Last status can be found at: Foundations Team Updates - Thursday 11 January 2024

Distro

• Working on a specification about disabling TLS1.0 and 1.1 everywhere in Ubuntu main, a work which was started in 2020 and related discussions
• Also working on disabling TLS 1.0 and 1.1 for rabbitmq-server and dropping from erlang elliptic curves deprecated by RFC8422
• ruby 3.1 tests failing due to expired certificates (WIP)

Armhf time_t

• Published new results at https://salsa.debian.org/adrien-n/armhf-time_t-results and https://adrien.dcln.fr/misc/armhf-time_t/2024-01-17/

Misc

• Discussions around the openssl release schedule

• openjdk:

  • small MR with fixes for the new openjdk-xx-testsupport package. It allows to run jtreg tests using the packaged version of openjdk

• default Java 21:

  • fixes for exec-maven-plugin, javadoc crash, intellij-community-idea, jackson-datatype-joda
  • working on kotlin.

ubuntu-image

• prepared the 3.2 release
  • waiting for some snap build failures to be solved so we can push it to latest/candidate

+1 Maintenance

This is +1 maintenance shift:

• golang-github-gorilla-websocket
  • autopkgtest for golang-entgo-ent/0.11.3-4 on amd64 was failing
  • some go tests rely on the database result sorting and sqlite does not guaranty any default sorting.
  • Opened LP: #2049502 and I submitted a patch for the problematic tests.
  • Opened https://github.com/ent/ent/issues/3903 to discuss the matter with the maintainers
  • Submitted a bug and the patch to debian https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1060915
• golang-github-gookit-color
  • FTBFS due to some tests needing a valid TERM env var.
  • Submitted a bug to debian with a patch https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061077
• golang-github-henrybear327-go-proton-api
  • blocked because golang-github-protonmail-gluon FTBFS
    • FTBFS because the test suite is flaky
    • Build succeeded after 2 retries
    • I opened an issue upstream (https://github.com/ProtonMail/gluon/issues/404) to let the maintainers know there is maybe something going on.
    • Waiting for this pkg to be published so we can retry building golang-github-henrybear327-go-proton-api
• meson
  • autopkgtest also failing in Debian
  • One of the rust test is failing due to -fstack-protector flag missing when building on arm.
  • (lost some time learning that a tab after the filename in patches is needed when the filename contains spaces)
  • I am testing a patch but the test suite is very slow, and it looks like it killed my machine
  • I will open a bug and probably submit the patch so it can be tested on LP.
• gitaly
  • FTBFS
  • the package is new and I understand it never built.
  • Need to investigate more to know what should be the best way forward.

The following packages only needed a retry:

• edk2
• golang-github-google-gnostic-models
• golang-google-protobuf

Distro

• upload Netplan 0.107.1-2, https://tracker.debian.org/news/1495339/accepted-netplanio-01071-2-source-into-unstable/
• MIR: review roc-toolkit: Bug #2047150 “[MIR] roc-toolkit” : Bugs : roc-toolkit package : Ubuntu
• some netplan vs wpa autopkgtest (s390x) investigation, https://pad.lv/2048388

Netplan

• bug grooming
• UX discussions around “diff” feature
• protective diversions for usrmerge, https://salsa.debian.org/debian/netplan.io/-/merge_requests/11
• merge ABI cleanup fixes, https://github.com/canonical/netplan/pull/400
• review ctests testing library refactoring, https://github.com/canonical/netplan/pull/432
• working on 1.0 prep PR, https://github.com/canonical/netplan/pull/434

Misc

• hiring
• pulse planing
• spec reviews/comments (FO141, KO046,FO113)

Distro

• I took another look at LP#2048768 (basically gcc/llvm address sanitizer is broken on Noble) and it turns out it was caused by a change in the kernel configuration where CONFIG_ARCH_MMAP_RND_BITS was increased from 28 to 32 bits (but not on Debian). Another distro had the same issue. It was supposed to be fixed upstream (llvm) but I still can reproduce the problem with llvm 17 on Ubuntu.

Netplan

• Code reviews for @slyon PR#400 PR#434
• Merged the security topic in our docs PR#433
• Rebased and merged my changes to the C unit tests PR#432
• Added support for bridge/bond/VRF identification on netplan status PR#420
• Currently investigating some issues reported by another team related to SR-IOV Ethernet cards.

Short week, US holiday on Monday

Distro

• Working through remaining systemd test-execute failures when unprivileged user namespaces are not available
• Sponsored rsyslog for @xypron: 8.2312.0-3ubuntu1 : rsyslog package : Ubuntu
• Moving systemd SRUs along

Misc

• Reviewed take home tests

Go

• Triage and fix FTBFS packages which builds with golang-1.22.

Distro

• debootstrap vs autopkgtest. File bug 2049737 and ask release to hint debootstrap to migrate.

OpenJDK

FIPS Provider prototype

• Added a Java API and unit tests for Cipher

TCK setup

• Investigated failing tests. They fall under two categories - missing FTP server and missing Kerberos server.
• Set up a Kerberos server / Key Distribution Center on a canonistack VM and got some of the tests passing. This is WIP.

openjdk January Security updates

• Worked on the openjdk-lts merge from Debian openjdk-11 MP#458903

OpenJDK-11-FIPS

• Package under review with Security. Addressed a concern from them in MP#458816

Distro

Worked on the proposed-migration excuse bug for python3-werkzeug LP2048769. Created merge proposals for two reverse dependencies

• onionshare MP#458934
• lektor MP#458931.

Misc

Adoptium Workgroup meeting

1 day off this week

• patch pilot
  • LP: #2049515 - sponsored merge for iwd
  • LP: #2049311 - per above, submitter agreed with suggestion to drop the delta on ldapscripts and sync the package. I did the sync.
• File initramfs-tools LP: #2049540, with reproduction steps for it and log results. There are a large number of differences in the kernel modules present in the initrd after the move to dracut.
• working on fixing mini.iso boot issues (how the initramfs-tools bug was found)
• curtin
  • MP: #458460 - add improvements to the curtin dm-crypt action that allow cryptoswap to be implemented
• a lot of greenhouse

NET

• refactoring .NET autopkgtests
• technical discussions about .NET Snaps implementation
• attended .NET Security Partners meeting
• checked out state of Godot on Ubuntu

Ubuntu Packaging Guide

• canonical/sphinx-docs-starter-pack PR #174 – optional dependency management

subiquity

• opened PR 1886 increasing probert timeout when os-prober is used
• opened PR 1888 to tweak the bug reports title when an error occurs during a curtin step.
• investigated some bug reports including:
  • installations (unknowingly) targeting the installation media
  • wrong detection of ESP
  • absence of lvm utils for edubuntu
  • partitions already mounted during file-system creation
• nvme-o-tcp work

distro

• netplan.io vs wpa still with me

autopkgtest

• Working on autopkgtest’s unshare test: the rabbit hole made me open this shadow bug but in the meantime, a workaround was also found. We’ll see how this develops.
• Opened an upstream MR to fix a deadlock issue upon “No space left on device”.

auto-upgrade-test

• Implement an ignore-list for checking /var/crash not being empty after upgrades tests: PR and MP

Misc

• Following a bit on curtin vmtest testsuite
• Following a bit some MPs on autopkgtest-cloud
• Did some archeology on some old MP that are still open, to clean up a bit the list if possible.

subiquity

• Some work on autoinstall related exception handling
• More spec work (better apport hooks!)
• More security discussions for aiohttp

distro

• SRU verification for LP #2047314

autopkgtest

• Killed / dequeued some autopkgtests from @andersson123 which were looping.
• Requeued all the perl packages but with the trigger=liblocale-gettext-perl%2F1.07-6build1. I did it “one more time” to catch ones that hadn’t failed yet.
• Dequeued some tests which included triggers from an obsolete version of perl and mesa.
• Testing @hyask’s development version of prod-proposed-migration.
• Merged my autopkgtest MP which suppresses warnings from apt. Then dropped the cowboy in production and updated the autopkgtest branch on the workers.
• Cowboy’ed a change from @hyask that should stop the autopkgtest-cloud-worker’s from having tests hang in the event that the worker runs out of free space in /tmp. The change is currently being reviewed upstream.
• Discovered and fixed an error with the above cowboy. Requeued tests which failed due to the bad cowboy.

Error Tracker

• Ran a job which populates the count of Ubuntu 24.04 users for reasons.

Ubuntu

• Special expedient SRU review and release of virtualbox.
• sru-review of livecd-rootfs for Jammy which fixes raspi daily-preinstalled builds.
• sru-review of lubuntu-update-notifier so that dist-upgrades are better supported.
• Submitted an MP updating the timeline of an event in the EoL process.

Misc

• Encountered an issue creating a virtual machine with uvt from ubuntu-qa-tools so I submitted an MP fixing the issue.
• Reviewing candidate applications.

Rust

• Got Rust 1.74 uploaded to the primary archive
• Prepared the following Rust backports for Mantic, Jammy and Focal
  • Rust 1.71
  • Rust 1.72
  • Rust 1.73
  • Rust 1.74
• Prepared rustup Snap for publishing
• Prepared CMake backport (renamed to cmake-mozilla) for Focal to be used with Rust backports

Boot

• hiredis FTBFS on ppc64el LP: #2049188
• Lot of time spent on debugging LP: #2044549
• Did some minor changes to the Debian GRUB 2.12 merge

Short week, MLK Jr Day on Monday. Inclement weather also impacting capacity (no school all week…)

Release

• discussions around a new additional arm64 ISO for 22.04.4
• assist in bootstrapping the new edubuntu raspi image, which went very smoothly until hitting an ubuntu-image bug
• escalating livecd-rootfs regression that breaks Ubuntu Server image builds in jammy. Prospective fix now proposed.
• beginning archive cleanup of lunar for EOL; NBS kernel packages removed, now waiting for conclusion of the final few kernel-related SRUs in -proposed

SRU

• did work to improve automation of tooling around SRU/NEW processing of oem metapackages
• queue of pending oem metapackages zeroed as of 2024-01-08 (after a backlog of dozens of uploads there since November)

Archive

• cleanup of ubuntu-archive bug list (lots of non-actionable bugs about OEM metapackages)
• addressed various package removal requests

General

• Continuing to work on sorting out the 64-bit time_t plan in Debian

dotnet

• Created new binary packages containing runtime and SDK PDB debug symbols.
  • This update also fixes LP: #2046458
• Attended weekly .NET partners sync meeting
• Investigating ways to make the .NET Snap PoC work per specification FO-151

• Started a conversation about needrestart’s behaviour during APT transactions
• Looking into libpam’s various versions
• Sponsored a few Rust toolchain uploads
• Tweaked and sponsored s390-tools upload
• Restarted from scratch triaging glibc test rebuild results for main due to a stupid mistake making my previous results useless
• Working on a PR for netplan to add some warning on unused error return values
• Some Greenhouse work