[Touch-packages] [Bug 2090887] Re: apport hook source_apparmor.py shows only one word per line

2024-12-04 Thread Alex Murray 
In a fresh noble LXD VM I can reproduce this:

apt install mysql-server apparmor
ubuntu-bug mysql-server

Then View the report and it has:

== KernLog =
apparmor
AppArmor
AppArmor
audit(
AppArmor
AppArmor
AppArmor
AppArmor
security
selinux
security
security
security
security
security
apparmor
security
security
audit(
...

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2090887

Title:
  apport hook source_apparmor.py shows only one word per line

Status in apparmor package in Ubuntu:
  New

Bug description:
  As can be seen in some bugs collecting KernLog.txt, such as
  https://launchpadlibrarian.net/755520804/KernLog.txt from LP:
  #2085412, or https://launchpadlibrarian.net/748024373/KernLog.txt from
  LP: #2079912, only one word of each line is being shown:

  Security
  AppArmor
  AppArmor
  audit(
  AppArmor
  AppArmor
  AppArmor
  AppArmor
  security
  selinux
  security
  security
  security
  security
  security
  apparmor

  I haven't reproduced this behavior myself locally, so wonder if the
  reporters' kern.log files are odd, but I've seen this in several bug
  reports.  I thought it might be the stringify() routine but running
  the apport hook manually on my own system, it works fine.  Looking
  through the source_apparmor.py file I notice the words are ones
  matching the regular expression:

  sec_re = re.compile('audit\(|apparmor|selinux|security', re.IGNORECASE)
  report['KernLog'] = recent_kernlog(sec_re)

  That can't be a coincidence.  However, I don't see how the code would
  produce this behavior, so no idea how to fix it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2090887/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2090887] Re: apport hook source_apparmor.py shows only one word per line

2024-12-04 Thread Alex Murray 
However if I just run the code from the apparmor apport hook on that
system then it doesn't reproduce:

root@sec-noble-amd64:/usr/share/apport/package-hooks# python3
Python 3.12.3 (main, Sep 11 2024, 14:17:37) [GCC 13.2.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> import source_apparmor
/usr/share/apport/package-hooks/source_apparmor.py:61: SyntaxWarning: invalid 
escape sequence '\('
  sec_re = re.compile('audit\(|apparmor|selinux|security', re.IGNORECASE)
>>> import re
>>> source_apparmor.recent_kernlog(re.compile('audit\(|apparmor|selinux|security',
>>>  re.IGNORECASE))
:1: SyntaxWarning: invalid escape sequence '\('
'2024-12-05T03:41:19.462683+00:00 sec-noble-amd64 kernel: audit: type=1400 
audit(1733370079.461:132): apparmor="STATUS" operation="profile_replace" 
profile="unconfined" name="/usr/lib/snapd/snap-confine" pid=923 
comm="apparmor_parser"\n2024-12-05T03:41:19.464668+00:00 sec-noble-amd64 
kernel: audit: type=1400 audit(1733370079.463:133): apparmor="STATUS" 
operation="profile_replace" profile="unconfined" 
name="/usr/lib/snapd/snap-confine//mount-namespace-capture-helper" pid=923 
comm="apparmor_parser"\n2024-12-05T03:43:09.680677+00:00 sec-noble-amd64 
kernel: audit: type=1400 audit(1733370189.678:134): apparmor="STATUS" 
operation="profile_load" profile="unconfined" name="/usr/sbin/mysqld" pid=2006 
comm="apparmor_parser"\n'

Somehow this is the fault of the source_mysql-8.0.py script though as
(conveniently) it contains a __main__ which allows it to be run, and if
we do that we can reproduce it:

root@sec-noble-amd64:/usr/share/apport/package-hooks# python3 
source_mysql-8.0.py 
Logs.var.log.daemon.log: 
Logs.var.log.mysql.error.log: 2024-12-05T03:42:34.690011Z 0 [System] 
[MY-013169] [Server] /usr/sbin/mysqld (mysqld 8.0.40-0ubuntu0.24.04.1) 
initializing of server in progress as process 1842
KernLog: apparmor
ProcVersionSignature: Ubuntu 6.8.0-47.47-generic 6.8.12
ProcCmdline: BOOT_IMAGE=/vmlinuz-6.8.0-47-generic 
root=UUID=15a6fbdd-2b57-4890-803d-c6a103a6a00f ro console=tty1 console=ttyS0
.etc.apparmor.d.usr.sbin.mysqld: # vim:syntax=apparmor
MySQLConf.etc.mysql.my.cnf: my.cnf links to /etc/mysql/mysql.cnf
MySQLConf.etc.mysql.mysql.cnf: #
MySQLConf.etc.mysql.conf.d.mysql.cnf: [mysql]
MySQLConf.etc.mysql.conf.d.mysqldump.cnf: [mysqldump]
MySQLConf.etc.mysql.mysql.conf.d.mysqld.cnf: #
MySQLConf.etc.mysql.mysql.conf.d.mysql.cnf: #
MySQLVarLibDirListing: ['#ib_16384_1.dblwr', 'binlog.03', 'mysql.ibd', 
'binlog.index', '#ib_16384_0.dblwr', 'server-key.pem', 'binlog.01', 'sys', 
'#innodb_temp', 'public_key.pem', 'mysql', 'ca.pem', '#innodb_redo', 
'server-cert.pem', 'undo_002', 'ibdata1', 'undo_001', 'ca-key.pem', 
'binlog.02', 'performance_schema', 'private_key.pem', 'ib_buffer_pool', 
'debian-5.7.flag', 'client-key.pem', 'auto.cnf', 'sec-noble-amd64.pid', 
'ibtmp1', 'client-cert.pem']

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/2090887

Title:
  apport hook source_apparmor.py shows only one word per line

Status in apparmor package in Ubuntu:
  New

Bug description:
  As can be seen in some bugs collecting KernLog.txt, such as
  https://launchpadlibrarian.net/755520804/KernLog.txt from LP:
  #2085412, or https://launchpadlibrarian.net/748024373/KernLog.txt from
  LP: #2079912, only one word of each line is being shown:

  Security
  AppArmor
  AppArmor
  audit(
  AppArmor
  AppArmor
  AppArmor
  AppArmor
  security
  selinux
  security
  security
  security
  security
  security
  apparmor

  I haven't reproduced this behavior myself locally, so wonder if the
  reporters' kern.log files are odd, but I've seen this in several bug
  reports.  I thought it might be the stringify() routine but running
  the apport hook manually on my own system, it works fine.  Looking
  through the source_apparmor.py file I notice the words are ones
  matching the regular expression:

  sec_re = re.compile('audit\(|apparmor|selinux|security', re.IGNORECASE)
  report['KernLog'] = recent_kernlog(sec_re)

  That can't be a coincidence.  However, I don't see how the code would
  produce this behavior, so no idea how to fix it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2090887/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2090946] [NEW] Front panel microphone input not listed in Gnome sound settings

2024-12-04 Thread Launchpad Bug Tracker 
You have been subscribed to a public bug:

Since I didn't have this problem until recently, I suspect that this
happened after upgrading from Ubuntu 24.04 to 24.10.

The "Input" devices list in the Gnome sound settings no longer lists the
headphone input ("HD Audio"), which it used to before. Now it only lists
the input from my USB webcam and S/PDIF.

Some applications like Zoom and Audacity still seem to see that there is
an HD Audio input device.

If there are any instructions I could follow to troubleshoot or generate
some useful logs, I would be happy to do so.

ProblemType: Bug
DistroRelease: Ubuntu 24.10
Package: alsa-base 1.0.25+dfsg-0ubuntu7
ProcVersionSignature: Ubuntu 6.11.0-9.9-generic 6.11.0
Uname: Linux 6.11.0-9-generic x86_64
ApportVersion: 2.30.0-0ubuntu4
Architecture: amd64
CasperMD5CheckResult: pass
CurrentDesktop: ubuntu:GNOME
Date: Tue Dec  3 12:31:29 2024
InstallationDate: Installed on 2021-10-04 (1156 days ago)
InstallationMedia: Ubuntu 21.10 "Impish Indri" - Release amd64 (20211012)
MachineType: Micro-Star International Co., Ltd. MS-7C91
PackageArchitecture: all
ProcEnviron:
 LANG=en_US.UTF-8
 PATH=(custom, no user)
 SHELL=/bin/bash
 TERM=xterm-256color
PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No 
PulseAudio daemon running, or not running as session daemon.
SourcePackage: alsa-driver
Symptom: audio
UpgradeStatus: Upgraded to oracular on 2024-11-09 (24 days ago)
dmi.bios.date: 10/19/2023
dmi.bios.release: 5.17
dmi.bios.vendor: American Megatrends International, LLC.
dmi.bios.version: A.F0
dmi.board.asset.tag: To be filled by O.E.M.
dmi.board.name: MAG B550 TOMAHAWK (MS-7C91)
dmi.board.vendor: Micro-Star International Co., Ltd.
dmi.board.version: 2.0
dmi.chassis.asset.tag: To be filled by O.E.M.
dmi.chassis.type: 3
dmi.chassis.vendor: Micro-Star International Co., Ltd.
dmi.chassis.version: 2.0
dmi.modalias: 
dmi:bvnAmericanMegatrendsInternational,LLC.:bvrA.F0:bd10/19/2023:br5.17:svnMicro-StarInternationalCo.,Ltd.:pnMS-7C91:pvr2.0:rvnMicro-StarInternationalCo.,Ltd.:rnMAGB550TOMAHAWK(MS-7C91):rvr2.0:cvnMicro-StarInternationalCo.,Ltd.:ct3:cvr2.0:skuTobefilledbyO.E.M.:
dmi.product.family: To be filled by O.E.M.
dmi.product.name: MS-7C91
dmi.product.sku: To be filled by O.E.M.
dmi.product.version: 2.0
dmi.sys.vendor: Micro-Star International Co., Ltd.

** Affects: alsa-driver (Ubuntu)
 Importance: Undecided
 Status: New


** Tags: amd64 apport-bug oracular
-- 
Front panel microphone input not listed in Gnome sound settings
https://bugs.launchpad.net/bugs/2090946
You received this bug notification because you are a member of Ubuntu Touch 
seeded packages, which is subscribed to alsa-driver in Ubuntu.

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2090946] Re: Front panel microphone input not listed in Gnome sound settings

2024-12-04 Thread Ubuntu Foundations Team Bug Bot 
** Package changed: ubuntu => alsa-driver (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to alsa-driver in Ubuntu.
https://bugs.launchpad.net/bugs/2090946

Title:
  Front panel microphone input not listed in Gnome sound settings

Status in alsa-driver package in Ubuntu:
  New

Bug description:
  Since I didn't have this problem until recently, I suspect that this
  happened after upgrading from Ubuntu 24.04 to 24.10.

  The "Input" devices list in the Gnome sound settings no longer lists
  the headphone input ("HD Audio"), which it used to before. Now it only
  lists the input from my USB webcam and S/PDIF.

  Some applications like Zoom and Audacity still seem to see that there
  is an HD Audio input device.

  If there are any instructions I could follow to troubleshoot or
  generate some useful logs, I would be happy to do so.

  ProblemType: Bug
  DistroRelease: Ubuntu 24.10
  Package: alsa-base 1.0.25+dfsg-0ubuntu7
  ProcVersionSignature: Ubuntu 6.11.0-9.9-generic 6.11.0
  Uname: Linux 6.11.0-9-generic x86_64
  ApportVersion: 2.30.0-0ubuntu4
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: ubuntu:GNOME
  Date: Tue Dec  3 12:31:29 2024
  InstallationDate: Installed on 2021-10-04 (1156 days ago)
  InstallationMedia: Ubuntu 21.10 "Impish Indri" - Release amd64 (20211012)
  MachineType: Micro-Star International Co., Ltd. MS-7C91
  PackageArchitecture: all
  ProcEnviron:
   LANG=en_US.UTF-8
   PATH=(custom, no user)
   SHELL=/bin/bash
   TERM=xterm-256color
  PulseList: Error: command ['pacmd', 'list'] failed with exit code 1: No 
PulseAudio daemon running, or not running as session daemon.
  SourcePackage: alsa-driver
  Symptom: audio
  UpgradeStatus: Upgraded to oracular on 2024-11-09 (24 days ago)
  dmi.bios.date: 10/19/2023
  dmi.bios.release: 5.17
  dmi.bios.vendor: American Megatrends International, LLC.
  dmi.bios.version: A.F0
  dmi.board.asset.tag: To be filled by O.E.M.
  dmi.board.name: MAG B550 TOMAHAWK (MS-7C91)
  dmi.board.vendor: Micro-Star International Co., Ltd.
  dmi.board.version: 2.0
  dmi.chassis.asset.tag: To be filled by O.E.M.
  dmi.chassis.type: 3
  dmi.chassis.vendor: Micro-Star International Co., Ltd.
  dmi.chassis.version: 2.0
  dmi.modalias: 
dmi:bvnAmericanMegatrendsInternational,LLC.:bvrA.F0:bd10/19/2023:br5.17:svnMicro-StarInternationalCo.,Ltd.:pnMS-7C91:pvr2.0:rvnMicro-StarInternationalCo.,Ltd.:rnMAGB550TOMAHAWK(MS-7C91):rvr2.0:cvnMicro-StarInternationalCo.,Ltd.:ct3:cvr2.0:skuTobefilledbyO.E.M.:
  dmi.product.family: To be filled by O.E.M.
  dmi.product.name: MS-7C91
  dmi.product.sku: To be filled by O.E.M.
  dmi.product.version: 2.0
  dmi.sys.vendor: Micro-Star International Co., Ltd.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/alsa-driver/+bug/2090946/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2090972] Re: /boot intermittently fails to mount on boot

2024-12-04 Thread Matthew Ruffell 
Attached is a V2 debdiff for noble

** Patch added: "Debdiff for util-linux on noble V2"
   
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/2090972/+attachment/5842243/+files/lp2090972_noble_v2.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/2090972

Title:
  /boot intermittently fails to mount on boot

Status in util-linux package in Ubuntu:
  In Progress
Status in util-linux source package in Noble:
  In Progress
Status in util-linux source package in Oracular:
  In Progress
Status in util-linux source package in Plucky:
  In Progress

Bug description:
  [Impact]

  Starting on Noble, we see /boot fail to mount in approximately one out
  of every two thousand boots.  The error looks like this:

     Found device dev-disk-by\x2dlabel-BOOT.device - QEMU NVMe Ctrl BOOT.
     Starting systemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT...
     Checking in progress on 1 disk (0.0% complete)
     Checking in progress on 0 disks (100.0% complete)
     Finished msystemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT.
     Mounting boot.mount - /boot...
     [3.051612] /dev/disk/by-label/BOOT: Can't lookup blockdev
     FAILED Failed to mount boot.mount - /boot.
     See 'systemctl status boot.mount' for details.

  This has resulted in a number of different failure modes for our
  users.

  Anything that needs to interact with /boot during provisioning will
  fail.  This is usually something running update-grub or similar.

  If we manage to succeed in booting, this can cause subsequent kernel
  updates or tools that install kernel modules to fail, because
  update-grub fails.

  We've _also_ seen this manifest on the root filesystem.  In that case,
  the boot succeeded, but the by-label links remain absent.  When this
  occurs, we find installing kernel packages fails because mkinitramfs
  can't locate the root disk by label.

  [ Testcase ]

  It's a vexing problem, and so to reproduce we ran cloud images in a boot
  loop until we could reliably reproduce the problem.  Unfortunately, we
  weren't able to work out anything that made this happen faster, so it's
  been a bit slow coming.

  It turns out the problem here is that libblkid recently added support to
  compute the checksum of the superblocks on ext4 filesystems, and Noble
  is the first release to include a version of util-linux new enough to
  have this feature.  When libblkid determines an ext4 superblock's
  checksum is corrupt, it refuses to identify the device as having a
  filesystem, which leads to the removeal of the uuid and by-label fields.
  systemd-udevd then removes these symlinks.  This is where it all goes
  wrong.

  From our debug traces, it's possible to see this clearly:

  (udev-worker)[208]: nvme0n1p16: Probe /dev/nvme0n1p16 with raid and
  offset=0

  systemd-udevd[208]: 208: libblkid: LOWPROBE: [36] ext4dev:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4dev, got 
D919EB56, expected A47F6CF0
  systemd-udevd[208]: 208: libblkid: LOWPROBE: [37] ext4:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4, got D919EB56, 
expected A47F6CF0

  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', which is no longer 
belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', removing
  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-label/BOOT', which is no longer belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-label/BOOT', removing
  (udev-worker)[208]: nvme0n1p16: Successfully created symlink 
'/dev/block/259:4' to '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: sd-device: Created db file 
'/run/udev/data/b259:4' for 
'/devices/pci:00/:00:01.0/nvme/nvme0/nvme0n1/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Adding watch on '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Device processed (SEQNUM=1630, ACTION=change)
  (udev-worker)[208]: nvme0n1p16: sd-device-monitor(worker): P

[Touch-packages] [Bug 2090972] Re: /boot intermittently fails to mount on boot

2024-12-04 Thread Matthew Ruffell 
** Description changed:

+ [Impact]
+ 
  Starting on Noble, we see /boot fail to mount in approximately one out
  of every two thousand boots.  The error looks like this:
  
-Found device dev-disk-by\x2dlabel-BOOT.device - QEMU NVMe Ctrl BOOT.
-Starting systemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT...
-Checking in progress on 1 disk (0.0% complete)
-Checking in progress on 0 disks (100.0% complete)
-Finished msystemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT.
-Mounting boot.mount - /boot...
-[3.051612] /dev/disk/by-label/BOOT: Can't lookup blockdev
-FAILED Failed to mount boot.mount - /boot.
-See 'systemctl status boot.mount' for details.
+    Found device dev-disk-by\x2dlabel-BOOT.device - QEMU NVMe Ctrl BOOT.
+    Starting systemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT...
+    Checking in progress on 1 disk (0.0% complete)
+    Checking in progress on 0 disks (100.0% complete)
+    Finished msystemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT.
+    Mounting boot.mount - /boot...
+    [3.051612] /dev/disk/by-label/BOOT: Can't lookup blockdev
+    FAILED Failed to mount boot.mount - /boot.
+    See 'systemctl status boot.mount' for details.
  
  This has resulted in a number of different failure modes for our users.
  
  Anything that needs to interact with /boot during provisioning will
  fail.  This is usually something running update-grub or similar.
  
  If we manage to succeed in booting, this can cause subsequent kernel
  updates or tools that install kernel modules to fail, because
  update-grub fails.
  
  We've _also_ seen this manifest on the root filesystem.  In that case,
  the boot succeeded, but the by-label links remain absent.  When this
  occurs, we find installing kernel packages fails because mkinitramfs
  can't locate the root disk by label.
+ 
+ [ Testcase ]
  
  It's a vexing problem, and so to reproduce we ran cloud images in a boot
  loop until we could reliably reproduce the problem.  Unfortunately, we
  weren't able to work out anything that made this happen faster, so it's
  been a bit slow coming.
  
  It turns out the problem here is that libblkid recently added support to
  compute the checksum of the superblocks on ext4 filesystems, and Noble
  is the first release to include a version of util-linux new enough to
  have this feature.  When libblkid determines an ext4 superblock's
  checksum is corrupt, it refuses to identify the device as having a
  filesystem, which leads to the removeal of the uuid and by-label fields.
  systemd-udevd then removes these symlinks.  This is where it all goes
  wrong.
  
  From our debug traces, it's possible to see this clearly:
  
  (udev-worker)[208]: nvme0n1p16: Probe /dev/nvme0n1p16 with raid and
  offset=0
  
  systemd-udevd[208]: 208: libblkid: LOWPROBE: [36] ext4dev:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4dev, got 
D919EB56, expected A47F6CF0
  systemd-udevd[208]: 208: libblkid: LOWPROBE: [37] ext4:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4, got D919EB56, 
expected A47F6CF0
  
  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', which is no longer 
belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', removing
  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-label/BOOT', which is no longer belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-label/BOOT', removing
  (udev-worker)[208]: nvme0n1p16: Successfully created symlink 
'/dev/block/259:4' to '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: sd-device: Created db file 
'/run/udev/data/b259:4' for 
'/devices/pci:00/:00:01.0/nvme/nvme0/nvme0n1/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Adding watch on '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Device processed (SEQNUM=1630, ACTION=change)
  (udev-worker)[208]: nvme0n1p16: sd-device-monitor(worker): Passed 1315 byte 
to netlink monitor.
  
+ We've also been running with a version of this patch backported to
+ 2.39.3-9ubun

[Touch-packages] [Bug 2090972] Re: /boot intermittently fails to mount on boot

2024-12-04 Thread Matthew Ruffell 
Attached is a debdiff for plucky that solves this issue.

** Patch added: "Debdff for util-linux on plucky"
   
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/2090972/+attachment/5842236/+files/lp2090972_plucky.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/2090972

Title:
  /boot intermittently fails to mount on boot

Status in util-linux package in Ubuntu:
  In Progress
Status in util-linux source package in Noble:
  In Progress
Status in util-linux source package in Oracular:
  In Progress
Status in util-linux source package in Plucky:
  In Progress

Bug description:
  [Impact]

  Starting on Noble, we see /boot fail to mount in approximately one out
  of every two thousand boots.  The error looks like this:

     Found device dev-disk-by\x2dlabel-BOOT.device - QEMU NVMe Ctrl BOOT.
     Starting systemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT...
     Checking in progress on 1 disk (0.0% complete)
     Checking in progress on 0 disks (100.0% complete)
     Finished msystemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT.
     Mounting boot.mount - /boot...
     [3.051612] /dev/disk/by-label/BOOT: Can't lookup blockdev
     FAILED Failed to mount boot.mount - /boot.
     See 'systemctl status boot.mount' for details.

  This has resulted in a number of different failure modes for our
  users.

  Anything that needs to interact with /boot during provisioning will
  fail.  This is usually something running update-grub or similar.

  If we manage to succeed in booting, this can cause subsequent kernel
  updates or tools that install kernel modules to fail, because
  update-grub fails.

  We've _also_ seen this manifest on the root filesystem.  In that case,
  the boot succeeded, but the by-label links remain absent.  When this
  occurs, we find installing kernel packages fails because mkinitramfs
  can't locate the root disk by label.

  [ Testcase ]

  It's a vexing problem, and so to reproduce we ran cloud images in a boot
  loop until we could reliably reproduce the problem.  Unfortunately, we
  weren't able to work out anything that made this happen faster, so it's
  been a bit slow coming.

  It turns out the problem here is that libblkid recently added support to
  compute the checksum of the superblocks on ext4 filesystems, and Noble
  is the first release to include a version of util-linux new enough to
  have this feature.  When libblkid determines an ext4 superblock's
  checksum is corrupt, it refuses to identify the device as having a
  filesystem, which leads to the removeal of the uuid and by-label fields.
  systemd-udevd then removes these symlinks.  This is where it all goes
  wrong.

  From our debug traces, it's possible to see this clearly:

  (udev-worker)[208]: nvme0n1p16: Probe /dev/nvme0n1p16 with raid and
  offset=0

  systemd-udevd[208]: 208: libblkid: LOWPROBE: [36] ext4dev:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4dev, got 
D919EB56, expected A47F6CF0
  systemd-udevd[208]: 208: libblkid: LOWPROBE: [37] ext4:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4, got D919EB56, 
expected A47F6CF0

  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', which is no longer 
belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', removing
  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-label/BOOT', which is no longer belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-label/BOOT', removing
  (udev-worker)[208]: nvme0n1p16: Successfully created symlink 
'/dev/block/259:4' to '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: sd-device: Created db file 
'/run/udev/data/b259:4' for 
'/devices/pci:00/:00:01.0/nvme/nvme0/nvme0n1/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Adding watch on '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Device processed (SEQNUM=1630, ACTION=change)
  (udev-worker)[208]: nvme0n1p16: sd-device-m

[Touch-packages] [Bug 2090972] Re: /boot intermittently fails to mount on boot

2024-12-04 Thread Matthew Ruffell 
Attached is a debdiff for oracular that solves this problem

** Patch added: "Debdiff for util-linux on oracular"
   
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/2090972/+attachment/5842237/+files/lp2090972_oracular.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/2090972

Title:
  /boot intermittently fails to mount on boot

Status in util-linux package in Ubuntu:
  In Progress
Status in util-linux source package in Noble:
  In Progress
Status in util-linux source package in Oracular:
  In Progress
Status in util-linux source package in Plucky:
  In Progress

Bug description:
  [Impact]

  Starting on Noble, we see /boot fail to mount in approximately one out
  of every two thousand boots.  The error looks like this:

     Found device dev-disk-by\x2dlabel-BOOT.device - QEMU NVMe Ctrl BOOT.
     Starting systemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT...
     Checking in progress on 1 disk (0.0% complete)
     Checking in progress on 0 disks (100.0% complete)
     Finished msystemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT.
     Mounting boot.mount - /boot...
     [3.051612] /dev/disk/by-label/BOOT: Can't lookup blockdev
     FAILED Failed to mount boot.mount - /boot.
     See 'systemctl status boot.mount' for details.

  This has resulted in a number of different failure modes for our
  users.

  Anything that needs to interact with /boot during provisioning will
  fail.  This is usually something running update-grub or similar.

  If we manage to succeed in booting, this can cause subsequent kernel
  updates or tools that install kernel modules to fail, because
  update-grub fails.

  We've _also_ seen this manifest on the root filesystem.  In that case,
  the boot succeeded, but the by-label links remain absent.  When this
  occurs, we find installing kernel packages fails because mkinitramfs
  can't locate the root disk by label.

  [ Testcase ]

  It's a vexing problem, and so to reproduce we ran cloud images in a boot
  loop until we could reliably reproduce the problem.  Unfortunately, we
  weren't able to work out anything that made this happen faster, so it's
  been a bit slow coming.

  It turns out the problem here is that libblkid recently added support to
  compute the checksum of the superblocks on ext4 filesystems, and Noble
  is the first release to include a version of util-linux new enough to
  have this feature.  When libblkid determines an ext4 superblock's
  checksum is corrupt, it refuses to identify the device as having a
  filesystem, which leads to the removeal of the uuid and by-label fields.
  systemd-udevd then removes these symlinks.  This is where it all goes
  wrong.

  From our debug traces, it's possible to see this clearly:

  (udev-worker)[208]: nvme0n1p16: Probe /dev/nvme0n1p16 with raid and
  offset=0

  systemd-udevd[208]: 208: libblkid: LOWPROBE: [36] ext4dev:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4dev, got 
D919EB56, expected A47F6CF0
  systemd-udevd[208]: 208: libblkid: LOWPROBE: [37] ext4:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4, got D919EB56, 
expected A47F6CF0

  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', which is no longer 
belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', removing
  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-label/BOOT', which is no longer belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-label/BOOT', removing
  (udev-worker)[208]: nvme0n1p16: Successfully created symlink 
'/dev/block/259:4' to '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: sd-device: Created db file 
'/run/udev/data/b259:4' for 
'/devices/pci:00/:00:01.0/nvme/nvme0/nvme0n1/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Adding watch on '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Device processed (SEQNUM=1630, ACTION=change)
  (udev-worker)[208]: nvme0n1p16: sd-

[Touch-packages] [Bug 2090972] Re: /boot intermittently fails to mount on boot

2024-12-04 Thread Matthew Ruffell 
Attached is a debdiff for noble which solves this issue.

** Patch added: "Debdiff for util-linux on noble"
   
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/2090972/+attachment/5842238/+files/lp2090972_noble.debdiff

** Changed in: util-linux (Ubuntu Noble)
   Status: New => In Progress

** Changed in: util-linux (Ubuntu Oracular)
   Status: New => In Progress

** Changed in: util-linux (Ubuntu Plucky)
   Status: Confirmed => In Progress

** Changed in: util-linux (Ubuntu Noble)
   Importance: Undecided => High

** Changed in: util-linux (Ubuntu Oracular)
   Importance: Undecided => High

** Changed in: util-linux (Ubuntu Plucky)
   Importance: Undecided => High

** Changed in: util-linux (Ubuntu Noble)
 Assignee: (unassigned) => Matthew Ruffell (mruffell)

** Changed in: util-linux (Ubuntu Plucky)
 Assignee: (unassigned) => Matthew Ruffell (mruffell)

** Changed in: util-linux (Ubuntu Oracular)
 Assignee: (unassigned) => Matthew Ruffell (mruffell)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/2090972

Title:
  /boot intermittently fails to mount on boot

Status in util-linux package in Ubuntu:
  In Progress
Status in util-linux source package in Noble:
  In Progress
Status in util-linux source package in Oracular:
  In Progress
Status in util-linux source package in Plucky:
  In Progress

Bug description:
  [Impact]

  Starting on Noble, we see /boot fail to mount in approximately one out
  of every two thousand boots.  The error looks like this:

     Found device dev-disk-by\x2dlabel-BOOT.device - QEMU NVMe Ctrl BOOT.
     Starting systemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT...
     Checking in progress on 1 disk (0.0% complete)
     Checking in progress on 0 disks (100.0% complete)
     Finished msystemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT.
     Mounting boot.mount - /boot...
     [3.051612] /dev/disk/by-label/BOOT: Can't lookup blockdev
     FAILED Failed to mount boot.mount - /boot.
     See 'systemctl status boot.mount' for details.

  This has resulted in a number of different failure modes for our
  users.

  Anything that needs to interact with /boot during provisioning will
  fail.  This is usually something running update-grub or similar.

  If we manage to succeed in booting, this can cause subsequent kernel
  updates or tools that install kernel modules to fail, because
  update-grub fails.

  We've _also_ seen this manifest on the root filesystem.  In that case,
  the boot succeeded, but the by-label links remain absent.  When this
  occurs, we find installing kernel packages fails because mkinitramfs
  can't locate the root disk by label.

  [ Testcase ]

  It's a vexing problem, and so to reproduce we ran cloud images in a boot
  loop until we could reliably reproduce the problem.  Unfortunately, we
  weren't able to work out anything that made this happen faster, so it's
  been a bit slow coming.

  It turns out the problem here is that libblkid recently added support to
  compute the checksum of the superblocks on ext4 filesystems, and Noble
  is the first release to include a version of util-linux new enough to
  have this feature.  When libblkid determines an ext4 superblock's
  checksum is corrupt, it refuses to identify the device as having a
  filesystem, which leads to the removeal of the uuid and by-label fields.
  systemd-udevd then removes these symlinks.  This is where it all goes
  wrong.

  From our debug traces, it's possible to see this clearly:

  (udev-worker)[208]: nvme0n1p16: Probe /dev/nvme0n1p16 with raid and
  offset=0

  systemd-udevd[208]: 208: libblkid: LOWPROBE: [36] ext4dev:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4dev, got 
D919EB56, expected A47F6CF0
  systemd-udevd[208]: 208: libblkid: LOWPROBE: [37] ext4:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4, got D919EB56, 
expected A47F6CF0

  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', which is no longer 
belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No referen

[Touch-packages] [Bug 2090972] Re: /boot intermittently fails to mount on boot

2024-12-04 Thread Ubuntu Foundations Team Bug Bot 
The attachment "libblkid noble patch" seems to be a patch.  If it isn't,
please remove the "patch" flag from the attachment, remove the "patch"
tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the
team.

[This is an automated message performed by a Launchpad user owned by
~brian-murray, for any issues please contact him.]

** Tags added: patch

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/2090972

Title:
  /boot intermittently fails to mount on boot

Status in util-linux package in Ubuntu:
  In Progress
Status in util-linux source package in Noble:
  In Progress
Status in util-linux source package in Oracular:
  In Progress
Status in util-linux source package in Plucky:
  In Progress

Bug description:
  [Impact]

  Starting on Noble, we see /boot fail to mount in approximately one out
  of every two thousand boots.  The error looks like this:

     Found device dev-disk-by\x2dlabel-BOOT.device - QEMU NVMe Ctrl BOOT.
     Starting systemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT...
     Checking in progress on 1 disk (0.0% complete)
     Checking in progress on 0 disks (100.0% complete)
     Finished msystemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT.
     Mounting boot.mount - /boot...
     [3.051612] /dev/disk/by-label/BOOT: Can't lookup blockdev
     FAILED Failed to mount boot.mount - /boot.
     See 'systemctl status boot.mount' for details.

  This has resulted in a number of different failure modes for our
  users.

  Anything that needs to interact with /boot during provisioning will
  fail.  This is usually something running update-grub or similar.

  If we manage to succeed in booting, this can cause subsequent kernel
  updates or tools that install kernel modules to fail, because
  update-grub fails.

  We've _also_ seen this manifest on the root filesystem.  In that case,
  the boot succeeded, but the by-label links remain absent.  When this
  occurs, we find installing kernel packages fails because mkinitramfs
  can't locate the root disk by label.

  [ Testcase ]

  It's a vexing problem, and so to reproduce we ran cloud images in a boot
  loop until we could reliably reproduce the problem.  Unfortunately, we
  weren't able to work out anything that made this happen faster, so it's
  been a bit slow coming.

  It turns out the problem here is that libblkid recently added support to
  compute the checksum of the superblocks on ext4 filesystems, and Noble
  is the first release to include a version of util-linux new enough to
  have this feature.  When libblkid determines an ext4 superblock's
  checksum is corrupt, it refuses to identify the device as having a
  filesystem, which leads to the removeal of the uuid and by-label fields.
  systemd-udevd then removes these symlinks.  This is where it all goes
  wrong.

  From our debug traces, it's possible to see this clearly:

  (udev-worker)[208]: nvme0n1p16: Probe /dev/nvme0n1p16 with raid and
  offset=0

  systemd-udevd[208]: 208: libblkid: LOWPROBE: [36] ext4dev:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4dev, got 
D919EB56, expected A47F6CF0
  systemd-udevd[208]: 208: libblkid: LOWPROBE: [37] ext4:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4, got D919EB56, 
expected A47F6CF0

  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', which is no longer 
belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', removing
  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-label/BOOT', which is no longer belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-label/BOOT', removing
  (udev-worker)[208]: nvme0n1p16: Successfully created symlink 
'/dev/block/259:4' to '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: sd-device: Created db file 
'/run/udev/data/b259:4' for 
'/devices/pci:00/:00:01.0/nvme/nvme0/nvme0n1/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Adding watch on '/dev/nvm

[Touch-packages] [Bug 2090828] Re: coredump pkexec oracular-proposed

2024-12-04 Thread Yves Roggeman 
*** This bug is a duplicate of bug 2089145 ***
https://bugs.launchpad.net/bugs/2089145

Same bug as #2089145 
.
Sorry for that.

Seems to be corrected with new version 124-2ubuntu1.24.10.2

** This bug has been marked a duplicate of bug 2089145
   Backport patch to read actions from /etc and /run

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to policykit-1 in Ubuntu.
https://bugs.launchpad.net/bugs/2090828

Title:
  coredump pkexec oracular-proposed

Status in policykit-1 package in Ubuntu:
  New

Bug description:
  After upgrading policykit-1 package to version 124-2ubuntu1.24.10.1 from 
oracular-proposed repository, access to admin from gui becomes impossible.
  Only way: sudo from terminal.
  Trying pkexec from terminal crashes with a coredump.

  Comming back to stable version 124-2ubuntu1 solves the problem

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/2090828/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2083129] Re: [Lenovo Ubuntu 24.04.4 Bug] netplan static IP address assignment use NetworkManager as renderer would be lost static ip

2024-12-04 Thread Lukas Märdian 
Thanks for the additional logs, those are very curious..

"""
Sep 5 05:55:40 MonacoSIT4 NetworkManager[3448]:  [1725530140.8548] 
keyfile: load: 
"/run/NetworkManager/system-connections/netplan-ens5f1np1.nmconnection": failed 
to load connection: cannot access file: No such file or directory
"""

"netplan-ens5f1np1.nmconnection" is clearly a Netplan generated
connection profile, that NetworkManager is apparently aware of,
otherwise it wouldn't try loading it. But at the time of reading it, it
seems to be gone (deleted?).

I'm not exactly sure what's happening here, maybe some race condition
with a "systemd daemon-reload" running in parallel, that makes Netplan
delete and re-generate the configuration files at the very same time
that NM tries reading them. This needs more investigation.

** Also affects: netplan.io (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to network-manager in Ubuntu.
https://bugs.launchpad.net/bugs/2083129

Title:
  [Lenovo Ubuntu 24.04.4  Bug] netplan static IP address assignment  use
  NetworkManager as renderer would be lost static ip

Status in netplan.io package in Ubuntu:
  New
Status in network-manager package in Ubuntu:
  New

Bug description:
  On Ubuntu 22.04.4, to configure a system to use static address assignment, 
create a netplan configuration in the file, like
  /etc/netplan/00-installer-config.yaml. After assigning the network 
configuration abstraction renderer to NetworkManager not networkd in 
/etc/netplan/00-installer-config.yaml, then we do warm reboot test, some of the 
NIC interface lost their static ip in some reboot cycles when the rendered is 
NetworkManager, but networkd as a renderer is works well, all NIC interfaces 
can get their corresponding IP that configured in netplan confile file.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/netplan.io/+bug/2083129/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2086773] Re: pkcon does not ask debconf questions in Wayland

2024-12-04 Thread Alessandro Astone 
Also verified
* packagekit=1.2.8-2ubuntu1 on Ubuntu 24.04.1 LTS
* packagekit=1.2.5-2ubuntu3 on Ubuntu 22.04.5 LTS

While installing I correctly get prompted graphically with a debconf
question.

** Tags removed: verification-needed verification-needed-jammy 
verification-needed-noble
** Tags added: verification-done verification-done-jammy verification-done-noble

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to packagekit in Ubuntu.
https://bugs.launchpad.net/bugs/2086773

Title:
  pkcon does not ask debconf questions in Wayland

Status in packagekit package in Ubuntu:
  Fix Released
Status in packagekit source package in Jammy:
  Fix Committed
Status in packagekit source package in Noble:
  Fix Committed
Status in packagekit source package in Oracular:
  Fix Committed

Bug description:
  [ Impact ]

  `pkcon` is configured to launch the Gtk debconf helper to ask debconf 
questions graphically.
  This works in Xorg desktop sessions, but does not work in Wayland desktop 
sessions.

  That is because it starts the Gtk program with a blank environment and
  only adds the DISPLAY environment variable, but not WAYLAND_DISPLAY
  nor XAUTHORITY which would at least have allowed it to display over
  XWayland.

  This is fixed by exposing the WAYLAND_DISPLAY and/or XAUTHORITY
  environment variables to the Gtk program.

  [ Test Case ]

  1. Log-in to a Wayland desktop session
  2. Download `noisy-fake-driver_0.6_amd64.deb` from the attachments.
  3. Run `pkcon install-local ~/Downloads/noisy-fake-driver_0.6_amd64.deb`
  4. Complete the installation
  5. Verify that you saw the "Do you see this message?" question

  [ Where problems could occur ]

  It's fair to assume that the graphical debconf helper hasn't received
  much testing recently, with `apt` defaulting to the text-base helper
  and `pkcon` failing to show it in Wayland; so it's possible that it
  doesn't work well.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/packagekit/+bug/2086773/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2083131] Re: Bash's builtin command "printf" has a grave functionality bug - fails to print the format like "%.2f .1"

2024-12-04 Thread Agathe Porte 
Hello,

Can confirm the test plan works with the version in oracular-proposed:

ubuntu@oracular:~$ dpkg -l bash
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name   Version   Architecture Description
+++-==-=--=
ii  bash   5.2.32-1ubuntu1.1 amd64GNU Bourne Again SHell
ubuntu@oracular:~$ bash -c 'printf "%.2f\n" 0.1'
0.10

Marking as verification-done-oracular.

** Tags removed: verification-needed-oracular
** Tags added: verification-done-oracular

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to bash in Ubuntu.
https://bugs.launchpad.net/bugs/2083131

Title:
  Bash's builtin command "printf" has a grave functionality bug - fails
  to print the format like "%.2f .1"

Status in bash package in Ubuntu:
  Fix Released
Status in bash source package in Oracular:
  Fix Committed
Status in bash source package in Plucky:
  Fix Released
Status in bash package in Debian:
  Confirmed

Bug description:
  [Impact]

  Programs relying on the builtin printf function of bash stop working
  correctly when trying to format numbers with %f.

  [Test Plan]

  Run the following command, which currently returns "-nan" while it
  should return 52.12:

  $ bash -c "printf %.2f 52.123"

  [Where problems could occur]

  Unknown regressions in the formatting after applying the patch.

  [Original Bug Report]

  As reported in the upstream Debian Linux:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078556
  Bash's builtin command "printf" has a grave functionality bug - fails to 
print the format like "%.2f .1".

  # bash --version
  GNU bash, version 5.2.32(1)-release (x86_64-pc-linux-gnu)
  Copyright (C) 2022 Free Software Foundation, Inc.
  License GPLv3+: GNU GPL version 3 or later 

  This is free software; you are free to change and redistribute it.
  There is NO WARRANTY, to the extent permitted by law.

  # printf "%.2f\n" 0.1
  nan

  As mentioned in the above URL, upstream's configure-strtold-check patch:
  
https://bugs.debian.org/cgi-bin/bugreport.cgi?att=1;bug=1078556;filename=configure-strtold-check;msg=20

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bash/+bug/2083131/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2089145] Re: Backport patch to read actions from /etc and /run

2024-12-04 Thread Philip Meulengracht 
Hey!

policykit-1/124-2ubuntu1.24.10.2
 - Works on Oracular and loads actions from /etc, verified with pkaction

policykit-1/124-2ubuntu1.24.04.2
 - Works on Noble and loads actions from /etc as well, verified again with 
pkaction

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to policykit-1 in Ubuntu.
https://bugs.launchpad.net/bugs/2089145

Title:
  Backport patch to read actions from /etc and /run

Status in policykit-1 package in Ubuntu:
  Fix Released
Status in policykit-1 source package in Noble:
  Fix Committed
Status in policykit-1 source package in Oracular:
  Fix Committed

Bug description:
  Hey!

  I would like to request a SRU of the following upstream PR for Noble.

  https://github.com/polkit-org/polkit/pull/499

  I have applied this to ubuntu/noble-updates and produced a new patch
  that is attached with identical changes. The PR does not apply
  directly due to mismatch in a couple of lines that differ from
  upstream.

  [ Impact ]

  On Ubuntu Core we've had not historically carried polkit before, it
  has only recently been decided to include polkit into the Core24 base
  (and future bases), so this has not been an issue up until now. The
  decision changed as Core Desktop is moving its architecture to using
  the official core24 base snap as their base for all the desktop snaps.

  Core Desktop needs to use polkit for the desktop/user environment, but
  this brings us to this request.

  The polkit version currently in Noble does only support reading
  actions from /usr/share/polkit-1/actions, but this is a protected
  read-only path on Ubuntu Core. We could change this and map this path
  into the writable area, but this would bring us into transition issues
  when/if people want to migrate from core24 to core26 (i.e
  remodelling), where newer polkit supports reading actions from /etc.
  This would leave files in a weird state moving away from mapping that
  path, to the more appropriate /etc.

  The more sustainable plan is to SRU the mentioned patch, allowing
  polkit to read actions from /etc, and would provide us with more
  consistent behaviour moving forward with newer bases, that may contain
  newer polkit versions that naturally support /etc.

  [ Test plan ]

  1. Install the package from proposed.
  2. If no authentication agent is running, start one: 
/usr/lib/policykit-1-gnome/polkit-gnome-authentication-agent
  3. Execute 'firewall-cmd --list-services'.

  A dialogue should appear, input your password and see that command
  returns normally, in a unaltered setup it says dhcpv6-client ssh.

  [ Where problems could occur ]

   * Think about what the upload changes in the software. Imagine the
     change is wrong or breaks something else: how would this show up?

  Since this is about loading actions, any issues resulting from this
  change should show up immediately by identifying whether the actions
  are loaded.

   * It is assumed that any SRU candidate patch is well-tested before
     upload and has a low overall risk of regression, but it's important
     to make the effort to think about what ''could'' happen in the event
     of a regression.

  In case of a regression, actions from /usr/share/polkit-1/actions
  would not be loaded either.

   * This must never be "None" or "Low", or entirely an argument as to why
     your upload is low risk.

  I would indicate this is a 'Medium' in risk, as this code change is
  very isolated. There is no functional or behavioural changes. This is
  specifically the places we load configuration / actions from.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/policykit-1/+bug/2089145/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

Re: [Touch-packages] [Bug 2090805] Re: gdm blank screen

2024-12-04 Thread Paul-Andre Panon 
Thanks for your suggestions. Since I don't have a GUI,  sending you a copy
of the boot journal and attaching it to this ticket is a bit of a pain and
I've been busy with work.

A bunch of points:
1. My boot sequence is messed up. I no longer see a grub boot menu so I can
choose alternative boot options like old kernels or recovery mode. I tried
to change /ec/default/grub to include
GRUB_TIMEOUT_STYLE=countdown
GRUB_TIMEOUT=3
and
When I first rebooted after the initial broken package update,  a whole
bunch of red errors scrolled by too fast to see. It took me a while to
think of trying to use the Ctl-Alt-F2 virtual console so by the time I did,
its dmesg history file was gone. Those large groups of red-highlighted
errors only were displayed the first time.

2, When I boot now, I do see some text after some point, There's a long
wait after
Starting systemd=networkd-wait-onl ait for Network to be configured

a bunch of lines with
12c 12c-3 , adapter quick: no zero length (addr 0x0018, size 0, wr

for addr values of 12, 19, 1a, 29, 2a ,2b, 4c, 4d, 4e, 48
Job systemd-networkd-wait-online-service/start running (1min xxs/unlimited)
It times out at 2min. I do seem to get an IP address, so I'm not sure what
it's waiting and timing out on, or whether it's even relevant here.

3. While the sssd package is installed it's not actually configured to
do anything (no /etc/sssd/sssd.conf file)
I tried to set up an sssd.conf .file for LOCAL domain, but that just caused
errors, so for now I've just disabled sss entries in /etc/nsswitch.conf
(still keeping other entries like files and systemd) with no success.

While it may not be fair, I'm more likely to blame snap. I've had no end of
issues with snap locking firefox and chrome so that they won't
startup, persistently across reboots. So with parts of gnome as snaps, I am
more likely to be suspicious of snap, absent any reason to suspect anything
else. I've just found it very unstable and had switched back to PPA deb
package builds of the browsers to eliminate their hangs, and the apps had
been rock-steady since. Though it is challenging to run a browser without a
gui. lynx doesn't quite cut it.

Thanks for your suggestions so far and looking forward to what you make of
this boot journal

On Mon, Dec 2, 2024 at 9:20 AM Alessandro Astone <2090...@bugs.launchpad.net>
wrote:

> Thank you for the bug report.
>
> Judging by the DpkgLog.txt the upgrade that triggered your issue seems
> to include:
>
> linux-firmware:all 20220329.git681281e4-0ubuntu3.35
> 20220329.git681281e4-0ubuntu3.36
> linux-generic:amd64 5.15.0.125.124 5.15.0.126.125
> linux-image-generic:amd64 5.15.0.125.124 5.15.0.126.125
> linux-headers-generic:amd64 5.15.0.125.124 5.15.0.126.125
> ubuntu-core-launcher:amd64 2.65.3+22.04 2.66.1+22.04
> snapd:amd64 2.65.3+22.04 2.66.1+22.04
> alsa-ucm-conf:all 1.2.6.3-1ubuntu1.11 1.2.6.3-1ubuntu1.12
> gnome-control-center-data:all 1:41.7-0ubuntu0.22.04.8
> 1:41.7-0ubuntu0.22.04.9
> gnome-control-center:amd64 1:41.7-0ubuntu0.22.04.8 1:41.7-0ubuntu0.22.04.9
> gnome-control-center-faces:all 1:41.7-0ubuntu0.22.04.8
> 1:41.7-0ubuntu0.22.04.9
> gnome-shell-extension-ubuntu-dock:all 72~ubuntu5.22.04.2.1
> 72~ubuntu5.22.04.3
> lintian:all 2.114.0ubuntu1.4 2.114.0ubuntu1.5
> linux-libc-dev:amd64 5.15.0-125.135 5.15.0-126.136
> linux-tools-common:all 5.15.0-125.135 5.15.0-126.136
> sosreport:amd64 4.5.6-0ubuntu1~22.04.2 4.7.2-0ubuntu1~22.04.1
> teamviewer:amd64 15.58.4 15.60.3
> sssd:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> python3-sss:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> sssd-proxy:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> sssd-krb5:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> sssd-ad:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> sssd-ldap:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> sssd-ipa:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> sssd-krb5-common:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> sssd-ad-common:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> sssd-common:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> libnss-sss:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> libpam-sss:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> libsss-certmap0:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> libsss-nss-idmap0:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> libsss-idmap0:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
> libipa-hbac0:amd64 2.6.3-1ubuntu3.3 2.6.3-1ubuntu3.4
>
> The highest suspect packages there would be sssd or the kernel.
>
> But we need more information to debug the issue.
> Are you able to provide a journal file?
>
> Boot the machine, reproduce the issue, switch virtual console, run:
>   journalctl -b0 > journal.txt
> and attach the file here.
>
> Then, if you suspect this is an issue with the display manager, you could
> try starting a desktop session from the terminal with:
>   XDG_SESSION_TYPE=wayland dbus-run-session gnome-session
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/2090805
>
> Title:
>   gdm blank screen
>
> Status in

[Touch-packages] [Bug 2089923] Re: Please merge 1:4.16.0-5 into plucky

2024-12-04 Thread Skia 
Autopkgtest is green on my local PPA (except for i386, but baseline is red 
since at least focal here):
```
$ ppa tests hyask/shadow-merge-lp2089923
[...]
  - shadow/1:4.16.0-5ubuntu1~skiappa4
+ ✅ shadow on plucky for amd64   @ 04.12.24 08:40:34  Log️ 🗒️
+ ✅ shadow on plucky for arm64   @ 04.12.24 10:02:33  Log️ 🗒️
+ ✅ shadow on plucky for armhf   @ 04.12.24 08:41:14  Log️ 🗒️
+ ⛔ shadow on plucky for i386@ 04.12.24 08:34:09  Log️ 🗒️
  • testbed   BAD⛔
+ ✅ shadow on plucky for ppc64el @ 04.12.24 08:44:56  Log️ 🗒️
+ ✅ shadow on plucky for s390x   @ 04.12.24 11:14:52  Log️ 🗒️
```
Reproducer for bug 2049529 also fails to reproduce with this new version on my 
machine.

All in all, ready for review here:
https://code.launchpad.net/~hyask/ubuntu/+source/shadow/+git/shadow/+merge/477650

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to shadow in Ubuntu.
https://bugs.launchpad.net/bugs/2089923

Title:
  Please merge 1:4.16.0-5 into plucky

Status in shadow package in Ubuntu:
  In Progress

Bug description:
  tracking bug

  Ubuntu plucky: 1:4.15.3-3ubuntu2
  Debian unstable: 1:4.16.0-5

  ### New Debian Changes ###

  shadow (1:4.16.0-5) unstable; urgency=medium

[ Chris Hofstaedtler ]
* Always build with btrfs support on linux-any (Closes: #856557)
* debputy.manifest: merge path-metadata entries
* login.defs: remove info about write(1)
  Which is not part of Debian trixie. (Closes: #1087519)

[ Pino Toscano ]
* Include , fixing the build on GNU/Hurd

   -- Chris Hofstaedtler   Fri, 15 Nov 2024 20:30:32
  +0100

  shadow (1:4.16.0-4) unstable; urgency=medium

* Drop Debian-only cppw, cpgr tools (Closes: #750752)
* Stop patching login, not installed anymore
* Define LOGIN_NAME_MAX on HURD
* Remove libsystemd-dev Build-Depends.
  Only necessary for login(1).
* Stop building programs we do not install

   -- Chris Hofstaedtler   Tue, 06 Aug 2024 00:29:18
  +0200

  shadow (1:4.16.0-3) unstable; urgency=medium

* Upload to unstable.
* Fix FTBFS on hurd.
  DEB_HOST_ARCH_OS was unset.

   -- Chris Hofstaedtler   Mon, 05 Aug 2024 17:21:27
  +0200

  shadow (1:4.16.0-2) experimental; urgency=medium

* passwd: switch Depends from login to login.defs
  login will again be installed on fewer systems, but existing installs
  will retain it (it is Protected: yes).
* Drop login package, to allow takeover by util-linux.
  Move shadow.mo to Package: passwd, have passwd Replaces: older login.
* login.defs: ship manpage
* Re-add workarounds for tests in tests/tests directory.
  4.15.3 fixed this, but 4.16.0 happened earlier.

   -- Chris Hofstaedtler   Mon, 05 Aug 2024 02:36:29
  +0200

  shadow (1:4.16.0-1) experimental; urgency=medium

* New upstream version 4.16.0
  * Rebase patches
* Split /etc/login.defs into its own binary package (Closes: #1074394)
* Rename libsubid4 to libsubid5 (soname bump)
* d/watch: add versionmangle for -rc

   -- Chris Hofstaedtler   Fri, 02 Aug 2024 17:35:29
  +0200

  
  ### Old Ubuntu Delta ###

  shadow (1:4.15.3-3ubuntu2) oracular; urgency=medium

* d/p : disallow pure numeric user and group names (LP: #2076898)

   -- Hector Cao   Tue, 13 Aug 2024 12:15:06
  +0200

  shadow (1:4.15.3-3ubuntu1) oracular; urgency=medium

* Merge with Debian unstable. Remaining changes (LP: #2073338):
  - d/p/* : Enable private home directories by default
  - debian/{source_shadow.py,login.install}: Add apport hook
  - debian/patches/1010_extrausers.patch:
+ Add support to passwd for libnss-extrausers
+ Add automatic detection of "extrausers" for usermod -G
  - d/p/1011_extrausers_toggle.patch: extrausers support for 
useradd/groupadd
  - d/p/1012_extrausers_chfn.patch: --extrausers support for chfn tool
This patch has been refreshed to remove "implicit function declaration"
warning
  - d/p/1013_extrausers_deluser.patch: --extrausers support for userdel
  - d/p/1014_extrausers_delgroup.patch: --extrausers support for groupdel
This patch has been refreshed to remove "implicit function declaration"
warning
  - d/p/1015_add_zsys_support.patch: zsys to handle home dir if available
  - d/p/1016_extrausers_gpasswd.patch: extrausers support for gpasswd
  - d/p/506_relaxed_usernames.patch, d/t/{control,numeric-username}:
+ disallow purely numeric usernames
  The patch has been integrated in debian but we still have to
  keep the tests
  - d/t/smoke: Extend for extrausers support
  - Add some cursory tests for the extrausers features
  - d/p/lp2063200: fix useradd group validation with extrausers (LP 2063200)

  Dropped changes:
  - debian/login.defs: Update documentation of USERGROUPS_ENAB/UMASK
Reason: Integrated upstream
  - Fix ftbfs wi

[Touch-packages] [Bug 2090999] [NEW] Please merge busybox 1:1.37.0-4 into plucy

2024-12-04 Thread Ravi Kant Sharma 
Public bug reported:

tracking bug

** Affects: busybox (Ubuntu)
 Importance: Undecided
 Assignee: Ravi Kant Sharma (ravi-sharma)
 Status: In Progress

** Changed in: busybox (Ubuntu)
 Assignee: (unassigned) => Ravi Kant Sharma (ravi-sharma)

** Changed in: busybox (Ubuntu)
   Status: New => In Progress

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to busybox in Ubuntu.
https://bugs.launchpad.net/bugs/2090999

Title:
  Please merge busybox 1:1.37.0-4 into plucy

Status in busybox package in Ubuntu:
  In Progress

Bug description:
  tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/busybox/+bug/2090999/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2080358] Re: liblxc-common: AppArmor-Profile for /usr/bin/lxc-copy contains rule for lxc-start

2024-12-04 Thread Nicolas Schier 
I set the bug to 'new' in the hope that someone may have a look at it,
again.

** Changed in: lxc (Ubuntu Noble)
   Status: Incomplete => New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/2080358

Title:
  liblxc-common: AppArmor-Profile for /usr/bin/lxc-copy contains rule
  for lxc-start

Status in lxc package in Ubuntu:
  Fix Released
Status in lxc source package in Noble:
  New
Status in lxc source package in Oracular:
  Fix Released

Bug description:
  Hi,

  liblxc-common 1:5.0.3-2ubuntu7 provides an AppArmor-Profile for 
/usr/bin/lxc-copy, but the profile file contains the rule for 
/usr/bin/lxc-start instead of /usr/bin/lxc-copy.  The mistake was introduced in 
[1], current Debian versions (1:5.0.2-1 and 1:6.0.1-1) are not affected, but 
Ubuntu 24.04 (noble) is.  This
  wrong profile file prevents running lxc-copy on my companies Ubuntu 24.04 
machines.

  Can you please replace the 'lxc-start' by 'lxc-copy' in
  /etc/apparmor/usr.bin.lxc-copy or update to Debian's 1:6.0.1-1 or
  above?

  --- SRU Bug Description ---

  [ Impact ]

   * lxc-copy is not usable with unprivileged user-namespaces, if unconfined 
 profiles are restricted in unprivileged user namespaces, example error 
 messages:

  $ sysctl kernel.apparmor_restrict_unprivileged_userns
  kernel.apparmor_restrict_unprivileged_userns = 1

  (This is the new default, cp. [2].)

  $ lxc-copy --snapshot -B overlayfs --name A --newname B -l DEBUG
   lxc-copy: A: ../src/lxc/utils.c: lxc_drop_groups: 1365 Operation not 
  permitted - Failed to drop supplimentary groups
  lxc-copy: A: ../src/lxc/conf.c: userns_exec_mapped_root: 5564 Operation 
not permitted - Failed to setresgid(0, 0, 0)
  lxc-copy: A: ../src/lxc/utils.c: wait_exited: 346 Child terminated with 
error 1
  lxc-copy: A: ../src/lxc/lxccontainer.c: do_create_container_dir: 1235 No 
such file or directory - Failed to chown rootfs "/home/USER/.local/share/lxc/B"
  lxc-copy: A: ../src/lxc/utils.c: lxc_drop_groups: 1365 Operation not 
permitted - Failed to drop supplimentary groups
  lxc-copy: A: ../src/lxc/conf.c: userns_exec_mapped_root: 5564 Operation 
not permitted - Failed to setresgid(0, 0, 0)
  lxc-copy: A: ../src/lxc/utils.c: wait_exited: 346 Child terminated with 
error 1
  lxc-copy: A: ../src/lxc/lxccontainer.c: do_lxcapi_clone: 3878 Error 
chowning /home/USER/.local/share/lxc/B/rootfs to container root
  lxc-copy: A: ../src/lxc/tools/lxc_copy.c: do_clone: 391 Failed to clone

  $ dmesg --follow
  [  527.199317] audit: type=1400 audit(1731322925.737:177): 
apparmor="AUDIT" operation="userns_create" class="namespace" info="Userns 
create - transitioning profile" profile="unconfined" pid=4108 comm="lxc-copy" 
requested="userns_create" target="unprivileged_userns"
  [  527.202674] audit: type=1400 audit(1731322925.737:178): 
apparmor="AUDIT" operation="userns_create" class="namespace" info="Userns 
create - transitioning profile" profile="unconfined" pid=4113 comm="lxc-copy" 
requested="userns_create" target="unprivileged_userns"

   * The upload fixes a typo in lxc-copy's AppArmor profile.  noble's original
 lxc-copy AA profile actually defines a profile for lxc-start, leaving the
 lxc-copy to be unconfined.  Due to the change described in [2], the 
handling
 unconfined AA profiles in user-namespaces prevents the use of `lxc-copy` in
 noble, if the profile does not get fixed.

  
  [ Test Plan ]

   * With sysctl kernel.apparmor_restrict_unprivileged_unconfied=1 and 
 kernel.apparmor_restrict_unprivileged_userns=1 set, as it is the new Ubuntu
 default, create an LXC container unprivileged and attempt to copy it:

 $ cat > ~/.config/lxc/default.conf << EOF
 lxc.include = /etc/lxc/default.conf
 lxc.idmap = u 0 10 65536
 lxc.idmap = g 0 10 65536
 EOF
 $ lxc-create --name A -t download -- --dist ubuntu --release noble --arch 
amd64
 $ lxc-copy --snapshot -B overlayfs --name A --newname B -l DEBUG

 lxc-copy fails w/o the patch and succeeds when it is applied.

  
  [ Where problems could occur ]

   * The patch might cause problems on non-default AppArmor configuration, 
 possibly preventing the use of lxc-copy or lxc-start.

   * We tested the patch on roughly two dozen Ubuntu24.04 developer machines 
since 
 September and could not see problems caused by the patch.

  --- End of SRU Bug Description ---

  
  Thanks and kind regards,
  Nicolas

  [1]: https://salsa.debian.org/lxc-
  
team/lxc/-/merge_requests/19/diffs?commit_id=a2ad01ca2081c4dd925037253b01fff0499af17e#d7b13f871dc297c7aa81e98c974db1a24f1b016d_0_21

  [2]: Canonical Ubuntu Blog: Restricted unprivileged user namespaces are 
coming to Ubuntu 23.10
   
https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces

  ---
  Description:  Ubu

[Touch-packages] [Bug 2089938] Re: iputils 3:20240905-1 doesn't work for unprivileged users

2024-12-04 Thread Launchpad Bug Tracker 
** Merge proposal linked:
   https://code.launchpad.net/~schopin/ubuntu-seeds/+git/platform/+merge/477742

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iputils in Ubuntu.
https://bugs.launchpad.net/bugs/2089938

Title:
  iputils 3:20240905-1 doesn't work for unprivileged users

Status in iputils package in Ubuntu:
  New

Bug description:
  iputils-ping 3:20240905-1 removed the setcap from the binary, under
  the assumption that you don't need special privileges to open ICMP
  sockets (as introduced in 2011 in the kernel). However, that only is
  true if you have "net.ipv4.ping_group_range = 0   2147483647" (or
  similar) in sysctl.

  So far, we didn't configure this variable in Ubuntu, resulting in the
  default value of "0 1", which only allows root to open those sockets.

  However, that could/should change with the latest merge of linux-base,
  which brought in linux-sysctl-defaults. That package ships
  /usr/lib/sysctl.d/50-defaults, which the following contents:

  ```
  # System Request functionality of the kernel (SYNC)
  #
  # Use kernel.sysrq = 1 to allow all keys.
  # See https://docs.kernel.org/admin-guide/sysrq.html for a list
  # of values and keys.
  kernel.sysrq = 0x01b6

  # Append the PID to the core filename
  kernel.core_uses_pid = 1

  # Source route verification
  net.ipv4.conf.default.rp_filter = 2
  net.ipv4.conf.*.rp_filter = 2
  -net.ipv4.conf.all.rp_filter

  # Do not accept source routing
  net.ipv4.conf.default.accept_source_route = 0
  net.ipv4.conf.*.accept_source_route = 0
  -net.ipv4.conf.all.accept_source_route

  # Promote secondary addresses when the primary address is removed
  net.ipv4.conf.default.promote_secondaries = 1
  net.ipv4.conf.*.promote_secondaries = 1
  -net.ipv4.conf.all.promote_secondaries

  # ping(8) without CAP_NET_ADMIN and CAP_NET_RAW
  # The upper limit is set to 2^31-1. Values greater than that get rejected by
  # the kernel because of this definition in linux/include/net/ping.h:
  #   #define GID_T_MAX (((gid_t)~0U) >> 1)
  # That's not so bad because values between 2^31 and 2^32-1 are reserved on
  # systemd-based systems anyway: https://systemd.io/UIDS-GIDS#summary
  -net.ipv4.ping_group_range = 0 2147483647

  # Fair Queue CoDel packet scheduler to fight bufferbloat
  -net.core.default_qdisc = fq_codel

  # Enable hard and soft link protection
  fs.protected_hardlinks = 1
  fs.protected_symlinks = 1

  # Enable regular file and FIFO protection
  fs.protected_regular = 2
  fs.protected_fifos = 1
  ```

  That new package is already in systemd's Recommends (has been there
  since Oracular, see bug 2089759).

  In parallel, procps in Debian has removed /etc/sysctl.conf entirely,
  and now also Recommends linux-sysctl-defaults.

  To add to the fun, despite the systemd Recommends, linux-sysctl-
  defaults isn't part of the current plucky LXD images (built 2 days
  after that package was published in the release pocket).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iputils/+bug/2089938/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2089779] Re: Buffer overflow in autopkgtest of wesnoth

2024-12-04 Thread Christian Ehrhardt  
This fully migrated and works now.

Furthermore upstream was great and quick, they have fixes for the crash
and the LTO warning in the latest and the 2.30.x branch. Reproducible
builds is merged in both as well.

That means we can drop that delta (O2 and reproducible builds) on the
merge of the next version.


** Changed in: wesnoth-1.18 (Ubuntu)
   Status: Triaged => Invalid

** Changed in: wesnoth (Ubuntu)
   Status: Triaged => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to python3-defaults in
Ubuntu.
https://bugs.launchpad.net/bugs/2089779

Title:
  Buffer overflow in autopkgtest of wesnoth

Status in boost1.83 package in Ubuntu:
  Fix Released
Status in libsdl2 package in Ubuntu:
  Fix Released
Status in python3-defaults package in Ubuntu:
  Fix Released
Status in wesnoth package in Ubuntu:
  Invalid
Status in wesnoth-1.18 package in Ubuntu:
  Invalid

Bug description:
  
https://objectstorage.prodstack5.canonical.com/swift/v1/AUTH_0f9aae918d5b4744bf7b827671c86842/autopkgtest-
  plucky/plucky/amd64/w/wesnoth-1.18/20241127_064901_ac814@/log.gz

  Repeats on reruns triggered by others.
  Blocks multiple migrations, atm
  - libsdl2
  - python3-defaults
  - boost1.83

  Unblocking all of these is surely worth it :-)
  I'll have a look tomorrow.

  229s autopkgtest [06:48:46]: test command1: /usr/games/wesnoth-1.18 -m 
--controller 1:ai --controller 2:ai --nogui
  229s autopkgtest [06:48:46]: test command1: [---
  229s Battle for Wesnoth v1.18.3 x86_64
  229s Started on Wed Nov 27 06:48:46 2024
  229s 
  229s Automatically found a possible data directory at: 
/tmp/autopkgtest.kgIWzV/build.Cyz/src
  229s 
  229s Data directory:   /tmp/autopkgtest.kgIWzV/build.Cyz/src
  229s User configuration directory: /home/USER/.config/wesnoth-1.18
  229s User data directory:  /home/USER/.config/wesnoth-1.18
  229s Cache directory:  /home/USER/.config/wesnoth-1.18/cache
  229s 
  229s 
  229s error: XDG_RUNTIME_DIR is invalid or not set in the environment.
  229s *** buffer overflow detected ***: terminated
  230s Aborted (core dumped)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/boost1.83/+bug/2089779/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2090963] Re: Please merge 0.8-14 into plucky

2024-12-04 Thread Mateus Rodrigues de Morais 
** Merge proposal linked:
   
https://code.launchpad.net/~mateus-morais/ubuntu/+source/avahi/+git/avahi/+merge/477746

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to avahi in Ubuntu.
https://bugs.launchpad.net/bugs/2090963

Title:
  Please merge 0.8-14 into plucky

Status in avahi package in Ubuntu:
  In Progress

Bug description:
  The upstream version 0.8-14 should be merged into plucky. The current
  version is 0.8-14.

  * PPA for review: https://launchpad.net/~mateus-
  morais/+archive/ubuntu/plucky-merges

  Note: this is a tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/avahi/+bug/2090963/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2089938] Re: iputils 3:20240905-1 doesn't work for unprivileged users

2024-12-04 Thread Simon Chopin 
** Description changed:

  iputils-ping 3:20240905-1 removed the setcap from the binary, under the
  assumption that you don't need special privileges to open ICMP sockets
  (as introduced in 2011 in the kernel). However, that only is true if you
  have "net.ipv4.ping_group_range = 0   2147483647" (or similar) in
  sysctl.
  
  So far, we didn't configure this variable in Ubuntu, resulting in the
  default value of "0 1", which only allows root to open those sockets.
  
  However, that could/should change with the latest merge of linux-base,
  which brought in linux-sysctl-defaults. That package ships
- /usr/lib/sysctl.d/50-defaults, which the following contents:
+ /usr/lib/sysctl.d/50-defaults, which has the following contents:
  
  ```
  # System Request functionality of the kernel (SYNC)
  #
  # Use kernel.sysrq = 1 to allow all keys.
  # See https://docs.kernel.org/admin-guide/sysrq.html for a list
  # of values and keys.
  kernel.sysrq = 0x01b6
  
  # Append the PID to the core filename
  kernel.core_uses_pid = 1
  
  # Source route verification
  net.ipv4.conf.default.rp_filter = 2
  net.ipv4.conf.*.rp_filter = 2
  -net.ipv4.conf.all.rp_filter
  
  # Do not accept source routing
  net.ipv4.conf.default.accept_source_route = 0
  net.ipv4.conf.*.accept_source_route = 0
  -net.ipv4.conf.all.accept_source_route
  
  # Promote secondary addresses when the primary address is removed
  net.ipv4.conf.default.promote_secondaries = 1
  net.ipv4.conf.*.promote_secondaries = 1
  -net.ipv4.conf.all.promote_secondaries
  
  # ping(8) without CAP_NET_ADMIN and CAP_NET_RAW
  # The upper limit is set to 2^31-1. Values greater than that get rejected by
  # the kernel because of this definition in linux/include/net/ping.h:
  #   #define GID_T_MAX (((gid_t)~0U) >> 1)
  # That's not so bad because values between 2^31 and 2^32-1 are reserved on
  # systemd-based systems anyway: https://systemd.io/UIDS-GIDS#summary
  -net.ipv4.ping_group_range = 0 2147483647
  
  # Fair Queue CoDel packet scheduler to fight bufferbloat
  -net.core.default_qdisc = fq_codel
  
  # Enable hard and soft link protection
  fs.protected_hardlinks = 1
  fs.protected_symlinks = 1
  
  # Enable regular file and FIFO protection
  fs.protected_regular = 2
  fs.protected_fifos = 1
  ```
  
+ The problematic version of iputils-ping has a Recommends on linux-
+ sysctl-defaults, but that alone doesn't help since those settings are
+ only applied at boot time by systemd-sysctl.
+ 
  That new package is already in systemd's Recommends (has been there
  since Oracular, see bug 2089759).
  
  In parallel, procps in Debian has removed /etc/sysctl.conf entirely, and
  now also Recommends linux-sysctl-defaults.
  
  To add to the fun, despite the systemd Recommends, linux-sysctl-defaults
  isn't part of the current plucky LXD images (built 2 days after that
  package was published in the release pocket).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to iputils in Ubuntu.
https://bugs.launchpad.net/bugs/2089938

Title:
  iputils 3:20240905-1 doesn't work for unprivileged users

Status in iputils package in Ubuntu:
  New

Bug description:
  iputils-ping 3:20240905-1 removed the setcap from the binary, under
  the assumption that you don't need special privileges to open ICMP
  sockets (as introduced in 2011 in the kernel). However, that only is
  true if you have "net.ipv4.ping_group_range = 0   2147483647" (or
  similar) in sysctl.

  So far, we didn't configure this variable in Ubuntu, resulting in the
  default value of "0 1", which only allows root to open those sockets.

  However, that could/should change with the latest merge of linux-base,
  which brought in linux-sysctl-defaults. That package ships
  /usr/lib/sysctl.d/50-defaults, which has the following contents:

  ```
  # System Request functionality of the kernel (SYNC)
  #
  # Use kernel.sysrq = 1 to allow all keys.
  # See https://docs.kernel.org/admin-guide/sysrq.html for a list
  # of values and keys.
  kernel.sysrq = 0x01b6

  # Append the PID to the core filename
  kernel.core_uses_pid = 1

  # Source route verification
  net.ipv4.conf.default.rp_filter = 2
  net.ipv4.conf.*.rp_filter = 2
  -net.ipv4.conf.all.rp_filter

  # Do not accept source routing
  net.ipv4.conf.default.accept_source_route = 0
  net.ipv4.conf.*.accept_source_route = 0
  -net.ipv4.conf.all.accept_source_route

  # Promote secondary addresses when the primary address is removed
  net.ipv4.conf.default.promote_secondaries = 1
  net.ipv4.conf.*.promote_secondaries = 1
  -net.ipv4.conf.all.promote_secondaries

  # ping(8) without CAP_NET_ADMIN and CAP_NET_RAW
  # The upper limit is set to 2^31-1. Values greater than that get rejected by
  # the kernel because of this definition in linux/include/net/ping.h:
  #   #define GID_T_MAX (((gid_t)~0U) >> 1)
  # That's not so bad because values between 2^31 and 2^32-1 are reserved on
  # systemd-based systems anyway

[Touch-packages] [Bug 2070285] Re: package tzdata 2024a-3ubuntu1.1 failed to install/upgrade: installed tzdata package post-installation script subprocess returned error exit status 10

2024-12-04 Thread Benjamin Drung 
Uploaded fixes for noble, jammy, focal. They are waiting in the
unapproved queue for review.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tzdata in Ubuntu.
https://bugs.launchpad.net/bugs/2070285

Title:
  package tzdata 2024a-3ubuntu1.1 failed to install/upgrade: installed
  tzdata package post-installation script subprocess returned error exit
  status 10

Status in tzdata package in Ubuntu:
  Fix Committed
Status in tzdata source package in Focal:
  New
Status in tzdata source package in Jammy:
  New
Status in tzdata source package in Noble:
  New
Status in tzdata source package in Oracular:
  New

Bug description:
  [ Impact ]

  Updating the tzdata package will fail on systems that have a legacy
  timezone selected (that is not updated to a recent one during dpkg-
  reconfigure). Example:

  ```
  $ schroot-wrapper -p tzdata -c jammy -u root
  (jammy)root@host:~# ln -sf /usr/share/zoneinfo/EST5EDT /etc/localtime
  (jammy)root@host:~# DEBIAN_FRONTEND=noninteractive dpkg-reconfigure tzdata
  (jammy)root@host:~# echo $?
  10
  ```

  [ Test Plan ]

  Test cases were added for Ubuntu 24.10 (oracular), Ubuntu 24.04
  (noble), and Ubuntu 22.04 (jammy) to the autopkgtest to cover the
  testing:

  * debconf: test_legacy_timezones

  So the test plan is to check that the autopkgtest succeeds. For older
  releases, run the example given above. It should exit with 0 and keep
  the configured timezone.

  [ Where problems can occur ]

  The fix touches the code that is used for configuring the timezone.
  That can cause package update to fail. There are autopkgtest to avoid
  regressions.

  [ Original report ]

  ProblemType: Package
  DistroRelease: Ubuntu 24.04
  Package: tzdata 2024a-3ubuntu1.1
  ProcVersionSignature: Ubuntu 6.5.0-1018.21-raspi 6.5.13
  Uname: Linux 6.5.0-1018-raspi aarch64
  ApportVersion: 2.28.1-0ubuntu3
  Architecture: arm64
  CasperMD5CheckResult: unknown
  CloudArchitecture: aarch64
  CloudID: nocloud
  CloudName: unknown
  CloudPlatform: nocloud
  CloudSubPlatform: config-disk (/dev/mmcblk0p1)
  Date: Mon Jun 24 09:04:36 2024
  DuplicateSignature:
   package:tzdata:2024a-3ubuntu1.1
   Setting up tzdata (2024a-3ubuntu1.1) ...
   dpkg: error processing package tzdata (--configure):
    installed tzdata package post-installation script subprocess returned error 
exit status 10
  ErrorMessage: installed tzdata package post-installation script subprocess 
returned error exit status 10
  PackageArchitecture: all
  Python3Details: /usr/bin/python3.12, Python 3.12.3, python3-minimal, 
3.12.3-0ubuntu1
  PythonDetails: N/A
  RebootRequiredPkgs: Error: path contained symlinks.
  RelatedPackageVersions:
   dpkg 1.22.6ubuntu6
   apt  2.7.14build2
  SourcePackage: tzdata
  Title: package tzdata 2024a-3ubuntu1.1 failed to install/upgrade: installed 
tzdata package post-installation script subprocess returned error exit status 10
  UpgradeStatus: Upgraded to noble on 2024-06-24 (0 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tzdata/+bug/2070285/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2090909] Re: Updater does not work. Synaptic cannot work.

2024-12-04 Thread Julian Andres Klode 
Thank you for your bug report. This looks more like a user support
question on how to configure APT sources, my recommendation would be to
use one of the support venues: https://ubuntu.com/community/support

In particular, it seems you have an incorrectly formatted URL in your
sources.list or file in sources.list.d.

** Changed in: software-properties (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to software-properties in
Ubuntu.
https://bugs.launchpad.net/bugs/2090909

Title:
  Updater does not work. Synaptic cannot  work.

Status in software-properties package in Ubuntu:
  Invalid

Bug description:
  major failure of software management system. Synaptic error E: Malformed 
entry / in sources file /etc/apt/sources. (URl parse) 
  E: The list of sources could not be read.
  E: _cache->open () failed, cannot continue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/2090909/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2090972] Re: /boot intermittently fails to mount on boot

2024-12-04 Thread Launchpad Bug Tracker 
Status changed to 'Confirmed' because the bug affects multiple users.

** Changed in: util-linux (Ubuntu)
   Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/2090972

Title:
  /boot intermittently fails to mount on boot

Status in util-linux package in Ubuntu:
  Confirmed

Bug description:
  Starting on Noble, we see /boot fail to mount in approximately one out
  of every two thousand boots.  The error looks like this:

 Found device dev-disk-by\x2dlabel-BOOT.device - QEMU NVMe Ctrl BOOT.
 Starting systemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT...
 Checking in progress on 1 disk (0.0% complete)
 Checking in progress on 0 disks (100.0% complete)
 Finished msystemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT.
 Mounting boot.mount - /boot...
 [3.051612] /dev/disk/by-label/BOOT: Can't lookup blockdev
 FAILED Failed to mount boot.mount - /boot.
 See 'systemctl status boot.mount' for details.

  This has resulted in a number of different failure modes for our
  users.

  Anything that needs to interact with /boot during provisioning will
  fail.  This is usually something running update-grub or similar.

  If we manage to succeed in booting, this can cause subsequent kernel
  updates or tools that install kernel modules to fail, because
  update-grub fails.

  We've _also_ seen this manifest on the root filesystem.  In that case,
  the boot succeeded, but the by-label links remain absent.  When this
  occurs, we find installing kernel packages fails because mkinitramfs
  can't locate the root disk by label.

  It's a vexing problem, and so to reproduce we ran cloud images in a boot
  loop until we could reliably reproduce the problem.  Unfortunately, we
  weren't able to work out anything that made this happen faster, so it's
  been a bit slow coming.

  It turns out the problem here is that libblkid recently added support to
  compute the checksum of the superblocks on ext4 filesystems, and Noble
  is the first release to include a version of util-linux new enough to
  have this feature.  When libblkid determines an ext4 superblock's
  checksum is corrupt, it refuses to identify the device as having a
  filesystem, which leads to the removeal of the uuid and by-label fields.
  systemd-udevd then removes these symlinks.  This is where it all goes
  wrong.

  From our debug traces, it's possible to see this clearly:

  (udev-worker)[208]: nvme0n1p16: Probe /dev/nvme0n1p16 with raid and
  offset=0

  systemd-udevd[208]: 208: libblkid: LOWPROBE: [36] ext4dev:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4dev, got 
D919EB56, expected A47F6CF0
  systemd-udevd[208]: 208: libblkid: LOWPROBE: [37] ext4:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4, got D919EB56, 
expected A47F6CF0

  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', which is no longer 
belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', removing
  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-label/BOOT', which is no longer belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-label/BOOT', removing
  (udev-worker)[208]: nvme0n1p16: Successfully created symlink 
'/dev/block/259:4' to '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: sd-device: Created db file 
'/run/udev/data/b259:4' for 
'/devices/pci:00/:00:01.0/nvme/nvme0/nvme0n1/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Adding watch on '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Device processed (SEQNUM=1630, ACTION=change)
  (udev-worker)[208]: nvme0n1p16: sd-device-monitor(worker): Passed 1315 byte 
to netlink monitor.

  
  Fortunately, the fix here is straight-forward and is similar to what we
  did for resize2fs: use O_DIRECT when reading the superblock.  We've
  already sent a patch upstream and gotten it accepted there:

  https://github.com/util-linux/util-
  l

[Touch-packages] [Bug 2091025] [NEW] network reachability

2024-12-04 Thread elinux 
Public bug reported:

I faced a weird issue after a ubuntu 20 to 22 os upgrade. The physical
nodes have lxc containers on it. Both the hosts and the containers are
upgraded from 20 to 22 ubuntu versions. After the upgrade, an internal
endpoint is reachable using curl from the hosts nodes. but from within
the containers on those hosts, the curl was timing out and failing
eventually with the following error:

---
cURL error 35: error:1408F10B:SSL routines:ssl3_get_record:wrong version number 
---

So i tried various combinations of openssl libraries but none of them
worked. The ping was successful to that endpoint from the lxc
containers. But only the curl was failing. The request packets were also
reaching the endpoint server from the lxc containers, but the endpoint
was not responding to those requests. But the same is working from the
host machine where the lxc containers are running. Could not find out
why ?  At last I tried a reboot of the host machine and after the reboot
the endpoint is reachable from within the lxc containers as well.  Can
anyone suggest or give their expert opinion as to why a simple reboot
fixed this issue ?  Actually what was the root cause ?

Below are the specifications of the host machine and the containers.

Host:

Ubuntu 22.04.2 LTS \n \l
5.19.0-42-generic #43~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Apr 21 16:51:08 
UTC 2 x86_64 x86_64 x86_64 GNU/Linux

liblxc-common 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1   
amd64Linux Containers userspace tools (common tools)
liblxc-dev1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1   
amd64Linux Containers userspace tools (development)
liblxc1   1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1   
amd64Linux Containers userspace tools (library)
lxc   1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1   
all  Transitional package - lxc -> lxc-utils
lxc-dev   1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1   
all  Transitional package - lxc-dev -> liblxc-dev
lxc-templates 3.0.4-5 
amd64Linux Containers userspace tools (templates)
lxc-utils 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1   
amd64Linux Containers userspace tools
python3-lxc   1:3.0.4-1ubuntu10   
amd64Linux Containers userspace tools (Python3 bindings)


centrifydc-openssl5.5.2-578   
amd64Centrify DirectControl OpenSSL
 openssl   3.0.2-0ubuntu1.9
amd64Secure Sockets Layer toolkit - cryptographic utility


lxc containers:
-  
Ubuntu 22.04.5 LTS \n \l

 openssl 3.0.2-0ubuntu1.9
amd64Secure Sockets Layer toolkit - cryptographic utility

 5.19.0-42-generic #43~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Apr 21
16:51:08 UTC 2 x86_64 x86_64 x86_64 GNU/Linux

** Affects: lxc (Ubuntu)
 Importance: Undecided
 Status: New

** Summary changed:

- network rechability
+ network reachability

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to lxc in Ubuntu.
https://bugs.launchpad.net/bugs/2091025

Title:
  network reachability

Status in lxc package in Ubuntu:
  New

Bug description:
  I faced a weird issue after a ubuntu 20 to 22 os upgrade. The physical
  nodes have lxc containers on it. Both the hosts and the containers are
  upgraded from 20 to 22 ubuntu versions. After the upgrade, an internal
  endpoint is reachable using curl from the hosts nodes. but from within
  the containers on those hosts, the curl was timing out and failing
  eventually with the following error:

  ---
  cURL error 35: error:1408F10B:SSL routines:ssl3_get_record:wrong version 
number 
  ---

  So i tried various combinations of openssl libraries but none of them
  worked. The ping was successful to that endpoint from the lxc
  containers. But only the curl was failing. The request packets were
  also reaching the endpoint server from the lxc containers, but the
  endpoint was not responding to those requests. But the same is working
  from the host machine where the lxc containers are running. Could not
  find out why ?  At last I tried a reboot of the host machine and after
  the reboot the endpoint is reachable from within the lxc containers as
  well.  Can anyone suggest or give their expert opinion as to why a
  simple reboot fixed this issue ?  Actually what was the root cause ?

  Below are the specifications of the host machine and the containers.

  Host:
  
  Ubuntu 22.04.2 LTS \n \l
  5.19.0-42-generic #43~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Fri Apr 21 16:51:08 
UTC 2 x86_64 x86_64 x86_64 GNU/Linux

  liblxc-common 1:5.0.0~git2209-g5a7b9ce67-0ubuntu1.1

[Touch-packages] [Bug 2089307] Re: llibxml-libxml-perl autopkgtest fails due to non-whitelisted output vs libxml 2.12.7+dfsg+really2.9.14-0.2build1

2024-12-04 Thread Launchpad Bug Tracker 
This bug was fixed in the package libxml-libxslt-perl - 2.003000-2build1

---
libxml-libxslt-perl (2.003000-2build1) plucky; urgency=medium

  * No change rebuild against libxml 2.12.7+dfsg+really2.9.14-0.2build1
(LP: #2089307).

 -- Vladimir Petko   Fri, 22 Nov 2024
15:53:00 +1300

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libxslt in Ubuntu.
https://bugs.launchpad.net/bugs/2089307

Title:
  llibxml-libxml-perl autopkgtest fails due to non-whitelisted output vs
  libxml 2.12.7+dfsg+really2.9.14-0.2build1

Status in libxml-grddl-perl package in Ubuntu:
  Fix Released
Status in libxml-libxml-perl package in Ubuntu:
  Fix Released
Status in libxml-libxslt-perl package in Ubuntu:
  Fix Released
Status in libxslt package in Ubuntu:
  Fix Released

Bug description:
  179s #  $got->[0] = 'Warning: program compiled against libxml
  212 using older 209[1]

  [1]
  
https://objectstorage.prodstack5.canonical.com/swift/v1/AUTH_0f9aae918d5b4744bf7b827671c86842/autopkgtest-
  plucky/plucky/amd64/libx/libxml-libxml-
  perl/20241119_095741_ae8c7@/log.gz

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libxml-grddl-perl/+bug/2089307/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2089307] Re: llibxml-libxml-perl autopkgtest fails due to non-whitelisted output vs libxml 2.12.7+dfsg+really2.9.14-0.2build1

2024-12-04 Thread Launchpad Bug Tracker 
This bug was fixed in the package libxml-libxml-perl -
2.0207+dfsg+really+2.0134-5build1

---
libxml-libxml-perl (2.0207+dfsg+really+2.0134-5build1) plucky; urgency=medium

  * No change rebuild against libxml 2.12.7+dfsg+really2.9.14-0.2build1
(LP: #2089307).

 -- Vladimir Petko   Fri, 22 Nov 2024
09:07:55 +1300

** Changed in: libxml-libxml-perl (Ubuntu)
   Status: New => Fix Released

** Changed in: libxml-libxslt-perl (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libxslt in Ubuntu.
https://bugs.launchpad.net/bugs/2089307

Title:
  llibxml-libxml-perl autopkgtest fails due to non-whitelisted output vs
  libxml 2.12.7+dfsg+really2.9.14-0.2build1

Status in libxml-grddl-perl package in Ubuntu:
  Fix Released
Status in libxml-libxml-perl package in Ubuntu:
  Fix Released
Status in libxml-libxslt-perl package in Ubuntu:
  Fix Released
Status in libxslt package in Ubuntu:
  Fix Released

Bug description:
  179s #  $got->[0] = 'Warning: program compiled against libxml
  212 using older 209[1]

  [1]
  
https://objectstorage.prodstack5.canonical.com/swift/v1/AUTH_0f9aae918d5b4744bf7b827671c86842/autopkgtest-
  plucky/plucky/amd64/libx/libxml-libxml-
  perl/20241119_095741_ae8c7@/log.gz

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libxml-grddl-perl/+bug/2089307/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2059852] Re: Invalid free called during libfreetype FT_Done_Glyph

2024-12-04 Thread Seth Arnold 
I'm disinclined to unilaterally assign a CVE here:

- ftgrid doesn't feel like it's useful beyond freetype developers -- try
it out for yourself on a font on your system. (For me, quite a lot of
the window space is filled with the previous contents of the screen, but
perhaps if you're not running a tiling window manager the window will be
the exact required size. What's left doesn't look like it's end-user or
even font-designer oriented.)

- I don't think the linked patches completely address the undefined
behavior due to signed integer overflows:


typedef struct grBitmap_
  {
int rows;
int width;
int pitch;
grPixelMode mode;
int grays;
unsigned char*  buffer;
  } grBitmap;


  static void
  bitmap_scale( GridStatus  st,
grBitmap*   bit,
int scale )
  {
unsigned char*  s = bit->buffer;
unsigned char*  line;
int pitch;
int width;
int i, j, k;
pitch = bit->pitch > 0 ?  bit->pitch
   : -bit->pitch;
width = bit->width;
/* limit bitmap size */
if ( pitch * scale <= 0x && bit->rows * scale <= 0x )
  line = (unsigned char*)malloc( (size_t)( pitch * bit->rows *
   scale * scale ) );
else
  line = NULL;


What happens if pitch * scale or bit->rows * scale cause an integer overflow 
and the compiler emits code that causes the result to become negative? Or the 
compiler omits the code entirely, because signed integer overflow is undefined? 
All these values are signed integers and I can't quickly spot code that would 
limit these to suitable values.

I don't see any security value in debugging this demo program. If
upstream disagrees and thinks this deserves a CVE, I won't stand in
their way, but I also don't think assigning one here would encourage
them to care about the CVE process.

Fixing one specific integer overflow while ignoring two more on the
previous line doesn't feel productive.

If you, dear reader, actually care about this specific program, I
encourage a few steps to explore it further:

- build it with -fsanitize=undefined and fuzz it. I bet there's dozens more of 
these errors.
- build it with -fsanitize=address and fuzz it. I bet there's a few more of 
these errors.
- submit the project to scan.coverity.com. Unless Coverity is already part of 
the workflow, it'll probably find dozens of flaws, some of which will represent 
real bugs reachable by maliciously built fonts or operating users or other X 
clients or the X server.

Thanks

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to freetype in Ubuntu.
https://bugs.launchpad.net/bugs/2059852

Title:
  Invalid free called during libfreetype FT_Done_Glyph

Status in freetype package in Ubuntu:
  New
Status in freetype source package in Jammy:
  New

Bug description:
  A fuzzed font file triggers an invalid free operation. Current
  upstream 2.13 was not observed crashing with input.

  ==1793660== Memcheck, a memory error detector
  ==1793660== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
  ==1793660== Using Valgrind-3.18.1 and LibVEX; rerun with -h for copyright info
  ==1793660== Command: ftgrid 12 ftgrid_invalid_free_shown_by_valgrind.ttf
  ==1793660==
  ==1793660== Argument 'size' of function malloc has a fishy (possibly 
negative) value: -205496320
  ==1793660==at 0x4848899: malloc (in 
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
  ==1793660==by 0x10F09A: UnknownInlinedFun (ftgrid.c:412)
  ==1793660==by 0x10F09A: UnknownInlinedFun (ftgrid.c:580)
  ==1793660==by 0x10F09A: main (ftgrid.c:1818)
  ==1793660==
  ==1793660== Invalid free() / delete / delete¡¿ / realloc()
  ==1793660==at 0x484B27F: free (in 
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
  ==1793660==by 0x48C2EC3: UnknownInlinedFun (ftutil.c:173)
  ==1793660==by 0x48C2EC3: FT_Bitmap_Done (ftbitmap.c:1169)
  ==1793660==by 0x48C5947: FT_Done_Glyph (ftglyph.c:650)
  ==1793660==by 0x10F1A0: UnknownInlinedFun (ftgrid.c:589)
  ==1793660==by 0x10F1A0: main (ftgrid.c:1818)
  ==1793660==  Address 0x5292040 is 0 bytes inside a block of size 58,519,576 
free'd
  ==1793660==at 0x484B27F: free (in 
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
  ==1793660==by 0x10F18A: UnknownInlinedFun (ftgrid.c:586)
  ==1793660==by 0x10F18A: main (ftgrid.c:1818)
  ==1793660==  Block was alloc'd at
  ==1793660==at 0x4848899: malloc (in 
/usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
  ==1793660==by 0x48BDB08: ft_mem_qrealloc (ftutil.c:145)
  ==1793660==by 0x48BF04D: ft_mem_realloc (ftutil.c:101)
  ==1793660==by 0x491815B: ft_smooth_render.lto_priv.0 (ftsmooth.c:475)
  ==1793660==by 0x48BD24C: FT_Render_Glyph_Internal (ftobjs.c:4721)
  ==1793660

[Touch-packages] [Bug 2090841] Re: Please merge 0.52.24-4 into plucky

2024-12-04 Thread Launchpad Bug Tracker 
This bug was fixed in the package newt - 0.52.24-4ubuntu1

---
newt (0.52.24-4ubuntu1) plucky; urgency=medium

  * Merge with Debian unstable (LP: #2090841). Remaining changes:
+ Remove libnewt0.52.preinst altogether, which contains destructive
  operations with none of the appropriate version guards
+ Add correct build-dependencies on python3-all-dbg and
  libpython3-all-dbg, needed due to debian/patches/snack.patch
+ Don't install python-newt example files
+ Install/remove alternatives for the ubuntu palette
+ Revert Debian's dropping of /etc/newt/palette.original, used as an
  alternative in Ubuntu
  * Dropped changes:
+ d/p/fix-bidi-i386.patch: patch upstreamed to Debian, therefore removed
  from Ubuntu delta.

newt (0.52.24-4) unstable; urgency=medium

  * Rebuild for python3.13 support.
  * Close old bugs: #1025163, #1033421
  * cross.patch: FIx FTCBFS with wrong python-config. Closes: #1061246:

newt (0.52.24-3) unstable; urgency=medium

  [ Alastair McKinstry ]
  * Fix broken vcs url
  * Standards-Version: 4.7.0; no changes required
  * Patch from henryn to support nopython.  Closes: #1033465
  * python3-newt examples use /usr/bin/python3. Closes: #983468
  * Fix from upstream for i386 FTBFS. Closes: #1086133
  * Rename NEWS.Debian following Lintian

  [ Helmut Grohne ]
  * Support for noudeb profile. Closes: #1024939
  * Fix for nopython build profile. Closes: #1033431, #1082963

 -- Mateus Rodrigues de Morais   Mon, 02
Dec 2024 11:43:08 -0300

** Changed in: newt (Ubuntu)
   Status: In Progress => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to newt in Ubuntu.
https://bugs.launchpad.net/bugs/2090841

Title:
  Please merge 0.52.24-4 into plucky

Status in newt package in Ubuntu:
  Fix Released

Bug description:
  The upstream version 0.52.24-4 should be merged into plucky. The
  current version is 0.52.24-2ubuntu4.

  * PPA for review: https://launchpad.net/~mateus-
  morais/+archive/ubuntu/plucky-merges

  Note: this is a tracking bug

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/newt/+bug/2090841/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2026757] Related fix merged to ironic (stable/2024.2)

2024-12-04 Thread OpenStack Infra 
Reviewed:  https://review.opendev.org/c/openstack/ironic/+/936205
Committed: 
https://opendev.org/openstack/ironic/commit/38d94ca3a07af5e1fd551cab23484abf87290492
Submitter: "Zuul (22348)"
Branch:stable/2024.2

commit 38d94ca3a07af5e1fd551cab23484abf87290492
Author: Jay Faulkner 
Date:   Tue Nov 19 10:37:21 2024 -0800

Use specific fix-commit from dnsmasq

I have requested a new release from dnsmasq here:
https://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2024q4/017828.html
but until they perform one, we should at least checkout and build
a version of dnsmasq with this fix, instead of downgrading to one that
is slightly less broken.

Related-Bug: 2026757
Change-Id: I8abac5fa729035341c90d7881cb35aff751da101
(cherry picked from commit 360e21124c2369174d7b38fbb8edf581e85f52e0)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to dnsmasq in Ubuntu.
https://bugs.launchpad.net/bugs/2026757

Title:
  dnsmasq on Ubuntu Jammy crashes on neutron-dhcp-agent updates

Status in Ironic:
  Triaged
Status in neutron:
  New
Status in dnsmasq package in Ubuntu:
  In Progress
Status in dnsmasq source package in Jammy:
  Confirmed
Status in dnsmasq source package in Kinetic:
  Won't Fix
Status in dnsmasq source package in Mantic:
  Invalid
Status in dnsmasq source package in Noble:
  Triaged
Status in dnsmasq source package in Oracular:
  Triaged
Status in dnsmasq source package in Plucky:
  In Progress

Bug description:
  The Ironic project's CI has been having major blocking issues moving
  to utilizing Ubuntu Jammy and with some investigation we were able to
  isolate the issues down to the dhcp updates causing dnsmasq to crash
  on Ubuntu Jammy, which ships with dnsmasq 2.86. This issue sounds
  similar to an issue known about to the dnsmasq maintainers, where
  dnsmasq would crash with updates occurring due to configuration
  refresh[0].

  This resulted in us upgrading dnsmasq to the version which ships with
  Ubuntu Lunar.

  Which was no better. Dnsmasq still crashed upon record updates for
  addresses and ports getting configuration added/changed/removed.

  We later downgraded to the version of dnsmasq shipped in Ubuntu Focal,
  and dnsmasq stopped crashing and appeared stable enough to utilize for
  CI purposes.

  ** Kernel log from Ubuntu Jammy Package **

  [229798.876726] dnsmasq[81586]: segfault at 7c28 ip 7f6e8313147e sp 
7fffb3d6f830 error 4 in libc.so.6[7f6e830b4000+195000]
  [229798.876745] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 
ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 
47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a
  [229805.444912] dnsmasq[401428]: segfault at dce8 ip 7fe63bf6a47e sp 
7ffdb105b440 error 4 in libc.so.6[7fe63beed000+195000]
  [229805.444933] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 
ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 
47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a
  [230414.213448] dnsmasq[401538]: segfault at 78b8 ip 7f12160e447e sp 
7ffed6ef2190 error 4 in libc.so.6[7f1216067000+195000]
  [230414.213467] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 
ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 
47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a
  [230465.098989] dnsmasq[402665]: segfault at c378 ip 7f81458f047e sp 
7fff0db334a0 error 4 in libc.so.6[7f8145873000+195000]
  [230465.099005] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 
ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 
47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a
  [231787.247374] dnsmasq[402863]: segfault at 7318 ip 7f3940b9147e sp 
7ffc8df4f010 error 4 in libc.so.6[7f3940b14000+195000]
  [231787.247392] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 
ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 
47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a
  [231844.886399] dnsmasq[405182]: segfault at dc58 ip 7f32a29e147e sp 
7ffddedd7480 error 4 in libc.so.6[7f32a2964000+195000]
  [231844.886420] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 
ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 
47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a
  [234692.482154] dnsmasq[405289]: segfault at 67d8 ip 7fab0c5c447e sp 
7fffd6fd8fa0 error 4 in libc.so.6[7fab0c547000+195000]
  [234692.482173] Code: 98 13 00 e8 04 b9 ff ff 0f 1f 40 00 f3 0f 1e fa 48 85 
ff 0f 84 bb 00 00 00 55 48 8d 77 f0 53 48 83 ec 18 48 8b 1d 92 39 17 00 <48> 8b 
47 f8 64 8b 2b a8 02 75 57 48 8b 15 18 39 17 00 64 48 83 3a

  ** Kernel log entries from Ubuntu Lunar package **

  [234724.842339] dnsmasq[409843]: segfault at

[Touch-packages] [Bug 2079966] Re: tzdata 2024b release

2024-12-04 Thread Benjamin Drung 
** Tags removed: foundations-todo

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to tzdata in Ubuntu.
https://bugs.launchpad.net/bugs/2079966

Title:
  tzdata 2024b release

Status in tzdata package in Ubuntu:
  Fix Released
Status in tzdata source package in Focal:
  New
Status in tzdata source package in Jammy:
  New
Status in tzdata source package in Noble:
  New
Status in tzdata source package in Oracular:
  Fix Committed

Bug description:
  [ Impact ]

  The 2024b release contains the following changes:

  * Improve historical data for Mexico, Mongolia, and Portugal.
  * System V names are now obsolescent.
  * The main data form now uses %z.

  [ Test Plan ]

  Test cases were added to the autopkgtest to cover the testing:

  * python: test_2024b
  * python-icu: test_2024b (only for focal and newer)

  So the test plan is to check that the autopkgtest succeeds.

  [ Other Info ]

  The autopkgtest for chrony is flaky on jammy and newer (see bug
  #2002910).

  There are backward-incompatible changes included:

  Names present only for compatibility with UNIX System V
  (last released in the 1990s) have been moved to 'backward'.
  These names, which for post-1970 timestamps mostly just duplicate
  data of geographical names, were confusing downstream uses.
  Names moved to 'backward' are now Links to geographical names if
  there is an exact match since 1970, and remain Zones otherwise.
  Those needing the previous TZDB behavior, which does not match any
  real-world clocks, can find the old entries in 'backzone'.
  (Problem reported by Justin Grant.)

  We need to exclude this change for the SRU since it can/will break
  user setup (e. g. the user from bug #2055718) and it will break a
  handful of tests (including dateparser, pandas, posrtesql-16). See
  https://bugs.debian.org/1084190

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/tzdata/+bug/2079966/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2089307] Re: llibxml-libxml-perl autopkgtest fails due to non-whitelisted output vs libxml 2.12.7+dfsg+really2.9.14-0.2build1

2024-12-04 Thread Vladimir Petko 
hwloc requires a no-change rebuild due to [1]

[1] https://launchpadlibrarian.net/761931974/buildlog_ubuntu-plucky-
amd64.hypre_2.32.0-2build1_BUILDING.txt.gz

** Also affects: hwloc (Ubuntu)
   Importance: Undecided
   Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to libxslt in Ubuntu.
https://bugs.launchpad.net/bugs/2089307

Title:
  llibxml-libxml-perl autopkgtest fails due to non-whitelisted output vs
  libxml 2.12.7+dfsg+really2.9.14-0.2build1

Status in hwloc package in Ubuntu:
  New
Status in libxml-grddl-perl package in Ubuntu:
  Fix Released
Status in libxml-libxml-perl package in Ubuntu:
  Fix Released
Status in libxml-libxslt-perl package in Ubuntu:
  Fix Released
Status in libxslt package in Ubuntu:
  Fix Released

Bug description:
  179s #  $got->[0] = 'Warning: program compiled against libxml
  212 using older 209[1]

  [1]
  
https://objectstorage.prodstack5.canonical.com/swift/v1/AUTH_0f9aae918d5b4744bf7b827671c86842/autopkgtest-
  plucky/plucky/amd64/libx/libxml-libxml-
  perl/20241119_095741_ae8c7@/log.gz

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/hwloc/+bug/2089307/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2090972] Re: /boot intermittently fails to mount on boot

2024-12-04 Thread Dave Jones 
** Tags added: rls-nn-incoming

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/2090972

Title:
  /boot intermittently fails to mount on boot

Status in util-linux package in Ubuntu:
  Confirmed

Bug description:
  Starting on Noble, we see /boot fail to mount in approximately one out
  of every two thousand boots.  The error looks like this:

 Found device dev-disk-by\x2dlabel-BOOT.device - QEMU NVMe Ctrl BOOT.
 Starting systemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT...
 Checking in progress on 1 disk (0.0% complete)
 Checking in progress on 0 disks (100.0% complete)
 Finished msystemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT.
 Mounting boot.mount - /boot...
 [3.051612] /dev/disk/by-label/BOOT: Can't lookup blockdev
 FAILED Failed to mount boot.mount - /boot.
 See 'systemctl status boot.mount' for details.

  This has resulted in a number of different failure modes for our
  users.

  Anything that needs to interact with /boot during provisioning will
  fail.  This is usually something running update-grub or similar.

  If we manage to succeed in booting, this can cause subsequent kernel
  updates or tools that install kernel modules to fail, because
  update-grub fails.

  We've _also_ seen this manifest on the root filesystem.  In that case,
  the boot succeeded, but the by-label links remain absent.  When this
  occurs, we find installing kernel packages fails because mkinitramfs
  can't locate the root disk by label.

  It's a vexing problem, and so to reproduce we ran cloud images in a boot
  loop until we could reliably reproduce the problem.  Unfortunately, we
  weren't able to work out anything that made this happen faster, so it's
  been a bit slow coming.

  It turns out the problem here is that libblkid recently added support to
  compute the checksum of the superblocks on ext4 filesystems, and Noble
  is the first release to include a version of util-linux new enough to
  have this feature.  When libblkid determines an ext4 superblock's
  checksum is corrupt, it refuses to identify the device as having a
  filesystem, which leads to the removeal of the uuid and by-label fields.
  systemd-udevd then removes these symlinks.  This is where it all goes
  wrong.

  From our debug traces, it's possible to see this clearly:

  (udev-worker)[208]: nvme0n1p16: Probe /dev/nvme0n1p16 with raid and
  offset=0

  systemd-udevd[208]: 208: libblkid: LOWPROBE: [36] ext4dev:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4dev, got 
D919EB56, expected A47F6CF0
  systemd-udevd[208]: 208: libblkid: LOWPROBE: [37] ext4:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4, got D919EB56, 
expected A47F6CF0

  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', which is no longer 
belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', removing
  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-label/BOOT', which is no longer belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-label/BOOT', removing
  (udev-worker)[208]: nvme0n1p16: Successfully created symlink 
'/dev/block/259:4' to '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: sd-device: Created db file 
'/run/udev/data/b259:4' for 
'/devices/pci:00/:00:01.0/nvme/nvme0/nvme0n1/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Adding watch on '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Device processed (SEQNUM=1630, ACTION=change)
  (udev-worker)[208]: nvme0n1p16: sd-device-monitor(worker): Passed 1315 byte 
to netlink monitor.

  
  Fortunately, the fix here is straight-forward and is similar to what we
  did for resize2fs: use O_DIRECT when reading the superblock.  We've
  already sent a patch upstream and gotten it accepted there:

  https://github.com/util-linux/util-
  linux/commit/483c9f38e377ff0b009f546a2c4ee91a1d61588c

  We've also been running with a version of this patc

[Touch-packages] [Bug 2090972] Re: /boot intermittently fails to mount on boot

2024-12-04 Thread Matthew Ruffell 
** Also affects: util-linux (Ubuntu Noble)
   Importance: Undecided
   Status: New

** Also affects: util-linux (Ubuntu Oracular)
   Importance: Undecided
   Status: New

** Also affects: util-linux (Ubuntu Plucky)
   Importance: Undecided
   Status: Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/2090972

Title:
  /boot intermittently fails to mount on boot

Status in util-linux package in Ubuntu:
  Confirmed
Status in util-linux source package in Noble:
  New
Status in util-linux source package in Oracular:
  New
Status in util-linux source package in Plucky:
  Confirmed

Bug description:
  Starting on Noble, we see /boot fail to mount in approximately one out
  of every two thousand boots.  The error looks like this:

 Found device dev-disk-by\x2dlabel-BOOT.device - QEMU NVMe Ctrl BOOT.
 Starting systemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT...
 Checking in progress on 1 disk (0.0% complete)
 Checking in progress on 0 disks (100.0% complete)
 Finished msystemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT.
 Mounting boot.mount - /boot...
 [3.051612] /dev/disk/by-label/BOOT: Can't lookup blockdev
 FAILED Failed to mount boot.mount - /boot.
 See 'systemctl status boot.mount' for details.

  This has resulted in a number of different failure modes for our
  users.

  Anything that needs to interact with /boot during provisioning will
  fail.  This is usually something running update-grub or similar.

  If we manage to succeed in booting, this can cause subsequent kernel
  updates or tools that install kernel modules to fail, because
  update-grub fails.

  We've _also_ seen this manifest on the root filesystem.  In that case,
  the boot succeeded, but the by-label links remain absent.  When this
  occurs, we find installing kernel packages fails because mkinitramfs
  can't locate the root disk by label.

  It's a vexing problem, and so to reproduce we ran cloud images in a boot
  loop until we could reliably reproduce the problem.  Unfortunately, we
  weren't able to work out anything that made this happen faster, so it's
  been a bit slow coming.

  It turns out the problem here is that libblkid recently added support to
  compute the checksum of the superblocks on ext4 filesystems, and Noble
  is the first release to include a version of util-linux new enough to
  have this feature.  When libblkid determines an ext4 superblock's
  checksum is corrupt, it refuses to identify the device as having a
  filesystem, which leads to the removeal of the uuid and by-label fields.
  systemd-udevd then removes these symlinks.  This is where it all goes
  wrong.

  From our debug traces, it's possible to see this clearly:

  (udev-worker)[208]: nvme0n1p16: Probe /dev/nvme0n1p16 with raid and
  offset=0

  systemd-udevd[208]: 208: libblkid: LOWPROBE: [36] ext4dev:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4dev, got 
D919EB56, expected A47F6CF0
  systemd-udevd[208]: 208: libblkid: LOWPROBE: [37] ext4:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4, got D919EB56, 
expected A47F6CF0

  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', which is no longer 
belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', removing
  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-label/BOOT', which is no longer belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-label/BOOT', removing
  (udev-worker)[208]: nvme0n1p16: Successfully created symlink 
'/dev/block/259:4' to '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: sd-device: Created db file 
'/run/udev/data/b259:4' for 
'/devices/pci:00/:00:01.0/nvme/nvme0/nvme0n1/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Adding watch on '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Device processed (SEQNUM=1630, ACTION=change)
  (udev-worker)[208]: nvme0n1p16: sd-device-monito

[Touch-packages] [Bug 2090972] Re: /boot intermittently fails to mount on boot

2024-12-04 Thread Matthew Ruffell 
** Patch removed: "Debdiff for util-linux on noble"
   
https://bugs.launchpad.net/ubuntu/+source/util-linux/+bug/2090972/+attachment/5842238/+files/lp2090972_noble.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to util-linux in Ubuntu.
https://bugs.launchpad.net/bugs/2090972

Title:
  /boot intermittently fails to mount on boot

Status in util-linux package in Ubuntu:
  In Progress
Status in util-linux source package in Noble:
  In Progress
Status in util-linux source package in Oracular:
  In Progress
Status in util-linux source package in Plucky:
  In Progress

Bug description:
  [Impact]

  Starting on Noble, we see /boot fail to mount in approximately one out
  of every two thousand boots.  The error looks like this:

     Found device dev-disk-by\x2dlabel-BOOT.device - QEMU NVMe Ctrl BOOT.
     Starting systemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT...
     Checking in progress on 1 disk (0.0% complete)
     Checking in progress on 0 disks (100.0% complete)
     Finished msystemd-fsck@dev-disk-by… Check on /dev/disk/by-label/BOOT.
     Mounting boot.mount - /boot...
     [3.051612] /dev/disk/by-label/BOOT: Can't lookup blockdev
     FAILED Failed to mount boot.mount - /boot.
     See 'systemctl status boot.mount' for details.

  This has resulted in a number of different failure modes for our
  users.

  Anything that needs to interact with /boot during provisioning will
  fail.  This is usually something running update-grub or similar.

  If we manage to succeed in booting, this can cause subsequent kernel
  updates or tools that install kernel modules to fail, because
  update-grub fails.

  We've _also_ seen this manifest on the root filesystem.  In that case,
  the boot succeeded, but the by-label links remain absent.  When this
  occurs, we find installing kernel packages fails because mkinitramfs
  can't locate the root disk by label.

  [ Testcase ]

  It's a vexing problem, and so to reproduce we ran cloud images in a boot
  loop until we could reliably reproduce the problem.  Unfortunately, we
  weren't able to work out anything that made this happen faster, so it's
  been a bit slow coming.

  It turns out the problem here is that libblkid recently added support to
  compute the checksum of the superblocks on ext4 filesystems, and Noble
  is the first release to include a version of util-linux new enough to
  have this feature.  When libblkid determines an ext4 superblock's
  checksum is corrupt, it refuses to identify the device as having a
  filesystem, which leads to the removeal of the uuid and by-label fields.
  systemd-udevd then removes these symlinks.  This is where it all goes
  wrong.

  From our debug traces, it's possible to see this clearly:

  (udev-worker)[208]: nvme0n1p16: Probe /dev/nvme0n1p16 with raid and
  offset=0

  systemd-udevd[208]: 208: libblkid: LOWPROBE: [36] ext4dev:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4dev, got 
D919EB56, expected A47F6CF0
  systemd-udevd[208]: 208: libblkid: LOWPROBE: [37] ext4:
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: 208: libblkid: LOWPROBE: magic sboff=56, kboff=1
  systemd-udevd[208]: 208: libblkid: LOWPROBE: call probefunc()
  systemd-udevd[208]: 208: libblkid:   BUFFER: reuse: off=1024 len=1024 
(for off=1024 len=1024)
  systemd-udevd[208]: incorrect checksum for type ext4, got D919EB56, 
expected A47F6CF0

  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', which is no longer 
belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-uuid/ce209fd3-a875-4607-9089-35b9de605bd0', removing
  (udev-worker)[208]: nvme0n1p16: Removing/updating old device symlink 
'/dev/disk/by-label/BOOT', which is no longer belonging to this device.
  (udev-worker)[208]: nvme0n1p16: No reference left for 
'/dev/disk/by-label/BOOT', removing
  (udev-worker)[208]: nvme0n1p16: Successfully created symlink 
'/dev/block/259:4' to '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: sd-device: Created db file 
'/run/udev/data/b259:4' for 
'/devices/pci:00/:00:01.0/nvme/nvme0/nvme0n1/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Adding watch on '/dev/nvme0n1p16'
  (udev-worker)[208]: nvme0n1p16: Device processed (SEQNUM=1630, ACTION=change)
  (udev-worker)[208]: nvme0n1p16: sd-device-monitor(worker): Passed 1315 byte 
to netlink monitor.

[Touch-packages] [Bug 2090887] Re: apport hook source_apparmor.py shows only one word per line

2024-12-04 Thread Alex Murray 
And if we add the same snippet to source_apparmor.py so we can run it
directly then we also don't reproduce this:

root@sec-noble-amd64:/usr/share/apport/package-hooks# tail
source_apparmor.py  -n6

if __name__ == '__main__':
report = {}
add_info(report, None)
for key in report:
print('%s: %s' % (key, report[key].split('\n', 1)[0]))
root@sec-noble-amd64:/usr/share/apport/package-hooks# python3 
source_apparmor.py 
/usr/share/apport/package-hooks/source_apparmor.py:61: SyntaxWarning: invalid 
escape sequence '\('
  sec_re = re.compile('audit\(|apparmor|selinux|security', re.IGNORECASE)
ProcVersionSignature: Ubuntu 6.8.0-47.47-generic 6.8.12
ProcKernelCmdline: BOOT_IMAGE=/vmlinuz-6.8.0-47-generic 
root=UUID=15a6fbdd-2b57-4890-803d-c6a103a6a00f ro console=tty1 console=ttyS0
KernLog: 2024-12-05T03:41:19.462683+00:00 sec-noble-amd64 kernel: audit: 
type=1400 audit(1733370079.461:132): apparmor="STATUS" 
operation="profile_replace" profile="unconfined" 
name="/usr/lib/snapd/snap-confine" pid=923 comm="apparmor_parser"
Syslog: 
ApparmorPackages: apparmor 4.0.1really4.0.1-0ubuntu0.24.04.3
ApparmorStatusOutput: apparmor module is loaded.
PstreeP: systemd(1)-+-ModemManager(7969)-+-{ModemManager}(7973)


But actually it is not a bug in apparmor - it is in apport itself - it has its 
own version of the AppArmor log capturing bits in hookutils.py in 
attach_mac_events() - the same regex is used there BUT it is used with 
re.findall() which only returns the matching part of the regex - so these regex 
patterns need to be updated to capture the rest of the line - something like:

mac_regex = r"^audit\(.*|apparmor.*|selinux.*|security.*"
mac_re = re.compile(mac_regex, re.IGNORECASE)
aa_regex = 'apparmor="DENIED".+?profile=([^ ]+?)[ ].*'

Should hopefully dtrt.

So I think this is bug is actually in the mysql-8.0 not apparmor (but am
not sure exactly how it is occurring as I am not that familiar with the
apport hook mechanism etc)

** Package changed: apparmor (Ubuntu) => apport (Ubuntu)

** Summary changed:

- apport hook source_apparmor.py shows only one word per line
+ apport hookutils.py only captures first word per line for KernLog

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apport in Ubuntu.
https://bugs.launchpad.net/bugs/2090887

Title:
  apport hookutils.py only captures first word per line for KernLog

Status in apport package in Ubuntu:
  New

Bug description:
  As can be seen in some bugs collecting KernLog.txt, such as
  https://launchpadlibrarian.net/755520804/KernLog.txt from LP:
  #2085412, or https://launchpadlibrarian.net/748024373/KernLog.txt from
  LP: #2079912, only one word of each line is being shown:

  Security
  AppArmor
  AppArmor
  audit(
  AppArmor
  AppArmor
  AppArmor
  AppArmor
  security
  selinux
  security
  security
  security
  security
  security
  apparmor

  I haven't reproduced this behavior myself locally, so wonder if the
  reporters' kern.log files are odd, but I've seen this in several bug
  reports.  I thought it might be the stringify() routine but running
  the apport hook manually on my own system, it works fine.  Looking
  through the source_apparmor.py file I notice the words are ones
  matching the regular expression:

  sec_re = re.compile('audit\(|apparmor|selinux|security', re.IGNORECASE)
  report['KernLog'] = recent_kernlog(sec_re)

  That can't be a coincidence.  However, I don't see how the code would
  produce this behavior, so no idea how to fix it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/2090887/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp