2024-05-21 13:23:46 |
Jeremy Bícha |
bug |
|
|
added bug |
2024-05-21 14:13:48 |
Jeremy Bícha |
description |
[Availability]
The package sysprof is already in Ubuntu universe.
The package sysprof build for the architectures it is designed to work on.
It currently builds and works for all Ubuntu architectures.
Link to package https://launchpad.net/ubuntu/+source/sysprof
[Rationale]
- The package sysprof is required in Ubuntu main
- The package sysprof will not generally be useful for a large part of our user base, but is important/helpful still because it is part of an Ubuntu initiative to focus on performance engineering, both for Ubuntu itself and for developers who build their projects on top of Ubuntu. The size of the sysprof app is fairly small and we envision sysprof as the latest of the small utilities that are included in a default Ubuntu desktop. (Disk Usage Analyzer [baobab] is another one of these utilities.)
+ Related to https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
- There is no other/better way to solve this that is already in main or should go universe->main instead of this.
- The package sysprof is required in Ubuntu main no later than August 15 due to a Ubuntu Desktop goal of including sysprof in the default 24.10 install.
- The binary package sysprof needs to be in main to achieve the goal of providing a GUI performance profiling tool (command-line tools were included by default in Ubuntu 24.04 LTS, but the Desktop Team and others did not have the capacity to also handle getting sysprof into the default install then.)
[Security]
- No CVEs/security issues in this software in the past
+ https://security-tracker.debian.org/tracker/source-package/sysprof
+ https://ubuntu.com/security/cves?package=sysprof
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does install services, timers or recurring jobs
+ /usr/lib/systemd/system/sysprof3.service
+ /usr/libexec/sysprofd
+ /usr/share/dbus-1/system-services/org.gnome.Sysprof3.service
- Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features:
+ App uses /usr/share/polkit-1/actions/org.gnome.sysprof3.policy to gain the elevated permissions it needs to use ptracing in the Linux kernel.
- Package does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Package makes use of ptracing in the Linux kernel because it is required for the system-wide profiling feature that is essential to this app. I recommend Security Team review.
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/sysprof/
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=sysprof
- Upstream https://gitlab.gnome.org/GNOME/sysprof/-/issues
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
RULE: - The package should, but is not required to, also contain
RULE: non-trivial autopkgtest(s).
TODO-A: - The package runs an autopkgtest, and is currently passing on
TODO-A: this TBD list of architectures, link to test logs TBD
TODO-B: - The package does not run an autopkgtest because TBD
RULE: - existing but failing tests that shall be handled as "ok to fail"
RULE: need to be explained along the test logs below
TODO-A: - The package does have not failing autopkgtests right now
TODO-B: - The package does have failing autopkgtests tests right now, but since
TODO-B: they always failed they are handled as "ignored failure", this is
TODO-B: ok because TBD
RULE: - If no build tests nor autopkgtests are included, and/or if the package
RULE: requires specific hardware to perform testing, the subscribed team
RULE: must provide a written test plan in a comment to the MIR bug, and
RULE: commit to running that test either at each upload of the package or
RULE: at least once each release cycle. In the comment to the MIR bug,
RULE: please link to the codebase of these tests (scripts or doc of manual
RULE: steps) and attach a full log of these test runs. This is meant to
RULE: assess their validity (e.g. not just superficial).
RULE: If possible such things should stay in universe. Sometimes that is
RULE: impossible due to the way how features/plugins/dependencies work
RULE: but if you are going to ask for promotion of something untestable
RULE: please outline why it couldn't provide its value (e.g. by splitting
RULE: binaries) to users from universe.
RULE: This is a balance that is hard to strike well, the request is that all
RULE: options have been exploited before giving up. Look for more details
RULE: and backgrounds https://github.com/canonical/ubuntu-mir/issues/30
RULE: Just like in the SRU process it is worth to understand what the
RULE: consequences a regression (due to a test miss) would be. Therefore
RULE: if being untestable we ask to outline what consequences this would
RULE: have for the given package. And let us be honest, even if you can
RULE: test you are never sure you will be able to catch all potential
RULE: regressions. So this is mostly to force self-awareness of the owning
RULE: team than to make a decision on.
TODO: - The package can not be well tested at build or autopkgtest time
TODO: because TBD. To make up for that:
TODO-A: - We have access to such hardware in the team
TODO-B: - We have allocated budget to get this hardware, but it is not here
TODO-B: yet
TODO-C: - We have checked with solutions-qa and will use their hardware
TODO-C: through testflinger
TODO-D: - We have checked with other team TBD and will use their hardware
TODO-D: through TBD (eg. MAAS)
TODO-E: - We have checked and found a simulator which covers this case
TODO-E: sufficiently for testing, our plan to use it is TBD
TODO-F: - We have engaged with the upstream community and due to that
TODO-F: can tests new package builds via TBD
TODO-G: - We have engaged with our user community and due to that
TODO-G: can tests new package builds via TBD
TODO-H: - We have engaged with the hardware manufacturer and made an
TODO-H: agreement to test new builds via TBD
TODO-A-H: - Based on that access outlined above, here are the details of the
TODO-A-H: test plan/automation TBD (e.g. script or repo) and (if already
TODO-A-H: possible) example output of a test run: TBD (logs).
TODO-A-H: We will execute that test plan
TODO-A-H1: on-uploads
TODO-A-H2: regularly (TBD details like frequency: monthly, infra: jira-url)
TODO-X: - We have exhausted all options, there really is no feasible way
TODO-X: to test or recreate this. We are aware of the extra implications
TODO-X: and duties this has for our team (= help SEG and security on
TODO-X: servicing this package, but also more effort on any of your own
TODO-X: bug triage and fixes).
TODO-X: Due to TBD there also is no way to provide this to users from
TODO-X: universe.
TODO-X: Due to the nature, integration and use cases of the package the
TODO-X: consequences of a regression that might slip through most likely
TODO-X: would include
TODO-X: - TBD
TODO-X: - TBD
TODO-X: - TBD
RULE: - In some cases a solution that is about to be promoted consists of
RULE: several very small libraries and one actual application uniting them
RULE: to achieve something useful. This is rather common in the go/rust space.
RULE: In that case often these micro-libs on their own can and should only
RULE: provide low level unit-tests. But more complex autopkgtests make no
RULE: sense on that level. Therefore in those cases one might want to test on
RULE: the solution level.
RULE: - Process wise MIR-requesting teams can ask (on the bug) for this
RULE: special case to apply for a given case, which reduces the test
RULE: constraints on the micro libraries but in return increases the
RULE: requirements for the test of the actual app/solution.
RULE: - Since this might promote micro-lib packages to main with less than
RULE: the common level of QA any further MIRed program using them will have
RULE: to provide the same amount of increased testing.
TODO: - This package is minimal and will be tested in a more wide reaching
TODO: solution context TBD, details about this testing are here TBD
[Quality assurance - packaging]
- debian/watch is present and works
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are not present
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf questions
- Packaging and build is easy, link to debian/rules
https://salsa.debian.org/gnome-team/sysprof/-/blob/debian/latest/debian/rules
[UI standards]
- Application is end-user facing, Translation is present, via standard gettext system
- End-user applications that ships a standard conformant desktop file
+ /usr/share/applications/org.gnome.Sysprof.desktop
[Dependencies]
- There are further runtime dependencies that are not yet in main
+ MIR for libdex is at LP: #2066262
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- The owning team will be Ubuntu Desktop (~desktop-packages) and I have their acknowledgement for that commitment
- The future owning team is not yet subscribed, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is sysprof
- Link to upstream project https://gitlab.gnome.org/GNOME/sysprof |
[Availability]
The package sysprof is already in Ubuntu universe.
The package sysprof build for the architectures it is designed to work on.
It currently builds and works for all Ubuntu architectures.
Link to package https://launchpad.net/ubuntu/+source/sysprof
[Rationale]
- The package sysprof is required in Ubuntu main
- The package sysprof will not generally be useful for a large part of our user base, but is important/helpful still because it is part of an Ubuntu initiative to focus on performance engineering, both for Ubuntu itself and for developers who build their projects on top of Ubuntu. The size of the sysprof app is fairly small and we envision sysprof as the latest of the small utilities that are included in a default Ubuntu desktop. (Disk Usage Analyzer [baobab] is another one of these utilities.)
+ Related to https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
- There is no other/better way to solve this that is already in main or should go universe->main instead of this.
- The package sysprof is required in Ubuntu main no later than August 15 due to a Ubuntu Desktop goal of including sysprof in the default 24.10 install.
- The binary package sysprof needs to be in main to achieve the goal of providing a GUI performance profiling tool (command-line tools were included by default in Ubuntu 24.04 LTS, but the Desktop Team and others did not have the capacity to also handle getting sysprof into the default install then.)
[Security]
- No CVEs/security issues in this software in the past
+ https://security-tracker.debian.org/tracker/source-package/sysprof
+ https://ubuntu.com/security/cves?package=sysprof
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does install services, timers or recurring jobs
+ /usr/lib/systemd/system/sysprof3.service
+ /usr/libexec/sysprofd
+ /usr/share/dbus-1/system-services/org.gnome.Sysprof3.service
- Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features:
+ App uses /usr/share/polkit-1/actions/org.gnome.sysprof3.policy to gain the elevated permissions it needs to use ptracing in the Linux kernel.
- Package does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Package makes use of ptracing in the Linux kernel because it is required for the system-wide profiling feature that is essential to this app. I recommend Security Team review.
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/sysprof/
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=sysprof
- Upstream https://gitlab.gnome.org/GNOME/sysprof/-/issues
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
RULE: - The package should, but is not required to, also contain
RULE: non-trivial autopkgtest(s).
TODO-A: - The package runs an autopkgtest, and is currently passing on
TODO-A: this TBD list of architectures, link to test logs TBD
TODO-B: - The package does not run an autopkgtest because TBD
RULE: - existing but failing tests that shall be handled as "ok to fail"
RULE: need to be explained along the test logs below
TODO-A: - The package does have not failing autopkgtests right now
TODO-B: - The package does have failing autopkgtests tests right now, but since
TODO-B: they always failed they are handled as "ignored failure", this is
TODO-B: ok because TBD
RULE: - If no build tests nor autopkgtests are included, and/or if the package
RULE: requires specific hardware to perform testing, the subscribed team
RULE: must provide a written test plan in a comment to the MIR bug, and
RULE: commit to running that test either at each upload of the package or
RULE: at least once each release cycle. In the comment to the MIR bug,
RULE: please link to the codebase of these tests (scripts or doc of manual
RULE: steps) and attach a full log of these test runs. This is meant to
RULE: assess their validity (e.g. not just superficial).
RULE: If possible such things should stay in universe. Sometimes that is
RULE: impossible due to the way how features/plugins/dependencies work
RULE: but if you are going to ask for promotion of something untestable
RULE: please outline why it couldn't provide its value (e.g. by splitting
RULE: binaries) to users from universe.
RULE: This is a balance that is hard to strike well, the request is that all
RULE: options have been exploited before giving up. Look for more details
RULE: and backgrounds https://github.com/canonical/ubuntu-mir/issues/30
RULE: Just like in the SRU process it is worth to understand what the
RULE: consequences a regression (due to a test miss) would be. Therefore
RULE: if being untestable we ask to outline what consequences this would
RULE: have for the given package. And let us be honest, even if you can
RULE: test you are never sure you will be able to catch all potential
RULE: regressions. So this is mostly to force self-awareness of the owning
RULE: team than to make a decision on.
TODO: - The package can not be well tested at build or autopkgtest time
TODO: because TBD. To make up for that:
TODO-A: - We have access to such hardware in the team
TODO-B: - We have allocated budget to get this hardware, but it is not here
TODO-B: yet
TODO-C: - We have checked with solutions-qa and will use their hardware
TODO-C: through testflinger
TODO-D: - We have checked with other team TBD and will use their hardware
TODO-D: through TBD (eg. MAAS)
TODO-E: - We have checked and found a simulator which covers this case
TODO-E: sufficiently for testing, our plan to use it is TBD
TODO-F: - We have engaged with the upstream community and due to that
TODO-F: can tests new package builds via TBD
TODO-G: - We have engaged with our user community and due to that
TODO-G: can tests new package builds via TBD
TODO-H: - We have engaged with the hardware manufacturer and made an
TODO-H: agreement to test new builds via TBD
TODO-A-H: - Based on that access outlined above, here are the details of the
TODO-A-H: test plan/automation TBD (e.g. script or repo) and (if already
TODO-A-H: possible) example output of a test run: TBD (logs).
TODO-A-H: We will execute that test plan
TODO-A-H1: on-uploads
TODO-A-H2: regularly (TBD details like frequency: monthly, infra: jira-url)
TODO-X: - We have exhausted all options, there really is no feasible way
TODO-X: to test or recreate this. We are aware of the extra implications
TODO-X: and duties this has for our team (= help SEG and security on
TODO-X: servicing this package, but also more effort on any of your own
TODO-X: bug triage and fixes).
TODO-X: Due to TBD there also is no way to provide this to users from
TODO-X: universe.
TODO-X: Due to the nature, integration and use cases of the package the
TODO-X: consequences of a regression that might slip through most likely
TODO-X: would include
TODO-X: - TBD
TODO-X: - TBD
TODO-X: - TBD
RULE: - In some cases a solution that is about to be promoted consists of
RULE: several very small libraries and one actual application uniting them
RULE: to achieve something useful. This is rather common in the go/rust space.
RULE: In that case often these micro-libs on their own can and should only
RULE: provide low level unit-tests. But more complex autopkgtests make no
RULE: sense on that level. Therefore in those cases one might want to test on
RULE: the solution level.
RULE: - Process wise MIR-requesting teams can ask (on the bug) for this
RULE: special case to apply for a given case, which reduces the test
RULE: constraints on the micro libraries but in return increases the
RULE: requirements for the test of the actual app/solution.
RULE: - Since this might promote micro-lib packages to main with less than
RULE: the common level of QA any further MIRed program using them will have
RULE: to provide the same amount of increased testing.
TODO: - This package is minimal and will be tested in a more wide reaching
TODO: solution context TBD, details about this testing are here TBD
[Quality assurance - packaging]
- debian/watch is present and works
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are not present
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf questions
- Packaging and build is easy, link to debian/rules
https://salsa.debian.org/gnome-team/sysprof/-/blob/debian/latest/debian/rules
[UI standards]
- Application is end-user facing, Translation is present, via standard gettext system
- End-user applications that ships a standard conformant desktop file
+ /usr/share/applications/org.gnome.Sysprof.desktop
[Dependencies]
- There are further runtime dependencies that are not yet in main
+ MIR for libdex is at LP: #2066262
+ MIR for panel is at LP: #2066272
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- The owning team will be Ubuntu Desktop (~desktop-packages) and I have their acknowledgement for that commitment
- The future owning team is not yet subscribed, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is sysprof
- Link to upstream project https://gitlab.gnome.org/GNOME/sysprof |
|
2024-05-21 14:14:02 |
Jeremy Bícha |
sysprof (Ubuntu): assignee |
|
Jeremy Bícha (jbicha) |
|
2024-05-21 14:14:09 |
Jeremy Bícha |
bug |
|
|
added subscriber MIR approval team |
2024-05-21 14:38:20 |
Jeremy Bícha |
description |
[Availability]
The package sysprof is already in Ubuntu universe.
The package sysprof build for the architectures it is designed to work on.
It currently builds and works for all Ubuntu architectures.
Link to package https://launchpad.net/ubuntu/+source/sysprof
[Rationale]
- The package sysprof is required in Ubuntu main
- The package sysprof will not generally be useful for a large part of our user base, but is important/helpful still because it is part of an Ubuntu initiative to focus on performance engineering, both for Ubuntu itself and for developers who build their projects on top of Ubuntu. The size of the sysprof app is fairly small and we envision sysprof as the latest of the small utilities that are included in a default Ubuntu desktop. (Disk Usage Analyzer [baobab] is another one of these utilities.)
+ Related to https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
- There is no other/better way to solve this that is already in main or should go universe->main instead of this.
- The package sysprof is required in Ubuntu main no later than August 15 due to a Ubuntu Desktop goal of including sysprof in the default 24.10 install.
- The binary package sysprof needs to be in main to achieve the goal of providing a GUI performance profiling tool (command-line tools were included by default in Ubuntu 24.04 LTS, but the Desktop Team and others did not have the capacity to also handle getting sysprof into the default install then.)
[Security]
- No CVEs/security issues in this software in the past
+ https://security-tracker.debian.org/tracker/source-package/sysprof
+ https://ubuntu.com/security/cves?package=sysprof
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does install services, timers or recurring jobs
+ /usr/lib/systemd/system/sysprof3.service
+ /usr/libexec/sysprofd
+ /usr/share/dbus-1/system-services/org.gnome.Sysprof3.service
- Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features:
+ App uses /usr/share/polkit-1/actions/org.gnome.sysprof3.policy to gain the elevated permissions it needs to use ptracing in the Linux kernel.
- Package does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Package makes use of ptracing in the Linux kernel because it is required for the system-wide profiling feature that is essential to this app. I recommend Security Team review.
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/sysprof/
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=sysprof
- Upstream https://gitlab.gnome.org/GNOME/sysprof/-/issues
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
RULE: - The package should, but is not required to, also contain
RULE: non-trivial autopkgtest(s).
TODO-A: - The package runs an autopkgtest, and is currently passing on
TODO-A: this TBD list of architectures, link to test logs TBD
TODO-B: - The package does not run an autopkgtest because TBD
RULE: - existing but failing tests that shall be handled as "ok to fail"
RULE: need to be explained along the test logs below
TODO-A: - The package does have not failing autopkgtests right now
TODO-B: - The package does have failing autopkgtests tests right now, but since
TODO-B: they always failed they are handled as "ignored failure", this is
TODO-B: ok because TBD
RULE: - If no build tests nor autopkgtests are included, and/or if the package
RULE: requires specific hardware to perform testing, the subscribed team
RULE: must provide a written test plan in a comment to the MIR bug, and
RULE: commit to running that test either at each upload of the package or
RULE: at least once each release cycle. In the comment to the MIR bug,
RULE: please link to the codebase of these tests (scripts or doc of manual
RULE: steps) and attach a full log of these test runs. This is meant to
RULE: assess their validity (e.g. not just superficial).
RULE: If possible such things should stay in universe. Sometimes that is
RULE: impossible due to the way how features/plugins/dependencies work
RULE: but if you are going to ask for promotion of something untestable
RULE: please outline why it couldn't provide its value (e.g. by splitting
RULE: binaries) to users from universe.
RULE: This is a balance that is hard to strike well, the request is that all
RULE: options have been exploited before giving up. Look for more details
RULE: and backgrounds https://github.com/canonical/ubuntu-mir/issues/30
RULE: Just like in the SRU process it is worth to understand what the
RULE: consequences a regression (due to a test miss) would be. Therefore
RULE: if being untestable we ask to outline what consequences this would
RULE: have for the given package. And let us be honest, even if you can
RULE: test you are never sure you will be able to catch all potential
RULE: regressions. So this is mostly to force self-awareness of the owning
RULE: team than to make a decision on.
TODO: - The package can not be well tested at build or autopkgtest time
TODO: because TBD. To make up for that:
TODO-A: - We have access to such hardware in the team
TODO-B: - We have allocated budget to get this hardware, but it is not here
TODO-B: yet
TODO-C: - We have checked with solutions-qa and will use their hardware
TODO-C: through testflinger
TODO-D: - We have checked with other team TBD and will use their hardware
TODO-D: through TBD (eg. MAAS)
TODO-E: - We have checked and found a simulator which covers this case
TODO-E: sufficiently for testing, our plan to use it is TBD
TODO-F: - We have engaged with the upstream community and due to that
TODO-F: can tests new package builds via TBD
TODO-G: - We have engaged with our user community and due to that
TODO-G: can tests new package builds via TBD
TODO-H: - We have engaged with the hardware manufacturer and made an
TODO-H: agreement to test new builds via TBD
TODO-A-H: - Based on that access outlined above, here are the details of the
TODO-A-H: test plan/automation TBD (e.g. script or repo) and (if already
TODO-A-H: possible) example output of a test run: TBD (logs).
TODO-A-H: We will execute that test plan
TODO-A-H1: on-uploads
TODO-A-H2: regularly (TBD details like frequency: monthly, infra: jira-url)
TODO-X: - We have exhausted all options, there really is no feasible way
TODO-X: to test or recreate this. We are aware of the extra implications
TODO-X: and duties this has for our team (= help SEG and security on
TODO-X: servicing this package, but also more effort on any of your own
TODO-X: bug triage and fixes).
TODO-X: Due to TBD there also is no way to provide this to users from
TODO-X: universe.
TODO-X: Due to the nature, integration and use cases of the package the
TODO-X: consequences of a regression that might slip through most likely
TODO-X: would include
TODO-X: - TBD
TODO-X: - TBD
TODO-X: - TBD
RULE: - In some cases a solution that is about to be promoted consists of
RULE: several very small libraries and one actual application uniting them
RULE: to achieve something useful. This is rather common in the go/rust space.
RULE: In that case often these micro-libs on their own can and should only
RULE: provide low level unit-tests. But more complex autopkgtests make no
RULE: sense on that level. Therefore in those cases one might want to test on
RULE: the solution level.
RULE: - Process wise MIR-requesting teams can ask (on the bug) for this
RULE: special case to apply for a given case, which reduces the test
RULE: constraints on the micro libraries but in return increases the
RULE: requirements for the test of the actual app/solution.
RULE: - Since this might promote micro-lib packages to main with less than
RULE: the common level of QA any further MIRed program using them will have
RULE: to provide the same amount of increased testing.
TODO: - This package is minimal and will be tested in a more wide reaching
TODO: solution context TBD, details about this testing are here TBD
[Quality assurance - packaging]
- debian/watch is present and works
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are not present
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf questions
- Packaging and build is easy, link to debian/rules
https://salsa.debian.org/gnome-team/sysprof/-/blob/debian/latest/debian/rules
[UI standards]
- Application is end-user facing, Translation is present, via standard gettext system
- End-user applications that ships a standard conformant desktop file
+ /usr/share/applications/org.gnome.Sysprof.desktop
[Dependencies]
- There are further runtime dependencies that are not yet in main
+ MIR for libdex is at LP: #2066262
+ MIR for panel is at LP: #2066272
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- The owning team will be Ubuntu Desktop (~desktop-packages) and I have their acknowledgement for that commitment
- The future owning team is not yet subscribed, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is sysprof
- Link to upstream project https://gitlab.gnome.org/GNOME/sysprof |
[Availability]
The package sysprof is already in Ubuntu universe.
The package sysprof build for the architectures it is designed to work on.
It currently builds and works for all Ubuntu architectures.
Link to package https://launchpad.net/ubuntu/+source/sysprof
[Rationale]
- The package sysprof is required in Ubuntu main
- The package sysprof will not generally be useful for a large part of our user base, but is important/helpful still because it is part of an Ubuntu initiative to focus on performance engineering, both for Ubuntu itself and for developers who build their projects on top of Ubuntu. The size of the sysprof app is fairly small and we envision sysprof as the latest of the small utilities that are included in a default Ubuntu desktop. (Disk Usage Analyzer [baobab] is another one of these utilities.)
+ Related to https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
- There is no other/better way to solve this that is already in main or should go universe->main instead of this.
- The package sysprof is required in Ubuntu main no later than August 15 due to a Ubuntu Desktop goal of including sysprof in the default 24.10 install.
- The binary package sysprof needs to be in main to achieve the goal of providing a GUI performance profiling tool (command-line tools were included by default in Ubuntu 24.04 LTS, but the Desktop Team and others did not have the capacity to also handle getting sysprof into the default install then.)
[Security]
- No CVEs/security issues in this software in the past
+ https://security-tracker.debian.org/tracker/source-package/sysprof
+ https://ubuntu.com/security/cves?package=sysprof
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does install services, timers or recurring jobs
+ /usr/lib/systemd/system/sysprof3.service
+ /usr/libexec/sysprofd
+ /usr/share/dbus-1/system-services/org.gnome.Sysprof3.service
- Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features:
+ App uses /usr/share/polkit-1/actions/org.gnome.sysprof3.policy to gain the elevated permissions it needs to use ptracing in the Linux kernel.
- Package does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Package makes use of ptracing in the Linux kernel because it is required for the system-wide profiling feature that is essential to this app. I recommend Security Team review.
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/sysprof/
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=sysprof
- Upstream https://gitlab.gnome.org/GNOME/sysprof/-/issues
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
RULE: - The package should, but is not required to, also contain
RULE: non-trivial autopkgtest(s).
TODO-A: - The package runs an autopkgtest, and is currently passing on
TODO-A: this TBD list of architectures, link to test logs TBD
TODO-B: - The package does not run an autopkgtest because TBD
RULE: - existing but failing tests that shall be handled as "ok to fail"
RULE: need to be explained along the test logs below
TODO-A: - The package does have not failing autopkgtests right now
TODO-B: - The package does have failing autopkgtests tests right now, but since
TODO-B: they always failed they are handled as "ignored failure", this is
TODO-B: ok because TBD
RULE: - If no build tests nor autopkgtests are included, and/or if the package
RULE: requires specific hardware to perform testing, the subscribed team
RULE: must provide a written test plan in a comment to the MIR bug, and
RULE: commit to running that test either at each upload of the package or
RULE: at least once each release cycle. In the comment to the MIR bug,
RULE: please link to the codebase of these tests (scripts or doc of manual
RULE: steps) and attach a full log of these test runs. This is meant to
RULE: assess their validity (e.g. not just superficial).
RULE: If possible such things should stay in universe. Sometimes that is
RULE: impossible due to the way how features/plugins/dependencies work
RULE: but if you are going to ask for promotion of something untestable
RULE: please outline why it couldn't provide its value (e.g. by splitting
RULE: binaries) to users from universe.
RULE: This is a balance that is hard to strike well, the request is that all
RULE: options have been exploited before giving up. Look for more details
RULE: and backgrounds https://github.com/canonical/ubuntu-mir/issues/30
RULE: Just like in the SRU process it is worth to understand what the
RULE: consequences a regression (due to a test miss) would be. Therefore
RULE: if being untestable we ask to outline what consequences this would
RULE: have for the given package. And let us be honest, even if you can
RULE: test you are never sure you will be able to catch all potential
RULE: regressions. So this is mostly to force self-awareness of the owning
RULE: team than to make a decision on.
TODO: - The package can not be well tested at build or autopkgtest time
TODO: because TBD. To make up for that:
TODO-A: - We have access to such hardware in the team
TODO-B: - We have allocated budget to get this hardware, but it is not here
TODO-B: yet
TODO-C: - We have checked with solutions-qa and will use their hardware
TODO-C: through testflinger
TODO-D: - We have checked with other team TBD and will use their hardware
TODO-D: through TBD (eg. MAAS)
TODO-E: - We have checked and found a simulator which covers this case
TODO-E: sufficiently for testing, our plan to use it is TBD
TODO-F: - We have engaged with the upstream community and due to that
TODO-F: can tests new package builds via TBD
TODO-G: - We have engaged with our user community and due to that
TODO-G: can tests new package builds via TBD
TODO-H: - We have engaged with the hardware manufacturer and made an
TODO-H: agreement to test new builds via TBD
TODO-A-H: - Based on that access outlined above, here are the details of the
TODO-A-H: test plan/automation TBD (e.g. script or repo) and (if already
TODO-A-H: possible) example output of a test run: TBD (logs).
TODO-A-H: We will execute that test plan
TODO-A-H1: on-uploads
TODO-A-H2: regularly (TBD details like frequency: monthly, infra: jira-url)
TODO-X: - We have exhausted all options, there really is no feasible way
TODO-X: to test or recreate this. We are aware of the extra implications
TODO-X: and duties this has for our team (= help SEG and security on
TODO-X: servicing this package, but also more effort on any of your own
TODO-X: bug triage and fixes).
TODO-X: Due to TBD there also is no way to provide this to users from
TODO-X: universe.
TODO-X: Due to the nature, integration and use cases of the package the
TODO-X: consequences of a regression that might slip through most likely
TODO-X: would include
TODO-X: - TBD
TODO-X: - TBD
TODO-X: - TBD
RULE: - In some cases a solution that is about to be promoted consists of
RULE: several very small libraries and one actual application uniting them
RULE: to achieve something useful. This is rather common in the go/rust space.
RULE: In that case often these micro-libs on their own can and should only
RULE: provide low level unit-tests. But more complex autopkgtests make no
RULE: sense on that level. Therefore in those cases one might want to test on
RULE: the solution level.
RULE: - Process wise MIR-requesting teams can ask (on the bug) for this
RULE: special case to apply for a given case, which reduces the test
RULE: constraints on the micro libraries but in return increases the
RULE: requirements for the test of the actual app/solution.
RULE: - Since this might promote micro-lib packages to main with less than
RULE: the common level of QA any further MIRed program using them will have
RULE: to provide the same amount of increased testing.
TODO: - This package is minimal and will be tested in a more wide reaching
TODO: solution context TBD, details about this testing are here TBD
[Quality assurance - packaging]
- debian/watch is present and works
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are not present
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf questions
- Packaging and build is easy, link to debian/rules
https://salsa.debian.org/gnome-team/sysprof/-/blob/debian/latest/debian/rules
[UI standards]
- Application is end-user facing, Translation is present, via standard gettext system
- End-user applications that ships a standard conformant desktop file
+ /usr/share/applications/org.gnome.Sysprof.desktop
[Dependencies]
- There are further runtime dependencies that are not yet in main
+ MIR for libdex is at LP: #2066262
+ MIR for libpanel is at LP: #2066272
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- The owning team will be Ubuntu Desktop (~desktop-packages) and I have their acknowledgement for that commitment
- The future owning team is not yet subscribed, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is sysprof
- Link to upstream project https://gitlab.gnome.org/GNOME/sysprof |
|
2024-06-04 13:42:48 |
Jeremy Bícha |
sysprof (Ubuntu): assignee |
Jeremy Bícha (jbicha) |
|
|
2024-06-04 14:27:27 |
Jeremy Bícha |
description |
[Availability]
The package sysprof is already in Ubuntu universe.
The package sysprof build for the architectures it is designed to work on.
It currently builds and works for all Ubuntu architectures.
Link to package https://launchpad.net/ubuntu/+source/sysprof
[Rationale]
- The package sysprof is required in Ubuntu main
- The package sysprof will not generally be useful for a large part of our user base, but is important/helpful still because it is part of an Ubuntu initiative to focus on performance engineering, both for Ubuntu itself and for developers who build their projects on top of Ubuntu. The size of the sysprof app is fairly small and we envision sysprof as the latest of the small utilities that are included in a default Ubuntu desktop. (Disk Usage Analyzer [baobab] is another one of these utilities.)
+ Related to https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
- There is no other/better way to solve this that is already in main or should go universe->main instead of this.
- The package sysprof is required in Ubuntu main no later than August 15 due to a Ubuntu Desktop goal of including sysprof in the default 24.10 install.
- The binary package sysprof needs to be in main to achieve the goal of providing a GUI performance profiling tool (command-line tools were included by default in Ubuntu 24.04 LTS, but the Desktop Team and others did not have the capacity to also handle getting sysprof into the default install then.)
[Security]
- No CVEs/security issues in this software in the past
+ https://security-tracker.debian.org/tracker/source-package/sysprof
+ https://ubuntu.com/security/cves?package=sysprof
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does install services, timers or recurring jobs
+ /usr/lib/systemd/system/sysprof3.service
+ /usr/libexec/sysprofd
+ /usr/share/dbus-1/system-services/org.gnome.Sysprof3.service
- Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features:
+ App uses /usr/share/polkit-1/actions/org.gnome.sysprof3.policy to gain the elevated permissions it needs to use ptracing in the Linux kernel.
- Package does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Package makes use of ptracing in the Linux kernel because it is required for the system-wide profiling feature that is essential to this app. I recommend Security Team review.
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/sysprof/
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=sysprof
- Upstream https://gitlab.gnome.org/GNOME/sysprof/-/issues
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
RULE: - The package should, but is not required to, also contain
RULE: non-trivial autopkgtest(s).
TODO-A: - The package runs an autopkgtest, and is currently passing on
TODO-A: this TBD list of architectures, link to test logs TBD
TODO-B: - The package does not run an autopkgtest because TBD
RULE: - existing but failing tests that shall be handled as "ok to fail"
RULE: need to be explained along the test logs below
TODO-A: - The package does have not failing autopkgtests right now
TODO-B: - The package does have failing autopkgtests tests right now, but since
TODO-B: they always failed they are handled as "ignored failure", this is
TODO-B: ok because TBD
RULE: - If no build tests nor autopkgtests are included, and/or if the package
RULE: requires specific hardware to perform testing, the subscribed team
RULE: must provide a written test plan in a comment to the MIR bug, and
RULE: commit to running that test either at each upload of the package or
RULE: at least once each release cycle. In the comment to the MIR bug,
RULE: please link to the codebase of these tests (scripts or doc of manual
RULE: steps) and attach a full log of these test runs. This is meant to
RULE: assess their validity (e.g. not just superficial).
RULE: If possible such things should stay in universe. Sometimes that is
RULE: impossible due to the way how features/plugins/dependencies work
RULE: but if you are going to ask for promotion of something untestable
RULE: please outline why it couldn't provide its value (e.g. by splitting
RULE: binaries) to users from universe.
RULE: This is a balance that is hard to strike well, the request is that all
RULE: options have been exploited before giving up. Look for more details
RULE: and backgrounds https://github.com/canonical/ubuntu-mir/issues/30
RULE: Just like in the SRU process it is worth to understand what the
RULE: consequences a regression (due to a test miss) would be. Therefore
RULE: if being untestable we ask to outline what consequences this would
RULE: have for the given package. And let us be honest, even if you can
RULE: test you are never sure you will be able to catch all potential
RULE: regressions. So this is mostly to force self-awareness of the owning
RULE: team than to make a decision on.
TODO: - The package can not be well tested at build or autopkgtest time
TODO: because TBD. To make up for that:
TODO-A: - We have access to such hardware in the team
TODO-B: - We have allocated budget to get this hardware, but it is not here
TODO-B: yet
TODO-C: - We have checked with solutions-qa and will use their hardware
TODO-C: through testflinger
TODO-D: - We have checked with other team TBD and will use their hardware
TODO-D: through TBD (eg. MAAS)
TODO-E: - We have checked and found a simulator which covers this case
TODO-E: sufficiently for testing, our plan to use it is TBD
TODO-F: - We have engaged with the upstream community and due to that
TODO-F: can tests new package builds via TBD
TODO-G: - We have engaged with our user community and due to that
TODO-G: can tests new package builds via TBD
TODO-H: - We have engaged with the hardware manufacturer and made an
TODO-H: agreement to test new builds via TBD
TODO-A-H: - Based on that access outlined above, here are the details of the
TODO-A-H: test plan/automation TBD (e.g. script or repo) and (if already
TODO-A-H: possible) example output of a test run: TBD (logs).
TODO-A-H: We will execute that test plan
TODO-A-H1: on-uploads
TODO-A-H2: regularly (TBD details like frequency: monthly, infra: jira-url)
TODO-X: - We have exhausted all options, there really is no feasible way
TODO-X: to test or recreate this. We are aware of the extra implications
TODO-X: and duties this has for our team (= help SEG and security on
TODO-X: servicing this package, but also more effort on any of your own
TODO-X: bug triage and fixes).
TODO-X: Due to TBD there also is no way to provide this to users from
TODO-X: universe.
TODO-X: Due to the nature, integration and use cases of the package the
TODO-X: consequences of a regression that might slip through most likely
TODO-X: would include
TODO-X: - TBD
TODO-X: - TBD
TODO-X: - TBD
RULE: - In some cases a solution that is about to be promoted consists of
RULE: several very small libraries and one actual application uniting them
RULE: to achieve something useful. This is rather common in the go/rust space.
RULE: In that case often these micro-libs on their own can and should only
RULE: provide low level unit-tests. But more complex autopkgtests make no
RULE: sense on that level. Therefore in those cases one might want to test on
RULE: the solution level.
RULE: - Process wise MIR-requesting teams can ask (on the bug) for this
RULE: special case to apply for a given case, which reduces the test
RULE: constraints on the micro libraries but in return increases the
RULE: requirements for the test of the actual app/solution.
RULE: - Since this might promote micro-lib packages to main with less than
RULE: the common level of QA any further MIRed program using them will have
RULE: to provide the same amount of increased testing.
TODO: - This package is minimal and will be tested in a more wide reaching
TODO: solution context TBD, details about this testing are here TBD
[Quality assurance - packaging]
- debian/watch is present and works
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are not present
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf questions
- Packaging and build is easy, link to debian/rules
https://salsa.debian.org/gnome-team/sysprof/-/blob/debian/latest/debian/rules
[UI standards]
- Application is end-user facing, Translation is present, via standard gettext system
- End-user applications that ships a standard conformant desktop file
+ /usr/share/applications/org.gnome.Sysprof.desktop
[Dependencies]
- There are further runtime dependencies that are not yet in main
+ MIR for libdex is at LP: #2066262
+ MIR for libpanel is at LP: #2066272
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- The owning team will be Ubuntu Desktop (~desktop-packages) and I have their acknowledgement for that commitment
- The future owning team is not yet subscribed, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is sysprof
- Link to upstream project https://gitlab.gnome.org/GNOME/sysprof |
[Availability]
The package sysprof is already in Ubuntu universe.
The package sysprof build for the architectures it is designed to work on.
It currently builds and works for all Ubuntu architectures.
Link to package https://launchpad.net/ubuntu/+source/sysprof
[Rationale]
- The package sysprof is required in Ubuntu main
- The package sysprof will not generally be useful for a large part of our user base, but is important/helpful still because it is part of an Ubuntu initiative to focus on performance engineering, both for Ubuntu itself and for developers who build their projects on top of Ubuntu. The size of the sysprof app is fairly small and we envision sysprof as the latest of the small utilities that are included in a default Ubuntu desktop. (Disk Usage Analyzer [baobab] is another one of these utilities.)
+ Related to https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
- There is no other/better way to solve this that is already in main or should go universe->main instead of this.
- The package sysprof is required in Ubuntu main no later than August 15 due to a Ubuntu Desktop goal of including sysprof in the default 24.10 install.
- The binary package sysprof needs to be in main to achieve the goal of providing a GUI performance profiling tool (command-line tools were included by default in Ubuntu 24.04 LTS, but the Desktop Team and others did not have the capacity to also handle getting sysprof into the default install then.)
[Security]
- No CVEs/security issues in this software in the past
+ https://security-tracker.debian.org/tracker/source-package/sysprof
+ https://ubuntu.com/security/cves?package=sysprof
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does install services, timers or recurring jobs
+ /usr/lib/systemd/system/sysprof3.service
+ /usr/libexec/sysprofd
+ /usr/share/dbus-1/system-services/org.gnome.Sysprof3.service
- Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features:
+ App uses /usr/share/polkit-1/actions/org.gnome.sysprof3.policy to gain the elevated permissions it needs to use ptracing in the Linux kernel.
- Package does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Package makes use of ptracing in the Linux kernel because it is required for the system-wide profiling feature that is essential to this app. I recommend Security Team review.
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/sysprof/
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=sysprof
- Upstream https://gitlab.gnome.org/GNOME/sysprof/-/issues
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- The package does not run an autopkgtest because we use manual testing of this GUI app instead. (And we run the upstream build time test suite.)
https://wiki.ubuntu.com/DesktopTeam/TestPlans/Sysprof
[Quality assurance - packaging]
- debian/watch is present and works
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because the overrides document why those Lintian warnings should be ignored.
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf questions
- Packaging and build is easy, link to debian/rules
https://salsa.debian.org/gnome-team/sysprof/-/blob/debian/latest/debian/rules
[UI standards]
- Application is end-user facing, Translation is present, via standard gettext system
- End-user applications that ships a standard conformant desktop file
+ /usr/share/applications/org.gnome.Sysprof.desktop
[Dependencies]
- There are further runtime dependencies that are not yet in main
+ MIR for libdex is at LP: #2066262
+ MIR for libpanel is at LP: #2066272
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- The owning team will be Ubuntu Desktop (~desktop-packages) and I have their acknowledgement for that commitment
- The future owning team is not yet subscribed, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is sysprof
- Link to upstream project https://gitlab.gnome.org/GNOME/sysprof |
|
2024-06-04 14:30:24 |
Jeremy Bícha |
description |
[Availability]
The package sysprof is already in Ubuntu universe.
The package sysprof build for the architectures it is designed to work on.
It currently builds and works for all Ubuntu architectures.
Link to package https://launchpad.net/ubuntu/+source/sysprof
[Rationale]
- The package sysprof is required in Ubuntu main
- The package sysprof will not generally be useful for a large part of our user base, but is important/helpful still because it is part of an Ubuntu initiative to focus on performance engineering, both for Ubuntu itself and for developers who build their projects on top of Ubuntu. The size of the sysprof app is fairly small and we envision sysprof as the latest of the small utilities that are included in a default Ubuntu desktop. (Disk Usage Analyzer [baobab] is another one of these utilities.)
+ Related to https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
- There is no other/better way to solve this that is already in main or should go universe->main instead of this.
- The package sysprof is required in Ubuntu main no later than August 15 due to a Ubuntu Desktop goal of including sysprof in the default 24.10 install.
- The binary package sysprof needs to be in main to achieve the goal of providing a GUI performance profiling tool (command-line tools were included by default in Ubuntu 24.04 LTS, but the Desktop Team and others did not have the capacity to also handle getting sysprof into the default install then.)
[Security]
- No CVEs/security issues in this software in the past
+ https://security-tracker.debian.org/tracker/source-package/sysprof
+ https://ubuntu.com/security/cves?package=sysprof
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does install services, timers or recurring jobs
+ /usr/lib/systemd/system/sysprof3.service
+ /usr/libexec/sysprofd
+ /usr/share/dbus-1/system-services/org.gnome.Sysprof3.service
- Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features:
+ App uses /usr/share/polkit-1/actions/org.gnome.sysprof3.policy to gain the elevated permissions it needs to use ptracing in the Linux kernel.
- Package does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Package makes use of ptracing in the Linux kernel because it is required for the system-wide profiling feature that is essential to this app. I recommend Security Team review.
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/sysprof/
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=sysprof
- Upstream https://gitlab.gnome.org/GNOME/sysprof/-/issues
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- The package does not run an autopkgtest because we use manual testing of this GUI app instead. (And we run the upstream build time test suite.)
https://wiki.ubuntu.com/DesktopTeam/TestPlans/Sysprof
[Quality assurance - packaging]
- debian/watch is present and works
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because the overrides document why those Lintian warnings should be ignored.
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf questions
- Packaging and build is easy, link to debian/rules
https://salsa.debian.org/gnome-team/sysprof/-/blob/debian/latest/debian/rules
[UI standards]
- Application is end-user facing, Translation is present, via standard gettext system
- End-user applications that ships a standard conformant desktop file
+ /usr/share/applications/org.gnome.Sysprof.desktop
[Dependencies]
- There are further runtime dependencies that are not yet in main
+ MIR for libdex is at LP: #2066262
+ MIR for libpanel is at LP: #2066272
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- The owning team will be Ubuntu Desktop (~desktop-packages) and I have their acknowledgement for that commitment
- The future owning team is not yet subscribed, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is sysprof
- Link to upstream project https://gitlab.gnome.org/GNOME/sysprof |
[Availability]
The package sysprof is already in Ubuntu universe.
The package sysprof build for the architectures it is designed to work on.
It currently builds and works for all Ubuntu architectures.
Link to package https://launchpad.net/ubuntu/+source/sysprof
[Rationale]
- The package sysprof is required in Ubuntu main
- The package sysprof will not generally be useful for a large part of our user base, but is important/helpful still because it is part of an Ubuntu initiative to focus on performance engineering, both for Ubuntu itself and for developers who build their projects on top of Ubuntu. The size of the sysprof app is fairly small and we envision sysprof as the latest of the small utilities that are included in a default Ubuntu desktop. (Disk Usage Analyzer [baobab] is another one of these utilities.)
+ Related to https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
- There is no other/better way to solve this that is already in main or should go universe->main instead of this.
- The package sysprof is required in Ubuntu main no later than August 15 due to a Ubuntu Desktop goal of including sysprof in the default 24.10 install.
- The binary package sysprof needs to be in main to achieve the goal of providing a GUI performance profiling tool (command-line tools were included by default in Ubuntu 24.04 LTS, but the Desktop Team and others did not have the capacity to also handle getting sysprof into the default install then.)
[Security]
- No CVEs/security issues in this software in the past
+ https://security-tracker.debian.org/tracker/source-package/sysprof
+ https://ubuntu.com/security/cves?package=sysprof
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does install services, timers or recurring jobs
+ /usr/lib/systemd/system/sysprof3.service
+ /usr/libexec/sysprofd
+ /usr/share/dbus-1/system-services/org.gnome.Sysprof3.service
- Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features:
+ App uses /usr/share/polkit-1/actions/org.gnome.sysprof3.policy to gain the elevated permissions it needs to use ptracing in the Linux kernel.
- Package does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Package makes use of ptracing in the Linux kernel because it is required for the system-wide profiling feature that is essential to this app. I recommend Security Team review.
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/sysprof/
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=sysprof
- Upstream https://gitlab.gnome.org/GNOME/sysprof/-/issues
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- The package runs an autopkgtest, and is currently passing on all architectures except for i386
https://autopkgtest.ubuntu.com/packages/sysprof
- We also will do manual testing of the GUI app
https://wiki.ubuntu.com/DesktopTeam/TestPlans/Sysprof
[Quality assurance - packaging]
- debian/watch is present and works
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because the overrides document why those Lintian warnings should be ignored.
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf questions
- Packaging and build is easy, link to debian/rules
https://salsa.debian.org/gnome-team/sysprof/-/blob/debian/latest/debian/rules
[UI standards]
- Application is end-user facing, Translation is present, via standard gettext system
- End-user applications that ships a standard conformant desktop file
+ /usr/share/applications/org.gnome.Sysprof.desktop
[Dependencies]
- There are further runtime dependencies that are not yet in main
+ MIR for libdex is at LP: #2066262
+ MIR for libpanel is at LP: #2066272
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- The owning team will be Ubuntu Desktop (~desktop-packages) and I have their acknowledgement for that commitment
- The future owning team is not yet subscribed, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is sysprof
- Link to upstream project https://gitlab.gnome.org/GNOME/sysprof |
|
2024-06-04 14:30:47 |
Jeremy Bícha |
sysprof (Ubuntu): status |
Incomplete |
New |
|
2024-06-04 14:38:39 |
Christian Ehrhardt |
sysprof (Ubuntu): assignee |
|
Christian Ehrhardt (paelzer) |
|
2024-06-04 19:03:35 |
Jeremy Bícha |
description |
[Availability]
The package sysprof is already in Ubuntu universe.
The package sysprof build for the architectures it is designed to work on.
It currently builds and works for all Ubuntu architectures.
Link to package https://launchpad.net/ubuntu/+source/sysprof
[Rationale]
- The package sysprof is required in Ubuntu main
- The package sysprof will not generally be useful for a large part of our user base, but is important/helpful still because it is part of an Ubuntu initiative to focus on performance engineering, both for Ubuntu itself and for developers who build their projects on top of Ubuntu. The size of the sysprof app is fairly small and we envision sysprof as the latest of the small utilities that are included in a default Ubuntu desktop. (Disk Usage Analyzer [baobab] is another one of these utilities.)
+ Related to https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
- There is no other/better way to solve this that is already in main or should go universe->main instead of this.
- The package sysprof is required in Ubuntu main no later than August 15 due to a Ubuntu Desktop goal of including sysprof in the default 24.10 install.
- The binary package sysprof needs to be in main to achieve the goal of providing a GUI performance profiling tool (command-line tools were included by default in Ubuntu 24.04 LTS, but the Desktop Team and others did not have the capacity to also handle getting sysprof into the default install then.)
[Security]
- No CVEs/security issues in this software in the past
+ https://security-tracker.debian.org/tracker/source-package/sysprof
+ https://ubuntu.com/security/cves?package=sysprof
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does install services, timers or recurring jobs
+ /usr/lib/systemd/system/sysprof3.service
+ /usr/libexec/sysprofd
+ /usr/share/dbus-1/system-services/org.gnome.Sysprof3.service
- Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features:
+ App uses /usr/share/polkit-1/actions/org.gnome.sysprof3.policy to gain the elevated permissions it needs to use ptracing in the Linux kernel.
- Package does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Package makes use of ptracing in the Linux kernel because it is required for the system-wide profiling feature that is essential to this app. I recommend Security Team review.
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/sysprof/
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=sysprof
- Upstream https://gitlab.gnome.org/GNOME/sysprof/-/issues
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- The package runs an autopkgtest, and is currently passing on all architectures except for i386
https://autopkgtest.ubuntu.com/packages/sysprof
- We also will do manual testing of the GUI app
https://wiki.ubuntu.com/DesktopTeam/TestPlans/Sysprof
[Quality assurance - packaging]
- debian/watch is present and works
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because the overrides document why those Lintian warnings should be ignored.
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf questions
- Packaging and build is easy, link to debian/rules
https://salsa.debian.org/gnome-team/sysprof/-/blob/debian/latest/debian/rules
[UI standards]
- Application is end-user facing, Translation is present, via standard gettext system
- End-user applications that ships a standard conformant desktop file
+ /usr/share/applications/org.gnome.Sysprof.desktop
[Dependencies]
- There are further runtime dependencies that are not yet in main
+ MIR for libdex is at LP: #2066262
+ MIR for libpanel is at LP: #2066272
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- The owning team will be Ubuntu Desktop (~desktop-packages) and I have their acknowledgement for that commitment
- The future owning team is not yet subscribed, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is sysprof
- Link to upstream project https://gitlab.gnome.org/GNOME/sysprof |
[Availability]
The package sysprof is already in Ubuntu universe.
The package sysprof build for the architectures it is designed to work on.
It currently builds and works for all Ubuntu architectures.
Link to package https://launchpad.net/ubuntu/+source/sysprof
[Rationale]
- The package sysprof is required in Ubuntu main
- The package sysprof will not generally be useful for a large part of our user base, but is important/helpful still because it is part of an Ubuntu initiative to focus on performance engineering, both for Ubuntu itself and for developers who build their projects on top of Ubuntu. The size of the sysprof app is fairly small and we envision sysprof as the latest of the small utilities that are included in a default Ubuntu desktop. (Disk Usage Analyzer [baobab] is another one of these utilities.)
+ Related to https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
- There is no other/better way to solve this that is already in main or should go universe->main instead of this.
- The package sysprof is required in Ubuntu main no later than August 15 due to a Ubuntu Desktop goal of including sysprof in the default 24.10 install.
- The binary package sysprof needs to be in main to achieve the goal of providing a GUI performance profiling tool (command-line tools were included by default in Ubuntu 24.04 LTS, but the Desktop Team and others did not have the capacity to also handle getting sysprof into the default install then.)
[Security]
- No CVEs/security issues in this software in the past
+ https://security-tracker.debian.org/tracker/source-package/sysprof
+ https://ubuntu.com/security/cves?package=sysprof
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does install services, timers or recurring jobs
+ /usr/lib/systemd/system/sysprof3.service
+ /usr/libexec/sysprofd
+ /usr/share/dbus-1/system-services/org.gnome.Sysprof3.service
- Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features:
+ App uses /usr/share/polkit-1/actions/org.gnome.sysprof3.policy to gain the elevated permissions it needs to use ptracing in the Linux kernel.
- Package does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Package makes use of ptracing in the Linux kernel because it is required for the system-wide profiling feature that is essential to this app. I recommend Security Team review.
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/sysprof/
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=sysprof
- Upstream https://gitlab.gnome.org/GNOME/sysprof/-/issues
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- The package runs an autopkgtest, and is currently passing on all architectures except for i386
https://autopkgtest.ubuntu.com/packages/sysprof
- We also will do manual testing of the GUI app
https://wiki.ubuntu.com/DesktopTeam/TestPlans/Sysprof
[Quality assurance - packaging]
- debian/watch is present and works
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because the overrides document why those Lintian warnings should be ignored.
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf questions
- Packaging and build is easy, link to debian/rules
https://salsa.debian.org/gnome-team/sysprof/-/blob/debian/latest/debian/rules
[UI standards]
- Application is end-user facing, Translation is present, via standard gettext system
- End-user applications that ships a standard conformant desktop file
+ /usr/share/applications/org.gnome.Sysprof.desktop
[Dependencies]
- There are further runtime dependencies that are not yet in main
+ MIR for libdex is at LP: #2066262
+ MIR for libpanel is at LP: #2066272
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- The owning team will be Ubuntu Desktop (~desktop-packages) and I have their acknowledgement for that commitment
- The future owning team is not yet subscribed, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is sysprof
- Link to upstream project https://gitlab.gnome.org/GNOME/sysprof
- There is a very large number of overrides in Ubuntu's supported seed to demote library -dev packages to universe to keep libsysprof-capture-4-dev out of main. Those overrides can be dropped once sysprof is allowed into main.
https://git.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/+git/ubuntu/tree/supported |
|
2024-06-11 09:48:29 |
Christian Ehrhardt |
sysprof (Ubuntu): assignee |
Christian Ehrhardt (paelzer) |
Ubuntu Security Team (ubuntu-security) |
|
2024-06-15 01:47:34 |
Seth Arnold |
tags |
oracular |
oracular sec-4574 |
|
2024-07-09 09:34:20 |
Sebastien Bacher |
description |
[Availability]
The package sysprof is already in Ubuntu universe.
The package sysprof build for the architectures it is designed to work on.
It currently builds and works for all Ubuntu architectures.
Link to package https://launchpad.net/ubuntu/+source/sysprof
[Rationale]
- The package sysprof is required in Ubuntu main
- The package sysprof will not generally be useful for a large part of our user base, but is important/helpful still because it is part of an Ubuntu initiative to focus on performance engineering, both for Ubuntu itself and for developers who build their projects on top of Ubuntu. The size of the sysprof app is fairly small and we envision sysprof as the latest of the small utilities that are included in a default Ubuntu desktop. (Disk Usage Analyzer [baobab] is another one of these utilities.)
+ Related to https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
- There is no other/better way to solve this that is already in main or should go universe->main instead of this.
- The package sysprof is required in Ubuntu main no later than August 15 due to a Ubuntu Desktop goal of including sysprof in the default 24.10 install.
- The binary package sysprof needs to be in main to achieve the goal of providing a GUI performance profiling tool (command-line tools were included by default in Ubuntu 24.04 LTS, but the Desktop Team and others did not have the capacity to also handle getting sysprof into the default install then.)
[Security]
- No CVEs/security issues in this software in the past
+ https://security-tracker.debian.org/tracker/source-package/sysprof
+ https://ubuntu.com/security/cves?package=sysprof
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does install services, timers or recurring jobs
+ /usr/lib/systemd/system/sysprof3.service
+ /usr/libexec/sysprofd
+ /usr/share/dbus-1/system-services/org.gnome.Sysprof3.service
- Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features:
+ App uses /usr/share/polkit-1/actions/org.gnome.sysprof3.policy to gain the elevated permissions it needs to use ptracing in the Linux kernel.
- Package does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Package makes use of ptracing in the Linux kernel because it is required for the system-wide profiling feature that is essential to this app. I recommend Security Team review.
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/sysprof/
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=sysprof
- Upstream https://gitlab.gnome.org/GNOME/sysprof/-/issues
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- The package runs an autopkgtest, and is currently passing on all architectures except for i386
https://autopkgtest.ubuntu.com/packages/sysprof
- We also will do manual testing of the GUI app
https://wiki.ubuntu.com/DesktopTeam/TestPlans/Sysprof
[Quality assurance - packaging]
- debian/watch is present and works
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because the overrides document why those Lintian warnings should be ignored.
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf questions
- Packaging and build is easy, link to debian/rules
https://salsa.debian.org/gnome-team/sysprof/-/blob/debian/latest/debian/rules
[UI standards]
- Application is end-user facing, Translation is present, via standard gettext system
- End-user applications that ships a standard conformant desktop file
+ /usr/share/applications/org.gnome.Sysprof.desktop
[Dependencies]
- There are further runtime dependencies that are not yet in main
+ MIR for libdex is at LP: #2066262
+ MIR for libpanel is at LP: #2066272
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- The owning team will be Ubuntu Desktop (~desktop-packages) and I have their acknowledgement for that commitment
- The future owning team is not yet subscribed, but will subscribe to the package before promotion
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is sysprof
- Link to upstream project https://gitlab.gnome.org/GNOME/sysprof
- There is a very large number of overrides in Ubuntu's supported seed to demote library -dev packages to universe to keep libsysprof-capture-4-dev out of main. Those overrides can be dropped once sysprof is allowed into main.
https://git.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/+git/ubuntu/tree/supported |
[Availability]
The package sysprof is already in Ubuntu universe.
The package sysprof build for the architectures it is designed to work on.
It currently builds and works for all Ubuntu architectures.
Link to package https://launchpad.net/ubuntu/+source/sysprof
[Rationale]
- The package sysprof is required in Ubuntu main
- The package sysprof will not generally be useful for a large part of our user base, but is important/helpful still because it is part of an Ubuntu initiative to focus on performance engineering, both for Ubuntu itself and for developers who build their projects on top of Ubuntu. The size of the sysprof app is fairly small and we envision sysprof as the latest of the small utilities that are included in a default Ubuntu desktop. (Disk Usage Analyzer [baobab] is another one of these utilities.)
+ Related to https://ubuntu.com/blog/ubuntu-performance-engineering-with-frame-pointers-by-default
- There is no other/better way to solve this that is already in main or should go universe->main instead of this.
- The package sysprof is required in Ubuntu main no later than August 15 due to a Ubuntu Desktop goal of including sysprof in the default 24.10 install.
- The binary package sysprof needs to be in main to achieve the goal of providing a GUI performance profiling tool (command-line tools were included by default in Ubuntu 24.04 LTS, but the Desktop Team and others did not have the capacity to also handle getting sysprof into the default install then.)
[Security]
- No CVEs/security issues in this software in the past
+ https://security-tracker.debian.org/tracker/source-package/sysprof
+ https://ubuntu.com/security/cves?package=sysprof
- no `suid` or `sgid` binaries
- no executables in `/sbin` and `/usr/sbin`
- Package does install services, timers or recurring jobs
+ /usr/lib/systemd/system/sysprof3.service
+ /usr/libexec/sysprofd
+ /usr/share/dbus-1/system-services/org.gnome.Sysprof3.service
- Security has been kept in mind and common isolation/risk-mitigation patterns are in place utilizing the following features:
+ App uses /usr/share/polkit-1/actions/org.gnome.sysprof3.policy to gain the elevated permissions it needs to use ptracing in the Linux kernel.
- Package does not open privileged ports (ports < 1024).
- Package does not expose any external endpoints
- Package makes use of ptracing in the Linux kernel because it is required for the system-wide profiling feature that is essential to this app. I recommend Security Team review.
[Quality assurance - function/usage]
- The package works well right after install
[Quality assurance - maintenance]
- The package is maintained well in Debian/Ubuntu/Upstream and does not have too many, long-term & critical, open bugs
- Ubuntu https://bugs.launchpad.net/ubuntu/+source/sysprof/
- Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=sysprof
- Upstream https://gitlab.gnome.org/GNOME/sysprof/-/issues
- The package does not deal with exotic hardware we cannot support
[Quality assurance - testing]
- The package runs a test suite on build time, if it fails it makes the build fail, link to build log
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- The package runs an autopkgtest, and is currently passing on all architectures except for i386
https://autopkgtest.ubuntu.com/packages/sysprof
- We also will do manual testing of the GUI app
https://wiki.ubuntu.com/DesktopTeam/TestPlans/Sysprof
[Quality assurance - packaging]
- debian/watch is present and works
- debian/control defines a correct Maintainer field
- This package does not yield massive lintian Warnings, Errors
- Please link to a recent build log of the package
https://launchpad.net/ubuntu/+source/sysprof/46.0-1build1
- Please attach the full output you have got from `lintian --pedantic` as an extra post to this bug.
- Lintian overrides are present, but ok because the overrides document why those Lintian warnings should be ignored.
- This package does not rely on obsolete or about to be demoted packages.
- This package has no python2 or GTK2 dependencies
- The package will be installed by default, but does not ask debconf questions
- Packaging and build is easy, link to debian/rules
https://salsa.debian.org/gnome-team/sysprof/-/blob/debian/latest/debian/rules
[UI standards]
- Application is end-user facing, Translation is present, via standard gettext system
- End-user applications that ships a standard conformant desktop file
+ /usr/share/applications/org.gnome.Sysprof.desktop
[Dependencies]
- There are further runtime dependencies that are not yet in main
+ MIR for libdex is at LP: #2066262
+ MIR for libpanel is at LP: #2066272
[Standards compliance]
- This package correctly follows FHS and Debian Policy
[Maintenance/Owner]
- The owning team will be Ubuntu Desktop (~desktop-packages) and I have their acknowledgement for that commitment
- The team is subscribed already
- This does not use static builds
- This does not use vendored code
- This package is not rust based
- The package has been built in the archive more recently than the last test rebuild
[Background information]
- The Package description explains the package well
- Upstream Name is sysprof
- Link to upstream project https://gitlab.gnome.org/GNOME/sysprof
- There is a very large number of overrides in Ubuntu's supported seed to demote library -dev packages to universe to keep libsysprof-capture-4-dev out of main. Those overrides can be dropped once sysprof is allowed into main.
https://git.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/+git/ubuntu/tree/supported |
|