[Bug 1645906] [NEW] new dist-upgrader tarballs necessary so they are signed with 4k key
Brian Murray
brian at ubuntu.com
Tue Nov 29 23:17:27 UTC 2016
Public bug reported:
With the ubuntu-archive-publishing change in
https://code.launchpad.net/~xnox/ubuntu-archive-publishing/migrate-dist-
upgrade-to-4k/+merge/311181 the signing process for the dist-upgrader
tarball has been changed. This change should be tested now, rather than
doing an ubuntu-release-upgrader change months from now and wondering
why things aren't working (if they are broken).
Due to the way the gpg signature is generated we can't just remove it
and have it regenerated as the timestamp for the signature will not
change, so the change will not propogate to the mirrors. Hence the need
for a mostly no change (mirrors and demotions may change) upload of
ubuntu-release-upgrader.
Test Case
---------
1) run do-release-upgrade -p --frontend DistUpgradeViewText
2) ensure the tarball for the next release e.g. xenial.tar.gz is downloaded and the signature verification passes
Regression Potential
--------------------
It's possible the signing is wrong and the verification of the signature will fail thereby causing release upgrades to be impossible.
** Affects: ubuntu-release-upgrader (Ubuntu)
Importance: Undecided
Status: New
** Affects: ubuntu-release-upgrader (Ubuntu Precise)
Importance: Undecided
Status: New
** Affects: ubuntu-release-upgrader (Ubuntu Trusty)
Importance: Undecided
Status: New
** Affects: ubuntu-release-upgrader (Ubuntu Xenial)
Importance: Undecided
Status: New
** Affects: ubuntu-release-upgrader (Ubuntu Yakkety)
Importance: Undecided
Assignee: Brian Murray (brian-murray)
Status: In Progress
** Also affects: ubuntu-release-upgrader (Ubuntu Yakkety)
Importance: Undecided
Status: New
** Also affects: ubuntu-release-upgrader (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also affects: ubuntu-release-upgrader (Ubuntu Precise)
Importance: Undecided
Status: New
** Also affects: ubuntu-release-upgrader (Ubuntu Xenial)
Importance: Undecided
Status: New
** Changed in: ubuntu-release-upgrader (Ubuntu Yakkety)
Status: New => In Progress
** Changed in: ubuntu-release-upgrader (Ubuntu Yakkety)
Assignee: (unassigned) => Brian Murray (brian-murray)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-release-upgrader in
Ubuntu.
https://bugs.launchpad.net/bugs/1645906
Title:
new dist-upgrader tarballs necessary so they are signed with 4k key
Status in ubuntu-release-upgrader package in Ubuntu:
New
Status in ubuntu-release-upgrader source package in Precise:
New
Status in ubuntu-release-upgrader source package in Trusty:
New
Status in ubuntu-release-upgrader source package in Xenial:
New
Status in ubuntu-release-upgrader source package in Yakkety:
In Progress
Bug description:
With the ubuntu-archive-publishing change in
https://code.launchpad.net/~xnox/ubuntu-archive-publishing/migrate-
dist-upgrade-to-4k/+merge/311181 the signing process for the dist-
upgrader tarball has been changed. This change should be tested now,
rather than doing an ubuntu-release-upgrader change months from now
and wondering why things aren't working (if they are broken).
Due to the way the gpg signature is generated we can't just remove it
and have it regenerated as the timestamp for the signature will not
change, so the change will not propogate to the mirrors. Hence the
need for a mostly no change (mirrors and demotions may change) upload
of ubuntu-release-upgrader.
Test Case
---------
1) run do-release-upgrade -p --frontend DistUpgradeViewText
2) ensure the tarball for the next release e.g. xenial.tar.gz is downloaded and the signature verification passes
Regression Potential
--------------------
It's possible the signing is wrong and the verification of the signature will fail thereby causing release upgrades to be impossible.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1645906/+subscriptions
More information about the foundations-bugs
mailing list