mdeslaurvalorie: wait a day and I should appear by itself when we do monday triage00:08
tsimonq2valorie: also I saw that Debian applied these fixes, that might help too00:19
tsimonq2valorie: You might want to point them towards bug 1745635 as it seems to be the tracking bug for this.00:26
ubottubug 1745635 in clamav (Ubuntu) "Security release 0.99.3 available (CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380)" [Undecided,Confirmed] https://launchpad.net/bugs/174563500:26
valorietsimonq2: thanks for that -- passed along00:28
cpaelzerbdrung: hi05:41
cpaelzerbdrung: I think smb will do the next iproute2 merge somewhere along kernel 4.1505:41
=== maclin1 is now known as maclin
cpaelzerI'm wondering which way to install a file to use07:00
cpaelzerdh_install doe sonly want to move, but not rename07:00
cpaelzersuggestions are made to dh-exec07:00
cpaelzerbut I need mv + rename + chmod afterwards07:00
cpaelzershould I just go for a few lines in d/rules instead?07:01
alkisgHi, some package in the Ubuntu archive has some security issue (details deliberately omitted) that ends up in all /home/*/.config folders being world-readable. Is it possible to reset that directory to its proper permissions for all users with a package upgrade, or is that prohibited by the Debian policy?07:30
cpaelzeralkisg: if it can be safely detected that the reason access is open is the bug in said package an update can fix it up I think07:31
cpaelzeralkisg: but otherwise I think it is bad to mess with access controls kind of unconditionally07:31
cpaelzerafter all people might have set up the same intentionally07:31
cpaelzertherfore the "is it safe to detect" question07:31
cpaelzerin general LP bugs can be opened private + security which allos discussions on non disclosed security issues07:32
alkisgcpaelzer: very nice, where would you put the detect/restore login, in postinst or in an /etc/xdg/autostart script?07:32
cpaelzeralkisg: depends too much on the actual issue that caused it to answer, I'd expect a postinst actually07:32
cpaelzeras packages could be used on non graphical environments - so xdg/autostart would never trigger07:33
alkisgHmm indeed, although they may also be installed when /home is unmounted :/07:33
alkisgThanks, I think a private+security bug report might be the best place to discuss this07:34
alkisgI filed LP: #1745929.07:48
ubottuError: Launchpad bug 1745929 could not be found07:48
valoriealkisg: none of use will be able to look at it unless we're part of the security team07:54
valoriethanks for doing that07:54
alkisgvalorie: the package maintainer (I assigned the bug to him) will still be able to see it, right?07:54
valoriethat I don't know07:55
alkisgI think I've seen some security issues that were assigned to my packages in the past, so I believe so...07:55
alkisg(wrongly assigned to my packages :P :D)07:55
valorieI would assume that the maintainer will see the proposed patch at least07:55
Unit193My favorite are errors.ubuntu.com bugs, contain no info and just link to a place you can't view details (though to be fair, a quick poke and people usually are very willing to help by pasting stuff into the report.)07:56
juliankugh, systemd-journal uses 100% CPU again.08:10
juliankah / remounted r/o again08:10
Unit193Why'd you do that?08:10
Unit193You're silly.08:10
juliankbtrfs remounted itself r/o because it was "full"08:11
juliankAnd I'm back.08:16
juliankRebooted, deleted a few snapshots of / and added another 100 MB to the LV it's on08:16
julianknow my vg has no free space left :(08:17
juliankI'm not sure I like btrfs remounting r/o when it's out of space08:17
juliankor journald going insane on CPU usage08:19
alkisgRemount-ro on errors sounds sane, 100% cpu, not so much08:26
juliankalkisg: well at least it helps you notice the problem!08:34
alkisgHaha, an effective way :D08:34
juliankjibel: I think I figured u-r-u / bug 1744722 out  https://code.launchpad.net/~juliank/ubuntu-release-upgrader/valid-release/+merge/33676109:45
ubottubug 1744722 in ubuntu-release-upgrader (Ubuntu) "Unknown bad source brings up during 'zesty' to 'artful' upgrade and It break the process" [Critical,In progress] https://launchpad.net/bugs/174472209:45
juliankThe goal was to check if the entry we are creating is valid. Checking that the dist is a valid toDist seems to be the right thing09:46
juliankRather than just checking if the old entry was a valid old distribution09:47
jibeljuliank, ok, but actually wouldn't the right fix to change the current entries to old-releases.u.c if it's a valid mirror?09:48
jibelthen recheck if there is a basemetapackage and proceed with the upgrade09:49
jibelnowhere we tell the user that its release is EOL afaik09:49
juliankDoesn't it look at the meta package for the target release?09:52
* juliank not sure what it does09:52
jibeljuliank, let me check again but I don't think so. I does the veirfication before rewriting sources.list09:52
juliankIn any case this fix seems like a fixed variant of your fix09:52
jibeljuliank, indeed, sounds good to me09:53
=== Spads_ is now known as Spads
juliankjibel: So I'd merge and upload this then. Unfortunately, I don't see how we could SRU that to artful - we need a proper test case for it.10:15
juliankIf only we had the sources.list10:16
juliankjibel: Ah, got a test case10:17
jibeljuliank, we have the sources.list from the reporter. I'm testing your fix with his list10:18
=== ret2libc_ is now known as ret2libc
juliankjibel: I added "deb https://dl.bintray.com/aluxian/deb/ stable main" to the test data which causes the problem to occur10:19
juliankIt then generates deb http://archive.ubuntu.com/ubuntu stable main # auto generated by ubuntu-release-upgrader10:20
juliankIt's not even that code generating that entry10:21
juliankMaybe I just ran the test wrong :D10:23
juliankYeah, it works10:24
juliankor not10:28
juliankwell it also worked before10:28
jibeljuliank, for the test you need a valid mirror with an obsolete release and an entry with a third part repo eg a ppa10:33
jibelthird party*10:33
juliankjibel: I'm trying to write a test case for it, but I have not found anything that breaks yet10:37
juliankIt breaks and fixes when I run tests/test_sources_list.py manually, but if I run via nose-tests it works in both cases.10:39
juliankthe test suite is of course, somewhat broken, as usual.10:39
juliank(if you run tests with python-apt, you basically have to run apt_pkg init at least in a setupClass or something)10:40
juliankotherwise some state might stick around from other tests10:40
juliankOh, my test case is broken.10:45
juliank# deb https://dl.bintray.com/aluxian/deb/ stable main # disabled on upgrade to gutsy10:45
juliankis there all the time10:45
juliankbut before, there also is10:45
juliankdeb http://archive.ubuntu.com/ubuntu stable main # auto generated by ubuntu-release-upgrader10:45
juliankthere are a ton of bugs in the test suite because we only check that the expected sources are there, not any unexpected10:54
juliankjibel: I added/modified a test case now in https://code.launchpad.net/~juliank/ubuntu-release-upgrader/valid-release/+merge/336761 and verified that it was broken before and passes now11:02
jbichaxnox: please open a new bug for your comment at LP: #40057312:27
ubottuLaunchpad bug 400573 in ubuntu-meta (Ubuntu) "[include in live-cd] wvdial (1.60.1+nmu2)" [Wishlist,Fix released] https://launchpad.net/bugs/40057312:27
xnoxjbicha, the comment was on purpose, such that people who are subscribed to that bug get the notification. As I was trying to reach them. If there is no responses there for a while, I will be opening a brand new bug to "demote" wvdial.12:33
jbichacould you go ahead and open that bug now? :)12:34
jbichaI am a fan of demoting/removing stuff earlier in the release cycle if possible so there's more time to notice problems :)12:35
tsimonq2xnox: I'll pull the OpenSSL 1.1 patch in during the Qt 5.9.4 transition I'm currently prepping in Bileto if that's OK?12:40
xnoxtsimonq2, if that does dual-build, where the qt builds with either openssls, then yes, please.12:43
xnoxtsimonq2, if it does "require openssl1.1.0 only" then that would obviously will ftbfs.12:43
xnoxtsimonq2, still discussing when and how to introduce openssl1.1.012:44
tsimonq2xnox: ok, I'll take a closer look later and let you know12:45
xnoxtsimonq2, tah!12:45
sforsheedoko: this is from your test rebuild - https://launchpadlibrarian.net/353098637/buildlog_ubuntu-bionic-arm64.linux_4.13.0-17.20_BUILDING.txt.gz13:04
dokosforshee: ohh, it's in superseded section :-/  does 4.15 build?13:58
sforsheedoko: I don't think I've tried 4.15 yet with that binutils, will test14:03
dokosforshee: maybe wait for the final 2.30, once it's built14:04
juliankdoko: ld from proposed segfaults on armhf trying to build systemd: https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3114/+build/1428675214:07
juliankit also does not build on i386 or arm6414:07
julianki386: /usr/bin/ld: /tmp/ccp5bmno.ltrans0.ltrans.o(.text+0x3362): unresolvable R_386_PLT32 relocation against symbol `__udivdi3'14:08
juliankarm64: ld: /usr/lib/crt0-efi-aarch64.o: relocation R_AARCH64_ABS16 against `EFI_SUBSYSTEM' can not be used when making a shared object14:08
jibelcould someone re-run the failed autopkgtest for network-manager on ppc64el https://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html#network-manager14:12
seb128jibel, done14:17
jibelseb128, thanks14:17
=== Spads_ is now known as Spads
ginggsHow can I figure out why the build-dependencies of hwloc-contrib and eztrace-contrib are not installable?15:32
seb128xnox, slangasek, is systemd/persistant log something you are (still?) looking at for the LTS?15:44
seb128there was an ubuntu-devel@ list discussion but it didn't get any real traction15:44
xnoxseb128, it's enabled, not sure if it has migrated yet.15:44
seb128xnox, oh ok, might be good to follow up on that list discussion to say that then :)15:45
seb128good news15:45
seb128yeah, looks like it migrated15:45
LocutusOfBorgjuliank, https://sourceware.org/bugzilla/show_bug.cgi?id=22751 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888478 :)15:51
ubottusourceware.org bug 22751 in ld "LTO broken for libgcc libcalls" [Normal,Resolved: fixed]15:51
ubottuDebian bug 888478 in binutils "binutils: lto broken for libgcc libcalls" [Serious,Open]15:51
juliankcpaelzer: Oh, you updated sanlock. Now we just need to get it into main16:25
julianklvm2 wants it :(16:25
cpaelzerjuliank: well I didn't want ti MIR it16:32
cpaelzerjuliank: I just wanted to make it somewhat usable16:33
cpaelzerlike able to install :-)16:33
juliankcpaelzer: :)16:33
cpaelzerjuliank: it didn't seem MIR-worth to me when I looked at the code this afternoon16:33
cpaelzerjuliank: could you go without in lvm2 ?16:33
juliankcpaelzer: Well lvm2-lockd needs it. some people want lvm2-lockd.16:34
GunnarHjdoko: Did you see my ping at #ubuntu-desktop?16:35
juliankcpaelzer: nacc knows more about that https://bugs.launchpad.net/ubuntu/+source/lvm2/+bug/174198616:35
ubottuLaunchpad bug 1741986 in lvm2 (Ubuntu) "Please merge lvm2 from Debian unstable for lvmlockd and sanlock support" [Wishlist,Fix committed]16:35
juliankcpaelzer: But I'm sure we'll figure something out eventually16:36
juliankWe could also demote lvm2-lockd to universe16:36
juliankbut I don't want to decide that :D16:36
TJ-juliank: Yes, we very much would like lvm2 with proper lock support, several users of it16:44
TJ-juliank: nacc took it on when we dealt with it recently16:44
juliankTJ-: Right. It will go to universe it seems, unless a team MIRs it.16:50
TJ-juliank: that'll be good; saves having to maintain a custom build :)16:52
slangasekxnox: you've enabled persistent log in systemd?  What steps have you taken to avoid double-logging to syslog?16:55
* juliank thinks double logging sounds like a good idea for now16:55
juliankWell, at least you don't lose logs that way :)16:57
bbearyou can still double lose them.17:24
xnoxslangasek, given that one has full timestamps, and the other one does not, i choose to keep data.18:02
xnoxslangasek, let's talk about enabling nano-timestamps in syslog by default, and thus breaking everyone's syslog parsing regexp-es? aka all the logwatch / graylisting things.18:03
xnoxslangasek, and enable journald module of syslog by default18:03
slangasekxnox: the full timestamps are in the journal, yes?  I'm not saying we shouldn't do the persistent journal, I'm asking how we get rid of the duplication of data that is syslog18:09
xnoxslangasek, well, imho we currently have dataloss since `systemclt status` and `journalctl` do not read syslog files and the user gets the "no logs available" messages and/or incomplete output.18:13
xnoxslangasek, imho syslog should be pulling data from journal using the journald module that it has.18:13
slangasekxnox: I think you're misunderstanding my objection18:14
xnoxslangasek, I think you are misunderstanding our users =)18:14
slangasekenabling persistent journal - yes, +118:14
xnoxslangasek, all of our users want more logs, not less.18:14
slangasekstill having data logged to syslog, causing redundant disk usage - -118:14
xnoxslangasek, our users expect to have both plain text logs; and useful `systemctl status` output.18:15
xnoxi have as many people shouting at me that we shall not remove plain text logs; and that we should have complete journals across reboots.18:15
xnoxslangasek, note that xenial's journalctl fails to read bionic's .journal files =/18:15
slangasekxnox: so I'll gather a bunch of people on my side to also shout about the wasted disk space ;-)18:16
xnoxand everything can read plain text syslog.18:16
slangasekand then it'll be well-balanced18:16
xnoxslangasek, disk space is not wasted, as logs are rotated.....18:16
xnoxslangasek, oh, i totally do have roughly equal amount of people shouting at me about all the logs and disk space =)18:17
xnoxat the moment, keep everything prevents dataloss.18:17
* xnox .... log-loss?18:17
xnoxslangasek, do you know of a way to support 1) plain text logging 2) remote syslog logging 3) full journals -> without duplication?18:19
alkisgPlain text logging isn't very important if there's a command that can display plain text output...18:20
slangasekxnox: nope :)18:20
xnoxslangasek, cause to have full remote logging journal should be pushed to syslog, and to not have duplicate disk space somehow plain text syslog and journal should be picked for some/all/split logs.18:20
slangasekxnox: right - so rsyslog has all kinds of clever filtering, and I think it would be appropriate for us to configure rsyslog by default to not write to disk logs that systemd is also writing to the journal18:22
slangasekwhile having systemd continue to /send/ them to syslog, for remote logging etc18:22
xnoxslangasek, interesting.18:23
ubottubdmurray, BenC, cyphermox, jbicha, micahg, rbasak, sil2100: DMB ping.19:03
=== Spads__ is now known as Spads

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!