[MIR] nplan

Bug #1608926 reported by Martin Pitt on 2016-08-02
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
nplan (Ubuntu)
Undecided
Unassigned

Bug Description

Availability: In universe, builds on all arches

Rationale: https://blueprints.launchpad.net/ubuntu/+spec/foundations-y-network-yaml

Security: This is a brand new package. The "generate" command reads /etc/netplan/*.yaml and translates them into (ephemeral) configuration files in /run/systemd/network and /run/NetworkManager/. As you need root privs to write/change /etc/netplan/*, the attack surface is very small -- in particular, there are no daemons, open ports etc. involved.

QA:
 - Works OOTB after installation; networkd is enabled on demand and networkd/NetworkManager pick up the new configuration at boot.
 - No debconf questions, RC bugs etc.
 - Package not (currently) in Debian; if there is interest there, I will maintain it there instead, but let's let this mature for a bit first.
 - Upstream test suite has 100% code coverage ("make coverage") and runs during package build.
 - Includes autopkgtests for full integration tests (using mac80211hwsim and veths and the real networkd/NM)

UI: No graphical UI; it will get a CLI at some point to drive some operations, but the main functionality is just to interpret YAML conf
ig files

Dependencies: All build deps in main; no runtime dependencies apart from libc6

Standards: Uses standard dh packaging, no oddities

Maintenance: Foundations team (me in particular) maintains this, foundations-bugs is subscribed to nplan bugs

Michael Terry (mterry) wrote :

Packaging and all that look good. Like the debian/rules file. :)

Passing to security though for a looksee.

Changed in nplan (Ubuntu):
assignee: nobody → Ubuntu Security Team (ubuntu-security)
Tyler Hicks (tyhicks) wrote :

I've spoke with sarnold about this MIR and, judging by pitti's description, it doesn't sound like there's a need for a security review. AIUI, nplan is operating on trusted inputs. Let us know if that's not the case and we can do a review. Otherwise, I think we'll let this one through without taking a look.

Changed in nplan (Ubuntu):
assignee: Ubuntu Security Team (ubuntu-security) → nobody
Michael Terry (mterry) wrote :

OK, good enough for me.

Changed in nplan (Ubuntu):
status: New → Fix Committed
Martin Pitt (pitti) wrote :

Promoted, thanks for reviewing!

Changed in nplan (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers