Foundations Team Updates - Thursday 2024/06/27

Previous status: Foundations Team Updates - Thursday 2024/06/20
Next status: Foundations Team Updates - Thursday 2024/07/04

And a word cloud from the past week’s status post. Not as insightful as I had hoped but now that it’s done, I have no reason to not include it.

Past week's wordcloud

1 Like




  • hiring
  • townhall
1 Like


  • PR # 39 - Document the imagecraft.yaml configuration file
    • Merged.
  • Threat modeling
    • WIP.
    • Had some discussions with other teams also doing Threat Modeling.
    • I am actively trying to borrow some time from some Security Team members to review the current state and make sure I am heading in the right direction.
  • Implement the spec to add needed features to craft-archives to use it in imagecraft
    • PR # 120 - feat: Add needed fields for imagecraft
      • Done and reviewed once. Comments were fixed. Now waiting for another review.


  • Review several contributors PRs
  • PR # 227 - Set gpt partition as bootable if associated to system-boot role
    • Working on a test case
  • Deep dive into partition/volume/disk handling in ubuntu-image to find root causes for at least 3 classes of bugs. Next Pulse I will implement at least several fixes to cover the majority of the known (and newly discovered) bugs on this.


  • Travel preparation
  • TownHall
1 Like


  • Updates to the FIPS patches in the openssl packages and @schopin re-reviewed 3.2.1 and uploaded it, thanks!
    • started looking at the obligatory autopkgtest failures; it’s still unclear how many are flaky tests or testbed failures
  • Work on crypto-config for system-wide configuration of cryptography
    • Updated code against latest specification, fixed several small issues
    • Added temporary code to be able to not be a dependency of the configured packages
    • Started preparing demonstration profiles
      • looked at gnutls’ configuration handling to add drop-ins support
      • looked at nginx’ configuration which prevents disabling TLS versions after they’ve been enabled once
  • Sent python-google-api-core for review in Debian ; if you want it more quickly in Ubuntu, feel free to pick it up!


  • Exactly 0 changes to my better update_excuses.html page but I’m definitely longing for the time it will display updated and past test results! (that’ll be September at the earliest ='( )
  • Some travel planning
1 Like


1 Like


  • working towards enabling bos03-ppc64el - made an MP for flexible network names to enable this datacentre and arch
  • MP for linting all of our jinja templates
  • Fixing an issue with the checksum of the database being served by apache

cd image metrics

  • Merging and deploying a change for the ubuntu studio daily image age - still monitoring it to see if it’s faulty in any way

installer testing

  • end to end testing - having installer tests triggered from the qa team jenkins
  • Completing my suite of tests


  • Creating suite of jenkins jobs for installer testing


  • Helping @vpa1977 out with deploying a juju environment for phoronix testing
1 Like


  • Opened PR: #2015 - Fix for the systemd-networkd-wait-online bug (LP: #2063331)
  • Slowly chipping away at some further improvements we could make to the network handling in Subiquity that I discovered during my investigation of the above.
  • Resuming my investigation into MOK enrollment and how we can use umockdev to develop and test it in QEMU in the absence of affected hardware.
  • Merged PR: #2016 - instructions to test netboot with custom ISOs
  • Subiquity Bug triage and PR review


  • Merged MP:#467744 - add netboot tests to the Desktop ISO tracker
  • Prepared Uploads to SRU the Subiquity Apport hook changes to Noble and Jammy - LP: #2067775


  • Finished travel planning for Ubuntu Summit and Engineering Sprint
  • Completed my first training objective: a beginner course on C. Next up is some more advanced C topics!
  • I broke the archive a bit when uploading my glibc and base-files merges (once I figure out exactly what happened I’ll try to write it up). Those uploads have been kicked out of -proposed to fix the immediate issue, and I’ll need an AA to look into this bug before I can do a new attempt.
  • As a consequence of my archive breaking mistakes, I hacked a bit on ppa-dev-tools to add support for pocket selection.
  • Started working on fixing the apport test suite for non-amd64 architectures (unfinished due to the aforementioned debacle)
  • Piloted some Patches
  • Some travel planning.
1 Like

+1 Maintenance week


  • Engineering sprint travel prep
1 Like


  • canonical/dotnet-source-build
    • unify /debian directories of .NET source packages
      • #2 – Identify commonalities and differences
      • #3 – Create initial Flamenco project structure
      • #4 – Unify build-scripts
      • [WIP] #5 – Test & Validate the generated output of initial version
  • continued to work on flamenco
    • integrated calling dpkg-buildpackage(1) to produce .dsc and .changes files
    • currently working on downloading the latest orig.tar from the Ubuntu/Debian archive if it can not be found in the dist directory
  • created canonical/dotnet repository
  • reviewed canonical/dotnet-content-snaps PR #1 – Add GitHub Actions workflows
  • attended weekly .NET security partners meeting
    • highlighting dotnet/aspnetcore/issues/56472: for .NET 9 minified js files will be in a seperate repo and the Microsoft ASP.NET team continues to work on a fully offline source buildable mechanism that may land for >= .NET 10
      (it’s crazy to me what a huge mess building from source is when npm is involved :/)

Ubuntu Packaging Guide

  • MIR team approached me regarding general MIR & packaging documentation (irc log)
  • reviewed & merged PR #57 – feat(README.rst): add ReadTheDocs link
  • reviewed PRs #56, #59, #60 – fix(README.rst): visually broken link
    • merged #60
  • triaged Issue #58 – docs: PDF documentation broken
  • reviewed PR #55 – Fixed broken link and add ReadTheDocs link in README


  • attended Town Hall Meeting
  • Booking Ubuntu Summit/Engineering Sprint Travel
  • Paperwork
1 Like

Go dev pack

  • Implementing prototype which includes basic tools and vim integrations now.


1 Like



Training day

I used my monthly training day to continue learning Rust. To be more precise: I continued hacking on 3cpio. I’ll release version 0.2.0 soon.

patch pilot

I had one patch pilot shift cleaning up the queue and reviewing patches: Patch Pilot Hand-off 24.10 - #24 by bdrung

1 Like
  • Sprint travel booking
  • Fixing links in the pollinate man-pages (LP: #2070268)
  • Investigated report of ubuntustudio-installer failure on pi (LP: #2070151)
  • Prepared backport of linux-firmware-raspi version 8 for focal, for testing 3B+ rev 1.4 boot (LP: #2067080)
  • … and noticed the package is renamed, which complicates things if/when we need to point-release the image
  • … and then noticed we’ve no raspi seed for focal (the raspi seed was added in groovy)
  • Verified armhf container fix, redundantly (LP: #2062176)
  • Prepped a quick talk on documentation systems for tomorrow
1 Like


  • Update some LXD remotes kernels to the HWE version for bug #2067633
    Worked around that bug definitely in this MP
  • Investigated openstack quota being inconsistent: bug #2067628
    Also opened an MP to help the situation.
  • Rebased local dev MP to try to finally get it merged.
  • Investigated and maybe fixed a channel leak issue. That’s another thing that was causing our RabbitMQ to go down from time to time.

+1 sphinx vs twisted


  • Opened this MP to handle multipart message in import-bug-from-debian. Reviews welcome for this long standing bug!
1 Like

Boot testing

  • Fixed regression on new edk2
  • Added POWER OpenFirmware boot test
  • ubuntu-boot-test 3 waiting for upload

NX support

  • GRUB 2.12-1ubuntu9 has be signed and ready to be released to Oracular
  • shim NX support to be finished after GRUB is out and confirmed working

GRUB Launchpad bug tracker cleanup

  • Down to 260 from 650+ bugs total
  • Remaining bugs require more and more times
  • Made some (failed) attempts at pulling info via API and categorizing bugs automatically


  • Updated python-uefivars was uploaded by enron
  • Wrote internal idea doc on bootloader design
1 Like



  • Sprint travel booking
1 Like
  • Wrote specification
  • Reviewed grub changes
  • Meetings
1 Like


  • All the fixes for the security issues we’ve found and fixed recently landed yesterday
  • All the fixes were merged upstream PR#484
  • My improvements for netplan status --diff were merged upstream PR#466
  • Investigated a report about docker builds that started to fail after the last updates. It’s not really a issue though. LP#2071333
  • Currently updating my pending SRUs and including the security fixes
1 Like
  • proposed-migration: gcc-13 cluster
    • continued work on octave-dicom - I have a concern that the use-after-free seen in octave-dicom testing may be a stdc++ bug. The following test is a more minimal version of the failure:
%! dicominfo(file_in_loadpath("imdata/simpleImageWithIcon.dcm"));
%! dicomdict factory ;
  • if pushed we can disable tests on octave-dicom but octave-tisean probably also needs to be addressed
  • supporting work for 24.04.1
  • greenhouse
  • training
1 Like


  • fixed JDK-8334895 - arm64 ftbfs in -17 and up.
  • raised MR for iso8601 time formatting issue on armhf.
  • updated openjdk-lts and openjdk-17 to early access versions.
  • openjdk-21,-22 are waiting for the ppa build
  • openjdk-23 - reproduced i386 crash and raised JDK-8335238. Will investigate and propose a patch


  • finished first draft of system/ test suite
  • setting up juju environment with @andersson123
1 Like