https://bugzilla.suse.com/show_bug.cgi?id=1180689 https://bugzilla.suse.com/show_bug.cgi?id=1180689#c1 Richard Brown <rbrown@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |rbrown@suse.com Component|MicroOS |YaST2 Assignee|kubic-bugs@opensuse.org |yast2-maintainers@suse.de QA Contact|qa-bugs@suse.de |jsrain@suse.com --- Comment #1 from Richard Brown <rbrown@suse.com> --- Looks like a YaST bug to me - there is no logic in the control file that sets the default ntp servers, so whatever logic YaST is applying regarding which servers when the skelcd-control-* has <default_ntp_setup config:type="boolean">true</default_ntp_setup> is probably wrong for openSUSE MicroOS (and possibly other openSUSE distributions also) Yastees can you please confirm either my hypothesis is correct, or explain how you expect this to be corrected by skelcd-control-* or such? -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1180689 https://bugzilla.suse.com/show_bug.cgi?id=1180689#c3 Martin Pluskal <mpluskal@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |mpluskal@suse.com --- Comment #3 from Martin Pluskal <mpluskal@suse.com> --- (In reply to Thorsten Kukuk from comment #2)

I guess more a packaging bug:

| chrony-pool-empty | Empty pool preconfiguration for chrony | package i | chrony-pool-openSUSE | Chrony preconfiguration for openSUSE | package | chrony-pool-suse | Chrony preconfiguration for SUSE | package

We have three chrony pool packages, and zypper uses the wrong one. There are ways to tell zypper which chrony-pool-* to prefer depending on the product/release package/branding. Seems this is missing.

My guess is adding: Supplements: packageand(chrony:branding-openSUSE)

to chrony-pool-openSUSE and packageand(chrony:branding-SLE)

to chrony-pool-SUSE would fix this.

packageand() is deprecated, boolean rpm expressions should be used (and rpm/zypper on all affected distros should be able to handle them), it should be used like: Supplements: (chrony and branding-SLE) -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1180689 https://bugzilla.suse.com/show_bug.cgi?id=1180689#c4 --- Comment #4 from Reinhard Max <max@suse.com> --- (In reply to Thorsten Kukuk from comment #2)

I guess more a packaging bug:

| chrony-pool-empty | Empty pool preconfiguration for chrony | package i | chrony-pool-openSUSE | Chrony preconfiguration for openSUSE | package | chrony-pool-suse | Chrony preconfiguration for SUSE | package

We have three chrony pool packages, and zypper uses the wrong one. There are ways to tell zypper which chrony-pool-* to prefer depending on the product/release package/branding. Seems this is missing.

It is a bug in the package selection for the respective products. When I was forced to introduce these preconfiguration packages despite of the concerns I had, it was promised to me that it would be made sure that openSUSE and SLE would alsways only contain their respective pool package, but not the other one. That way it would be impossible that the wrong one gets installed. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1180689 https://bugzilla.suse.com/show_bug.cgi?id=1180689#c6 --- Comment #6 from Reinhard Max <max@suse.com> --- With "package selection" I don't mean install-time selection, I mean the selection of packages that go onto the media for either openSUSE or SLE. If the wrong package is not on the media (as was promised) it cannot be selected during initial installation or upgrade. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1180689 https://bugzilla.suse.com/show_bug.cgi?id=1180689#c8 Reinhard Max <max@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution|--- |NORESPONSE --- Comment #8 from Reinhard Max <max@suse.com> --- No response -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1180689 https://bugzilla.suse.com/show_bug.cgi?id=1180689#c10 --- Comment #10 from Reinhard Max <max@suse.com> --- AFAICS these packaged defaults have done more harm than good, as I was predicting when they were requested initially. So, I am inclined to call these pool packages and packaged defaults a fail, drop them and leave it up to the installers to set defaults (or not) depending on the needs of the respective product, target platform and target audience. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1180689 https://bugzilla.suse.com/show_bug.cgi?id=1180689#c12 --- Comment #12 from Reinhard Max <max@suse.com> --- I am not only talking about this particular bug which I agree can be solved one way or the other (IMO preferrably by not putting unwanted brandings on the respective media). But there have also been complaints from SLE customers who ran into problems with this preconfiguration in their data centers and who had issues switching to the empty preconfiguration. See bug 1174524. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1180689 https://bugzilla.suse.com/show_bug.cgi?id=1180689#c14 --- Comment #14 from Reinhard Max <max@suse.com> --- (In reply to Fabian Vogt from comment #13)

Which can be addressed by replacing chrony-pool-suse with chrony-pool-empty. "zypper in chrony-pool-empty -chrony-pool-suse" should work for that, and YaST can handle that as well.

Nice syntactic variant that I wasn't aware of so far, but the customer was using different tools (also provided by us) that weren't able to do the switch that easily.

This configuration could also be handled by YaST, but then it would have to be duplicated in all kiwi images, Yomi, JeOS, possibly SUMA, etc., just to have a default pool.

Looks like we simply have too many different installers. ;)

All of them would have to decide which one to use, and that gets messy quickly. So far nobody came up with a better suggestion FWICT.

Well, currently the mess lies in imposing a default that is important for a minority of installations onto the majority of installations for which it is unimportant at best, but often simply undesirable. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1180689 https://bugzilla.suse.com/show_bug.cgi?id=1180689#c16 --- Comment #16 from Richard Brown <rbrown@suse.com> --- (In reply to Reinhard Max from comment #15)

One question regarding the "Supplements" clauses: is it correct to use branding-openSUSE and branding-SLE here, although the pool packages are not branding in the sense of artwork, but rather a technical thing? It would feel more natural to me to use openSUSE-release and SLE-release instead, so that it is based on the product and not on the branding.

'branding' packages are routinely used for convaying configuration settings and not just artwork. Only a small minority of 'branding' packages in our distributions carry artwork. Where as -release packages ONLY carry specific information regarding the -release of a distribution and should NEVER carry any configuration. So, please, use the branding packages, yes. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1180689 https://bugzilla.suse.com/show_bug.cgi?id=1180689#c23 --- Comment #23 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2022:0845-1: An update that solves one vulnerability, contains one feature and has 12 fixes is now available. Category: security (moderate) Bug References: 1099272,1115529,1128846,1162964,1172113,1173277,1174075,1174911,1180689,1181826,1187906,1190926,1194229 CVE References: CVE-2020-14367 JIRA References: SLE-17334 Sources used: SUSE Linux Enterprise Realtime Extension 15-SP2 (src): augeas-1.10.1-3.9.1 SUSE Linux Enterprise Module for Basesystem 15-SP3 (src): augeas-1.10.1-3.9.1, chrony-4.1-150300.16.3.1 SUSE Linux Enterprise Micro 5.1 (src): augeas-1.10.1-3.9.1, chrony-4.1-150300.16.3.1 SUSE Linux Enterprise Micro 5.0 (src): augeas-1.10.1-3.9.1 SUSE Linux Enterprise Installer 15-SP3 (src): augeas-1.10.1-3.9.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.

https://bugzilla.suse.com/show_bug.cgi?id=1180689 https://bugzilla.suse.com/show_bug.cgi?id=1180689#c25 --- Comment #25 from Swamp Workflow Management <swamp@suse.de> --- SUSE-SU-2022:0845-2: An update that solves one vulnerability, contains one feature and has 12 fixes is now available. Category: security (moderate) Bug References: 1099272,1115529,1128846,1162964,1172113,1173277,1174075,1174911,1180689,1181826,1187906,1190926,1194229 CVE References: CVE-2020-14367 JIRA References: SLE-17334 Sources used: SUSE Linux Enterprise Micro 5.2 (src): augeas-1.10.1-3.9.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination. -- You are receiving this mail because: You are on the CC list for the bug.