[Bug 1718291] [NEW] [FFe]: Include FIPS into the ubuntu-advantage tool

[Launchpad Bug Tracker]

You have been subscribed to a public bug by Andreas Hasenack (ahasenack):

This is a request for a feature freeze exception to include FIPS into
the ubuntu-advantage-tool package.

This will allow UA customers to use the ubuntu-advantage script to do the following
when "ubuntu-advantage enable-fips <token>" is issued from commandline,

 - configure the private PPA where the FIPS modules are located
 - install the FIPS modules from this PPA to the local machine from where the script is run
 - configure the bootloader to enable fips

Upon successful completion of these steps, the customer then gets a message stating to reboot
the machine to complete the fips enablement process.

Without the script, customers must perform the steps manually.

The following fips packages are installed:
linux-fips, fips-initramfs  (fips kernel)
openssl, libssl1.0.0, libssl1.0.0-hmac
openssh-server, openssh-server-hmac
openssh-client, openssh-client-hmac
strongswan, strongswan-hmac

The patchset to include fips into ubuntu-advantage-tools includes
  - additional code to script to support "enable-fips" option/flag
  - additional code to script to support "is-fips-enabled" which reports if fips is
    enabled or not
  - additional code to support "status" for fips
  - addition to man page
  - additional testcases for fips
  - the fips private ppa keyring

**NOTE: The enable-fips component of the script will only work/run on
xenial. FIPS modules are currently certified for xenial only. The
intention is to upload to artful (althought doesn't enable fips on
artful) in preparation for a xenial SRU.

** Affects: ubuntu-advantage-tools (Ubuntu)
     Importance: Undecided
         Status: Triaged


** Tags: patch upgrade-software-version
-- 
[FFe]: Include FIPS into the ubuntu-advantage tool
https://bugs.launchpad.net/bugs/1718291
You received this bug notification because you are a member of Ubuntu Sponsors Team, which is subscribed to the bug report.