group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #46833
[Bug 2019997] Re: pro livepatch status incorrect when run as normal user
This bug was fixed in the package ubuntu-advantage-tools - 31.2~22.04
---------------
ubuntu-advantage-tools (31.2~22.04) jammy; urgency=medium
* Backport new upstream release (LP: #2048921)
ubuntu-advantage-tools (31.2) noble; urgency=medium
* properly rename logrotate conffile to avoid duplicate confiles, keep user changes
and avoid unnecessary prompts (LP: #2055046)
* use mv_conffile on all ubuntu-advantage-tools conffiles to avoid "obsolete" dpkg
conffile statuses
* fix regression in api u.pro.attach.auto.should_auto_attach.v1 so that it works with
the new package names
ubuntu-advantage-tools (31.1) noble; urgency=medium
* fix unit test that failed on newer version of python
ubuntu-advantage-tools (31) noble; urgency=medium
* d/*:
- rename ubuntu-advantage-tools to ubuntu-pro-client
- rename ubuntu-advantage-pro to ubuntu-pro-image-auto-attach
* d/apparmor:
- introduce new ubuntu_pro_apt_news apparmor policy
* d/control:
- update descriptions and homepages
- update ubuntu-pro-client-l10n to Depend on same binary version
of ubuntu-pro-client
* d/rules:
- install ubuntu_pro_apt_news apparmor policy
* d/ubuntu-pro-client.prerm:
- removed dependency on python3 by reimplementing in sh (LP: #2021988)
* apport:
- collect logs related to ubuntu_pro_apt_news apparmor policy
* release-upgrades.d/ubuntu-advantage-upgrades.cfg:
- convert APT list files to deb822 files when upgrading to noble
* systemd/apt-news.service:
- add apparmor profile and capability restrictions
* systemd/ubuntu-advantage.service:
- avoid deadlock when started during cloud-config.service (LP: #2050022)
* New upstream release 31 (LP: #2048921)
- api:
+ u.pro.attach.auto.full_auto_attach.v1: new cloud_override param
+ u.pro.status.enabled_services.v1:
* include services in "warning" state
* include "usg"
+ u.pro.security.fix.*.plan.v1: export common objects from
endpoint modules (GH: #2714)
- cli:
+ add autocomplete for api subcommand
+ autocomplete multiple services for enable/disable subcommands
+ if lock is held, cli will retry over the course of a few seconds
- collect-logs:
+ include logs related to ubuntu_pro_apt_news apparmor policy
+ include logs of apt-news.service
+ include logs of esm-cache.service
- enable:
+ use deb822 apt source file format when on noble or later
- fix:
+ avoid insinuating that CVEs were found on the machine (GH: #1522)
+ ignore LSNs when considering related USNs
+ pick CVE description based on what packages are installed
- landscape:
+ don't disable landscape on ubuntu releases where it cannot be
enabled (GH: #2743)
+ no longer assume landscape-client gets removed on disable (GH: #2840)
+ leave client.conf in place instead of renaming
+ require service to be running to consider "enabled"
+ new explanatory message when disabling
- motd: properly pluralize messages about updates (GH: #1579)
- status: show warning when canonical-livepatch command fails
(LP: #2019997)
- timer jobs: jobs-status.json is now world readable (GH: #2601)
ubuntu-advantage-tools (30.1) noble; urgency=medium
* fix UnboundLocalError in update-check error handling (LP: #2043836)
-- Grant Orndorff <grant.orndorff@xxxxxxxxxxxxx> Thu, 29 Feb 2024
09:03:11 -0500
** Changed in: ubuntu-advantage-tools (Ubuntu Jammy)
Status: Fix Committed => Fix Released
** Changed in: ubuntu-advantage-tools (Ubuntu Focal)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/2019997
Title:
pro livepatch status incorrect when run as normal user
Status in Canonical Livepatch Client:
New
Status in ubuntu-advantage-tools package in Ubuntu:
Fix Released
Status in ubuntu-advantage-tools source package in Xenial:
Fix Released
Status in ubuntu-advantage-tools source package in Bionic:
Fix Released
Status in ubuntu-advantage-tools source package in Focal:
Fix Released
Status in ubuntu-advantage-tools source package in Jammy:
Fix Released
Status in ubuntu-advantage-tools source package in Mantic:
Fix Released
Bug description:
[ Impact ]
pro status shows livepatch as "disabled" when "canonical-livepatch"
returns an error. This can be misleading. It would be more helpful to
propagate the error message up to the user through pro status; that is
what the fix does.
[ Test Plan ]
In a multipass VM:
```
# attach to pro
sudo pro attach
# hack canonical-livepatch to return an error
cat > error.sh <<EOF
#!/bin/sh
echo "this is a simulated error" >&2
false
EOF
chmod +x error.sh
sudo rm /snap/bin/canonical-livepatch
sudo ln -s /home/ubuntu/error.sh /snap/bin/canonical-livepatch
# check livepatch's status according to pro
pro status
```
Without the fix, livepatch will show as "disabled".
With the fix, livepatch will show as "warning", and there will be a notice that says "Error running canonical-livepatch status: this is a simulated error"
[ Where problems could occur ]
Since this changes how the status of livepatch is displayed, then a
mistake could lead to livepatch's status being incorrect
[Original Description]
livepatch shows as disabled when `pro status` is run as a normal user,
but enabled when run with sudo.
$ pro status
SERVICE ENTITLED STATUS DESCRIPTION
esm-apps yes enabled Expanded Security Maintenance for Applications
esm-infra yes enabled Expanded Security Maintenance for Infrastructure
livepatch yes disabled Canonical Livepatch service
$ sudo pro status
SERVICE ENTITLED STATUS DESCRIPTION
esm-apps yes enabled Expanded Security Maintenance for Applications
esm-infra yes enabled Expanded Security Maintenance for Infrastructure
livepatch yes enabled Canonical Livepatch service
This is probably a separate issue, but similarly (with a few numbers I have replaced by <censored>:
$ canonical-livepatch status
internal error, please report: running "canonical-livepatch" failed: transient scope could not be started, job /org/freedesktop/systemd1/job/235 finished with result failed
$ sudo canonical-livepatch status
last check: 35 minutes ago
kernel: <censored>
server check-in: succeeded
kernel state: ✓ kernel is supported by Canonical.
patch state: ✓ all applicable livepatch modules inserted
patch version: <censored>
tier: stable
ubuntu-advantage-tools 27.14.4~22.04
Ubuntu 22.04.2 LTS
To manage notifications about this bug go to:
https://bugs.launchpad.net/canonical-livepatch-client/+bug/2019997/+subscriptions