/srv/irclogs.ubuntu.com/2019/02/13/#ubuntu-devel.txt

riiot232hello02:33
=== ricab is now known as ricab|brb
=== ricab|brb is now known as ricab
=== alan_g is now known as alan_g_
=== ricab is now known as ricab|lunch
coreycbbdmurray: thanks for helping move bug 1809454 along. would you be able to take a look at bionic today?14:16
ubottubug 1809454 in OpenStack Compute (nova) queens "[SRU] nova rbd auth fallback uses cinder user with libvirt secret" [Medium,In progress] https://launchpad.net/bugs/180945414:16
=== ricab|lunch is now known as ricab
cpaelzercoreycb: is the 18.04.2 freeze lifted already ?14:39
coreycbcpaelzer: ahh, maybe not.14:39
coreycbcpaelzer: do you think we can re-evaluate this MIR? https://bugs.launchpad.net/ubuntu/+source/placement/+bug/180569115:01
ubottuLaunchpad bug 1805691 in placement (Ubuntu) "[MIR] placement" [Undecided,Expired]15:01
coreycbthe security team ACKed it I believe15:02
coreycbi don't think nova is going to drop their placement support until train (corresponds to Ubuntu E release) but it would be nice if we could move forward with charm changes15:02
cpaelzercoreycb: yes and done15:16
coreycbthanks very much cpaelzer15:16
seb128if some wonder why retracing are failing recently in disco, bug #181577415:23
ubottubug 1815774 in binutils (Ubuntu) "binutils 2.32 update breaks debug symbols in disco" [High,New] https://launchpad.net/bugs/181577415:23
seb128doko, ^15:24
riiot232hello15:44
riiot232is some one there.....?15:44
LtWorfriiot232: no :P15:47
riiot232:l15:48
riiot232why?15:48
riiot232where is every one at?15:48
LtWorf(i was kidding)15:48
riiot232ok.15:48
riiot232so are u dev?15:48
LtWorfanyway i'm more active on debian, which is oftc rather than freenode15:48
riiot232ok15:49
bdmurrayseb128: How did you find bug 1815774? Were you manually retracing something or looking at logs / failures to retrace?15:50
ubottubug 1815774 in binutils (Ubuntu) "binutils 2.32 update breaks debug symbols in disco" [High,New] https://launchpad.net/bugs/181577415:50
LtWorfriiot232: very minor contributions in debian, that then end up in ubuntu15:51
seb128bdmurray, I wondered why we got a few bugs invalidated by the retracers so I decided to try to sigsegv g-c-c locally and see what was the problem15:51
riiot232LtWorf ok15:51
riiot232how do I say ur name?15:51
seb128bdmurray, which gave me the warnings described in the bug, which I google for, found thar arch bug...15:51
bdmurrayseb128: Hmm, I thought I was subscribed to apport-failed-retrace but didn't notice anything. I'll have to dig.15:52
seb128bdmurray, https://bugs.launchpad.net/ubuntu/+source/gnome-control-center/+bug/181570315:52
ubottuError: launchpad bug 1815703 not found15:52
seb128https://bugs.launchpad.net/ubuntu/+source/gnome-control-center/+bug/181570415:52
ubottuError: launchpad bug 1815704 not found15:52
seb128if you want some examples15:52
bdmurrayseb128: cool, thanks15:52
seb128bdmurray, they didn't got tagged apport-failed-retrace it looks like, just untagged15:53
bdmurraywhat's up with that ascii art?15:53
seb128so maybe an apport bug there15:53
seb128lol, good question :)15:53
bdmurrayah, well then15:53
bdmurraywow, pretty colors too15:54
chilukSo I discovered today that my ubuntu one login has 2fa enabled, but since I'm no longer at Canonical, I'm no longer in the correct groups that tell Ubuntu One I need to see 2fa configuration pages... Seems like we should auto-enroll all members of ex-canonical in sso-2f-testers  *(or maybe some other group)..  The strangest thing was that I was able to log in to ubuntu one using only my user/pass, but when trying to enable15:55
chiluklivepatch it required my 2fa ..15:55
chilukwho owns ubuntu sso / one login now?15:57
cjwatsonthe snap store team15:57
cjwatsonWhat you describe is interesting; I've heard people with this problem before but not the specifics about logging into login.u.c directly vs. via something like livepatch15:58
cjwatsonThough it's possibly related to the same kind of thing that caused https://bugs.launchpad.net/canonical-identity-provider/+bug/107307415:58
ubottuLaunchpad bug 1073074 in Canonical SSO provider "sso prevents login when 2f required but user doesn't have 2F feature available" [High,Confirmed]15:58
chilukCool I'll move conversation to that bug..15:59
cjwatsonI'm not certain it's the same thing, so I'd suggest a new bug15:59
cjwatsonCan always be duped later15:59
chilukYeah I'll proceed with due diligence.15:59
cjwatsonI don't think auto-adding people to a team is the solution15:59
chilukI'm not sure what the right answer is either.. nor do I have the power any more.16:00
cjwatsonWell, it seems that if a user is set to require 2FA then we should show them 2FA ...16:00
cjwatson(which is what I thought the behaviour was, but the difference between direct login and via livepatch suggests maybe not on all code paths)16:01
chilukright..16:03
chilukalso explains why I haven't noticed till now..16:03
cjwatsonchiluk: livepatch via CLI or OpenID?16:05
chilukIt was via the "Software & Updates" application...  I forget what the actual runtime is for that.16:05
cjwatsonchiluk: OK, worth also trying something that's definitely OpenID, e.g. open a private browser window and try to sign into LP using it16:06
chilukalthough I think I hit this via cli before as well when following the livepatch instructions.16:06
cjwatsonI have to go out shortly though16:06
chiluknow I'm really confused.. via a private browser it required 2fa..16:07
chilukso it could likely be the same issue.16:07
=== alan_g is now known as alan_g_
cjwatsonchiluk: And double-check direct login to login.u.c via a private browser?16:18
chilukyeah also requires 2fa..16:20
cjwatsonso I'm not sure what you mean by "I was able to log in to ubuntu one using only my user/pass"16:20
chilukI was just added to https://launchpad.net/~sso-2f-testers ... and can now configure the 2fa devices..16:20
cjwatsonoh16:20
cjwatsonin that case all tests after the point when you were added to that team should be flagged as uninteresting for the purpose of this bug16:20
cjwatsonevidence now invalid16:20
chilukyeah.16:20
chilukI'm not sure when that exactly happened.16:21
cjwatsonLP should have the timestamp16:21
chilukright but I dont' have timestamps on my browsers.16:21
cjwatsonah16:21
cjwatsonwell, it happened at 15:53:2516:22
cjwatsonwhich was a couple of minutes before you asked about it here16:22
cjwatsonso anything you did in response to my questions can't be useful evidence16:22
chilukyeah.16:22
cjwatsonoh well16:22
chilukcjwatson want to remove me from sso-2f-testers  to retest?16:23
chilukdoes it matter?16:23
chilukI'm willing to help out for a few minutes if you are intrigued.16:23
chilukI figure you getting removed from canonical might be more prohibitive for testing.16:23
cjwatson(a) I can't do that since I'm not an admin of sso-2f-testers, (b) we can set up a similar situation with a local SSO deployment, (c) I have to go out16:24
cjwatsonso thanks but we should be able to manage :)16:25
chiluksure thing..16:25
chilukit's been nice seeing an old-familiar nic...16:25
chilukI haven't played here in far too long.16:25
roadmrchiluk: hey, I enabled your 2fa group membership, so maybe I can help, but give me a few because I'm busy atm16:26
chilukyeah my day is pretty busy too..16:27
cjwatsonah, roadmr is likely in a better position to help with this than I am anyway, excellent16:27
chilukroadmr: I described what I was seeing here : https://bugs.launchpad.net/canonical-identity-provider/+bug/1073074    I think the two are probably the same.16:35
ubottuLaunchpad bug 1073074 in Canonical SSO provider "sso prevents login when 2f required but user doesn't have 2F feature available" [High,Confirmed]16:35
roadmrchiluk: ok, reading the bug now and I checked the backlog as well16:37
roadmrchiluk: ok so to summarize, as an ex-canonicaler, you saw different 2fa requirements for API (i.e. gnome-software) vs. web (login.ubuntu.com) ?16:41
roadmrchiluk: the code does have custom logic for how to decide 2fa-ness for someone in canonical vs. someone in ~sso-2f-testers16:41
roadmrso that's where I'd start looking but it does look like a bug. I'll investigate!16:42
roadmrchiluk: and to be clear, are things working well for you now?16:42
chilukYeah things are fine now.16:46
chilukthe weirdest thing is that openid/web login seemed to work fine and did not require 2fa...16:46
roadmryes, that's weird16:47
chilukand I'm positive of this because I've been using launchpad for years without my yubikey..16:47
chiluktoday I had to go grab my old yubikey that I had previously had linked.16:47
chilukall my devices were still configured.16:47
roadmrchiluk: which email address do you use to log in these days? (you can pm it to me if you don't want to expose it here)16:47
roadmrthis is so I can look you up and check your account setup, so I can then trace how the logic handles your login attempts via api vs. web16:48
chilukIncluding my old @canonical authenticator app. *(I actually wonder if that is a mini security hole)...16:48
chilukis there a better channel for this?  no need to spam everyone here.16:49
roaksoax~/win 417:01
sparris there an appropriate channel for support-in-investigating-and-filing-a-bug-report in a mainline kernel package?17:20
rbasaksparr: mainline as in upstream? Or Ubuntu?17:22
rbasakFor Ubuntu, #ubuntu-kernel17:22
sparrthanks17:29
roaksoax/win/win 417:50
=== realitix_ is now known as realitix
seb128wgrant, cjwatson, hey, can we open disco for translations?23:05
wgrantseb128: I believe it's just blocked on UTC turning it on23:10
wgrantOh, or maybe not23:11
wgrantHm23:11
wgrantApparently we never initialised it23:11
wgrantThings are a bit on fire atm, may be able to look later.23:11
seb128wgrant, no hurry, thx23:13

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!