[Bug 2052736] [NEW] DRU with FIPS enabled causes updates to fail in some cases
Roman Kolodziejczyk
2052736 at bugs.launchpad.net
Thu Feb 8 21:24:36 UTC 2024
Public bug reported:
In an earlier bug fix[0] a diversion is added to libgcrypt20 and
libgcrypt20-hmac that isn't cleaned up after the upgrade.
With this diversion in place, apt can get confused as to what to do when
changing package streams. For example if you enable FIPS on Bionic then
upgrade to Focal and then switch to fips-updates, apt will fail to work.
The specific error is;
Preparing to unpack .../libgcrypt20-hmac_1.8.5-5ubuntu1.fips.1.7_amd64.deb ...
Unpacking libgcrypt20-hmac:amd64 (1.8.5-5ubuntu1.fips.1.7) over (1.8.5-5ubuntu1.fips.1.4) ...
dpkg: error processing archive /var/cache/apt/archives/libgcrypt20-hmac_1.8.5-5ubuntu1.fips.1.7_amd64.deb (--unpack):
trying to overwrite '/usr/lib/x86_64-linux-gnu/.libgcrypt.so.20.hmac', which is the diverted version of '/lib/x86_64-linux-gnu/.libgcrypt.so.20.hmac'
update-initramfs: deferring update (trigger activated)
Errors were encountered while processing:
/var/cache/apt/archives/libgcrypt20-hmac_1.8.5-5ubuntu1.fips.1.7_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
Let me know if you need any additional information,
--Roman K.
[0]https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-
upgrader/+bug/1982534
** Affects: ubuntu-release-upgrader (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-release-upgrader in
Ubuntu.
https://bugs.launchpad.net/bugs/2052736
Title:
DRU with FIPS enabled causes updates to fail in some cases
Status in ubuntu-release-upgrader package in Ubuntu:
New
Bug description:
In an earlier bug fix[0] a diversion is added to libgcrypt20 and
libgcrypt20-hmac that isn't cleaned up after the upgrade.
With this diversion in place, apt can get confused as to what to do
when changing package streams. For example if you enable FIPS on
Bionic then upgrade to Focal and then switch to fips-updates, apt will
fail to work.
The specific error is;
Preparing to unpack .../libgcrypt20-hmac_1.8.5-5ubuntu1.fips.1.7_amd64.deb ...
Unpacking libgcrypt20-hmac:amd64 (1.8.5-5ubuntu1.fips.1.7) over (1.8.5-5ubuntu1.fips.1.4) ...
dpkg: error processing archive /var/cache/apt/archives/libgcrypt20-hmac_1.8.5-5ubuntu1.fips.1.7_amd64.deb (--unpack):
trying to overwrite '/usr/lib/x86_64-linux-gnu/.libgcrypt.so.20.hmac', which is the diverted version of '/lib/x86_64-linux-gnu/.libgcrypt.so.20.hmac'
update-initramfs: deferring update (trigger activated)
Errors were encountered while processing:
/var/cache/apt/archives/libgcrypt20-hmac_1.8.5-5ubuntu1.fips.1.7_amd64.deb
E: Sub-process /usr/bin/dpkg returned an error code (1)
Let me know if you need any additional information,
--Roman K.
[0]https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-
upgrader/+bug/1982534
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/2052736/+subscriptions
More information about the foundations-bugs
mailing list