Ubuntu
prips package

[MIR] prips package

Bug #1930207 reported by Utkarsh Gupta
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
prips (Ubuntu)
Fix Released
Undecided
Utkarsh Gupta
Bionic
Fix Released
Undecided
Utkarsh Gupta
Focal
Fix Released
Undecided
Utkarsh Gupta
Groovy
Fix Released
Undecided
Utkarsh Gupta
Hirsute
Fix Released
Undecided
Utkarsh Gupta

Bug Description

[Availability]
==============
prips was introduced in Precise as a sync from Debian and carries no delta. It only depends on the libc6 package, which is in main already. The package builds on all the architectures; is Arch:any.

[Rationale]
===========
This package is to be included in Google cloud images the public cloud team builds going back to Bionic. As cloud images are to ship only packages from main this request is to see that happen.

[Security]
==========
There doesn't seem to be the need for looping in the Security team. The package doesn't install services / daemons (/etc/init.d/*, /etc/init/*, /lib/systemd/system/*). Just ships the "prips" binary, its docs, and a man page. Furthermore, there haven't been any CVEs for this package in the past. Since this package just simply prints the IP addresses in a given range, it wouldn't require the Security team. Either way, there are only 3 files with C code which is simple enough to read and only ~500 LOC.

[Quality assurance]
===================
There are currently 0 open bug reports (excluding this one) about the package in Ubuntu and has 1 open bug in Debian, but that's a wishlist one and is more of a request for upstream than a bug in the package in Debian.

[Dependencies]
==============
libc6, which is in main already.

[Standards compliance]
======================
$ lintian --pedantic prips_1.1.1-3.dsc

(No W's or E's; from sbuild's log: "Lintian: pass")

[Maintenance]
=============
Server team.

[Background information]
========================
This package allows you to print all of the IP addresses in a given range.

---
Upstream: https://gitlab.com/prips/prips
Launchpad page: https://launchpad.net/ubuntu/+source/prips
Ubuntu bugs: https://bugs.launchpad.net/ubuntu/+source/prips
Debian Package Tracker: https://tracker.debian.org/pkg/prips
Debian bugs: https://bugs.debian.org/cgi-bin/pkgreport.cgi?repeatmerged=no&src=prips

See original description

Related branches

~utkarsh/ubuntu-seeds:promote-prips-in-bionic
Robie Basak: Approve
Diff: 11 lines (+1/-0)
1 file modified
supported-misc-servers (+1/-0)
~utkarsh/ubuntu-seeds:promote-prips-in-focal
Robie Basak: Approve
Diff: 11 lines (+1/-0)
1 file modified
supported-misc-servers (+1/-0)
~utkarsh/ubuntu-seeds:promote-prips-in-groovy
Robie Basak: Approve
Diff: 11 lines (+1/-0)
1 file modified
supported-misc-servers (+1/-0)
~utkarsh/ubuntu-seeds:promote-prips-in-hirsute
Robie Basak: Approve
Diff: 11 lines (+1/-0)
1 file modified
supported-misc-servers (+1/-0)
~utkarsh/ubuntu-seeds:promote-prips-in-impish
Gianfranco Costamagna: Approve
Joshua Powers (community): Approve
Christian Ehrhardt : Pending requested
Ubuntu Core Development Team: Pending requested
Diff: 11 lines (+1/-0)
1 file modified
supported-misc-servers (+1/-0)
Utkarsh Gupta (utkarsh)
description: updated
Christian Ehrhardt  (paelzer)
Changed in prips (Ubuntu):
assignee: MIR approval team (ubuntu-mir) → Christian Ehrhardt  (paelzer)
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

[Summary]
This is a small, simple and well done package.
It doesn't do a lot, but that which it does it does well.
MIR Team Ack to promote this.
This does not need a security review.

List of specific binary packages to be promoted to main: prips

Please do the seed/packaging changes that will pull this into main and
then set the state to "Fix Committed" for the AAs to see it.

[Duplication]
There are a few tools that do rather similar tasks e.g. ipcalc.
But none is in main already. I've had utkarsh check for e.g. existing
python modules in main that do the very same, but there was nothing usable
in the same scope as it is needed.

[Dependencies]
OK:
- no other Dependencies to MIR due to this
- no -dev/-debug/-doc packages that need exclusion

[Embedded sources and static linking]
OK:
- no embedded source present
- no static linking

[Security]
OK:
- history of CVEs does not look concerning
- does not run a daemon as root
- does not use webkit1,2
- does not use lib*v8 directly
- does not open a port
- does not process arbitrary web content
- does not use centralized online accounts
- does not integrate arbitrary javascript into the desktop
- does not deal with system authentication (eg, pam), etc)

Problems:
- does parse data formats, but not on a port, rpc call or anything like it.
  But only if called locally and not at elevated privileges. If an attacker
  can run binaries here already he does not need prips to do more.

[Common blockers]
OK:
- does not FTBFS currently
- does have a test suite that runs at build time
  - test suite fails will fail the build upon error.
- does have a test suite that runs as autopkgtest
- The package has a team bug subscriber (I've subscrubed us just now)
- no translation present, but none needed for this case (user visible)?
- not a python/go package, no extra constraints to consider in that regard
- no new python2 dependency

[Packaging red flags]
OK:
- Ubuntu does not carry a delta
- symbols tracking not applicable for this kind of code.
- d/watch is present and looks ok
- Upstream update history is slow but due to being stable and not having feature creep
- Debian/Ubuntu update history is slow
- the current release is packaged
- promoting this does not seem to cause issues for MOTUs that so far
  maintained the package
- no massive Lintian warnings
- d/rules is rather clean
- Does not have Built-Using
- is not on the lto-disabled list

[Upstream red flags]
OK:
- no Errors/warnings during the build
- no incautious use of malloc/sprintf (as far as I can check it)
- no use of sudo, gksu, pkexec, or LD_LIBRARY_PATH
- no use of user nobody
- no use of setuid
- no important open bugs (crashers, etc) in Debian or Ubuntu or Upstream
- no dependency on webkit, qtwebkit, seed or libgoa-*
- not part of the UI for extra checks

Changed in prips (Ubuntu):
assignee: Christian Ehrhardt  (paelzer) → nobody
status: New → In Progress
assignee: nobody → Utkarsh Gupta (utkarsh)
Gianfranco Costamagna (costamagnagianfranco)
Changed in prips (Ubuntu):
status: In Progress → Fix Committed
Utkarsh Gupta (utkarsh)
Changed in prips (Ubuntu Bionic):
status: New → In Progress
Changed in prips (Ubuntu Focal):
status: New → Incomplete
status: Incomplete → In Progress
Changed in prips (Ubuntu Groovy):
status: New → In Progress
Changed in prips (Ubuntu Hirsute):
status: New → In Progress
Changed in prips (Ubuntu Bionic):
assignee: nobody → Utkarsh Gupta (utkarsh)
Changed in prips (Ubuntu Focal):
assignee: nobody → Utkarsh Gupta (utkarsh)
Changed in prips (Ubuntu Groovy):
assignee: nobody → Utkarsh Gupta (utkarsh)
Changed in prips (Ubuntu Hirsute):
assignee: nobody → Utkarsh Gupta (utkarsh)
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

This was meant to and evaluated for promotion back to Bionic.
MIR Team Ack to the extra releases.

Utkarsh Gupta (utkarsh)
Changed in prips (Ubuntu Bionic):
status: In Progress → Fix Committed
Changed in prips (Ubuntu Focal):
status: In Progress → Fix Committed
Changed in prips (Ubuntu Groovy):
status: In Progress → Fix Committed
Changed in prips (Ubuntu Hirsute):
status: In Progress → Fix Committed
Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

This now shows up in compoenent mismatches (Impish) and can be promoted.

Revision history for this message
Steve Langasek (vorlon) wrote :

Override component to main
prips 1.1.1-3 in impish amd64: universe/net/optional/100% -> main
prips 1.1.1-3 in impish arm64: universe/net/optional/100% -> main
prips 1.1.1-3 in impish armhf: universe/net/optional/100% -> main
prips 1.1.1-3 in impish ppc64el: universe/net/optional/100% -> main
prips 1.1.1-3 in impish riscv64: universe/net/optional/100% -> main
prips 1.1.1-3 in impish s390x: universe/net/optional/100% -> main
6 publications overridden.

Changed in prips (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote :

Copy candidates:
 prips 1.1.1-3 in hirsute
 prips 1.1.1-3 in hirsute amd64
 prips 1.1.1-3 in hirsute arm64
 prips 1.1.1-3 in hirsute armhf
 prips 1.1.1-3 in hirsute ppc64el
 prips 1.1.1-3 in hirsute riscv64
 prips 1.1.1-3 in hirsute s390x
 prips-dbgsym 1.1.1-3 in hirsute amd64
 prips-dbgsym 1.1.1-3 in hirsute arm64
 prips-dbgsym 1.1.1-3 in hirsute armhf
 prips-dbgsym 1.1.1-3 in hirsute ppc64el
 prips-dbgsym 1.1.1-3 in hirsute riscv64
 prips-dbgsym 1.1.1-3 in hirsute s390x
Candidate copy target: https://api.launchpad.net/devel/ubuntu/+archive/primary
13 copies requested.

Override component to main
prips 1.1.1-3 in hirsute amd64: universe/net/optional/100% -> main
prips 1.1.1-3 in hirsute arm64: universe/net/optional/100% -> main
prips 1.1.1-3 in hirsute armhf: universe/net/optional/100% -> main
prips 1.1.1-3 in hirsute ppc64el: universe/net/optional/100% -> main
prips 1.1.1-3 in hirsute riscv64: universe/net/optional/100% -> main
prips 1.1.1-3 in hirsute s390x: universe/net/optional/100% -> main
6 publications overridden.

Changed in prips (Ubuntu Hirsute):
status: Fix Committed → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote :

Copy candidates:
 prips 1.1.1-3 in groovy
 prips 1.1.1-3 in groovy amd64
 prips 1.1.1-3 in groovy arm64
 prips 1.1.1-3 in groovy armhf
 prips 1.1.1-3 in groovy ppc64el
 prips 1.1.1-3 in groovy riscv64
 prips 1.1.1-3 in groovy s390x
 prips-dbgsym 1.1.1-3 in groovy amd64
 prips-dbgsym 1.1.1-3 in groovy arm64
 prips-dbgsym 1.1.1-3 in groovy armhf
 prips-dbgsym 1.1.1-3 in groovy ppc64el
 prips-dbgsym 1.1.1-3 in groovy riscv64
 prips-dbgsym 1.1.1-3 in groovy s390x
Candidate copy target: https://api.launchpad.net/devel/ubuntu/+archive/primary
13 copies requested.

Override component to main
prips 1.1.1-3 in groovy amd64: universe/net/optional/100% -> main
prips 1.1.1-3 in groovy arm64: universe/net/optional/100% -> main
prips 1.1.1-3 in groovy armhf: universe/net/optional/100% -> main
prips 1.1.1-3 in groovy ppc64el: universe/net/optional/100% -> main
prips 1.1.1-3 in groovy riscv64: universe/net/optional/100% -> main
prips 1.1.1-3 in groovy s390x: universe/net/optional/100% -> main
6 publications overridden.

Changed in prips (Ubuntu Groovy):
status: Fix Committed → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote :

Copy candidates:
 prips 1.1.1-2 in focal
 prips 1.1.1-2 in focal amd64
 prips 1.1.1-2 in focal arm64
 prips 1.1.1-2 in focal armhf
 prips 1.1.1-2 in focal ppc64el
 prips 1.1.1-2 in focal riscv64
 prips 1.1.1-2 in focal s390x
 prips-dbgsym 1.1.1-2 in focal amd64
 prips-dbgsym 1.1.1-2 in focal arm64
 prips-dbgsym 1.1.1-2 in focal armhf
 prips-dbgsym 1.1.1-2 in focal ppc64el
 prips-dbgsym 1.1.1-2 in focal riscv64
 prips-dbgsym 1.1.1-2 in focal s390x
Candidate copy target: https://api.launchpad.net/devel/ubuntu/+archive/primary
13 copies requested.

Override component to main
prips 1.1.1-2 in focal amd64: universe/net/optional/100% -> main
prips 1.1.1-2 in focal arm64: universe/net/optional/100% -> main
prips 1.1.1-2 in focal armhf: universe/net/optional/100% -> main
prips 1.1.1-2 in focal i386: universe/net/optional/100% -> main
prips 1.1.1-2 in focal ppc64el: universe/net/optional/100% -> main
prips 1.1.1-2 in focal riscv64: universe/net/optional/100% -> main
prips 1.1.1-2 in focal s390x: universe/net/optional/100% -> main
7 publications overridden.

Changed in prips (Ubuntu Focal):
status: Fix Committed → Fix Released
Revision history for this message
Steve Langasek (vorlon) wrote :

Copy candidates:
 prips 1.0.2-1 in bionic
 prips 1.0.2-1 in bionic amd64
 prips 1.0.2-1 in bionic arm64
 prips 1.0.2-1 in bionic armhf
 prips 1.0.2-1 in bionic i386
 prips 1.0.2-1 in bionic ppc64el
 prips 1.0.2-1 in bionic s390x
 prips-dbgsym 1.0.2-1 in bionic amd64
 prips-dbgsym 1.0.2-1 in bionic arm64
 prips-dbgsym 1.0.2-1 in bionic armhf
 prips-dbgsym 1.0.2-1 in bionic i386
 prips-dbgsym 1.0.2-1 in bionic ppc64el
 prips-dbgsym 1.0.2-1 in bionic s390x
Candidate copy target: https://api.launchpad.net/devel/ubuntu/+archive/primary
13 copies requested.

Override component to main
prips 1.0.2-1 in bionic amd64: universe/net/optional/100% -> main
prips 1.0.2-1 in bionic arm64: universe/net/optional/100% -> main
prips 1.0.2-1 in bionic armhf: universe/net/optional/100% -> main
prips 1.0.2-1 in bionic i386: universe/net/optional/100% -> main
prips 1.0.2-1 in bionic ppc64el: universe/net/optional/100% -> main
prips 1.0.2-1 in bionic s390x: universe/net/optional/100% -> main
6 publications overridden.

Changed in prips (Ubuntu Bionic):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.