group.of.nepali.translators team mailing list archive

[Launchpad Bug Tracker <1964028@xxxxxxxxxxxxxxxxxx>]

This bug was fixed in the package ubuntu-advantage-tools - 27.7~18.04.1

---------------
ubuntu-advantage-tools (27.7~18.04.1) bionic; urgency=medium

  * Backport new upstream release: (LP: #1964028) to bionic

 -- Grant Orndorff <grant.orndorff@xxxxxxxxxxxxx>  Thu, 10 Mar 2022
12:17:31 -0500

** Changed in: ubuntu-advantage-tools (Ubuntu Bionic)
       Status: Fix Committed => Fix Released

** Changed in: ubuntu-advantage-tools (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1964028

Title:
  [SRU] ubuntu-advantage-tools (27.6 -> 27.7) Xenial, Bionic, Focal,
  Impish

Status in ubuntu-advantage-tools package in Ubuntu:
  Fix Released
Status in ubuntu-advantage-tools source package in Xenial:
  Fix Released
Status in ubuntu-advantage-tools source package in Bionic:
  Fix Released
Status in ubuntu-advantage-tools source package in Focal:
  Fix Released
Status in ubuntu-advantage-tools source package in Impish:
  Fix Released

Bug description:
  [Impact]
  This release sports both bug-fixes and new features and we would like to
  make sure all of our supported customers have access to these
  improvements. The notable ones are:

    * --format=json for attach,detach,enable,disable
    * --attach-config option when attaching for users to pass their token via a file and also to customize the auto-enabled services
    * Support enabling FIPS and FIPS-Updates on containers
    * Add more information to ua security-status and remove --beta flag
    * New log files will be world readable

  See the changelog entry below for a full list of changes and bugs.

  [Test Case]
  The following development and SRU process was followed:
  https://wiki.ubuntu.com/UbuntuAdvantageToolsUpdates

  The ubuntu-advantage-tools team will be in charge of attaching the
  artifacts and console output of the appropriate run to the bug.
  ubuntu-advantage-tools team members will not mark ‘verification-done’
  until this has happened.

  [Regression Potential]
  There is a small refactor that touches a python section of the postinst script. Any adjustment to postinst poses the risk of breaking upgrades if a mistake was made.

  We are setting all newly created log files to world-readable. If we
  have failed to catch every scenario of redacting secrets from
  potentially logged strings, then some secrets could slip into the
  world-readable log files.

  The refactor required to support json output for more commands
  required changing how all output is printed. A mistake during this
  process could result in missing output that we previously printed.
  Some messages were moved from stderr to stdout during this process as
  well. If a third party script was parsing the error messages on stderr
  from `ua` this update may break that.

  We are moving from requiring a --beta flag for ua security-status to
  requiring that there is not a --beta flag for ua security-status. If a
  third party script is using ua security-status --beta command, then
  this change could break that script.

  This is a big update, with several refactors touching many pieces of
  the codebase. It is possible that some behavior changed in subtle ways
  not captured by our integration tests.

  [Discussion]
  The reason for making the logs world readable is that we no longer have any major reason keep it readable by only sudo users. Also, this will also allow for non-root users to more easily open bugs that affect the package. We are purposefully only setting new log files to be world-readable, because it is possible that logs made prior to version 27.6 still contain secrets.

  The focus on json output is to support other pieces of software than
  want to use `ua`, such as the upcoming Desktop settings screen to
  attach and enable/disable services.

  [Changelog]

    * d/logrotate:
      - make new logs world readable
    * d/tools.postinst:
      - refactor to catch exception from entitlement_factory
      - no longer always set log file to only root readable
      - when creating log file for the first time, make world readable
    * New upstream release 27.7
      - attach: --attach-config option for customizing auto-enabled services
        and supplying token via a file
      - auto-attach: fix bug where auto-attach caused a manually attached
        machine to detach
      - cli:
        + support --format=json for attach
        + support --format=json for detach
        + support --format=json for enable
        + support --format=json for disable
      - contract: include activity info when updating contract
      - detach: no longer contacts contract server on detach
      - fips: allow fips on containers
      - fix: support USNs that don't have related CVEs
      - logs: make all newly created logs world-readable
      - security-status:
        + show already installed esm package counts
        + include APT origin for each potential update
        + bump schema version to "0.1"
        + remove previously required --beta flag
      - status:
        + include blocked_by information in service status when format=json
        + --simulate-with-token now reports expired tokens as errors
        + --simulate-with-token now returns errors in the specified format

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1964028/+subscriptions