| 2020-03-19 15:53:40 |
John Runyon |
bug |
|
|
added bug |
| 2020-03-20 10:36:42 |
Christian Ehrhardt |
bug |
|
|
added subscriber Ubuntu Server |
| 2020-03-20 10:36:49 |
Christian Ehrhardt |
tags |
amd64 apport-bug bionic |
amd64 apport-bug bionic server-next |
|
| 2020-05-20 20:29:27 |
Rafael David Tinoco |
openvpn (Ubuntu): status |
New |
Triaged |
|
| 2020-05-21 13:25:22 |
Dan Streetman |
bug |
|
|
added subscriber Dan Streetman |
| 2020-05-25 04:47:03 |
Christian Ehrhardt |
bug |
|
|
added subscriber Lucas Kanashiro |
| 2020-05-25 19:18:19 |
Lucas Kanashiro |
nominated for series |
|
Ubuntu Focal |
|
| 2020-05-25 19:18:19 |
Lucas Kanashiro |
bug task added |
|
openvpn (Ubuntu Focal) |
|
| 2020-05-25 19:18:19 |
Lucas Kanashiro |
nominated for series |
|
Ubuntu Bionic |
|
| 2020-05-25 19:18:19 |
Lucas Kanashiro |
bug task added |
|
openvpn (Ubuntu Bionic) |
|
| 2020-05-25 19:18:19 |
Lucas Kanashiro |
nominated for series |
|
Ubuntu Eoan |
|
| 2020-05-25 19:18:19 |
Lucas Kanashiro |
bug task added |
|
openvpn (Ubuntu Eoan) |
|
| 2020-05-25 19:18:35 |
Lucas Kanashiro |
openvpn (Ubuntu Bionic): status |
New |
Triaged |
|
| 2020-05-25 19:18:38 |
Lucas Kanashiro |
openvpn (Ubuntu Eoan): status |
New |
Triaged |
|
| 2020-05-25 19:18:41 |
Lucas Kanashiro |
openvpn (Ubuntu Focal): status |
New |
Triaged |
|
| 2020-05-26 20:28:42 |
Lucas Kanashiro |
openvpn (Ubuntu): assignee |
|
Lucas Kanashiro (lucaskanashiro) |
|
| 2020-05-26 20:28:50 |
Lucas Kanashiro |
openvpn (Ubuntu): status |
Triaged |
In Progress |
|
| 2020-05-26 20:29:26 |
Lucas Kanashiro |
openvpn (Ubuntu): importance |
Undecided |
Medium |
|
| 2020-05-26 20:29:31 |
Lucas Kanashiro |
openvpn (Ubuntu Bionic): importance |
Undecided |
Medium |
|
| 2020-05-26 20:29:34 |
Lucas Kanashiro |
openvpn (Ubuntu Eoan): importance |
Undecided |
Medium |
|
| 2020-05-26 20:29:37 |
Lucas Kanashiro |
openvpn (Ubuntu Focal): importance |
Undecided |
Medium |
|
| 2020-05-26 22:08:53 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~lucaskanashiro/ubuntu/+source/openvpn/+git/openvpn/+merge/384585 |
|
| 2020-05-27 21:14:50 |
Launchpad Janitor |
openvpn (Ubuntu): status |
In Progress |
Fix Released |
|
| 2020-05-28 12:07:11 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~lucaskanashiro/ubuntu/+source/openvpn/+git/openvpn/+merge/384724 |
|
| 2020-05-28 12:07:19 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~lucaskanashiro/ubuntu/+source/openvpn/+git/openvpn/+merge/384725 |
|
| 2020-05-28 12:07:29 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~lucaskanashiro/ubuntu/+source/openvpn/+git/openvpn/+merge/384726 |
|
| 2020-05-28 12:12:13 |
Lucas Kanashiro |
openvpn (Ubuntu Bionic): assignee |
|
Lucas Kanashiro (lucaskanashiro) |
|
| 2020-05-28 12:12:16 |
Lucas Kanashiro |
openvpn (Ubuntu Eoan): assignee |
|
Lucas Kanashiro (lucaskanashiro) |
|
| 2020-05-28 12:12:19 |
Lucas Kanashiro |
openvpn (Ubuntu Focal): assignee |
|
Lucas Kanashiro (lucaskanashiro) |
|
| 2020-05-28 12:12:25 |
Lucas Kanashiro |
openvpn (Ubuntu Bionic): status |
Triaged |
In Progress |
|
| 2020-05-28 12:12:27 |
Lucas Kanashiro |
openvpn (Ubuntu Eoan): status |
Triaged |
In Progress |
|
| 2020-05-28 12:12:30 |
Lucas Kanashiro |
openvpn (Ubuntu Focal): status |
Triaged |
In Progress |
|
| 2020-05-28 12:31:46 |
Lucas Kanashiro |
description |
OpenVPN will not reload due to misconfigured .service file
You remove CAP_KILL (by not listing it in CapabilityBoundingSet). OpenVPN should be configured to drop privileges, which means that it will no longer be running as root, while kill is running with root, which means CAP_KILL is required to send a signal. It either needs to be listed in CapabilityBoundingSet, or (preferably) "ExecReload=/bin/kill -HUP $MAINPID" needs to become "ExecReload=+/bin/kill -HUP $MAINPID"
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: openvpn 2.4.4-2ubuntu1.3
ProcVersionSignature: Ubuntu 4.15.0-91.92-generic 4.15.18
Uname: Linux 4.15.0-91-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.12
Architecture: amd64
Date: Thu Mar 19 10:48:18 2020
InstallationDate: Installed on 2018-05-02 (686 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: openvpn
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.openvpn.update-resolv-conf: [deleted] |
[Impact]
The command 'systemctl reload openvpn @ $ foo' is broken for a while and no one have reported that. Users should not be using it a lot. After some investigation we notice the restart command does basically the same thing, and users should be using restart and not reload. Our proposal here is to drop the reload support (it is not mandatory) to avoid users getting errors while trying to use it.
[Test Case]
* Setup an OpenVPN server
* Try to reload the service: $ systemctl reload openvpn@$foo
[Regression Potential]
The legacy systemd unit file were changed (openvpn.service and openvpn@.service), so if a regression is going to happen is there. We did not change any existent config, we simply removed the reload related config.
[Original Description]
OpenVPN will not reload due to misconfigured .service file
You remove CAP_KILL (by not listing it in CapabilityBoundingSet). OpenVPN should be configured to drop privileges, which means that it will no longer be running as root, while kill is running with root, which means CAP_KILL is required to send a signal. It either needs to be listed in CapabilityBoundingSet, or (preferably) "ExecReload=/bin/kill -HUP $MAINPID" needs to become "ExecReload=+/bin/kill -HUP $MAINPID"
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: openvpn 2.4.4-2ubuntu1.3
ProcVersionSignature: Ubuntu 4.15.0-91.92-generic 4.15.18
Uname: Linux 4.15.0-91-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.12
Architecture: amd64
Date: Thu Mar 19 10:48:18 2020
InstallationDate: Installed on 2018-05-02 (686 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: openvpn
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.openvpn.update-resolv-conf: [deleted] |
|
| 2020-05-28 12:31:54 |
Lucas Kanashiro |
summary |
OpenVPN will not reload due to misconfigured .service file |
[SRU] OpenVPN will not reload due to misconfigured .service file |
|
| 2020-05-28 12:37:55 |
Lucas Kanashiro |
description |
[Impact]
The command 'systemctl reload openvpn @ $ foo' is broken for a while and no one have reported that. Users should not be using it a lot. After some investigation we notice the restart command does basically the same thing, and users should be using restart and not reload. Our proposal here is to drop the reload support (it is not mandatory) to avoid users getting errors while trying to use it.
[Test Case]
* Setup an OpenVPN server
* Try to reload the service: $ systemctl reload openvpn@$foo
[Regression Potential]
The legacy systemd unit file were changed (openvpn.service and openvpn@.service), so if a regression is going to happen is there. We did not change any existent config, we simply removed the reload related config.
[Original Description]
OpenVPN will not reload due to misconfigured .service file
You remove CAP_KILL (by not listing it in CapabilityBoundingSet). OpenVPN should be configured to drop privileges, which means that it will no longer be running as root, while kill is running with root, which means CAP_KILL is required to send a signal. It either needs to be listed in CapabilityBoundingSet, or (preferably) "ExecReload=/bin/kill -HUP $MAINPID" needs to become "ExecReload=+/bin/kill -HUP $MAINPID"
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: openvpn 2.4.4-2ubuntu1.3
ProcVersionSignature: Ubuntu 4.15.0-91.92-generic 4.15.18
Uname: Linux 4.15.0-91-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.12
Architecture: amd64
Date: Thu Mar 19 10:48:18 2020
InstallationDate: Installed on 2018-05-02 (686 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: openvpn
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.openvpn.update-resolv-conf: [deleted] |
[Impact]
The command 'systemctl reload openvpn @ $ foo' is broken for a while and no one have reported that. Users should not be using it a lot. After some investigation we notice the restart command does basically the same thing, and users should be using restart and not reload. Our proposal here is to drop the reload support (it is not mandatory) to avoid users getting errors while trying to use it.
[Test Case]
* Setup an OpenVPN server
* Try to reload the service: $ systemctl reload openvpn@$foo
$ sudo systemctl reload openvpn@server
Job for openvpn@server.service failed.
See "systemctl status openvpn@server.service" and "journalctl -xe" for details.
[Regression Potential]
The legacy systemd unit file were changed (openvpn.service and openvpn@.service), so if a regression is going to happen is there. We did not change any existent config, we simply removed the reload related config.
[Original Description]
OpenVPN will not reload due to misconfigured .service file
You remove CAP_KILL (by not listing it in CapabilityBoundingSet). OpenVPN should be configured to drop privileges, which means that it will no longer be running as root, while kill is running with root, which means CAP_KILL is required to send a signal. It either needs to be listed in CapabilityBoundingSet, or (preferably) "ExecReload=/bin/kill -HUP $MAINPID" needs to become "ExecReload=+/bin/kill -HUP $MAINPID"
ProblemType: Bug
DistroRelease: Ubuntu 18.04
Package: openvpn 2.4.4-2ubuntu1.3
ProcVersionSignature: Ubuntu 4.15.0-91.92-generic 4.15.18
Uname: Linux 4.15.0-91-generic x86_64
ApportVersion: 2.20.9-0ubuntu7.12
Architecture: amd64
Date: Thu Mar 19 10:48:18 2020
InstallationDate: Installed on 2018-05-02 (686 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: openvpn
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.openvpn.update-resolv-conf: [deleted] |
|
| 2020-05-29 14:40:13 |
Lucas Kanashiro |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2020-06-10 16:24:03 |
Robie Basak |
tags |
amd64 apport-bug bionic server-next |
amd64 apport-bug bionic block-proposed-bionic block-proposed-eoan block-proposed-focal server-next |
|
| 2020-06-10 16:26:09 |
Robie Basak |
openvpn (Ubuntu Focal): status |
In Progress |
Fix Committed |
|
| 2020-06-10 16:26:12 |
Robie Basak |
bug |
|
|
added subscriber SRU Verification |
| 2020-06-10 16:26:16 |
Robie Basak |
tags |
amd64 apport-bug bionic block-proposed-bionic block-proposed-eoan block-proposed-focal server-next |
amd64 apport-bug bionic block-proposed-bionic block-proposed-eoan block-proposed-focal server-next verification-needed verification-needed-focal |
|
| 2020-06-10 16:26:35 |
Robie Basak |
openvpn (Ubuntu Eoan): status |
In Progress |
Fix Committed |
|
| 2020-06-10 16:26:42 |
Robie Basak |
tags |
amd64 apport-bug bionic block-proposed-bionic block-proposed-eoan block-proposed-focal server-next verification-needed verification-needed-focal |
amd64 apport-bug bionic block-proposed-bionic block-proposed-eoan block-proposed-focal server-next verification-needed verification-needed-eoan verification-needed-focal |
|
| 2020-06-10 16:27:16 |
Robie Basak |
openvpn (Ubuntu Bionic): status |
In Progress |
Fix Committed |
|
| 2020-06-10 16:27:22 |
Robie Basak |
tags |
amd64 apport-bug bionic block-proposed-bionic block-proposed-eoan block-proposed-focal server-next verification-needed verification-needed-eoan verification-needed-focal |
amd64 apport-bug bionic block-proposed-bionic block-proposed-eoan block-proposed-focal server-next verification-needed verification-needed-bionic verification-needed-eoan verification-needed-focal |
|
| 2020-07-25 18:49:20 |
Simon Déziel |
tags |
amd64 apport-bug bionic block-proposed-bionic block-proposed-eoan block-proposed-focal server-next verification-needed verification-needed-bionic verification-needed-eoan verification-needed-focal |
amd64 apport-bug bionic block-proposed-bionic block-proposed-eoan block-proposed-focal server-next verification-done verification-done-bionic verification-done-eoan verification-done-focal |
|
| 2020-08-17 20:13:25 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~lucaskanashiro/ubuntu/+source/openvpn/+git/openvpn/+merge/389432 |
|
| 2020-08-18 11:43:10 |
Launchpad Janitor |
merge proposal unlinked |
https://code.launchpad.net/~lucaskanashiro/ubuntu/+source/openvpn/+git/openvpn/+merge/389432 |
|
|
| 2020-08-18 15:23:56 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2020-08-18 15:33:58 |
Launchpad Janitor |
openvpn (Ubuntu Eoan): status |
Fix Committed |
Fix Released |
|
| 2020-10-26 10:26:57 |
Robie Basak |
tags |
amd64 apport-bug bionic block-proposed-bionic block-proposed-eoan block-proposed-focal server-next verification-done verification-done-bionic verification-done-eoan verification-done-focal |
amd64 apport-bug bionic block-proposed-bionic block-proposed-eoan block-proposed-focal verification-done verification-done-bionic verification-done-eoan verification-done-focal |
|
| 2021-05-04 12:28:15 |
Launchpad Janitor |
openvpn (Ubuntu Bionic): status |
Fix Committed |
Fix Released |
|
| 2021-05-04 12:28:15 |
Launchpad Janitor |
cve linked |
|
2020-11810 |
|
| 2021-05-04 12:28:15 |
Launchpad Janitor |
cve linked |
|
2020-15078 |
|
| 2021-11-05 16:10:08 |
Robie Basak |
openvpn (Ubuntu Focal): status |
Fix Committed |
Fix Released |
|
| 2022-08-04 19:59:08 |
Launchpad Janitor |
merge proposal linked |
|
https://code.launchpad.net/~bryce/ubuntu/+source/openvpn/+git/openvpn/+merge/427855 |
|
