Univention Bugzilla – Bug 35428
novnc: Switch to upstream package from Debian
Last modified: 2019-11-20 13:26:40 CET
+++ This bug was initially created as a clone of Bug #35425 +++ We should consider removing our own old copy of noVNC from ucs-4.0-0/virtualization/univention-novnc in favor of the newer version in Debian Wheezy. We should probably remove the hard dependency on "nova-common" and disable ./utils/nova-novncproxy and ./debian/novnc.init.
univention-novnc contains a stale copy of novnc-0.4. It is unmaintained and has at least one known security vulnerability CVE-2013-7436 <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=778618> Debian has it fixed: <https://packages.debian.org/source/jessie/novnc>
Debian only has 0.4 packages; consider <https://github.com/novnc/noVNC> which is aiming for <https://github.com/novnc/noVNC/milestones> 0.7
Debian Buster will probably have v1.1 <https://tracker.debian.org/pkg/novnc>
Confirmed, buster does have v1.1 in its release: https://packages.debian.org/buster/novnc
*** Bug 49178 has been marked as a duplicate of this bug. ***
novnc 1:1.0.0-1 has been imported from Debian buster. The novnc fork has been removed from our git repoistory and replaced with a dependency. The novnc version has an favicon in the new version. I think this is okay and shouldn't be replaced with an univention icon? The init script has been migrated to a systemd service. I tried starting it as novnc:nogroup but this currently fails (Bug #49043). The websockify service is started with Python 3, I think this is the best to keep migration efford less. univention-novnc.yaml 7249c83046c0 | YAML Bug #35428 novnc.yaml 7249c83046c0 | YAML Bug #35428 univention-novnc (3.0.0-2) a623bc3b7990 | Bug #35428: replace init script with systemd service d0db8ed9abbd | Bug #35428: use python3-websockify a5ddf5e85077 | Bug #35428: use upstream debian package from buster
*** Bug 34030 has been marked as a duplicate of this bug. ***
Another commit has been added which places the executable script in /usr/lib/univention-novnc/websockify: univention-novnc (3.0.0-3) c4e629a1ee01 | Bug #35428: don't use /usr/bin/ The approach to replace websockify with libvirt-console-proxy has been moved to Bug #50494.
I could push novnc to the maintained testing repository: # apt policy novnc novnc: *** 1:1.0.0-1A~4.4.0.201911131601 500 500 http://omar.knut.univention.de/build2 ucs_4.4-0-errata4.4-2/all/ Packages 500 http://updates-test.software-univention.de/4.4/maintained/component 4.4-2-errata-test/all/ Packages I could not get it to maintained for python3-websockify. Added the advisory: websockify.yaml 4b5f75958a76 | YAML Bug #35428
(In reply to Florian Best from comment #9) > I could not get it to maintained for python3-websockify. Added the advisory: > > websockify.yaml > 4b5f75958a76 | YAML Bug #35428 The package does not exist in that scope: > scope: ucs_4.4-0-errata4.4-2 See <http://xen1.knut.univention.de:8000/packages/source/websockify/> I `reop-copy-dsc` it to said scope, re-calculated the maintained packages, and pushed to testing: <https://jenkins.knut.univention.de:8181/view/Publish/job/UCS-4.4/job/PublishErrataTest/387/console>
Seems that python-oslo.config is missing (maintained?), this breaks 20_appcenter.20_can_apps_be_installed.master091 in our jenkins tests $ apt-get install univention-novnc Die folgenden Pakete haben unerfüllte Abhängigkeiten: univention-novnc : Hängt ab von: novnc soll aber nicht installiert werden E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene defekte Pakete. $ apt-get install novnc Die folgenden Pakete haben unerfüllte Abhängigkeiten: novnc : Hängt ab von: python-novnc soll aber nicht installiert werden E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene defekte Pakete. $ apt-get install python-novnc Die folgenden Pakete haben unerfüllte Abhängigkeiten: python-novnc : Hängt ab von: python-oslo.config ist aber nicht installierbar E: Probleme können nicht korrigiert werden, Sie haben zurückgehaltene defekte Pakete. $ apt-get install python-oslo.config E: Für Paket »python-oslo.config« existiert kein Installationskandidat.
[4.4-2] 5de7b0f476 Bug #35428: novnc 1:1.0.0-1A~4.4.0.201911131601 Move package dependencies to maintained: doc/errata/staging/novnc.yaml | 2 +- doc/errata/staging/python-debtcollector.yaml | 11 +++++++++++ doc/errata/staging/python-oslo.config.yaml | 11 +++++++++++ doc/errata/staging/python-oslo.i18n.yaml | 11 +++++++++++ doc/errata/staging/python-rfc3986.yaml | 11 +++++++++++ doc/errata/staging/python-wrapt.yaml | 11 +++++++++++ doc/errata/staging/stevedore.yaml | 11 +++++++++++ doc/errata/staging/websockify.yaml | 2 +- 8 files changed, 68 insertions(+), 2 deletions(-)
dpkg: Fehler beim Bearbeiten des Archivs /tmp/root/apt-dpkg-install-xpqYiQ/11-novnc_1%3a1.0.0-1A~4.4.0.201911131601_all.deb (--unpack): Versuch, »/usr/share/novnc/vnc.html« zu überschreiben, welches auch in Paket univention-novnc 2.0.0-2A~4.3.0.201712211526 ist
(In reply to Philipp Hahn from comment #13) > dpkg: Fehler beim Bearbeiten des Archivs > /tmp/root/apt-dpkg-install-xpqYiQ/11-novnc_1%3a1.0.0-1A~4.4.0. > 201911131601_all.deb (--unpack): > Versuch, »/usr/share/novnc/vnc.html« zu überschreiben, welches auch in > Paket univention-novnc 2.0.0-2A~4.3.0.201712211526 ist [4.4-2] ffdf1b26d0 Bug #35428 noVNC: Fix package upgrade virtualization/univention-novnc/debian/changelog | 6 ++++++ virtualization/univention-novnc/debian/control | 4 +--- virtualization/univention-novnc/debian/univention-novnc.maintscript | 1 + 3 files changed, 8 insertions(+), 3 deletions(-) r18705 | Bug #35428: Fix upgrade from univention-novnc to novnc Package: novnc Version: 1:1.0.0-1A~4.4.0.201911191617 Branch: ucs_4.4-0 Scope: errata4.4-2 [4.4-2] 86dcc24838 Bug #35428: univention-novnc 3.0.0-4A~4.4.0.201911191606 doc/errata/staging/novnc.yaml | 2 +- doc/errata/staging/univention-novnc.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)
OK: UVMM noVNC OK: Install OK: apt install -t apt univention-novnc OK: http:// OK: https:// OK: *.yaml
<http://errata.software-univention.de/ucs/4.4/366.html> <http://errata.software-univention.de/ucs/4.4/367.html> <http://errata.software-univention.de/ucs/4.4/368.html> <http://errata.software-univention.de/ucs/4.4/369.html> <http://errata.software-univention.de/ucs/4.4/370.html> <http://errata.software-univention.de/ucs/4.4/371.html> <http://errata.software-univention.de/ucs/4.4/372.html> <http://errata.software-univention.de/ucs/4.4/373.html> <http://errata.software-univention.de/ucs/4.4/374.html>