** Description changed: == Begin SRU Template == [Impact] This release sports both bug-fixes and new features and we would like to make sure all of our supported customers have access to these - improvements. The notable ones are: - - * <TODO: Create list with LP: # included> + improvements. The notable ones for are: + + * Xenial and Bionic: New Python-based client to automatically setup + livepatch, fips, esm-infra, esm-apps using a single UA contract token + from https://ubuntu.com/advantage. This is a backward incompatiple + transition from the previous shell-based ubuntu-advantage commands to + the new python-based "ua" command. + + For all Ubuntu releases: + * APT command and MOTD messaging hooks about available esm-infra and esm-apps package upgrades and ESM-infra availability on Ubuntu releases entering Extended Security Maintenance (Xenial) + * FIPS and FIPS-updates support + * New ua fix subcommand to allow fixing individual CVE or USN security issues. + * new 'ua help' command to give information about + * notices section in `ua status` about outstanding configuration changes needed to finish intiial setup of Ubuntu Advantage services + See the changelog entry below for a full list of changes and bugs. [Test Case] The following development and SRU process was followed: https://wiki.ubuntu.com/UbuntuAdvantageToolsUpdate The ubuntu-advantage-tools team will be in charge of attaching the artifacts and console output of the appropriate run to the bug. ubuntu-advantage-tools team members will not mark ‘verification-done’ until this has happened. * Automated Test Results <TODO> Attach or link the following automated integration test runs for ubuntu-advantage-tools on each affected LTS release: - lxd.container platform - lxd.kvm platform - AWS Ubuntu PRO - AWS Ubuntu cloud-images (non-Pro) - Azure Ubuntu PRO - Azure Ubuntu cloud-images (non-Pro) - GCP Ubuntu PRO - GCP Ubuntu cloud-images (non-Pro) </TODO> * Manual Test Results If trusty targeted: - <TODO: attach manual livepatch enablement on HWE kernels for trusty> + <TODO: attach manual livepatch enablement on HWE kernels for trusty> For all SRUs: <TODO: attach manual upgrade path test from previous LTS to current -proposed release> - [Regression Potential] In order to mitigate the regression potential, the results of the aforementioned integration tests are attached to this bug. [Discussion] <TODO: other background> == End SRU Template == - <TODO: Paste in change log entry> + Changelog for release delta: + ubuntu-advantage-tools (27.0~16.04.1) xenial; urgency=medium + + * New upstream release 27.0: (LP: #1926361) + - apt-hook: mitigate failures with true + - messages: add optional (s) to apt messaging to include + singular/plural pkgs + - apt-hook: avoid reporting and counting duplicate package + names (GH: #1578) + - fix: don't say reboot required when unnecessary (LP: #1926183) + - test: uncomment additional xenial upgrade tests + + -- Lucas Moura <lucas.mo...@canonical.com> Tue, 27 Apr 2021 15:31:06 + -0300 + + ubuntu-advantage-tools (27.0~21.04.1~beta3) hirsute; urgency=medium + + * New upstream beta3 release: + - config: avoid tracebacks on invalid features value in uaclient.conf + (GH: #1564) + - apt-hook: new json hook for security update counts + - Remove redundant messaging from uaclient + + -- Chad Smith <chad.sm...@canonical.com> Fri, 23 Apr 2021 15:28:44 + -0600 + + ubuntu-advantage-tools (27.0~21.04.1~beta2) hirsute; urgency=medium + + * d/control: + - add distro-info dependency + - add new debianutils dependency + - add optional dh-systemd | debhelper (>= 13.3) to fallback on hirsute + and later when dh-systemd is not present + * d/rules: enable and start ua-messaging.timer on package install + * d/postinst: + - configure esm on any LTS release avoid beta services + - configure esm-infra when is_active_esm and apps on LTS + - xenial enable unauthenticated apt source for apps/infra + * New upstream release 27.0~beta: + - apt-hook: + + adapt hook to process separate message templates + + esm-apps and esm-infra pkg counts not mutually-exclusive + + print static messages on apt upgrade/dist-upgrade (GH: #1546) + - config: create settings_overrides on config (GH: #1507) + - docs: add entry for uploading new version to ppa + - esm: + + add pin never when disabling esm-infra/apps on xenial + + enable infra when EOL LTS and apps on all LTS (GH: #1558) + - fips: add notice when installing over old fips + - fix: + + add links to ubuntu.com/gcp/aws in messaging when on non-PRO + + add notice to reboot operation on ua fix + + do not prompt user for beta services (GH: #1544) + + notify users if reboot is required (GH: #1476) + + update how the expired token logic works + + wrap output greater than 80 chars (GH: #1487) + - lib: fix notice handling on reboot script + - messages + + provide static message files for use in APT and MOTD + + update_ua_messages on attach/detach/disable + - mypy: add lib/ dir for coverage + - status: do not remove notices on non-root call (GH: #1518) + - subp: separate % format strings when logging (GH: #1520) + - systemd: add ua-messaging.timer to update ua MOTD and APT msgs + - update-motd.d: add conditional hooks for motd to source ua messages + - util: add is_lts and is_active_esm funtions to support ESM + - test + + add integration tests asserting esm-apps setup due to postinst + + manual test script for xenial upgrade + + trusty and xenial infra and apps disabled in pkg install + - behave: use unaltered cloud images unsetting UACLIENT_BEHAVE_PPA + - jenkins: make lint and style stage run sequentially + + -- Lucas Moura <lucas.mo...@canonical.com> Thu, 22 Apr 2021 14:16:26 + -0300 + + ubuntu-advantage-tools (27.0~21.04.1~beta) hirsute; urgency=medium + + * d/*: prefix all the debhelper conf files with the package name + * d/control: + - add Rules-Requires-Root: no + - bump Standards-Version to 4.5.1 + - make ubuntu-advantage-pro Architecture: all + * d/lintian-overrides: + - override maintainer-script-calls-service + - package-supports-alternative-init-but-no-init.d-script + * d/postinst: move the u-a-pro note to a config script + * d/ubuntu-advantage-tools.templates: suggest the use of apt + * New upstream release 27.0~beta: + - apt: add retry for apt-helper command (GH: #1431) + - cli: drop subcommand repeated help output, fix enable & refresh + (GH: #1440) + - config: + + allow parsing yaml delivered from env values + + environment variable support for feature overrides (GH: #1395) + + create config to add extra params to security url + - docs: + + add ppas and fix typos + + use Ubuntu Pro not Ubuntu PRO + + add stop "." punctuation to messages (GH: #1320) + - fips: fix FIPS message when disable operation fails + - fix: + + add basic UASecurityClient to which queries CVE and USNs + + add security_url to config + + check if service is enabled during ua fix (GH: #1462) + + closer representation of cve and usn responses + + filter usns by cve details (GH: #1470) + + fix regex to be more permissive and strict + + get_cve_affected_source_packages_status won't list not-affected + (GH: #1467) + + handle other package status when running ua fix (GH: #1435) + + improve error message for ua fix (GH: #1420) + + install pkg fixes when they are on standard pocket (GH: #1401) + + move timeout and retries to security client only + + only prompt for subscription attach for UA-related pkg updates + + parse all related USNS to a given CVE when fixing + + parse full API responses for related CVEs and USNs + + prefer USN.release_packages binary pkg versions to CVE src ver + (GH: #1436) + + prompt for new ua token when expired one is used (GH: #1475) + + prompt to emit pro suggestion on pro_clouds if unattached (GH: #1386) + + prompt to enable service during ua fix (GH: #1455) + + provide related CVE URLs instead of USNs (GH: #1456) + + raise errors when source_link is null or unexpected format + + show packages that were not fixed in the output + + update output for released packages in ua fix (GH: #1438) + + update message for invalid issue in ua fix (GH: #1433) + + use pocket values from USNs (GH: #1439) + - logs: emit error response on API errors and redact sensitive logs + (GH: #1424) + - serviceclient: add 10 second timeout and two retries to API calls + (GH: #1374) + - util: + + add error prompts on invalid selection + + add timeout to readurl + - tests: + + Add disable_auto_attach config to all test PRO vms + + add merge_usn_released_binary_package_versions tests + + add unittest coverage for override_usn_release_package_status + + drop traceback checks on fips integration tests + + refactor integration tests for ua fix cmd + + run status wait before detach in PRO tests + + use ssh to run commands on lxd containers + - jenkins: archiveArtifacts can only reference paths within workspace + + -- Lucas Moura <lucas.mo...@canonical.com> Tue, 30 Mar 2021 14:16:03 + -0300 + + ubuntu-advantage-tools (26.3~21.04.1) hirsute; urgency=medium + + * d/control: add new debianutils dependency + * New upstream release 26.3 + - util: improve is_container check for chroot + - cli: pass assume_yes param to services on detach (GH: #1530) + + -- Grant Orndorff <grant.orndo...@canonical.com> Tue, 06 Apr 2021 + 14:26:20 -0300 + + ubuntu-advantage-tools (26.2) hirsute; urgency=medium + + * Drop dh-systemd build dependency. + + -- Matthias Klose <d...@ubuntu.com> Wed, 10 Mar 2021 16:54:12 +0100 + + ubuntu-advantage-tools (26.2~21.04.1) hirsute; urgency=medium + + * status: show beta services in status if enabled (GH: #1410) + + -- Lucas Moura <lucas.mo...@canonical.com> Tue, 02 Mar 2021 10:11:53 + -0300 + + ubuntu-advantage-tools (26.1~21.04.1) hirsute; urgency=medium + + * New upstream release 26.1 + - contract: block detach call to contract if machine-id change + - docs: add readme docs about mastering clean golden images + - fips: add reboot notices for fips operations (GH: #1368) + - livepatch: add retry when running canonical-livepatch status + (GH: #1360) + - util: use lru_cache to avoid re-reading os-release and machine-id + (GH: #1329) + - tests: + + add disable_auto_attach config to all test PRO vms + + add more log artifacts during failed integration test + + check cloudinit status after launching image + + mock leaking livepatch.application_status for fips test + + retry package installs on apt exit 100 + - jenkins: parameterize build stages to avoid parallel job collision + + -- Lucas Moura <lucas.mo...@canonical.com> Fri, 19 Feb 2021 10:30:22 + -0300 + + ubuntu-advantage-tools (26.0.1~21.04.1) hirsute; urgency=medium + + * auto-attach: fix comparing numeric iid + + -- Lucas Moura <lucas.mo...@canonical.com> Fri, 05 Feb 2021 14:10:09 + -0300 + + ubuntu-advantage-tools (26.0~21.04.1) hirsute; urgency=medium + + * New upstream release 26.0: + - auto-attach: systemd unit to run before ua-reboot-cmds.service + - config: remove_notice should remove notices.json when empty + - fips: + + add notice if running a deactivated FIPS kernel (GH: #1348) + + block enabling FIPS on clouds using Xenial + + block enabling fips on GCP instances + + check /proc/sys/crypto/fips_enable to see if fips is enabled + + override fips metapackage when on bionic cloud + + update metapackage override logic on fips + - notices: clear lock file and notice when encountering any exception + (GH: #1326) + - reboot_cmds: retry on lock held errors due to pro auto-attach + - services: allow uaclient to disable services during enable + - status: include beta services in json formatted output with --all + (GH: #1341) + - tests: + + add FIPS tests to AWS and Azure bionic images + + add GCP pro test for focal machine + + add after_step collection of artifacts on failure + + remove proc file check after disabling fips + + pro: block auto-attach with cloud-config bootcmd + + add validation of systemd unit ua-reboot-cmds.service + + test enabling fips-updates when fips is enabled + - jenkins: + - add deb build stage to assert package builds + - use series-specific sbuild --build-dir avoid races + - use --append-to-version for each sbuild run to avoid races + - presume success when no integration artifacts created + + -- Lucas Moura <lucas.mo...@canonical.com> Thu, 04 Feb 2021 16:34:56 + -0300 + + ubuntu-advantage-tools (26.0~21.04.1~beta) hirsute; urgency=medium + + * d/rules: + - add --with systemd to allow reboot init script + - do not remove lib/systemd/system folder + * d/postinst: + - create marker file when reboot script need to run: + - enable livepatch across trusty to xenial upgrade + - update fips on existing fips pro machines + * New upstream release 26.0~beta: + - gcp: add Google Cloud Platform support (GH #1269) + - fips: + + remove is_beta from fips sevices + + fips pro: add upgrade support to require reboot to unmark held fips pkgs + + update origin UbuntuFIPSUpdates + - status: + + add notice to tabular output + + held locks emit notice about Operation in progress + - cli: help sort output so trusty ordering matches xenial++ + - cis: rename service from cis-audit + - config: provide config notices and add_notice and remove_notice methods + - contract: add resource-machine-access route and datapath + - init: add init script to run commands on reboot + - keys: add ubuntu-advantage-cis keyring + - livepatch: make livepatch react to enableByDefault delta + - log: log when we install pkgs because of contract delta + - make: drop six testdeps target + - pro: do not install pro debs on non-pro instances + - services: Update beta info for services (GH #1220) + - tools: add tox-lxd-runner, that execute the test command in a shell + - tools: refresh-keyrings handles cis keys. drop series-specific keys + - tests: + + add GCE support for integration tests + + add cis integration tests for unattached and pro + + add pytest constraint for mypy tests + + add unittests for reboot_cmds script + + fix esm package messages for new update notifier version + + pin importlib-metadata for mypy tests + + repo tests for request_resource_machine_access + + unit tests for config cache clearing and machine-access data + - jenkins: + + add basic Jenkinsfile for CI runs per PR + + add jenkins parseable test results + + add lxc cleanup stage on Jenkinsfile + + -- Lucas Moura <lucas.mo...@canonical.com> Thu, 14 Jan 2021 10:08:20 + -0300 + + ubuntu-advantage-tools (25.0~20.10.1) groovy; urgency=medium + + * Release version 25.0 + + -- Chad Smith <chad.sm...@canonical.com> Fri, 04 Dec 2020 13:32:16 + -0700 + + ubuntu-advantage-tools (25.0~20.10.1beta3) groovy; urgency=medium + + * New upstream release 25.0~beta3: + - upgrade-lts-conract: noop during do-release-upgrade on unattached + (GH: #1255) + - ua-auto-attach: order systemd unit before cloud-config.service + - Update FIPSUpdates pin origin + - fips: unmark held fips packages for ubuntu pro fips image support + (GH: #1109) + - repo: handle changes to additionalPackages contract deltas + - repo: move package installation to install_packages method + - pro: trigger auto-attach as soon as instance-data.json is available + (GH: #1234) + - Conditionally install packages when enabling FIPS + - fips: allow disable (GH: #1168) + - cli: add trailing newline to argparse errors (GH: #1236) + - Install fips metapacking when enabling service + - integration test improvements: + + upgrade-test: fix upgrade path restart failures on trusty (GH: #1257) + + Fix integration test setup scripts (GH: #1253) + + strict checking for command success on behave + + Update tests to use new pycloudlib LXD abstraction + + Add upgrade scenario tests when FIPS is enabled + + Improve FIPS tests for checking packages + + Update esm-infra xenial lxd test + + Fix vm tests as esm-apps is beta service + + Fix azure generic integration testing + + Update esm-apps check on staging_commands tests + + Install pycloudlib for azure jobs only + + Fix shell condition in run_azure_travis_integration_tests.sh + + Update azure jobs on travis + + Update travis url in README + + Update travis scripts to use ppa only on master + + Fix cron event type check on travis yaml + + -- Chad Smith <chad.sm...@canonical.com> Wed, 02 Dec 2020 13:43:16 + -0700 + + ubuntu-advantage-tools (25.0~20.10.1~beta2) groovy; urgency=medium + + * New upstream release 25.0~beta2: + - help: update esm-infra help text (GH: #1212) + - apt-hook: update apt cli messaging for UA Infra: ESM and UA Apps: ESM + product names + - help: update fips help docs (GH: #1213) + - help: revert CIS help doc URL (GH: #1211) + - help: add new fips help URLs to CLI help docs (GH: #1210) + - Show error when enabling service with invalid repo [Lucas Moura] + (GH: #954) + - Update beta info for services (#1220) [Lucas Moura] (GH: #1216) + - Do not enable fips when fips-updates is active [Lucas Moura] (GH: #1209) + - Add vm test commands in tox.ini (#1204) [Lucas Moura] + + -- Chad Smith <chad.sm...@canonical.com> Mon, 26 Oct 2020 20:01:21 + -0600 + + ubuntu-advantage-tools (25.0~20.10.1~beta1) groovy; urgency=medium + + * Beta bug fix release + - status: fix missing description_override key after upgrade from + trusty (GH: #1201) + - During contract delta processing use _check_application_status_on_cache + instead of live service status + + -- Chad Smith <chad.sm...@canonical.com> Sat, 10 Oct 2020 21:47:21 + -0600 + + ubuntu-advantage-tools (25.0~20.10.1~beta) groovy; urgency=medium + + * d/control: + - add po-debconf dependency and fix lintian not-using-po-debconf and + untranslatable-debconf-templates + - add ${misc:Depends} dep to ubuntu-advantage-pro to fix lintian + debhelper-but-no-misc-depends (GH: #1024) + * d/rules: + - drop --with systemd fix build-depends-on-obsolete-package + - set fix lintian warning extra:Depends even if empty + * d/postrm + - Add more gpg keys to be deleted in postrm for Xenial+ support + * d/postinst: + - do not unconfigure non-trusty esm. no series in apt filenames (GH: #1170) + - check if esm is already enabled (GH: #1095) + * New upstream release 25.0: + - Do not uninstall additionalPackages or livepatch when disabling services + - check for issubclass on clean_apt_files + - Add do-release-upgrade support for esm-infra and apps suites (GH: #1169) + - Apply contract deltas during do-release-upgrade operations + - cli: add ua help command + - cli: status add blocking --wait param and lock files for config change + - Fix livepatch behaviour on aws pro focal machine + - travis: drop inapplicable workspaces from specific awsgeneric release + jobs + - Add possible reboot text after enabling/disabling services + - apt-hook: package apt-hook and apt configuration files on all releases + (GH: #1150) + - Fix enable fail bug + - Add uaclient.conf override mechanism for auto-attach, beta services and + machine-token + - Support ESM Apps [Brian Murray] (GH: #930) + - Do not enable services if blocking services is active (GH: #1029) + - contract: handle 401 on invalid token, 403 on expired (GH: #1335) + - Hide beta services from default status output and enable/disable + operations (GH: #1079) (GH: #1091) + - fips: force apt noninteractive prompts during package installs + (GH: #1084) + - tests: add unit tests for aws-gov/aws-china cloud detection + - Add AWS China and GovCloud partitions [Robert Jennings] + - Disable beta services to be show/enabled without flag + - Add missing build_pr command to environment + - Use additionalPackages from service payload + - Add integration testing for Travis runs [patriciadomin] (GH: #856) + (GH: #857) (GH: #853) + + -- Chad Smith <chad.sm...@canonical.com> Mon, 28 Sep 2020 21:11:54 + -0600 + + ubuntu-advantage-tools (24.4) groovy; urgency=medium + + * New bug-fix-only release 24.4: + - uaclient.version bump to 24.4 + - fips: honor additionalPackage directive from contract for bionic + (GH #1173) + + -- Chad Smith <chad.sm...@canonical.com> Tue, 01 Sep 2020 11:14:39 + -0600 + + ubuntu-advantage-tools (24.3) groovy; urgency=medium + + * New bug-fix-only release 24.3: + - uaclient.version bump to 24.3 + - fips: add conditional reboot message only if /var/run/reboot-required is + present + - fips: add apt repo key for FIPS and FIPS updates (GH #1026) + + -- Chad Smith <chad.sm...@canonical.com> Thu, 20 Aug 2020 14:50:17 + -0600 + + ubuntu-advantage-tools (24.2) groovy; urgency=medium + + * New bug-fix-only release 24.2: + - uaclient.version bump to 24.2 + - pro: Add AWS China and GovCloud partitions support (GH #1077) + + -- Chad Smith <chad.sm...@canonical.com> Wed, 03 Jun 2020 16:12:41 + -0600 + + ubuntu-advantage-tools (24.1) groovy; urgency=medium + + * New bug-fix-only release 24.1: + - livepatch: run snap wait system snap.seeded before trying to install + (GH: #1049) + - version: return debian/changelog version when git describe fails to + match upstream <major>.<minor> tags for git-ubuntu workflow + (GH: #1058) + + -- Chad Smith <chad.sm...@canonical.com> Mon, 18 May 2020 15:07:17 + -0600 + + ubuntu-advantage-tools (24.0) groovy; urgency=medium + + * bump version to 24.0 for new versioninig scheme + + -- Chad Smith <chad.sm...@canonical.com> Mon, 18 May 2020 15:04:33 + -0600 + + ubuntu-advantage-tools (20.3) focal; urgency=medium + + * New upstream release 20.3: + - ubuntu-pro: automatically reattach across instance id delta + (LP: #1867573) + - integration testing: + + add behave tests ua subcommands for attached vm + + add invalid token tests + + add reuse_container test docs + + refactor token parameter + + -- Chad Smith <chad.sm...@canonical.com> Mon, 30 Mar 2020 14:49:17 + -0600 + + ubuntu-advantage-tools (20.2) focal; urgency=medium + + * d/templates: add a debconf note on upgrade from pre-ubuntu pro package + * d/control: create a separate ubuntu-advantage-pro package which + delivers the tooling and scripts necessary to auto-attach pro machines + This change breaks/replaces ubuntu-advantage-tools <= 20.1 + * d/maintscript: rm_conffile /etc/init/ua-auto-attach.conf from ua-tools pkg + * d/postint: remove stale systemd symlinks which have migrated to ubuntu-pro + * d/rules: only install the apt hook on trusty + * d/rules: provide --no-start to debhelper to avoid auto-attach on pkg install + * Release 20.2: + - ubuntu-pro: + + azure: fix detection of DatasourceAzureNet as azure on trusty + + generalize identity_doc to return dict instead of string + + auto-attach: any 4XX errors during auto-attach are the result of non-Pro + + auto-attach: handle 403 errors raised by contract server for invalid vms + - attach: persist any status config changes after attach failures + - output: add messaging using a different subscription if attached + + -- Chad Smith <chad.sm...@canonical.com> Thu, 20 Feb 2020 11:13:15 + -0700 + + ubuntu-advantage-tools (20.1) xenial; urgency=medium + + * Release 20.1: + - azure-pro, support for azure ubuntu pro auto-attach: + + add azure auto-attach instance as valid cloud_instance_factory + + add azure cloud instance module and tests + + generalize request_aws_contract_token for multiple cloud_types + + contract: request_auto_attach_contract_token takes an instance param + - constraints: add constraint on pyyaml version in trusty + - auto-attach: move duplicate invalid cloud_type check out of cli + + -- Chad Smith <chad.sm...@canonical.com> Mon, 13 Jan 2020 15:09:18 + -0700 + + ubuntu-advantage-tools (19.7) xenial; urgency=medium + + * d/postinst: only configure ESM on supported architectures (LP: #1851858) + [Andreas Hasenack] + * d/postinst: rename existing ubuntu-esm-precise.list file to trusty. + This fixes the upgrade path from precise to trusty and to this client + while esm is enabled (LP: #1850672) + * Release 19.7: + - aws: handle missing SYS_HYPERVISOR_PRODUCT_UUID + - aws-pro: support for aws ubuntu pro auto-attach + - pro: add cloud identity module and fix unit tests + - pro: update systemd service and upstart boot scripts to auto-attach + - pro: esm do not do apt pin never on disable on xenial or bionic + - pro: esm-apps has origin UbuntuESMApps and esm-infra is UbuntuESM + - status: dynamic status available now from refreshed machine-token + - uaclient: update customer visible messages after UX review + - esm-apps: allow unattended security upgrades for esm-apps + - systemd: needs WantedBy=multi-user.target to get pulled into boot + - cli: update docstring to describe errors raised from auto-attach + - keyrings: update ubuntu-advantage-esm-apps.gpg with correct key + - repo: match strict repo url in apt-policy to avoid esm substring matches + - esm: don't disable_apt_auth_only for ESM entitlements + - initial implementation of esm-apps + - repo: don't raise exception in application_status if aptURL missing + - entitlements: rely solely on contract server for repo_url + - cli: exit 0 if already attached + - cli: use decorators for action_attach and action_attach_premium + - cli: add assert_not_attached decorator + - status: custom descriptions for n/a service status + + -- Chad Smith <chad.sm...@canonical.com> Fri, 29 Nov 2019 11:09:18 + -0700 + + ubuntu-advantage-tools (19.6) focal; urgency=medium + + * New upstream release. Main changes: + - drop SSO interactive login support + - d/control: no longer depend on pymacaroons, which was only needed for + the SSO interactive login support + - drop keyrings for services not supported in trusty: cc-eal, fips, + fips-updates, cis audit + - make sure /var/lib/ubuntu-advantage/private has 0700 perms + - rename esm to esm-infra. Also handle upgrades + - don't unecessarily remove config files that are already handled by dpkg + - expand the apt related runtime dependencies + - handle sources.list.d esm snippet when release upgrading from precise + - ua status now reports availability of services even in unattached state + - the "ua status" output was changed, including the json format option + - drop "ua status" call in postinst as it now requires internet access and + that is restricted in LP builders and test runners. + - fix the d/t/usage DEP8 test that was also using status + + -- Andreas Hasenack <andr...@canonical.com> Thu, 04 Jul 2019 14:12:58 + -0300 + + ubuntu-advantage-tools (19.5.1) eoan; urgency=medium + + * d/t/usage: fix dep8 test ("entitlements" was renamed to "services") + + -- Andreas Hasenack <andr...@canonical.com> Wed, 03 Jul 2019 21:55:25 + -0300 + + ubuntu-advantage-tools (19.5) eoan; urgency=medium + + * New upstream release (LP: #1832757): + - packaging: + + d/control: depend on libapt-pkg<ABI_VERSION> to use pin-priority never + + d/postinst: adjust logfile permissions + + d/postinst: remove public files and generate status cache on upgrade + + d/postinst: Remove the old CACHE_DIR in postinst + + d/postrm: remove log files on package purge + + d/postrm: remove the ESM pinning file on purge + + trusty should remove v1 esm key if present after upgrade + + keyrings: regenerate keyrings on a trusty host + + refresh keyrings to match current production for fips and cc-eal + - apt: + + all repo entitlements now call apt-get update on enable + + enable -updates if -updates from the Ubuntu archive is enabled + + Add basic i18n (good enough for lang packs) + + retry apt install and update commands 3 times simple backoff + + write commented -updates lines instead of omitting them + - attach/detach: + + added --no-auto-enable option + + suppress messages from inapplicable default entitlements + + two-factor auth reprompt only two-factor auth on failed 2fa + + honour enableByDefault obligations from contract server + + livepatch: no auto-enable on attach for trusty + + don't attempt to disable inapplicable entitlements during detach + + check for root before checking for attach in assert_attached_root + - status: + + add --json cli formatting option + + emit a SERVICE header in status output + + redact technical support and expiry for free contracts + + unentitled services will report n/a + - cc-eal: + + add a warning about download size before install + + change cc to cc-eal in docs, parameters and commandline help + - esm: + + add esm-v2 gpg keyring, drop old keyring, ignore aptKey directive + + and livepatch auto enabled on attach where supported + + on upgrade do not install preferences to pin never if esm enabled + + remove only the apt auth entry on disable, leaving sources.list + + use Pin-Priority never apt preference file to disable esm initially + - fips: + + display as pending when linux-fips is not the running kernel + + only install/upgrade optional packages that are already on the system + - logs: + + no longer redact secrets as logfile is root read-only + + separate console log devel from logfile level + + remove level from messages to the console + - add subcommand to refresh all contract details + - config: allow contract_url and sso_auth_url to have a trailing slash + - docker: fix persisting generated uuid on images without machine-id files + - environ: allow lowercase ua_<config_option> overrides + - repo: un-comment ESM sources.list lines on repo disable + - updated manpage and help docs + + -- Andreas Hasenack <andr...@canonical.com> Wed, 03 Jul 2019 15:55:11 + -0300
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1926361 Title: sru ubuntu-advantage-tools (10ubuntu0.16.04.1 -> 27.0) Xenial, Bionic, Focal, Hirsute To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1926361/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
