-dynamic interface=virbr0 dhcp-range=192.168.122.2,192.168.122.254,255.255.255.0 dhcp-no-override dhcp-authoritative dhcp-lease-max=253 dhcp-hostsfile=/var/lib/libvirt/dnsmasq/default.hostsfile addn-hosts=/var/lib/libvirt/dnsmasq/default.addnhosts $ When starting the network with KVM (virsh net-start), dnsmasq started from KVM executes the make_sock function twice as shown below. $ cat network.c (snip) 1087 static struct listener *create_listeners(union mysockaddr *addr, int do_ 1087 tftp, int dienow) 1088 { 1089 struct listener *l = NULL; 1090 int fd = -1, tcpfd = -1, tftpfd = -1; 1091 1092 (void)do_tftp; 1093 1094 if (daemon->port != 0) 1095 { 1096 fd = make_sock(addr, SOCK_DGRAM, dienow); 1097 tcpfd = make_sock(addr, SOCK_STREAM, dienow); 1098 } (snip) The following code causes an issue with the update made in dnsmasq 2.90. $ cat network.c (snip) 895 static int make_sock(union mysockaddr *addr, int type, int dienow) 896 { (snip) 934 if (!option_bool(OPT_CLEVERBIND) || errno != EADDRNOTAVAIL) 935 { 936 if (dienow) 937 die(s, daemon->addrbuff, EC_BADNET); 938 else 939 my_syslog(LOG_WARNING, s, daemon->addrbuff, strerror(errno))939 ; 940 } (snip) function "make_sock" in network.c:1096 binds the socket to 192.168.122.1/24, and then make_sock in network.c:1097 tries to bind to the same address. However, in network.c:934, when errno==98 occurs, network.c:937 is executed, so dnsmasq does not cause a startup error. As a result, virsh net-start fails. As a temporary workaround, it will work if you try not to die. $ diff -u network_c_back network.c --- network_c_back 2024-02-29 15:36:05.156467935 + +++ network.c 2024-02-29 15:36:38.733324350 + @@ -934,7 +934,8 @@ if (!option_bool(OPT_CLEVERBIND) || errno != EADDRNOTAVAIL) { if (dienow) - die(s, daemon->addrbuff, EC_BADNET); + my_syslog(LOG_WARNING, s, daemon->addrbuff, strerror(errno)); + //die(s, daemon->addrbuff, EC_BADNET); else my_syslog(LOG_WARNING, s, daemon->addrbuff, strerror(errno)); } $ If bind-dynamic is set, it should be modified so that it works even if errno==98. For reference, in the case of dnsmasq 2.80, the code is as follows, so no error occurs. network.c 699 static int make_sock(union mysockaddr *addr, int type, int dienow) 700 { 701 int family = addr->sa.sa_family; 702 int fd, rc, opt = 1; (snip) 715 err: 716 errsave = errno; 717 port = prettyprint_addr(addr, daemon->addrbuff); 718 if (!option_bool(OPT_NOWILD) && !option_bool(OPT_CLEVERBIND)) 719 sprintf(daemon->addrbuff, "port %d", port); 720 s = _("failed to create listening socket for %s: %s"); 721 722 if (fd != -1) 723 close (fd); 724 725 errno = errsave;
[Touch-packages] [Bug 2058690] Re: aa-easyprof: allow mmap and link from easyprof generated profiles
Hmm... indeed! I'll re-investigate why we need `m` permission by the default. I assume that if there's something that actually need `m` permission, a new key in the easyprof manifest would be needed, right? As for `l` rule for writes, do you think it's safe to add? Given that "the new link MUST have a subset of permissions as the original file" [1], this shouldn't be able to be used to open up more permission. [1]: https://manpages.debian.org/bookworm/apparmor/apparmor.d.5.en.html#l~2 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2058690 Title: aa-easyprof: allow mmap and link from easyprof generated profiles Status in apparmor package in Ubuntu: New Bug description: Currently, an easyprof-generated profile will list the reads with `rk` and the writes as `rwk`. With recent Qt, this breaks because newer Qt versions use hard-linking of temporary files to perform atomic writes. Also, `rk` doesn't allow mmap()'ing shared library for execution. We at UBports are carrying a patch in Ubuntu Touch which changes the read rules to `mrk` and write rules to `mrwkl`, and are upstreaming this patch at [1]. When the MR is merged, I would like this patch to be included in Ubuntu 24.04, so that Ubuntu Touch doesn't have to package AppArmor separately from Ubuntu. If we agree that we want this patch, I can provide an MR on Salsa. [1] https://gitlab.com/apparmor/apparmor/-/merge_requests/1189 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2058690/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064485] Re: Discover crasFrequent crashes in plasma-discover with libglib-2.0 errorshes after click on apps or extension for apps or plasma extensions
I have attached the crash file to this bug report to provide additional information that may assist in diagnosing. ** Attachment added: "_usr_bin_plasma-discover.1000.crash" https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/2064485/+attachment/5773561/+files/_usr_bin_plasma-discover.1000.crash -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to glib2.0 in Ubuntu. https://bugs.launchpad.net/bugs/2064485 Title: Discover crasFrequent crashes in plasma-discover with libglib-2.0 errorshes after click on apps or extension for apps or plasma extensions Status in glib2.0 package in Ubuntu: Invalid Bug description: Description: I am experiencing frequent crashes with the application plasma-discover on Ubuntu 22.04.4 LTS. These crashes occur when I attempt to access the update functions within the Discover UI. Terminal outputs and system logs indicate issues with libglib-2.0, showing repeated trap int3 errors, which are typically used for debug breakpoints in development builds. Expected Behavior: Plasma Discover should run smoothly, allowing the management of software updates and installations without crashing. Actual Behavior: Discover crashes frequently, especially when trying to access the updates section or other specific parts of the application. Steps Attempted: Resetting configuration files for Discover. Running Discover from the terminal to capture any error outputs. System update and reinstallation of plasma-discover and its dependencies. Analyzing system logs with journalctl, which showed repeated issues with libglib-2.0. System and Package Information: Ubuntu Version: 22.04.4 LTS Package Versions: libglib2.0-0: Installed: 2.72.4-0ubuntu2.2 plasma-discover: Installed: 5.24.7-0ubuntu0.1 This issue significantly impacts the functionality of the Discover application, hindering routine software management and updates. Any assistance or resolution would be greatly appreciated. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: libglib2.0-0 2.72.4-0ubuntu2.2 ProcVersionSignature: Ubuntu 6.5.0-28.29~22.04.1-generic 6.5.13 Uname: Linux 6.5.0-28-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.5 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: KDE Date: Wed May 1 09:58:53 2024 SourcePackage: glib2.0 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/2064485/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064485] Re: Discover crasFrequent crashes in plasma-discover with libglib-2.0 errorshes after click on apps or extension for apps or plasma extensions
Thank you for taking the time to report this bug and helping to make Ubuntu better. However, your crash report is either missing or challenging to deal with as a '.crash' file. Please follow these instructions to have apport report a new bug about your crash that can be dealt with by the automatic retracer. If you are running the Ubuntu Stable Release you might need to enable apport in /etc/default/apport and restart. If you are using Ubuntu with the Gnome desktop environment - launch nautilus and navigate to your /var/crash directory and double click on the crash report you wish to submit. If you are using Kubuntu or Xubuntu you can file the crash using /usr/share/apport/apport-qt --crash-file=/var/crash/_my_crash_report.crash in a terminal - where _my_crash_report.crash is the crash you would like to report. I'm closing this bug report since the process outlined above will automatically open a new bug report which can then dealt with more efficiently. Thanks in advance for your cooperation and understanding. ** Changed in: glib2.0 (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to glib2.0 in Ubuntu. https://bugs.launchpad.net/bugs/2064485 Title: Discover crasFrequent crashes in plasma-discover with libglib-2.0 errorshes after click on apps or extension for apps or plasma extensions Status in glib2.0 package in Ubuntu: Invalid Bug description: Description: I am experiencing frequent crashes with the application plasma-discover on Ubuntu 22.04.4 LTS. These crashes occur when I attempt to access the update functions within the Discover UI. Terminal outputs and system logs indicate issues with libglib-2.0, showing repeated trap int3 errors, which are typically used for debug breakpoints in development builds. Expected Behavior: Plasma Discover should run smoothly, allowing the management of software updates and installations without crashing. Actual Behavior: Discover crashes frequently, especially when trying to access the updates section or other specific parts of the application. Steps Attempted: Resetting configuration files for Discover. Running Discover from the terminal to capture any error outputs. System update and reinstallation of plasma-discover and its dependencies. Analyzing system logs with journalctl, which showed repeated issues with libglib-2.0. System and Package Information: Ubuntu Version: 22.04.4 LTS Package Versions: libglib2.0-0: Installed: 2.72.4-0ubuntu2.2 plasma-discover: Installed: 5.24.7-0ubuntu0.1 This issue significantly impacts the functionality of the Discover application, hindering routine software management and updates. Any assistance or resolution would be greatly appreciated. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: libglib2.0-0 2.72.4-0ubuntu2.2 ProcVersionSignature: Ubuntu 6.5.0-28.29~22.04.1-generic 6.5.13 Uname: Linux 6.5.0-28-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.5 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: KDE Date: Wed May 1 09:58:53 2024 SourcePackage: glib2.0 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/2064485/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064485] [NEW] Discover crasFrequent crashes in plasma-discover with libglib-2.0 errorshes after click on apps or extension for apps or plasma extensions
Public bug reported: Description: I am experiencing frequent crashes with the application plasma-discover on Ubuntu 22.04.4 LTS. These crashes occur when I attempt to access the update functions within the Discover UI. Terminal outputs and system logs indicate issues with libglib-2.0, showing repeated trap int3 errors, which are typically used for debug breakpoints in development builds. Expected Behavior: Plasma Discover should run smoothly, allowing the management of software updates and installations without crashing. Actual Behavior: Discover crashes frequently, especially when trying to access the updates section or other specific parts of the application. Steps Attempted: Resetting configuration files for Discover. Running Discover from the terminal to capture any error outputs. System update and reinstallation of plasma-discover and its dependencies. Analyzing system logs with journalctl, which showed repeated issues with libglib-2.0. System and Package Information: Ubuntu Version: 22.04.4 LTS Package Versions: libglib2.0-0: Installed: 2.72.4-0ubuntu2.2 plasma-discover: Installed: 5.24.7-0ubuntu0.1 This issue significantly impacts the functionality of the Discover application, hindering routine software management and updates. Any assistance or resolution would be greatly appreciated. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: libglib2.0-0 2.72.4-0ubuntu2.2 ProcVersionSignature: Ubuntu 6.5.0-28.29~22.04.1-generic 6.5.13 Uname: Linux 6.5.0-28-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.5 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: KDE Date: Wed May 1 09:58:53 2024 SourcePackage: glib2.0 UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: glib2.0 (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug jammy -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to glib2.0 in Ubuntu. https://bugs.launchpad.net/bugs/2064485 Title: Discover crasFrequent crashes in plasma-discover with libglib-2.0 errorshes after click on apps or extension for apps or plasma extensions Status in glib2.0 package in Ubuntu: New Bug description: Description: I am experiencing frequent crashes with the application plasma-discover on Ubuntu 22.04.4 LTS. These crashes occur when I attempt to access the update functions within the Discover UI. Terminal outputs and system logs indicate issues with libglib-2.0, showing repeated trap int3 errors, which are typically used for debug breakpoints in development builds. Expected Behavior: Plasma Discover should run smoothly, allowing the management of software updates and installations without crashing. Actual Behavior: Discover crashes frequently, especially when trying to access the updates section or other specific parts of the application. Steps Attempted: Resetting configuration files for Discover. Running Discover from the terminal to capture any error outputs. System update and reinstallation of plasma-discover and its dependencies. Analyzing system logs with journalctl, which showed repeated issues with libglib-2.0. System and Package Information: Ubuntu Version: 22.04.4 LTS Package Versions: libglib2.0-0: Installed: 2.72.4-0ubuntu2.2 plasma-discover: Installed: 5.24.7-0ubuntu0.1 This issue significantly impacts the functionality of the Discover application, hindering routine software management and updates. Any assistance or resolution would be greatly appreciated. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: libglib2.0-0 2.72.4-0ubuntu2.2 ProcVersionSignature: Ubuntu 6.5.0-28.29~22.04.1-generic 6.5.13 Uname: Linux 6.5.0-28-generic x86_64 ApportVersion: 2.20.11-0ubuntu82.5 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: KDE Date: Wed May 1 09:58:53 2024 SourcePackage: glib2.0 UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/glib2.0/+bug/2064485/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064096] Re: rsyslog service timeout on noble numbat
Do you think we should mark #2064088 as a duplicate of this (or vice- versa), if we're confident this is the same underlying issue? There are some outstanding questions for me on that bug, but it might make sense to focus our comments in one place going forward. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to rsyslog in Ubuntu. https://bugs.launchpad.net/bugs/2064096 Title: rsyslog service timeout on noble numbat Status in rsyslog package in Ubuntu: Confirmed Bug description: This might be related to #2064088 The rsyslog service is continually timing out and restarting. If I use a service drop-in file and change the 'Type' from 'notify' to 'simple', the service starts and appears to work normally. In the journal, I can see the attached apparmor errors. I can't make sense of them, but if it's a similar issue to #2064088, then I suspect apparmor is preventing the systemd notify function from alerting systemd that the service is up and running. ProblemType: Bug DistroRelease: Ubuntu 24.04 Package: rsyslog 8.2312.0-3ubuntu9 ProcVersionSignature: Ubuntu 6.8.0-31.31-generic 6.8.1 Uname: Linux 6.8.0-31-generic x86_64 ApportVersion: 2.28.1-0ubuntu2 Architecture: amd64 CasperMD5CheckMismatches: ./boot/grub/grub.cfg CasperMD5CheckResult: fail CurrentDesktop: ubuntu:GNOME Date: Mon Apr 29 10:37:46 2024 ProcEnviron: LANG=en_GB.UTF-8 PATH=(custom, no user) SHELL=/bin/bash TERM=xterm-256color XDG_RUNTIME_DIR= SourcePackage: rsyslog UpgradeStatus: No upgrade log present (probably fresh install) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rsyslog/+bug/2064096/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2061584] Re: Rendering issues in VirtualBox with 3d on (GTK ngl backend)
Are we sure this can't just be grouped in with bug 2061118? Bug 2063923 for example is not VMware but shows a video with the same looking artifacts as bug 2061118. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to mesa in Ubuntu. https://bugs.launchpad.net/bugs/2061584 Title: Rendering issues in VirtualBox with 3d on (GTK ngl backend) Status in GTK+: New Status in Mesa: New Status in gtk4 package in Ubuntu: Triaged Status in mesa package in Ubuntu: Triaged Status in gtk4 source package in Noble: Triaged Status in mesa source package in Noble: Triaged Bug description: GTK4 apps are rendering very badly with Ubuntu 24.04 LTS Beta when ran in VirtualBox. This includes the Welcome to Ubuntu app (gnome-initial-setup), gnome- text-editor, and drawing the background (which uses gnome-shell- extension-desktop-icons-ng on Ubuntu). This issue was triggered by GTK4's switch to ngl as the default renderer instead of gl. However, some other similar issues (LP: #2061118, LP: #2060679) are being fixed in mesa instead of in gtk4 itself. To manage notifications about this bug go to: https://bugs.launchpad.net/gtk/+bug/2061584/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2064363] Re: thunderbird snap on live systems "already running" but not responsive
@u-dal: thankyou, though I have to say I am at a loss as to why the snap version of thunderbird is trying to access ``` /media/lubuntu/drive/hq/email/thunderbird/awesomenough/.parentlock /media/lubuntu/drive/hq/email/thunderbird/awesomenough/lock ``` what kind of configuration have you done? I see you are copying data from /media/lubuntu/drive/startup/ into the snap, is something in one of these a symlink into /media/lubuntu/drive/hq/email/thunderbird? As for why this used to work and doesn't now is thunderbird unless you opted into it (enabled the profile) was not confined. The snap thunderbird is confined and defines down to the file what thunderbird has access to. Snaps however are not under normal apparmor control, and make it some what hard for the user to extend what is allowed. There are a few things that can be done to work around the issue but I am still trying to understand why thunderbird is trying to access that location. things we can do to work around this issue immediately, so you can have access to your mail 1. enable snapd prompting in the new security center (its a flutter based application, I am not sure if lubuntu is shipping it by default). If this is a location that falls under what is allowed to prompt (I am not sure it is), snapd we prompt you about allowing the access, store your response and it will be allowed in the future. 2. reinstall thunderbird snap in dev mode 3. manually update the snap profile. There will have to be script that recopies, and reloads, as snap can and will regenerate and reload when it refreshes. 4. uninstall the thunderbird snap and install thunderbird as a deb via the mozilla ppa. You can opt into an apparmor profile if you want, in this case you get full control over the profile. 5. disable apparmor in grub. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2064363 Title: thunderbird snap on live systems "already running" but not responsive Status in apparmor package in Ubuntu: New Bug description: Moving this here from https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2046844 snap policy on an overlay system is preventing thunderbird from running. This is related to the snapcraft form report https://forum.snapcraft.io/t/unexplained-thunderbird-already-running- but-is-not-responding-message/39990 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2064363/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 2040403] Re: Merge net-tools from Debian unstable for noble
** Changed in: net-tools (Ubuntu) Status: Incomplete => Won't Fix ** Changed in: net-tools (Ubuntu) Milestone: None => ubuntu-24.04-feature-freeze -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to net-tools in Ubuntu. https://bugs.launchpad.net/bugs/2040403 Title: Merge net-tools from Debian unstable for noble Status in net-tools package in Ubuntu: Won't Fix Bug description: Scheduled-For: Backlog Upstream: tbd Debian: 2.10-0.1 Ubuntu: 2.10-0.1ubuntu3 There is nothing yet to merge for net-tools currently, but this ticket is filed prospectfully for tracking purposes in case a merge does become available later this cycle. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. ### New Debian Changes ### net-tools (2.10-0.1) unstable; urgency=medium * Non-maintainer upload. * Update Martina's name and email address. * Drop DECnet support (Closes: #1024730) * Revert 'Fix d/watch to point to upstream git repository' * New upstream version 2.10 (Closes: #1000281) -- Bastian Germann Fri, 25 Nov 2022 15:15:20 +0100 net-tools (1.60+git20181103.0eebece-1) unstable; urgency=medium * New upstream version 1.60+git20181103.0eebece - Fix nstrcmp() to prevent ifconfig from showing duplicate interfaces. (Closes: #812886) * Fix d/watch to point to upstream git repository * Add patch to fix decoding of MII vendor ids. (Closes: #549397) - Thanks, Ben Hutchings, for the patch. * Add patch to fix Japanese translation which uses a wrong Kanji character. (Closes: #621752) - Thanks, Takeshi Hamasaki, for the patch. * Add patch to fix wrong indentation of 'collisions' in the Japanese translation. (Closes: #653117) - Thanks, NODA, Kai, for the patch. * Fix Uploaders' field. - Add myself as an uploader. - Fix Tina's details. -- Utkarsh Gupta Fri, 02 Oct 2020 15:01:04 +0530 net-tools (1.60+git20180626.aebd88e-1) unstable; urgency=medium * New upstream snapshot * Refresh patches. * Fix typos in German manpages. Thanks to Prof. Dr. Steffen Wendzel and Dr. Tobias Quathamer for the patch. Closes: #900962. -- Martina Ferrari Mon, 24 Sep 2018 19:08:57 + net-tools (1.60+git20161116.90da8a0-4) unstable; urgency=medium * Update maintainer email address. Closes: #899617. * Update Standards-Version with no changes. -- Martina Ferrari Mon, 24 Sep 2018 17:16:31 + net-tools (1.60+git20161116.90da8a0-3) unstable; urgency=medium * debian/control: Update Vcs-* and Standards-Version. * debian/control: remove references to ancient package ja-trans. * debian/gbp.conf: Update repo layout. -- Martina Ferrari Tue, 31 Jul 2018 19:09:00 + net-tools (1.60+git20161116.90da8a0-2) unstable; urgency=medium * Fix typo in French manpage. Thanks to Michel Grigaut for the patch. * Add manpage for iptunnel, thanks to Sergio Durigan Junior. Closes: #88910 * Rename patches so CME does not choke on them. * Automated cme fixes; packaging improvements. * Remove unused and ancient patch. -- Martina Ferrari Sun, 11 Feb 2018 17:29:24 + net-tools (1.60+git20161116.90da8a0-1) unstable; urgency=medium * New upstream snapshot. * Re-synced translations.patch. * Acknowledge NMUs. Thanks a lot to Andrey Rahmatullin for the fixes and uploads. Closes: 846509. * Fix FTCBFS, thanks to Helmut Grohne for the patch. Closes: #811561. + Really assign CC for cross compilation. + Use triplet prefixed pkg-config. * Add debian/NEWS warning about changing output in net-tools commands. Closing bugs that reported problems in 3rd-party scripts arising from these changes. Closes: #845153, #843892, #820212. * Update Standards-Version, with no changes. -- Martina Ferrari Mon, 26 Dec 2016 05:58:42 + net-tools (1.60+git20150829.73cef8a-2.2) unstable; urgency=medium * Non-maintainer upload. * Apply an additional fix for the previous FTBFS for some architectures. -- Andrey Rahmatullin Thu, 01 Dec 2016 22:49:27 +0500 net-tools (1.60+git20150829.73cef8a-2.1) unstable; urgency=medium * Non-maintainer upload. * Fix FTBFS by applying the upstream patch (Closes: #844073). -- Andrey Rahmatullin Sun, 20 Nov 2016 15:23:12 +0500 net-tools (1.60+git20150829.73cef8a-2) unstable; urgency=medium [ Laurent Bigonville ] * Enable SELinux support. Closes: #666204. ### Old Ubuntu Delta ### net-tools (2.10-0.1ubuntu3) lunar; urgency=medium * Further fixes for mismerge. -- Steve Langasek Tue, 13 Dec 2022 13:49:51 -0800 net-tools (2.10-0.1ubuntu2) lunar; urgency=medium * Fix mismerge of Ubuntu units patch. -- Steve
[Touch-packages] [Bug 2064457] [NEW] Merge rsync from Debian unstable for oracular
Public bug reported: Upstream: tbd Debian: 3.3.0-1 Ubuntu: 3.2.7-1ubuntu1 Debian does new releases regularly, so it's likely there will be newer versions available before FF that we can pick up if this merge is done later in the cycle. If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired. If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38 ### New Debian Changes ### rsync (3.3.0-1) unstable; urgency=medium [ Aquila Macedo Costa ] * d/control: Bump Standards-Version to 4.6.2 [ Samuel Henrique ] * New upstream version 3.3.0 (closes: #1068630) * Bump Standards-Version to 4.7.0 * Update patches * d/patches: Drop merged patches * d/control: Drop dependency on lsb-base * d/rsync.lintian-overrides: Update overrides -- Samuel Henrique Fri, 12 Apr 2024 00:28:29 +0100 rsync (3.2.7-1) unstable; urgency=medium [ Juri Grabowski ] * New upstream version 3.2.7 * Remove patches included in new release [ Helmut Grohne ] * Fix FTCBFS: Use native instances for python build depends (closes: #1022988). [ Samuel Henrique ] * d/rsync.lintian-overrides: Update findings as per lintian changes * d/patches: Add two upstream patches to fix issues post 3.2.7 release: - trust_the_sender_on_a_local_transfer.patch - avoid_quoting_of_tilde_when_its_a_destination_arg.patch -- Samuel Henrique Sun, 18 Dec 2022 14:10:54 + rsync (3.2.6-4) unstable; urgency=medium * Upload to unstable - d/patches: ~ fix_files_from.patch: Upstream patch to address the files-from issue. ~ fix_relative.patch: Upstream patch to fix exclusion of /. with --relative. ~ fix_remote_filter_rules_validation.patch: Upstream patch to fix bug with validating remote filter rules. (closes: #1018296, #1019561) -- Samuel Henrique Wed, 21 Sep 2022 18:58:57 +0100 rsync (3.2.6-3) experimental; urgency=medium * d/patches: - fix_files_from.patch: Upstream patch to address the files-from issue, likely to also be related to #1019561 and #1018296 - fix_relative.patch: Upstream patch to fix exclusion of /. with --relative -- Samuel Henrique Wed, 14 Sep 2022 19:25:19 +0100 rsync (3.2.6-2) experimental; urgency=medium * d/p/fix_remote_filter_rules_validation.patch: New upstream patch to try to fix #1019561 and #1018296 -- Samuel Henrique Tue, 13 Sep 2022 20:55:01 +0100 rsync (3.2.6-1) unstable; urgency=medium * New upstream version 3.2.6 - Added a safety check that prevents the sender from removing destination files when a local copy using --remove-source-files has some files that are shared between the sending & receiving hierarchies, including the case where the source dir & destination dir are identical (closes: #1016102) * Bump Standards-Version to 4.6.1 -- Samuel Henrique Sat, 10 Sep 2022 20:03:51 +0100 rsync (3.2.5-1) unstable; urgency=medium * New upstream version 3.2.5 - Added some file-list safety checking that helps to ensure that a rogue sending rsync can't add unrequested top-level names and/or include recursive names that should have been excluded by the sender. These extra safety checks only require the receiver rsync to be updated. When dealing with an untrusted sending host, it is safest to copy into a dedicated destination directory for the remote content (i.e. don't copy into a destination directory that contains files that aren't from the remote host unless you trust the remote host) (closes: #1016543, CVE-2022-29154). - The build date that goes into the manpages is now based on the developer's release date, not on the build's local-timezone interpretation of the date (closes: #1009981) -- Samuel Henrique Tue, 16 Aug 2022 11:03:48 +0100 rsync (3.2.4-1) unstable; urgency=medium [ Samuel Henrique ] * New upstream version 3.2.4 - Work around a glibc bug where lchmod() breaks in a chroot w/o /proc mounted (closes: #995046). - rsync.1: remove prepended backticks which broke --stop-after and --stop-at formatting (closes: #1007990). ### Old Ubuntu Delta ### rsync (3.2.7-1ubuntu1) noble; urgency=medium * add d/p/fix_crashes_with_fortified_strlcpy.patch (LP: #2060967) - Fixes a buffer overflow when using -F flag. -- Mitchell Dzurick Fri, 12 Apr 2024 10:09:41 -0700 rsync (3.2.7-1build3) noble; urgency=high * No change rebuild against libssl3t64. -- Julian Andres Klode Mon, 08 Apr 2024 16:49:18 +0200 rsync (3.2.7-1build2) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek Sun, 31 Mar 2024 17:10:35 + rsync (3.2.7-1build1) noble; urgency=medium * No-change rebuild against libssl3t64 -- Steve Langasek Mon, 04 Mar 2024 21:12: