[Bug 1823070] Re: unattended-upgrades should tell the user (via motd) when security updates are held back
Balint Reczey
balint.reczey at canonical.com
Fri Oct 18 11:15:26 UTC 2019
** Description changed:
+ [Impact]
+
+ * MOTD does not go into details about upgradable packages being security fixes or just normal updates.
+ * Users should be made aware if some of the security updates could not have been applied.
+ * The fix is adding a snipped to MOTD where the number of packages kept back by unattended-upgrades is shown.
+
+ [Test Case]
+
+ * The debian/tests/upgrade-all-security is extended to check if the number of kept back packages are shown in MOTD and a new test is added (test/test_motd.py) to check if the list of kept back packages are saved properly.
+ * To test the fix manually:
+ 1. Mark a package upgradable from the -security pocket as held, then run unattended-upgrades.
+ 2. Observe MOTD messate showing the number of packages being kept back.
+
+ [Regression Potential]
+
+ * Unattended-upgrades may crash when saving kept packages and always
+ return with failure. MOTD may hang or print error while printing the
+ packages kept back by u-u.
+
+ [Original Bug Text]
+
Currently we have the following pieces as part of the default UX on
Ubuntu 18.04 and later:
- 1) unattended-upgrades automatically installs security updates daily by default
- 2) the motd reports the number of available updates, including security updates.
+ 1) unattended-upgrades automatically installs security updates daily by default
+ 2) the motd reports the number of available updates, including security updates.
A user who knows about 1) also knows that a non-zero number of pending
security updates listed in 2) is nothing to worry about.
However, unattended-upgrades will also cleverly detect when a security
update cannot safely be installed non-interactively due to conffile
changes on the system.
In this case, unattended-upgrades should also inform the user via the
motd that these updates are not being installed. Otherwise, there's
nothing to tell the user that the non-zero count of available security
updates in motd is a *problem*.
Suggested wording:
- N security updates will not be automatically installed due to local changes.
- See /var/log/foo for details.
+ N security updates will not be automatically installed due to local changes.
+ See /var/log/foo for details.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to unattended-upgrades in Ubuntu.
https://bugs.launchpad.net/bugs/1823070
Title:
unattended-upgrades should tell the user (via motd) when security
updates are held back
Status in unattended-upgrades package in Ubuntu:
Fix Released
Status in unattended-upgrades source package in Bionic:
Confirmed
Status in unattended-upgrades source package in Disco:
Confirmed
Bug description:
[Impact]
* MOTD does not go into details about upgradable packages being security fixes or just normal updates.
* Users should be made aware if some of the security updates could not have been applied.
* The fix is adding a snipped to MOTD where the number of packages kept back by unattended-upgrades is shown.
[Test Case]
* The debian/tests/upgrade-all-security is extended to check if the number of kept back packages are shown in MOTD and a new test is added (test/test_motd.py) to check if the list of kept back packages are saved properly.
* To test the fix manually:
1. Mark a package upgradable from the -security pocket as held, then run unattended-upgrades.
2. Observe MOTD messate showing the number of packages being kept back.
[Regression Potential]
* Unattended-upgrades may crash when saving kept packages and always
return with failure. MOTD may hang or print error while printing the
packages kept back by u-u.
[Original Bug Text]
Currently we have the following pieces as part of the default UX on
Ubuntu 18.04 and later:
1) unattended-upgrades automatically installs security updates daily by default
2) the motd reports the number of available updates, including security updates.
A user who knows about 1) also knows that a non-zero number of pending
security updates listed in 2) is nothing to worry about.
However, unattended-upgrades will also cleverly detect when a security
update cannot safely be installed non-interactively due to conffile
changes on the system.
In this case, unattended-upgrades should also inform the user via the
motd that these updates are not being installed. Otherwise, there's
nothing to tell the user that the non-zero count of available security
updates in motd is a *problem*.
Suggested wording:
N security updates will not be automatically installed due to local changes.
See /var/log/foo for details.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1823070/+subscriptions
More information about the foundations-bugs
mailing list