[Bug 1897778] Re: DistUpgradeController to release apt lock during PostInstallScripts
Chad Smith
1897778 at bugs.launchpad.net
Fri Oct 9 16:07:28 UTC 2020
** Description changed:
+ === Begin SRU Template ===
+ [Impact]
+
+ Any Ubuntu Advantage apt-based service is enbled via a PPA. If those PPAs are not listed as valid mirrors in mirrors.cfg the PPAs get disabled across upgrade.
+
+ UA-client has a script which will enable those PPAs across upgrade path,
+ but needs the apt cache lock released during runPostInstallScripts.
+
+ Validate Ubuntu Advantage apt access is retained across do-release-
+ upgrade path so customers to not lose access to security updates after
+ performing an upgrade.
+
+
+ [Test Case]
+
+ #!/bin/bash
+
+ """
+ SRU Verification ubuntu-release-upgrader + ubuntu=advantage-tools
+
+ Test procedure:
+ - launch container Trusty, Xenial or Bionic
+ - Attach container to UA subscription (which activates a number of commerical PPAs
+ - download and run -proposed ubuntu-release-upgrader tool for upgrade release
+ - Assert successful upgrade
+ - Confirm valid mirrors not disabled
+ - Confirm third party non-commercial PPA URLs still disabled
+ - Confirm third party UA commercial URLs still disabled
+ (due to expected feature gap)
+ - Confirm UA status reports esm-infra still disabled (known feature gap)
+ """
+
+ set -ex
+ UA_TOKEN=$1
+ if [ -z "$1" ]; then
+ echo "Usage: $0 <contractTOKEN>"
+ exit 1
+ fi
+ cat > test-uru.yaml <<EOF
+ #cloud-config
+ package_update: true
+ package_upgrade: true
+ apt_sources:
+ - source: "deb http://ppa.launchpad.net/ua-client/proposed/ubuntu trusty main"
+ apt:
+ sources:
+ ua.proposed:
+ source: deb http://ppa.launchpad.net/ua-client/proposed/ubuntu \$RELEASE main
+ EOF
+
+ # ua.list:
+ # source: deb http://ppa.launchpad.net/canonical-server/ua-client-daily/ubuntu \$RELEASE main
+ # keyid: 94E187AD53A59D1847E4880F8A295C4FB8B190B7
+
+ cat > checkaptpolicy.sh <<EOF
+ #!/bin/bash
+ set -x
+ RELEASE=\`lsb_release -sc\`
+ echo -n "Current release: $RELEASE"
+ echo "Assert no disabled valid mirrors in /eta/apt/sources.list"
+ ! grep disable /etc/apt/sources.list || echo "FAILURE: found disabled valid mirror urls"
+ echo "Checking commercial Ubuntu Advantage PPAs apt policy and config"
+ apt-cache policy | grep esm.ubuntu.com
+ for file in \`ls /etc/apt/sources.list.d/ubuntu-*.list\`; do
+ echo "--- file: \${file}"
+ cat \${file}
+ done
+ EOF
+ chmod 755 checkaptpolicy.sh
+
+ declare -A NEXTDIST=( [bionic]=focal [xenial]=bionic [trusty]=xenial )
+
+ for release in trusty; do
+ vm=test-sru-$release
+ echo "--- Launch cloud-init with ${release}-proposed enabled"
+ #lxc launch ubuntu-daily:${release} ${vm} -c user.user-data="$(cat test-uru.yaml)"
+ #lxc launch daily:$release -n $vm --cloud-init test-uru.yaml
+ upgraderelease=${NEXTDIST[$release]}
+ echo "--- Wait for cloud-init to finish"
+ if [ "${release}" = "trusty" ]; then
+ while [ "N 2" != "$(lxc exec ${vm} -- runlevel)" ]; do
+ echo "waiting on runlevel 2"
+ sleep 5
+ done
+ else
+ lxc exec ${vm} -- cloud-init status --wait --long
+ fi
+ echo "--- Attach Ubuntu-Advantage and enable services"
+ lxc exec ${vm} -- sudo ua attach ${UA_TOKEN}
+ lxc exec ${vm} -- sudo ua status | tee ua-status.orig
+ lxc file push checkaptpolicy.sh ${vm}/
+ lxc exec ${vm} -- /checkaptpolicy.sh
+ lxc exec ${vm} -- wget http://archive.ubuntu.com/ubuntu/dists/$upgraderelease-proposed/main/dist-upgrader-all/current/$upgraderelease.tar.gz
+ lxc exec ${vm} -- tar xzvf $upgraderelease.tar.gz
+ #lxc exec ${vm} -- wget https://git.launchpad.net/~chad.smith/ubuntu/+source/ubuntu-release-upgrader/plain/DistUpgrade/DistUpgradeController.py?h=uru-xenial-ubuntu-advantage -O DistUpgradeController.py
+ #lxc exec ${vm} -- wget https://git.launchpad.net/~chad.smith/ubuntu/+source/ubuntu-release-upgrader/plain/data/mirrors.cfg?h=uru-xenial-ubuntu-advantage -O mirrors.cfg
+ echo "--- Validate UA APT sources after upgrade"
+ lxc exec ${vm} -- /checkaptpolicy.sh
+ echo "--- Ensure UA status reports ESM enabled"
+ lxc exec ${vm} -- sudo ua status | tee ua-status.upgrade
+ echo "--- Expect no diffs in original and upgrade status"
+ diff -urN ua-status.orig ua-status.upgrade
+ done
+
+ [Regression Potential]
+ None as UA support is not yet officially introduced in Xenial or later. Customers currently have to manually re-enable apt config across upgrades.
+
+ === End SRU Template ===
+
+
+ ==== Original Description ===
+
In order for custom PostInstallScript to add/remove apt packages and
call apt update, DistUpgradecontroller needs to release the apt cache
directory lock before that stage.
If the lock is still in place,
DistUpgradeController.runPostUpgradeScripts hits errors such as:
-
E: Could not get lock /var/lib/apt/lists/lock - open (11: Resource temporarily unavailable)
E: Unable to lock directory /var/lib/apt/lists/
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-release-upgrader in
Ubuntu.
https://bugs.launchpad.net/bugs/1897778
Title:
DistUpgradeController to release apt lock during PostInstallScripts
Status in ubuntu-release-upgrader package in Ubuntu:
Fix Released
Bug description:
=== Begin SRU Template ===
[Impact]
Any Ubuntu Advantage apt-based service is enbled via a PPA. If those PPAs are not listed as valid mirrors in mirrors.cfg the PPAs get disabled across upgrade.
UA-client has a script which will enable those PPAs across upgrade
path, but needs the apt cache lock released during
runPostInstallScripts.
Validate Ubuntu Advantage apt access is retained across do-release-
upgrade path so customers to not lose access to security updates after
performing an upgrade.
[Test Case]
#!/bin/bash
"""
SRU Verification ubuntu-release-upgrader + ubuntu=advantage-tools
Test procedure:
- launch container Trusty, Xenial or Bionic
- Attach container to UA subscription (which activates a number of commerical PPAs
- download and run -proposed ubuntu-release-upgrader tool for upgrade release
- Assert successful upgrade
- Confirm valid mirrors not disabled
- Confirm third party non-commercial PPA URLs still disabled
- Confirm third party UA commercial URLs still disabled
(due to expected feature gap)
- Confirm UA status reports esm-infra still disabled (known feature gap)
"""
set -ex
UA_TOKEN=$1
if [ -z "$1" ]; then
echo "Usage: $0 <contractTOKEN>"
exit 1
fi
cat > test-uru.yaml <<EOF
#cloud-config
package_update: true
package_upgrade: true
apt_sources:
- source: "deb http://ppa.launchpad.net/ua-client/proposed/ubuntu trusty main"
apt:
sources:
ua.proposed:
source: deb http://ppa.launchpad.net/ua-client/proposed/ubuntu \$RELEASE main
EOF
# ua.list:
# source: deb http://ppa.launchpad.net/canonical-server/ua-client-daily/ubuntu \$RELEASE main
# keyid: 94E187AD53A59D1847E4880F8A295C4FB8B190B7
cat > checkaptpolicy.sh <<EOF
#!/bin/bash
set -x
RELEASE=\`lsb_release -sc\`
echo -n "Current release: $RELEASE"
echo "Assert no disabled valid mirrors in /eta/apt/sources.list"
! grep disable /etc/apt/sources.list || echo "FAILURE: found disabled valid mirror urls"
echo "Checking commercial Ubuntu Advantage PPAs apt policy and config"
apt-cache policy | grep esm.ubuntu.com
for file in \`ls /etc/apt/sources.list.d/ubuntu-*.list\`; do
echo "--- file: \${file}"
cat \${file}
done
EOF
chmod 755 checkaptpolicy.sh
declare -A NEXTDIST=( [bionic]=focal [xenial]=bionic [trusty]=xenial )
for release in trusty; do
vm=test-sru-$release
echo "--- Launch cloud-init with ${release}-proposed enabled"
#lxc launch ubuntu-daily:${release} ${vm} -c user.user-data="$(cat test-uru.yaml)"
#lxc launch daily:$release -n $vm --cloud-init test-uru.yaml
upgraderelease=${NEXTDIST[$release]}
echo "--- Wait for cloud-init to finish"
if [ "${release}" = "trusty" ]; then
while [ "N 2" != "$(lxc exec ${vm} -- runlevel)" ]; do
echo "waiting on runlevel 2"
sleep 5
done
else
lxc exec ${vm} -- cloud-init status --wait --long
fi
echo "--- Attach Ubuntu-Advantage and enable services"
lxc exec ${vm} -- sudo ua attach ${UA_TOKEN}
lxc exec ${vm} -- sudo ua status | tee ua-status.orig
lxc file push checkaptpolicy.sh ${vm}/
lxc exec ${vm} -- /checkaptpolicy.sh
lxc exec ${vm} -- wget http://archive.ubuntu.com/ubuntu/dists/$upgraderelease-proposed/main/dist-upgrader-all/current/$upgraderelease.tar.gz
lxc exec ${vm} -- tar xzvf $upgraderelease.tar.gz
#lxc exec ${vm} -- wget https://git.launchpad.net/~chad.smith/ubuntu/+source/ubuntu-release-upgrader/plain/DistUpgrade/DistUpgradeController.py?h=uru-xenial-ubuntu-advantage -O DistUpgradeController.py
#lxc exec ${vm} -- wget https://git.launchpad.net/~chad.smith/ubuntu/+source/ubuntu-release-upgrader/plain/data/mirrors.cfg?h=uru-xenial-ubuntu-advantage -O mirrors.cfg
echo "--- Validate UA APT sources after upgrade"
lxc exec ${vm} -- /checkaptpolicy.sh
echo "--- Ensure UA status reports ESM enabled"
lxc exec ${vm} -- sudo ua status | tee ua-status.upgrade
echo "--- Expect no diffs in original and upgrade status"
diff -urN ua-status.orig ua-status.upgrade
done
[Regression Potential]
None as UA support is not yet officially introduced in Xenial or later. Customers currently have to manually re-enable apt config across upgrades.
=== End SRU Template ===
==== Original Description ===
In order for custom PostInstallScript to add/remove apt packages and
call apt update, DistUpgradecontroller needs to release the apt cache
directory lock before that stage.
If the lock is still in place,
DistUpgradeController.runPostUpgradeScripts hits errors such as:
E: Could not get lock /var/lib/apt/lists/lock - open (11: Resource temporarily unavailable)
E: Unable to lock directory /var/lib/apt/lists/
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1897778/+subscriptions
More information about the foundations-bugs
mailing list