Processed: Re: Bug#917383: Acknowledgement (Precision 5530 unbootable)

[Debian Bug Tracking System]

Processing commands for cont...@bugs.debian.org:

> close 917383
Bug #917383 [debian-installer] Precision 5530 unbootable
Marked Bug as done
> thanks
Stopping processing here.

Please contact me if you need assistance.
-- 
917383: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917383
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Re: Install fwupd on a default installation

[Philipp Kern]

Hey Mario,

On 2018-12-27 03:52, mario.limoncie...@dell.com wrote:

Something I think worth mentioning is that LVFS is being transitioned
to being run
and managed by the Linux Foundation.


yeah, that's great news.

Interestingly enough the vendor signs a blob (CAB file) and LVFS 
throws

it away and re-signs the blob with its own key. But then again I think
the base assumption is that the contained firmware images are 
themselves

signed as well and the BIOS does a check before ingesting them.


Speaking on behalf of one of the biggest distributors of firmware on 
LVFS (Dell)

I can say that all of the firmware images are signed by Dell PKI
infrastructure and
will not flash on the system if modified.

LVFS is currently in the process of plumbing this information through 
to the U/I

as well.


Just the fact that the update claims that the hardware only accepts 
signed updates or something else? :)



Obviously you end up with the usual concerns like the repository being
able to hold back updates from certain clients. The website's code is
supposedly available on https://github.com/hughsie/lvfs-website/ 
though
and I suppose a transparency effort could solve that particular 
problem,

too.


LVFS is able to prevent distributing updates in two situations:

1) when there are known bad SW combinations (say vendor knew bug
existed in fwupd
1.0.x but was fixed in 1.1.x - set minimum version for the update to be 
1.1.x).

or need to update device XYZ before device ABC.

2) rate limiting of updates
To stage rollouts and monitor optional feedback in the event of a 
problem.


I will note - although slightly off-topic to the discussion at hand - 
that it would be useful to people to be able to run their own repository 
of updates and control the rollouts (and staging percentages) 
themselves. I'm not actually suggesting that Debian would need to run 
their own, but it'd be a useful service to the users who don't want to 
send telemetry to the Linux Foundation - and furthermore have a 
significant deployment where it's worth canarying the updates.



Oh yes. Not just that, also finding the right image to apply and then
figuring out how the hell to apply it is a solved problem with 
EFI-based

fwupdate.


Please keep in mind it's much much more than EFI updates now too.
There are updates
that can apply "in Debian" without a reboot for things like
Thunderbolt controllers, docks,
MST hubs, and various USB devices.


Fair enough. Do you have a pointer for examples of such updates? 
Unfortunately I updated my own Dell dock recently from Windows, so I 
can't easily check. Mostly I'm interested if it's a proprietary binary 
run on the host. That's its own can of worms. (Which technically is true 
for the EFI update too, but it's staged from outside of Linux on 
boot-up.)


Kind regards and thanks
Philipp Kern

Bug#917463: console-setup: Please add a reference to setupcon(1) in /etc/default/keyboard

[Chris Lamb]

Source: console-setup
Version: 1.188
Severity: wishlist
Tags: patch

Hi,

Please include a reference in /etc/default/keyboard to the tool to
apply these changes to the running system without a restart, ie.
setupcon(1).

Whilst we do reference the keyboard(5) manual page, I keep having to
look this one up for some reason...

Patch attached.


Regards,

-- 
  ,''`.
 : :'  : Chris Lamb
 `. `'`  la...@debian.org / chris-lamb.co.uk
   `-
diff --git a/config/keyboard b/config/keyboard
index 16e8da8..e1cd9c8 100644
--- a/config/keyboard
+++ b/config/keyboard
@@ -1,6 +1,7 @@
 # KEYBOARD CONFIGURATION FILE
 
-# Consult the keyboard(5) manual page.
+# Changes may be applied via setupcon(1); consult the keyboard(5) manual
+# page for more information.
 
 XKBMODEL=pc105
 XKBLAYOUT=us

Bug#914813: power

[Geert Stappers]

On Thu, Dec 27, 2018 at 08:05:08AM +0100, Bernhard wrote:
> 
> > * Which power connector is used?   ( barrel or microUSB )
> Barrel

Good
 
> > * What power supply is used?  ( Volts,  Amperes )
> 5V / 2,5A

Good



Cheers
Me, while attempting to keep the Subject matching the message body ...

Bug#914813: kernel 3.4 works

[Geert Stappers]

On Thu, Dec 27, 2018 at 08:05:08AM +0100, Bernhard wrote:
> 
> I made a test with a pre-built image from banana-pi.org.
> This is Debian 8 "Jessie" with a very old kernel 3.4.
> I assume, the famous sunxi-kernel.
> Here, the Ethernet works.
> The complete log during booting is attached.
> Hopefully, it helps.
> 
> If i can do further tests, or if you need further informations: please let me 
> know.
> 
> Best regards
> Bernhard
> 

> HELLO! BOOT0 is starting!

> [  1.308][mmc]:  mmc  not find,so not exit
> HELLO! BOOT0 is starting!

> U-Boot 2011.09-rc1-0-g4948cb4-dirty (Jul 11 2018 - 01:55:24) Allwinner 
> Technology 

> ** Invalid boot device **
> [  4.579][mmc]: blkcnt should not be 0
> Loaded environment from uEnv.txt
> Running uenvcmd ...
> Banana Pi bpi-m3 chip: a83t Service: linux bpiuser: 720p
> [  5.131][mmc]: blkcnt should not be 0
> ## Booting kernel from Legacy Image at 4800 ...
>Image Name:   Linux-3.4.39-BPI-M3-Kernel
>Image Type:   ARM Linux Kernel Image (uncompressed)
>Data Size:7002512 Bytes = 6.7 MiB
>Load Address: 40008000
>Entry Point:  40008000
>Verifying Checksum ... OK
> ## Loading init Ramdisk from Legacy Image at 4310 ...
>Image Name:   uInitrd
>Image Type:   ARM Linux RAMDisk Image (gzip compressed)
>Data Size:5161148 Bytes = 4.9 MiB
>Load Address: 
>Entry Point:  
>Verifying Checksum ... OK
>Loading Kernel Image ... OK
> OK
> [  5.327][mmc]: MMC Device 2 not found
> [  5.331][mmc]:  mmc  not find,so not exit
> [  5.335]
> Starting kernel ...
> 
> [sun8i_fixup]: From boot, get meminfo:
> 
Start:  0x4000
> 
Size:   2048MB
> 
ion_carveout reserve: 96m 128m
> 
ion_reserve_common: ion reserve: [0xb800, 0xc000]!
> 
ion_cma reserve: 120m 176m 512m
> 
ion_reserve_common: ion reserve: [0xa000, 0xc000]!
> 
--sun8i_smp_init_ops37-
> 
[0.00] Booting Linux on physical CPU 0
> [0.00] Initializing cgroup subsys cpuset
> [0.00] Initializing cgroup subsys cpu
> [0.00] Linux version 3.4.39-BPI-M3-Kernel (root@1a557e1c594c) (gcc 
> version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) ) #3 SMP PREEMPT Wed Jul 11 
> 01:55:51 UTC 2018
> [0.00] CPU: ARMv7 Processor [410fc075] revision 5 (ARMv7), cr=10c5387d

> [2.320816] [rfkill]: mod has no ls_int gpio
> [2.320830] [rfkill]: mod has no pcm_ch gpio
> [2.321375] [rfkill]: rfkill set power 0

> [   17.939254] systemd[1]: Detected architecture arm.
> 
> Welcome to Debian GNU/Linux 9 (stretch)!
> 
> [   17.982068] systemd[1]: Set hostname to .

> [   26.486354] USB Serial support registered for GSM modem (1-port)
> [  OK  ] Started Set console font and keymap.
> [  OK  ] Found device /dev/ttyS0.
> [  OK  ] Listening on Load/Save RF Kill Switch Status /dev/rfkill 
> Watch.
> [  OK  ] Reached target Sound Card.
>  Starting Create Volatile Files and Directories...
>  Starting Load/Save RF Kill Switch Status...
> [   29.552854] gmac0: probed
> [   29.600398] gmac0 gmac0: eth0: eth0: PHY ID 001cc915 at 0 IRQ poll 
> (gmac0-0:00)
> [   29.700631] [rfkill]: rfkill set power 0
> [  OK  ] Started Create Volatile Files and Directories.
> [  OK  ] Started Load/Save RF Kill Switch Status.

> [   33.600389] PHY: gmac0-0:00 - Link is Up - 100/Full
>  Starting Network Manager...
>  Starting Accounts Service...

> [   54.107624] rc.local[780]: My IP address is 192.168.2.150 
> 2003:ca:bf4:5814:1842:4bff:fe49:9561
>  Starting User Manager for UID 1000...

> Debian GNU/Linux 9 bpi-iot-ros-ai ttyS0
> 
> bpi-iot-ros-ai login: 



For some reason I assume that `RF Kill` does more then just wireless.

I don't know which way to go.  Too many options.




Groeten
Geert Stappers
-- 
Leven en laten leven

Bug#917491: debian-installer-netboot-images: FTBFS (BAD signature from "Debian Archive Automatic Signing Key (8/jessie) ")

[Santiago Vila]

Package: src:debian-installer-netboot-images
Version: 20170615+deb9u5
Severity: serious
Tags: ftbfs

Dear maintainer:

I tried to build this package in buster but it failed:


[...]
 debian/rules build-indep
dh build-indep
   dh_update_autotools_config -i
 fakeroot debian/rules binary-indep
dh binary-indep
   dh_testroot -i
   dh_prep -i
   debian/rules override_dh_auto_install
make[1]: Entering directory 
'/<>/debian-installer-netboot-images-20170615+deb9u5'
if ! ./get-images.sh amd64 && [ -n "stretch" ]; then\
echo; echo; echo; \
echo "Version not found in stretch-proposed-updates, falling back to 
stretch"; \
echo; echo; echo; \
sleep 5; \

[... snipped ...]




--2018-12-20 03:03:08--  http://deb.debian.org/debian/dists/stretch/Release.gpg
Resolving deb.debian.org (deb.debian.org)... 149.20.4.15, 130.89.148.14, 
128.31.0.62, ...
Connecting to deb.debian.org (deb.debian.org)|149.20.4.15|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: http://cdn-fastly.deb.debian.org/debian/dists/stretch/Release.gpg 
[following]
--2018-12-20 03:03:08--  
http://cdn-fastly.deb.debian.org/debian/dists/stretch/Release.gpg
Resolving cdn-fastly.deb.debian.org (cdn-fastly.deb.debian.org)... 
151.101.120.204, 2a04:4e42:1d::204
Connecting to cdn-fastly.deb.debian.org 
(cdn-fastly.deb.debian.org)|151.101.120.204|:80... connected.
HTTP request sent, awaiting response... 206 Partial Content
Length: 2434 (2.4K), 833 remaining
Saving to: 
'/<>/debian-installer-netboot-images-20170615+deb9u5/Release.gpg'

 0K ,.100% 44.9M=0s

2018-12-20 03:03:08 (44.9 MB/s) - 
'/<>/debian-installer-netboot-images-20170615+deb9u5/Release.gpg' 
saved [2434/2434]

--2018-12-20 03:03:08--  http://deb.debian.org/debian/dists/stretch/Release
Resolving deb.debian.org (deb.debian.org)... 149.20.4.15, 130.89.148.14, 
128.31.0.62, ...
Connecting to deb.debian.org (deb.debian.org)|149.20.4.15|:80... connected.
HTTP request sent, awaiting response... 302 Found
Location: http://cdn-fastly.deb.debian.org/debian/dists/stretch/Release 
[following]
--2018-12-20 03:03:08--  
http://cdn-fastly.deb.debian.org/debian/dists/stretch/Release
Resolving cdn-fastly.deb.debian.org (cdn-fastly.deb.debian.org)... 
151.101.120.204, 2a04:4e42:1d::204
Connecting to cdn-fastly.deb.debian.org 
(cdn-fastly.deb.debian.org)|151.101.120.204|:80... connected.
HTTP request sent, awaiting response... 206 Partial Content
Length: 117946 (115K), 23339 (23K) remaining
Saving to: 
'/<>/debian-installer-netboot-images-20170615+deb9u5/Release'

[ skipping 50K ]
50K ,, ,, ,, ,, ,, 86% 2.13G 0s
   100K .. .  100% 16.8M=0.001s

2018-12-20 03:03:08 (24.6 MB/s) - 
'/<>/debian-installer-netboot-images-20170615+deb9u5/Release' saved 
[117946/117946]

gpgv: Signature made Wed Dec 19 20:22:50 2018 UTC
gpgv:using RSA key A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553
gpgv: Can't check signature: No public key
gpgv: Signature made Wed Dec 19 20:22:50 2018 UTC
gpgv:using RSA key 126C0D24BD8A2942CC7DF8AC7638D0442B90D010
gpgv: BAD signature from "Debian Archive Automatic Signing Key (8/jessie) 
"
make[1]: *** [debian/rules:20: get-images-amd64] Error 1
make[1]: Leaving directory 
'/<>/debian-installer-netboot-images-20170615+deb9u5'
make: *** [debian/rules:15: binary-indep] Error 2
dpkg-buildpackage: error: fakeroot debian/rules binary-indep subprocess 
returned exit status 2


The build was made in my autobuilder with "dpkg-buildpackage -A"
but it also fails here:

https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/debian-installer-netboot-images.html

where you can get a full build log if you need it.

If this is really a bug in one of the build-depends, please use reassign and 
affects,
so that this is still visible in the BTS web page for this package.

Thanks.