/srv/irclogs.ubuntu.com/2017/03/17/#ubuntu-devel.txt

=== JanC is now known as Guest79577
=== JanC_ is now known as JanC
mwhudsonare there any archive admins about? maybe wgrant?01:27
wgrantmwhudson: Hi01:27
mwhudsonwgrant: there is a ridiculous circular dependency mess with some golang packages in zesty-proposed01:28
mwhudsonwgrant: i have a plan, but it requires deleting two packages from -proposed01:28
wgrantmwhudson: I can do it as long as it requires no manual britney fiddling.01:28
mwhudson(my plan is fairly ridiculous too but i've tested it locally as much as i can)01:28
mwhudsonwgrant: just the package deletions is all i need01:29
mwhudsonwgrant: golang-goolge-x-oauth2 and golang-google-grpc01:29
wgrantCan you explain the problem and your crazy plan?01:29
wgrantmwhudson: Neither of those packages exist, even with the typo fixded.01:30
mwhudsonwgrant: they are source packages01:30
wgrantOh the second one does if I don't typo it.01:30
wgrantWhat's the proper name of the first one?01:30
mwhudsonand it's golang-golang-x-oauth2 sorry01:30
wgrantAha01:31
mwhudsong-g-x-oauth2 is not migrating because it depends on a newer version of golang-google-cloud-compute-metadata-dev01:31
wgrantgolang-google-grpc hasn't built01:31
cyphermoxwhy remove though, can't you upload/copy/whatever what's missing?01:31
mwhudsonwhich is in depwait because it depends on a newer golang-google-api-dev01:32
mwhudsonwhich ftbfs because it tries to install g-g-x-oauth2-dev which is uninstallable in -proposed01:32
mwhudsoncyphermox: because i want to build some packages against the g-g-x-oauth2-dev in the relase pocket01:32
mwhudsonmy plan is this: remove the two mentioned packages01:33
cyphermoxyeah I see01:33
cyphermoxyou want to bootstrap things01:33
mwhudsonupload a patched version of golang-google-grpc with a lower version than debian that will build against g-g-x-oauth2-dev in the relase pocket01:33
mwhudsonupload a no-change rebuild of golang-goole-genproto01:34
mwhudsonretry the builds of golang-google-api01:34
mwhudsonsync  g-g-x-oauth2-dev from debian which should now build and migrate01:34
mwhudsonsync golang-google-grpc from debian, ditto01:34
cyphermoxcorrect me if I'm wrong but even if you remove I think LP will still have seen the upload.01:34
wgrantThe plan will work, assuming that you know the correct sequence of builds.01:35
wgrantRemoving them even temporarily is not a problem.01:35
cyphermoxok01:35
mwhudsonwgrant: i've tried it locally with a schroot that has had some packages hacked out of the _Packages file01:36
mwhudsonheh doing this with the archive publishing delays is going to require more than average levels of concentration01:37
wgrantOne other possibility is to stage this in a PPA, but there aren't too many levels here.01:37
wgrantWhy does golang-google-genproto need a rebuild?01:37
wgrantmwhudson: For the last two steps, can we just resurrect the existing golang-golang-x-oauth2 and golang-google-grpc that we're about to delete, the former of which has already built and the latter should now be buildable, or do we need new versions from Debian for some reason?01:39
mwhudsonwgrant: er yeah resurrection would be fine01:39
mwhudsonwgrant: i was assuming the versions currently in debian are the same as in z-p but i guess that's not necessarily the case01:40
mwhudson<wgrant> Why does golang-google-genproto need a rebuild?01:40
mwhudsonbecause everything is terrible01:40
mwhudsonas far as i can tell01:40
wgrantI can go with that, though I wouldn't say no to more details.01:41
mwhudsonit contains files generated with an old version of the protobuf compiler, which now don't work when building with the version of golang-google-grpc in the archive01:41
wgrantOh that is terrible.01:41
mwhudson(i think even the version in release, although i haven't checked that)01:41
mwhudsonyeah01:41
mwhudsonwgrant: so you're ok to do the deletion?01:43
wgrantmwhudson: Alright, sounds sane to me.01:43
mwhudsonthanks01:43
wgrantShould I proceed?01:43
mwhudsonwgrant: please do01:43
wgrantmwhudson: Done, and the publisher is just finishing up its previous run01:46
mwhudsonwgrant: thanks01:46
elfgohQuick check, for deb packages, eg for those with weekly or daily builds, is there a trail/log of the build so that it is possible for one to reproduce the build?01:49
sarnoldthere's a lot of questions in that one sentence :)01:50
elfgohlol sorry01:50
sarnoldelfgoh: debian has a reproducible builds project https://wiki.debian.org/ReproducibleBuilds01:50
sarnoldthey're working on reducing sources of unneeded churn from build to build01:50
elfgohOk thanks. What about for images?01:50
sarnoldafaik no debian or ubuntu packages are just blindly rebuilt every week or something; people decide when to push new packages to the archives.. but PPAs have some 'recipes' that can do builds on some set of schedules or checkins or something, I've not investigated those01:51
wgrantmwhudson: Publisher done.01:52
mwhudsonwgrant: thanks, that was quick01:52
sarnoldfor ubuntu, there's extensive logging of builds,consider e.g. https://launchpad.net/ubuntu/+source/bash/4.4-2ubuntu1 -- there's a few links under Builds to information on each of the builds on the different architectures01:52
wgrantmwhudson: No changes in zesty proper, so no big suites to republish.01:52
wgrantmwhudson: If you're lucky, that will hold for this whole process and we'll be done within an hour!01:53
elfgohOk. So assuming that I wish to do a reproducible build for debian manually, where do I look to see which source went to building a package?01:55
wgrantelfgoh: If it was built on Launchpad, you can find the log on Launchpad which contains a (not easily machine readable) list of all the dependency versions that were used for the build.01:55
wgrantWe don't currently do reproducible builds in the sense of that Debian wiki page, though, so the results are not going to be byte-for-byte identical.01:56
elfgohwgrant: I see. So the checksums could possibly differ?01:56
wgrantelfgoh: They will, yes.01:57
wgrantThe goal of the reproducible builds project is to eliminate that, but it's not there yet.01:57
elfgohEnlighten me please. Assuming the same build tools, what are the differences that could cause the resulting package checksums to differ?01:58
wgrantelfgoh: Timestamps, race conditions in parallel build processes, that sort of thing.01:58
sarnold\date{} tags in latex docs or similar in nroff for manpages..01:58
wgrantIIRC the Debian wiki page lists common sources of non-determinism01:59
sarnoldrandom uuids in build blobs..01:59
elfgohwgrant: thanks I will check that out01:59
wgrantelfgoh: What is your goal?01:59
mwhudsonwgrant: as a core dev, can i use copy-package to copy into the primary archive?02:00
mwhudson(mostly just curious here)02:00
wgrantmwhudson: You can, but doing that with binaries can be difficult to get right.02:01
mwhudsonyeah, i definitely don't want to do that :)02:01
wgrant(self-service Debian syncs are just a sourceful copyPackage nowadays)02:01
mwhudsoni guess syncpackage boils down to copy-package underneath?02:01
mwhudsonright02:01
elfgohwgrant: my goal is to verify/audit the build process of a debian snapshot image for the beaglebone black02:03
mwhudsonok golang-google-grpc-dev built02:03
mwhudsonpls be slow britney02:03
wgrantIt's not published yet02:03
wgrantmwhudson: Why do you want it to be slow?02:03
mwhudsonwgrant: so that zesty release stays unmodified02:04
elfgohwgrant: so am trying to find out existing practices in other projects, and also get familiar with the terminology so that I can communicate clearly to the Beaglebone communituy02:04
mwhudsonand the publisher is fast02:04
wgrantmwhudson: Ah right, heh.02:04
wgrantmwhudson: It just published, anyway.02:04
mwhudsonwgrant: hm, rmadison isn't showing it yet02:06
wgrantmwhudson: That'll take some time to update, probably.02:06
mwhudsonand i want to wait for that before i rebuild, right?02:06
wgrantNo02:06
wgrantBuildds use ftpmaster.internal, so as soon as the publisher is done the changes are visible.02:06
wgrant2017-03-17 01:41:53 DEBUG   publish-ftpmaster ran in 222.350393s (excl. load & lock)02:07
wgrant2017-03-17 01:46:46 DEBUG   publish-ftpmaster ran in 215.29642s (excl. load & lock)02:07
wgrant2017-03-17 01:51:45 DEBUG   publish-ftpmaster ran in 215.015479s (excl. load & lock)02:07
wgrant2017-03-17 01:56:51 DEBUG   publish-ftpmaster ran in 220.509879s (excl. load & lock)02:07
wgrant2017-03-17 02:02:33 DEBUG   publish-ftpmaster ran in 262.711479s (excl. load & lock)02:07
wgrantlast few runs02:07
wgrantIf the Published timestamp on the binary pub is before the most recent of those, it's visible to buildds.02:07
wgranthttps://launchpad.net/ubuntu/zesty/amd64/golang-google-grpc-dev02:07
wgrantPublished 02:03:1502:08
wgrantAh, the publisher hadn't finished germinating, so it didn't show up as done in the log02:08
wgrant2017-03-17 02:07:01 DEBUG   publish-ftpmaster ran in 229.814887s (excl. load & lock)02:08
wgrantmwhudson: So upload genproto so we can beat britney :)02:09
mwhudsonwgrant: just doing so02:10
wgrantbritney is, sadly, victorious.02:12
wgrantStill, should only take about 20 minutes.02:12
mwhudsoncool02:17
wgrantmwhudson: Publisher finishing up with genproto. Retrying g-g-api next?02:41
wgrantPublisher done.02:41
mwhudsonyeah02:42
* mwhudson retries02:42
wgrantMight just make it in before the next publisher starts.02:43
wgrantSuccess.02:45
wgrantmwhudson: Does the order of oauth2 resurrection vs grpc retry matter?02:45
mwhudsonyeah, need oauth2 published to build grpc i think02:46
wgrantShould I resurrect oauth2 before the publisher starts?02:46
mwhudsonum i guess02:46
mwhudsonworst that happens would be a build failure i guess02:47
mwhudsonsame for oauth2 vs grpc come to that02:47
mwhudsonwgrant: afaict it would be fine to resurrect oauth2 and grpc now02:47
wgrantmwhudson: Yeah, just grpc doesn't save us any time, since it has no binaries and is the final piece anyway.02:48
mwhudsonwgrant: oauth2 might ftbfs or depwait but in any case i think i need to bounce on retry for a whole bunch of stuff after this is done anway02:48
wgrantmwhudson: oauth2 has already built, remember.02:48
lfaraoneI've had a merge proposal waiting for review into initramfs-tools since October 2016 that will resolve bug #798414. Are merge proposals no longer used, or is there some other way I can ensure this gets attention? (Fixing the underlying issue that results in users getting full `/boot` is, amusingly, out of scope for that bug.)02:48
ubottubug 798414 in initramfs-tools (Ubuntu) "update-initramfs should produce a more helpful error when there isn't enough free space" [Medium,In progress] https://launchpad.net/bugs/79841402:48
wgrantThe old binaries are resurrected and are currently publishing.02:48
mwhudsonoh right02:49
mwhudsonbinaryful resurrection, didn't think about that02:49
mwhudsonok02:49
lfaraone( sorry, MP link: https://code.launchpad.net/~lfaraone/ubuntu/+source/initramfs-tools/+git/initramfs-tools/+merge/309191 )02:49
wgrantmwhudson: It's not possible to rebuild the same source into new binaries, so we'd need either a no-change rebuild or binaryful resurrection.02:49
mwhudsonwgrant: ah ok02:49
mwhudsonwgrant: are you ok to sync grpc after the next publisher run? i need to disappear for a bit02:50
mwhudsonnot a problem if not, i can do it myself later02:50
wgrantmwhudson: Sync from Debian, or resurrect and retry?02:50
* wgrant checks for version differences.02:50
mwhudsonwgrant: i don't think there would be a difference02:50
wgrantmwhudson: They are in fact the same version.02:50
mwhudsonbut i guess resurrection would be more appropriate02:50
wgrantI'll resurrect and retry.02:50
mwhudsonwgrant: yeah, debian is in freeze so not much happening there02:51
mwhudson(i know people _can_ upload to unstable but they're not doing much)02:51
mwhudsonwgrant: thanks for your help!02:51
* mwhudson runs away02:51
wgrantmwhudson: np02:51
wgrantmwhudson: Your plan has failed. There's a very tight loop between golang-golang-x-oauth2 and golang-google-cloud03:03
mwhudsonwgrant: argh wtf03:03
wgrantOne wonders why an oauth library depends on a cloud compute client library.03:03
wgrantBut it's not possible to resolve without some manual relaxation one at least one side.03:04
mwhudsonwgrant: why is g-g-x-oauth2-dev uninstallable now?03:04
mwhudson(am on 3g now)03:04
wgrantmwhudson: Because it needs the new golang-google-cloud-compute-metadata-dev03:04
wgrantgolang-golang-x-oauth2 (0.0~git20161103.0.36bc617-1) unstable; urgency=medium03:05
mwhudsonoh wait, i think i forgot some steps :(03:05
wgrant  * Depend on latest golang-google-cloud-compute-metadata-dev.03:05
mwhudsona i think if you delete oauth2 from proposed again, golang-google-cloud will build03:05
wgrantIt shouldn't03:06
wgrantgolang-google-cloud needs a pretty new one03:06
mwhudsonoh ffs03:06
mwhudsoni'll need to look at this on monday03:06
wgrant               golang-golang-x-oauth2-google-dev (>= 0.0~git20161103.0.36bc617-3~),03:06
wgrant         golang-google-cloud-compute-metadata-dev (>= 0.0~git20160615-5~),03:07
mwhudsonhow the heck did this build on debian03:07
wgrantSo we might have to bootstrap golang-golang-x-oauth2 against an older golang-google-cloud, which is probably best done in a PPA03:07
wgrant(a PPA configured not to see -proposed)03:07
wgrantThis is a pretty ridiculous looo03:07
wgrantp03:07
mwhudsonoh right03:08
wgrantBut indeed the dep is real.03:08
mwhudsonit really is03:08
wgrant  * Depend on latest version of x/oauth2/google to avoid more circular dep03:09
* mwhudson puts laptop away again03:09
wgrant    problems.03:09
wgrant... I see03:09
wgrantRedefining the term "avoid"03:10
wgrantmwhudson: I think we need exactly golang-google-cloud 0.0~git20160615-5, which should build against the release golang-golang-x-oauth2. That golang-google-cloud will enable the -proposed golang-golang-x-oauth2 to be installed, allowing the -proposed golang-google-cloud to build.03:13
wgrantOh great, and that golang-google-cloud won't build against the new golang-google-grpc.03:21
pittinacc: I don't remember the details any more, but in Debian/Ubuntu at least we still have a patch to not enable auditing06:52
pittiit's still horribly noisy06:52
pittiinfinity: or perhaps your ~/.vimrc has "set mouse="? (I did that too after I saw the newly enabled madness)06:53
infinitypitti: Nope.06:55
mwhudsonwgrant: aaargh07:23
mwhudsonwgrant: i'll look again on monday07:23
wgrantmwhudson: No you won't.07:23
wgrantmwhudson: It should migrate next britney run.07:23
mwhudsonwgrant: oh you fixed it?07:24
wgrantmwhudson: Yeah, broke the loop in a PPA07:24
mwhudsonah ok07:24
mwhudsonlots of build retrying on monday then07:27
mwhudsonwgrant: thanks again07:29
mwhudsonyou're even worse than me for getting stuck on problems :)07:29
wgrantmwhudson: np07:29
=== marcusto_ is now known as marcustomlinson
smoserinfinity, around ?12:57
smoserbug 1661691 . it wasnt clear to me, where you suggesting we pick up delta to disable mouse ?12:57
ubottubug 1661691 in vim (Ubuntu Zesty) "TERM=xterm enables mouse mode in vi, breaks pasting with middle mouse" [High,In progress] https://launchpad.net/bugs/166169112:57
smosercommented in bug.13:00
infinitysmoser: Fix already uploaded.13:00
smoseryou think that is the right decision? we will now differ from debian and from upstream because you and I were bothered by it.13:01
infinitysmoser: Frankly, I think upstream is wrong.  I'll push this back to Debian.13:01
smoserif you push it back to debian, then i'm not so bothered. but i really dont think its worth ubuntu delta.13:01
infinitysmoser: Despite what some people think, it's the job of distros to improve on upstream, not just package the upstream gospel.13:01
infinity(We carry other deltas to vim, it's not the end of the world even if we do differ)13:01
smoserinfinity, once you learn about 'shift' i suspect the end result is actually better.13:01
infinityYeah, I'm not inclined to agree it's better.  But maybe I'm old?13:02
smoserall delta is pain. most painful is behavior delta that is exposed to users.13:02
smoseryou are old for sure.13:02
* smoser is in the same boaat13:02
smoserso, i'm fine with whatever, but ubuntu delta that changes behavior from debian, that we can never back out because we don't want to cause pain for a user is permanent pain.13:03
infinityPlus, the "learn about shit" thing isn't exactly discoverable, so I'm not sure "users just need to learn it's broken" is valid.13:03
infinityIt's my permanent pain, not yours. :P13:04
smoseri agree its not discoverable.13:04
infinitys/shit/shift/, though appropriate typo.13:04
smoser:)13:04
smoserif the error message said "did you mean shift+middle-mouse?" then it'd be fine.13:04
smoseri'll open an upstream bug suggesting that.13:04
infinityWell, "fine".13:05
infinityI don't think that's fine either.13:05
smoserwell, i'd have probably never opened the bug and just accepted the change.13:05
infinityHaving exactly one application that doesn't paste on middle-click is gratuitously broken.13:05
smoserthat would have meant that christian would not have dug on it13:05
smoserwhich would mean it probably wouldnt be fixed or changed.13:05
smoserinfinity, that is a good point.13:05
smosershell paste work, vi paste fail. i'll take it.13:06
smoserthanks.13:06
infinityIf upstream makes middle click actually DTRT, I can probably accept that the rest of "mouse mode" is better for people who aren't me.13:06
infinity(Though, I find placing a cursor in a terminal with a mouse to be the height of wrongness, I'm sure that's just me being a fuddy and/or duddy)13:07
infinitysmoser: Also note that it *is* just broken in chroots.  In my base system, if I move .vimrc out of the way, it works correctly without the shift.13:08
smoser?13:09
infinitySo, yeah.  Removing it seems the correct thing for now, and I'll reevaluate.13:09
smoserits not "just in chroots"13:09
infinityYeah, it is.13:09
smoserits anywhere where you have a new user.13:09
infinityNo.13:09
smoserit reproduces in lxc and in vms13:09
infinityI literally just moved my .vimrc out of the way.13:09
smoserand i suspect install from scratch13:09
infinityAnd middle-click works.13:09
smoseri literally launched a new ubuntu vm with no user-data and ssh'd in and it fails13:09
infinityOkay, chroots and ssh?  Anything without X forwarding, probably.13:10
infinitySo, even worse. :P13:10
infinityBut locally, when in "mouse mode" (ie: cursor placement with mouse, etc), middle-click doesn't need the shift to paste.13:11
smoserno13:11
smoserjust tried ssh -X.13:11
smoserfails there.13:11
smoser(fails == uses mouse mode)13:11
infinity"use mouse mode" isn't the failure mode, it's "needs shift to paste" that is.13:11
infinityLike i said, locally without a vimrc, it uses mouse mode.  But paste works.13:12
infinityIt might not be X forwarding, it might be some local mouse library magic, I dunno.  My point was that the local and chroot(/ssh) behaviour is different.  Which is wrong.13:13
smoserwell, ssh -X  without a .vimrc uses mouse mode and paste fails with the error message.13:13
infinityIt has nothing to do with fresh user versus not, that just papers over it in the cases where it's extra broken.13:13
infinityA fresh local user behaves differently from a fresh chroot/remote user.13:13
smoseri can verify as you said that locally paste does work.13:14
smoserwithout .vimrc13:14
smoserbut ssh -X to remote system it does not work.13:14
smoserso i'm not sure what the difference is there.13:14
smoseranyway, enough time spent for now.13:15
infinityYeah, "anything without X forwarding, probably", the key word was "probably".  I'm not digging into the code to find out what the actual mechanism that's failing is. :P13:15
=== _salem is now known as salem_
dokoinfinity: is there a real chance for the glibc update at the weekend? asking because else I would start the test rebuilds today13:47
infinitycjwatson: I'm going to assume, because it makes sense that it should be possible, that one can create a copy archive of a copy archive? :)13:52
infinitycjwatson: (Or whatever one calls doko's rebuild archive things)13:52
infinitydoko: Assuming Colin's answer to the above is what I think it should be, I'd say start a rebuild now, because I'll want to do another (main-only, probably) with the new glibc if it's going to make it so we can compare results.  Comparing to a few months ago doesn't really tell me if glibc broke things.13:53
dokook13:55
cjwatsoninfinity: I've never tried it, but from the code I believe that it is possible.14:04
naccpitti: hrm, then why does the service try to start in the container?15:17
naccpitti: i'll try and communicate what i foudn in the bug, hopefully you can reply there15:19
pittinacc: oh, I missed your question; I just responded to the vim mouse one15:21
pittinacc: sure, if you want to have b.service start and stop with a.service, use BindsTo (see systemd.unit(5))15:22
naccpitti: it's ok15:22
naccpitti: ah ok thanks!15:22
naccpitti: i'll see if that works :)15:22
naccpitti: i also foudn fedora's open-iscsi.service equiv. is a lot cleaner than ours/Debian's -- so maybe will go down that path15:22
jbichaLP: #1673817 looks bad, I wonder if anyone else experienced it15:30
ubottuLaunchpad bug 1673817 in unattended-upgrades (Ubuntu) "update-secure-boot-policy behaving badly with unattended-upgrades" [Undecided,New] https://launchpad.net/bugs/167381715:30
naccpitti: hrm, BindsTo still doesn't work exactly as I am looking15:31
infinitycyphermox: ^-- You behave badly with noninteractive debconf frontends.  Infinite loop on your password prompt instead of just defaulting to not changing the policy.15:31
infinitycyphermox: Though, this is also only triggered because of the other bug (incorrectly detecting that he's already in insecure mode), I bet.15:32
naccpitti: in this case, we have {iscsid,open-iscsi}.service -- iscsid is a necessary service for open-iscsi.service to start. If you try to start open-iscsi.service w/o iscsid.service running successfully, it will fail15:32
cyphermoxinfinity: err, I don't know what the password prompt is really infinite, I had tested that a lot15:32
naccpitti: so the use of ExecStartPre check for iscsid.service running in open-iscsi.service unfortunately, leaves open-iscsi in a failed state15:32
infinitycyphermox: Sure looks infinite in his bug report.15:33
infinity"""15:33
infinityThis message was repeated a very large number of times (but I only included it once in the attachment:15:33
infinity"Invalid password15:33
infinityThe Secure Boot key you've entered is not valid. The password used must be15:33
infinitybetween 8 and 16 characters."15:33
infinity"""15:33
cyphermoxoh, unattended, right15:33
cyphermoxheh15:33
infinityWhich looks like exactly what would happen if you assume you have a frontend when you don't and ask for input you'll never get.15:34
pittinacc: so you could say open-iscsi.service Requires=iscsid.service, why wouldn't that work?15:34
pittinacc: oh, and After= of course too15:34
naccpitti: because then open-iscsi.service will restart when iscsid.service restarts and it will logout of all iscsi disks and log back into them, which might drop your root disk :)15:34
* infinity naps now.15:34
cyphermoxinfinity: yes15:34
naccpitti: this is what fedora does: http://paste.ubuntu.com/24195791/ (in the unit)15:35
pittiwell, that's not starting when you don't need it, not dependencies or ordering15:35
naccpitti: which i think is a more accurate description -- are thereare iscsi definitions to login too? and can we use sessions?15:35
naccpitti: i think open-iscsi.service is just written poorly tbh :)15:35
pittisorry, what? login? sessions?15:36
nacciscsi :)15:36
naccpitti: http://paste.ubuntu.com/24195808/15:37
naccpitti: that's the current open-iscsi.service (with the BindsTo change)15:37
naccpitti: i think the distinction to be made here is that open-iscsi not starting because iscsid.service didn't start is not a failure in open-iscsi.service (it's a failure in iscsid.service)15:39
naccpitti: if it would help, i can more clearly restate the issue -- or via e-mail or so15:41
pittiyeah, might be better; I'm quite distracted right now15:42
naccpitti: totally fine, thanks for your time! i'll update the bug and then e-mail you directly as well15:44
pittinacc: just sub me to the bug15:44
pittisame email folder, and everything in one place then :)15:44
naccpitti: ack, will do15:44
naccsmoser: why does the non-empty fstab by default work in KVM? ah .. there is a disk with that label, but not in lxd15:46
cyphermoxinfinity: this is craptastic, there is no way this can work unattended (you do need to enter a password to do changes), and not doing it means you might have a broken system. Fortunately most likely one that boots, but still.15:47
jbichacyphermox: is it VirtualBox that triggered the shim prompt?15:49
cyphermoxprobably, yes15:50
jbichabecause we can blacklist individual packages in unattended-upgrades as a workaround…15:50
cyphermoxno, that won't really help you15:50
jbichaalso, I get that prompt every time I update VirtualBox; is there a way that it can know that I've already disabled Secure Boot15:50
cyphermoxthe "right" fix is to skip doing the work on unattended in this case, but it comes with risks15:50
cyphermoxjbicha: yes, working on that.15:51
cyphermoxit should already detect it properly but there are other broken things15:51
slangasekcyphermox: I remember we did discuss the noninteractive frontend case when this was implemented, and ISTR there were TODOs; do you recall what the plan was?16:04
cyphermoxslangasek: I don't remember the noninteractive part, except that "it needs to work" was implied, and clearly I screwed up16:05
cyphermoxbut when you think of it hard, non-interactively it just *can't* work. it needs to be set aside for applying Mok changes later, interactively, or simply skipped.16:06
cyphermoxOTOH, this will be a moot point once we really do self-signing.16:06
slangasekcyphermox: "it can't work" - the *package* needs to work16:07
cyphermoxwell, the package needs to work -- I'm saying you can't do the changes for Mok non-interactively.16:08
slangasekyes16:08
slangasekcyphermox: my logs say there was a db_input without || true, which should fail if we're noninteractive16:09
slangasekmaybe that didn't stick?16:09
cyphermoxall the db_inputs are followed by trues.16:09
cyphermox(at least AFAICS here)16:09
slangasekthis was in our discussion dated 2016-07-0716:10
slangasekcyphermox: anyway, a full fix might want to be detecting that the question was not shown and gracefully resetting some state and exiting 0 with a message, instead of exploding the script16:12
cyphermoxI think the issue is probably that we should reset not only db_fset shim/${action}_secureboot seen false but also shim/disable_secureboot value.16:12
cyphermoxyes16:12
cyphermoxI'll fix it in a bit16:13
slangasekI don't see that db_fset shim/disable_secureboot false is going to matter16:15
slangasekor do you mean setting the value rather than the flag?16:15
slangasek(in that case, also no, because when the question *is* displayed it should default to 'true')16:15
naccsmoser: interesting16:22
smoser?16:22
naccsmoser: http://paste.ubuntu.com/24195977/16:22
naccsmoser: as to why lvm2-lvmetad failed to start a boot16:22
slangasekcyphermox: I think the most robust is to handle this at line 83 when checking the secureboot_key values: if [ -z "$key" ] && [ -z "$again" ] && ! db_fget shim/${action}_secureboot seen && ! db_fget shim/secureboot_key seen ; then exit 0 # non-interactive, skipping; fi16:23
naccsmoser: i think i have 'fixes' (will put in the bug and ask for some general review) for iscsid16:25
naccsmoser: also i do think it makes sense in the lxd cloud-images to not put anyting in fstab (or maybe comment it out?)16:25
naccsmoser: interestingly, as well, lvm2-lvmetad.socket fails to start in privileged containers too16:26
slangasekcyphermox: followed up on bug16:37
slangasekcyphermox: wondering if it 'exit 1' is better since we didn't do what was asked and it could leave the system unbootable16:38
chilukslangasek: if your new guy needs something to do https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/1626166 has been neglected..17:04
ubottuLaunchpad bug 1626166 in lvm2 (Ubuntu Xenial) "lvm2 not starting lvm2-lvmetad on package install" [Undecided,Triaged]17:04
chilukslangasek: afaik it's a systemd init scripts dependency issue.17:04
chilukslangasek: but I haven't looked too far into it other than confirming it.17:04
rbasakchrisccoulson: seen bug 1671273?17:10
ubottubug 1671273 in firefox (Ubuntu) " PulseAudio requirement breaks Firefox on ALSA-only systems" [High,Confirmed] https://launchpad.net/bugs/167127317:10
bdmurrayslangasek: Do you recall the plan for aptdaemon and bug 1623856? I thought barry said something about it in his remove aptdaemon email.21:41
ubottubug 1623856 in aptdaemon (Ubuntu) "Scrolled Windows in update-manager are too small to read" [Low,In progress] https://launchpad.net/bugs/162385621:41
bdmurrayslangasek: I've confirmed both changes work and improved the description / test case a bit.21:42
barrybdmurray: aptdaemon's autopkgtests won't not fail21:42
barryso it can't clear -proposed21:42
bdmurraybarry: so we need to waive it through?21:42
barrybdmurray: either that or let it languish ;)21:43
bdmurraywell I think we should at least fix this bug21:43
drabhi, not sure where else to ask this, but how am I supposed to get a terminal during a ubiquity install?22:02
drabit fails and I can't figure out why22:02
drabif I go back to tty1 I just fine a "a start job is running for Ubuntu Live CD Installer"...22:02
draband I can't get a shell22:02
drabso there's no way for me to look at logs or anything really22:03
drabI'm looking at https://wiki.ubuntu.com/DebuggingUbiquity22:03
drabI've even tried to start the session with debug-ubiquity, but I still can't get any shell of sort22:04
drabcjwatson: hi, you around by any chance? I think your name is listed on some of those pages for the ubiquity installer, would love some input22:05
Unit193While cjwatson pretty much knows everything, cyphermox is in charge of Ubiquity these days.22:05
drabUnit193: ok, thanks22:06
drabcyphermox: ^^ any input would be greatly appreciated22:06
drabthis is Lubuntu xenial install btw22:06
drabI'm trying to do some automated installation with preseeding and I'm having 2 problems: 1) partman doesn't want to just wipe my disk and insists on asking me what to do about it 2) the hostname is not picked up by dhcp and it's set to whatever is in the preseed (this works with the ubuntu-server installed btw, same kernel options etc)22:08
drabactually, about 1), to be more precise, I get a "no root filesystem defined" error can't install at all22:09
draband this happens because the disk already has some stuff on it, but the d-i options should work to the extent of just wiping everything and continuing22:09
naccdrab: both 1) and 2) work with the serrver iso?22:09
drab2) works. 1) still seems to fail with raid1 if other disks in the machine (ie 3rd or 4th) had previously raid on it22:10
drabI'm retesting everything from fresh stuff to make sure I have correct error reports22:10
draband I just repro'ed on a clean desktop the ubiquity issue22:11
drabwith a disk that used to have windows on it22:11
drab(well it still has, installation aborted so nothing got written to it)22:11
slangasekbdmurray: the plan> certainly, any autopkgtest failures that aren't regressions should get ignored22:13
drabso I figured out the problem with getting a shell...23:00
drabit's a lubuntu bug23:00
drablxterminal to be precise, manifesting in the installer :(23:01
=== salem_ is now known as _salem

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!