This bug was fixed in the package iptables - 1.6.1-2ubuntu2.1
---------------
iptables (1.6.1-2ubuntu2.1) bionic; urgency=medium
[ Louis Bouchard ]
* d/patches: 0001-libiptc-Fix-for-segfault-when-renaming-a-chain.patch
Apply upstream fix:
- libiptc: Fix for segfault when renaming a chain (LP: #1992454)
- include new test for this issue in the DEP8 run
[ Andreas Hasenack ]
* d/t/control: fix DEP8 tests (LP: #2019022)
-- Andreas Hasenack <andr...@canonical.com> Tue, 09 May 2023 15:42:18
-0300
** Changed in: iptables (Ubuntu Bionic)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iptables in Ubuntu.
https://bugs.launchpad.net/bugs/2019022
Title:
Bionic dep8 tests are failing
Status in iptables package in Ubuntu:
Fix Released
Status in iptables source package in Bionic:
Fix Released
Bug description:
[ Impact ]
This bug does not affect users directly, but it's a problem everytime
iptables is SRUed to Bionic. We could hint the DEP8 tests, in which
case they would all be ignored (uncluding the ones that actually
work), or fix it. By itself, fixing DEP8 is not worth an SRU, but
since we are fixing a segfault (in #1992454), we can ship the DEP8
fixes with it and make future SRUs easier and of better quality (since
the tests now run correctly).
The actual fixes are two:
- since many iptables commands exit non-zero when the help parameter is given
(-h/--help), instead of relying on that, we grep the output. Since bash's
pipefail option is not set, it's the grep exit status that will be checked.
- the iptables-compat-save is now being called with the -d (dump) option,
which works for what the test wants, and doesn't exit 1 for no reason.
Later versions of iptables have either flipped the exit status of the
-h option (but not for all commands, annoyingly), so this fix is not
needed after bionic. In other cases, the problematic test was just
removed from d/t/control.
[ Test Plan ]
Verify in the autopkgtest report that the DEP8 tests ran and are all green.
[ Where problems could occur ]
This is fixing the existing DEP8 tests, which have been red for bionic since
ever. If the fix fails, the tests will remain red, so no change.
I'm assuming that the test goal of the multiple calls to iptables
binaries with just the "-h/--help" option is to see if they run and
don't crash. This is now being wrapped by a grep filter. If the
iptables binary crashes, but still produces the expected help output,
then it will be considered a green run, even though there was a
problem.
[ Other Info ]
This fix is being included in the same upload as bug #1992454.
[ Original Description]
The Bionic DEP8 tests for iptables are in bad shape[1], even in the
migration-reference/0 run.
There are two types of failures:
a) some commands have an exit status of 1 when called with the -h (for help)
option, which is what some tests do
b) iptables-compat-save (and its IPv6 counterpart) also exit with status 1,
even when there are chains/tables to save
I'll propose:
a) grep the help output instead of relying on the exit status
b) call the command with the -d (dump) option. That doesn't exit 0 in the
success case, and actually dumps data when there are tables to do so
1. https://autopkgtest.ubuntu.com/packages/i/iptables/bionic/amd64
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/2019022/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
