[Bug 2093322] Re: [MIR] azure-vm-utils
I'm marking P/N/J as Fix released because the packages are now in main... thanks for all! ** Changed in: azure-vm-utils (Ubuntu Plucky) Status: Fix Committed => Fix Released ** Changed in: azure-vm-utils (Ubuntu Noble) Status: In Progress => Fix Released ** Changed in: azure-vm-utils (Ubuntu Jammy) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
The SRU bumps everything to the same approved version and the approval did not have special constraints that bound it to be only valid in newer releases. We know CPC is behind this and will update it further. The reasoning makes sense as the value of this fully unfolds when available by default which makes it need to be in main there as well. With that the request can be considered valid and approved for Jammy and Noble as well. Please land the seed changes to pull it in and we can then promote the one in -proposed (or if already released by then in -updates) ** Changed in: azure-vm-utils (Ubuntu Noble) Status: New => In Progress ** Changed in: azure-vm-utils (Ubuntu Jammy) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
I added tasks for the N/J series to track seed modifications, now that the packages have passed the New+SRU review and are in verification stage at -proposed pockets. ** Also affects: azure-vm-utils (Ubuntu Jammy) Importance: Undecided Status: New ** Also affects: azure-vm-utils (Ubuntu Noble) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
The seed change to pull it into plucky already landed long ago, see updates above. With that plucky is ready too - setting the state But please continue to update these, as the review was on the assumption to get the new one (IMHO non gating though) ** Changed in: azure-vm-utils (Ubuntu Plucky) Status: In Progress => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
Thank you Miriam, The referenced review is great in going into so much detail of the solution itself - thanks Nick. Which is not reviewing the packaging but mostly azures solution itself which hasn't been done much before (maybe by you packaging it, but not by me at least) - highly appreciated @Nick. As always a lot could be improved in any software, but I acknowledge that to some extend the ecosystem is defined by them. And you'll have this topic for a long time into the future as you continue to maintain this. Now for the testing which is the actual topic at hand. Thanks for working this out as part of establishing the SRU test plan. in regard to the testing I wanted this is providing what I wanted to see for the pure "before we go on can we see it work". Over time it would be great to have that automated as part of CPCs image verification or something similar. But for now I appreciate the manual effort to go through all those examples. +1 for the part of promoting it to main once it is in plucky. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
Hi Christian, following a SRU plan suggested by enr0n in https://code.launchpad.net/~mirespace/ubuntu/+source/azure-vm- utils/+git/azure-vm-utils/+merge/488845/comments/1327048 I went through it, generating the manual report attached to this comment for your verification Autopkgtest passes at https://autopkgtest.ubuntu.com/results/autopkgtest- questing/questing/amd64/a/azure-vm-utils/20250528_002852_6b772@/log.gz This was all made in Questing as requested to include Plucky in main. ** Attachment added: "Verification of azure.txt" https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+attachment/5892772/+files/Verification%20of%20azure.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
I know you need this for plucky too, since changing an active release always comes with more risk (even if the actual impact is you putting it onto the image and not the promotion) I'd appreciate some test/verification based on questing if that is not impossible. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
All approvals are in and the subscription is done. The component mismatch due to the seeding shows it pulled in in questing, ready for promotion. We have only one in questing/universe, no other version in proposed to care about azure-vm-utils | 0.6.0-4 | questing/universe | source, amd64, arm64, armhf, ppc64el, riscv64, s390x ./change-override --component main --suite questing --source-and-binary azure-vm-utils Override component to main azure-vm-utils 0.6.0-4 in questing: universe/misc -> main azure-vm-utils 0.6.0-4 in questing amd64: universe/admin/optional/100% -> main azure-vm-utils 0.6.0-4 in questing arm64: universe/admin/optional/100% -> main azure-vm-utils 0.6.0-4 in questing armhf: universe/admin/optional/100% -> main azure-vm-utils 0.6.0-4 in questing ppc64el: universe/admin/optional/100% -> main azure-vm-utils 0.6.0-4 in questing riscv64: universe/admin/optional/100% -> main azure-vm-utils 0.6.0-4 in questing s390x: universe/admin/optional/100% -> main Override [y|N]? y 7 publications overridden. ** Changed in: azure-vm-utils (Ubuntu Questing) Status: In Progress => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
I assigned/unassigned me on Plucky due to the seeds changes on Plucky, but those were done as reflected in the [1] for comment 5. Sorry for the noise. Nowadays, ubuntu-public-cloud and myself are subscribed to the bugs. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
** Changed in: azure-vm-utils (Ubuntu Questing) Assignee: Miriam España Acebal (mirespace) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
I assigned questing to you, when the seed change is done unassign yourself again. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
The acks of the MIR process are given, but I was made aware why we can not see it in component mismatches, as we expected a seed change there. Thanks to Miriam we've sorted out that the seed change only landed in Plucky (because that was the devel release at the time). But since this was in-flight it didn't make it into questing on the archive opening. So we realized in checking that it is trying to move ONLY in plucky [1], but that isn't the way to start. As usual please, add it to -devel first to avoid this to regress functionality on upgrades. Please do the same seed change to questing, when it is shown is mismatches then let us promote it there. You can yourself or with your partners have a look if it works as intended in the -devel release. Then next, we can act on the plucky promotion based on [1] as well. Let me add bug tasks to represent that, if later on more release follow we might need to check if the conditions there are different - but that is then. [1]: https://ubuntu-archive-team.ubuntu.com/germinate- output/ubuntu.plucky/all ** Also affects: azure-vm-utils (Ubuntu Plucky) Importance: Undecided Status: New ** Also affects: azure-vm-utils (Ubuntu Questing) Importance: Undecided Status: In Progress ** Changed in: azure-vm-utils (Ubuntu Plucky) Status: New => In Progress ** Changed in: azure-vm-utils (Ubuntu Questing) Assignee: (unassigned) => Miriam España Acebal (mirespace) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
Between the proposed package in this bug PPA for the proposed package: https://launchpad.net/~mirespace/+archive/ubuntu/azure/+packages https://launchpad.net/~mirespace/+archive/ubuntu/azure/+sourcepub/16868631/+listing-archive-extra and the package synced from Debian in Plucky: debdiff azure-vm-utils_0.4.0-2ubuntu1.dsc azure-vm-utils_0.5.1-1.dsc| tee debdiff.log ** Attachment added: "Debdiff of the sources packages" https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+attachment/5885203/+files/debdiff.log -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
Just before this got the security approval, Debian released the package and it's already synced in universe. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
I reviewed azure-vm-utils 0.4.0-2 as checked into plucky. This shouldn't be considered a full audit but rather a quick gauge of maintainability. azure-vm-utils is a collection of tools and udev rules for Linux on Azure. - CVE History - None - The project is relatively new. - Build-Depends - Standard build depends. - pre/post inst/rm scripts - None - init scripts - None - systemd units - None - dbus services - None - setuid binaries - None - binaries in PATH - None - sudo fragments - None - polkit files - None - udev rules - Generates 80-azure-disk.rules - The project advertises itself as a collection of udev rules, so it is fine for it to have udev rules. - The rules interact with Azure and Microsoft devices, mostly reading and creating symlink. - unit tests / autopkgtests - No unit tests or autopkgtests. This was mentioned before, and it was deemed hard to test without a VM. One basic autopkgtest was added, and the upstream repository seems to contain more tests. - cron jobs - None - Build logs - Normal build logs. - Processes spawned - None - Memory management - The memory is freed normally. - File IO - None - Logging - Provides debug prints. No issues. - Environment variable usage - None - Use of privileged functions - None - Use of cryptography / random number sources etc - None - Use of temp files - None - Use of networking - None - Use of WebKit - None - Use of PolicyKit - None - Any significant cppcheck results - None - Any significant Coverity results - Several Coverity issues were identified. - src/main.c:303: Buffer not null terminated (BUFFER_SIZE) - The string copy that happens may cause the string to overflow into another variable if not null terminated. This could cause issues and security vulnerabilities, such as denial of service. While there are no checks for this, the input string ultimately is always null terminated from scandir(). Therefore, this is not an issue with the current inputs. - src/main.c:193: Argument cannot be negative (NEGATIVE_RETURNS) - In this line of code, sysconf(_SC_PAGESIZE) may return a negative value where a negative value is not allowed. This could cause the function to allocate too much memory, or crash. - Other issues were deemed low severity/false positives. - Any significant shellcheck results - None - Any significant Semgrep results - None The package is designed to be ran in a privileged environment. The issues identified by Coverity involve a local attacker inserting maliciously named devices physically, which is challenging in this scenario. Therefore, these issues should not be a problem. The upstream code has removed the usage of the problematic function for the first coverity issue in a later version, and a PR was filed upstream for the second issue, which should not prevent the package from being promoted regardless of the outcome of said PR due to it being a trivial issue in this scenario. The code itself is maintainable, with clear and concise comments as well as normal variable naming and memory management. Upstream also utilizes vulnerability scanning as part of their CI workflow. Security team ACK for promoting azure-vm-utils to main. ** Changed in: azure-vm-utils (Ubuntu) Status: New => In Progress ** Changed in: azure-vm-utils (Ubuntu) Assignee: Ubuntu Security Team (ubuntu-security) => (unassigned) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
** Tags added: sec-5937 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
Review for Source Package: azure-vm-utils [Summary] The package is in good shape. The only problem is the lack of tests. There is sufficient explanation in the bug description why testing is challenging at build or autopkgtest due to the infrastructure required. CPC team commits to test it and a plan is in place. Therefore the lack of tests is not a blocker for promotion. The package provides a utility to identify nvme disks in azure, issuing NVME_IOCTL_ADMIN_CMD commands. Therefore I would suggest a security check. The code base is tiny (less than 500 lines of C code). MIR team ACK This does need a security review, so I'll assign ubuntu-security List of specific binary packages to be promoted to main: azure-vm-utils Specific binary packages built, but NOT to be promoted to main: None Notes: - The package should get a team bug subscriber before being promoted [Rationale, Duplication and Ownership] There is no other package in main providing the same functionality. CPC team is committed to own long term maintenance of this package. The rationale given in the report seems valid and useful for Ubuntu [Dependencies] OK: - no other Dependencies to MIR due to this - no -dev/-debug/-doc packages that need exclusion - No dependencies in main that are only superficially tested requiring more tests now. Problems: None [Embedded sources and static linking] OK: - no embedded source present - no static linking - does not have unexpected Built-Using entries - not a go package, no extra constraints to consider in that regard - not a rust package, no extra constraints to consider in that regard Problems: None [Security] OK: - history of CVEs does not look concerning - does not run a daemon as root - does not use webkit1,2 - does not use lib*v8 directly - does not parse data formats (files [images, video, audio, xml, json, asn.1], network packets, structures, ...) from an untrusted source. - does not expose any external endpoint (port/socket/... or similar) - does not process arbitrary web content - does not use centralized online accounts - does not integrate arbitrary javascript into the desktop - does not deal with system authentication (eg, pam), etc) - does not deal with security attestation (secure boot, tpm, signatures) - does not deal with cryptography (en-/decryption, certificates, signing, ...) - this makes appropriate (for its exposure) use of established risk mitigation features (dropping permissions, using temporary environments, restricted users/groups, seccomp, systemd isolation features, apparmor, ...) Problems: None [Common blockers] OK: - does not FTBFS currently - This does seem to need special HW for build or test so it can't be automatic at build or autopkgtest time. But as outlined by the requester in [Quality assurance - testing] there: - is hardware and a test plan or code - no new python2 dependency Problems: - does not have a test suite that runs at build time [Packaging red flags] OK: - Ubuntu does not carry a delta - symbols tracking not applicable for this kind of code. - debian/watch is present and looks ok (if needed, e.g. non-native) - Upstream update history is good - Debian/Ubuntu update history is good - the current release is packaged - promoting this does not seem to cause issues for MOTUs that so far maintained the package - no massive Lintian warnings - debian/rules is rather clean - It is not on the lto-disabled list Problems: None [Upstream red flags] OK: - no Errors/warnings during the build - no incautious use of malloc/sprintf (as far as we can check it) - no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH (usage is OK inside tests) - no use of user nobody - no use of setuid / setgid - no important open bugs (crashers, etc) in Debian or Ubuntu - no dependency on webkit, qtwebkit or libseed - not part of the UI for extra checks - no translation present, but none needed for this case (user visible)? Problems: None ** Changed in: azure-vm-utils (Ubuntu) Assignee: Ioanna Alifieraki (joalif) => (unassigned) ** Changed in: azure-vm-utils (Ubuntu) Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
** Description changed: [Availability] The package azure-vm-utils is already in Ubuntu universe. The package azure-vm-utils build for the architectures it is designed to work on. It currently builds and works for architectures: amd64,arm64,armhf,ppc64el,riscv64,s390x Link to package https://launchpad.net/ubuntu/+source/azure-vm-utils PPA for the proposed package: https://launchpad.net/~mirespace/+archive/ubuntu/azure/+packages https://launchpad.net/~mirespace/+archive/ubuntu/azure/+sourcepub/16868631/+listing-archive-extra [Rationale] The package azure-vm-utils is required in Ubuntu main for enhacing the experience of the users of our Azure images using NVMe devices nowadays: this package provides a home for core utilities, udev rules and other configuration to support Linux VMs on Azure. The package azure-vm-utils will not generally be useful for a large part of our user base, but is important/helpful still because the users of our Azure images will have in this package any essential udev rules & relevant utilities. Package azure-vm-utils covers the same use case as walinuxagent for SCSI devices, but there is a plan in the near future to decouple that from walinuxagent [1]. Therefore, we want to be ready for when that transition occurs to prevent the impact in our users. Additionally new use-cases enabled by this are the automatic support of NVMe devices in Azure images. Aditional reasons are that users who only need the dev rules don't need the heavy load of the agent and can get that throught this light azure-vm-utils package. There is no other/better way to solve this that is already in main or should go universe->main instead of this. The binary package azure-vm-utils needs to be in main to be available in our official Azure cloud images by default. The package azure-vm-utils is required in Ubuntu main no later than this cycle (target is release of 25.04) due to the transistion of the udev rules from walinuxagent to vm-azure-utils. [Security] No CVEs/security issues in this software in the past No `suid` or `sgid` binaries Binary azure-nvme in /usr/sbin is no problem because it is not suid/sgid; it as query tool over the NVME namespace to enumerate Microsoft Azure NVMe controllers that could be executed in command line and from the udev rules file that the package installs. Package does not install services, timers or recurring jobs Security has been kept in mind and common isolation/risk-mitigation patterns are in place by the security of Windows Azure Cloud (Iaas) itself, being tangential to it. Packages does not open privileged ports (ports < 1024). Package does not expose any external endpoints, althought it elaborates LUN calculation for user's data disks by namespace identifier throught the MSFT NVMe Accelerator v1.0 controllers when the NMVe device is remote. This is done in the udev rules file installed by the package. Packages does not contain extensions to security-sensitive software (filters, scanners, plugins, UI skins, ...) [Quality assurance - function/usage] The package works well right after install [Quality assurance - maintenance] The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs (also beacuse it was accepted in Debian recently -Oct 12, 2024- and first released version in upstream happened in Feb 12, 2024): - Ubuntu (0) https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug - Debian (0) https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=azure-vm-utils - Upstream's bug tracker (1) https://github.com/Azure/azure-vm-utils/issues + Upstream's repo last activity: - last commit: in main, Nov 26, 2024 - Issues without answer: 1 - Updated issue/PR: Dec 10, 2024 - last fixed/closed/merged issue: Nov 26, 2024 - last merged PR: Mar 30, 2015 The package has not important/old open bugs on upstream. The package does deal with exotic hardware, such hardware is available to the team for debugging, test, verification and development via Azure cloud providers [Quality assurance - testing] - The package does not run a test at build time - The package does not run an autopkgtest, but the proposed package include a trivial one based un upstream's github CI for the deb package [2]. It passes: autopkgtest [13:00:04]: test installation: [--- Checking files provided by the package are present Checking binary is present and its usefulness azure-nvme-id 0.4.0-2 autopkgtest [13:00:05]: test installation: ---] autopkgtest [13:00:06]: test installation: - - - - - - - - - - results - - - - - - - - - - installation PASS (superficial) autopkgtest [13:00:06]: summary installation PASS (superficial)
[Bug 2093322] Re: [MIR] azure-vm-utils
** Changed in: azure-vm-utils (Ubuntu) Assignee: (unassigned) => Ioanna Alifieraki (joalif) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2093322 Title: [MIR] azure-vm-utils To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/azure-vm-utils/+bug/2093322/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2093322] Re: [MIR] azure-vm-utils
** Description changed: [Availability] - TODO: The package TBDSRC is already in Ubuntu universe. - TODO: The package TBDSRC build for the architectures it is designed to work on. - TODO: It currently builds and works for architectures: TBD - TODO: Link to package https://launchpad.net/ubuntu/+source/TBDSRC + The package azure-vm-utils is already in Ubuntu universe. + The package azure-vm-utils build for the architectures it is designed to work on. + It currently builds and works for architectures: amd64,arm64,armhf,ppc64el,riscv64,s390x + Link to package https://launchpad.net/ubuntu/+source/azure-vm-utils + PPA for the proposed package: https://launchpad.net/~mirespace/+archive/ubuntu/azure/+packages + https://launchpad.net/~mirespace/+archive/ubuntu/azure/+sourcepub/16868631/+listing-archive-extra [Rationale] - RULE: There must be a certain level of demand for the package - TODO: - The package TBDSRC is required in Ubuntu main for TBD - TODO-A: - The package TBDSRC will generally be useful for a large part of - TODO-A: our user base - TODO-B: - The package TBDSRC will not generally be useful for a large part of - TODO-B: our user base, but is important/helpful still because TBD - TODO: - Additional reasons TBD - TODO: - Additionally new use-cases enabled by this are TBD - TODO: - Package TBDSRC covers the same use case as TBD, but is better - TODO: because TBD, thereby we want to replace it. - TODO: - The package TBDSRC is a new runtime dependency of package TBD that - TODO: we already support - RULE: Sometimes there are other/better ways, often are achieved by using a - RULE: library with similar functionality that is more commonly used and - RULE: thereby already in main or a better candidate to promote. - RULE: Reducing the set of supported software in Ubuntu helps to focus on the - RULE: right things, otherwise Ubuntu developers will be consumed by updating - RULE: many variations of the same - wasting valuable time that could be better - RULE: spent elsewhere. - RULE: If there are other packages in the archive that are close, but unable to - RULE: address the problem you might spend some time explaining what exists and - RULE: why it isn't a sufficient alternative. - TODO: - There is no other/better way to solve this that is already in main or - TODO: should go universe->main instead of this. - RULE: You truly need to understand the difference between main and universe - RULE: in general and in the context of changed rules (build-depends) and - RULE: constraints (Ubuntu Pro made it less of a difference in many cases). - RULE: We have seen requests that were mostly based on old "I said supported (a - RULE: weakly defined term to begin with) in a contract, so it has to be in main" - RULE: feelings, but with sometimes no true reason - neither technically nor - RULE: helping the user base of Ubuntu. Hence we need to ask for that clearly. - TODO: - The binary package TBD needs to be in main to achieve TBD + The package azure-vm-utils is required in Ubuntu main for enhacing the experience of the users of our Azure images using NVMe devices nowadays: this package provides a home for core utilities, udev rules and other configuration to support Linux VMs on Azure. + The package azure-vm-utils will not generally be useful for a large part of our user base, but is important/helpful still because the users of our Azure images will have in this package any essential udev rules & relevant utilities. + Package azure-vm-utils covers the same use case as walinuxagent for SCSI devices, but there is a plan in the near future to decouple that from walinuxagent [1]. Therefore, + we want to be ready for when that transition occurs to prevent the impact in our users. + Additionally new use-cases enabled by this are the automatic support of NVMe devices in Azure images. + Aditional reasons are that users who only need the dev rules don't need the heavy load of the agent and can get that throught this light azure-vm-utils package. + There is no other/better way to solve this that is already in main or should go universe->main instead of this. + The binary package azure-vm-utils needs to be in main to be available in our official Azure cloud images by default. - RULE: Reviews will take some time. Also the potential extra work out of review - RULE: feedback from either MIR-team and/or security-team will take time. - RULE: For better prioritization it is quite helpful to clearly state the - RULE: target release and set a milestone to the bug task. - RULE: When doing so do not describe what you "wish" or "would like to have". - RULE: Only milestones that are sufficiently well-founded and related to - RULE: major releases will be considered - TODO-A: - The package TBDSRC is required in Ubuntu main no later than TBD - TODO-A: due to TBD - TODO-B: - It would be great and useful to community/processes to have the - TODO-B: package TBD in Ubuntu main, but th
