ICA HW token missing after the package update
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Ubuntu on IBM z Systems |
Fix Released
|
Medium
|
Dimitri John Ledkov | ||
| opencryptoki (Ubuntu) |
Fix Released
|
Undecided
|
Skipper Bug Screeners | ||
| Bionic |
Invalid
|
Undecided
|
Unassigned | ||
| Disco |
Won't Fix
|
Undecided
|
Unassigned | ||
| Eoan |
Won't Fix
|
Undecided
|
Unassigned | ||
| Focal |
Fix Released
|
Undecided
|
Skipper Bug Screeners | ||
Bug Description
SRU Justification:
------------------
[Impact]
* The libica (actually libica3) needs to be referred by it's "so name" (libica.so.3) to avoid situations where the ICA HW token is missing after a package update.
[Fix]
* 73f05eb53f12197
* 7f4113ba8653b8b
[Test Case]
* A s390x system (LPAR or z/VM) is needed with at least one crypto domain online.
* Install opencryptoki package from bionic/universe.
* Initialize a token and assign it to a certain slot, like with pkcsconf -I -c 1
* Notice that the user that executes this command needs to be part of group 'pkcs11' and that the pkcsslotd.service is enabled and started.
* Display the token (or all tokens) with pkcsconf -t
* Perform an update (and make sure pkcsslotd.service got restarted) and display again using pkcsconf -t
[Regression Potential]
* The regression potential can be considered as low, since:
* it's just a one line change (in two files) of a #define in a way that it points to "libica.so.3" instead of "libica.so", so the diff is minimal
* and bionic already ships libica3 today.
[Other Info]
* This didn't happend yet to any Ubuntu user (afawk), but occurred at IBM tests and/or other distros, hence this is a 'preventive fix'.
__________
Please integrate proactive following 2 git commits
ICA: Refer libica by its so name :
https:/
EP11: Refer libica by its so name
https:/
| tags: | added: architecture-s39064 bugnameltc-182121 severity-high targetmilestone-inin1804 |
| Changed in ubuntu: | |
| assignee: | nobody → Skipper Bug Screeners (skipper-screen-team) |
| affects: | ubuntu → opencryptoki (Ubuntu) |
| Changed in ubuntu-z-systems: | |
| importance: | Undecided → Medium |
| status: | New → Triaged |
| assignee: | nobody → Dimitri John Ledkov (xnox) |
| Changed in opencryptoki (Ubuntu): | |
| status: | New → Confirmed |
| Changed in ubuntu-z-systems: | |
| status: | Triaged → Confirmed |
| no longer affects: | ubuntu-z-systems/ubuntu-19.04 |
| no longer affects: | ubuntu-z-systems/ubuntu-19.10 |
| no longer affects: | ubuntu-z-systems/ubuntu-20.04 |
| description: | updated |
| Frank Heimes (fheimes) wrote | #1 |
| Changed in opencryptoki (Ubuntu Disco): | |
| status: | New → Won't Fix |
| Launchpad Janitor (janitor) wrote | #2 |
| Changed in opencryptoki (Ubuntu Focal): | |
| status: | Confirmed → Fix Released |
| Changed in ubuntu-z-systems: | |
| status: | Confirmed → In Progress |
| Frank Heimes (fheimes) wrote | #3 |
| Changed in opencryptoki (Ubuntu Eoan): | |
| status: | New → Won't Fix |
| tags: | added: fr-1013 |
| Frank Heimes (fheimes) wrote | #4 |
| Changed in opencryptoki (Ubuntu Bionic): | |
| status: | New → Incomplete |
| Changed in ubuntu-z-systems: | |
| status: | In Progress → Incomplete |
| Matthieu Clemenceau (mclemenceau) wrote | #5 |
| bugproxy (bugproxy) wrote Comment bridged from LTC Bugzilla | #6 |
| Frank Heimes (fheimes) wrote | #7 |
| tags: |
added: targetmilestone-inin2004 removed: targetmilestone-inin1804 |
| Changed in opencryptoki (Ubuntu Bionic): | |
| status: | Incomplete → Invalid |
| Changed in ubuntu-z-systems: | |
| status: | Incomplete → Fix Released |
| tags: |
added: targetmilestone-inin1804 removed: targetmilestone-inin2004 |
| tags: |
added: targetmilestone-inin2004 removed: targetmilestone-inin1804 |
| bugproxy (bugproxy) wrote | #8 |
Since Ubuntu 19.04 / Disco reached it's end-of-life on January the 23rd:
https:/
the entry that marks this ticket as affecting 'Disco' is changed to 'Won't Fix'.