/srv/irclogs.ubuntu.com/2018/03/13/#ubuntu-server.txt

=== Aztec03 is now known as SmokinClucks
=== SmokinClucks is now known as Aztec03
=== ShriHari is now known as altmount
altmountI oppose!04:39
Randolfaltmount:  What do you oppose?04:40
=== ShriHari is now known as altmount
=== altmount is now known as ArseToasts
=== ShriHari is now known as Chuchuttta
cpaelzergood morning06:06
RandolfGood morning cpaelzer.06:17
cpaelzerhi Randolf, good mornign to you as well06:22
=== ShriHari is now known as altamount
=== altamount is now known as zzarr
lordievaderGood morning06:53
RandolfGood morning lordievader.07:16
lordievaderHey Randolf07:16
lordievaderHow are you doing?07:17
RandolfGood.  How are you?07:17
lordievaderDoing good here :)07:17
rbasakcpaelzer: may I have your opinion please, as my potential future memcached MP reviewer?10:36
rbasakUpstream landed https://github.com/memcached/memcached/pull/285 in a "bugfix" update.10:36
rbasakWhich is really for RHEL. It disables some systemd sandboxing features as RHEL's systemd doesn't support it.10:37
rbasakIt does so by prefixing '##safer##' to certain lines.10:37
rbasakThe RPM .spec is updated to sed them out again if the systemd is new enough.10:37
rbasakIn our case, systemd is always new enough.10:37
rbasakBut if I pull the new upstream and do nothing, the systemd service unit regresses by disabling this sandboxing.10:38
rbasakIMHO, it is inappropriate for upstream to ship the lowest common denominator by default.10:38
rbasakOlder RHEL should patch out the lines it can't support or something. So I intend to file an issue about it.10:38
rbasakIn the meantime, how should I package this in Debian?10:38
rbasaksedding them out again in debian/rules works just fine, and is reasonably future proof if upstream keeps to the same pattern.10:39
rbasakOr I could add a more rigid quilt patch.10:39
rbasakOpinion?10:39
cpaelzerrbasak: start reading ...10:40
cpaelzerrbasak: as you already said sedding as well as a patch works10:45
cpaelzerrbasak: I'm somewhat afraid that sed'ding might enable/disable random bits in the future10:45
cpaelzerI also think upstream does that the wrong way10:46
rbasakcpaelzer: so you'd prefer I add a quilt patch for now, rather than sed?10:51
cpaelzerrbasak: sort of yes, quilt + a check if there are more ##safer##10:58
cpaelzerrbasak: the check could break build10:58
cpaelzerrbasak: maybe even check count of ##safer## and if != the expected amount the packager has to check them one by one if it is ok to disable10:58
cpaelzerthis could still fail if they add one and remove one upstream but you see where I'm heading to10:59
cpaelzersome sort of safety what we enable/disable with the sedding10:59
cpaelzerif at least they would have taken safer-<systemdversion> or something11:00
cpaelzerthen the decision would again be where it belongs (upstream)11:00
cpaelzerbut they didn't11:00
rbasakcpaelzer: perhaps a quilt patch for now, and a dep8 test to verify that ##safer## doesn't appear in the shipped service unit file?11:08
rbasakThat should cover your mutate-but-count-is-same case.11:09
cpaelzerrbasak: yes11:11
cpaelzerrbasak: but dep8 is needlessly late for this11:11
cpaelzerrbasak: why not a d/rules entry that checks11:12
cpaelzerso people would realize it mcuh earlier, probably also before it is in some -proposed11:12
rbasakcpaelzer: good point. Easy enough to do in override_dh_auto_install.11:13
* rbasak has filed https://github.com/memcached/memcached/issues/35911:14
* rbasak has filed https://bugs.launchpad.net/memcached/+bug/175546011:19
ubottuLaunchpad bug 1755460 in memcached (Ubuntu) "memcached.service is less secure by default" [Medium,Triaged]11:19
fricklerlooks like memcached maintainers are proud of the current publicity and want to make sure they can keep riding that wave? :-/11:58
rbasakfrickler: huh?11:59
fricklerhttps://blogs.akamai.com/2018/03/memcached-fueled-13-tbps-attacks.html12:10
rbasakOh. That's something quite separate. I said "secure" in my bug summary, but it's really a different (and lower) order of magnitude of "secure" than the amplification vulnerability.12:28
ahasenackhi,12:29
ahasenackhow would I go about updating a package version in ubuntu's git with a new upstream (not from debian) tarball?12:29
ahasenacknon-git workflow is essentially uupdate on the new tarball12:30
ahasenack(the one I know of)12:30
rbasakI happen to have just done this for memcached (MP not up yet).12:30
rbasakI used uscan/uupdate, and then hacked things around to gitify it again.12:30
rbasakThen added one commit that changed upstream sources only (not committing the debian/changelog change made by uupdate).12:30
ahasenackgit status followed by git add/remove as needed?12:30
rbasakuupdate puts everything in a different directory so I had to bring it all back, including any dotfiles (there were none in my case).12:31
ahasenackright12:31
ahasenackfeels a bit error prone12:31
rbasakSo a bunch of hackery done by hand, but the end result being that there's a single git commit that pulls in the new upstream but doesn't touch debian/12:31
ahasenackhow does debian do it in their git, do you know?12:32
ahasenacksame thing?12:32
rbasakThis could be automated in the future by git ubuntu uupdate or something, but that's not implemented.12:32
rbasakgbp has some functionality to do something similar12:32
rbasakgbp import-orig12:32
rbasakMaintains a separate upstream branch12:32
rbasakgbp updates that and then merges upstream into master (and there's a --no-merge flag)12:32
rbasakThat's the common gbp workflow12:32
rbasakahasenack: in terms of error-proneness, you can gain some confidence when dpkg-buildpackage doesn't complain. As if it's a 3.0 (quilt) package, then everything apart from debian/ must exactly match the orig tarball, and the orig tarball isn't hacked with.12:33
ahasenacktrue, I got such errors in other occasions12:34
cpaelzerahasenack: FYI this was a uupdate for example https://git.launchpad.net/~paelzer/ubuntu/+source/iproute2/log/?h=bionic-merge-4.14.112:57
cpaelzergoing ahead of Debian12:57
ahasenackI'll take a look, thanks12:58
smoserrbasak: do you recall the bug where you were asking to change cloud-init to manage_etc_hosts : true ?14:33
rbasakYes. Do you want the number? :)14:34
rbasaksmoser: https://bugs.launchpad.net/cloud-init/+bug/174127714:34
ubottuLaunchpad bug 1741277 in cloud-init (Ubuntu) "Not all platforms running cloud-init end up with the system hostname resolveable by default" [Undecided,Confirmed]14:34
smoserthanks14:37
naccrbasak: when using a fixture with pytest.mark.parametrize, do i need to pass the fixture as a parametrized thing each time? or will pytest dtrt?16:04
naccfixture *and* mark.parameterize16:05
rbasakI think you just add the fixtures to the def line16:05
rbasakI can't remember whether at the end or the start.16:05
rbasakBut one of those should work I think.16:06
naccrbasak: ok, i'll test to figure it out (that's what i wasn't sure of either)16:06
rbasaknacc, ahasenack: I just created https://code.launchpad.net/~racb/ubuntu/+source/memcached/+git/memcached/+merge/341340. Process question: is it a problem that usd-import-team isn't in the list of reviewers?16:09
rbasakThis happened because I added the first reviewer from the MP creation page.16:10
Odd_Blokerbasak: nacc: Adding them anywhere in the parameters should DTRT.16:10
naccOdd_Bloke: thanks!16:10
naccrbasak: process-wise, no, except that only usd-import-team can create the upload tag16:10
naccrbasak: had another test question for you, if you have a moment (HO would be preferred, but I can do IRC)16:20
rbasakHO is fine. Two minutes. Standup HO?16:20
naccrbasak: thanks16:20
ahasenackrbasak: mp is fine16:53
ahasenackwrt your question16:53
ahasenackrbasak: hm, question17:07
ahasenackrbasak: debian repacks samba's tarball17:07
ahasenacksamba_4.7.4+dfsg.orig.tar.gz17:07
ahasenackupstream is like https://download.samba.org/pub/samba/stable/samba-4.7.6.tar.gz17:08
ahasenackhow do I know what was changed in that +dfsg repacking? untar it and compare?17:08
ahasenackrbasak: my connection dropped, not sure you saw my dfsg question above?17:13
naccahasenack: gbp.conf (see debian/README.source)17:16
naccahasenack: (debian/gbp.conf)17:16
ahasenackI see17:18
ahasenacknacc: the filter setting in [import-orig] should be enough?17:19
ahasenackI have17:20
ahasenack  'source4/heimdal/lib/wind/rfc*txt',17:20
ahasenack  'source4/ldap_server/devdocs',17:20
ahasenack  '*chm',17:20
naccahasenack: based upon debian/README.source, that's what ends up munging the orig17:20
ahasenackok17:20
naccrbasak: i need to drop17:28
rbasaknacc: sorry, back now. That too longer than expected :(17:28
naccrbasak: np17:39
naccrbasak: i think your pad does write it up correctly now17:39
naccrbasak: or, at least, mostly -- do you want to take that up next, then?17:40
rbasaknacc: yeah I guess I need to :)17:40
naccrbasak: thanks; i'll hold off on the new tests for a bit17:41
ahasenacknacc: rbasak: could one of you please feed samba to the importer? Debian just released a new package: https://launchpad.net/debian/+source/samba/2:4.7.4+dfsg-217:44
ahasenackit's not yet in https://code.launchpad.net/~usd-import-team/ubuntu/+source/samba/+git/samba17:44
naccahasenack: keep-up has not yet started17:44
naccahasenack: once the reimport is done (i just kicked off the remainder)17:44
ahasenackwhat is keep-up?17:44
naccthe normal import script that keeps up with the publisher17:44
ahasenackok17:44
ahasenackit's a daily cron?17:45
ahasenackor a long-running daemon?17:45
naccthe latter17:45
ahasenackwhich you stopped because of the reimport, right?17:45
naccright17:45
ahasenackok, thanks17:45
naccno publish in the last ~8 days is guaranteed to have been imported17:45
ahasenackETA sometime today?17:45
naccyeah17:45
naccat least, well, to start it17:45
ahasenackok17:46
naccit will probably take a while to catch all the way up17:46
ahasenackah, it's been stopped for all this time17:46
ahasenacknot just since saturday?17:46
naccsince a week ago saturday, or so17:46
naccmarch 517:46
ahasenackok17:46
naccwhen i started the reimport17:46
ahasenacknacc: if we go ahead of debian in some package, does git-ubuntu merge work with that package afterwards? Let's say debian updates the version too17:56
ahasenackI saw there is a -f option to force a merge, would that do it correctly?17:56
ahasenacks/would/should/17:56
naccahasenack: i expect git-ubuntu merge to be pretty broken right now17:56
naccahasenack: due to the bug you reported17:56
naccit needs updating for the new import algorithm17:57
ahasenackok17:57
naccahasenack: you can manually tag the old, new bits and just do the rebase yourself17:57
naccthat's really all git-ubuntu merge is doing17:57
ahasenackI was just wondering about that case where we would be ahead17:57
ahasenacksince the normal merge is normally with debian being ahead of us instead17:58
naccahasenack: wait, we're ahead of debian and still are?17:58
ahasenackin this hypothetical case, yes17:58
ahasenackthe "merge" would be to just grab debian/* changes from them in that case17:59
naccthat's not an ubuntu merge then :)18:00
ahasenackcorrect18:00
naccahasenack: so, no, it wouldn't work, as git-ubuntu-merge is for ubuntu merges18:00
ahasenack"Are you sure you want to merge? (Pass -f to force the merge)." <-- was wondering what would happen with -f here18:00
naccyou'd get a weird delta that you don't really want to merge?18:00
ahasenackin other words, going ahead of debian also makes getting future changes from them harder18:01
naccahasenack: well, you'd cherry-pick them18:01
naccahasenack: you wouldn't merge to them18:01
ahasenackright, it's another process18:01
naccright18:02
nacci don't think it's harder, though18:02
naccit's easier, if anything18:02
ahasenackharder because debian uploads are just one big commit18:02
ahasenackyou would have to take it apart before cherry picking18:02
ahasenackor just grab what you want and apply, without cherry picking a specific commit18:02
ahasenacktaking it apart is part of the merge workflow already18:03
naccahasenack: did you see if it's their VCS?18:03
nacc*in their18:03
naccwe don't ever take apart debian uploads, fwiw18:03
ahasenackit's there, yes18:04
ahasenackI'm just considering pros and cons of going ahead of them18:04
ahasenackand yes, we take apart our changes only, not theirs, my mistake18:04
naccmostly because if you really carea bout that level of granularity, check the debian vcs and use that18:05
hallynruh roh - bionic: apt build-dep libvirt:18:12
hallynThe following packages have unmet dependencies: builddeps:libvirt : Depends: libcgmanager-dev but it is not installable18:12
MitchTHello all.18:12
hallyncpaelzer: ^18:12
hallynwe're inf eature freeze only so i guess i coudl push a fix for this,18:13
hallyni assume noone else is doing a libvirt update since, well, we're in feature freeze18:13
MitchTI hope this is a decent place to ask, but has anyone attempted to deploy an azure vm using 18.04 beta?  As of March8th, all daily images are unable to deploy.  I figured it was azure. I opened a ticket and after escalation, their team confirmed that all images from March 8th+ are 'broken'18:14
hallynkirkland: ^18:14
hallynkirkland: who handles azure vms these days?18:14
naccOdd_Bloke: --^ ?18:14
hallyngonna guess not utlelmming utlemming :)18:14
hallynmeh18:15
hallynmy control keys why dey no work18:15
* MitchT posts the list of what works and what doesn't https://hastebin.com/icuzavoner.css18:15
hallynhm, but in my other vm i don't have that failed dependency,18:15
Odd_Blokenacc: Thanks!18:16
Odd_BlokeMitchT: o/ I'm a person you can talk to about that; how are you deploying them?18:16
hallynbackports?18:16
MitchTI'm deploying using a template18:17
hallynoh!  haha - do-release-upgrade failed me.  it did not update the release name in deb-src lines18:17
nacchallyn: wouldn't expect backports to matter for bionic :)18:17
nacchallyn: ah...18:17
hallynnacc: yeah this is worse :)18:17
hallynthanks18:17
hallyncpaelzer: ignore me18:17
MitchTthe template hasn't changed since early feb. it took me a few days to track down that if i specify that last version i have marked "OK" it will deploy.18:17
MitchT@Odd_Bloke I've found that the problem is exactly what i've described. I'm honestly out of ideas. I'm glad freenode is still around. I should know linux guys would be on IRC18:20
Odd_BlokeMitchT: OK, I can reproduce the issue, I'll dig in to it a bit more.  Thanks for reporting it here!18:23
Odd_BlokeMitchT: Could I also ask you to file a cloud-images bug at https://bugs.launchpad.net/cloud-images/+filebug, please?18:24
MitchTMy IT department sits in awe at the level of support from the ubuntu team18:24
MitchTi will file a bug.18:24
MitchTBug filed.  I hope this is helpful.   I can provide more details if needed, but its pretty straightforward. https://bugs.launchpad.net/cloud-images/+bug/175556518:36
ubottuLaunchpad bug 1755565 in cloud-images "Unable to deploy azure template with Ubuntu18.04 Daily image past March 8th" [Undecided,New]18:36
=== jelly is now known as MooServ`
=== MooServ` is now known as jelly
ahasenackhm, I have a question regarding dfsg orig tarballs19:35
ahasenacklet's say I produce one19:35
ahasenackusing the same exclusion rules as debian19:36
ahasenackbuild the ubuntu package, upload to the ubuntu archive, all is well19:36
ahasenackthen debian catches up, produces the dfsg tarball too19:36
ahasenackbut for some silly reason, it has a different md519:36
ahasenackit's the same content, but different md5 because of, say, different compression level19:36
ahasenackwon't that break things on our side? Because it will be the same filename, same tarball version and so on, but with a different md5 (but same content)19:37
rbasakahasenack: yeah, that can happen. It's annoying, but sometimes unavoidable.20:02
=== mikal_ is now known as mikal
=== strive is now known as par4g0n
=== beatzz_ is now known as beatzz
naccahasenack: yeah, that's something the importer catches (and why we import origs separately for debian & ubuntu)22:24
naccahasenack: but it *really* should be avoided if at all possible22:24

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!