[Bug 2052813] Re: [MIR] bpfcc

Lukas Märdian 2052813 at bugs.launchpad.net
Tue Apr 2 13:27:22 UTC 2024 

Security review OK (comment #15). I subscribed ~foundations-bugs.

Issue #1 confirmed in comment #4 (and now upgraded to LLVM-18 by doko)
Issue #5 probably not possible due to kernel dependency
Issue #6 autopkgtests sponsored: https://launchpad.net/ubuntu/+source/bpfcc/0.29.1+ds-1ubuntu6

Issue #7 still open, consider using something like c++filt,
https://wiki.debian.org/UsingSymbolsFiles#C.2B-.2B-_libraries

** Changed in: bpfcc (Ubuntu)
       Status: In Progress => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to bpfcc in Ubuntu.
https://bugs.launchpad.net/bugs/2052813

Title:
  [MIR] bpfcc

Status in bpfcc package in Ubuntu:
  Incomplete

Bug description:
  [Availability]
  - The package bpfcc is already in Ubuntu universe.
  - The package bpfcc build for the architectures it is designed to work on.
  - It currently builds and works for architectures: any
  - Link to package https://launchpad.net/ubuntu/+source/bpfcc

  [Rationale]
  - The package bpfcc is required in Ubuntu main as a runtime dependency of
    bpftrace.
  - There is no other/better way to solve this that is already in main or
    should go universe->main instead of this.
  - The package bpftrace is required in Ubuntu main as part of the Noble Numbat
    realease, and hence should be promoted to main before NN feature freeze.

  [Security]
  - No CVEs/security issues in this software in the past
  - no `suid` or `sgid` binaries
  - Binaries *-bpfcc in sbin are no problem because they are part of the
    expected functionality of the package
  - Package does not install services, timers or recurring jobs
  - Security has been kept in mind and common isolation/risk-mitigation
    patterns are in place utilizing the following features:
    the package is a debugging tool, and cannot be fully isolated.
  - Packages does not open privileged ports (ports < 1024).
  - Package does not expose any external endpoints
  - Packages does not contain extensions to security-sensitive software
    (filters, scanners, plugins, UI skins, ...)

  [Quality assurance - function/usage]
  - The package works well right after install

  [Quality assurance - maintenance]
  - The package is maintained well in Debian/Ubuntu/Upstream and does
    not have too many, long-term & critical, open bugs
    - Ubuntu https://bugs.launchpad.net/ubuntu/+source/bpfcc/+bug
    - Debian https://bugs.debian.org/cgi-bin/pkgreport.cgi?src=bpfcc
    - Upstream's bug tracker, e.g., GitHub Issues
      https://github.com/iovisor/bcc/issues
  - The package has important open bugs, listing them:
     https://bugs.launchpad.net/ubuntu/+source/bpfcc/+bug/1969626
  - The package does not deal with exotic hardware we cannot support

  [Quality assurance - testing]
  - The package does not run a test at build time
    (Potential issue?)
  - The package does not run an autopkgtest
    (Potential issue?)
  - The package does have not failing autopkgtests right now

  [Quality assurance - packaging]
  - debian/watch is present and works
  - debian/control defines a correct Maintainer field
  - This package does not yield massive lintian Warnings, Errors
  - Please link to a recent build log of the package
    https://launchpadlibrarian.net/703777424/buildlog_ubuntu-noble-amd64.bpfcc_0.29.1+ds-1ubuntu2_BUILDING.txt.gz
  - Please attach the full output you have got from `lintian --pedantic` as an
    extra post to this bug:
    ```
    E: bpfcc changes: bad-distribution-in-changes-file noble
    W: bpfcc source: no-nmu-in-changelog [debian/changelog:1]
    W: bpfcc source: source-nmu-has-incorrect-version-number 0.29.1+ds-1ubuntu2 [debian/changelog:1]
    P: bpfcc source: trailing-whitespace [debian/changelog:41]
    ```
  - Lintian overrides are present, they disable warnings about the lack of manpages
    (Potential issue?)
  - This package does not rely on obsolete or about to be demoted packages.
  - This package has no python2 or GTK2 dependencies
  - The package will not be installed by default
  - Packaging and build is easy, link to debian/rules
    https://git.launchpad.net/ubuntu/+source/bpfcc/tree/debian/rules?h=ubuntu/noble

  [UI standards]
  - Application is not end-user facing (does not need translation)

  [Dependencies]
  - No further depends or recommends dependencies that are not yet in main

  [Standards compliance]
  - This package correctly follows FHS and Debian Policy

  [Maintenance/Owner]
  - The owning team will be Foundations and I have their acknowledgement for
    that commitment
  - The future owning team is not yet subscribed, but will subscribe to
    the package before promotion
  - This does not use static builds
  - This does not use vendored code
  - This package is not rust based
  - The package successfully built during the most recent test rebuild

  [Background information]
  - The Package description explains the package well
  - Upstream Name is bcc
  - Link to upstream project bcc: https://github.com/iovisor/bcc

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/bpfcc/+bug/2052813/+subscriptions

More information about the foundations-bugs mailing list