[Bug 1938043] Re: ubuntu-security-status
Chad Smith
1938043 at bugs.launchpad.net
Fri Sep 3 02:19:10 UTC 2021
Corrected patch to drop unused livepatch_is_enabled.
Ran it through python3 -m flake8 and pyflakes and tested on focal machines which were attached, unattached both with and without the cache file /var/lib/ubuntu-advantage/status.json cache file (which forces a subprocess call to "ua status --format=json"
Below is my manual test run output:
root at dev-f:~# # install hello package which is provided as well from ESM repos
root at dev-f:~# apt install hello=2.10-2ubuntu2
Reading package lists... Done
Building dependency tree
Reading state information... Done
hello is already the newest version (2.10-2ubuntu2).
0 upgraded, 0 newly installed, 0 to remove and 15 not upgraded.
root at dev-f:~# apt policy hello
hello:
Installed: 2.10-2ubuntu2
Candidate: 2.10-2ubuntu2
Version table:
*** 2.10-2ubuntu2 500
500 http://archive.ubuntu.com/ubuntu focal/main amd64 Packages
100 /var/lib/dpkg/status
root at dev-f:~# # unattached machine, no status.json cache
root at dev-f:~# [ -f /var/lib/ubuntu-advantage/status.json ] && echo JSON CACHE PRESENT || echo JSON CACHE ABSENT
JSON CACHE ABSENT
root at dev-f:~# /ubuntu-security-status
589 packages installed, of which:
586 receive package updates with LTS until 4/2025
3 could receive security updates with ESM Apps until 4/2030
Enable Extended Security Maintenance (ESM Apps) to get 1 security
update (so far) and enable coverage of 3 packages.
This machine is not attached to an Ubuntu Advantage subscription.
See https://ubuntu.com/advantage
root at dev-f:~# # JSON CACHE IS PRESENT NOW
root at dev-f:~# [ -f /var/lib/ubuntu-advantage/status.json ] && echo JSON CACHE PRESENT || echo JSON CACHE ABSENT
JSON CACHE PRESENT
root at dev-f:~# /ubuntu-security-status
589 packages installed, of which:
586 receive package updates with LTS until 4/2025
3 could receive security updates with ESM Apps until 4/2030
Enable Extended Security Maintenance (ESM Apps) to get 1 security
update (so far) and enable coverage of 3 packages.
This machine is not attached to an Ubuntu Advantage subscription.
See https://ubuntu.com/advantage
root at dev-f:~# # Now attach the machine to a UA contract
root at dev-f:~# ua attach <REDACTED_TOKEN>
Enabling default service esm-apps
Updating package lists
UA Apps: ESM enabled
Enabling default service esm-infra
Updating package lists
UA Infra: ESM enabled
This machine is now attached to 'UA Infrastructure & Applications - Essential (Virtual)'
SERVICE ENTITLED STATUS DESCRIPTION
cis yes disabled Center for Internet Security Audit Tools
esm-apps yes enabled UA Apps: Extended Security Maintenance (ESM)
esm-infra yes enabled UA Infra: Extended Security Maintenance (ESM)
fips yes disabled NIST-certified core packages
fips-updates yes disabled NIST-certified core packages with priority security updates
livepatch yes n/a Canonical Livepatch service
NOTICES
Operation in progress: ua attach
Enable services with: ua enable <service>
Account: lucas.moura at canonical.com
Subscription: UA Infrastructure & Applications - Essential (Virtual)
Valid until: 2022-02-23 18:11:01+00:00
Technical support level: essential
root at dev-f:~# [ -f /var/lib/ubuntu-advantage/status.json ] && echo JSON CACHE PRESENT || echo JSON CACHE ABSENT
JSON CACHE PRESENT
root at dev-f:~# /ubuntu-security-status
589 packages installed, of which:
586 receive package updates with LTS until 4/2025
3 are receiving security updates with ESM Apps until 4/2030
root at dev-f:~# # remove cached status.json to be sure attached status correct
root at dev-f:~# rm /var/lib/ubuntu-advantage/status.json
root at dev-f:~# [ -f /var/lib/ubuntu-advantage/status.json ] && echo JSON CACHE PRESENT || echo JSON CACHE ABSENT
JSON CACHE ABSENT
root at dev-f:~# /ubuntu-security-status
589 packages installed, of which:
586 receive package updates with LTS until 4/2025
3 are receiving security updates with ESM Apps until 4/2030
** Patch added: "lp-1938043-ua-status-attach-fix.patch"
https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1938043/+attachment/5522622/+files/lp-1938043-ua-status-attach-fix.patch
** Changed in: update-manager (Ubuntu Focal)
Assignee: (unassigned) => Chad Smith (chad.smith)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to update-manager in Ubuntu.
https://bugs.launchpad.net/bugs/1938043
Title:
ubuntu-security-status
Status in update-manager package in Ubuntu:
New
Status in update-manager source package in Focal:
Triaged
Bug description:
In 20.04 ubuntu-security-status incorrect reports the status of
subscription:
```
$ sudo ubuntu-security-status
1594 packages installed, of which:
1588 receive package updates with LTS until 4/2025
6 are receiving security updates with ESM Apps until 4/2030
This machine is not attached to an Ubuntu Advantage subscription.
See https://ubuntu.com/advantage
```
It shows no subscription in the system even though there is. ua status correctly shows the subscription:
```
$ ua status
SERVICE ENTITLED STATUS DESCRIPTION
cis yes disabled Center for Internet Security Audit Tools
esm-apps yes enabled UA Apps: Extended Security Maintenance (ESM)
esm-infra yes enabled UA Infra: Extended Security Maintenance (ESM)
fips yes disabled NIST-certified core packages
fips-updates yes disabled NIST-certified core packages with priority security updates
livepatch yes disabled Canonical Livepatch service
Enable services with: ua enable <service>
Account: Canonical - staff
Subscription: UA Applications - Essential (Virtual)
Valid until: 3999-12-31 00:00:00
Technical support level: essential
```
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/update-manager/+bug/1938043/+subscriptions
More information about the foundations-bugs
mailing list