[MIR] nplan

Bug #1608926 reported by Martin Pitt
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
nplan (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

Availability: In universe, builds on all arches

Rationale: https://blueprints.launchpad.net/ubuntu/+spec/foundations-y-network-yaml

Security: This is a brand new package. The "generate" command reads /etc/netplan/*.yaml and translates them into (ephemeral) configuration files in /run/systemd/network and /run/NetworkManager/. As you need root privs to write/change /etc/netplan/*, the attack surface is very small -- in particular, there are no daemons, open ports etc. involved.

QA:
 - Works OOTB after installation; networkd is enabled on demand and networkd/NetworkManager pick up the new configuration at boot.
 - No debconf questions, RC bugs etc.
 - Package not (currently) in Debian; if there is interest there, I will maintain it there instead, but let's let this mature for a bit first.
 - Upstream test suite has 100% code coverage ("make coverage") and runs during package build.
 - Includes autopkgtests for full integration tests (using mac80211hwsim and veths and the real networkd/NM)

UI: No graphical UI; it will get a CLI at some point to drive some operations, but the main functionality is just to interpret YAML conf
ig files

Dependencies: All build deps in main; no runtime dependencies apart from libc6

Standards: Uses standard dh packaging, no oddities

Maintenance: Foundations team (me in particular) maintains this, foundations-bugs is subscribed to nplan bugs

Revision history for this message
Michael Terry (mterry) wrote :

Packaging and all that look good. Like the debian/rules file. :)

Passing to security though for a looksee.

Changed in nplan (Ubuntu):
assignee: nobody → Ubuntu Security Team (ubuntu-security)
Revision history for this message
Tyler Hicks (tyhicks) wrote :

I've spoke with sarnold about this MIR and, judging by pitti's description, it doesn't sound like there's a need for a security review. AIUI, nplan is operating on trusted inputs. Let us know if that's not the case and we can do a review. Otherwise, I think we'll let this one through without taking a look.

Changed in nplan (Ubuntu):
assignee: Ubuntu Security Team (ubuntu-security) → nobody
Revision history for this message
Michael Terry (mterry) wrote :

OK, good enough for me.

Changed in nplan (Ubuntu):
status: New → Fix Committed
Revision history for this message
Martin Pitt (pitti) wrote :

Promoted, thanks for reviewing!

Changed in nplan (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.