Landscape Client

landscape-client reports "warning" for livepatch service incorrectly

Bug #2070829 reported by Adam Vest on 2024-06-26

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	Landscape Client	New	Undecided	Unassigned

Bug Description

Hello!

This is applicable to the last landscape-client package available for Bionic (as of this day, anyway) - "23.08+git6296-0ubuntu0". On a system that is attached to a Pro token and has livepatch enabled, landscape-client is unable to properly query the status of this service. As a normal user:
---
ubuntu@host:~$ pro status
SERVICE ENTITLED STATUS DESCRIPTION
cc-eal yes disabled Common Criteria EAL2 Provisioning Packages
cis yes disabled Security compliance and audit tools
esm-apps yes enabled Expanded Security Maintenance for Applications
esm-infra yes enabled Expanded Security Maintenance for Infrastructure
fips yes disabled NIST-certified FIPS crypto packages
fips-updates yes disabled FIPS compliant crypto packages with stable security updates
livepatch yes enabled Canonical Livepatch service
ros yes disabled Security Updates for the Robot Operating System
ros-updates yes disabled All Updates for the Robot Operating System
---

As the landscape user:
---
root@hyperv-PXE1:~# su - landscape -s /bin/bash -c "pro status"
SERVICE ENTITLED STATUS DESCRIPTION
cc-eal yes disabled Common Criteria EAL2 Provisioning Packages
cis yes disabled Security compliance and audit tools
esm-apps yes enabled Expanded Security Maintenance for Applications
esm-infra yes enabled Expanded Security Maintenance for Infrastructure
fips yes disabled NIST-certified FIPS crypto packages
fips-updates yes disabled FIPS compliant crypto packages with stable security updates
livepatch yes warning Canonical Livepatch service
ros yes disabled Security Updates for the Robot Operating System
ros-updates yes disabled All Updates for the Robot Operating System

NOTICES
Error running canonical-livepatch status:
Sorry, home directories outside of /home needs configuration.
See https://forum.snapcraft.io/t/11209 for details.
---

This has reportedly been fixed in newer landscape-client versions, so this bug report is being opened to explore pulling that fix back for Bionic as well. Thank you!

Revision history for this message

David Pitsford (dpitsford) wrote on 2024-07-09:

I am seeing this same issue but on our Landscape SaaS server.
landscape.canonical.com/account/account-name/computer/xxxxxxxxx/ubuntu_pro_info

pro status from the standalone Ubuntu 22.04 server shows livepatch with the status of enabled.

BUT
Ubuntu Pro page on the SaaS server shows livepatch with the status of warning.

anbox-cloud yes disabled Scalable Android in the cloud
esm-apps yes enabled Expanded Security Maintenance for Applications
esm-infra yes enabled Expanded Security Maintenance for Infrastructure
fips-preview yes disabled Preview of FIPS crypto packages undergoing certification with NIST
fips-updates yes disabled FIPS compliant crypto packages with stable security updates
livepatch yes warning Canonical Livepatch service
realtime-kernel yes disabled Ubuntu kernel with PREEMPT_RT patches integrated
usg yes disabled Security compliance and audit tools

Revision history for this message

Adam Vest (foxmulder2004) wrote on 2024-07-10:

As a bit more info that I maybe should have included in the initial report, here is the pull request that reportedly fixes this bug in Focal+:

* https://github.com/canonical/landscape-client/pull/215

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.