2018-07-10 15:27:48 |
rew |
bug |
|
|
added bug |
2018-07-10 15:27:48 |
rew |
attachment added |
|
This causes the proper behaviour for me, probably a bit noisy for others in other situations. At least a workaround. https://bugs.launchpad.net/bugs/1781001/+attachment/5161978/+files/dkms.patch |
|
2018-07-10 16:08:25 |
rew |
affects |
dpkg (Ubuntu) |
dkms (Ubuntu) |
|
2018-07-10 16:11:00 |
rew |
description |
In my case I installed tp_smapi, but on the internet I've found others that have installed other modules.
When configuring the tp-smapi-dkms package it says it will uninstall the module first and the it reports: Building initial module for 4.15.0-23-generic
After that it hangs, or so it seems. It turns out that somewhere in there a script is being called with output redirected to /dev/null. But under certain circumstances, in my case "the computer is configured for secure boot", whiptail is being called asking for a password.
Whiptail outputs curses codes to write stuff to the screen but that is redirected to /dev/null. It then waits for input from the user. I've debugged this to the point that it is saying this:
whiptail --backtitle Package configuration --title Configuring Secure Boot --output-fd 12 --nocancel --msgbox Your system has UEFI Secure Boot enabled. UEFI Secure Boot requires additional configuration to work with third-party drivers. The system will assist you in configuring UEFI Secure Boot. To permit the use of third-party drivers, a new Machine-Owner Key (MOK) has been generated. This key now needs to be enrolled in your system's firmware. To ensure that this change is being made by you as an authorized user, and not by an attacker, you must choose a password now and then confirm the change after reboot using the same password, in both the "Enroll MOK" and "Change Secure Boot state" menus that will be presented to you when this system reboots. If you proceed but do not confirm the password upon reboot, Ubuntu will still be able to boot on your system but any hardware that requires third-party drivers to work correctly may not be usable. --scrolltext 20 77
but, as I said the output is redirected to /dev/null.
The call-tree is as follows:
-dpkg(18879)---tp-smapi-dkms.p(18880)---common.postinst(18881)---dkms(19146)---dkms(19161)---frontend(20224)-+-update-securebo(20238)
| | `-whiptail(20253)
(with the update-secureboot and whiptail both being children from "frontend". ).
The tp-smapi-dkms.postinst program is still being called with stdout connected to my controlling terminal. The common.postinst has stdout connected ot /dev/null, so I'd first look in /var/lib/dpkg/info/tp-smapi-dkms.postinst....
I have looked there, and I don't see a reason why it would redirect the output of a subprocess to /dev/null. (the word does not occur in the short script.)
Alternatively I'd think that maybe the subprocess /usr/lib/dkms/common.postinst would redirect its own stdout to /dev/null.
On the other hand.... I found
dkms build -m $NAME -v $VERSION -k $KERNEL $ARCH > /dev/null
which explains the dkms subprocess running with output redirected to devnull, but not why the common.postinst runs with output redirected to devnull.
Anyway. DKMS kernel module install postponed, apt inoperable until I can physically access the machine....
Should have been automatically added, but here goes:
1:
Description: Ubuntu 18.04 LTS
Release: 18.04
2: dkms: 2.3-3ubuntu9.1
3: People (not just me) expect a simple apt-get install <a module> to not hang wihtout explaining why.
4: it hung without any explanation.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: dpkg 1.19.0.5ubuntu2
ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
Date: Tue Jul 10 16:54:20 2018
ExecutablePath: /usr/bin/dpkg
InstallationDate: Installed on 2018-06-28 (11 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
SourcePackage: dpkg
UpgradeStatus: No upgrade log present (probably fresh install) |
(while gathering info for this bugreport, my knowledge about this issue has been growing. So the top part was written with not everything known yet)
In my case I installed tp_smapi, but on the internet I've found others that have installed other modules.
When configuring the tp-smapi-dkms package it says it will uninstall the module first and the it reports: Building initial module for 4.15.0-23-generic
After that it hangs, or so it seems. It turns out that somewhere in there a script is being called with output redirected to /dev/null. But under certain circumstances, in my case "the computer is configured for secure boot", whiptail is being called asking for a password.
Whiptail outputs curses codes to write stuff to the screen but that is redirected to /dev/null. It then waits for input from the user. I've debugged this to the point that it is saying this:
whiptail --backtitle Package configuration --title Configuring Secure Boot --output-fd 12 --nocancel --msgbox Your system has UEFI Secure Boot enabled. UEFI Secure Boot requires additional configuration to work with third-party drivers. The system will assist you in configuring UEFI Secure Boot. To permit the use of third-party drivers, a new Machine-Owner Key (MOK) has been generated. This key now needs to be enrolled in your system's firmware. To ensure that this change is being made by you as an authorized user, and not by an attacker, you must choose a password now and then confirm the change after reboot using the same password, in both the "Enroll MOK" and "Change Secure Boot state" menus that will be presented to you when this system reboots. If you proceed but do not confirm the password upon reboot, Ubuntu will still be able to boot on your system but any hardware that requires third-party drivers to work correctly may not be usable. --scrolltext 20 77
but, as I said the output is redirected to /dev/null.
The call-tree is as follows:
-dpkg(18879)---tp-smapi-dkms.p(18880)---common.postinst(18881)---dkms(19146)---dkms(19161)---frontend(20224)-+-update-securebo(20238)
| | `-whiptail(20253)
(with the update-secureboot and whiptail both being children from "frontend". ).
The tp-smapi-dkms.postinst program is still being called with stdout connected to my controlling terminal. The common.postinst has stdout connected ot /dev/null, so I'd first look in /var/lib/dpkg/info/tp-smapi-dkms.postinst....
I have looked there, and I don't see a reason why it would redirect the output of a subprocess to /dev/null. (the word does not occur in the short script.)
Alternatively I'd think that maybe the subprocess /usr/lib/dkms/common.postinst would redirect its own stdout to /dev/null.
On the other hand.... I found
dkms build -m $NAME -v $VERSION -k $KERNEL $ARCH > /dev/null
which explains the dkms subprocess running with output redirected to devnull, but not why the common.postinst runs with output redirected to devnull.
Anyway. DKMS kernel module install postponed, apt inoperable until I can physically access the machine....
Should have been automatically added, but here goes:
1:
Description: Ubuntu 18.04 LTS
Release: 18.04
2: dkms: 2.3-3ubuntu9.1
3: People (not just me) expect a simple apt-get install <a module> to not hang wihtout explaining why.
4: it hung without any explanation.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: dpkg 1.19.0.5ubuntu2
ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
Date: Tue Jul 10 16:54:20 2018
ExecutablePath: /usr/bin/dpkg
InstallationDate: Installed on 2018-06-28 (11 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
SourcePackage: dpkg
UpgradeStatus: No upgrade log present (probably fresh install) |
|
2018-07-10 16:23:29 |
Ubuntu Foundations Team Bug Bot |
tags |
amd64 apport-bug bionic |
amd64 apport-bug bionic patch |
|
2018-07-10 16:23:39 |
Ubuntu Foundations Team Bug Bot |
bug |
|
|
added subscriber Ubuntu Review Team |
2018-07-18 13:44:18 |
Steve Langasek |
dkms (Ubuntu): status |
New |
Fix Committed |
|
2018-07-18 13:44:24 |
Steve Langasek |
dkms (Ubuntu): importance |
Undecided |
High |
|
2018-07-18 13:45:07 |
Mathieu Trudel-Lapierre |
description |
(while gathering info for this bugreport, my knowledge about this issue has been growing. So the top part was written with not everything known yet)
In my case I installed tp_smapi, but on the internet I've found others that have installed other modules.
When configuring the tp-smapi-dkms package it says it will uninstall the module first and the it reports: Building initial module for 4.15.0-23-generic
After that it hangs, or so it seems. It turns out that somewhere in there a script is being called with output redirected to /dev/null. But under certain circumstances, in my case "the computer is configured for secure boot", whiptail is being called asking for a password.
Whiptail outputs curses codes to write stuff to the screen but that is redirected to /dev/null. It then waits for input from the user. I've debugged this to the point that it is saying this:
whiptail --backtitle Package configuration --title Configuring Secure Boot --output-fd 12 --nocancel --msgbox Your system has UEFI Secure Boot enabled. UEFI Secure Boot requires additional configuration to work with third-party drivers. The system will assist you in configuring UEFI Secure Boot. To permit the use of third-party drivers, a new Machine-Owner Key (MOK) has been generated. This key now needs to be enrolled in your system's firmware. To ensure that this change is being made by you as an authorized user, and not by an attacker, you must choose a password now and then confirm the change after reboot using the same password, in both the "Enroll MOK" and "Change Secure Boot state" menus that will be presented to you when this system reboots. If you proceed but do not confirm the password upon reboot, Ubuntu will still be able to boot on your system but any hardware that requires third-party drivers to work correctly may not be usable. --scrolltext 20 77
but, as I said the output is redirected to /dev/null.
The call-tree is as follows:
-dpkg(18879)---tp-smapi-dkms.p(18880)---common.postinst(18881)---dkms(19146)---dkms(19161)---frontend(20224)-+-update-securebo(20238)
| | `-whiptail(20253)
(with the update-secureboot and whiptail both being children from "frontend". ).
The tp-smapi-dkms.postinst program is still being called with stdout connected to my controlling terminal. The common.postinst has stdout connected ot /dev/null, so I'd first look in /var/lib/dpkg/info/tp-smapi-dkms.postinst....
I have looked there, and I don't see a reason why it would redirect the output of a subprocess to /dev/null. (the word does not occur in the short script.)
Alternatively I'd think that maybe the subprocess /usr/lib/dkms/common.postinst would redirect its own stdout to /dev/null.
On the other hand.... I found
dkms build -m $NAME -v $VERSION -k $KERNEL $ARCH > /dev/null
which explains the dkms subprocess running with output redirected to devnull, but not why the common.postinst runs with output redirected to devnull.
Anyway. DKMS kernel module install postponed, apt inoperable until I can physically access the machine....
Should have been automatically added, but here goes:
1:
Description: Ubuntu 18.04 LTS
Release: 18.04
2: dkms: 2.3-3ubuntu9.1
3: People (not just me) expect a simple apt-get install <a module> to not hang wihtout explaining why.
4: it hung without any explanation.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: dpkg 1.19.0.5ubuntu2
ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
Date: Tue Jul 10 16:54:20 2018
ExecutablePath: /usr/bin/dpkg
InstallationDate: Installed on 2018-06-28 (11 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
SourcePackage: dpkg
UpgradeStatus: No upgrade log present (probably fresh install) |
[Impact]
All users of third-party modules on Ubuntu.
[Test cases]
1) Install Ubuntu on an UEFI system
2) Clear any files in /var/lib/shim-signed/mok: "sudo rm -rf /var/lib/shim-signed/mok/*"
3) Install virtualbox-dkms: "sudo apt install virtualbox-dkms"
4) Verify that you are prompted for a password to enroll a new MOK, and that you are asked that password at reboot.
Without the patch, no prompt will appear at install of virtualbox-dkms.
[Regression Potential]
----
(while gathering info for this bugreport, my knowledge about this issue has been growing. So the top part was written with not everything known yet)
In my case I installed tp_smapi, but on the internet I've found others that have installed other modules.
When configuring the tp-smapi-dkms package it says it will uninstall the module first and the it reports: Building initial module for 4.15.0-23-generic
After that it hangs, or so it seems. It turns out that somewhere in there a script is being called with output redirected to /dev/null. But under certain circumstances, in my case "the computer is configured for secure boot", whiptail is being called asking for a password.
Whiptail outputs curses codes to write stuff to the screen but that is redirected to /dev/null. It then waits for input from the user. I've debugged this to the point that it is saying this:
whiptail --backtitle Package configuration --title Configuring Secure Boot --output-fd 12 --nocancel --msgbox Your system has UEFI Secure Boot enabled. UEFI Secure Boot requires additional configuration to work with third-party drivers. The system will assist you in configuring UEFI Secure Boot. To permit the use of third-party drivers, a new Machine-Owner Key (MOK) has been generated. This key now needs to be enrolled in your system's firmware. To ensure that this change is being made by you as an authorized user, and not by an attacker, you must choose a password now and then confirm the change after reboot using the same password, in both the "Enroll MOK" and "Change Secure Boot state" menus that will be presented to you when this system reboots. If you proceed but do not confirm the password upon reboot, Ubuntu will still be able to boot on your system but any hardware that requires third-party drivers to work correctly may not be usable. --scrolltext 20 77
but, as I said the output is redirected to /dev/null.
The call-tree is as follows:
-dpkg(18879)---tp-smapi-dkms.p(18880)---common.postinst(18881)---dkms(19146)---dkms(19161)---frontend(20224)-+-update-securebo(20238)
| | `-whiptail(20253)
(with the update-secureboot and whiptail both being children from "frontend". ).
The tp-smapi-dkms.postinst program is still being called with stdout connected to my controlling terminal. The common.postinst has stdout connected ot /dev/null, so I'd first look in /var/lib/dpkg/info/tp-smapi-dkms.postinst....
I have looked there, and I don't see a reason why it would redirect the output of a subprocess to /dev/null. (the word does not occur in the short script.)
Alternatively I'd think that maybe the subprocess /usr/lib/dkms/common.postinst would redirect its own stdout to /dev/null.
On the other hand.... I found
dkms build -m $NAME -v $VERSION -k $KERNEL $ARCH > /dev/null
which explains the dkms subprocess running with output redirected to devnull, but not why the common.postinst runs with output redirected to devnull.
Anyway. DKMS kernel module install postponed, apt inoperable until I can physically access the machine....
Should have been automatically added, but here goes:
1:
Description: Ubuntu 18.04 LTS
Release: 18.04
2: dkms: 2.3-3ubuntu9.1
3: People (not just me) expect a simple apt-get install <a module> to not hang wihtout explaining why.
4: it hung without any explanation.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: dpkg 1.19.0.5ubuntu2
ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
Date: Tue Jul 10 16:54:20 2018
ExecutablePath: /usr/bin/dpkg
InstallationDate: Installed on 2018-06-28 (11 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
SourcePackage: dpkg
UpgradeStatus: No upgrade log present (probably fresh install) |
|
2018-07-18 13:49:12 |
Mathieu Trudel-Lapierre |
description |
[Impact]
All users of third-party modules on Ubuntu.
[Test cases]
1) Install Ubuntu on an UEFI system
2) Clear any files in /var/lib/shim-signed/mok: "sudo rm -rf /var/lib/shim-signed/mok/*"
3) Install virtualbox-dkms: "sudo apt install virtualbox-dkms"
4) Verify that you are prompted for a password to enroll a new MOK, and that you are asked that password at reboot.
Without the patch, no prompt will appear at install of virtualbox-dkms.
[Regression Potential]
----
(while gathering info for this bugreport, my knowledge about this issue has been growing. So the top part was written with not everything known yet)
In my case I installed tp_smapi, but on the internet I've found others that have installed other modules.
When configuring the tp-smapi-dkms package it says it will uninstall the module first and the it reports: Building initial module for 4.15.0-23-generic
After that it hangs, or so it seems. It turns out that somewhere in there a script is being called with output redirected to /dev/null. But under certain circumstances, in my case "the computer is configured for secure boot", whiptail is being called asking for a password.
Whiptail outputs curses codes to write stuff to the screen but that is redirected to /dev/null. It then waits for input from the user. I've debugged this to the point that it is saying this:
whiptail --backtitle Package configuration --title Configuring Secure Boot --output-fd 12 --nocancel --msgbox Your system has UEFI Secure Boot enabled. UEFI Secure Boot requires additional configuration to work with third-party drivers. The system will assist you in configuring UEFI Secure Boot. To permit the use of third-party drivers, a new Machine-Owner Key (MOK) has been generated. This key now needs to be enrolled in your system's firmware. To ensure that this change is being made by you as an authorized user, and not by an attacker, you must choose a password now and then confirm the change after reboot using the same password, in both the "Enroll MOK" and "Change Secure Boot state" menus that will be presented to you when this system reboots. If you proceed but do not confirm the password upon reboot, Ubuntu will still be able to boot on your system but any hardware that requires third-party drivers to work correctly may not be usable. --scrolltext 20 77
but, as I said the output is redirected to /dev/null.
The call-tree is as follows:
-dpkg(18879)---tp-smapi-dkms.p(18880)---common.postinst(18881)---dkms(19146)---dkms(19161)---frontend(20224)-+-update-securebo(20238)
| | `-whiptail(20253)
(with the update-secureboot and whiptail both being children from "frontend". ).
The tp-smapi-dkms.postinst program is still being called with stdout connected to my controlling terminal. The common.postinst has stdout connected ot /dev/null, so I'd first look in /var/lib/dpkg/info/tp-smapi-dkms.postinst....
I have looked there, and I don't see a reason why it would redirect the output of a subprocess to /dev/null. (the word does not occur in the short script.)
Alternatively I'd think that maybe the subprocess /usr/lib/dkms/common.postinst would redirect its own stdout to /dev/null.
On the other hand.... I found
dkms build -m $NAME -v $VERSION -k $KERNEL $ARCH > /dev/null
which explains the dkms subprocess running with output redirected to devnull, but not why the common.postinst runs with output redirected to devnull.
Anyway. DKMS kernel module install postponed, apt inoperable until I can physically access the machine....
Should have been automatically added, but here goes:
1:
Description: Ubuntu 18.04 LTS
Release: 18.04
2: dkms: 2.3-3ubuntu9.1
3: People (not just me) expect a simple apt-get install <a module> to not hang wihtout explaining why.
4: it hung without any explanation.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: dpkg 1.19.0.5ubuntu2
ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
Date: Tue Jul 10 16:54:20 2018
ExecutablePath: /usr/bin/dpkg
InstallationDate: Installed on 2018-06-28 (11 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
SourcePackage: dpkg
UpgradeStatus: No upgrade log present (probably fresh install) |
[Impact]
All users of third-party modules on Ubuntu.
[Test cases]
1) Install Ubuntu on an UEFI system
2) Clear any files in /var/lib/shim-signed/mok: "sudo rm -rf /var/lib/shim-signed/mok/*"
3) Install virtualbox-dkms: "sudo apt install virtualbox-dkms"
4) Verify that you are prompted for a password to enroll a new MOK, and that you are asked that password at reboot.
Without the patch, no prompt will appear at install of virtualbox-dkms.
[Regression Potential]
Shuffling of file descriptors as required by this change may impact dkms builds if these builds do special steps requiring different file descriptors. Any failure to install a -dkms package should be investigated as a potential regression coming from this SRU.
----
(while gathering info for this bugreport, my knowledge about this issue has been growing. So the top part was written with not everything known yet)
In my case I installed tp_smapi, but on the internet I've found others that have installed other modules.
When configuring the tp-smapi-dkms package it says it will uninstall the module first and the it reports: Building initial module for 4.15.0-23-generic
After that it hangs, or so it seems. It turns out that somewhere in there a script is being called with output redirected to /dev/null. But under certain circumstances, in my case "the computer is configured for secure boot", whiptail is being called asking for a password.
Whiptail outputs curses codes to write stuff to the screen but that is redirected to /dev/null. It then waits for input from the user. I've debugged this to the point that it is saying this:
whiptail --backtitle Package configuration --title Configuring Secure Boot --output-fd 12 --nocancel --msgbox Your system has UEFI Secure Boot enabled. UEFI Secure Boot requires additional configuration to work with third-party drivers. The system will assist you in configuring UEFI Secure Boot. To permit the use of third-party drivers, a new Machine-Owner Key (MOK) has been generated. This key now needs to be enrolled in your system's firmware. To ensure that this change is being made by you as an authorized user, and not by an attacker, you must choose a password now and then confirm the change after reboot using the same password, in both the "Enroll MOK" and "Change Secure Boot state" menus that will be presented to you when this system reboots. If you proceed but do not confirm the password upon reboot, Ubuntu will still be able to boot on your system but any hardware that requires third-party drivers to work correctly may not be usable. --scrolltext 20 77
but, as I said the output is redirected to /dev/null.
The call-tree is as follows:
-dpkg(18879)---tp-smapi-dkms.p(18880)---common.postinst(18881)---dkms(19146)---dkms(19161)---frontend(20224)-+-update-securebo(20238)
| | `-whiptail(20253)
(with the update-secureboot and whiptail both being children from "frontend". ).
The tp-smapi-dkms.postinst program is still being called with stdout connected to my controlling terminal. The common.postinst has stdout connected ot /dev/null, so I'd first look in /var/lib/dpkg/info/tp-smapi-dkms.postinst....
I have looked there, and I don't see a reason why it would redirect the output of a subprocess to /dev/null. (the word does not occur in the short script.)
Alternatively I'd think that maybe the subprocess /usr/lib/dkms/common.postinst would redirect its own stdout to /dev/null.
On the other hand.... I found
dkms build -m $NAME -v $VERSION -k $KERNEL $ARCH > /dev/null
which explains the dkms subprocess running with output redirected to devnull, but not why the common.postinst runs with output redirected to devnull.
Anyway. DKMS kernel module install postponed, apt inoperable until I can physically access the machine....
Should have been automatically added, but here goes:
1:
Description: Ubuntu 18.04 LTS
Release: 18.04
2: dkms: 2.3-3ubuntu9.1
3: People (not just me) expect a simple apt-get install <a module> to not hang wihtout explaining why.
4: it hung without any explanation.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: dpkg 1.19.0.5ubuntu2
ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
Date: Tue Jul 10 16:54:20 2018
ExecutablePath: /usr/bin/dpkg
InstallationDate: Installed on 2018-06-28 (11 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
SourcePackage: dpkg
UpgradeStatus: No upgrade log present (probably fresh install) |
|
2018-07-18 13:50:55 |
Steve Langasek |
description |
[Impact]
All users of third-party modules on Ubuntu.
[Test cases]
1) Install Ubuntu on an UEFI system
2) Clear any files in /var/lib/shim-signed/mok: "sudo rm -rf /var/lib/shim-signed/mok/*"
3) Install virtualbox-dkms: "sudo apt install virtualbox-dkms"
4) Verify that you are prompted for a password to enroll a new MOK, and that you are asked that password at reboot.
Without the patch, no prompt will appear at install of virtualbox-dkms.
[Regression Potential]
Shuffling of file descriptors as required by this change may impact dkms builds if these builds do special steps requiring different file descriptors. Any failure to install a -dkms package should be investigated as a potential regression coming from this SRU.
----
(while gathering info for this bugreport, my knowledge about this issue has been growing. So the top part was written with not everything known yet)
In my case I installed tp_smapi, but on the internet I've found others that have installed other modules.
When configuring the tp-smapi-dkms package it says it will uninstall the module first and the it reports: Building initial module for 4.15.0-23-generic
After that it hangs, or so it seems. It turns out that somewhere in there a script is being called with output redirected to /dev/null. But under certain circumstances, in my case "the computer is configured for secure boot", whiptail is being called asking for a password.
Whiptail outputs curses codes to write stuff to the screen but that is redirected to /dev/null. It then waits for input from the user. I've debugged this to the point that it is saying this:
whiptail --backtitle Package configuration --title Configuring Secure Boot --output-fd 12 --nocancel --msgbox Your system has UEFI Secure Boot enabled. UEFI Secure Boot requires additional configuration to work with third-party drivers. The system will assist you in configuring UEFI Secure Boot. To permit the use of third-party drivers, a new Machine-Owner Key (MOK) has been generated. This key now needs to be enrolled in your system's firmware. To ensure that this change is being made by you as an authorized user, and not by an attacker, you must choose a password now and then confirm the change after reboot using the same password, in both the "Enroll MOK" and "Change Secure Boot state" menus that will be presented to you when this system reboots. If you proceed but do not confirm the password upon reboot, Ubuntu will still be able to boot on your system but any hardware that requires third-party drivers to work correctly may not be usable. --scrolltext 20 77
but, as I said the output is redirected to /dev/null.
The call-tree is as follows:
-dpkg(18879)---tp-smapi-dkms.p(18880)---common.postinst(18881)---dkms(19146)---dkms(19161)---frontend(20224)-+-update-securebo(20238)
| | `-whiptail(20253)
(with the update-secureboot and whiptail both being children from "frontend". ).
The tp-smapi-dkms.postinst program is still being called with stdout connected to my controlling terminal. The common.postinst has stdout connected ot /dev/null, so I'd first look in /var/lib/dpkg/info/tp-smapi-dkms.postinst....
I have looked there, and I don't see a reason why it would redirect the output of a subprocess to /dev/null. (the word does not occur in the short script.)
Alternatively I'd think that maybe the subprocess /usr/lib/dkms/common.postinst would redirect its own stdout to /dev/null.
On the other hand.... I found
dkms build -m $NAME -v $VERSION -k $KERNEL $ARCH > /dev/null
which explains the dkms subprocess running with output redirected to devnull, but not why the common.postinst runs with output redirected to devnull.
Anyway. DKMS kernel module install postponed, apt inoperable until I can physically access the machine....
Should have been automatically added, but here goes:
1:
Description: Ubuntu 18.04 LTS
Release: 18.04
2: dkms: 2.3-3ubuntu9.1
3: People (not just me) expect a simple apt-get install <a module> to not hang wihtout explaining why.
4: it hung without any explanation.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: dpkg 1.19.0.5ubuntu2
ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
Date: Tue Jul 10 16:54:20 2018
ExecutablePath: /usr/bin/dpkg
InstallationDate: Installed on 2018-06-28 (11 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
SourcePackage: dpkg
UpgradeStatus: No upgrade log present (probably fresh install) |
[Impact]
All users of third-party modules on Ubuntu when running under SecureBoot experience a package manager hang trying to initially configure the dkms package.
[Test cases]
1) Install Ubuntu on an UEFI system
2) Clear any files in /var/lib/shim-signed/mok: "sudo rm -rf /var/lib/shim-signed/mok/*"
3) Install virtualbox-dkms: "sudo apt install virtualbox-dkms"
4) Verify that you are prompted for a password to enroll a new MOK, and that you are asked that password at reboot.
Without the patch, no prompt will appear at install of virtualbox-dkms.
[Regression Potential]
Shuffling of file descriptors as required by this change may impact dkms builds if these builds do special steps requiring different file descriptors. Any failure to install a -dkms package should be investigated as a potential regression coming from this SRU.
----
(while gathering info for this bugreport, my knowledge about this issue has been growing. So the top part was written with not everything known yet)
In my case I installed tp_smapi, but on the internet I've found others that have installed other modules.
When configuring the tp-smapi-dkms package it says it will uninstall the module first and the it reports: Building initial module for 4.15.0-23-generic
After that it hangs, or so it seems. It turns out that somewhere in there a script is being called with output redirected to /dev/null. But under certain circumstances, in my case "the computer is configured for secure boot", whiptail is being called asking for a password.
Whiptail outputs curses codes to write stuff to the screen but that is redirected to /dev/null. It then waits for input from the user. I've debugged this to the point that it is saying this:
whiptail --backtitle Package configuration --title Configuring Secure Boot --output-fd 12 --nocancel --msgbox Your system has UEFI Secure Boot enabled. UEFI Secure Boot requires additional configuration to work with third-party drivers. The system will assist you in configuring UEFI Secure Boot. To permit the use of third-party drivers, a new Machine-Owner Key (MOK) has been generated. This key now needs to be enrolled in your system's firmware. To ensure that this change is being made by you as an authorized user, and not by an attacker, you must choose a password now and then confirm the change after reboot using the same password, in both the "Enroll MOK" and "Change Secure Boot state" menus that will be presented to you when this system reboots. If you proceed but do not confirm the password upon reboot, Ubuntu will still be able to boot on your system but any hardware that requires third-party drivers to work correctly may not be usable. --scrolltext 20 77
but, as I said the output is redirected to /dev/null.
The call-tree is as follows:
-dpkg(18879)---tp-smapi-dkms.p(18880)---common.postinst(18881)---dkms(19146)---dkms(19161)---frontend(20224)-+-update-securebo(20238)
| | `-whiptail(20253)
(with the update-secureboot and whiptail both being children from "frontend". ).
The tp-smapi-dkms.postinst program is still being called with stdout connected to my controlling terminal. The common.postinst has stdout connected ot /dev/null, so I'd first look in /var/lib/dpkg/info/tp-smapi-dkms.postinst....
I have looked there, and I don't see a reason why it would redirect the output of a subprocess to /dev/null. (the word does not occur in the short script.)
Alternatively I'd think that maybe the subprocess /usr/lib/dkms/common.postinst would redirect its own stdout to /dev/null.
On the other hand.... I found
dkms build -m $NAME -v $VERSION -k $KERNEL $ARCH > /dev/null
which explains the dkms subprocess running with output redirected to devnull, but not why the common.postinst runs with output redirected to devnull.
Anyway. DKMS kernel module install postponed, apt inoperable until I can physically access the machine....
Should have been automatically added, but here goes:
1:
Description: Ubuntu 18.04 LTS
Release: 18.04
2: dkms: 2.3-3ubuntu9.1
3: People (not just me) expect a simple apt-get install <a module> to not hang wihtout explaining why.
4: it hung without any explanation.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: dpkg 1.19.0.5ubuntu2
ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
Date: Tue Jul 10 16:54:20 2018
ExecutablePath: /usr/bin/dpkg
InstallationDate: Installed on 2018-06-28 (11 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
SourcePackage: dpkg
UpgradeStatus: No upgrade log present (probably fresh install) |
|
2018-07-18 13:51:04 |
Steve Langasek |
description |
[Impact]
All users of third-party modules on Ubuntu when running under SecureBoot experience a package manager hang trying to initially configure the dkms package.
[Test cases]
1) Install Ubuntu on an UEFI system
2) Clear any files in /var/lib/shim-signed/mok: "sudo rm -rf /var/lib/shim-signed/mok/*"
3) Install virtualbox-dkms: "sudo apt install virtualbox-dkms"
4) Verify that you are prompted for a password to enroll a new MOK, and that you are asked that password at reboot.
Without the patch, no prompt will appear at install of virtualbox-dkms.
[Regression Potential]
Shuffling of file descriptors as required by this change may impact dkms builds if these builds do special steps requiring different file descriptors. Any failure to install a -dkms package should be investigated as a potential regression coming from this SRU.
----
(while gathering info for this bugreport, my knowledge about this issue has been growing. So the top part was written with not everything known yet)
In my case I installed tp_smapi, but on the internet I've found others that have installed other modules.
When configuring the tp-smapi-dkms package it says it will uninstall the module first and the it reports: Building initial module for 4.15.0-23-generic
After that it hangs, or so it seems. It turns out that somewhere in there a script is being called with output redirected to /dev/null. But under certain circumstances, in my case "the computer is configured for secure boot", whiptail is being called asking for a password.
Whiptail outputs curses codes to write stuff to the screen but that is redirected to /dev/null. It then waits for input from the user. I've debugged this to the point that it is saying this:
whiptail --backtitle Package configuration --title Configuring Secure Boot --output-fd 12 --nocancel --msgbox Your system has UEFI Secure Boot enabled. UEFI Secure Boot requires additional configuration to work with third-party drivers. The system will assist you in configuring UEFI Secure Boot. To permit the use of third-party drivers, a new Machine-Owner Key (MOK) has been generated. This key now needs to be enrolled in your system's firmware. To ensure that this change is being made by you as an authorized user, and not by an attacker, you must choose a password now and then confirm the change after reboot using the same password, in both the "Enroll MOK" and "Change Secure Boot state" menus that will be presented to you when this system reboots. If you proceed but do not confirm the password upon reboot, Ubuntu will still be able to boot on your system but any hardware that requires third-party drivers to work correctly may not be usable. --scrolltext 20 77
but, as I said the output is redirected to /dev/null.
The call-tree is as follows:
-dpkg(18879)---tp-smapi-dkms.p(18880)---common.postinst(18881)---dkms(19146)---dkms(19161)---frontend(20224)-+-update-securebo(20238)
| | `-whiptail(20253)
(with the update-secureboot and whiptail both being children from "frontend". ).
The tp-smapi-dkms.postinst program is still being called with stdout connected to my controlling terminal. The common.postinst has stdout connected ot /dev/null, so I'd first look in /var/lib/dpkg/info/tp-smapi-dkms.postinst....
I have looked there, and I don't see a reason why it would redirect the output of a subprocess to /dev/null. (the word does not occur in the short script.)
Alternatively I'd think that maybe the subprocess /usr/lib/dkms/common.postinst would redirect its own stdout to /dev/null.
On the other hand.... I found
dkms build -m $NAME -v $VERSION -k $KERNEL $ARCH > /dev/null
which explains the dkms subprocess running with output redirected to devnull, but not why the common.postinst runs with output redirected to devnull.
Anyway. DKMS kernel module install postponed, apt inoperable until I can physically access the machine....
Should have been automatically added, but here goes:
1:
Description: Ubuntu 18.04 LTS
Release: 18.04
2: dkms: 2.3-3ubuntu9.1
3: People (not just me) expect a simple apt-get install <a module> to not hang wihtout explaining why.
4: it hung without any explanation.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: dpkg 1.19.0.5ubuntu2
ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
Date: Tue Jul 10 16:54:20 2018
ExecutablePath: /usr/bin/dpkg
InstallationDate: Installed on 2018-06-28 (11 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
SourcePackage: dpkg
UpgradeStatus: No upgrade log present (probably fresh install) |
[Impact]
All users of third-party modules on Ubuntu when running under SecureBoot experience a package manager hang trying to initially configure the dkms package from the commandline.
[Test cases]
1) Install Ubuntu on an UEFI system
2) Clear any files in /var/lib/shim-signed/mok: "sudo rm -rf /var/lib/shim-signed/mok/*"
3) Install virtualbox-dkms: "sudo apt install virtualbox-dkms"
4) Verify that you are prompted for a password to enroll a new MOK, and that you are asked that password at reboot.
Without the patch, no prompt will appear at install of virtualbox-dkms.
[Regression Potential]
Shuffling of file descriptors as required by this change may impact dkms builds if these builds do special steps requiring different file descriptors. Any failure to install a -dkms package should be investigated as a potential regression coming from this SRU.
----
(while gathering info for this bugreport, my knowledge about this issue has been growing. So the top part was written with not everything known yet)
In my case I installed tp_smapi, but on the internet I've found others that have installed other modules.
When configuring the tp-smapi-dkms package it says it will uninstall the module first and the it reports: Building initial module for 4.15.0-23-generic
After that it hangs, or so it seems. It turns out that somewhere in there a script is being called with output redirected to /dev/null. But under certain circumstances, in my case "the computer is configured for secure boot", whiptail is being called asking for a password.
Whiptail outputs curses codes to write stuff to the screen but that is redirected to /dev/null. It then waits for input from the user. I've debugged this to the point that it is saying this:
whiptail --backtitle Package configuration --title Configuring Secure Boot --output-fd 12 --nocancel --msgbox Your system has UEFI Secure Boot enabled. UEFI Secure Boot requires additional configuration to work with third-party drivers. The system will assist you in configuring UEFI Secure Boot. To permit the use of third-party drivers, a new Machine-Owner Key (MOK) has been generated. This key now needs to be enrolled in your system's firmware. To ensure that this change is being made by you as an authorized user, and not by an attacker, you must choose a password now and then confirm the change after reboot using the same password, in both the "Enroll MOK" and "Change Secure Boot state" menus that will be presented to you when this system reboots. If you proceed but do not confirm the password upon reboot, Ubuntu will still be able to boot on your system but any hardware that requires third-party drivers to work correctly may not be usable. --scrolltext 20 77
but, as I said the output is redirected to /dev/null.
The call-tree is as follows:
-dpkg(18879)---tp-smapi-dkms.p(18880)---common.postinst(18881)---dkms(19146)---dkms(19161)---frontend(20224)-+-update-securebo(20238)
| | `-whiptail(20253)
(with the update-secureboot and whiptail both being children from "frontend". ).
The tp-smapi-dkms.postinst program is still being called with stdout connected to my controlling terminal. The common.postinst has stdout connected ot /dev/null, so I'd first look in /var/lib/dpkg/info/tp-smapi-dkms.postinst....
I have looked there, and I don't see a reason why it would redirect the output of a subprocess to /dev/null. (the word does not occur in the short script.)
Alternatively I'd think that maybe the subprocess /usr/lib/dkms/common.postinst would redirect its own stdout to /dev/null.
On the other hand.... I found
dkms build -m $NAME -v $VERSION -k $KERNEL $ARCH > /dev/null
which explains the dkms subprocess running with output redirected to devnull, but not why the common.postinst runs with output redirected to devnull.
Anyway. DKMS kernel module install postponed, apt inoperable until I can physically access the machine....
Should have been automatically added, but here goes:
1:
Description: Ubuntu 18.04 LTS
Release: 18.04
2: dkms: 2.3-3ubuntu9.1
3: People (not just me) expect a simple apt-get install <a module> to not hang wihtout explaining why.
4: it hung without any explanation.
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: dpkg 1.19.0.5ubuntu2
ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.2
Architecture: amd64
Date: Tue Jul 10 16:54:20 2018
ExecutablePath: /usr/bin/dpkg
InstallationDate: Installed on 2018-06-28 (11 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
SourcePackage: dpkg
UpgradeStatus: No upgrade log present (probably fresh install) |
|
2018-07-18 14:11:14 |
Steve Langasek |
dkms (Ubuntu Bionic): status |
New |
Fix Committed |
|
2018-07-18 14:11:15 |
Steve Langasek |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2018-07-18 14:11:17 |
Steve Langasek |
bug |
|
|
added subscriber SRU Verification |
2018-07-18 14:11:22 |
Steve Langasek |
tags |
amd64 apport-bug bionic patch |
amd64 apport-bug bionic patch verification-needed verification-needed-bionic |
|
2018-07-18 14:11:23 |
Steve Langasek |
dkms (Ubuntu Bionic): milestone |
|
ubuntu-18.04.1 |
|
2018-07-18 14:11:28 |
Steve Langasek |
dkms (Ubuntu Bionic): importance |
Undecided |
High |
|
2018-07-20 22:51:20 |
Launchpad Janitor |
dkms (Ubuntu): status |
Fix Committed |
Fix Released |
|
2018-07-22 11:38:23 |
Guillaume |
tags |
amd64 apport-bug bionic patch verification-needed verification-needed-bionic |
amd64 apport-bug bionic patch verification-done-bionic verification-needed |
|
2018-07-23 17:42:36 |
Launchpad Janitor |
dkms (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
2018-07-23 17:42:40 |
Adam Conrad |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2018-08-15 07:10:01 |
Felix Eckhofer |
bug |
|
|
added subscriber Felix Eckhofer |
2018-08-27 03:37:36 |
Tiffany |
bug |
|
|
added subscriber Tiffany |