| 2016-08-31 13:35:49 |
Guillaume Penin |
bug |
|
|
added bug |
| 2016-09-10 03:09:36 |
Mathew Hodson |
tags |
|
xenial |
|
| 2016-09-22 22:29:11 |
Brian Murray |
unattended-upgrades (Ubuntu): importance |
Undecided |
Medium |
|
| 2016-09-22 22:29:16 |
Brian Murray |
tags |
xenial |
xenial yakkety |
|
| 2016-09-22 22:29:27 |
Brian Murray |
unattended-upgrades (Ubuntu): status |
New |
Confirmed |
|
| 2016-09-26 21:16:12 |
Brian Murray |
bug |
|
|
added subscriber Brian Murray |
| 2016-12-08 11:10:57 |
Brian Murray |
tags |
xenial yakkety |
rls-z-incoming xenial yakkety |
|
| 2016-12-08 12:26:53 |
Brian Murray |
unattended-upgrades (Ubuntu): status |
Confirmed |
Triaged |
|
| 2016-12-08 16:30:36 |
Brian Murray |
unattended-upgrades (Ubuntu): assignee |
|
Brian Murray (brian-murray) |
|
| 2016-12-09 09:53:02 |
Brian Murray |
unattended-upgrades (Ubuntu): milestone |
|
ubuntu-17.02 |
|
| 2016-12-13 21:38:50 |
Brian Murray |
unattended-upgrades (Ubuntu): status |
Triaged |
Fix Released |
|
| 2016-12-13 21:39:03 |
Brian Murray |
nominated for series |
|
Ubuntu Yakkety |
|
| 2016-12-13 21:39:03 |
Brian Murray |
bug task added |
|
unattended-upgrades (Ubuntu Yakkety) |
|
| 2016-12-13 21:39:03 |
Brian Murray |
nominated for series |
|
Ubuntu Xenial |
|
| 2016-12-13 21:39:03 |
Brian Murray |
bug task added |
|
unattended-upgrades (Ubuntu Xenial) |
|
| 2016-12-13 21:39:12 |
Brian Murray |
unattended-upgrades (Ubuntu Xenial): status |
New |
Triaged |
|
| 2016-12-13 21:39:15 |
Brian Murray |
unattended-upgrades (Ubuntu Yakkety): status |
New |
Triaged |
|
| 2016-12-13 21:39:19 |
Brian Murray |
unattended-upgrades (Ubuntu Xenial): importance |
Undecided |
Medium |
|
| 2016-12-13 21:39:21 |
Brian Murray |
unattended-upgrades (Ubuntu Yakkety): importance |
Undecided |
Medium |
|
| 2016-12-13 21:39:27 |
Brian Murray |
unattended-upgrades (Ubuntu Xenial): milestone |
|
ubuntu-16.04.2 |
|
| 2016-12-13 21:49:07 |
Brian Murray |
unattended-upgrades (Ubuntu Xenial): assignee |
|
Brian Murray (brian-murray) |
|
| 2016-12-13 22:13:55 |
Brian Murray |
unattended-upgrades (Ubuntu Yakkety): milestone |
|
yakkety-updates |
|
| 2016-12-14 21:22:22 |
Brian Murray |
description |
Using unattended-upgrades 0.90 in "Shutdown mode" on Ubuntu Xenial, we encounter the following systemd dependencies issues :
- The network is often down when unattended-upgrades is running, so packages can not be downloaded (can be mitigated by using APT::Periodic::Download-Upgradeable-Packages "1";) :
=> ERROR An error occurred: 'Could not resolve host: ****.fr'
=> ERROR The URI 'https://****.fr:33000/ubuntu-security/pool/main/libi/libidn/libidn11_1.32-3ubuntu1.1_amd64.deb' failed to download, aborting
- Important mountpoints like /boot are unmounted before unattended-upgrades is running, so newer kernels can not be installed properly (ramdisk and grub configuration can not be generated) |
[Impact]
There are some race conditions in unattended-upgrades when it is used in shutdown mode. It is possible that the network has already been brought down or for a local file system, like /var/, to be unmounted before the unattended-upgrades script is run. This then causes the updates not to be installed thereby making systems less secure - if security updates are enabled.
[Test Case]
Because this is a race condition, I haven't actually been able to recreate the bug. However, the fix is straightforward and testing for regressions should be sufficient.
1) On a freshly installed system.
2) Modify /etc/apt/apt.conf.d/50unattended-upgrades so that
Unattended-Upgrade::InstallOnShutdown "true"; is not commented out.
3) Reboot and watch updates being installed
4) Verify updates were installed by reviewing /var/log/unattended-upgrades/unattended-upgrades.log
5) Uncomment -updates in 50unattended-upgrades
Repeats steps 3 and 4 again. There isn't any need to run unattended-upgrades in *not* shutdown mode because we have only modified the systemd service file.
[Regression Potential]
There is little chance of a regression, but because of the change (and this feature now working better) its possible the shutdown process will take longer and surprise users.
Original Description
--------------------
Using unattended-upgrades 0.90 in "Shutdown mode" on Ubuntu Xenial, we encounter the following systemd dependencies issues :
- The network is often down when unattended-upgrades is running, so packages can not be downloaded (can be mitigated by using APT::Periodic::Download-Upgradeable-Packages "1";) :
=> ERROR An error occurred: 'Could not resolve host: ****.fr'
=> ERROR The URI 'https://****.fr:33000/ubuntu-security/pool/main/libi/libidn/libidn11_1.32-3ubuntu1.1_amd64.deb' failed to download, aborting
- Important mountpoints like /boot are unmounted before unattended-upgrades is running, so newer kernels can not be installed properly (ramdisk and grub configuration can not be generated) |
|
| 2016-12-14 21:23:38 |
Brian Murray |
unattended-upgrades (Ubuntu Xenial): status |
Triaged |
In Progress |
|
| 2016-12-14 21:23:41 |
Brian Murray |
unattended-upgrades (Ubuntu Yakkety): status |
Triaged |
In Progress |
|
| 2016-12-14 21:23:45 |
Brian Murray |
unattended-upgrades (Ubuntu Yakkety): assignee |
|
Brian Murray (brian-murray) |
|
| 2016-12-16 13:46:26 |
Timo Aaltonen |
unattended-upgrades (Ubuntu Yakkety): status |
In Progress |
Fix Committed |
|
| 2016-12-16 13:46:27 |
Timo Aaltonen |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2016-12-16 13:46:32 |
Timo Aaltonen |
bug |
|
|
added subscriber SRU Verification |
| 2016-12-16 13:46:35 |
Timo Aaltonen |
tags |
rls-z-incoming xenial yakkety |
rls-z-incoming verification-needed xenial yakkety |
|
| 2016-12-16 13:47:07 |
Timo Aaltonen |
unattended-upgrades (Ubuntu Xenial): status |
In Progress |
Fix Committed |
|
| 2016-12-20 18:54:54 |
Brian Murray |
tags |
rls-z-incoming verification-needed xenial yakkety |
rls-z-incoming verification-done-yakkety verification-needed xenial yakkety |
|
| 2016-12-20 19:38:01 |
Brian Murray |
tags |
rls-z-incoming verification-done-yakkety verification-needed xenial yakkety |
rls-z-incoming verification-done-xenial verification-done-yakkety xenial yakkety |
|
| 2017-01-03 18:55:49 |
Brian Murray |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2017-01-03 18:56:14 |
Launchpad Janitor |
unattended-upgrades (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
| 2017-01-03 19:05:53 |
Launchpad Janitor |
unattended-upgrades (Ubuntu Yakkety): status |
Fix Committed |
Fix Released |
|
