[01:07] kanashiro[m]: https://gist.github.com/mwhudson/31d8a75540990965ebbd38ecd48f5bdc seems to help [03:37] Hello, I am trying to install debug symbols for systemd `systemd/focal-updates 245.4-4ubuntu3.19`, however when I try to install a dependent package libsystemd0-dbgsym for this version I noticed it is only in the focal-proposed repository [03:37] ``` [03:37] ``` [03:37] $ apt list -a libsystemd0-dbgsym [03:37] Listing... Done [03:37] libsystemd0-dbgsym/focal-proposed 245.4-4ubuntu3.19 amd64 [03:37] ``` [03:37] Hello, I am trying to install debug symbols for systemd `systemd/focal-updates 245.4-4ubuntu3.19`, however when I try to install a dependent package libsystemd0-dbgsym for this version I noticed it is only in the focal-proposed repository [03:37] ``` [03:37] $ apt list -a systemd [03:37] Listing... Done [03:37] systemd/focal-updates 245.4-4ubuntu3.19 amd64 [upgradable from: 245.4-4ubuntu3.15] [03:37] ``` [03:37] ``` [03:37] $ apt list -a libsystemd0-dbgsym [03:37] Listing... Done [03:37] libsystemd0-dbgsym/focal-proposed 245.4-4ubuntu3.19 amd64 [03:37] ``` [03:37] Is there any timeline on when libsystemd0-dbgsym/focal-proposed 245.4-4ubuntu3.19 amd64 will be released on focal-updates? [03:47] Guest9: hmm, have you done an apt update recently? [03:47] hah [04:22] sarnold: heh they didn't wait around long for a response... [04:23] amurray: shockingly, ten minutes is about nine minutes more than many :) [04:23] Webchat is least likely to wait. [04:23] heh yeah [04:25] I used to have the webchat just spontaneously disconnect me over, and over, and over, so it may have been it being flakey. [04:26] (This was my experience when I was first trying to contribute to Lubuntu, I switched over to an native IRC client very shortly thereafter.) [04:26] native clients *are* vastly better but really, webchat folks are far more likely to assume twenty seconds of silence means irc is dead forever [04:30] Try joining thirty channels give or take a few, you'll find out IRC ain't dead right quick. [04:31] Anyway, I kind of like the fact that it's somehow simultaneously peaceful and hectic, real-time and email-like. [04:32] * arraybolt3 stops going off-topic and goes back to VM building and debugging [04:36] arraybolt3: heh, 82 at the moment.. [09:03] bluca: sure, I'll have a look today :) === cpaelzer_ is now known as cpaelzer [12:20] mwhudson: thanks! [13:25] Hey folks, if anyone is planning to go to FOSDEM next year, please do consider submitting a talk. Only a few more days left on some devroom CfPs! If you'd like to help out please also see the community team's call for volunteers: https://discourse.ubuntu.com/t/ubuntu-fosdem-2023-call-for-volunteers/32613 [14:44] schopin: thank you! I've also prepared a branch with the upload for kinetic, as suggested by cpaelzer [14:44] ah, great, I was planning on doing it myself, saves me the trouble :) [14:45] linked in the bugs, you'll find ubuntu/kinetic and ubuntu/jammy on Salsa https://salsa.debian.org/debian/tpm2-openssl/ [14:45] Yup, already cloned locally, in my queue. [14:46] thanks! [14:47] thanks schopin for helping on that [15:53] vorlon: bug 1998937> Thanks for at least putting eyes on it; FYI for Lubuntu the correct package is lubuntu-update-notifier :) [15:53] -ubottu:#ubuntu-devel- Bug 1998937 in update-notifier (Ubuntu) "Lubuntu Jammy - full upgrade freeze waiting for config file prompt" [Undecided, New] https://launchpad.net/bugs/1998937 [16:28] tsimonq2: thanks for getting it to the right package! [16:29] of course :) [16:29] tsimonq2: also, reimplementing all the upgrade logic for our core upgrader into a separate source package == bad :P [16:30] four uploads of this source package since focal and none since jammy; it's buggy and wrong, I assert without digging further [16:31] I don't think your assertion is incorrect... :P [16:33] In the meantime, we're going to have to patch this for stable releases, and add it to the list for Lunar to replace it... with something :P [16:38] So…odd things happening on my end, auditing a defense contractor [16:39] For all communications carrying federal controlled information, the communications must be protected by FIPS-compliant encryption, which has a special meaning [16:39] You can't just turn on FIPS 140 algorithms in e.g. nginx (openssl) and meet that; the actual encryption module has to be CMVP certified [16:39] but…not the software. You just need a CMVP certified encryption module through which the protected information flows. [16:40] BoringCrypto (which is the core of BoringSSL) satisfies that, not sure if OpenSSL uses that or if it can be patched to use that core for FIPS 140 algorithms [16:41] I'm not sure if it'd be desirable to work toward ensuring OpenSSL and OpenSSH are capable of satisfying FIPS-140 validation requirements though. If it is, that may be something for me to check and put up as a blueprint on Launchpad? [16:43] the idea being Canonical can attest that Ubuntu out of the box uses a CMVP-certified encryption module when some list of softwares are configured in a particular manner [16:43] Bluefoxicy: https://ubuntu.com/security/certifications/docs/fips [16:45] Bluefoxicy: and https://ubuntu.com/security/fips#modules [16:46] So in summary, Canonical have done the work and it's already available - though as part of a Canoncial add-on, not Ubuntu itself. [17:00] vorlon: Slight issue with that, update-notifier is not used on Kubuntu either. It's simply using Discover with a PackageKit backend. I can confirm no such prompt is even presented on Kubuntu, and instead it defaults to "N", which isn't helpful. [17:02] tsimonq2: it's the update-manager functionality rather than the update-notifier functionality that concerns me. Having independent implementations of the notifications is all nice and good, but update-notifier dispatches to update-manager (which supports multiple UI frontends) for the actual upgrade [17:02] rbasak, thanks! Didn't know that, should have searched harder. [17:58] Bluefoxicy: tpm2-openssl SRUs uploaded to the kinetic and jammy queues. Thanks for your work! [17:58] damnit, wrong nick, sorry! [17:58] bluca: ^ [18:04] thank you! [18:36] lol I do nothing but complain when I'm around, I don't do any work :P [19:52] mwhudson: ok, 1.19.4/1.18.9 are released. Updated the branches: https://git.launchpad.net/go-snap/commit/?id=84faaf848befd2cb3ce0f13535d45745660787e4 and https://git.launchpad.net/go-snap/commit/?id=fc4b2c7e9bee8db1dbe659243fa1ce8649ef9718 [19:52] -ubottu:#ubuntu-devel- Commit 84faaf8 in go-snap "move to go1.19.4 go1.19" [19:52] -ubottu:#ubuntu-devel- Commit fc4b2c7 in go-snap "move to go1.18.9 go1.18" [20:32] jdstrand: awesome [20:36] i see amd64 built already, build farm for other architectures seems in a bad way [20:45] yeah. I'm testing amd64 now [21:05] mwhudson: ok, my testing is complete. your test cases pass as well as larger builds. feel free to promote when the builds are done or I'll do it tonight/tomorrow [21:06] ok [21:07] i wonder what's going on on s390x [23:03] Hmm, the latest jammy dkms version depends on gcc-12 which is in universe. [23:05] Aha, I'm not the only one to notice: https://bugs.launchpad.net/ubuntu/+source/dkms/+bug/1998154 [23:05] -ubottu:#ubuntu-devel- Launchpad bug 1998154 in dkms (Ubuntu) "dkms (2.8.7-2ubuntu2.1) jammy depends on gcc-12 which is under universe archive" [Undecided, Confirmed] [23:23] what's the fastest way to get in touch with the kernel team? Because I'd like to get an authoritative answer from someone on the team for a specific question (and thereby make that a statement on behalf of the kernel team).