[Impact]
========
Initially reported @ https://github.com/GoogleCloudPlatform/guest-agent/issues/119
Basically anytime the google-guest-agent package is updated, these services are restarted which means the customer scripts are run at a time they are not supposed to be. This caused an outage for one customer who had some logic in their shutdown script that basically turned off their services.
The issue is most certainly in the autogenerated preinst script which should not be there. Stopping the shutdown service will invoke the shutdown script. This wasn't there in previous Ubuntu versions.
Ubuntu 22.04 preinst script
```
#!/bin/sh
set -e
# Automatically added by dh_installdeb/13.6ubuntu1
dpkg-maintscript-helper rm_conffile /etc/defaults/instance_configs.cfg 20200617.00-0ubuntu2\~ -- "$@"
# End automatically added section
# Automatically added by dh_installsystemd/13.6ubuntu1
if [ -z "${DPKG_ROOT:-}" ] && [ "$1" = upgrade ] && [ -d /run/systemd/system ] ; then
deb-systemd-invoke stop 'google-shutdown-scripts.service' 'google-startup-scripts.service' >/dev/null || true
fi
# End automatically added section
```
Ubuntu 20.04 preinst script
```
root@ubu2004:/tmp/DEBIAN# cat preinst
#!/bin/sh
set -e
# Automatically added by dh_installdeb/12.10ubuntu1
dpkg-maintscript-helper rm_conffile /etc/defaults/instance_configs.cfg 20200617.00-0ubuntu2\~ -- "$@"
# End automatically added section
```
One reason this issue was of concern as the latest google-guest-agent update was a rebuild promoted by golang-1.18 being updated to address CVEs prompting a rebuild of all packages dependant on golang-1.18 and publication of those rebuilds to the -security pocket. unattended-upgrades then upgraded google-guest-agent in the background which restarted the shutdown-scripts.
We do want the services to be enabled on initial installation and to be started on instance start but they should not be restarted/stopped during the lifetime of the instance.
[Test Plan]
===========
After having the fixes in, we'll run the reproducer and the test script mentioned in the first comment: https://bugs.launchpad.net/ubuntu/+source/google-guest-agent/+bug/2019089/comments/1.
This will help us validate that the fix is indeed working as it should.
A demonstration of that reproducer script is shown in the 2nd comment:
https://bugs.launchpad.net/ubuntu/+source/google-guest-agent/+bug/2019089/comments/2.
Further, we'll also build the images and run the CTF tests (internal tests) on them on our side and then ask Google to validate these images to make sure they also confirm that the bug is indeed fix and there's no regression or fallout with this update.
Once Google comes back with the validation, we'll assume enough testing and verification has been done and will mark the bug with the same.
[Where Problems Could Occur]
============================
The patch just adds "--no-stop-on-upgrade" to the already existing "--no-start --no-restart-after-upgrade". So if somebody is relying on that behavior or has a workaround that somehow, it'll break the setup for them. But this update should bring them the right fix. I don't expect a lot of users to regress because of that, though.
I have a patched google-guest-agent for Ubuntu 22.04 in PPA https:/
And reproducer script and logs @ https:/
The reproducer confirms that the shutdown script is no longer run on upgrade.
The patch was as follows:
```
--- control/preinst
+++ control/preinst
@@ -3,8 +3,3 @@
# Automatically added by dh_installdeb/
dpkg-maintscrip
# End automatically added section
-# Automatically added by dh_installsyste
-if [ -z "${DPKG_ROOT:-}" ] && [ "$1" = upgrade ] && [ -d /run/systemd/system ] ; then
- deb-systemd-invoke stop 'google-
-fi
-# End automatically added section
```
This was achieved by updating the `debian/rules` files
```
--- debian/rules
+++ debian/rules
@@ -17,7 +17,7 @@
override_
dh_installsystemd google-
- dh_installsystemd --no-start --no-restart-
+ dh_installsystemd --no-start --no-restart-
override_dh_clean:
dh_clean vendor/
```