[00:14] xnox: I feel like you might be the person to ask about stray dirmngr processes left hanging around in an image chroot after apt has been run [00:16] slangasek, yeah.... [00:16] xnox: how can I fix this? [00:16] pkill ? [00:16] mmhmm :) [00:17] on a more serious note, things should not be hitting the network, or trying to retrieve gpg keys. [00:17] "things"? [00:17] soemthing somewhere calls gnupg and doesn't clean up. You don't mean that a simple "apt update" results in stray dirmngr? [00:18] xnox: probably the apt-key call [00:18] yes, apt-key would do it. one should not call apt-key.... and just ship key snippets (like ubuntu-keyring does) [00:18] or are you adding/enabling PPAs with apt-key? [00:18] ppa [00:19] ... and not using add-apt-repository? [00:19] this script *also* uses add-apt-repository [00:19] let me see if the apt-key stuff is superfluous [00:19] if add-apt-repository results in stray dirmngr, i should fix that. [00:19] -queuebot:#ubuntu-release- New: accepted qbs [amd64] (zesty-proposed) [1.7.0+dfsg-3] [00:19] -queuebot:#ubuntu-release- New: accepted qbs [armhf] (zesty-proposed) [1.7.0+dfsg-3] [00:19] -queuebot:#ubuntu-release- New: accepted qbs [powerpc] (zesty-proposed) [1.7.0+dfsg-3] [00:19] -queuebot:#ubuntu-release- New: accepted qbs [s390x] (zesty-proposed) [1.7.0+dfsg-3] [00:19] -queuebot:#ubuntu-release- New: accepted qbs [arm64] (zesty-proposed) [1.7.0+dfsg-3] [00:19] -queuebot:#ubuntu-release- New: accepted qbs [ppc64el] (zesty-proposed) [1.7.0+dfsg-3] [00:19] -queuebot:#ubuntu-release- New: accepted qbs [i386] (zesty-proposed) [1.7.0+dfsg-3] [00:19] however, there's also a cleanup phase here of 'sudo apt-key del ${ppa_key}' [00:19] is that going to provoke dirmngr? [00:20] that should be safe. [00:20] apt-key adv is not. [00:20] ok [00:21] that does seem like a bug in apt-key, anyway [00:22] that it doesn't clean up dirmngr (or any other spawned agents) post-adv command? (which are actually passthrough to gpg command, which now started to spawn garbage) [00:22] yes [00:23] apt-key appears to run with a temporary GNUPGHOME dir [00:23] and anything spawned that references that dir is lost [00:24] and add-apt-repository adds the ppa, but packages from that ppa are listed as unauthenticated [00:24] unpleasant [00:24] slangasek, $ gpgconf --list-components | sed 's/:.*//' | xargs -L1 gpgconf --kill [00:25] probably slightly better (e.g. don't try to kill gpg "component") is needed. [00:25] add-apt-repository should have been fetching a key =/ iff it can access things (do you need proxy to access ubuntu keyserver?!) [00:26] xnox: but doesn't that require the matching GNUPGHOME, so gpgconf can see which of the running processes is its? [00:26] sure it does, hence it should be in the apt-key cleanup. [00:26] (as in apt-key itself should be doing that) [00:27] which btw is just a fancy pkill [00:27] right [00:27] so we agree it's an apt-key bug [00:27] but i thought that add-apt-repository did the right thing (tm) [00:27] so possibly two bugs. [00:27] * slangasek nods [00:28] oh [00:28] hmm [00:33] xnox: add-apt-repository doesn't know to fetch ppa keys for a private ppa :P [00:34] oh, you want that [00:34] well, all things considered, I really do not [00:34] ;) [00:34] but I currently have [00:34] slangasek, use curl to fetch private ppa key off keyserver and pipe it into a file. [00:35] alternatively, I can batch-copy things out of the private to a public one because thbt [00:37] slangasek, or you can specify [trusted=yes] on the ppa entry you are using. [00:37] given you delete the key afterwards anyway... and building in secure environment anyway.... [00:37] and forget about keys. [00:53] xnox: same problem with add-apt-repository [00:54] marvelous. [00:54] -queuebot:#ubuntu-release- Unapproved: lxc (xenial-proposed/main) [2.0.6-0ubuntu1~ubuntu16.04.1 => 2.0.6-0ubuntu1~ubuntu16.04.2] (ubuntu-server) [00:54] killall dirmngr sounds appropriate size of ikea hammer. [00:55] Executing: /tmp/tmp.DaevBURr1s/gpg.1.sh --keyserver keyserver.ubuntu.com --recv [00:55] gpg: keybox '/tmp/tmp0_lqr33e/pubring.gpg' created [00:55] root 2600 0.0 0.0 175736 4088 ? Ssl 16:51 0:00 \_ dirmngr --daemon --homedir /tmp/tmp0_lqr33e [00:55] -queuebot:#ubuntu-release- Unapproved: lxc (yakkety-proposed/main) [2.0.6-0ubuntu1~ubuntu16.10.1 => 2.0.6-0ubuntu1~ubuntu16.10.2] (ubuntu-server) [00:55] yeah [00:55] also, i'm confused why gpg doesn't just kill dirmngr at the end of execution.... [00:57] root 4891 .rce. gpg-agent [00:57] wat [00:57] yeah that too [00:58] apperantly gpg-agent is needed to store keys.... [00:58] why did they make such a mess with gpg2... [00:58] * xnox was not kidding when i said pipe curl from keyserver into /etc/apt/trusted.gpg.d/foo.gpg file [00:58] gpg2.1, i think gpg2.0 was still sane. [00:59] it's really tempting to distro patch gpg to record what it auto-spawns and kill them all on exit, basically re-introducing good old gpg1 behavior (except it used to do everything in-process) [00:59] racy [01:00] not if you have them listen on a per-process temp path :) [01:00] one can spawn to /usr/bin/gpg which are waiting on results from e.g. the same dirmgr [01:00] hahaha [01:00] i think upstream rejected systemd socket activation =) [06:46] -queuebot:#ubuntu-release- Unapproved: systemd (trusty-proposed/main) [204-5ubuntu20.20 => 204-5ubuntu20.21] (core) [10:00] novaclient.exceptions.OverLimit: Quota exceeded for ram: Requested 8192, but already used 48640 of 51200 ram (HTTP 413) (Request-ID: req-ecaa7c79-5e1f-4106-8b3f-7664a086b1cf) [10:00] ERROR (OverLimit): Quota exceeded for ram: Requested 8192, but already used 48640 of 51200 ram (HTTP 413) (Request-ID: req-ecaa7c79-5e1f-4106-8b3f-7664a086b1cf) [10:00] Laney, ^^ seems that retrying poppler autopkgtestsuite against libreoffice fails on i386 [10:00] I would like to finish that poppler stuff :/ [10:03] * LocutusOfBorg leaves [10:05] rmadison -u ubuntu cups-ipp-utils [10:05] universe ^^ [10:05] doko, promote to main and unblock cups? [10:05] It'll retry itself [10:06] cups-filters-core-drivers/* unsatisfiable Depends: cups-ipp-utils [10:06] libreoffice wants a large instance [10:06] thanks Laney :) [10:06] I'm already trying the reverse-dependencies [10:06] if the laptop battery resists, I'll also set up a ben file [10:07] cups needs a move to main of cups-ipp-utils anyway I guess [10:09] poppler is already on ben [10:35] -queuebot:#ubuntu-release- Unapproved: accepted lxc [source] (yakkety-proposed) [2.0.6-0ubuntu1~ubuntu16.10.2] [10:36] -queuebot:#ubuntu-release- Unapproved: accepted lxc [source] (xenial-proposed) [2.0.6-0ubuntu1~ubuntu16.04.2] === mardy_ is now known as mardy [10:42] -queuebot:#ubuntu-release- Unapproved: accepted sbuild-launchpad-chroot [source] (yakkety-proposed) [0.13.1ubuntu16.10.1] [10:58] -queuebot:#ubuntu-release- Unapproved: accepted util-linux [sync] (yakkety-proposed) [2.28.2-1ubuntu1.1] [11:02] -queuebot:#ubuntu-release- Unapproved: accepted util-linux [sync] (xenial-proposed) [2.27.1-6ubuntu3.2] [11:02] would an ubuntu-archive admin remove python-sunpy and python3-sunpy 0.7.3-1 on armhf and arm64 from -proposed please? LP: #1643151 [11:02] Launchpad bug 1643151 in sunpy (Ubuntu) "Please remove sad pandas and friends" [Undecided,New] https://launchpad.net/bugs/1643151 [14:54] -queuebot:#ubuntu-release- New source: bubblewrap (xenial-proposed/primary) [0.1.5-1~ubuntu16.04.1] [16:16] tsimonq2: how did your revert test go? [16:25] ginggs, looking [16:27] ginggs, done [16:56] can someone please release snapd 2.20.1ubuntu1 for xenial and 2.20.1+16.10ubuntu2 for yakkety? verification is done. there is an autopkgtest failure on ppc64el but despite what the tracker says this is not a real regression because there was a hickup in a previous upload and that was responsible for this "passed on ppc64el" result [17:02] -queuebot:#ubuntu-release- New binary: yaz [ppc64el] (zesty-proposed/universe) [5.19.2-0ubuntu1] (no packageset) [17:04] -queuebot:#ubuntu-release- New binary: yaz [s390x] (zesty-proposed/universe) [5.19.2-0ubuntu1] (no packageset) [17:05] -queuebot:#ubuntu-release- New binary: yaz [amd64] (zesty-proposed/universe) [5.19.2-0ubuntu1] (no packageset) [17:05] -queuebot:#ubuntu-release- New binary: yaz [powerpc] (zesty-proposed/universe) [5.19.2-0ubuntu1] (no packageset) [17:06] -queuebot:#ubuntu-release- New binary: yaz [arm64] (zesty-proposed/universe) [5.19.2-0ubuntu1] (no packageset) [17:06] -queuebot:#ubuntu-release- New binary: yaz [armhf] (zesty-proposed/universe) [5.19.2-0ubuntu1] (no packageset) [17:08] -queuebot:#ubuntu-release- Unapproved: accepted update-manager [source] (xenial-proposed) [1:16.04.5] [17:11] -queuebot:#ubuntu-release- New binary: yaz [i386] (zesty-proposed/universe) [5.19.2-0ubuntu1] (no packageset) [18:08] -queuebot:#ubuntu-release- Unapproved: accepted ubuntu-release-upgrader [source] (xenial-proposed) [1:16.04.21] [18:17] -queuebot:#ubuntu-release- Unapproved: ubuntu-gnome-meta (xenial-proposed/universe) [0.58.1 => 0.58.2] (ubuntugnome) [18:19] When are we expecting kernel 4.8 to land in the daily iso for 16.04.2? [18:21] bdmurray: if you can, please look at accepting ubuntu-gnome-meta 0.58.2 in to xenial-proposed so it's ready in time for 16.04.2 [18:39] -queuebot:#ubuntu-release- Unapproved: accepted ubuntu-gnome-meta [source] (xenial-proposed) [0.58.2] [18:40] thank you! [19:22] infinity: ^^ 4.8 in xenial dailies? done? [20:10] Hi, I have synced cups-filters 1.13.2 from Debian to Zesty some days ago, why did it not make it from -proposed to the release? [20:33] tkamppeter: http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html says unsatisfiable depends cups-ipp-utils [20:34] nacc, why unsatisfiable depends on cups-ipp-utils? cups-ipp-utils is part of the cups source package which is in main. [20:34] which means the binary needs promoting to main [20:34] (done now) [20:35] tkamppeter: yeah it was a mismatch http://people.canonical.com/~ubuntu-archive/component-mismatches-proposed [20:35] slangasek, thanks. [20:35] nacc, also thanks. [20:36] tkamppeter: np [21:12] -queuebot:#ubuntu-release- Unapproved: accepted graphviz [source] (xenial-proposed) [2.38.0-12ubuntu2.1] [21:15] -queuebot:#ubuntu-release- Unapproved: accepted graphviz [source] (yakkety-proposed) [2.38.0-15ubuntu1.1] [21:17] I feel like we should let apt 1.2.18 enter xenial-updates now. While nobody verified 1592817 as fixed, there seem to be no new reports in it for -proposed (bdmurray). There's a ton of other bugs verified fixed, and it's really important to get this done now, as it apparently breaks upgrades to yakkety for some people. Most of this has been waiting since November's 1.2.16 upload, so it really is a bit older than overviews make you think :) [21:18] There were some autopkgtest failures, but those are not regressions caused by apt since the last apt upload [21:21] -queuebot:#ubuntu-release- Unapproved: accepted overlay-scrollbar [source] (xenial-proposed) [0.2.17.1+16.04.20151117-0ubuntu1.16.04.1] [21:21] How are the autopkgtest failures not regressions? [21:23] -queuebot:#ubuntu-release- Unapproved: accepted overlay-scrollbar [source] (yakkety-proposed) [0.2.17.1+16.04.20151117-0ubuntu1.16.10.1] [21:29] -queuebot:#ubuntu-release- Unapproved: accepted fcitx [source] (xenial-proposed) [1:4.2.9.1-1ubuntu1.16.04.2] [21:32] -queuebot:#ubuntu-release- Unapproved: accepted fcitx [source] (yakkety-proposed) [1:4.2.9.1-4ubuntu1] [21:33] -queuebot:#ubuntu-release- Unapproved: libseccomp (trusty-proposed/main) [2.2.3-2ubuntu1~ubuntu14.04.1 => 2.1.1-1ubuntu1~trusty3] (core) [21:35] -queuebot:#ubuntu-release- Unapproved: accepted maas [source] (xenial-proposed) [2.1.3+bzr5573-0ubuntu1~16.04.1] [21:35] bdmurray: They happen in apport, autopkgtest, and sbuild; and if you look at the logs, already earlier (even with 1.2.15). I think all of them started as soon as yakkety opened. [21:38] It would be a wise thing to fix them at some point, but I have not gotten around to that, and apparently nobody else either :/ [21:42] apport actually started failing in August, at that point, the wily ddeb archive started showing signature errors in apt - without a change in apt. [21:42] These tests will stop working even more once wily is dropped from the archive. [21:43] or well, that was the issue [21:43] the ddebs were dropped at that time [21:45] -queuebot:#ubuntu-release- Unapproved: accepted initramfs-tools [source] (xenial-proposed) [0.122ubuntu8.8] [22:13] bdmurray: happy new year! I could you take a look at libseccomp on trusty in the unapproved queue? [22:13] s/I could/could/ [22:13] bdmurray: this is to address bug 1653487 [22:13] bug 1653487 in libseccomp (Ubuntu) "seccomp argument filtering not working on trusty" [High,In progress] https://launchpad.net/bugs/1653487 [23:03] jdstrand: I was on a call, looking now [23:05] jdstrand: its meant to supersede the existing upload? [23:06] bdmurray: yes. it includes everything that was in it [23:06] jdstrand: I guess I meant you don't care if the other doesn't get released first? [23:08] bdmurray: do not release the other first (there is no point since this SRU is for snappy and the previous upload doesn't work with snappy amd64) [23:08] bdmurray: basically, this fixes the verification-failed of Tyler's upload [23:09] jdstrand: got it [23:09] bdmurray: so reject Tyler's, and accept this one (which is Tyler's plus patches to fix the failure) [23:09] cool [23:11] fyi bug 1653487 has no trusty task [23:11] bug 1653487 in libseccomp (Ubuntu) "seccomp argument filtering not working on trusty amd64" [High,In progress] https://launchpad.net/bugs/1653487 [23:12] bdmurray: fixed [23:15] -queuebot:#ubuntu-release- Unapproved: accepted libseccomp [source] (trusty-proposed) [2.1.1-1ubuntu1~trusty3] [23:15] bdmurray: thanks! [23:16] jdstrand: I think there's something wrong with your "Send" button [23:16] mm? [23:23] -queuebot:#ubuntu-release- Unapproved: accepted os-prober [source] (xenial-proposed) [1.70ubuntu3.2] [23:54] -queuebot:#ubuntu-release- Unapproved: accepted systemd [source] (xenial-proposed) [229-4ubuntu14]