U2F not working after upgrade: systemd dropped udev rules and libu2f-udev not installed

Bug #1752202 reported by Török Edwin on 2018-02-28
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ubuntu-meta (Ubuntu)
Undecided
Dimitri John Ledkov

Bug Description

Summary:
* libu2f-udev is not installed automatically, and after upgrading systemd it has lost its udev rules for U2F devices.
* installing u2f-host (which pulls in libu2f-udev) doesn't seem to be enough to get it working either, had to manually reload the rules

Long version:

I upgraded from XUbuntu 17.10 to 18.04 daily build for testing.
Previously I was able to use a Yubikey U2F device with Chromium and Firefox, however after the upgrade no U2F device was detected, the browser just timed out the U2F detection.

I installed u2f-host to debug the problem further but it told me that it couldn't find any U2F devices. I looked in /dev/hidraw* and my user couldn't access any.
Running this and repluggingt the device fixed the permissions: sudo udevadm control --reload-rules.

It looks like that systemd used to have udev rules for U2F devices but they got dropped recently, pointing to libu2f-udev:
https://salsa.debian.org/systemd-team/systemd/commit/655e466caf37af36f527d42f164901b658203a2d

Which is fine, except libu2f-udev is not installed automatically:
libu2f-udev
Reverse Depends:
  libu2f-host0
  ubuntu-mate-desktop
  ubuntu-mate-core
  ubuntu-budgie-desktop
libu2f-host0
Reverse Depends:
  libu2f-host-dev
  u2f-host
  pamu2fcfg
  libpam-u2f

This seems wrong, individual desktop environments shouldn't bring this in, either the applications that use them (firefox, chromium) should recommend it, or a package common to all desktop flavours should pull it in.

Please make libu2f-udev automatically installed as it was before when it was part of systemd, and reload the udev rules when it is installed.

I'm filing this bug against systemd because the package that broke the behaviour was systemd, when udev rules got dropped from it the other packages' dependencies should've been updated so that the rules are not lost.

ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: systemd 237-3ubuntu3
ProcVersionSignature: Ubuntu 4.15.0-10.11-generic 4.15.3
Uname: Linux 4.15.0-10-generic x86_64
ApportVersion: 2.20.8-0ubuntu10
Architecture: amd64
CurrentDesktop: XFCE
Date: Wed Feb 28 00:22:33 2018
InstallationDate: Installed on 2017-12-02 (87 days ago)
InstallationMedia: Ubuntu-MATE 17.10 "Artful Aardvark" - Release amd64 (20171018)
MachineType: To be filled by O.E.M. To be filled by O.E.M.
ProcKernelCmdLine: root=UUID=0cc81157-5ab2-46eb-b70b-cb3c62f635e8 ro quiet vt.handoff=7 initrd=\EFI\ubuntu\initrd.img resume=/dev/nvme0n1p2
SourcePackage: systemd
UpgradeStatus: Upgraded to bionic on 2018-02-24 (3 days ago)
dmi.bios.date: 04/07/2014
dmi.bios.vendor: American Megatrends Inc.
dmi.bios.version: 2501
dmi.board.asset.tag: To be filled by O.E.M.
dmi.board.name: M5A99FX PRO R2.0
dmi.board.vendor: ASUSTeK COMPUTER INC.
dmi.board.version: Rev 1.xx
dmi.chassis.asset.tag: To Be Filled By O.E.M.
dmi.chassis.type: 3
dmi.chassis.vendor: To Be Filled By O.E.M.
dmi.chassis.version: To Be Filled By O.E.M.
dmi.modalias: dmi:bvnAmericanMegatrendsInc.:bvr2501:bd04/07/2014:svnTobefilledbyO.E.M.:pnTobefilledbyO.E.M.:pvrTobefilledbyO.E.M.:rvnASUSTeKCOMPUTERINC.:rnM5A99FXPROR2.0:rvrRev1.xx:cvnToBeFilledByO.E.M.:ct3:cvrToBeFilledByO.E.M.:
dmi.product.family: To be filled by O.E.M.
dmi.product.name: To be filled by O.E.M.
dmi.product.version: To be filled by O.E.M.
dmi.sys.vendor: To be filled by O.E.M.

Török Edwin (edwintorok) wrote :
affects: systemd (Ubuntu) → ubuntu-meta (Ubuntu)
Changed in ubuntu-meta (Ubuntu):
status: New → Fix Committed
assignee: nobody → Dimitri John Ledkov (xnox)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubuntu-meta - 1.415

---------------
ubuntu-meta (1.415) bionic; urgency=medium

  * Refreshed dependencies
  * Added libu2f-udev to desktop LP: #1752202
  * Removed vlan from server

 -- Dimitri John Ledkov <email address hidden> Mon, 09 Apr 2018 15:54:40 +0100

Changed in ubuntu-meta (Ubuntu):
status: Fix Committed → Fix Released
dino99 (9d9) wrote :

Still not installed via that upgrade

Test case:
- system with ubuntu-desktop uninstalled due to unwanted apps and fonts
- upgrade ubuntu-meta that should add libu2f-udev dependency
- libu2f-udev is not added by the upgrade script; in fact it is still not a dependency

So that 'Fix' does not work.

Dimitri John Ledkov (xnox) wrote :

If you have removed ubuntu-desktop, your system is a custom install, and unfortunately, you need to install libu2f-udev yourself....

Have you tried installing ubuntu-desktop _without recommends_ ? it should be a very minimal install, without any additional installs in bionic onwords.

$ sudo apt install ubuntu-desktop --no-install-recommends

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers