group.of.nepali.translators team mailing list archive

Thread
Date
[Bug 2006049] Re: error in checking : pro security-status --esm-apps

To: group.of.nepali.translators@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <2006049@xxxxxxxxxxxxxxxxxx>
Date: Mon, 13 Feb 2023 16:52:18 -0000
Reply-to: Bug 2006049 <2006049@xxxxxxxxxxxxxxxxxx>
Sender: noreply@xxxxxxxxxxxxx
This bug was fixed in the package ubuntu-advantage-tools -
27.13.5~22.10.1

---------------
ubuntu-advantage-tools (27.13.5~22.10.1) kinetic; urgency=medium

  * Backport new upstream release

ubuntu-advantage-tools (27.13.5~23.04.1) lunar; urgency=medium

  * d/ubuntu-advantage-tools.postinst:
    - fix version for cleaning the esm-apps stale unauthenticated files
      (LP: #2006765)

ubuntu-advantage-tools (27.13.4~23.04.1) lunar; urgency=medium

  * d/ubuntu-advantage-tools.postinst:
    - remove stale esm-apps unauthenticated caches (LP: #2004193)
  * apt-hook:
    - Change esm-apps advertisement message on apt upgrade to
      make it clearer that the service is providing more upgrades
      and not restricting user to only get updates if esm-apps
      is enabled (LP: #2006510)
  * contract:
    - make code aware that the effective date is not a required field
      in the machine-token.json file (LP: #2006351)
  * esm_cache
    - do not fail if we cannot extract information from
      /etc/os-release file (LP: #2006508)
  * security-status:
    -  consider packages without a candidate as 'unknown' (LP: #2006049)
  * status:
    - treat null effective contract dates as unknown/expired
      (LP: #2004650)
  * timer:
    - recycle invalid jobs-status.json file if we detect it is
      corrupted (LP: #2006261)

 -- Renan Rodrigo <renanrodrigo@xxxxxxxxxxxxx>  Thu, 09 Feb 2023
14:36:17 -0300

** Changed in: ubuntu-advantage-tools (Ubuntu Kinetic)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/2006049

Title:
  error in checking : pro security-status --esm-apps

Status in ubuntu-advantage-tools package in Ubuntu:
  In Progress
Status in ubuntu-advantage-tools source package in Xenial:
  Fix Released
Status in ubuntu-advantage-tools source package in Bionic:
  Fix Released
Status in ubuntu-advantage-tools source package in Focal:
  Fix Released
Status in ubuntu-advantage-tools source package in Jammy:
  Fix Released
Status in ubuntu-advantage-tools source package in Kinetic:
  Fix Released
Status in ubuntu-advantage-tools source package in Lunar:
  In Progress

Bug description:
  [Impact]
  Systems which hold installed packages without any remote origin or any candidate see an error when running pro security-status (also using any flag).

  Those packages should instead be considered unknown (unavailable) - as
  there is no external reference to identify where does the package come
  from.

  The code today only checks if the candidate is equal to the installed
  version, but ignores a corner case where the package has a negative
  pin, to avoid being updated/reinstalled for some reason (which makes
  little sense as there is no repository to fetch from , but still may
  happen).

  [Test Case]
  A script to test this change is attached to the bug, with a preferences file pinning some packages. Once the fix lands in -proposed, this script can be executed and verified. It consists in installing universe, third party and unavailable packages and checking that all works well. Then, pinning those packages to a negative value breaks pro security-status. The update fixes it and guarantees the packages are still classified correctly.

  [Regression Potential]
  Really very very unlinkely. The test scenario shows that for the specific case the change covers, the behavior is the same as if the packages had candidates (or, were not pinned). There is no sign of possible regression given the investigation + test case.

  [Discussion]
  The test scenario shows the fix is correct for all kinds of packages (ubuntu, third-party, unavailable/unknown) but only the latter is actually affected by the code change. If a package is installed and has a single origin, then it is /var/lib/dpkg/status - no external reference is present. The code uses the candidate version to check for origins in other versions of the package, to see if it is part of any Ubuntu or third-party repository. If the candidate is the installed version, it means it is impossible to know. If there is no candidate, then the same scenario occurs: it is impossible to know.

  [Original description]
  root@plesk:~# pro security-status --esm-apps
  Unexpected error(s) occurred.
  For more details, see the log: /var/log/ubuntu-advantage.log
  To file a bug run: ubuntu-bug ubuntu-advantage-tools

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: ubuntu-advantage-tools 27.13.3~20.04.1
  ProcVersionSignature: Ubuntu 5.4.0-137.154-generic 5.4.218
  Uname: Linux 5.4.0-137-generic x86_64
  ApportVersion: 2.20.11-0ubuntu27.25
  Architecture: amd64
  CasperMD5CheckResult: skip
  Date: Sun Feb  5 13:10:20 2023
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=C.UTF-8
   SHELL=/bin/bash
  SourcePackage: ubuntu-advantage-tools
  UpgradeStatus: No upgrade log present (probably fresh install)
  cloud-id.txt: configdrive

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2006049/+subscriptions