Bug#1121921: marked as done (ktls-utils: Deprecated tlshd config path breaks autopkgtests)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Fri, 05 Dec 2025 01:34:01 +0000
with message-id <E1vRKht-00FJcM-1f@fasolo.debian.org>
and subject line Bug#1121921: fixed in ktls-utils 1.3.0-2
has caused the Debian Bug report #1121921,
regarding ktls-utils: Deprecated tlshd config path breaks autopkgtests
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1121921: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121921
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: submit@bugs.debian.org
• Subject: ktls-utils: Deprecated tlshd config path breaks autopkgtests
• From: Max Gilmour <max.gilmour@canonical.com>
• Date: Thu, 4 Dec 2025 11:02:45 -0800
• Message-id: <[🔎] CALYDzCOd1Z+iZGOhXYovJzcmwaJFcHQTY=u2nJzHpBeb98d_8w@mail.gmail.com>

Source: ktls-utils
Version: 1.3.0-1
Severity: normal
Tags: patch

Dear Maintainer,

The 1.3.0-1 update of ktls-utils moved the tlshd config from /etc/tlshd.conf to /etc/tlshd/config, but the autopkgtests still expect the old /etc/tlshd.conf path.

The autopkgtests aren't run on Debian because of the breaks-testbed restriction, but this made the package unable to migrate on Ubuntu (LP: #2133822).

I've included a patch which fixes the autopkgtest failures by updating the path in the autopkgtest (and the README for consistency).

From 6e25030635b24e690fcae3336cd0448c63d3ff39 Mon Sep 17 00:00:00 2001
From: Max Gilmour <max.gilmour@canonical.com>
Date: Wed, 3 Dec 2025 13:15:43 -0800
Subject: [PATCH] debian/{README.debian,tests/test-common}: Replace deprecated
 conf path

---
 debian/README.debian     | 4 ++--
 debian/tests/test-common | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/debian/README.debian b/debian/README.debian
index d3baf5f..17b7418 100644
--- a/debian/README.debian
+++ b/debian/README.debian
@@ -20,7 +20,7 @@ To enable TLS on an NFS server:
    certificate should include all the domain names that clients will
    use to connect to the server.
 2. Put the filenames of the private key and certificate in the
-   [authenticate.server] section of /etc/tlshd.conf.  These cannot be
+   [authenticate.server] section of /etc/tlshd/config.  These cannot be
    symlinks.
 3. Add the "xprtsec=..." option to the relevant lines in /etc/exports.
    Normally you would use either "xprtsec=mtls" to require TLS and
@@ -34,7 +34,7 @@ To enable TLS on an NFS client:
       CA needs to be trusted on both the client and the server.  The
       name(s) and purposes in this certificate are currently ignored.
    2. Put the filenames of the private key and certificate in the
-      [authenticate.client] section of /etc/tlshd.conf.  These cannot be
+      [authenticate.client] section of /etc/tlshd/config.  These cannot be
       symlinks.
 2. Add the "xprtsec=..." option to the relevant lines in /etc/fstab.
    Normally you would use either "xprtsec=mtls" to require TLS and a
diff --git a/debian/tests/test-common b/debian/tests/test-common
index 14ee0f8..c6bd8c7 100644
--- a/debian/tests/test-common
+++ b/debian/tests/test-common
@@ -21,7 +21,7 @@ openssl req -new -key "$AUTOPKGTEST_TMP/ca.key.priv.pem" \
         -config "$AUTOPKGTEST_TMP/ca.openssl.cnf"
 
 sed -i '/^\[authenticate\.client\]/,$ { /=/d }' \
-    /etc/tlshd.conf
+    /etc/tlshd/config
 
 for role in server client; do
     # Create private key and certificate for role
@@ -52,12 +52,12 @@ EOF
 	    -utf8 -nodes -batch -x509 \
             -outform PEM -out "$AUTOPKGTEST_TMP/$role.x509.pem"
 
-    # Update tlshd.conf
+    # Update tlshd config
     sed -i '/^\[authenticate\.'$role'\]/a\
 x509.truststore='"$AUTOPKGTEST_TMP/ca.x509.pem"'\
 x509.certificate='"$AUTOPKGTEST_TMP/$role.x509.pem"'\
 x509.private_key='"$AUTOPKGTEST_TMP/$role.key.priv.pem" \
-	/etc/tlshd.conf
+	/etc/tlshd/config
 done
 
 # Make server name resolvable
-- 
2.43.0

--- End Message ---

--- Begin Message ---

• To: 1121921-close@bugs.debian.org
• Subject: Bug#1121921: fixed in ktls-utils 1.3.0-2
• From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
• Date: Fri, 05 Dec 2025 01:34:01 +0000
• Message-id: <E1vRKht-00FJcM-1f@fasolo.debian.org>
• Reply-to: Ben Hutchings <benh@debian.org>

Source: ktls-utils
Source-Version: 1.3.0-2
Done: Ben Hutchings <benh@debian.org>

We believe that the bug you reported is fixed in the latest version of
ktls-utils, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1121921@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ben Hutchings <benh@debian.org> (supplier of updated ktls-utils package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 05 Dec 2025 02:01:23 +0100
Source: ktls-utils
Architecture: source
Version: 1.3.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian kernel team <debian-kernel@lists.debian.org>
Changed-By: Ben Hutchings <benh@debian.org>
Closes: 1121921
Changes:
 ktls-utils (1.3.0-2) unstable; urgency=medium
 .
   [ Ben Hutchings ]
   * d/watch: Convert to version 5 format
   * d/watch: Fix version ordering for release candidate tags
 .
   [ Max Gilmour ]
   * debian/{README.debian,tests/test-common}: Replace deprecated conf path
     (Closes: #1121921)
Checksums-Sha1:
 52e89befafdc0240fe0590e165b211c5abd50dbc 2075 ktls-utils_1.3.0-2.dsc
 d2c32c5ba4794d2112b3ac86edc9a5a8977d2c38 8504 ktls-utils_1.3.0-2.debian.tar.xz
 3d6e4365da9f9684b8158f7b80fad4af739002f8 8070 ktls-utils_1.3.0-2_source.buildinfo
Checksums-Sha256:
 4b519e53da98f6b0ba1ad8b82b83579779b66b57c4f630a8ecb26711255e4d3b 2075 ktls-utils_1.3.0-2.dsc
 5ccb4cfb48d503ed8da79dca540d62a5621741415ddaddbe20114b0665bf979d 8504 ktls-utils_1.3.0-2.debian.tar.xz
 aed77d3a78a82c83bc81c13204cc528cade91eae1aef40dbe3e6917d83c0cd52 8070 ktls-utils_1.3.0-2_source.buildinfo
Files:
 692a0d0506a89b53b3ac4819904df9bb 2075 net optional ktls-utils_1.3.0-2.dsc
 3d0efd3c2a51b31f1f27e35f015c5bc8 8504 net optional ktls-utils_1.3.0-2.debian.tar.xz
 246579fa309ebec2077bdb41c613f34f 8070 net optional ktls-utils_1.3.0-2_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmkyNksACgkQ57/I7JWG
EQl+Sg/+MD3UGsTcoQMYVysEJAuUNHUlKxoMwQo4wPV1ZEymXuhaRczBm5vEpfQI
iyaaL8jjtDMwmgXMfR2CKmj/bwKXZ6vjSxvwcnAVwNELeJGmxoeOfn/m9aIhsuDR
e7QISAjbj5F2/9lEE5w0GN1yM/Vvt6pRNaXDNrvccmxPuh2+6PbBlRDx2hjggPuL
VXP+wcYg6LNJ/lAmvIl0fBCuCeKT47kxP0AXaRmVaDyKJsh0QXqxhhZjV6QtOFIV
OWEIBDg90zSu91u9qWkjH5V0wdjcVcEf2Kfvpy4mcP/x+I01B+MHooN3VEDMnJ89
clGTvG+rfzseyg2peQYm5/t8rWfHylrAfMQHhxnjr6uC/vK3SvEWt7DVEwKwL2UT
rRyshJVZKpjd47Zt2ujR37+rn9CisPDzJKoPXEwhIBIglChXH+ccV7qSVzRGJfrG
t3tvM7Dy+RY52gB2bbvPBM/Tzu3rk8fESGShCJM0O5dU5qimPV4y79BkDDyyQDOG
mQKgduv75S7C4mn8l/ArXxKJGAgNF4SQPEQ14SnF/+QQS/PZ2+72erQRvyxiwFog
oFatXlwrmmkMkjUZaADdXf/uFgagKhmoP01jRUghVgTjSo2MX0R4tEG7B3GWOmCB
ZFGCLpsffRNj4eLitJfOKqk3I7GyZdO/urJKP416Mi+cVPvxBKc=
=WePY
-----END PGP SIGNATURE-----

Attachment: pgpsepTCFK4jR.pgp
Description: PGP signature

--- End Message ---