Ubuntu
libpam-ldap package

Require libpam-ldap support without python2 installed (python3 only) in 18.04 bionic

Bug #1881763 reported by bugproxy
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Won't Fix
High
Skipper Bug Screeners
libpam-ldap (Ubuntu)
Won't Fix
Undecided
Canonical Server

Bug Description

Secure Service Container (SSC) exploiter zOS Container Extensions (zCX) requires LDAP services from packages ldap-auth-client, libpam-ldap, ldap-auth-config and libnss-ldap.

SSC is no longer allowed to ship/support python2 runtime environment.
Current Ubuntu 18.04 Bionic package
  libpam-ldap 186-4ubuntu1 Depends on
  ldap-auth-config 0.5.3 which then Pre-Depends on
  auth-client-config 0.9ubuntu1 which Depends on
  python (which is python2)

This fails installation in python3 (only) environment.
Need to be able to install libpam-ldap without python2 (as can be done in Ubuntu 20.04)

SSC needs Canonical support to provide required LDAP services without python2, as is does in 20.04

bugproxy (bugproxy)
tags: added: architecture-s39064 bugnameltc-186035 severity-high targetmilestone-inin18044
Changed in ubuntu:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
affects: ubuntu → linux (Ubuntu)
Frank Heimes (fheimes)
affects: linux (Ubuntu) → libpam-ldap (Ubuntu)
Changed in ubuntu-z-systems:
importance: Undecided → High
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
Changed in libpam-ldap (Ubuntu):
assignee: Skipper Bug Screeners (skipper-screen-team) → Canonical Server Team (canonical-server)
Revision history for this message
Steve Langasek (vorlon) wrote :

I'm sorry, but changing the interpreter of a program from python to python3 in a stable release is incompatible with our Stable Release Updates policy. It incurs risk to the stability of the software without conferring benefit to the users.

Requiring python3 instead of python2 is in general something we are supportive of, but please note that in Ubuntu 18.04, python2 was shipped in main and is covered with security support from Canonical for the same duration as all other software in main.

Changed in libpam-ldap (Ubuntu):
status: New → Won't Fix
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

Why do you say that you cannot use python2 on 18.04 LTS?

Canonical and Ubuntu provide security support of python2 in 18.04 for the lifetime of the 18.04 LTS release and its extended support maintenance timeframe.

You should have no concerns in using python2 on 18.04 LTS for SSC. Is this something that needs to be clarified in the regular sync calls?

Also do you still need to use 18.04 LTS, or can you migrate to 20.04 LTS? (I guess it depends on other, external to Ubuntu factors)

Changed in ubuntu-z-systems:
status: New → Won't Fix
summary: - Require libpam-ldap support without python2 installed (python3 only)
+ Require libpam-ldap support without python2 installed (python3 only) in
+ 18.04 bionic
Frank Heimes (fheimes)
tags: added: ssc
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2020-09-14 05:53 EDT-------
IBM Buzgilla status->closed, will not be fixed by Canonical

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.