[Bug 1251228] Re: unattended-upgrade doesn't upgrade packages pinned to version
Launchpad Bug Tracker
1251228 at bugs.launchpad.net
Wed Feb 26 16:43:14 UTC 2020
This bug was fixed in the package unattended-upgrades - 1.18
---------------
unattended-upgrades (1.18) experimental; urgency=medium
[ louib ]
* Update blacklist translations
* Fix syntax in template conf files
[ Balint Reczey ]
* Keep mypy 0.761 happy
* test: Create empty dirs to save kept packages list to them
* Log explanation about kept back packages (LP: #1850964)
(Closes: #945837, #903875)
* Use GitHub Actions for CI instead of Travis.
Run tests in Ubuntu Focal release because older releases don't have the
needed python-apt version.
* debian/tests/common-functions: Use backported python-apt from a PPA on Eoan
* debian/tests: Skip upgrade-between-snapshots test.
Python-apt's version is sid is too low for unattended-upgrades to work.
* Use apt_pkg.Hashes instead of deprecated apt_pkg.md5sum()
* autopkgtest: Skip upgrate-all-security in sid because buster can't be tested
* Make allowed_origins, blacklist and whitelist attributes of
UnattendedUpgradesCache
* Make strict_whitelist attribute of UnattendedUpgradesCache
* Apply pinning to disable not allowed origins and honor blacklist/whitelist.
This makes candidate adjustments obsolete, since apt's resolver would pick
candidates only from allowed origins by itself unless local pinning
configuration overrides that.
* Rely fully on pinning to disable allowed origins and stop adjusting
candidates.
* Drop Unattended-Upgrade::Allow-downgrade since now pinning is honored and
downgrades are allowed for package versions with priority >= 1000.
(Closes: #905877, #919046, #768087, #946491) (LP: #1251228, #1434115)
* Don't ignore allowed origin when the package's priority is < 100.
This used to be the way of honoring the priority, but now this special case
prevents the package from showing up as a package kept back.
* Assume frontend locking to be supported.
Python3-apt (>= 1.9.6~) is required which supports the frontend locking API
-- Balint Reczey <rbalint at ubuntu.com> Tue, 25 Feb 2020 19:28:13 +0100
** Changed in: unattended-upgrades (Ubuntu)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to unattended-upgrades in Ubuntu.
https://bugs.launchpad.net/bugs/1251228
Title:
unattended-upgrade doesn't upgrade packages pinned to version
Status in unattended-upgrades package in Ubuntu:
Fix Released
Bug description:
We wish to keep puppet and puppet-common pinned to the 2.7 versions.
We achive this with the following
/etc/apt/preferences.d/00-puppet.pref:
Package: puppet puppet-common
Pin: version 2.7*
Pin-Priority: 501
This has the desired effect:
puppet:
Installed: 2.7.21-1puppetlabs1
Candidate: 2.7.23-1puppetlabs1
Package pin: 2.7.23-1puppetlabs1
Version table:
3.3.2-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.3.1-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.3.0-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.2.4-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.2.3-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.2.2-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.2.1-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.1.1-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.1.0-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.0.2-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.0.1-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
3.0.0-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.23-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.22-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
*** 2.7.21-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
100 /var/lib/dpkg/status
2.7.20-2puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.20-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.19-1puppetlabs2 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.19-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.18-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.17-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.16-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.14-2puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.14-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.13-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.12-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.7.11-1ubuntu2.5 501
500 http://archive.ubuntu.totaal.net/ubuntu/ precise-updates/main amd64 Packages
2.7.11-1ubuntu2.4 501
500 http://security.ubuntu.com/ubuntu/ precise-security/main amd64 Packages
2.7.11-1ubuntu2 501
500 http://archive.ubuntu.totaal.net/ubuntu/ precise/main amd64 Packages
2.7.11-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.6.18-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
2.6.14-1puppetlabs1 501
500 http://apt.puppetlabs.com/ precise/main amd64 Packages
Yet unattended-upgrade doesn't install 2.7.23-1puppetlabs1, it
attempts to install 3.3.2-1puppetlabs1 (I have modified the
logging.debug() to include the 'from' version):
# unattended-upgrade --debug --dry-run
Initial blacklisted packages:
Starting unattended upgrades script
Allowed origins are: ['o=Ubuntu,a=precise-security', 'o=Ubuntu,a=precise-updates', 'o=Puppetlabs,a=precise']
adjusting candidate version from <Version: package:'puppet' version:'2.7.23-1puppetlabs1'> to '<Version: package:'puppet' version:'3.3.2-1puppetlabs1'>'
adjusting candidate version from <Version: package:'puppet-common' version:'2.7.23-1puppetlabs1'> to '<Version: package:'puppet-common' version:'3.3.2-1puppetlabs1'>'
Checking: puppet (["<Origin component:'main' archive:'precise' origin:'Puppetlabs' label:'Puppetlabs' site:'apt.puppetlabs.com' isTrusted:True>"])
pkg 'libjson-ruby' not in allowed origin
sanity check failed
adjusting candidate version from <Version: package:'puppet' version:'2.7.23-1puppetlabs1'> to '<Version: package:'puppet' version:'3.3.2-1puppetlabs1'>'
adjusting candidate version from <Version: package:'puppet-common' version:'2.7.23-1puppetlabs1'> to '<Version: package:'puppet-common' version:'3.3.2-1puppetlabs1'>'
Checking: puppet-common (["<Origin component:'main' archive:'precise' origin:'Puppetlabs' label:'Puppetlabs' site:'apt.puppetlabs.com' isTrusted:True>"])
pkg 'libjson-ruby' not in allowed origin
sanity check failed
adjusting candidate version from <Version: package:'puppet' version:'2.7.23-1puppetlabs1'> to '<Version: package:'puppet' version:'3.3.2-1puppetlabs1'>'
adjusting candidate version from <Version: package:'puppet-common' version:'2.7.23-1puppetlabs1'> to '<Version: package:'puppet-common' version:'3.3.2-1puppetlabs1'>'
pkgs that look like they should be upgraded:
Fetched 0 B in 0s (0 B/s)
blacklist: []
Packages that are auto removed: ''
InstCount=0 DelCount=0 BrokenCout=0
Option --dry-run given, *not* performing real actions
Packages that are upgraded:
#
When I comment line 70 (self.adjust_candidate_versions()) it will
upgrade to the right package, but I don't know what other stuff this
breaks.
# lsb_release -rd
Description: Ubuntu 12.04.3 LTS
Release: 12.04
# apt-cache policy unattended-upgrades
unattended-upgrades:
Installed: 0.76ubuntu1
Candidate: 0.76ubuntu1
Version table:
*** 0.76ubuntu1 0
500 http://archive.ubuntu.totaal.net/ubuntu/ precise-updates/main amd64 Packages
100 /var/lib/dpkg/status
0.76 0
500 http://archive.ubuntu.totaal.net/ubuntu/ precise/main amd64 Packages
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1251228/+subscriptions
More information about the foundations-bugs
mailing list