Activity log for bug #2006589

Date Who What changed Old value New value Message
2023-02-08 11:09:11 Adrien Nader bug added bug
2023-02-08 14:15:24 Kai Kasurinen bug added subscriber Kai Kasurinen
2023-02-08 14:15:37 Launchpad Janitor anacron (Ubuntu): status New Confirmed
2023-02-08 21:34:16 Adrien Nader attachment added anacron_2.3-36ubuntu1-to-2.3-36ubuntu2~ppa2.diff https://bugs.launchpad.net/ubuntu/+source/anacron/+bug/2006589/+attachment/5645637/+files/anacron_2.3-36ubuntu1-to-2.3-36ubuntu2~ppa2.diff
2023-02-09 00:25:59 Ubuntu Foundations Team Bug Bot tags patch
2023-02-09 00:26:06 Ubuntu Foundations Team Bug Bot bug added subscriber Ubuntu Sponsors Team
2023-02-10 03:21:40 Michael Hudson-Doyle bug added subscriber Michael Hudson-Doyle
2023-02-14 11:52:07 Adrien Nader attachment added anacron_2.3-36ubuntu1-to-2.3-36ubuntu2~ppa4.diff https://bugs.launchpad.net/ubuntu/+source/anacron/+bug/2006589/+attachment/5647064/+files/anacron_2.3-36ubuntu1-to-2.3-36ubuntu2~ppa4.diff
2023-02-23 10:32:26 Adrien Nader attachment added anacron_2.3-36ubuntu1.dsc-to-anacron_2.3-36ubuntu2~ppa5.dsc.diff https://bugs.launchpad.net/ubuntu/+source/anacron/+bug/2006589/+attachment/5649527/+files/anacron_2.3-36ubuntu1.dsc-to-anacron_2.3-36ubuntu2~ppa5.dsc.diff
2023-02-23 10:33:57 Adrien Nader attachment added anacron_2.3-36ubuntu2~ppa4.dsc-to-anacron_2.3-36ubuntu2~ppa5.dsc.diff https://bugs.launchpad.net/ubuntu/+source/anacron/+bug/2006589/+attachment/5649528/+files/anacron_2.3-36ubuntu2~ppa4.dsc-to-anacron_2.3-36ubuntu2~ppa5.dsc.diff
2023-03-07 15:31:44 Adrien Nader attachment added anacron_2.3-36ubuntu1-to-2.3-36ubuntu2~ppa6.diff https://bugs.launchpad.net/ubuntu/+source/anacron/+bug/2006589/+attachment/5652480/+files/anacron_2.3-36ubuntu1-to-2.3-36ubuntu2~ppa6.diff
2023-03-10 09:06:05 Launchpad Janitor anacron (Ubuntu): status Confirmed Fix Released
2023-03-21 17:14:42 Adrien Nader tags patch block-proposed-kinetic patch
2023-03-21 21:49:57 Adrien Nader attachment added anacron_2.3-33ubuntu1.dsc-to-anacron_2.3-33ubuntu2.dsc https://bugs.launchpad.net/ubuntu/+source/anacron/+bug/2006589/+attachment/5656397/+files/anacron_2.3-33ubuntu1.dsc-to-anacron_2.3-33ubuntu2.dsc
2023-03-22 12:35:02 Adrien Nader description As hinted by https://lists.debian.org/debian-devel-announce/2022/11/msg00001.html , anacron 2.3-33's packaging has a bug which disables both the timer and service when its postrm script is invoked and that includes upgrades from this package. We need to work-around this issue since it is the version in kinetic. As hinted by https://lists.debian.org/debian-devel-announce/2022/11/msg00001.html , anacron 2.3-33's packaging has a bug which disables both the timer and service when its postrm script is invoked and that includes upgrades from this package. We need to work-around this issue since it is the version in kinetic. === SRU request below === [ Impact ] * Due to an issue in the postrm script of anacron 2.3-33, upgrades *from* that version disable the anacron service and timer. Timeline: - 2.3-32*: not buggy - 2.3-33*: buggy - 2.3-34*: buggy - 2.3-35*: not buggy, no work-around (Debian decided against further actions due to the affected versions only hitting unstable) - 2.3-36: not buggy, no work-around - 2.3-36ubuntu1: not buggy, no work-around - 2.3-36ubuntu2: not buggy, work-around added * We need to make sure that users do not upgrade to any version that is less than 2.3-36ubuntu2 which contains a work-around for the bug in 2.3-33's postrm. This means that security updates must contain the fix and the work-around, hence this SRU. There are two aspects to this SRU: - fixing the bug introduced in 2.3-33 and removed in 2.3-35 (responsible code was reverted back), - working around the fact that the bug gets triggered when updating from 2.3-33. * The fix has been discussed as part of https://bugs.launchpad.net/ubuntu/+source/anacron/+bug/2006589 The work-around uses 1) preinst to backup the service state before the buggy postrm script runs, 2) postinst to restore the backup. [ Test Plan ] * NB: if you're running Lunar, your anacron.service and anacron.timer are likely disabled due to this issue. * Steps to reproduce the issue: - install anacron-2.3-33* or anacron-2.3-34* (kinetic uses 2.3-33) - check whether anacron.service (same for anacron.timer) is enabled: systemctl show anacron.service --property=UnitFileState - update anacron to any other version before 2.3-36ubuntu2 (including previous version and including reinstalling the same version); - check whether anacron.service (same for anacron.timer) is enabled: systemctl show anacron.service --property=UnitFileState if the service or timer were enabled before, they will now be disabled; if they are not disabled, run "systemctl daemon-reload" and check again * Steps to test the fix: - install anacron-2.3-33* or anacron-2.3-34* - enable anacron.service and anacron.timer: systemctl enable anacron.service anacron.timer - update to anacron >= 2.3-36ubuntu2; if you pay attention to the console output, you will see messages related to the issue - check that anacron.service and anacron.timer are still enabled: systemctl show anacron.service --property=UnitFileState systemctl show anacron.timer --property=UnitFileState [ Where problems could occur ] * The fixed version is in lunar and is installed on a number of machines already with no report so far. Unfortunately there has been a window of opportunity for people to upgrade to an intermediate and trigger the issue, therefore preventing the work-around to run. This is not a specifically a problem with this update but it is a limitation. * There is always the possibility that this change breaks anacron. However, without the work-around, anacron will be disabled silently. As such, this update cannot make things worse in this regard. * There is always the possibility of a grave bug that removes everything on the machine. This is made more likely because the postinst and postrm scripts are shell scripts and shell script makes all errors more likely. The code has however been written defensively, has been reviewed, has been analyzed with shellcheck and has been tested on several machines thanks to the update being in lunar. Moreover it does not use destructive operations like "rm" (the exception is "rmdir --ignore-fail-on-non-empty" which is zero-risk). [ Other Info ] * We should communicate to LL users about this issue once the SRU is done. Why wait for the SRU to communicate to users of an unreleased version? Because it makes the message simpler: "all versions now are fixed; update and check the service/timer status, you can't stumble on the issue anymore". While preparing the SRU, I was also reminded that we've been including this NEWS file from Debian: https://salsa.debian.org/debian/anacron/-/raw/0ce23b/debian/NEWS I've tweaked it but the change isn't present in the lunar package * Since the only requirement for this SRU is to be present before any other update of anacron, this should be blocked forever. The bug report on launchpad has the block-proposed-kinetic tag.
2023-03-22 12:51:12 Adrien Nader attachment added anacron_2.3-33ubuntu1.dsc-to-anacron_2.3-33ubuntu2.dsc.diff https://bugs.launchpad.net/ubuntu/+source/anacron/+bug/2006589/+attachment/5656596/+files/anacron_2.3-33ubuntu1.dsc-to-anacron_2.3-33ubuntu2.dsc.diff
2023-03-28 03:16:21 Steve Langasek nominated for series Ubuntu Kinetic
2023-03-28 03:16:21 Steve Langasek bug task added anacron (Ubuntu Kinetic)
2023-03-28 03:16:28 Steve Langasek bug added subscriber Steve Langasek
2023-03-28 07:06:22 Adrien Nader attachment removed anacron_2.3-33ubuntu1.dsc-to-anacron_2.3-33ubuntu2.dsc https://bugs.launchpad.net/ubuntu/+source/anacron/+bug/2006589/+attachment/5656397/+files/anacron_2.3-33ubuntu1.dsc-to-anacron_2.3-33ubuntu2.dsc
2023-04-14 16:40:14 Steve Langasek anacron (Ubuntu Kinetic): status New Fix Committed
2023-04-14 16:40:16 Steve Langasek bug added subscriber Ubuntu Stable Release Updates Team
2023-04-14 16:40:18 Steve Langasek bug added subscriber SRU Verification
2023-04-14 16:40:22 Steve Langasek tags block-proposed-kinetic patch block-proposed-kinetic patch verification-needed verification-needed-kinetic
2023-06-06 13:37:25 Ɓukasz Zemczak removed subscriber Ubuntu Sponsors
2023-07-12 10:47:39 Adrien Nader tags block-proposed-kinetic patch verification-needed verification-needed-kinetic block-proposed-kinetic patch verification-done-kinetic verification-needed
2023-07-12 10:48:16 Adrien Nader tags block-proposed-kinetic patch verification-done-kinetic verification-needed block-proposed-kinetic patch verification-done-kinetic