[Bug 1936833] Re: postinst fails when cloud-init is installed but never ran
** Description changed: + [Impact] + + Users are not able to install or upgrade ubuntu-advantage-tools in + situations where cloud-init is installed in the system, but did not run + - either because of some error, or it was disabled, or it did not + finished executing yet. + + When cloud-init runs, instance-data.json will be available and cloud-id + does not fail. The fix checks for the existence of this file, and does + not run the script if the file is not present. + + Backporting the fix will enable users to install or upgrade ubuntu- + advantage tools without problems. + + [Test Plan] + + The bug can be reproduced by running: + "schroot -c impish-amd64 -u root -d /", + and then within the chroot, running: + "apt-get update && apt-get install -y ubuntu-advantage-tools cloud-init". + + Running the above using the patched version of ubuntu-advantage-tools + should succeed without any errors. + + [Where problems could occur] + + The fix itself just skips a call that adds a warning notice to ua. + + If the user is running on a cloud and has some kind of error in cloud- + init, the user may miss a warning about having the wrong metapackages + for the cloud. However, in the case where cloud-init did not run because + of some error, the instance has a problem anyway. + + If it happens that cloud init did not run yet - as if this happens at + image creation time - then cloud-init will be later executed, and the + cloud-id checked in the code so those wrong metapackages are not + installed. + + + [Original Description] + This happens when upgrading to Ubuntu 21.10. This is the full error: Setting up ubuntu-advantage-tools (27.2.1~21.10.1) ... ERROR: File not found '/run/cloud-init/instance-data.json'. Provide a path to instance data json file using --instance-data dpkg: error processing package ubuntu-advantage-tools (--configure): installed ubuntu-advantage-tools package post-installation script subprocess returned error exit status 1dpkg: dependency problems prevent configuration of ubuntu-minimal: ubuntu-minimal depends on ubuntu-advantage-tools; however: Package ubuntu-advantage-tools is not configured yet. ProblemType: Package DistroRelease: Ubuntu 21.10 Package: ubuntu-advantage-tools 27.2.1~21.10.1 Uname: Linux 5.4.72-microsoft-standard-WSL2 x86_64 ApportVersion: 2.20.11-0ubuntu67 Architecture: amd64 CasperMD5CheckResult: unknown Date: Mon Jul 19 14:32:11 2021 DuplicateSignature: package:ubuntu-advantage-tools:27.2.1~21.10.1 Installing new version of config file /etc/ubuntu-advantage/uaclient.conf ... ERROR: File not found '/run/cloud-init/instance-data.json'. Provide a path to instance data json file using --instance-data dpkg: error processing package ubuntu-advantage-tools (--configure): installed ubuntu-advantage-tools package post-installation script subprocess returned error exit status 1 ErrorMessage: installed ubuntu-advantage-tools package post-installation script subprocess returned error exit status 1 Python3Details: /usr/bin/python3.9, Python 3.9.6, python3-minimal, 3.9.4-1 PythonDetails: N/A RebootRequiredPkgs: libc6 RelatedPackageVersions: dpkg 1.20.9ubuntu2 apt 2.3.6 SourcePackage: ubuntu-advantage-tools Title: package ubuntu-advantage-tools 27.2.1~21.10.1 failed to install/upgrade: installed ubuntu-advantage-tools package post-installation script subprocess returned error exit status 1 UpgradeStatus: Upgraded to impish on 2021-07-19 (0 days ago) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1936833 Title: postinst fails when cloud-init is installed but never ran To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1936833/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1936833] Re: postinst fails when cloud-init is installed but never ran
Tested for Xenial, Bionic, Focal and Hirsute, using the attached script. All packages could be installed despite the cloud-id error. ** Attachment added: "testproposed.sh" https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1936833/+attachment/5514125/+files/testproposed.sh -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1936833 Title: postinst fails when cloud-init is installed but never ran To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1936833/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1936833] Re: postinst fails when cloud-init is installed but never ran
Execution results for the script from previous comment can be seen attached here. ** Attachment added: "results" https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1936833/+attachment/5514126/+files/results -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1936833 Title: postinst fails when cloud-init is installed but never ran To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1936833/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1972067] Re: package ubuntu-advantage-tools 27.8~22.04.1 failed to install/upgrade: installed ubuntu-advantage-tools package post-installation script subprocess was killed by signal (Broken pipe)
** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1972067 Title: package ubuntu-advantage-tools 27.8~22.04.1 failed to install/upgrade: installed ubuntu-advantage-tools package post-installation script subprocess was killed by signal (Broken pipe) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1972067/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1880546] Re: 80-esm requires lsb_release but package does not depend on lsb-release
This is related to this Github Issue: https://github.com/canonical/ubuntu-advantage-client/issues/1245 All maintained versions of UA Client (19+) have removed the call to `lsb_release` and is parsing `os-release` directly, so this error does not happen anymore. ** Bug watch added: github.com/canonical/ubuntu-advantage-client/issues #1245 https://github.com/canonical/ubuntu-advantage-client/issues/1245 ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1880546 Title: 80-esm requires lsb_release but package does not depend on lsb-release To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1880546/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060769] Re: pro-client execs `apt list --installed` instead of using python3-apt - leading to utf-8 errors
Given the wider range of problems represented in the bug, I have changed
the title/description to accomodate any subprocess returning non-utf8.
There is also a new fix plan. I will implement it and we will upload a
33.1 version to proposed fixing this.
** Description changed:
[ Impact ]
If for any reason the user's system has any non-utf8 character as part
- of the `apt list --installed` command, the Pro Client will fail to parse
+ of any subprocess command executed, the Pro Client will fail to parse
the return output and break.
Independent of why this happens, the Pro Client should not be relying on
CLI output when there are Python bindings available to perform the same
task - and python3-apt provides ways to list installed packages.
- The fix to this bug is to rely on the programmatic integration with APT
- instead of calling the CLI.
+ The fix to this bug is to ignore utf-8 errors in the occasions where it
+ needs to subprocess. Even other software than APT may include non-utf8
+ output by chance. To avoid corner case scenarios, setting LANG=C when
+ executing any subprocess should mitigate the presence of non-utf8
+ anyway.
[ Test Plan ]
- Listing installed packages is part of the regular operation of the Pro
- Client in many scenarios covered by the integration / acceptance tests.
+ Subprocessing is part of the regular operation of the Pro Client in many
+ scenarios covered by the integration / acceptance tests.
For this particular issue:
- Launch a container for the release to be tested
- Install a non-utf-8 locale and set it as the default. e.g.
- - sudo locale-gen fr_FR
- - sudo dpkg-reconfigure locales # select fr_FR
- - # log out and log in
+ - sudo locale-gen fr_FR
+ - sudo dpkg-reconfigure locales # select fr_FR
+ - # log out and log in
- pro status
- see it fail
- install the package from -proposed
- see it does not fail anymore
[ Where problems could occur ]
- Switching from the CLI call to python3-apt brings the risk of wrong
- implementation of the integration, which would lead to a different
- package list to be returned by python3-apt. The regression potential is
- mitigated by extensive testing - unit, integration and acceptance tests
- rely on this functionality.
+ Ignoring non-utf8 characters when decoding will not prevent the Client
+ from reading all the actual utf-8 present in the output. The pieces we
+ parse from the commands we execute are not involving any possible non-
+ utf8 text. If we would have assessed this wrong, this could cause all
+ sorts of regressions.
+
+ To be extra careful, we are setting LANG=C.UTF-8 - so we have way better
+ expectation management on the outputs from any external command we run
+ on a system.
[ Original description ]
["2024-04-10T08:28:17.952", "DEBUG", "ubuntupro.system", "load_file", 517,
"Reading file: /etc/os-release", {}]
["2024-04-10T08:28:17.953", "DEBUG", "ubuntupro.system", "load_file", 517,
"Reading file: /proc/version_signature", {}]
["2024-04-10T08:28:18.575", "ERROR", "ubuntupro.cli", "wrapper", 1768,
"Unhandled exception, please file a bug", {"exc_info": "Traceback (most recent
call
last):\n File \"/usr/lib/python3/dist-packages/uaclient/cli/__init__.py\",
line 1705, in wrapper\nreturn func(*args, **kwargs)\n File \"/usr/lib/py
thon3/dist-packages/uaclient/cli/__init__.py\", line 1838, in main\n
return_value = args.action(args, cfg=cfg, extra_args=extra_args)\n File
\"/usr/li
b/python3/dist-packages/uaclient/cli/__init__.py\", line 1475, in
action_status\nstatus, ret = actions.status(\n File
\"/usr/lib/python3/dist-package
s/uaclient/actions.py\", line 173, in status\nstatus =
ua_status.status(cfg=cfg, show_all=show_all)\n File
\"/usr/lib/python3/dist-packages/uaclient/
status.py\", line 418, in status\nresponse = _unattached_status(cfg)\n
File \"/usr/lib/python3/dist-packages/uaclient/status.py\", line 283, in _unat
tached_status\nresources = get_available_resources(cfg)\n File
\"/usr/lib/python3/dist-packages/uaclient/contract.py\", line 680, in
get_available_re
sources\nresources = client.available_resources()\n File
\"/usr/lib/python3/dist-packages/uaclient/contract.py\", line 114, in
available_resources\n
activity_info = self._get_activity_info()\n File
\"/usr/lib/python3/dist-packages/uaclient/contract.py\", line 413, in
_get_activity_info\n\"deskt
op\": system.is_desktop(),\n File
\"/usr/lib/python3/dist-packages/uaclient/system.py\", line 397, in
is_desktop\nfor package in apt.get_installed_pa
ckages():\n File \"/usr/lib/python3/dist-packages/uaclient/apt.py\", line
727, in get_installed_packages\nout, _ = system.subp([\"apt\", \"list\", \"
--installed\"])\n File
\"/usr/lib/python3/dist-packages/uaclient/system.py\", line 703, in subp\n
out, err = _subp(\n File \"/usr/lib/python3/dist-pa
ckages/uaclient/system.py\", line 649,
[Bug 2078737] Re: /usr/lib/ubuntu-advantage/timer.py:UnicodeDecodeError:/usr/lib/ubuntu-advantage/timer.py@209:run_jobs:read:read:load_file
This bug is about the timer job failing to read the jobs-status.json file. The failure happens when trying to decode the file, as non-utf8 characters are present. I could not reproduce the error, except by inserting invalid characters in the file intentionally. It may be happening while trying to migrate the file after an upgrade? The curious detail is that many of those errors, which happen on noble, are reported from systems which were installed from focal installation media. That means they have been upgraded for a while (both the system and our package). The fair solution to this is to capture errors when trying to read this file and erase it if it is corrupt. The next execution of the timer jobs will recreate it. ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Triaged ** Changed in: ubuntu-advantage-tools (Ubuntu) Assignee: (unassigned) => Renan Rodrigo (renanrodrigo) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2078737 Title: /usr/lib/ubuntu-advantage/timer.py:UnicodeDecodeError:/usr/lib/ubuntu- advantage/timer.py@209:run_jobs:read:read:load_file To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2078737/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2073322] Re: Upstream microrelease 6.10
** Merge proposal linked: https://code.launchpad.net/~renanrodrigo/ubuntu/+source/squid/+git/squid/+merge/472902 ** Changed in: squid (Ubuntu) Assignee: Athos Ribeiro (athos-ribeiro) => Renan Rodrigo (renanrodrigo) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2073322 Title: Upstream microrelease 6.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2073322/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2071468] Re: ELF package metadata failure: environment variable ‘DEB_HOST_ARCH’ not defined
** Merge proposal unlinked: https://code.launchpad.net/~renanrodrigo/ubuntu/+source/squid/+git/squid/+merge/472902 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2071468 Title: ELF package metadata failure: environment variable ‘DEB_HOST_ARCH’ not defined To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/asymptote/+bug/2071468/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2073322] Re: Upstream microrelease 6.10
** Description changed: Apart from the oracular update, which will not require a FFe since there are no features being introduced here (see the upstream changes section below), this bug tracks the following MRE updates for the Squid package: noble (22.04): Squid 6.10 This update includes bugfixes following the SRU policy exception defined at https://wiki.ubuntu.com/SquidUpdates. [Upstream changes] https://www.squid-cache.org/Versions/v6/squid-6.10-RELEASENOTES.html - The only relevant hunk in a diff from version 6.6 to 6.10 for the + The only relevant hunk in a diff from version 6.9 to 6.10 for the upstream "release notes" file (doc/release-notes/release-6.html) is -No ./configure options have been changed. +--disable-esi +The ESI feature is now disabled by default. +Use --enable-esi if needed. Which, if applied, would introduce a feature/behavior change here. However, this we already have an "--enable-esi" entry in d/rules in the current noble (and oracualar) versions. The complete set of changes together with a comprehensive changelog is available at https://github.com/squid- cache/squid/compare/SQUID_6_6..SQUID_6_10. [Test Plan] TODO: link the build log containing all tests being executed TODO: All tests are passing during build time, as shown in the build log (builds would fail otherwise, see LP: #2004050). TODO: add results of local autopkgtest run against all the new Squid versions being uploaded here [Regression Potential] Upstream tests are always executed during build-time. Failures would prevent builds from succeeding. Squid does not have many reverse dependencies. However, any upgrade is a risk to introduce breakage to other packages. Whenever a regression occurs in autopkgtests, we will investigate and provide fixes. TODO: consider any other regression potential specific to the version being updated and list them here if any. [Other Info] No CVEs are being addressed this time (the ones fixed in between 6.6 and 6.10 are already fixed in noble's security pocket). Therefore, this should go through the updates pockets. Previous squid MREs: - https://pad.lv/2013423 - https://pad.lv/2040470 ** Description changed: Apart from the oracular update, which will not require a FFe since there are no features being introduced here (see the upstream changes section below), this bug tracks the following MRE updates for the Squid package: noble (22.04): Squid 6.10 This update includes bugfixes following the SRU policy exception defined at https://wiki.ubuntu.com/SquidUpdates. [Upstream changes] https://www.squid-cache.org/Versions/v6/squid-6.10-RELEASENOTES.html - The only relevant hunk in a diff from version 6.9 to 6.10 for the + The only relevant hunk in a diff from version 6.6 to 6.10 for the upstream "release notes" file (doc/release-notes/release-6.html) is -No ./configure options have been changed. +--disable-esi +The ESI feature is now disabled by default. +Use --enable-esi if needed. Which, if applied, would introduce a feature/behavior change here. However, this we already have an "--enable-esi" entry in d/rules in the current noble (and oracualar) versions. The complete set of changes together with a comprehensive changelog is available at https://github.com/squid- cache/squid/compare/SQUID_6_6..SQUID_6_10. [Test Plan] TODO: link the build log containing all tests being executed TODO: All tests are passing during build time, as shown in the build log (builds would fail otherwise, see LP: #2004050). TODO: add results of local autopkgtest run against all the new Squid versions being uploaded here [Regression Potential] Upstream tests are always executed during build-time. Failures would prevent builds from succeeding. Squid does not have many reverse dependencies. However, any upgrade is a risk to introduce breakage to other packages. Whenever a regression occurs in autopkgtests, we will investigate and provide fixes. TODO: consider any other regression potential specific to the version being updated and list them here if any. [Other Info] No CVEs are being addressed this time (the ones fixed in between 6.6 and 6.10 are already fixed in noble's security pocket). Therefore, this should go through the updates pockets. Previous squid MREs: - https://pad.lv/2013423 - https://pad.lv/2040470 ** Description changed: Apart from the oracular update, which will not require a FFe since there are no features being introduced here (see the upstream changes section below), this bug tracks the following MRE updates for the Squid package: noble (22.04): Squid 6.10 This update includes bugfixes following the SRU policy exception defined at https://wiki.ubuntu.com/SquidUpdates. [Upstream changes] https
[Bug 2073322] Re: Upstream microrelease 6.10
** Description changed: Apart from the oracular update, which will not require a FFe since there are no features being introduced here (see the upstream changes section below), this bug tracks the following MRE updates for the Squid package: noble (22.04): Squid 6.10 This update includes bugfixes following the SRU policy exception defined at https://wiki.ubuntu.com/SquidUpdates. [Upstream changes] https://www.squid-cache.org/Versions/v6/squid-6.10-RELEASENOTES.html - The only relevant hunk in a diff from version 6.9 to 6.10 for the + The only relevant hunk in a diff from version 6.6 to 6.10 for the upstream "release notes" file (doc/release-notes/release-6.html) is -No ./configure options have been changed. +--disable-esi +The ESI feature is now disabled by default. +Use --enable-esi if needed. Which, if applied, would introduce a feature/behavior change here. However, this we already have an "--enable-esi" entry in d/rules in the current noble (and oracualar) versions. The complete set of changes together with a comprehensive changelog is available at https://github.com/squid- - cache/squid/compare/SQUID_6_9..SQUID_6_10. + cache/squid/compare/SQUID_6_6..SQUID_6_10. [Test Plan] TODO: link the build log containing all tests being executed TODO: All tests are passing during build time, as shown in the build log (builds would fail otherwise, see LP: #2004050). TODO: add results of local autopkgtest run against all the new Squid versions being uploaded here [Regression Potential] Upstream tests are always executed during build-time. Failures would prevent builds from succeeding. Squid does not have many reverse dependencies. However, any upgrade is a risk to introduce breakage to other packages. Whenever a regression occurs in autopkgtests, we will investigate and provide fixes. TODO: consider any other regression potential specific to the version being updated and list them here if any. [Other Info] No CVEs are being addressed this time (the ones fixed in between 6.6 and 6.10 are already fixed in noble's security pocket). Therefore, this should go through the updates pockets. Previous squid MREs: - https://pad.lv/2013423 - https://pad.lv/2040470 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2073322 Title: Upstream microrelease 6.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/squid/+bug/2073322/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2071468] Re: ELF package metadata failure: environment variable ‘DEB_HOST_ARCH’ not defined
** Merge proposal unlinked: https://code.launchpad.net/~renanrodrigo/ubuntu/+source/squid/+git/squid/+merge/472902 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2071468 Title: ELF package metadata failure: environment variable ‘DEB_HOST_ARCH’ not defined To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/asymptote/+bug/2071468/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2078614] Re: pro refresh Failed running command '/snap/bin/canonical-livepatch config' [exit(1)]. Message: error executing config: livepatchd error: daemon shutting down
** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2078614 Title: pro refresh Failed running command '/snap/bin/canonical-livepatch config' [exit(1)]. Message: error executing config: livepatchd error: daemon shutting down To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-livepatch-client/+bug/2078614/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2067319] [NEW] After upgrading from bionic to focal, esm-cache.service hits apparmor denials
Public bug reported: [ Impact ] On ubuntu-advantage-tools v32.2, currently in -proposed, we are hitting apparmor DENIED errors on the apt update hook which executes esm- cache.service. This ONLY happens if the version with the apparmor profiles is installed on a Focal system which has been upgraded from Bionic, using do-release- upgrade. It seems that despite covering /usr/bin/ in the profile on Focal for commands like uname or systemctl, we don't account for /bin/. However, when coming from a Bionic system, /bin/ is an actual folder instead of a symlink (as expected on a fresh Focal machine). Logs: 2024-05-24 03:09:16,344:WARNING:root:XXX apparmor DENIED begin 2024-05-24 03:09:16,344:WARNING:root:May 24 03:09:09 rtp kernel: [237304.232128] audit: type=1400 audit(1716530949.314:82839): apparmor="DENIED" operation="exec" class="file" namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_" profile="ubuntu_pro_esm_cache" name="/bin/uname" pid=108713 comm="python3" requested_mask="x" denied_mask="x" fsuid=100 ouid=100 May 24 03:09:09 rtp kernel: [237304.261953] audit: type=1400 audit(1716530949.346:82840): apparmor="DENIED" operation="exec" class="file" namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_" profile="ubuntu_pro_apt_news" name="/bin/uname" pid=108714 comm="python3" requested_mask="x" denied_mask="x" fsuid=100 ouid=100 May 24 03:09:09 rtp kernel: [237304.456301] audit: type=1400 audit(1716530949.538:82841): apparmor="DENIED" operation="exec" class="file" namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_" profile="ubuntu_pro_esm_cache//cloud_id" name="/bin/uname" pid=108719 comm="cloud-id" requested_mask="x" denied_mask="x" fsuid=100 ouid=100 May 24 03:09:09 rtp kernel: [237304.514651] audit: type=1400 audit(1716530949.598:82842): apparmor="DENIED" operation="exec" class="file" namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_" profile="ubuntu_pro_esm_cache//cloud_id" name="/bin/systemctl" pid=108721 comm="cloud-id" requested_mask="x" denied_mask="x" fsuid=100 ouid=100 May 24 03:09:11 rtp kernel: [237306.797550] audit: type=1400 audit(1716530951.878:82843): apparmor="DENIED" operation="exec" class="file" namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_" profile="ubuntu_pro_esm_cache" name="/bin/uname" pid=109364 comm="python3" requested_mask="x" denied_mask="x" fsuid=100 ouid=100 May 24 03:09:11 rtp kernel: [237306.827422] audit: type=1400 audit(1716530951.910:82844): apparmor="DENIED" operation="exec" class="file" namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_" profile="ubuntu_pro_apt_news" name="/bin/uname" pid=109365 comm="python3" requested_mask="x" denied_mask="x" fsuid=100 ouid=100 May 24 03:09:12 rtp kernel: [237307.022790] audit: type=1400 audit(1716530952.106:82845): apparmor="DENIED" operation="exec" class="file" namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_" profile="ubuntu_pro_esm_cache//cloud_id" name="/bin/uname" pid=109370 comm="cloud-id" requested_mask="x" denied_mask="x" fsuid=100 ouid=100 May 24 03:09:12 rtp kernel: [237307.074546] audit: type=1400 audit(1716530952.158:82846): apparmor="DENIED" operation="exec" class="file" namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_" profile="ubuntu_pro_esm_cache//cloud_id" name="/bin/systemctl" pid=109372 comm="cloud-id" requested_mask="x" denied_mask="x" fsuid=100 ouid=100 May 24 03:09:14 rtp kernel: [237309.142413] audit: type=1400 audit(1716530954.226:82847): apparmor="DENIED" operation="exec" class="file" namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_" profile="ubuntu_pro_apt_news" name="/bin/uname" pid=109856 comm="python3" requested_mask="x" denied_mask="x" fsuid=100 ouid=100 2024-05-24 03:09:16,344:WARNING:root:XXX apparmor DENIED end [ Test Plan ] These were caught by the automated verification tests for v32.2 in -proposed. If all of the automated verification tests pass for the version with the fix (32.3), then that will be considered a verification for this bug as well. [ Where problems could occur ] The fix edits the template for the ubuntu_pro_esm_cache apparmor profile. If mistakes were made, it may cause new apparmor denials or other related issues, ultimately meaning esm-cache.service wouldn't run properly, preventing esm update notifications from being displayed on unattached machines. ** Affects: ubuntu-advantage-tools (Ubuntu) Importance: Undecided Status: Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2067319 Title: After upgrading from bionic to focal, esm-cache.service hits appar
[Bug 2067319] Re: After upgrading from bionic to focal, esm-cache.service hits apparmor denials
** Description changed:
[ Impact ]
On ubuntu-advantage-tools v32.2, currently in -proposed, we are hitting
apparmor DENIED errors on the apt update hook which executes esm-
cache.service.
This ONLY happens if the version with the apparmor profiles is installed
on a Focal system which has been upgraded from Bionic, using do-release-
upgrade.
It seems that despite covering /usr/bin/ in the profile on Focal for
commands like uname or systemctl, we don't account for /bin/. However,
when coming from a Bionic system, /bin/ is an actual folder instead of a
symlink (as expected on a fresh Focal machine).
This happens because of the usr-merge[1] effort. On fresh focal systems, we
have symlinks replacing top-level directories like /bin, /sbin, and others:
root@f-pristine:~# ls -la /{bin,lib,lib*,sbin}
lrwxrwxrwx 1 root root 7 May 24 21:40 /bin -> usr/bin
lrwxrwxrwx 1 root root 7 May 24 21:40 /lib -> usr/lib
lrwxrwxrwx 1 root root 7 May 24 21:40 /lib -> usr/lib
lrwxrwxrwx 1 root root 9 May 24 21:40 /lib32 -> usr/lib32
lrwxrwxrwx 1 root root 9 May 24 21:40 /lib64 -> usr/lib64
lrwxrwxrwx 1 root root 10 May 24 21:40 /libx32 -> usr/libx32
lrwxrwxrwx 1 root root 8 May 24 21:40 /sbin -> usr/sbin
In bionic, these are actual directories:
root@b:~# ls -lad /{bin,lib,lib*,sbin}
drwxr-xr-x 1 root root 2472 Jun 7 2023 /bin
drwxr-xr-x 1 root root 438 Jun 7 2023 /lib
drwxr-xr-x 1 root root 438 Jun 7 2023 /lib
drwxr-xr-x 1 root root 40 Jun 7 2023 /lib64
drwxr-xr-x 1 root root 3694 Jun 7 2023 /sbin
In a focal system that was upgraded from bionic, the usr-merge is not
done, and this focal system will retain the bionic top-level
directories.
Logs:
2024-05-24 03:09:16,344:WARNING:root:XXX apparmor DENIED begin
2024-05-24 03:09:16,344:WARNING:root:May 24 03:09:09 rtp kernel:
[237304.232128] audit: type=1400 audit(1716530949.314:82839): apparmor="DENIED"
operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_esm_cache" name="/bin/uname" pid=108713 comm="python3"
requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:09 rtp kernel: [237304.261953] audit: type=1400
audit(1716530949.346:82840): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_apt_news" name="/bin/uname" pid=108714 comm="python3"
requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:09 rtp kernel: [237304.456301] audit: type=1400
audit(1716530949.538:82841): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_esm_cache//cloud_id" name="/bin/uname" pid=108719
comm="cloud-id" requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:09 rtp kernel: [237304.514651] audit: type=1400
audit(1716530949.598:82842): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_esm_cache//cloud_id" name="/bin/systemctl" pid=108721
comm="cloud-id" requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:11 rtp kernel: [237306.797550] audit: type=1400
audit(1716530951.878:82843): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_esm_cache" name="/bin/uname" pid=109364 comm="python3"
requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:11 rtp kernel: [237306.827422] audit: type=1400
audit(1716530951.910:82844): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_apt_news" name="/bin/uname" pid=109365 comm="python3"
requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:12 rtp kernel: [237307.022790] audit: type=1400
audit(1716530952.106:82845): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_esm_cache//cloud_id" name="/bin/uname" pid=109370
comm="cloud-id" requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:12 rtp kernel: [237307.074546] audit: type=1400
audit(1716530952.158:82846): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_esm_cache//cloud_id" name="/bin/systemctl" pid=109372
comm="cloud-id" requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:14 rtp kernel: [237309.142413] audit: type=1400
audit(1716530954.226:82847): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-
[Bug 2067319] Re: After upgrading from bionic to focal, esm-cache.service hits apparmor denials
Updated the description, as Robie asked, with the problems that could occur.
Also outlined the tests to be executed to validate the fix for this bug.
** Description changed:
[ Impact ]
On ubuntu-advantage-tools v32.2, currently in -proposed, we are hitting
apparmor DENIED errors on the apt update hook which executes esm-
cache.service.
This ONLY happens if the version with the apparmor profiles is installed
on a Focal system which has been upgraded from Bionic, using do-release-
upgrade.
It seems that despite covering /usr/bin/ in the profile on Focal for
commands like uname or systemctl, we don't account for /bin/. However,
when coming from a Bionic system, /bin/ is an actual folder instead of a
symlink (as expected on a fresh Focal machine).
This happens because of the usr-merge[1] effort. On fresh focal systems, we
have symlinks replacing top-level directories like /bin, /sbin, and others:
root@f-pristine:~# ls -la /{bin,lib,lib*,sbin}
lrwxrwxrwx 1 root root 7 May 24 21:40 /bin -> usr/bin
lrwxrwxrwx 1 root root 7 May 24 21:40 /lib -> usr/lib
lrwxrwxrwx 1 root root 7 May 24 21:40 /lib -> usr/lib
lrwxrwxrwx 1 root root 9 May 24 21:40 /lib32 -> usr/lib32
lrwxrwxrwx 1 root root 9 May 24 21:40 /lib64 -> usr/lib64
lrwxrwxrwx 1 root root 10 May 24 21:40 /libx32 -> usr/libx32
lrwxrwxrwx 1 root root 8 May 24 21:40 /sbin -> usr/sbin
In bionic, these are actual directories:
root@b:~# ls -lad /{bin,lib,lib*,sbin}
drwxr-xr-x 1 root root 2472 Jun 7 2023 /bin
drwxr-xr-x 1 root root 438 Jun 7 2023 /lib
drwxr-xr-x 1 root root 438 Jun 7 2023 /lib
drwxr-xr-x 1 root root 40 Jun 7 2023 /lib64
drwxr-xr-x 1 root root 3694 Jun 7 2023 /sbin
In a focal system that was upgraded from bionic, the usr-merge is not
done, and this focal system will retain the bionic top-level
directories.
Logs:
2024-05-24 03:09:16,344:WARNING:root:XXX apparmor DENIED begin
2024-05-24 03:09:16,344:WARNING:root:May 24 03:09:09 rtp kernel:
[237304.232128] audit: type=1400 audit(1716530949.314:82839): apparmor="DENIED"
operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_esm_cache" name="/bin/uname" pid=108713 comm="python3"
requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:09 rtp kernel: [237304.261953] audit: type=1400
audit(1716530949.346:82840): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_apt_news" name="/bin/uname" pid=108714 comm="python3"
requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:09 rtp kernel: [237304.456301] audit: type=1400
audit(1716530949.538:82841): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_esm_cache//cloud_id" name="/bin/uname" pid=108719
comm="cloud-id" requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:09 rtp kernel: [237304.514651] audit: type=1400
audit(1716530949.598:82842): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_esm_cache//cloud_id" name="/bin/systemctl" pid=108721
comm="cloud-id" requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:11 rtp kernel: [237306.797550] audit: type=1400
audit(1716530951.878:82843): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_esm_cache" name="/bin/uname" pid=109364 comm="python3"
requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:11 rtp kernel: [237306.827422] audit: type=1400
audit(1716530951.910:82844): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_apt_news" name="/bin/uname" pid=109365 comm="python3"
requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:12 rtp kernel: [237307.022790] audit: type=1400
audit(1716530952.106:82845): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_esm_cache//cloud_id" name="/bin/uname" pid=109370
comm="cloud-id" requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:12 rtp kernel: [237307.074546] audit: type=1400
audit(1716530952.158:82846): apparmor="DENIED" operation="exec" class="file"
namespace="root//lxd-upro-behave-bionic-system-under-test-0524-025458284620_"
profile="ubuntu_pro_esm_cache//cloud_id" name="/bin/systemctl" pid=109372
comm="cloud-id" requested_mask="x" denied_mask="x" fsuid=100 ouid=100
May 24 03:09:14
[Bug 2060732] Re: [SRU] ubuntu-advantage-tools (31 -> 32) Xenial, Bionic, Focal, Jammy, Mantic
Context on the cloud-init failures: Cloud-init's newer version changed the key used in cloud config for the Pro client from ubuntu_advantage to ubuntu_pro. Because it is a "breaking" change, this works fine on Focal and Jammy, where both keys are accepted, but not on Noble. On Noble, when you use ubuntu_advantage, the functionality itself works but you get a warning and cloud-init is left in a degraded state - breaking our test expectations that all is good on their side. We changed the key to `ubuntu_pro` in tests so cloud-init can work well on Noble, and it does. But the catch is: the support for the `ubuntu_pro` key is only implemented in THIS version of the Client, >=32, which is in -proposed. When we launch the machines for testing, we are not using the package from proposed yet - we boot with cloud-config being considered in the installed version, and install from proposed later. This leads to the following conclusion: - our test is meant to verify the Client's behavior with the new key, and what is breaking is the cloud-init integration. So those failures are not related to the proposed package at all, and should not block verification for the SRU. - this is and has been true for a while, and those tests are always executed, which carries the side effect of guaranteeing some extent of cloud-init integration, but only after released. - We have assured this particular integration works using builds from local / daily PPAs. So all is good to proceed here despite those failures. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060732 Title: [SRU] ubuntu-advantage-tools (31 -> 32) Xenial, Bionic, Focal, Jammy, Mantic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2060732/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2065616] Re: apport hook AttributeError: 'UAConfig' object has no attribute 'data_path'
I'm re-marking this as verification-done for all releases, as it was verified on 32.2 and the new 32.3 version does not affect this. Further information in: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067319/comments/1 ** Tags removed: verification-needed verification-needed-bionic verification-needed-focal verification-needed-jammy verification-needed-mantic verification-needed-noble verification-needed-xenial ** Tags added: verification-done verification-done-bionic verification-done-focal verification-done-jammy verification-done-mantic verification-done-noble verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2065616 Title: apport hook AttributeError: 'UAConfig' object has no attribute 'data_path' To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2065616/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2065573] Re: esm-cache.service denied access to /etc/os-release by apparmor
I'm re-marking this as verification-done for all releases, as it was verified on 32.2 and the new 32.3 version does not affect this. Further information in: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067319/comments/1 ** Tags removed: verification-needed verification-needed-bionic verification-needed-focal verification-needed-jammy verification-needed-mantic verification-needed-noble verification-needed-xenial ** Tags added: verification-done verification-done-bionic verification-done-focal verification-done-jammy verification-done-mantic verification-done-noble verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2065573 Title: esm-cache.service denied access to /etc/os-release by apparmor To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2065573/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066929] Re: 32.1 in -proposed causes new apparmor denials
The verification for the main SRU bug (https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2060732) was done for 32.2 and no errors were encountered related to this bug. No need to re-do all automation for 32.3, as explained in:https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067319/comments/1 So I am marking verification-done for all releases. ** Tags removed: verification-needed verification-needed-bionic verification-needed-focal verification-needed-jammy verification-needed-mantic verification-needed-noble verification-needed-xenial ** Tags added: verification-done verification-done-bionic verification-done-focal verification-done-jammy verification-done-mantic verification-done-noble verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066929 Title: 32.1 in -proposed causes new apparmor denials To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2066929/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2033313] Re: Rename ua_logs.tar.gz to up_logs.tar.gz
The verification for the main SRU bug (https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2060732) was done for 32.2 and no errors were encountered related to this bug. No need to re-do all automation for 32.3, as explained in:https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067319/comments/1 So I am marking verification-done for all releases. ** Tags removed: verification-needed verification-needed-bionic verification-needed-focal verification-needed-jammy verification-needed-mantic verification-needed-noble verification-needed-xenial ** Tags added: verification-done verification-done-bionic verification-done-focal verification-done-jammy verification-done-mantic verification-done-noble verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2033313 Title: Rename ua_logs.tar.gz to up_logs.tar.gz To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2033313/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2031192] Re: Enabling of Pro Services Does Not Update when using airgapped mirrors over http://
The verification for the main SRU bug (https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2060732) was done for 32.2 and no errors were encountered related to this bug. No need to re-do all automation for 32.3, as explained in:https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067319/comments/1 So I am marking verification-done for all releases. ** Tags removed: verification-needed verification-needed-bionic verification-needed-focal verification-needed-jammy verification-needed-mantic verification-needed-noble verification-needed-xenial ** Tags added: verification-done verification-done-bionic verification-done-focal verification-done-jammy verification-done-mantic verification-done-noble verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2031192 Title: Enabling of Pro Services Does Not Update when using airgapped mirrors over http:// To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2031192/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066231] Re: Pro livepatch unable to mount file
Hello, sahcadmin, thanks for reporting this bug. It seems there is a problem in querying Livepatch status, so I'll be tagging the Livepatch team to take a look. On the Pro Client's side the behavior seems to be correct, but I'll keep it as incomplete until we have more input. ** Information type changed from Private to Public ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete ** Also affects: canonical-livepatch-client Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066231 Title: Pro livepatch unable to mount file To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-livepatch-client/+bug/2066231/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066294] Re: package ubuntu-advantage-tools 31.2.3~22.04 failed to install/upgrade: installed ubuntu-advantage-tools package post-installation script subprocess was killed by signal (Broken pipe)
** Information type changed from Private to Private Security ** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066294 Title: package ubuntu-advantage-tools 31.2.3~22.04 failed to install/upgrade: installed ubuntu-advantage-tools package post-installation script subprocess was killed by signal (Broken pipe) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2066294/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066304] Re: update-manager crashed
Hello, ubtb450, thanks for reporting this bug. I am under the impression this is a duplicate of something already fixed on the update-manager side. I will add them to this bug, and mark incomplete for u-a-t until we get more information. ** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066304 Title: update-manager crashed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2066304/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066304] Re: update-manager crashed
** Also affects: update-manager (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066304 Title: update-manager crashed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2066304/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066294] Re: package ubuntu-advantage-tools 31.2.3~22.04 failed to install/upgrade: installed ubuntu-advantage-tools package post-installation script subprocess was killed by signal (Broken pipe)
Hello, malperry73, thanks for reporting this bug. I cannot reproduce it locally - I have no details from the logs on what exactly did fail. Do you have steps to reproduce this behavior? Can you see the same on different systems? The only smell I see in the logs are errors and warnings for other packages, that involve snapd and systemd - is there anything particular to your system that may be causing those to fail? ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066294 Title: package ubuntu-advantage-tools 31.2.3~22.04 failed to install/upgrade: installed ubuntu-advantage-tools package post-installation script subprocess was killed by signal (Broken pipe) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2066294/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2066304] Re: update-manager crashed
** Changed in: ubuntu-advantage-tools (Ubuntu) Status: Invalid => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2066304 Title: update-manager crashed To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2066304/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2067060] Re: Disabling ems-apps fails
Hello, Björn, thanks for reaching out and raising this bug. I see you have tried to disable esm-apps, but during that operation, our servers had an unexpected timeout :( Now the service is up again - does this issue still persist? What happens when you run `sudo pro disable` or `sudo pro enable` now? ** Information type changed from Private to Public ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2067060 Title: Disabling ems-apps fails To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067060/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2067076] Re: Ubuntu Pro not attaching nor returning status
Hello, John, thanks for raising this issue. I see the tracebacks in the logs are all related to timeouts and disconnects. We apologise, our servers have been unstable for a while :/ Now everything should be normal again. Could you try to attach / run status and see if the problem persists? ** Information type changed from Private to Public ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2067076 Title: Ubuntu Pro not attaching nor returning status To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067076/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2067580] Re: cannot disable livepatch when /etc/lsb-release is edited
Hello, jkwang28, thanks for reporting this bug. Livepatch seems to be relying on the output of /etc/lsb-release to verify compatibility on all operations (including disable/status/etc). I would say editing /etc/lsb-release or /etc/os-release is not something supported from the Pro side. I see the report says you are using Ubuntu Jammy Jellyfish (22.04). If that is the case, and the /etc/lsb-release was edited back to the original content, then Livepatch should work fine. Can you please confirm the content of /etc/lsb-release now, and the output you see when disabling/enabling Livepatch again? ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2067580 Title: cannot disable livepatch when /etc/lsb-release is edited To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067580/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2067728] Re: i am facing some issue like notification becomes bigger and some times system get stuck at a place after this recent update and more issue i am facing
Hello, lokendar, thanks for reporting this bug. I can see many timeouts in the logs. Those seem to be caused by instability on our servers - we apologise. Now it should be back to normal. Could you try enabling/disabling the services (like livepatch) again? Also, could you elaborate more on 'notifications panel becomes bigger'? How bigger? What is the content? Thanks in advance for retrying. ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete ** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2067728 Title: i am facing some issue like notification becomes bigger and some times system get stuck at a place after this recent update and more issue i am facing To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067728/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2068100] Re: ran `pro detach` to i could then run `pro attach ...` but `pro detach` failed on livepatch
Hello, Michael, thanks for reporting this bug. The ubuntu-advantage.log contains tracebacks only related to livepatch, and the Pro Client is behaving as expected as far as I can see. I am including Livepatch people in this bug so they can weigh in on what is happening. I will mark this incomplete for u-a-t until we see more information. ** Information type changed from Private to Public ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete ** Also affects: canonical-livepatch-client Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2068100 Title: ran `pro detach` to i could then run `pro attach ...` but `pro detach` failed on livepatch To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-livepatch-client/+bug/2068100/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2067810] Re: New Apparmor denial with ubuntu-advantage-tools on bionic
** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => In Progress ** Changed in: ubuntu-advantage-tools (Ubuntu) Assignee: (unassigned) => Andreas Hasenack (ahasenack) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2067810 Title: New Apparmor denial with ubuntu-advantage-tools on bionic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067810/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2068744] Re: Launching ua status → An unexpected error occurred: list index out of range
Hi Marco, thanks for reporting this The parsing of `apt list --installed` is failing - we are trying to extract version information using the pattern, and it fails. The root cause fix will be deployed next release. But to know what is happening here, could you please append the output of `apt list --installed`? Thanks ** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2068744 Title: Launching ua status → An unexpected error occurred: list index out of range To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2068744/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2063032] Re: Can't enable or disable livepatch.
** Changed in: ubuntu-advantage-tools (Ubuntu) Status: Incomplete => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2063032 Title: Can't enable or disable livepatch. To manage notifications about this bug go to: https://bugs.launchpad.net/canonical-livepatch-client/+bug/2063032/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2068744] Re: Launching ua status → An unexpected error occurred: list index out of range
Nice! We have switched to python3-apt recently, and this will be not a problem anymore in v33. ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2068744 Title: Launching ua status → An unexpected error occurred: list index out of range To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2068744/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060051] Re: Pro API missing end-point to query service availability
Hello, Nathan, Thank you very much for reporting this bug. The team is aware of the gaps and we have an open item to implement the missing API endpoints. We will keep you posted. ** Changed in: ubuntu-advantage-tools (Ubuntu) Assignee: (unassigned) => Dheyay Desai (dheyayd) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060051 Title: Pro API missing end-point to query service availability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2060051/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060051] Re: Pro API missing end-point to query service availability
** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060051 Title: Pro API missing end-point to query service availability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2060051/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2059952] Re: pro sometimes runs before cloud-config.service
** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2059952 Title: pro sometimes runs before cloud-config.service To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2059952/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1988299] Re: Can't upgrade from 20.04 to 22.04 due to extreme space requirement for /boot
Ok I'm having the very same problem now when upgrading from 22.04 to 24.04. - The automatic size that the installer chose for my /boot partition is 704M (no questions asked). - When upgrading to 22.04 from 20.04 I had to manually remove old kernels. Just any kernel update on Jammy nowadays makes me go there and remove everything manually which is enough of a pain. - On the upgrade from Jammy to Noble, even with a single kernel (the running one) I have no space to go further. And I'm not missing a little : Uvolněte prosím alespoň 130 M dodatečného místa na „/boot”. I ain't getting 130M on /boot here or there. The questions are many, and were asked but not answered somewhere else. - Am I stuck with Jammy unless I backup everything and do a reinstall? - Isn't it a bug in the installer that I couldn't choose a /boot size when I enabled the LUKS encryption? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1988299 Title: Can't upgrade from 20.04 to 22.04 due to extreme space requirement for /boot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1988299/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2067810] Re: Apparmor denial on /var/lib/dpkg/arch
This bug has been already verified for 32.3.1, and now is being moved to v32 in the changelogs. Running the test script provided by Andreas shows that there is no difference on outputs from the archive version to the proposed version (no regressions). I am marking this verification-done for all releases, just so the bug is green for SRU purposes. ** Tags removed: verification-done-mantic verification-needed verification-needed-bionic verification-needed-focal verification-needed-jammy verification-needed-noble verification-needed-xenial ** Tags added: verification-done verification-done-bionic verification-done-focal verification-done-jammy verification-done-noble verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2067810 Title: Apparmor denial on /var/lib/dpkg/arch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067810/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2067810] Re: Apparmor denial on /var/lib/dpkg/arch
I removed the mantic-related tag, because this fix already landed there for the final version and no new SRUs are being done there as it is EOL -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2067810 Title: Apparmor denial on /var/lib/dpkg/arch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2067810/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2060769] Re: pro-client decodes utf-8 strictly, which causes problems in some locales
The Pro Client test suite now contains an integration test that covers the scenario described in this bug (Pro client's commands run successfully in a non-utf8 locale). I have performed the test steps described above for all valid releases, and was able to see the bug is fixed using the package from proposed. There is a problem, as pointed out in #9 and #10 here, when upgrading the package. But that happens when running prerm scripts for the older version of the Client, and debpython expects utf-8 output as well. This means: - this problem when upgrading without utf-8 support may happen to other packages, which use debpython, and - we can't fix it (: Gievn we can now run all Pro Client commands even if a non-utf8 locale is set, I am marking this bug verification-done for all releases. ** Tags removed: verification-needed verification-needed-bionic verification-needed-focal verification-needed-jammy verification-needed-noble verification-needed-xenial ** Tags added: verification-done verification-done-bionic verification-done-focal verification-done-jammy verification-done-noble verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2060769 Title: pro-client decodes utf-8 strictly, which causes problems in some locales To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2060769/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2068744] Re: Launching ua status → An unexpected error occurred: list index out of range
Made small edits to the test case, given that `nala` is not available on
all releases we test on, and we actually want the binary to be different
rather than an alias to reproduce the bug.
After those tweaks, I was able to reproduce the bug when running from
the archive, and to verify that the proposed package fixes this for all
relases we support.
I am marking verification-done for all releases.
** Description changed:
[ Impact ]
If `apt` is masked by other helper tools, such as `nala`, as seen in the
original description, `apt list --installed` will return data in a
different format. This will cause the Pro Client to fail to parse the
data, and break.
The Pro Client should not be relying on CLI output when there are Python
bindings available to perform the same task - and python3-apt provides
ways to list installed packages.
The fix to this bug is to rely on the programmatic integration with APT
instead of calling the CLI.
-
[ Test Plan ]
Listing installed packages is part of the regular operation of the Pro
Client in many scenarios covered by the integration / acceptance tests.
For this particular issue:
- Launch a container for the release to be tested
- install nala
- - alias `apt` to `nala` in the system
+ - alias `apt` to `nala` in the system (or better, link the nala binary to
/usr/bin/apt)
- see it fail
- install the package from -proposed
- see it does not fail anymore
-
[ Where problems could occur ]
Switching from the CLI call to python3-apt brings the risk of wrong
implementation of the integration, which would lead to a different
package list to be returned by python3-apt. The regression potential is
mitigated by extensive testing - unit, integration and acceptance tests
rely on this functionality.
-
[ Original description ]
This is in 22.04
❯ ua status
An unexpected error occurred: list index out of range
For more details, see the log: /home/marco/.cache/ubuntu-pro/ubuntu-pro.log
If you think this is a bug, please run: ubuntu-bug ubuntu-advantage-tools
ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: ubuntu-advantage-tools 31.2.3~22.04
ProcVersionSignature: Ubuntu 6.8.0-35.35-generic 6.8.4
Uname: Linux 6.8.0-35-generic x86_64
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: ubuntu:GNOME
Date: Fri Jun 7 17:42:12 2024
InstallationDate: Installed on 2010-07-10 (5081 days ago)
InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release amd64 (20100429)
PackageArchitecture: all
RebootRequiredPkgs: Error: path contained symlinks.
SourcePackage: ubuntu-advantage-tools
UpgradeStatus: Upgraded to jammy on 2020-06-14 (1453 days ago)
cloud-id.txt-error: Invalid command specified 'cloud-id'.
jobs-status.json: {"metering": {"last_run":
"2024-06-07T15:40:15.416242+00:00", "next_run":
"2024-06-07T19:40:15.416242+00:00"}, "update_contract_info": null,
"update_messaging": {"last_run": "2024-06-07T15:40:15.416242+00:00",
"next_run": "2024-06-07T21:40:15.416242+00:00"}}
uaclient.conf:
contract_url: https://contracts.canonical.com
log_level: debug
** Description changed:
[ Impact ]
If `apt` is masked by other helper tools, such as `nala`, as seen in the
original description, `apt list --installed` will return data in a
different format. This will cause the Pro Client to fail to parse the
data, and break.
The Pro Client should not be relying on CLI output when there are Python
bindings available to perform the same task - and python3-apt provides
ways to list installed packages.
The fix to this bug is to rely on the programmatic integration with APT
instead of calling the CLI.
[ Test Plan ]
Listing installed packages is part of the regular operation of the Pro
Client in many scenarios covered by the integration / acceptance tests.
For this particular issue:
- Launch a container for the release to be tested
- install nala
- alias `apt` to `nala` in the system (or better, link the nala binary to
/usr/bin/apt)
+ - alternatively, where `nala` is not available, backup /usr/bin/apt and make
it a script that exits 1
- see it fail
- - install the package from -proposed
+ - install the package from -proposed (use the backed up apt binary if needed)
- see it does not fail anymore
[ Where problems could occur ]
Switching from the CLI call to python3-apt brings the risk of wrong
implementation of the integration, which would lead to a different
package list to be returned by python3-apt. The regression potential is
mitigated by extensive testing - unit, integration and acceptance tests
rely on this functionality.
[ Original description ]
This is in 22.04
❯ ua status
An unexpected error occurred: list index out of range
For more details, see the log: /home/marco/.cache/ubuntu-pro/ubuntu-pro.log
If you think this is a bug
[Bug 2072489] Re: AppArmor denied errors for ubuntu_pro_apt_news profile
The APT News testing for LP: #2069237 all passed, and this is enough to call verification-done for all releases here. Just in case, I have executed the CI test using the package from the archive and checked the failure exists, seeing it pass when using the package in proposed. ** Description changed: + [ Impact ] + + When the APT news available for a machine have a package+version + selector, the service needs access to dpkg/apt data to verify package + installation status. This is not permitted in the ubtunu_pro_apt_news + profile, and is triggering DENIED log entries. Those entries report the + service trying to execute /usr/bin/dpkg and accessing various + /var/lib/apt/lists/ files, which it should be able to do. + + To reproduce this, one can configure a simple http server and serve an + apt-news JSON using a package selector. The Pro Client test suite has an + example for how that is done in features/apt_messages.feature. Then, + remove the apt stamp and start the apt-news service, steps which are + described in the test case. By chance, at the time of this writing, + there are actual apt-news messages with package selectors for Jammy+, + which made identifying the issue a lot easier. + + The solution here is simply allow the service to access the files it + needs. + + [ Test Plan ] + + There is a test scenario in the Pro Client CI which was modified to catch those DENIED messages when they happen. + (APT news selectors). + - Run the test using the package in the archive, see it fail + - Run it using the version in proposed, see it pass + + This test will be executed as part of the verification of the main SRU + bug (LP: #2069237) for release 33.2. This test passing is considered + enough to mark this bug verification-done. + + [ Where problems could occur ] + + A syntax error in the apparmor profile would prevent it from loading, + and remove its protection entirely. To account for that, the package + build process runs an apparmor static check on the generated profiles, + and if that fails, the package build fails. It could still be + susceptible to errors at profile load-time regarding the running kernel, + which is likely different than the running kernel in the launchpad + builders. + + Another type of mistake that could happen is inadvertently opening up + the profile more than is needed - but the affected profile do need that + access to verify the status of installed packages in the system. It + requests only read permissions on the directories and execute + permissions on the dpkg binary. + + [ Other Info ] + + Upstream bug report: https://github.com/canonical/ubuntu-pro- + client/issues/3193 + + Unfortunately this wasn't caught by the extensive Pro test suite because + there was a gap on the test which targets the package selectors for apt + news, where the CI would run `pro refresh messages` to check for outputs + rather than actually calling the service. The test was updated to start + the service using `systemctl` instead. + + [ Original Description ] + With ubuntu-advantage-tools 32.3.1~22.04 on jammy (22.04.4 LTS), I see these errors in my logs once a day: Jul 8 17:43:08 yarn-labs kernel: [691764.876662] audit: type=1400 audit(1720431788.377:406): apparmor="DENIED" operation="open" profile="ubuntu_pro_apt_news" name="/var/lib/apt/lists/" pid=503520 comm="python3" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 Jul 8 17:43:08 yarn-labs kernel: [691764.881552] audit: type=1400 audit(1720431788.381:407): apparmor="DENIED" operation="exec" profile="ubuntu_pro_apt_news" name="/usr/bin/dpkg" pid=503936 comm="python3" requested_mask="x" denied_mask="x" fsuid=0 ouid=0 Jul 8 17:43:08 yarn-labs kernel: [691764.884141] audit: type=1400 audit(1720431788.385:408): apparmor="DENIED" operation="open" profile="ubuntu_pro_apt_news" name="/tmp/#24" pid=503520 comm="python3" requested_mask="w" denied_mask="w" fsuid=0 ouid=0 Jul 8 17:43:08 yarn-labs kernel: [691764.884577] audit: type=1400 audit(1720431788.385:409): apparmor="DENIED" operation="mknod" profile="ubuntu_pro_apt_news" name="/tmp/clearsigned.message.Z4ikhX" pid=503520 comm="python3" requested_mask="c" denied_mask="c" fsuid=0 ouid=0 Jul 8 17:43:08 yarn-labs kernel: [691764.885759] audit: type=1400 audit(1720431788.385:410): apparmor="DENIED" operation="open" profile="ubuntu_pro_apt_news" name="/tmp/#24" pid=503520 comm="python3" requested_mask="w" denied_mask="w" fsuid=0 ouid=0 Jul 8 17:43:08 yarn-labs kernel: [691764.885873] audit: type=1400 audit(1720431788.385:411): apparmor="DENIED" operation="mknod" profile="ubuntu_pro_apt_news" name="/tmp/clearsigned.message.Awmdfp" pid=503520 comm="python3" requested_mask="c" denied_mask="c" fsuid=0 ouid=0 Jul 8 17:43:08 yarn-labs kernel: [691764.886077] audit: type=1400 audit(1720431788.385:412): apparmor="DENIED" operation="open" profile="ubuntu_pro_apt_news" name="/tmp/#24" pid=503520 comm="python3" requested_mask="w" denied_mask="w"
[Bug 1965836] Re: Unexpected error(s) occurred. For more details, see the log: /var/log/ubuntu-advantage.log
Hello, grxmr3ap3r, thank you for reporting this bug. Could you please give us more information/context on how/when this error happened? If you have access to a CLI, could you please run `ua collect-logs` and send us the resulting file? Thanks in advance, ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1965836 Title: Unexpected error(s) occurred. For more details, see the log: /var/log/ubuntu-advantage.log To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1965836/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951954] Re: ua refresh "Unexpected error(s) occurred"
Sorry for not putting the whole verification up here. For the LTS releases, I am attaching all the output files from running the test script (and did a small change to the script, to make sure only u-a-t is upgraded from proposed). This bug does not affect non-LTS releases because livepatch can't be enabled on those - current UA services will be n/a on hirsute/impish. ** Attachment added: "updated verification script and output" https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1951954/+attachment/5553869/+files/tests-1951954.tar.gz -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951954 Title: ua refresh "Unexpected error(s) occurred" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1951954/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1955471] Re: Why is Extended Maintenance needed for apps in Ubuntu 20.04.x LTS in 2021?
Hello everyone. In Ubuntu Advantage Client, as of now, `ua security-status` is showing ESM-Apps information only if it is enabled on the machine while the service is beta. This patch does the same for `ubuntu-security-status`: it will only show ESM-Apps related information if: - The user has enabled esm-apps through UA, or - ESM Apps gets released and we remove the `beta` flag on the UA side. Please let me know if this suffices and/or if there is anything else we could help with. ** Patch added: "esmapps.patch" https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+attachment/5554351/+files/esmapps.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1955471 Title: Why is Extended Maintenance needed for apps in Ubuntu 20.04.x LTS in 2021? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1955471] Re: ubuntu-security-status shouldn't display information about ESM for Apps
Here is a script to test this patch against this bug. The script runs on Focal because today there is no ESM-Apps availability for Jammy, but there is no series-specific behavior and it shall work the same. ** Description changed: + [Impact] + + Users could have a message saying that packages are covered by ESM-Apps + even in series which are not under LTS support yet. ESM-Apps will cover + that, but it is still unreleased, which lead to confusion on why users + are seeing messages about it. + + ESM-Apps is currently a beta service, and users which explicitly enabled + it can use it. Ubuntu Advantage Tools only shows relevant information + about ESM-Apps if it is enabled. Ubuntu-security-status should do the + same. + + [Test Plan] + Attached to the bug there is a test script showing the messages, and how they behave with the proposed patch. + + [Where problems could occur] + There may be problems if there is the desire to show ESM-Apps related information before it comes out of beta. If people (products people?) change their minds and want to show those messages, there would be a need of a subsequent SRU. This is not a possibility being considered today. + + People with access to ESM-Apps can still see the message and be confused + about it, but if they have access to it in beta it means they have the + appropriate context. + + [Original Description] + There seems to be a misleading, incorrect message in ubuntu-security-status ESM wouldn’t be needed (or even enabled) until 20.04 is EOL, in 2025. --- See this link: https://discourse.ubuntu.com/t/why-is-extended-security-maintenance- needed-for-apps-in-ubuntu-20-04-x-lts-in-2021/25871 - tester@lenovo-v130:~$ ubuntu-security-status + tester@lenovo-v130:~$ ubuntu-security-status 1832 packages installed, of which: 1673 receive package updates with LTS until 4/2025 152 could receive security updates with ESM Apps until 4/2030 7 packages are from third parties Packages from third parties are not provided by the official Ubuntu archive, for example packages from Personal Package Archives in Launchpad. For more information on the packages, run 'ubuntu-security-status --thirdparty'. Enable Extended Security Maintenance (ESM Apps) to get 10 security updates (so far) and enable coverage of 152 packages. This machine is not attached to an Ubuntu Advantage subscription. See https://ubuntu.com/advantage - tester@lenovo-v130:~$ + tester@lenovo-v130:~$ Questions Why is Extended Maintenance needed for apps in Ubuntu 20.04.x LTS in 2021? Which are those 10 security updates that need ESM? Is there a link where they are listed? Where are the 152 packages (that need ESM) listed? --- I was told to report this as a bug by oSoMoN: Why is Extended Maintenance needed for apps in Ubuntu 20.04.x LTS in 2021? Which are those 10 security updates that need ESM? Is there a link where they are listed? This sounds like a misleading, incorrect message. ESM wouldn’t be needed (or even enabled) until 20.04 is EOL, in 2025. Can you file a bug issuing the following command: ubuntu-bug update-manager-core ? ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: update-manager-core 1:20.04.10.9 ProcVersionSignature: Ubuntu 5.11.0-43.47~20.04.2-generic 5.11.22 Uname: Linux 5.11.0-43-generic x86_64 ApportVersion: 2.20.11-0ubuntu27.21 Aptdaemon: - + Architecture: amd64 CasperMD5CheckResult: skip CurrentDesktop: ubuntu:GNOME Date: Tue Dec 21 09:43:33 2021 GsettingsChanges: b'com.ubuntu.update-manager' b'launch-count' b'12' b'com.ubuntu.update-manager' b'first-run' b'false' b'com.ubuntu.update-manager' b'launch-time' b'int64 1639852408' InstallationDate: Installed on 2020-09-04 (472 days ago) InstallationMedia: Ubuntu 20.04.1 LTS "Focal Fossa" - Release amd64 (20200731) PackageArchitecture: all SourcePackage: update-manager UpgradeStatus: No upgrade log present (probably fresh install) ** Attachment added: "Script to test it" https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+attachment/5554383/+files/test-uss.sh -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1955471 Title: ubuntu-security-status shouldn't display information about ESM for Apps To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1955471] Re: ubuntu-security-status shouldn't display information about ESM for Apps
Output of the aforementioned test ** Attachment added: "output.txt" https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+attachment/5554384/+files/output.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1955471 Title: ubuntu-security-status shouldn't display information about ESM for Apps To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1955471] Re: ubuntu-security-status shouldn't display information about ESM for Apps
About the messages: - The plurals are exactly as before, I didn't touch them, but I do agree that it can be improved. `1 are` could also be fixed. - The upper message is telling that the package is covered by ESM-Apps, and receive security updates through ESM-Apps. The second part of the message tells you to enable it to get those updates. If you want, I can send another small patch fixing these messages -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1955471 Title: ubuntu-security-status shouldn't display information about ESM for Apps To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1955471] Re: ubuntu-security-status shouldn't display information about ESM for Apps
I found it: there is a bug there for this message, because `esm_enabled` is considering only esm-infra and not esm-apps. This patch fixes it, and improves pluralization of the messages. ** Patch added: "esmmessages.patch" https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+attachment/165/+files/esmmessages.patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1955471 Title: ubuntu-security-status shouldn't display information about ESM for Apps To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1955471] Re: ubuntu-security-status shouldn't display information about ESM for Apps
Here is an improved version of the test script, considering a couple more scenarios to show the singulars and plurals. There is also an output of a run, applying this patch after the previous one, and using a valid token for UA Apps. ** Attachment added: "esm-apps-messages-test.tar.gz" https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+attachment/167/+files/esm-apps-messages-test.tar.gz -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1955471 Title: ubuntu-security-status shouldn't display information about ESM for Apps To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1955471] Re: ubuntu-security-status shouldn't display information about ESM for Apps
I repeated the same tests above, changing the script to use the package in `-proposed` instead of directly applying the patches. As can be seen in the output, all the messages match the expected for each case, just like before. ** Attachment added: "esm-apps-test-proposed.tar.gz" https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+attachment/5557319/+files/esm-apps-test-proposed.tar.gz ** Tags removed: verification-needed verification-needed-focal ** Tags added: verification-done verification-done-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1955471 Title: ubuntu-security-status shouldn't display information about ESM for Apps To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1955471/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1940131] Re: sudo ua attach is not working
** Description changed: + [Impact] + This bug impacts users which: + - Do not have the '/usr/bin/cloud-id' command in their system, + - Do have the '/var/lib/cloud/data/result.json' file in their system, and + - Have a non-standart (by cloud-init definitions) content in the '/var/lib/cloud/data/result.json' file. + + This is an unusual situation, given that the presence of the + 'result.json' file with the absence of the 'cloud-id' command is + observed on official Trusty images, but from Xenial onwards 'cloud-id' + should be there. Even in the case where the command is not there, the + file generated by cloud-init will have the required information. + + Since we are doing the SRU process for Xenial onwards, the solution for those problems is to rely only on cloud-id when trying to determine the cloud type, and assuming not on cloud when the command is not present or if it fails. + https://github.com/canonical/ubuntu-advantage-client/commit/f6fbcee792cf42cc67e3ced02815b7d552dee19f + + [Test Case] + To reproduce: + With ubuntu-advantage-tools 27.2 installed, in an Ubuntu machine: + - Make sure cloud-id is not there: + $ sudo mv /usr/bin/cloud-id /usr/bin/cloud-id.old + - Make sure to have the result.json file with non-standart (empty, for instance) content: + $ sudo mv /var/lib/cloud/data/result.json /var/lib/cloud/data/result.json.old (if the file exists) + $ sudo touch /var/lib/cloud/data/result.json + - Try to attach a token using "ua attach" + - Verify that it fails + + To verify the fix: + Repeat the above process using ubuntu-advantage tools 27.3, and verify that the attach operation succeeds. + + + [Regression Potential] + When running on a non-cloud system, this fix brings no impact, as we expect cloud-id to be absent and we are not running on cloud. + + When running on a specific cloud, this fix brings the scenario where we + should detect the cloud and are unable to, due to problems with cloud- + init. This is minor though, given that if cloud-init didn't run + properly, the instance has more problems than this one. Besides that, + considering no-cloud when not in aws/azure/gcp has no impact on UA at + all, and those three providers have images with cloud-id working + properly. + + No official Ubuntu image should be affected by this change. + + + [Discussion] + As stated above, this is an unusual situation, which led to an improvement to the cloud detection in UA. + + + [Original Description] sudo ua status Unexpected error(s) occurred. For more details, see the log: /var/log/ubuntu-advantage.log To file a bug run: ubuntu-bug ubuntu-advantage-tools ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: ubuntu-advantage-tools 27.2.2~18.04.1 ProcVersionSignature: Ubuntu 4.15.0-153.160-generic 4.15.18 Uname: Linux 4.15.0-153-generic x86_64 ApportVersion: 2.20.9-0ubuntu7.24 Architecture: amd64 Date: Mon Aug 16 19:14:53 2021 InstallationDate: Installed on 2019-08-12 (735 days ago) InstallationMedia: - + SourcePackage: ubuntu-advantage-tools UpgradeStatus: No upgrade log present (probably fresh install) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1940131 Title: sudo ua attach is not working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1940131/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1944676] Re: Ubuntu ESM not working in WSL
Hello, thanks for reporting this bug. This is a known issue, which was fixed for version 27.3. We are in process of releasing this version, so you can expect it to be available in a couple weeks. ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1944676 Title: Ubuntu ESM not working in WSL To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1944676/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1944700] Re: package ubuntu-advantage-tools 27.2.2~16.04.1 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurück
Hello, thank you for reporting this bug. For better understanding of what is happening, could you please send us: - The content of '/var/log/ubuntu-advantage.log' after the update - The output of `ua status` so we can check on what is happening there? ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1944700 Title: package ubuntu-advantage-tools 27.2.2~16.04.1 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurück To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1944700/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1942929] Re: [SRU] ubuntu-advantage-tools (27.2.2 -> 27.3) Xenial, Bionic, Focal, Hirsute
** Description changed: [Impact] This release sports both bug-fixes and new features and we would like to make sure all of our supported customers have access to these improvements. The notable ones are: - * more robust error handling when determining the cloud we're on LP: #1940131 LP: #1938207 + * more robust error handling when determining the cloud we're on LP: #1940131 LP: #1938207 LP: #1944676 * disallows fips on focal aws/azure LP: #1939449 LP: #1939932 * adds/changes to ua-related recurring jobs: - change in frequency to existing job: updates the apt and motd esm update messaging: every 6 hours - new job: updates the contract details and status: every 12 hours - new job: ONLY ON GCP (implemented as separate timer that is only activated on GCP LTS when not attached): checks for license changes and auto-attaches if a pro license was added: every 5 minutes * adds support for ros/ros-updates entitlements with --beta flag This also lays the foundations for metering pro subscriptions. However, this feature is disabled in this release. See the changelog entry below for a full list of changes and bugs. [Test Case] The following development and SRU process was followed: https://wiki.ubuntu.com/UbuntuAdvantageToolsUpdates The ubuntu-advantage-tools team will be in charge of attaching the artifacts and console output of the appropriate run to the bug. ubuntu-advantage-tools team members will not mark ‘verification-done’ until this has happened. [Regression Potential] In order to mitigate the regression potential, the results of the aforementioned integration tests are attached to this bug. We moved the trigger of the apt and motd messaging updates from a dedicated systemd timer to a shared timer that conditionally calls the messaging updates in our python code. This adds complexity. If we made a mistake, then either the job won't get called frequently enough or will get called too frequently. If the former, then some esm updates related messaging will be out of date in apt and motd. If the latter, then cpu cycles will be wasted in needlessly updating messages. We touched postinst to handle cloud-id failures more robustly. Touching postinst is always scary because it is the most likely way for us to break upgrades. In theory this change made upgrades less likely to fail, but if we made a mistake, it could cause new unexpected failures. We added more recurring jobs in the service of new features. This increases complexity and potential for mistakes. In particular, we have strived to avoid excessive logging from these jobs. If we made a mistake in our logging, we could inadvertently fill up disks with useless logs. Additional recurring jobs will also use more cpu over time than previous versions. This is at least partially addressed below. We instrumented a high frequency timer to only run on GCP, but if we made a mistake, this could be accidentally activated on non-GCP machines, which would be a waste. (See below for additional high frequency timer discussion). [Discussion] Our timer on GCP runs every 5 minutes. This is necessary to support timely upgrades of gcp instances from standard ubuntu to ubuntu pro. We need to poll the metadata endpoint frequently to catch the license change in a timely manner. We exit as early as possible if there is nothing to be done for any given timer trigger. From our testing, this has minimal overall system performance impact. [Changelog] -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1942929 Title: [SRU] ubuntu-advantage-tools (27.2.2 -> 27.3) Xenial, Bionic, Focal, Hirsute To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1942929/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1944676] Re: Ubuntu ESM not working in WSL
** Description changed:
- Description:Ubuntu 16.04.7 LTS
- Release:16.04
+ [Impact]
+ This bug impacts users which are running on environments where
'/usr/bin/cloud-id' is present, but returns any error (even for valid reasons,
like cloud-init being installed on the system, but disabled, for example). UA
client will raise this error while trying to use this tool to detect the cloud.
+
+ The solution to this problem is to rely only on cloud-id when trying to
determine the cloud type, and assuming not on cloud when the command is not
present or if it fails.
+
https://github.com/canonical/ubuntu-advantage-client/commit/f968c46a686a8128af1ead85a4b86b9a1a84643f
+ and
+
https://github.com/canonical/ubuntu-advantage-client/commit/f6fbcee792cf42cc67e3ced02815b7d552dee19f
+
+ [Test Case]
+ To reproduce:
+ With ubuntu-advantage-tools 27.2 installed, in an Ubuntu machine:
+
+ - Make sure the '/run/cloud-init/instance-data.json' does not exist, so
cloud-id fails:
+ `$ mv /run/cloud-init/instance-data.json
/run/cloud-init/instance-data.json.old`
+ - Run `$ sudo ua status`
+ - Verify that it fails
+
+ To verify the fix:
+ Repeat the above process using ubuntu-advantage tools 27.3, and verify that
the operation succeeds and the status is shown on screen.
+
+ [Regression Potential]
+ When running on a non-cloud system, this fix brings no impact, as we expect
cloud-id to be absent and we are not running on cloud.
+
+ When running on a specific cloud, this fix brings the scenario where we
+ should detect the cloud and are unable to, due to problems with cloud-id
+ itself. This is not a problem though: considering no-cloud when not in
+ aws/azure/gcp has no impact on UA at all, and those three providers have
+ images with cloud-id working properly.
+
+ [Original Description]
+ Description: Ubuntu 16.04.7 LTS
+ Release: 16.04
ubuntu-advantage-tools:
- Installiert: 27.2.2~16.04.1
+ Installiert: 27.2.2~16.04.1
Installationskandidat: 27.2.2~16.04.1
Versionstabelle:
*** 27.2.2~16.04.1 500
500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64
Packages
100 /var/lib/dpkg/status
sudo ua status
Unexpected error(s) occurred.
For more details, see the log: /var/log/ubuntu-advantage.log
To file a bug run: ubuntu-bug ubuntu-advantage-tools
2021-09-23 07:55:53,550 - cli.py:(1297) [ERROR]: Unhandled exception, please
file a bug
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/uaclient/cli.py", line 1256, in wrapper
return func(*args, **kwargs)
File "/usr/lib/python3/dist-packages/uaclient/cli.py", line 1342, in main
return args.action(args, cfg)
File "/usr/lib/python3/dist-packages/uaclient/cli.py", line 1120, in
action_status
status = cfg.status(show_beta=show_beta)
File "/usr/lib/python3/dist-packages/uaclient/config.py", line 681, in
status
response = self._attached_status()
File "/usr/lib/python3/dist-packages/uaclient/config.py", line 654, in
_attached_status
self._attached_service_status(ent, inapplicable_resources)
File "/usr/lib/python3/dist-packages/uaclient/config.py", line 589, in
_attached_service_status
ent_status, details = ent.user_facing_status()
File "/usr/lib/python3/dist-packages/uaclient/entitlements/base.py", line
589, in user_facing_status
applicability, details = self.applicability_status()
File "/usr/lib/python3/dist-packages/uaclient/entitlements/base.py", line
379, in applicability_status
for error_message, functor, expected_result in self.static_affordances:
File "/usr/lib/python3/dist-packages/uaclient/entitlements/fips.py", line
331, in static_affordances
static_affordances = super().static_affordances
File "/usr/lib/python3/dist-packages/uaclient/entitlements/fips.py", line
176, in static_affordances
cloud_id = get_cloud_type() or ""
File "/usr/lib/python3/dist-packages/uaclient/config.py", line 940, in new_f
return f()
File "/usr/lib/python3/dist-packages/uaclient/clouds/identity.py", line 65,
in get_cloud_type
out, _err = util.subp(["cloud-id"])
File "/usr/lib/python3/dist-packages/uaclient/util.py", line 638, in subp
out, err = _subp(args, rcs, capture, timeout, env=env)
File "/usr/lib/python3/dist-packages/uaclient/util.py", line 595, in _subp
stderr=err.decode("utf-8"),
uaclient.util.ProcessExecutionError: Failed running command 'cloud-id'
[exit(1)]. Message: ERROR: File not found '/run/cloud-init/instance-data.json'.
Provide a path to instance data json file using --instance-data
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: ubuntu-advantage-tools 27.2.2~16.04.1
ProcVersionSignature: Microsoft 4.4.0-19041.1237-Microsoft 4.4.35
Uname: Linux 4.4.0-19041-Microsoft x86_64
ApportVersion: 2.20.1-0ubuntu2.30
Architecture: amd64
Date: Thu Sep 23 07:56:47 2021
ProcEnviron:
TERM=xterm-256color
PA
[Bug 1939449] Re: Ubuntu Pro UA fails to enable fips-updates on 20.04
** Description changed:
+ [Impact]
+
+ This bug impacts users on AWS, trying to enable FIPS/FIPS updates on
+ Focal images. There is a missing package, 'ubuntu-aws-fips', which
+ causes the installation to fail.
+
+ This package is missing because, although Focal has a FIPS certified
+ kernel, the AWS adapted kernel is not ready yet. There will be in the
+ future a cloud-optimized version of the FIPS kernel, and then users will
+ be able to install it.
+
+ Right now, UA will show a message saying that the kernel is not
+ available instead of showing an error. If the user really wants to
+ install FIPS, there is a feature override
+ ("allow_default_fips_metapackage_on_focal_cloud") which will install the
+ default kernel.
+
+
+ [Test Case]
+ To reproduce
+ - Spin an AWS instance using the Ubuntu 20.04 image.
+ - Attach a valid token
+ - Run `$ sudo ua enable fips` (or `fips-updates`)
+
+ To verify the fix:
+ 1. Update to ubuntu-advantage-tools 27.3, and run the same procedure. Verify
that a message is displayed saying that the kernel is not available for the
Focal release.
+ 2. Append the following to '/etc/ubuntu-advantage/uaclient.conf':
+ """
+ features:
+ allow_default_fips_metapackage_on_focal_cloud: true
+ """
+ and then run the command again. Verify that it installs a base FIPS kernel,
without the -aws prefix.
+
+ [Regression Potential]
+ This change needs to make sure that we indeed prevent the installation of the
non-existent package. If a corner case shows up, the user might end up with a
wrong kernel. This is unlikely because we are using cloud-init tools, present
in AWS, to detect the cloud instance and effective blocking the install. If
this detection fails, it means cloud-init has some problem and then, on AWS,
the instance will have more problems than this one.
+
+ We need to make sure to keep track of the certification progress for the
+ cloud adapted FIPS package, so we can enable it in the future, when it
+ becomes available.
+
+ [Original Description]
Using AWS AMI: ami-0193aa0a9df84a08b
Attempting to enable fips-updates with the ua command line tool fails
with error that apt "Unable to locate package ubuntu-aws-fips."
Canonical has told me directly 20.04 is now FIPS 140-2 Level 1
certified.
Output:
ubuntu@ip-xx-xx-xx-xx:~$ lsb_release -rd
- Description: Ubuntu 20.04.2 LTS
- Release: 20.04
+ Description: Ubuntu 20.04.2 LTS
+ Release: 20.04
ubuntu@ip-xx-xx-xx-xx:~$ ua version
27.2.2~20.04.1
ubuntu@ip-xx-xx-xx-xx:~$ sudo ua status --all
- SERVICE ENTITLED STATUSDESCRIPTION
- cc-ealyes n/a Common Criteria EAL2 Provisioning Packages
- cis yes disabled Center for Internet Security Audit Tools
- esm-apps yes disabled UA Apps: Extended Security Maintenance (ESM)
- esm-infra yes disabled UA Infra: Extended Security Maintenance
(ESM)
- fips yes disabled NIST-certified core packages
- fips-updates yes disabled NIST-certified core packages with priority
security updates
- livepatch yes disabled Canonical Livepatch service
+ SERVICE ENTITLED STATUS DESCRIPTION
+ cc-eal yes n/a Common Criteria EAL2 Provisioning Packages
+ cis yes disabled Center for Internet Security Audit Tools
+ esm-apps yes disabled UA Apps: Extended Security Maintenance (ESM)
+ esm-infra yes disabled UA Infra: Extended Security Maintenance (ESM)
+ fips yes disabled NIST-certified core packages
+ fips-updates yes disabled NIST-certified core packages with priority security
updates
+ livepatch yes disabled Canonical Livepatch service
Enable services with: ua enable
Account:
Subscription:
Valid until: -12-31 00:00:00+00:00
Technical support level: essential
ubuntu@ip-xx-xx-xx-xx:~$ sudo ua --debug enable fips-updates
DEBUG: Executed with sys.argv: ['/usr/bin/ua', '--debug', 'enable',
'fips-updates']
This will install the FIPS core packages and will include priority updates
with security fixes.
Are you sure? (y/N) y
DEBUG: Writing file:
/var/lib/ubuntu-advantage/private/machine-access-fips-updates
DEBUG: Writing file: /etc/apt/preferences.d/ubuntu-fips-updates
DEBUG: Ran cmd: apt-cache policy, rc: 0 stderr: b''
DEBUG: Writing file: /etc/apt/sources.list.d/ubuntu-fips-updates.list
DEBUG: Writing file: /etc/apt/auth.conf.d/90ubuntu-advantage
DEBUG: Exporting GPG key /usr/share/keyrings/ubuntu-advantage-fips.gpg
Updating package lists
DEBUG: Ran cmd: apt-get update, rc: 0 stderr: b''
DEBUG: Reading file: /var/lib/ubuntu-advantage/private/machine-token.json
Installing FIPS Updates packages
DEBUG: Failed running command 'apt-get install --assume-yes
--allow-downgrades -o Dpkg::Options::="--force-confdef" -o
Dpkg::Options::="--force-confold" ubuntu-aws-fips' [exit(100)]. Message: E:
Unable to locate package ubuntu-aws-fips
DEBUG: Failed running command 'ap
[Bug 1939449] Re: Ubuntu Pro UA fails to enable fips-updates on 20.04
** Description changed:
[Impact]
This bug impacts users on AWS, trying to enable FIPS/FIPS updates on
Focal images. There is a missing package, 'ubuntu-aws-fips', which
causes the installation to fail.
This package is missing because, although Focal has a FIPS certified
kernel, the AWS adapted kernel is not ready yet. There will be in the
future a cloud-optimized version of the FIPS kernel, and then users will
be able to install it.
- Right now, UA will show a message saying that the kernel is not
- available instead of showing an error. If the user really wants to
+ With the applied fix, UA will show a message saying that the kernel is
+ not available instead of showing an error. If the user really wants to
install FIPS, there is a feature override
("allow_default_fips_metapackage_on_focal_cloud") which will install the
default kernel.
-
[Test Case]
To reproduce
- Spin an AWS instance using the Ubuntu 20.04 image.
- Attach a valid token
- Run `$ sudo ua enable fips` (or `fips-updates`)
To verify the fix:
1. Update to ubuntu-advantage-tools 27.3, and run the same procedure. Verify
that a message is displayed saying that the kernel is not available for the
Focal release.
2. Append the following to '/etc/ubuntu-advantage/uaclient.conf':
"""
features:
- allow_default_fips_metapackage_on_focal_cloud: true
+ allow_default_fips_metapackage_on_focal_cloud: true
"""
and then run the command again. Verify that it installs a base FIPS kernel,
without the -aws prefix.
[Regression Potential]
This change needs to make sure that we indeed prevent the installation of the
non-existent package. If a corner case shows up, the user might end up with a
wrong kernel. This is unlikely because we are using cloud-init tools, present
in AWS, to detect the cloud instance and effective blocking the install. If
this detection fails, it means cloud-init has some problem and then, on AWS,
the instance will have more problems than this one.
We need to make sure to keep track of the certification progress for the
cloud adapted FIPS package, so we can enable it in the future, when it
becomes available.
[Original Description]
Using AWS AMI: ami-0193aa0a9df84a08b
Attempting to enable fips-updates with the ua command line tool fails
with error that apt "Unable to locate package ubuntu-aws-fips."
Canonical has told me directly 20.04 is now FIPS 140-2 Level 1
certified.
Output:
ubuntu@ip-xx-xx-xx-xx:~$ lsb_release -rd
Description: Ubuntu 20.04.2 LTS
Release: 20.04
ubuntu@ip-xx-xx-xx-xx:~$ ua version
27.2.2~20.04.1
ubuntu@ip-xx-xx-xx-xx:~$ sudo ua status --all
SERVICE ENTITLED STATUS DESCRIPTION
cc-eal yes n/a Common Criteria EAL2 Provisioning Packages
cis yes disabled Center for Internet Security Audit Tools
esm-apps yes disabled UA Apps: Extended Security Maintenance (ESM)
esm-infra yes disabled UA Infra: Extended Security Maintenance (ESM)
fips yes disabled NIST-certified core packages
fips-updates yes disabled NIST-certified core packages with priority security
updates
livepatch yes disabled Canonical Livepatch service
Enable services with: ua enable
- Account:
-Subscription:
- Valid until: -12-31 00:00:00+00:00
+ Account:
+ Subscription:
+ Valid until: -12-31 00:00:00+00:00
Technical support level: essential
ubuntu@ip-xx-xx-xx-xx:~$ sudo ua --debug enable fips-updates
DEBUG: Executed with sys.argv: ['/usr/bin/ua', '--debug', 'enable',
'fips-updates']
This will install the FIPS core packages and will include priority updates
with security fixes.
Are you sure? (y/N) y
DEBUG: Writing file:
/var/lib/ubuntu-advantage/private/machine-access-fips-updates
DEBUG: Writing file: /etc/apt/preferences.d/ubuntu-fips-updates
DEBUG: Ran cmd: apt-cache policy, rc: 0 stderr: b''
DEBUG: Writing file: /etc/apt/sources.list.d/ubuntu-fips-updates.list
DEBUG: Writing file: /etc/apt/auth.conf.d/90ubuntu-advantage
DEBUG: Exporting GPG key /usr/share/keyrings/ubuntu-advantage-fips.gpg
Updating package lists
DEBUG: Ran cmd: apt-get update, rc: 0 stderr: b''
DEBUG: Reading file: /var/lib/ubuntu-advantage/private/machine-token.json
Installing FIPS Updates packages
DEBUG: Failed running command 'apt-get install --assume-yes
--allow-downgrades -o Dpkg::Options::="--force-confdef" -o
Dpkg::Options::="--force-confold" ubuntu-aws-fips' [exit(100)]. Message: E:
Unable to locate package ubuntu-aws-fips
DEBUG: Failed running command 'apt-get install --assume-yes
--allow-downgrades -o Dpkg::Options::="--force-confdef" -o
Dpkg::Options::="--force-confold" ubuntu-aws-fips' [exit(100)]. Message: E:
Unable to locate package ubuntu-aws-fips
- Retrying 3 more times.
+ Retrying 3 more times.
DEBUG: Failed running command 'apt-get install --assume-yes
--allow-d
[Bug 1939932] Re: Ubuntu PRO Focal on AWS and Azure should not install the generic FIPS kernel via ubuntu-fips metapackage
** Description changed:
- For Ubuntu PRO on 20.04 (Focal) `ua enable fips` should only install a
- cloud-optimized ubuntu-aws-fips or ubuntu-azure-fips metapackage.
- Installing a non-cloud-optimized FIPS kernel on AWS and Azure could lead
- to inability to boot on certain instance types. Expectation is that
- Focal AWS and Azure images should disallow enabling either fips or fips-
- updates.
+ [Impact]
+ This bug impacts users on AWS or Azure, trying to enable FIPS/FIPS
+ updates on Focal images. Trying to install a non-cloud-optimized FIPS
+ kernel may lead to unwanted behavior on those clouds, including
+ inability to boot to the systems.
- Expected behavior on Ubuntu PRO AWS and Azure Focal:
+ Although Focal has a FIPS certified kernel, the AWS adapted kernel is
+ not ready yet. There will be in the future a cloud-optimized version of
+ the FIPS kernel, and then users will be able to install it.
+
+ With the applied fix, UA will show a message saying that the kernel is
+ not available instead of showing any error. If the user really wants to
+ install FIPS, there is a feature override
+ ("allow_default_fips_metapackage_on_focal_cloud") which will install the
+ default kernel, but this is the user's choice, and not recommended.
+
+ [Test Case]
+ The original description has steps to reproduce. To verify the fix, install
ubuntu-advantage-tools 27.3 and check for the expected behavior described.
+
+ [Regression Potential]
+ This change needs to make sure that we indeed prevent the installation of
non-cloud-optimized kernels. If a corner case shows up, the user might end up
with a wrong kernel. This is unlikely because we are using cloud-init tools,
present in AWS and Azure, to detect the cloud instance and effective blocking
the install. If this detection fails, it means cloud-init has some problem and
then, on AWS or Azure, the instance will have more problems than this one.
+
+ We need to make sure to keep track of the certification progress for the
+ cloud adapted FIPS package, so we can enable it in the future, when it
+ becomes available.
+
+ [Original Description]
+ For Ubuntu PRO on 20.04 (Focal) `ua enable fips` should only install a
cloud-optimized ubuntu-aws-fips or ubuntu-azure-fips metapackage. Installing a
non-cloud-optimized FIPS kernel on AWS and Azure could lead to inability to
boot on certain instance types. Expectation is that Focal AWS and Azure images
should disallow enabling either fips or fips-updates.
+
+ Expected behavior on Ubuntu PRO AWS and Azure Focal:
$ ua status | grep fips
- fips no— NIST-certified FIPS modules
- fips-updates no— Uncertified security updates to FIPS
modules
+ fips no — NIST-certified FIPS modules
+ fips-updates no — Uncertified security updates to FIPS modules
$ sudo ua enable fips-updates
One moment, checking your subscription first
This system will NOT be considered FIPS certified, but will include security
and bug fixes to the FIPS packages.
Are you sure? (y/N) y
This subscription is not entitled to FIPS Updates.
For more information see: https://ubuntu.com/advantage
-
Actual behavior:
$ ua status | grep fips
- fips yesdisabled NIST-certified FIPS
modules
- fips-updates yesdisabled Uncertified security
updates to FIPS modules
+ fips yes disabled NIST-certified FIPS modules
+ fips-updates yes disabled Uncertified security updates to FIPS modules
$ sudo ua enable fips-updates
One moment, checking your subscription first
This system will NOT be considered FIPS certified, but will include security
and bug fixes to the FIPS packages.
Are you sure? (y/N) y
Updating package lists
Installing FIPS Updates packages
FIPS Updates enabled
A reboot is required to complete install
# see ubuntu-fips generic get installed which potentially degrades AWS and
Azure environments
- $ sudo grep install /var/log/ubuntu-advantage.log
+ $ sudo grep install /var/log/ubuntu-advantage.log
2021-08-13 22:19:07,344 - util.py:(506) [DEBUG]: Ran cmd: apt-get install
--assume-yes -o Dpkg::Options::="--force-confdef" -o
Dpkg::Options::="--force-confold" ubuntu-fips openssh-client
openssh-client-hmac openssh-server openssh-server-hmac openssh-client
openssh-client-hmac openssh-server openssh-server-hmac, rc: 0 stderr: b''
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1939932
Title:
Ubuntu PRO Focal on AWS and Azure should not install the generic FIPS
kernel via ubuntu-fips metapackage
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1939932/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951705] Re: traceback from postinst on upgrade
Hello Steve, thanks for reporting this. Could you please send us a copy of /var/log/ubuntu-advantage.log so the team can take a look on what is happening? Thanks. ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: Confirmed => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951705 Title: traceback from postinst on upgrade To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1951705/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951705] Re: traceback from postinst on upgrade
Thanks for the information, Steve. Indeed, this is a bug happening on arm, aarch64 and possibly other architectures. There is a PR up to fix it: https://github.com/canonical/ubuntu- advantage-client/pull/1891 ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: Incomplete => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951705 Title: traceback from postinst on upgrade To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1951705/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1950813] Re: version 27.3: on unattached machines update_status_timer incorrectly pings contracts.canonical.com/v1/resources
Those are steps to assure that the status job does not call the contracts server on an unattached machine 1. Launch a lxd instance of (xenial|bionic|focal) 2. Install a version of ubuntu-advantage-tools containing the change (> 27.4.1). 3. Disable all jobs but the status job: `sudo ua config set metering_timer=0` `sudo ua config set update_messaging_timer=0` 4. Start Wireshark on a separate terminal, looking for calls to the Contracts Server `sudo tcpdump -i eth0 -A | grep contracts` 5. Run `sudo ua status` 6. Verify: a. The status output shows the machine as unnatached b. Wireshark captured the call to the contracts server 7. Remove jobs-status.json `sudo rm -f /var/lib/ubuntu-advantage/jobs-status.json` 6. Run the timer script `sudo python3 /usr/lib/ubuntu-advantage/timer.py` 7. Verify that no call to contracts.canonical.com is shown in the terminal with Wireshark (after the previous one) 8. Verify that the job was actually processes by the timer `sudo cat /var/lib/ubuntu-advantage/jobs-status.json` "update_status" should be the only job there. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1950813 Title: version 27.3: on unattached machines update_status_timer incorrectly pings contracts.canonical.com/v1/resources To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1950813/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1953638] Re: package ubuntu-advantage-tools 27.2.2~16.04.1 failed to install/upgrade: el subproceso instalado el script post-installation devolvió el código de salida de error 1
** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Triaged ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1953638 Title: package ubuntu-advantage-tools 27.2.2~16.04.1 failed to install/upgrade: el subproceso instalado el script post-installation devolvió el código de salida de error 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1953638/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1954542] Re: package ubuntu-advantage-tools 27.4.2~21.10.1 failed to install/upgrade: installed ubuntu-advantage-tools package post-installation script subprocess returned error exit status 1
Hello, Daevid, thanks for reporting this. I couldn't reproduce this problem even using a custom python2 installation. Could you please give us more details on your python setup? ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1954542 Title: package ubuntu-advantage-tools 27.4.2~21.10.1 failed to install/upgrade: installed ubuntu-advantage-tools package post- installation script subprocess returned error exit status 1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1954542/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1956456] [NEW] [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish
Public bug reported: [Impact] This release brings changes to match the Contract Server new affordance, presentedAs, to present a resource via CLI with the appropriate name based on release. The main use for this functionality is to show CIS as USG on series where the latter is available, enabling user access to this new service. Furthermore, these are the additional functionalities/bug fixes contained: * Improvement on redaction of sensitive information in log files * Support for getting AWS metadata through IPv6 * Ability to do a preflight query for contract/entitlements for a token without attaching * Fix the return codes when attaching an already attached machine - (GH: #1867) * Change the calls to livepatch to use the full path - (LP: #1951954) See the changelog entry below for a full list of changes and bugs. [Test Case] The following development and SRU process was followed: https://wiki.ubuntu.com/UbuntuAdvantageToolsUpdates The ubuntu-advantage-tools team will be in charge of attaching the artifacts and console output of the appropriate run to the bug. ubuntu-advantage-tools team members will not mark ‘verification-done’ until this has happened. [Regression Potential] Most of the changes are adding new things and the integration tests make sure that the existing functionality is preserved. Redacting the logs is still a work in progress, and to avoid problems we will only make the logs world readable in the future, when all cases where sensitive information can be logged are verified. [Discussion] This is the first version of the CIS/USG migration, and we do expect the security team to come with more requests/fixes on this in the future. However, we did agree to do that iteratively over SRUs. [Changelog] * d/control: - Update homepage URL * d/tools.postinst: - Refactor to use valid_services * New upstream release 27.5: - aws: add support for the IPv6 metadata endpoint - cis: update URL for the documentation - cli: + add endpoint to simulate the status using a specific contract token + fix return code when attaching an already attached machine (GH: #1867) + fix security-status to consider all possible origins to show updates + include cloud build.info in the collect-logs tarball + only show services which exist in the contracts server in ua status - docs: fix typos and wrong/outdated information - livepatch: always use the full path in livepatch calls (LP: #1951954) - logs: + improve rules to redact sensitive information from all log files + redact sensitive information from older unredacted log files + log errors from external software execution, for debugging purposes - usg: + support the presentedAs affordance from the contract server, showing services in the CLI with the appropriate names + replace the CIS entitlement by USG on Focal and onwards ** Affects: ubuntu-advantage-tools (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1956456 Title: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1956456/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951954] Re: ua refresh "Unexpected error(s) occurred"
** Description changed: + [Impact] + If /snap/bin is not present in the PATH, UA will fail when trying to run it. + This is fixed by specifying the full path (/snap/bin/canonical-livepatch) to every call from UA side. + + [Test Case] + To reproduce the bug, run `sudo env PATH="/usr/bin" ua refresh` on an attached bionic machine. + + Then, install the 27.5 version from the staging PPA + (https://launchpad.net/~ua-client/+archive/ubuntu/staging) + + Repeating the same command as above runs without an error. + + [Regression Potential] + It could only cause problems if canonical-livepatch is in a different place than /snap/bin, and it should not happen in any installation. + + [Original Description] + root@somehost:~# ua refresh Unexpected error(s) occurred. For more details, see the log: /var/log/ubuntu-advantage.log To file a bug run: ubuntu-bug ubuntu-advantage-tools ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: ubuntu-advantage-tools 27.4.1~18.04.1 ProcVersionSignature: Ubuntu 4.15.0-143.147-generic 4.15.18 Uname: Linux 4.15.0-143-generic x86_64 NonfreeKernelModules: lkp_Ubuntu_4_15_0_143_147_generic_82 lkp_Ubuntu_4_15_0_143_147_generic_81 lkp_Ubuntu_4_15_0_143_147_generic_80 lkp_Ubuntu_4_15_0_143_147_generic_79 ApportVersion: 2.20.9-0ubuntu7.27 Architecture: amd64 Date: Tue Nov 23 12:56:54 2021 InstallationDate: Installed on 2015-08-06 (2300 days ago) InstallationMedia: Ubuntu-Server 14.04.2 LTS "Trusty Tahr" - Release amd64 (20150218.1) ProcEnviron: - LANGUAGE=en_GB:en - TERM=screen - PATH=(custom, no user) - LANG=en_GB.UTF-8 - SHELL=/bin/bash + LANGUAGE=en_GB:en + TERM=screen + PATH=(custom, no user) + LANG=en_GB.UTF-8 + SHELL=/bin/bash SourcePackage: ubuntu-advantage-tools UpgradeStatus: Upgraded to bionic on 2020-06-17 (524 days ago) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951954 Title: ua refresh "Unexpected error(s) occurred" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1951954/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1956456] Re: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish
** Description changed: [Impact] - This release brings changes to match the Contract Server new affordance, presentedAs, to present a resource via CLI with the appropriate name based on release. The main use for this functionality is to show CIS as USG on series where the latter is available, enabling user access to this new service. + This release brings changes to match the Contract Server new affordance, presentedAs, to present a resource via CLI with the appropriate name based on the contract definition. The main use for this functionality is to show CIS as USG on series where the latter is available, enabling user access to this new service. Furthermore, these are the additional functionalities/bug fixes contained: * Improvement on redaction of sensitive information in log files * Support for getting AWS metadata through IPv6 * Ability to do a preflight query for contract/entitlements for a token without attaching * Fix the return codes when attaching an already attached machine - (GH: #1867) * Change the calls to livepatch to use the full path - (LP: #1951954) See the changelog entry below for a full list of changes and bugs. [Test Case] The following development and SRU process was followed: https://wiki.ubuntu.com/UbuntuAdvantageToolsUpdates The ubuntu-advantage-tools team will be in charge of attaching the artifacts and console output of the appropriate run to the bug. ubuntu-advantage-tools team members will not mark ‘verification-done’ until this has happened. [Regression Potential] Most of the changes are adding new things and the integration tests make sure that the existing functionality is preserved. Redacting the logs is still a work in progress, and to avoid problems we will only make the logs world readable in the future, when all cases where sensitive information can be logged are verified. [Discussion] This is the first version of the CIS/USG migration, and we do expect the security team to come with more requests/fixes on this in the future. However, we did agree to do that iteratively over SRUs. [Changelog] - * d/control: - - Update homepage URL - * d/tools.postinst: - - Refactor to use valid_services - * New upstream release 27.5: - - aws: add support for the IPv6 metadata endpoint - - cis: update URL for the documentation - - cli: - + add endpoint to simulate the status using a specific contract token - + fix return code when attaching an already attached machine (GH: #1867) - + fix security-status to consider all possible origins to show updates - + include cloud build.info in the collect-logs tarball - + only show services which exist in the contracts server in ua status - - docs: fix typos and wrong/outdated information - - livepatch: always use the full path in livepatch calls (LP: #1951954) - - logs: - + improve rules to redact sensitive information from all log files - + redact sensitive information from older unredacted log files - + log errors from external software execution, for debugging purposes - - usg: - + support the presentedAs affordance from the contract server, showing - services in the CLI with the appropriate names - + replace the CIS entitlement by USG on Focal and onwards + * d/control: + - Update homepage URL + * d/tools.postinst: + - Refactor to use valid_services + * New upstream release 27.5: + - aws: add support for the IPv6 metadata endpoint + - cis: update URL for the documentation + - cli: + + add endpoint to simulate the status using a specific contract token + + fix return code when attaching an already attached machine (GH: #1867) + + fix security-status to consider all possible origins to show updates + + include cloud build.info in the collect-logs tarball + + only show services which exist in the contracts server in ua status + - docs: fix typos and wrong/outdated information + - livepatch: always use the full path in livepatch calls (LP: #1951954) + - logs: + + improve rules to redact sensitive information from all log files + + redact sensitive information from older unredacted log files + + log errors from external software execution, for debugging purposes + - usg: + + support the presentedAs affordance from the contract server, showing + services in the CLI with the appropriate names + + replace the CIS entitlement by USG on Focal and onwards -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1956456 Title: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1956456/+subscriptions -- u
[Bug 1956456] Re: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish
** Description changed: [Impact] This release brings changes to match the Contract Server new affordance, presentedAs, to present a resource via CLI with the appropriate name based on the contract definition. The main use for this functionality is to show CIS as USG on series where the latter is available, enabling user access to this new service. Furthermore, these are the additional functionalities/bug fixes contained: * Improvement on redaction of sensitive information in log files * Support for getting AWS metadata through IPv6 * Ability to do a preflight query for contract/entitlements for a token without attaching * Fix the return codes when attaching an already attached machine - (GH: #1867) * Change the calls to livepatch to use the full path - (LP: #1951954) See the changelog entry below for a full list of changes and bugs. [Test Case] The following development and SRU process was followed: https://wiki.ubuntu.com/UbuntuAdvantageToolsUpdates The ubuntu-advantage-tools team will be in charge of attaching the artifacts and console output of the appropriate run to the bug. ubuntu-advantage-tools team members will not mark ‘verification-done’ until this has happened. [Regression Potential] Most of the changes are adding new things and the integration tests make sure that the existing functionality is preserved. Redacting the logs is still a work in progress, and to avoid problems we will only make the logs world readable in the future, when all cases where sensitive information can be logged are verified. [Discussion] This is the first version of the CIS/USG migration, and we do expect the security team to come with more requests/fixes on this in the future. However, we did agree to do that iteratively over SRUs. [Changelog] * d/control: - Update homepage URL * d/tools.postinst: - Refactor to use valid_services + * d/tools.postrm: + - Use a wildcard to remove ua related gpg files * New upstream release 27.5: - aws: add support for the IPv6 metadata endpoint - cis: update URL for the documentation - cli: + add endpoint to simulate the status using a specific contract token + fix return code when attaching an already attached machine (GH: #1867) + fix security-status to consider all possible origins to show updates + include cloud build.info in the collect-logs tarball + only show services which exist in the contracts server in ua status - docs: fix typos and wrong/outdated information - livepatch: always use the full path in livepatch calls (LP: #1951954) - logs: + improve rules to redact sensitive information from all log files + redact sensitive information from older unredacted log files + log errors from external software execution, for debugging purposes - usg: + support the presentedAs affordance from the contract server, showing services in the CLI with the appropriate names + replace the CIS entitlement by USG on Focal and onwards -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1956456 Title: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1956456/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1956456] Re: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish
** Description changed: [Impact] This release brings changes to match the Contract Server new affordance, presentedAs, to present a resource via CLI with the appropriate name based on the contract definition. The main use for this functionality is to show CIS as USG on series where the latter is available, enabling user access to this new service. Furthermore, these are the additional functionalities/bug fixes contained: * Improvement on redaction of sensitive information in log files * Support for getting AWS metadata through IPv6 * Ability to do a preflight query for contract/entitlements for a token without attaching * Fix the return codes when attaching an already attached machine - (GH: #1867) * Change the calls to livepatch to use the full path - (LP: #1951954) See the changelog entry below for a full list of changes and bugs. [Test Case] The following development and SRU process was followed: https://wiki.ubuntu.com/UbuntuAdvantageToolsUpdates The ubuntu-advantage-tools team will be in charge of attaching the artifacts and console output of the appropriate run to the bug. ubuntu-advantage-tools team members will not mark ‘verification-done’ until this has happened. [Regression Potential] Most of the changes are adding new things and the integration tests make sure that the existing functionality is preserved. Redacting the logs is still a work in progress, and to avoid problems we will only make the logs world readable in the future, when all cases where sensitive information can be logged are verified. + In postinst, we changed a dictionary iteration to the equivalent + function implementation. Tests show that the return value is exactly the + same, but we may be inadvertently adding a bug there. + + In postrm, we are using a wildcard to remove gpg keys that matches the + naming schema we have for files. There is a risk if someone names an + unrelated apt gpg key with the ua prefix - it will end up being removed + as well. + [Discussion] This is the first version of the CIS/USG migration, and we do expect the security team to come with more requests/fixes on this in the future. However, we did agree to do that iteratively over SRUs. [Changelog] * d/control: - Update homepage URL * d/tools.postinst: - Refactor to use valid_services - * d/tools.postrm: - - Use a wildcard to remove ua related gpg files * New upstream release 27.5: - aws: add support for the IPv6 metadata endpoint - cis: update URL for the documentation - cli: + add endpoint to simulate the status using a specific contract token + fix return code when attaching an already attached machine (GH: #1867) + fix security-status to consider all possible origins to show updates + include cloud build.info in the collect-logs tarball + only show services which exist in the contracts server in ua status - docs: fix typos and wrong/outdated information - livepatch: always use the full path in livepatch calls (LP: #1951954) - logs: + improve rules to redact sensitive information from all log files + redact sensitive information from older unredacted log files + log errors from external software execution, for debugging purposes - usg: + support the presentedAs affordance from the contract server, showing services in the CLI with the appropriate names + replace the CIS entitlement by USG on Focal and onwards ** Description changed: [Impact] This release brings changes to match the Contract Server new affordance, presentedAs, to present a resource via CLI with the appropriate name based on the contract definition. The main use for this functionality is to show CIS as USG on series where the latter is available, enabling user access to this new service. Furthermore, these are the additional functionalities/bug fixes contained: * Improvement on redaction of sensitive information in log files * Support for getting AWS metadata through IPv6 * Ability to do a preflight query for contract/entitlements for a token without attaching * Fix the return codes when attaching an already attached machine - (GH: #1867) * Change the calls to livepatch to use the full path - (LP: #1951954) See the changelog entry below for a full list of changes and bugs. [Test Case] The following development and SRU process was followed: https://wiki.ubuntu.com/UbuntuAdvantageToolsUpdates The ubuntu-advantage-tools team will be in charge of attaching the artifacts and console output of the appropriate run to the bug. ubuntu-advantage-tools team members will not mark ‘verification-done’ until this has happened. [Regression Potential] Most of the changes are adding new things and the integration tests make sure that the existing functionality is preserved. R
[Bug 1951954] Re: ua refresh "Unexpected error(s) occurred"
** Attachment added: "Script to test it" https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1951954/+attachment/5553194/+files/testlivepatch.sh -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951954 Title: ua refresh "Unexpected error(s) occurred" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1951954/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951954] Re: ua refresh "Unexpected error(s) occurred"
** Attachment added: "Output of the script execution" https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1951954/+attachment/5553195/+files/output ** Description changed: [Impact] If /snap/bin is not present in the PATH, UA will fail when trying to run it. This is fixed by specifying the full path (/snap/bin/canonical-livepatch) to every call from UA side. [Test Case] To reproduce the bug, run `sudo env PATH="/usr/bin" ua refresh` on an attached bionic machine. Then, install the 27.5 version from the staging PPA (https://launchpad.net/~ua-client/+archive/ubuntu/staging) Repeating the same command as above runs without an error. + + There is a test script attached to this bug, as well as execution + output, to show the above solution works. [Regression Potential] It could only cause problems if canonical-livepatch is in a different place than /snap/bin, and it should not happen in any installation. [Original Description] root@somehost:~# ua refresh Unexpected error(s) occurred. For more details, see the log: /var/log/ubuntu-advantage.log To file a bug run: ubuntu-bug ubuntu-advantage-tools ProblemType: Bug DistroRelease: Ubuntu 18.04 Package: ubuntu-advantage-tools 27.4.1~18.04.1 ProcVersionSignature: Ubuntu 4.15.0-143.147-generic 4.15.18 Uname: Linux 4.15.0-143-generic x86_64 NonfreeKernelModules: lkp_Ubuntu_4_15_0_143_147_generic_82 lkp_Ubuntu_4_15_0_143_147_generic_81 lkp_Ubuntu_4_15_0_143_147_generic_80 lkp_Ubuntu_4_15_0_143_147_generic_79 ApportVersion: 2.20.9-0ubuntu7.27 Architecture: amd64 Date: Tue Nov 23 12:56:54 2021 InstallationDate: Installed on 2015-08-06 (2300 days ago) InstallationMedia: Ubuntu-Server 14.04.2 LTS "Trusty Tahr" - Release amd64 (20150218.1) ProcEnviron: LANGUAGE=en_GB:en TERM=screen PATH=(custom, no user) LANG=en_GB.UTF-8 SHELL=/bin/bash SourcePackage: ubuntu-advantage-tools UpgradeStatus: Upgraded to bionic on 2020-06-17 (524 days ago) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951954 Title: ua refresh "Unexpected error(s) occurred" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1951954/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1956456] Re: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish
Attaching manual test result for the AWS IPv6 endpoint support, in sru/release-27.5/test-aws-ipv6.sh ** Attachment added: "manual test result" https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1956456/+attachment/5553355/+files/output -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1956456 Title: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1956456/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1956456] Re: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish
Attaching integration test result files for the SRU ** Attachment added: "integration test results" https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1956456/+attachment/5553359/+files/test-results.tar.gz ** Description changed: [Impact] This release brings changes to match the Contract Server new affordance, presentedAs, to present a resource via CLI with the appropriate name based on the contract definition. The main use for this functionality is to show CIS as USG on series where the latter is available, enabling user access to this new service. Furthermore, these are the additional functionalities/bug fixes contained: * Improvement on redaction of sensitive information in log files * Support for getting AWS metadata through IPv6 * Ability to do a preflight query for contract/entitlements for a token without attaching * Fix the return codes when attaching an already attached machine - (GH: #1867) * Change the calls to livepatch to use the full path - (LP: #1951954) See the changelog entry below for a full list of changes and bugs. [Test Case] The following development and SRU process was followed: https://wiki.ubuntu.com/UbuntuAdvantageToolsUpdates - The ubuntu-advantage-tools team will be in charge of attaching the artifacts and + The ubuntu-advantage-tools team will be in charge of attaching the artifacts and console output of the appropriate run to the bug. ubuntu-advantage-tools team members will not mark ‘verification-done’ until this has happened. - + Integratino test artifacts are attached to the bug. [Regression Potential] Most of the changes are adding new things and the integration tests make sure that the existing functionality is preserved. Redacting the logs is still a work in progress, and to avoid problems we will only make the logs world readable in the future, when all cases where sensitive information can be logged are verified. In postinst, we changed a dictionary iteration to the equivalent function implementation. Tests show that the return value is exactly the same, but we may be inadvertently adding a bug there. In postrm, we are using a wildcard to remove gpg keys that matches the naming schema we have for files. There is a risk if someone names an unrelated apt gpg key with the ua prefix - it will end up being removed as well. [Discussion] This is the first version of the CIS/USG migration, and we do expect the security team to come with more requests/fixes on this in the future. However, we did agree to do that iteratively over SRUs. The Xenial and Bionic series should see only UI text changes, preserving exactly the same functionality as before. From Focal on, it is expected that USG will replace CIS. Being a superset of CIS, USG enables people interested in CIS to use the functionality without problems, and security will have documentation up to guide on that. For the migration path, users on Focal which have already enabled CIS will see USG instead, while still keeping the functionality they enabled before. `ua enable cis` will still work from Focal onwards with the same functionality as before, but informing the user that USG should be used instead, and pointing to relevant documentation. [Changelog] * d/control: - Update homepage URL * d/tools.postinst: - Refactor to use valid_services * New upstream release 27.5: - aws: add support for the IPv6 metadata endpoint - cis: update URL for the documentation - cli: + add endpoint to simulate the status using a specific contract token + fix return code when attaching an already attached machine (GH: #1867) + fix security-status to consider all possible origins to show updates + include cloud build.info in the collect-logs tarball + only show services which exist in the contracts server in ua status - docs: fix typos and wrong/outdated information - livepatch: always use the full path in livepatch calls (LP: #1951954) - logs: + improve rules to redact sensitive information from all log files + redact sensitive information from older unredacted log files + log errors from external software execution, for debugging purposes - usg: + support the presentedAs affordance from the contract server, showing services in the CLI with the appropriate names + replace the CIS entitlement by USG on Focal and onwards ** Description changed: [Impact] This release brings changes to match the Contract Server new affordance, presentedAs, to present a resource via CLI with the appropriate name based on the contract definition. The main use for this functionality is to show CIS as USG on series where the latter is available, enabling user access to this new service. Furthermore, these are the additional functiona
[Bug 1956456] Re: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish
** Tags removed: verification-needed verification-needed-bionic verification-needed-focal verification-needed-hirsute verification-needed-impish verification-needed-xenial ** Tags added: verification-done verification-done-bionic verification-done-focal verification-done-hirsute verification-done-impish verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1956456 Title: [SRU] ubuntu-advantage-tools (27.4.2 -> 27.5) Xenial, Bionic, Focal, Hirsute, Impish To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1956456/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1951954] Re: ua refresh "Unexpected error(s) occurred"
** Tags removed: verification-needed verification-needed-bionic verification-needed-focal verification-needed-hirsute verification-needed-impish verification-needed-xenial ** Tags added: verification-done verification-done-bionic verification-done-focal verification-done-hirsute verification-done-impish verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1951954 Title: ua refresh "Unexpected error(s) occurred" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1951954/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1954775] Re: # Development UA Client config file. YAML contract_url: https://contracts.staging.canonical.com data_dir: /var/tmp/uaclient log_file: ubuntu-advantage-devel.log log_level: debug secu
Hello, thanks for reaching out. Would you please describe what exactly is the problem you are facing here? We'll be glad to help when we understand the issue. ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1954775 Title: # Development UA Client config file. YAML contract_url: https://contracts.staging.canonical.com data_dir: /var/tmp/uaclient log_file: ubuntu-advantage-devel.log log_level: debug security_url: https://ubuntu.com/security timer_log_file: ubuntu-advantage-timer- devel.log license_check_log_file: ubuntu-advantage-license-check- devel.log ua_config: apt_http_proxy: null apt_https_proxy: null http_proxy: null https_proxy: null update_messaging_timer: 21600 update_status_timer: 43200 metering_timer: 0 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1954775/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1960198] Re: package ubuntu-advantage-tools 27.5~20.04.1 failed to install/upgrade: installed ubuntu-advantage-tools package post-installation script subprocess returned error exit status 126
** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1960198 Title: package ubuntu-advantage-tools 27.5~20.04.1 failed to install/upgrade: installed ubuntu-advantage-tools package post-installation script subprocess returned error exit status 126 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1960198/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1961168] Re: package ubuntu-advantage-tools 27.6~20.04.1 failed to install/upgrade: installed ubuntu-advantage-tools package post-installation script subprocess returned error exit status 139
** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1961168 Title: package ubuntu-advantage-tools 27.6~20.04.1 failed to install/upgrade: installed ubuntu-advantage-tools package post-installation script subprocess returned error exit status 139 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1961168/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1956764] Re: Proxy should be set up only for ua-related repos
** Changed in: ubuntu-advantage-tools (Ubuntu) Status: Confirmed => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1956764 Title: Proxy should be set up only for ua-related repos To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1956764/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2048921] Re: [SRU] ubuntu-advantage-tools (30 -> 31) Xenial, Bionic, Focal, Jammy, Mantic
As orndorffgrant mentioned, here is an excerpt from the test I performed on the transition to deb822. The errors in the do-release-upgrade prevent us from installing the new ubuntu-pro-client when upgrading, but all the list files transition without a problem. This validates the expected behavior for the script. ** Attachment added: "deb822-jammy-to-noble.txt" https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2048921/+attachment/5754759/+files/deb822-jammy-to-noble.txt -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2048921 Title: [SRU] ubuntu-advantage-tools (30 -> 31) Xenial, Bionic, Focal, Jammy, Mantic To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2048921/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056779] Re: Don't offer realtime on Raspberry Pi
Hello, Juerg, thanks for bringing this to our attention. Currently, the definitions for the realtime-kernel service on Pro define it as available on amd64 and arm64. Should we disable it for PIs only or for all arm64? Removing arm64 is quite easy, but detecting if you are running a particular platform is not something we have yet - we would need to work on how to do it. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056779 Title: Don't offer realtime on Raspberry Pi To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2056779/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2056651] Re: can't enable livepatch for some reason
** Changed in: ubuntu-advantage-tools (Ubuntu) Status: New => Incomplete ** Information type changed from Private to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2056651 Title: can't enable livepatch for some reason To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2056651/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2015420] Re: motd: can't disable esm-related messages
To verify there are no regressions in messages, and that the new option in apt-check works as intended, I have executed the unit test suite for all releases, as it covers the message generation for an exhaustive amount of cases. On Xenial and Bionic I had to add the data/ folder to the pythonpath, so it could import apt_check and run the unit tests. On those releases, one unit test is failed. But the test also fails for the version without the patch that fixes this bug, so the behavior is kept. This error probably happens because the test misses a mock to is_esm, which is returning True for Xenial and Bionic. This is a bug. New tests pass for both releases. On Jammy: root@jammy-sut:~# python3 update-notifier-3.192.54.6/tests/test_motd.py . -- Ran 29 tests in 0.021s OK root@jammy-sut:~# python3 update-notifier-3.192.54.8/tests/test_motd.py .. -- Ran 34 tests in 0.023s OK On Focal: root@focal-sut:~# python3 update-notifier-3.192.30.17/tests/test_motd.py ... -- Ran 31 tests in 0.051s OK root@focal-sut:~# python3 update-notifier-3.192.30.19/tests/test_motd.py -- Ran 36 tests in 0.029s OK On Bionic: root@bionic-sut:~# python3 update-notifier-3.192.1.19/tests/test_motd.py F.. == FAIL: test_message_for_distro_that_will_not_go_into_esm_mode (__main__.TestMotd) -- (... Traceback details ...) -- Ran 31 tests in 0.020s FAILED (failures=1) root@bionic-sut:~# python3 update-notifier-3.192.1.21/tests/test_motd.py ...F == FAIL: test_message_for_distro_that_will_not_go_into_esm_mode (__main__.TestMotd) -- (... Traceback details ...) -- Ran 36 tests in 0.020s FAILED (failures=1) on Xenial: root@xenial-sut:~# python3 update-notifier-3.168.20/tests/test_motd.py F.. == FAIL: test_message_for_distro_that_will_not_go_into_esm_mode (__main__.TestMotd) -- (... Traceback details ...) -- Ran 31 tests in 0.021s FAILED (failures=1) root@xenial-sut:~# python3 update-notifier-3.168.22/tests/test_motd.py ...F == FAIL: test_message_for_distro_that_will_not_go_into_esm_mode (__main__.TestMotd) -- (... Traceback details ...) -- Ran 36 tests in 0.023s FAILED (failures=1) This concludes the regression testing, and assures funcionality works in apt-check. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2015420 Title: motd: can't disable esm-related messages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-notifier/+bug/2015420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2015420] Re: motd: can't disable esm-related messages
Now, to the actual functionality test on Xenial: Xenial is an EOSS release, so messages about esm-infra will be present in MOTD by default. After creating the marker file and triggering an update of MOTD, those messages disappear, but the updates count remains. root@xenial-sut:~# apt policy update-notifier-common update-notifier-common: Installed: 3.168.22 Candidate: 3.168.22 Version table: *** 3.168.22 500 500 http://archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages 100 /var/lib/dpkg/status 3.168.20 500 500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages 3.168.15 500 500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages 3.168.7 500 500 http://security.ubuntu.com/ubuntu xenial-security/main amd64 Packages 3.168 500 500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages root@xenial-sut:~# run-parts /etc/update-motd.d/ Welcome to Ubuntu 16.04.7 LTS (GNU/Linux 6.5.0-21-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support:https://ubuntu.com/pro Expanded Security Maintenance for Infrastructure is not enabled. 9 updates can be applied immediately. To see these additional updates run: apt list --upgradable 206 additional security updates can be applied with ESM Infra. Learn more about enabling ESM Infra service for Ubuntu 16.04 at https://ubuntu.com/16-04 New release '18.04.6 LTS' available. Run 'do-release-upgrade' to upgrade to it. root@xenial-sut:~# touch /var/lib/update-notifier/hide-esm-in-motd root@xenial-sut:~# rm /var/lib/update-notifier/updates-available root@xenial-sut:~# apt update Hit:1 http://archive.ubuntu.com/ubuntu xenial InRelease Hit:2 http://security.ubuntu.com/ubuntu xenial-security InRelease Hit:3 http://archive.ubuntu.com/ubuntu xenial-updates InRelease Hit:4 http://archive.ubuntu.com/ubuntu xenial-backports InRelease Hit:5 http://archive.ubuntu.com/ubuntu xenial-proposed InRelease Reading package lists... Done Building dependency tree Reading state information... Done 6 packages can be upgraded. Run 'apt list --upgradable' to see them. root@xenial-sut:~# run-parts /etc/update-motd.d/ Welcome to Ubuntu 16.04.7 LTS (GNU/Linux 6.5.0-21-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support:https://ubuntu.com/pro 9 updates can be applied immediately. To see these additional updates run: apt list --upgradable New release '18.04.6 LTS' available. Run 'do-release-upgrade' to upgrade to it. I am marking this bug verification-done on Xenial. ** Tags removed: verification-needed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2015420 Title: motd: can't disable esm-related messages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-notifier/+bug/2015420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2015420] Re: motd: can't disable esm-related messages
Now, to the actual functionality test on Focal: Focal is an LTS release still supported, so messages about esm-apps will be present in MOTD by default. After creating the marker file and triggering an update of MOTD, those messages disappear, but the updates count remains. root@focal-sut:~# apt policy update-notifier-common update-notifier-common: Installed: 3.192.30.19 Candidate: 3.192.30.19 Version table: *** 3.192.30.19 500 500 http://archive.ubuntu.com/ubuntu focal-proposed/main amd64 Packages 100 /var/lib/dpkg/status 3.192.30.17 500 500 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages 3.192.30 500 500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages root@focal-sut:~# run-parts /etc/update-motd.d/ Welcome to Ubuntu 20.04.6 LTS (GNU/Linux 6.5.0-21-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support:https://ubuntu.com/pro System information as of Fri Mar 15 22:55:55 UTC 2024 System load: 1.56 Usage of /home:unknown Memory usage: 0% Swap usage:0% Temperature: 86.0 C Processes: 30 Users logged in: 0 IPv4 address for eth0: 10.46.74.13 IPv6 address for eth0: fd42:f539:1893:d366:216:3eff:fe2a:1d97 * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s just raised the bar for easy, resilient and secure K8s cluster deployment. https://ubuntu.com/engage/secure-kubernetes-at-the-edge Expanded Security Maintenance for Applications is not enabled. 17 updates can be applied immediately. To see these additional updates run: apt list --upgradable Enable ESM Apps to receive additional future security updates. See https://ubuntu.com/esm or run: sudo pro status New release '22.04.3 LTS' available. Run 'do-release-upgrade' to upgrade to it. root@focal-sut:~# touch /var/lib/update-notifier/hide-esm-in-motd root@focal-sut:~# rm /var/lib/update-notifier/updates-available root@focal-sut:~# apt update Hit:1 http://archive.ubuntu.com/ubuntu focal InRelease Hit:2 http://security.ubuntu.com/ubuntu focal-security InRelease Hit:3 http://archive.ubuntu.com/ubuntu focal-updates InRelease Hit:4 http://archive.ubuntu.com/ubuntu focal-backports InRelease Hit:5 http://archive.ubuntu.com/ubuntu focal-proposed InRelease Reading package lists... Done Building dependency tree Reading state information... Done 17 packages can be upgraded. Run 'apt list --upgradable' to see them. root@focal-sut:~# run-parts /etc/update-motd.d/ Welcome to Ubuntu 20.04.6 LTS (GNU/Linux 6.5.0-21-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support:https://ubuntu.com/pro System information as of Fri Mar 15 22:56:49 UTC 2024 System load: 1.86 Usage of /home:unknown Memory usage: 0% Swap usage:0% Temperature: 76.0 C Processes: 30 Users logged in: 0 IPv4 address for eth0: 10.46.74.13 IPv6 address for eth0: fd42:f539:1893:d366:216:3eff:fe2a:1d97 * Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s just raised the bar for easy, resilient and secure K8s cluster deployment. https://ubuntu.com/engage/secure-kubernetes-at-the-edge 17 updates can be applied immediately. To see these additional updates run: apt list --upgradable New release '22.04.3 LTS' available. Run 'do-release-upgrade' to upgrade to it. I am marking this bug verification-done on Focal. ** Tags removed: verification-needed-focal ** Tags added: verification-done-focal -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2015420 Title: motd: can't disable esm-related messages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-notifier/+bug/2015420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2015420] Re: motd: can't disable esm-related messages
Now, to the actual functionality test on Bionic: Bionic is an EOSS release, so messages about esm-infra will be present in MOTD by default. After creating the marker file and triggering an update of MOTD, those messages disappear, but the updates count remains. root@bionic-sut:~# apt policy update-notifier-common update-notifier-common: Installed: 3.192.1.21 Candidate: 3.192.1.21 Version table: *** 3.192.1.21 500 500 http://archive.ubuntu.com/ubuntu bionic-proposed/main amd64 Packages 100 /var/lib/dpkg/status 3.192.1.19 500 500 http://archive.ubuntu.com/ubuntu bionic-updates/main amd64 Packages 3.192 500 500 http://archive.ubuntu.com/ubuntu bionic/main amd64 Packages root@bionic-sut:~# run-parts /etc/update-motd.d/ Welcome to Ubuntu 18.04.6 LTS (GNU/Linux 6.5.0-21-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support:https://ubuntu.com/pro System information as of Fri Mar 15 22:51:31 UTC 2024 System load:1.72 Processes: 23 Usage of /home: unknown Users logged in: 0 Memory usage: 0%IP address for eth0: 10.46.74.128 Swap usage: 0% Expanded Security Maintenance for Infrastructure is not enabled. 11 updates can be applied immediately. To see these additional updates run: apt list --upgradable 94 additional security updates can be applied with ESM Infra. Learn more about enabling ESM Infra service for Ubuntu 18.04 at https://ubuntu.com/18-04 New release '20.04.6 LTS' available. Run 'do-release-upgrade' to upgrade to it. root@bionic-sut:~# touch /var/lib/update-notifier/hide-esm-in-motd root@bionic-sut:~# rm /var/lib/update-notifier/updates-available root@bionic-sut:~# apt update Hit:1 http://archive.ubuntu.com/ubuntu bionic InRelease Hit:2 http://security.ubuntu.com/ubuntu bionic-security InRelease Hit:3 http://archive.ubuntu.com/ubuntu bionic-updates InRelease Hit:4 http://archive.ubuntu.com/ubuntu bionic-backports InRelease Hit:5 http://archive.ubuntu.com/ubuntu bionic-proposed InRelease Reading package lists... Done Building dependency tree Reading state information... Done 11 packages can be upgraded. Run 'apt list --upgradable' to see them. root@bionic-sut:~# run-parts /etc/update-motd.d/ Welcome to Ubuntu 18.04.6 LTS (GNU/Linux 6.5.0-21-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support:https://ubuntu.com/pro System information as of Fri Mar 15 22:52:04 UTC 2024 System load:1.58 Processes: 23 Usage of /home: unknown Users logged in: 0 Memory usage: 0%IP address for eth0: 10.46.74.128 Swap usage: 0% 11 updates can be applied immediately. To see these additional updates run: apt list --upgradable New release '20.04.6 LTS' available. Run 'do-release-upgrade' to upgrade to it. I am marking this bug verification-done on Bionic. ** Tags removed: verification-needed-bionic ** Tags added: verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2015420 Title: motd: can't disable esm-related messages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-notifier/+bug/2015420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2015420] Re: motd: can't disable esm-related messages
Now, to the actual functionality test on Jammy: Jammy is an LTS release still supported, so messages about esm-apps will be present in MOTD by default. After creating the marker file and triggering an update of MOTD, those messages disappear, but the updates count remains. root@jammy-sut:~# apt policy update-notifier-common update-notifier-common: Installed: 3.192.54.8 Candidate: 3.192.54.8 Version table: *** 3.192.54.8 500 500 http://archive.ubuntu.com/ubuntu jammy-proposed/main amd64 Packages 100 /var/lib/dpkg/status 3.192.54.6 500 500 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages 3.192.54 500 500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages root@jammy-sut:~# run-parts /etc/update-motd.d/ Welcome to Ubuntu 22.04.4 LTS (GNU/Linux 6.5.0-21-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support:https://ubuntu.com/pro System information as of Fri Mar 15 23:08:15 UTC 2024 System load: 1.2568359375 Usage of /home:unknown Memory usage: 0% Swap usage:0% Temperature: 86.0 C Processes: 24 Users logged in: 0 IPv4 address for eth0: 10.46.74.160 IPv6 address for eth0: fd42:f539:1893:d366:216:3eff:fea1:40fb Expanded Security Maintenance for Applications is not enabled. 25 updates can be applied immediately. To see these additional updates run: apt list --upgradable Enable ESM Apps to receive additional future security updates. See https://ubuntu.com/esm or run: sudo pro status root@jammy-sut:~# touch /var/lib/update-notifier/hide-esm-in-motd root@jammy-sut:~# rm /var/lib/update-notifier/updates-available root@jammy-sut:~# apt update Hit:1 http://archive.ubuntu.com/ubuntu jammy InRelease Hit:2 http://security.ubuntu.com/ubuntu jammy-security InRelease Hit:3 http://archive.ubuntu.com/ubuntu jammy-updates InRelease Hit:4 http://archive.ubuntu.com/ubuntu jammy-backports InRelease Hit:5 http://archive.ubuntu.com/ubuntu jammy-proposed InRelease Reading package lists... Done Building dependency tree... Done Reading state information... Done 27 packages can be upgraded. Run 'apt list --upgradable' to see them. root@jammy-sut:~# run-parts /etc/update-motd.d/ Welcome to Ubuntu 22.04.4 LTS (GNU/Linux 6.5.0-21-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support:https://ubuntu.com/pro System information as of Fri Mar 15 23:08:15 UTC 2024 System load: 1.2568359375 Usage of /home:unknown Memory usage: 0% Swap usage:0% Temperature: 86.0 C Processes: 24 Users logged in: 0 IPv4 address for eth0: 10.46.74.160 IPv6 address for eth0: fd42:f539:1893:d366:216:3eff:fea1:40fb 25 updates can be applied immediately. To see these additional updates run: apt list --upgradable I am marking this bug verification-done on Jammy, and verification-done overall as this is the last release to test. ** Tags removed: verification-needed-jammy ** Tags added: verification-done-jammy ** Tags removed: verification-needed ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2015420 Title: motd: can't disable esm-related messages To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/update-notifier/+bug/2015420/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058564] Re: I tryed to attach a this server to ubuntu pro dashboard but it got rejected by some error...
** Information type changed from Private Security to Public -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058564 Title: I tryed to attach a this server to ubuntu pro dashboard but it got rejected by some error... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2058564/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058560] Re: "sudo pro attach " fails
We should have a better message for when this kind of thing happens, so people are not confused. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058560 Title: "sudo pro attach " fails To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2058560/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2055737] Re: pro attach `Unexpected error(s) occurred`
We had several recent bug reports that also happened due to outages, really close to this one. I will not mark the reports duplicates of this bug here because this one happened on arm64, but I am keeping track of this until we release the better error message. ** Information type changed from Private to Public ** Changed in: ubuntu-advantage-tools (Ubuntu) Status: Fix Committed => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2055737 Title: pro attach `Unexpected error(s) occurred` To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2055737/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058560] Re: "sudo pro attach " fails
Confirmed this error happened because we had an unexpected outage on contracts.canonical.com. I have checked the functionality now, and everything should work fine. Many other bugs were filed at the same time window, and I am marking them duplicates of this one for easier tracking. - We apologise for the trouble and kindly ask anyone who have hit this to try again now - We are going to improve the error message to reduce FUD -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058560 Title: "sudo pro attach " fails To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2058560/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058556] Re: Can't enable livepatch
*** This bug is a duplicate of bug 2058560 *** https://bugs.launchpad.net/bugs/2058560 Hello, Julien Thanks for reporting this bug Unfortunately this happened due to an outage in contracts.canonical.com. The service is now back online and everything should be working fine. Would you mind trying again please? For the future, we will improve this error message so users know what is happening instead of seeing 'unexpected error'. As we received many bug reports about this, I am marking this one a duplicate (for easier tracking). Feel free to come back if the error persists though. ** Information type changed from Private to Public ** This bug has been marked a duplicate of bug 2058560 "sudo pro attach " fails -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058556 Title: Can't enable livepatch To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2058556/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058555] Re: sudo pro attach
*** This bug is a duplicate of bug 2058560 *** https://bugs.launchpad.net/bugs/2058560 Hello, Mirjana Thanks for reporting this bug Unfortunately this happened due to an outage in contracts.canonical.com. The service is now back online and everything should be working fine. Would you mind trying again please? For the future, we will improve this error message so users know what is happening instead of seeing 'unexpected error'. As we received many bug reports about this, I am marking this one a duplicate (for easier tracking). Feel free to come back if the error persists though. ** Information type changed from Private to Public ** This bug has been marked a duplicate of bug 2058560 "sudo pro attach " fails -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058555 Title: sudo pro attach To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2058555/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058565] Re: Ubuntu-Advantage-tools-package crashes when trying to install with license
*** This bug is a duplicate of bug 2058560 *** https://bugs.launchpad.net/bugs/2058560 Hello, Seth Thanks for reporting this bug Unfortunately this happened due to an outage in contracts.canonical.com. The service is now back online and everything should be working fine. Would you mind trying again please? For the future, we will improve this error message so users know what is happening instead of seeing 'unexpected error'. As we received many bug reports about this, I am marking this one a duplicate (for easier tracking). Feel free to come back if the error persists though. ** Information type changed from Private to Public ** This bug has been marked a duplicate of bug 2058560 "sudo pro attach " fails -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058565 Title: Ubuntu-Advantage-tools-package crashes when trying to install with license To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2058565/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058564] Re: I tryed to attach a this server to ubuntu pro dashboard but it got rejected by some error...
*** This bug is a duplicate of bug 2058560 *** https://bugs.launchpad.net/bugs/2058560 Hello, Gabriēls Thanks for reporting this bug Unfortunately this happened due to an outage in contracts.canonical.com. The service is now back online and everything should be working fine. Would you mind trying again please? For the future, we will improve this error message so users know what is happening instead of seeing 'unexpected error'. As we received many bug reports about this, I am marking this one a duplicate (for easier tracking). Feel free to come back if the error persists though. ** This bug has been marked a duplicate of bug 2058560 "sudo pro attach " fails -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058564 Title: I tryed to attach a this server to ubuntu pro dashboard but it got rejected by some error... To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2058564/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 2058563] Re: Unable to register machine with pro
*** This bug is a duplicate of bug 2058560 *** https://bugs.launchpad.net/bugs/2058560 Hello, Marco Thanks for reporting this bug Unfortunately this happened due to an outage in contracts.canonical.com. The service is now back online and everything should be working fine. Would you mind trying again please? For the future, we will improve this error message so users know what is happening instead of seeing 'unexpected error'. As we received many bug reports about this, I am marking this one a duplicate (for easier tracking). Feel free to come back if the error persists though. ** Information type changed from Private to Public ** This bug has been marked a duplicate of bug 2058560 "sudo pro attach " fails -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2058563 Title: Unable to register machine with pro To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2058563/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
