group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #42526
[Bug 1964028] Re: [SRU] ubuntu-advantage-tools (27.6 -> 27.7) Xenial, Bionic, Focal, Impish
This bug was fixed in the package ubuntu-advantage-tools - 27.7~20.04.1
---------------
ubuntu-advantage-tools (27.7~20.04.1) focal; urgency=medium
* Backport new upstream release: (LP: #1964028) to focal
-- Grant Orndorff <grant.orndorff@xxxxxxxxxxxxx> Thu, 10 Mar 2022
12:17:34 -0500
** Changed in: ubuntu-advantage-tools (Ubuntu Focal)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1964028
Title:
[SRU] ubuntu-advantage-tools (27.6 -> 27.7) Xenial, Bionic, Focal,
Impish
Status in ubuntu-advantage-tools package in Ubuntu:
Fix Released
Status in ubuntu-advantage-tools source package in Xenial:
Fix Committed
Status in ubuntu-advantage-tools source package in Bionic:
Fix Committed
Status in ubuntu-advantage-tools source package in Focal:
Fix Released
Status in ubuntu-advantage-tools source package in Impish:
Fix Released
Bug description:
[Impact]
This release sports both bug-fixes and new features and we would like to
make sure all of our supported customers have access to these
improvements. The notable ones are:
* --format=json for attach,detach,enable,disable
* --attach-config option when attaching for users to pass their token via a file and also to customize the auto-enabled services
* Support enabling FIPS and FIPS-Updates on containers
* Add more information to ua security-status and remove --beta flag
* New log files will be world readable
See the changelog entry below for a full list of changes and bugs.
[Test Case]
The following development and SRU process was followed:
https://wiki.ubuntu.com/UbuntuAdvantageToolsUpdates
The ubuntu-advantage-tools team will be in charge of attaching the
artifacts and console output of the appropriate run to the bug.
ubuntu-advantage-tools team members will not mark ‘verification-done’
until this has happened.
[Regression Potential]
There is a small refactor that touches a python section of the postinst script. Any adjustment to postinst poses the risk of breaking upgrades if a mistake was made.
We are setting all newly created log files to world-readable. If we
have failed to catch every scenario of redacting secrets from
potentially logged strings, then some secrets could slip into the
world-readable log files.
The refactor required to support json output for more commands
required changing how all output is printed. A mistake during this
process could result in missing output that we previously printed.
Some messages were moved from stderr to stdout during this process as
well. If a third party script was parsing the error messages on stderr
from `ua` this update may break that.
We are moving from requiring a --beta flag for ua security-status to
requiring that there is not a --beta flag for ua security-status. If a
third party script is using ua security-status --beta command, then
this change could break that script.
This is a big update, with several refactors touching many pieces of
the codebase. It is possible that some behavior changed in subtle ways
not captured by our integration tests.
[Discussion]
The reason for making the logs world readable is that we no longer have any major reason keep it readable by only sudo users. Also, this will also allow for non-root users to more easily open bugs that affect the package. We are purposefully only setting new log files to be world-readable, because it is possible that logs made prior to version 27.6 still contain secrets.
The focus on json output is to support other pieces of software than
want to use `ua`, such as the upcoming Desktop settings screen to
attach and enable/disable services.
[Changelog]
* d/logrotate:
- make new logs world readable
* d/tools.postinst:
- refactor to catch exception from entitlement_factory
- no longer always set log file to only root readable
- when creating log file for the first time, make world readable
* New upstream release 27.7
- attach: --attach-config option for customizing auto-enabled services
and supplying token via a file
- auto-attach: fix bug where auto-attach caused a manually attached
machine to detach
- cli:
+ support --format=json for attach
+ support --format=json for detach
+ support --format=json for enable
+ support --format=json for disable
- contract: include activity info when updating contract
- detach: no longer contacts contract server on detach
- fips: allow fips on containers
- fix: support USNs that don't have related CVEs
- logs: make all newly created logs world-readable
- security-status:
+ show already installed esm package counts
+ include APT origin for each potential update
+ bump schema version to "0.1"
+ remove previously required --beta flag
- status:
+ include blocked_by information in service status when format=json
+ --simulate-with-token now reports expired tokens as errors
+ --simulate-with-token now returns errors in the specified format
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1964028/+subscriptions
References