=== chris14_ is now known as chris14 [01:36] Yeah, I'm not feeding it a version, just unversioned package names, and the autoinstall yaml is correct; it seems to be somehow deciding whether to use the apt configuration section based on the current state of networking; like it sees networking isn't available and so it decides to ignore my mirror/proxy settings, then it apt-get updates and only finds packages in the iso (which mine is not in). === chris14_ is now known as chris14 [07:54] Openstack deployer adds `uca.list` under `/etc/apt/source.list.d`, but I have made a mirror of it locally; How can introduce mine as 1st priority to apt? === arraybolt3_ is now known as arraybolt3 [09:55] moha: IIRC, if apt sees it first, it'll use it in preference if the package being supplied is otherwise identical. [09:55] I'm not sure it's wise to rely on that though [09:55] You're better off arranging to have the sources.list.d entry replaced. [09:55] But I'm not familiar with Openstack deployer. [15:30] athos: bryceh: heya, I'm doing my +1 and found that php-laravel-lumen-framework has been blocked in -proposed for 83 days. I believe it should be/have been removed according to LP #1931315, right? [15:30] -ubottu:#ubuntu-server- Launchpad bug 1931315 in php-laravel-framework (Ubuntu) "Please drop php-laravel-framework (and movim and other associated components)" [Undecided, New] https://launchpad.net/bugs/1931315 [15:31] checking before pinging #ubuntu-release [15:51] sergiodj: yes [15:51] I have pinged ubuntu-release once or twice in the past, but I guess it was back when mot ppl was busy/on vacations [15:52] there is actually a second php package in the same situation [15:52] athos: ACK, thanks [15:52] I'll leave it be, then :) [15:53] php-slim [15:53] sergiodj: oh, if you want to ping them, please go ahead :) [15:54] athos: will do! [16:31] sergiodj, yes that's correct, all the laravel stuff should be removed [16:32] those packages keep popping back now and then, bit of wack-a-mole. Not sure why [16:37] 🧟‍♂️ [16:50] Hey all, so, on Azure DR they only support kernels up to linux-image-5.4.0-1095-azure-fips. In the FIPS update PPA there are kernel updates after 1095. How can I tell APT to upgrade to 1095 but no further? [16:56] samy1028, you should be able to use a pin, there's an example in https://askubuntu.com/questions/547550/apt-mark-holding-a-package-to-a-major-version-not-a-specific-minor [16:58] samy1028, be careful though, I got into a horrible mess one time by pinning something and forgetting about it .. [16:58] yes, documentation is key for this :) [17:02] samy1028, actually for kernels (where there's an actual different package for each ABI, not just a package version) you might get by with just an apt hold [17:03] samy1028, which I think is much less finicky (don't have to fret about "priority", for example [17:04] samy1028, here's a post with an example: https://askubuntu.com/questions/938494/how-to-i-prevent-ubuntu-from-kernel-version-upgrade-and-notification [17:09] rfm, thank you for the pointers. I'm reading through each of these. [17:09] never had to do something like this before. [17:23] I"ve found the best way to setup my VPN with my local computer (https://ibb.co/pRRt3Nq). I should replace my ISP router, with a DSL adapter, with a second eth adapter I could share internet to local computers as if those where on the LAN, but with a WAN ip. So those local clients will be considered as the others (WAN computers) under my domain. Is it correct? [17:24] In this case my server would have the fixed public IP directly, instead of the NAT router. [17:25] With this card: https://it-planet.com/fr/p/cisco-ehwic-va-dsl-a-154592.html?number=1939310000.1&gclid=CjwKCAiArY2fBhB9EiwAWqHK6pUSE1eUg8ysXaU5Klfzodf1bHxPSAM8vHfpYMPTaieKvcoYj238fxoCwF0QAvD_BwE [17:26] for example. === sdeziel_ is now known as sdeziel [18:21] rbasak: bryceh: FYI latest 1.22.1-6 of NGINX does major changes to the build, flavored executables are now replaced with metapackages, `nginx` ships the nginx binary, the rest are available in separate packages for extra plugins, etc. So it'll need review before a merge. [18:21] that was uploaded today [18:22] i know we're approaching Feature Freeze but if we want to do an nginx merge i'd like the server teams' eyes on it. [18:22] esp. with the size of the changes that a merge'll need review of [18:22] not sure if we need it to have another security review or not though [18:51] teward: I just took a look and it seems that on Debian, nginx is moving to pcre3 instead of pcre2 (preferred), this goes against https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1792544 [18:51] -ubottu:#ubuntu-server- Launchpad bug 1792544 in pcre3 (Ubuntu) "demotion of pcre3 (8.x) a.k.a pcre (without the 3) in favor of pcre2 (10.x)" [Undecided, Confirmed] [18:51] sdeziel: we should probably raise that as a high level bug, but has Debian hunted deprecation? We could continue it as part of a delta we maintain [18:51] if Debian hasn't decided to hunt pcre3 deprecation then I can't push it super hard there in Debian [18:52] and that sounds like something we need to have a delta for [18:53] sdeziel: actually are you sure about that? https://salsa.debian.org/nginx-team/nginx/-/commit/8c514f2bdce476830aa5644df0ba8637952a80d4 shows in the nginx binary a month ago we switch to pcre2 there [18:53] -ubottu:#ubuntu-server- Commit 8c514f2 in nginx-team/nginx "Switch to pcre2. Closes: #1000013." [18:53] so not sure if you're misreading something or there's errors in the code of the latest package [18:54] debian bug #1000013 closed in January on this issue brought up by matthew vernon in Debain [18:54] -ubottu:#ubuntu-server- Debian bug 1000013 in src:nginx "nginx: depends on obsolete pcre3 library" [Important, Open] https://bugs.debian.org/1000013 [18:54] teward: https://salsa.debian.org/nginx-team/nginx/-/blob/master/debian/rules has `--without-pcre2` [18:56] teward: so that's the master branch but the exprimental one has the commit you found... [18:58] emailed the other nginx team membners in Debian [18:58] however you seem to have skipped answering my question [18:58] is there a reason we can't carry that as a delta change until this is fixed in the packaging itself for standard master / Debian releases to unstable? [18:59] and yes i'm aware i was unclear with my original question [19:02] teward: I guess I was looking at the wrong branch cause experimental has the fix. It's however not shipped in a packaged form apparently. Anyway, I think it was a false alarm, sorry ;) [19:03] yeah so one of the things i've been pushing hard for is any major changes we stage in Experimental in Debian in case it explodes so it doesn't affect our testing migrations as we approach Debian freezes (upcoming) [19:03] and since there's an incoming Debian freeze Experimental is gonna start getting more work on it [19:03] in the case here though, committed or not in the main unstable branch, we could nitpick from the salsa tree [19:04] because we *do* want PCRE3 to go away [19:04] so i think it's a trivial nitpick in this case since we have some confirmation that there's work on this upstream and now pcre2 is available [19:04] *yawns* jeez I need more caffeine >.> [19:04] and i've already had five mtn dews [19:23] sdeziel: i have an answre for you [19:23] Switch to libpcre2 will be in 1.22.1-7 in which there will be also: [19:23] - ABI versioning + rebuild all modules [19:23] - final cleanup before bookworm [19:23] ^ quote from Jan [19:23] teward: excellent, thanks for clearing any remaining doubts ;) [19:24] sdeziel: yep, but in the interim we can nitpick if we want to merge -6 to get a huge portion of the merge cleaned [19:24] and then just merge -7 in and drop our handpicked-ness [19:24] either way it's going to be a complex merge with a huge drop of the flavors [19:24] of nginx [19:24] as you see fit... not my call ;) [19:24] :P [19:24] also not mine, I don't have the cycles for the merge at this second [19:25] currently balancing a few explosives (metaphorical) at work :| [20:57] teward: sounds like we might want to skip the nginx merge rather than take it on at this late stage. [20:57] Let's see what bryceh thinks [21:06] rbasak, hmm, that might be wise. I've had that merge on my todo list but expecting it would be a simple one, I'm not sure I will have time for tackling large and complex either. [21:17] teward, I've attempted to capture notes from above discussion to LP: #1993421, let me know if you see any inaccuracies. [21:17] -ubottu:#ubuntu-server- Launchpad bug 1993421 in nginx (Ubuntu) "Merge nginx from Debian unstable for lunar" [Undecided, New] https://launchpad.net/bugs/1993421 [21:18] teward, I've got a pile of tasks to get through before I can work on nginx but I'm optimistic. Let's wait on deciding whether to skip nginx for right now, and I'll see if I can scrounge time for it next week or so [21:34] I'm doing some package derivation work for our internal archive: I can easily get the SHA256 for the current latest versions of packages in Ubuntu from Packages files, but that only includes the latest. Any ideas on how I could get that for older packages? [21:38] Odd_Bloke: I can't quickly spot something in the API :( but in the web interface, the "View full publishing history" link is a good starting point https://launchpad.net/ubuntu/+source/bash [21:39] oh. hrmph. I don't see the sha256sums on the binaries pages from that :( eg https://launchpad.net/ubuntu/+source/bash/5.0-6ubuntu1.1/+build/19524460 [21:43] sarnold: they are in the .changes it seems: https://launchpad.net/ubuntu/+source/bash/5.0-6ubuntu1.1/+build/19524460/+files/bash_5.0-6ubuntu1.1_amd64.changes [21:43] sdeziel: *yay*! [21:44] somehow I thought .changes was only source artifacts [21:44] I've been here a decade [21:44] tbh, I also when looking at the publishing history and didn't find anything until you had me take a 2nd look ;) [22:23] Thank you both!