touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #97764
[Bug 1039729] Re: ufw crashed with Perhaps ip6tables or your kernel needs to be upgraded. in get_netfilter_capabilities() when using ipv6.disable=1
** Changed in: ufw
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to ufw in Ubuntu.
https://bugs.launchpad.net/bugs/1039729
Title:
ufw crashed with Perhaps ip6tables or your kernel needs to be
upgraded. in get_netfilter_capabilities() when using ipv6.disable=1
Status in ufw:
Fix Released
Status in ufw package in Ubuntu:
Fix Released
Status in ufw source package in Quantal:
Fix Released
Status in ufw source package in Raring:
Fix Released
Bug description:
ufw is unusable on systems without ipv6 support because ufw traces
back when trying to run ip6tables to determine what capabilities the
system has. Currently ufw will run ip6tables unconditionally which can
fail when the system is booted with ipv6.disable=1 or when iptables is
compiled without ipv6 support. The proposed fix (which is available in
the devel release) adjusts initcaps() in backend.py to only run
get_netfilter_capabilities() on ip6tables when IPV6=yes in
/etc/default/ufw (the default in Ubuntu). See
http://bazaar.launchpad.net/~jdstrand/ufw/trunk/revision/803.
[Test Case #1]
1. Add ipv6.disable=1 to GRUB_CMDLINE_LINUX_DEFAULT in /etc/default/grub.
2. Reboot
3. Adjust /etc/default/ufw to have "IPV6=no"
4. Run 'sudo ufw disable ; sudo ufw enable'
5. Run 'sudo ufw disable ; sudo ufw app update all'
Steps 4 and 5 will traceback without this SRU.
[Test Case #2]
1. mv /sbin/ip6tables /sbin/ip6tables.bak
2. Adjust /etc/default/ufw to have "IPV6=no"
3. Run 'sudo ufw disable ; sudo ufw enable'
4. Run 'sudo ufw disable ; sudo ufw app update all'
Steps 3 and 4 will traceback without this SRU.
(Test Case #1 is the important test for Ubuntu and why this bug needs
the SRU)
[Regression Potential]
The regression potential is considered low because the patch is simple/easy to understand and the default behavior will not change for users. ufw, iptables and the Ubuntu kernel ship with IPV6 support enabled. Ufw also has a significant testsuite and a test script in QRT for Ubuntu integration (which will include test case #2 (test case #1 is not easily automatable)).
Previous Description:
Description: Ubuntu quantal (development branch)
Release: 12.10
Codename: quantal
ufw:
Installato: 0.33-0ubuntu1
Candidato: 0.33-0ubuntu1
Tabella versione:
*** 0.33-0ubuntu1 0
500 http://archive.ubuntu.com/ubuntu/ quantal/main i386 Packages
100 /var/lib/dpkg/status
I'm not using or starting ufw... i have a customized script to load
iptables rules on this system...
ProblemType: Crash
DistroRelease: Ubuntu 12.10
Package: ufw 0.33-0ubuntu1
ProcVersionSignature: Ubuntu 3.5.0-11.11-generic 3.5.2
Uname: Linux 3.5.0-11-generic i686
ApportVersion: 2.4-0ubuntu8
Architecture: i386
Date: Tue Aug 21 20:02:32 2012
ExecutablePath: /usr/sbin/ufw
InstallationMedia: Ubuntu 10.04 "Lucid Lynx" - Release Candidate i386 (20100419.1)
InterpreterPath: /usr/bin/python3.2mu
PackageArchitecture: all
ProcCmdline: /usr/bin/python3 /usr/sbin/ufw app update all
PythonArgs: ['/usr/sbin/ufw', 'app', 'update', 'all']
SourcePackage: ufw
Title: ufw crashed with Perhaps ip6tables or your kernel needs to be upgraded. in get_netfilter_capabilities()
UpgradeStatus: Upgraded to quantal on 2012-08-15 (6 days ago)
UserGroups:
To manage notifications about this bug go to:
https://bugs.launchpad.net/ufw/+bug/1039729/+subscriptions
