Previous week’s status can be found at Foundations Team Updates - Thursday 12 Oct 2023

Distro

• initramfs-tools: bug triage

Apport

• Reviewed ui: don’t rely on Dependencies to know if collect_info() has been run
• Analyzed why build_java is not called in the system-tests-installed CI run (in https://github.com/canonical/apport/pull/223). I cannot reproduce the behavior in a jammy schroot environment with the same packages installed. Investigation result so far: build_java is not called in the first setup.py call. All following calls will behave correctly.

+1 maintenance

Paperwork

I spend my time ensuring that all blocked packages failures are documented and reported in Debian / upstream where applicable. I created a bunch of bug reports:

• numba 0.57.1+dfsg-1 autopkgtest regressions
• rust-minijinja 0.34.0-1 autopkgtest failure: Uninstallable dependencies
• octave-tisean 0.2.3.hg.2021.11.29-1 fails to build on all architectures
• python3-aiortc 1.5.0-2 autopkgtest autodep8-python3 failure
• rust-sysinfo 0.28.4-2 s390x regression: test_refresh_tasks fails
• pyhst2: FTBFS with CUDA 12: error: texture is not a template
• relion-cuda: FTBFS with CUDA 12: nvcc fatal : Value ‘sm_35’ is not defined for option ‘gpu-architecture’
• ruby-appraiser-rubocop 1.0.1-2 has invalid dependencies
• systemtap 4.9-1 fails to build on ppc64el and i386
• faust: FTBFS: make[7]: *** No rule to make target ‘tmp_llvm_lib/libPolly.dir’, needed by ‘lib/libfaustwithllvm.a’. Stop.
• zim-tools 3.2.0-1 fails to build on amd64, ppc64el, and s390x: zimcheck-test fails
• ares 132-1 fails to build on armhf, riscv64, and s390x (and suggested how to fix)

Tickets for the archive admins

• Asked on #ubuntu-kernel about nvidia-open-gpu-kernel-modules and got @xnox creating RM: unused in ubuntu / packaged separately
• Please remove kchmviewer builds on ppc64el, riscv64, and s390x

marshmallow

I stumbled over Debian bug #1052847 and submitted a better fix for upstream marshmallow: https://github.com/marshmallow-code/marshmallow/pull/2198

pd-xsample

pd-xsample 0.3.2+git20170905.1.4441ae5-6 fails to build on ppc64el. I fixed the last complaint from the build log and submitted it upstream. Then I noticed that this was only a warning and not the culprit. The relevant error message was printed way earlier. The latest upload enabled building Pd64 externals, but vec_dst only supports float but not double. So I disabled this change for ppc64el and uploaded pd-xsample 0.3.2+git20170905.1.4441ae5-7 to Debian unstable.

Syncs to fix failures

Following package should be (auto-)synced after the archive openening:

• Sync 1.6.3-1 to fix proposed-migration for cgreen 1.5.1-1build1
• Sync python-aiortc 1.5.0-3 to unblock the python3-aioice/0.9.0-1 migration
• Sync sublime-music/0.12.0-1 - this should solve the autopkgtest failure with dataclasses-json 0.5.13-2
• Sync gpac >= 2.2.1+dfsg1-2 which builds with ffmpeg 6.0
• Sync pd-xsample 0.3.2+git20170905.1.4441ae5-7 which fixed the build failure on ppc64el

Distro

• Fix + SRU critical NetworkManager bug on upgrades, LP: #2039503
• Patch pilot shift, Patch Pilot Hand-off 24.04

Netplan

• review Netplan diff backend PR, #386
• reviews of generic PSK + EAP password solution, #416
• review Documentation spelling checker CI, #417
• Working on a Focal/Core20 reproducer/test, LP: #1959570
• Netplan everywhere blog post

Misc

• Interviewer training
• take-home tests
• (many) written interviews

ubuntu-image

• PR #150 - Support the keep-enabled parameter in ubuntu-image extra-ppas

  • added some improvements following the review

• PR #148 - ubuntu-image ‘pack’ support

  • added some improvements, waiting for a review

• PR #152 - Improve tests performance (reduce disk usage and test duration)

  • Merged

• PR # 157 - Use eatmydata to speedup image build

  • Proposed. I am still unable to find a use case where using eatmydata is making a difference

• PR # 155 - Clean image build leftovers

  • Proposed, waiting for a review

• PR #143 - The ‘fstab’ of ‘customization’ destroy original fstab content

  • added some improvements to also fix another bug @waveform found a couple years ago (LP #1955019)

• Devised a strategy to fix LP#2038111. Waiting for a review to move forward.

• Did some research on tools similar to ubuntu-image and livecd-rootfs to get an overview of different ways to solve the “image building” problem.

+1 Maintenance

Remaining of the +1 week

• exec-path-from-shell-el FTBFS. This seems to be linked to melpa server unreachable wile building. Added my investigation to https://bugs.launchpad.net/ubuntu/+source/exec-path-from-shell-el/+bug/2034630

Go

• Micro releases for 1.20 (1.20.9 & 1.20.10) and 1.21 (1.21.2 & 1.21.3).
  Updated in Debian and Snap, and FIPS packages. Ubuntu archive packages are not updated due to freeze.

• Open LP #2039794. Go 1.22 (not released yet) is going to use KMCTR and other crypto instructions on s390x. Illegal instruction on launchpad builder.

• Revise specification for Go dev tools snap.

I was out on Thursday and Friday of last week.

dotnet

• .NET 8 RC1 is live on Mantic! (https://launchpad.net/ubuntu/+source/dotnet8)
  • Removed .git folder build dependency, which shrinks the orig tarball from 1GB to 200MB.
  • Cleaned up lintian warnings and d/copyrights file.
• Packaged .NET 8 RC2 (released today).
  • Fixed lingering prebuilts symlink issue by removing reference on d/rules file.
  • More d/copyrights clean-up.
• Attended weekly .NET partners sync meeting

distro

• Investigating nvme-of test case for the nvme-stas package, which runs on amd64 but fails on other platforms.

Distro

• Analysis of the default TLS configuration of several packages and discussions on what they should be

Misc

• Prepared lightning talk (there’s also a lot more material) for crypto-config

Netplan

• Investigated Network Manager crashes reported in LP#2038811
• Worked on a workaround for a parser issue reported from time ago related to the parsing of access-points PR#413
• Fixed a problem related to wireguard endpoints that was causing problems with Network Manager PR#414
• Fixed a problem in the keyfile parser where it was generating the incorrect configuration for some EAP methods PR#415
• Added a spelling check step to the Github CI PR#417
• Working on a more complete fix for a problem related to EAP authentication that’s causing problems with Network Manager PR#416
• Preparing the SRU containing some fixes for the problems that are leading to Network Manager crashes

OpenJDK

• TCK 17 - created a private git repo with the TCK material (which is received from Oracle and is proprietary) and initial scripting to run the compliance tests in Docker containers. Tested on amd64, arm64, ppc64el and s390x.

• debian/copyright - Submitted an MR with the openjdk copyright generator rewritten in Python (it was written in Perl first, which isn’t permitted as per Debian policy). Also submitted MRs to add the copyrights file (as well as the generator script) to openjdk versions 11, 17 and 21.

• CRaC - Investigated the feasibility of shipping a CRaC (Coordinated Restore at Checkpoint JDK package] on Ubuntu) enabled JDK package. CRaC is a JVM wrapper around CRIU (Checkpoint and Restore in Userspace). I built a package with some hacks, installed it and wrote a test that uses the crac API. Promised gains are visible. I am writing up a blog-post where I touch upon the practical aspects of packaging and maintaining it.

• Code review: Reviewe Vladimir’s MP on backporting JTREG to jammy and focal.

OpenJDK FIPS

• Investigated OpenSSL support for key-stores. Turns out OpenSSL does not support any of the FIPS-approved Key Store formats.

Misc

• Weekly Adoptium workgroup meetings
• Written interview training

subiquity

• prepared some experiments with os-prober running over multiple drives in parallel. It feels like it could result in a block probing speed up in some scenarios. But that requires work to determine what “drives” are on different physical disks.
• looking for other ways to reduce block probing duration. Determining file-system minimal sizes and probing for installed OSes are the most time-consuming operations.
• working on changing the way we deal with os-prober in the subiquity snap. Currently, the package is built based on a pre- 1.80 source tree. Considering adding a public PPA for subiquity so we can pull our own version of os-prober - with our patches already applied. This would require doing manual merges whenever a SRU of a package lands though.

• help 23.10 release
• code reviews, bug triage, and general catchup
• 24.04 planning
• subiquity
  • 23.10.1 release. Special thanks to @ogayot who did almost all the changelog creation.
  • PR: 1844 - start merging some out of sync content ahead of subiquity RTD site availability

Rust

• Finished internal spec for the Rust development tools Snap
• Currently backporting Rust 1.68, 1.69 and 1.70 to Lunar, Jammy and Focal

.NET

• finishing internal .NET maintainer documentation
• attended weekly .NET partners sync meeting

Ubuntu Packaging Guide

• finishing new how-to articles
• reviewed Documentation Team roadmap objectives and results for the packaging guide
• attended weekly Ubuntu Packaging Guide meeting

mkukri

33m

I have been implementing an automated testing framework for GRUB. Currently we have the ability to:

• Automatically provision VMs with cloud images
• Install new shim+grub (or just GRUB in --no-shim mode for development)
• Verify the VM successfully reboots after the new loaders were install
• The ability to do the above using a set of different Secure Boot configurations
• The ability to do the above on ARM64 and AMD64 (both with UEFI and PCBIOS)

I am currently working on implementing the ability to automatically sign unsigned copies of shim+GRUB, and verify the correct operation of Secure Boot without having to provide binaries signed with production keys.

• Mesa testing for Core 22 updates in Firefox
• Mantic release and all the fun that entailed:
  • Pi 5 support LP: #2037642,
  • cloud-init killing the Zero 2 and 3A+ LP: #2038945,
  • eth0 disappearing on the 3B+ LP: #2038964,
  • ALSA not appearing on server on the Pi 5 LP: #2038924
  • Sharing tab hanging in gnome-control-center LP: #2037017
  • But a bunch of other things getting fixed like totem LP: #1998782
• Post-mantic release:
  • investigation of pre-generated machine-id and host SSH keys (LP: #2039434)
  • Investigating reports of Pi 5 fan spinning full speed on Ubuntu; current theory is it may be down to some differences in the registration of PWM devices
• Worked on PyPI packaging of lgpio (apologies to the community that this was delayed during mantic’s release!)

Misc:

• Lots of ISO testing and bug checking for the release last week
• Updated the netboot test(s) for subiquity MP#453468

Subiquity:

• Currently working on rewriting the apport hook for subiquity so bug reporting for subiquity is a consistent experience

jtreg7:

• prepare backport to stable releases.

openjdk:

• bundle googletest and refresh problem lists in preparation for the security release. Update reproducible-properties-timestamp.patch patch. 1 2 3 4
• uploaded openjdk-lts and openjdk-17 to the openjdk-security ppa