[Bug 1618900] Re: [Xenial/0.90] Systemd dependencies issues when used in "Shutdown mode"

Brian Murray brian at ubuntu.com
Tue Dec 20 19:37:47 UTC 2016 

2016-12-20 11:01:59,325 INFO Starting unattended upgrades script
2016-12-20 11:01:59,326 INFO Allowed origins are: ['o=Ubuntu,a=xenial', 'o=Ubuntu,a=xenial-security']
2016-12-20 11:04:43,551 INFO Packages that will be upgraded: apport apport-gtk apt apt-transport-https apt-utils bind9-host cpp-5 curl dbus dbus-x11 dnsutils firefox firefox-locale-en g++-5 gcc-5 gcc-5-base ghostscript ghostscript-x gir1.2-gst-plugins-base-1.0 gstreamer1.0-alsa gstreamer1.0-plugins-base gstreamer1.0-plugins-base-apps gstreamer1.0-plugins-good gstreamer1.0-pulseaudio gstreamer1.0-x imagemagick imagemagick-6.q16 imagemagick-common libapt-inst2.0 libapt-pkg5.0 libasan2 libatomic1 libbind9-140 libcc1-0 libcilkrts5 libcurl3 libcurl3-gnutls libdbus-1-3 libdns-export162 libdns162 libgcc-5-dev libgd3 libgomp1 libgs9 libgs9-common libgstreamer-plugins-base1.0-0 libgstreamer-plugins-good1.0-0 libisc-export160 libisc160 libisccc140 libisccfg140 libitm1 liblsan0 liblwres141 libmagickcore-6.q16-2 libmagickcore-6.q16-2-extra libmagickwand-6.q16-2 libmpx0 liboxideqt-qmlplugin liboxideqtcore0 liboxideqtquick0 libpython2.7 libpython2.7-minimal libpython2.7-stdlib libpython3.5 libpython3.5-minimal libpython3.5-stdlib libquadmath0 libsmbclient libstdc++-5-dev libstdc++6 libtracker-sparql-1.0-0 libtsan0 libubsan0 libwbclient0 linux-firmware linux-generic linux-headers-generic linux-image-generic linux-libc-dev oxideqt-codecs python2.7 python2.7-minimal python3-apport python3-cryptography python3-problem-report python3.5 python3.5-minimal samba-libs tar thunderbird thunderbird-gnome-support thunderbird-locale-en thunderbird-locale-en-us tzdata vim vim-common vim-runtime vim-tiny
2016-12-20 11:04:43,552 INFO Writing dpkg log to '/var/log/unattended-upgrades/unattended-upgrades-dpkg.log'
2016-12-20 11:06:59,150 INFO All upgrades installed
2016-12-20 11:27:12,868 INFO Starting unattended upgrades script
2016-12-20 11:27:12,868 INFO Allowed origins are: ['o=Ubuntu,a=xenial', 'o=Ubuntu,a=xenial-security', 'o=Ubuntu,a=xenial-updates']
2016-12-20 11:29:45,097 INFO Packages that will be upgraded: accountsservice apparmor base-files bind9-host deja-dup distro-info-data dnsutils gir1.2-dbusmenu-glib-0.4 gnome-calculator gnome-software gnome-software-common ifupdown im-config init init-system-helpers initramfs-tools initramfs-tools-bin initramfs-tools-core isc-dhcp-client isc-dhcp-common kbd language-pack-en language-pack-gnome-en libaccountsservice0 libapparmor-perl libapparmor1 libappstream-glib8 libbind9-140 libc-bin libc-dev-bin libc6 libc6-dbg libc6-dev libdbusmenu-glib4 libdbusmenu-gtk3-4 libdbusmenu-gtk4 libdns-export162 libdns162 libfcitx-config4 libfcitx-gclient0 libfcitx-utils0 libisc-export160 libisc160 libisccc140 libisccfg140 liblightdm-gobject-1-0 liblwres141 libmetacity-private3a libnm-glib-vpn1 libnm-glib4 libnm-util2 libnm0 libpam-systemd libprocps4 libpulse-mainloop-glib0 libpulse0 libpulsedsp libqt5core5a libqt5dbus5 libqt5gui5 libqt5network5 libqt5opengl5 libqt5printsupport5 libqt5sql5 libqt5sql5-sqlite libqt5test5 libqt5widgets5 libqt5xml5 libsystemd0 libudev1 libwhoopsie0 light-themes lightdm linux-firmware locales metacity metacity-common multiarch-support network-manager procps pulseaudio pulseaudio-module-bluetooth pulseaudio-module-x11 pulseaudio-utils python3-distupgrade python3-software-properties python3-update-manager snap-confine snapd software-properties-common software-properties-gtk suru-icon-theme systemd systemd-sysv ubuntu-artwork ubuntu-core-launcher ubuntu-mobile-icons ubuntu-mono ubuntu-release-upgrader-core ubuntu-release-upgrader-gtk ubuntu-software udev update-manager update-manager-core update-notifier update-notifier-common whoopsie xserver-common xserver-xorg-core xserver-xorg-video-intel
2016-12-20 11:29:45,097 INFO Writing dpkg log to '/var/log/unattended-upgrades/unattended-upgrades-dpkg.log'
2016-12-20 11:31:39,798 INFO All upgrades installed
2016-12-20 11:31:42,056 INFO Packages that are auto removed: 'ubuntu-core-launcher'
2016-12-20 11:31:43,936 INFO Packages were successfully auto-removed

bdmurray at clean-xenial-amd64:~$ apt-cache policy unattended-upgrades
unattended-upgrades:
  Installed: 0.90ubuntu0.3
  Candidate: 0.90ubuntu0.3
  Version table:
 *** 0.90ubuntu0.3 100
        100 /var/lib/dpkg/status


** Tags removed: verification-needed
** Tags added: verification-done-xenial

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to unattended-upgrades in Ubuntu.
https://bugs.launchpad.net/bugs/1618900

Title:
  [Xenial/0.90] Systemd dependencies issues when used in "Shutdown mode"

Status in unattended-upgrades package in Ubuntu:
  Fix Released
Status in unattended-upgrades source package in Xenial:
  Fix Committed
Status in unattended-upgrades source package in Yakkety:
  Fix Committed

Bug description:
  [Impact]
  There are some race conditions in unattended-upgrades when it is used in shutdown mode. It is possible that the network has already been brought down or for a local file system, like /var/, to be unmounted before the unattended-upgrades script is run.  This then causes the updates not to be installed thereby making systems less secure - if security updates are enabled.

  [Test Case]
  Because this is a race condition, I haven't actually been able to recreate the bug.  However, the fix is straightforward and testing for regressions should be sufficient.

  1) On a freshly installed system.
  2) Modify /etc/apt/apt.conf.d/50unattended-upgrades so that 
  Unattended-Upgrade::InstallOnShutdown "true"; is not commented out.
  3) Reboot and watch updates being installed
  4) Verify updates were installed by reviewing /var/log/unattended-upgrades/unattended-upgrades.log
  5) Uncomment -updates in 50unattended-upgrades

  Repeats steps 3 and 4 again. There isn't any need to run unattended-
  upgrades in *not* shutdown mode because we have only modified the
  systemd service file.

  [Regression Potential]
  There is little chance of a regression, but because of the change (and this feature now working better) its possible the shutdown process will take longer and surprise users.

  Original Description
  --------------------

  Using unattended-upgrades 0.90 in "Shutdown mode" on Ubuntu Xenial, we encounter the following systemd dependencies issues :
  - The network is often down when unattended-upgrades is running, so packages can not be downloaded (can be mitigated by using APT::Periodic::Download-Upgradeable-Packages "1";) :
      => ERROR An error occurred: 'Could not resolve host: ****.fr'
      => ERROR The URI 'https://****.fr:33000/ubuntu-security/pool/main/libi/libidn/libidn11_1.32-3ubuntu1.1_amd64.deb' failed to download, aborting
  - Important mountpoints like /boot are unmounted before unattended-upgrades is running, so newer kernels can not be installed properly (ramdisk and grub configuration can not be generated)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1618900/+subscriptions

More information about the foundations-bugs mailing list