[Bug 1747499] Re: 98-reboot-required and Interaction with livepatch

Mon May 16 12:44:19 UTC 2022

Trying to validate this upload but unattended-upgrades failed to build
with:

Applying pinning: PkgFilePin(id=0, priority=-32768)
Applying pin -32768 to package_file: <apt_pkg.PackageFile object: filename:'/<<PKGBUILDDIR>>/test/root.unused-deps/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_lucid-updates_main_binary-amd64_Packages'  a=lucid-updates,c=main,v=10.04,o=Ubuntu,l=Ubuntu arch='amd64' site='archive.ubuntu.com' IndexType='Debian Package Index' Size=106 ID:0>
Using (^linux-image-[1-9][0-9]*\.[0-9]+\.[0-9]+-[0-9]+(-.+)?$|^.*-modules-[1-9][0-9]*\.[0-9]+\.[0-9]+-[0-9]+(-.+)?$|^linux-headers-[1-9][0-9]*\.[0-9]+\.[0-9]+-[0-9]+(-.+)?$) regexp to find kernel packages
Using (^linux-image-5\.4\.0\-109\-generic$|^linux-image-5\.4\.0\-109$|^.*-modules-5\.4\.0\-109\-generic$|^.*-modules-5\.4\.0\-109$|^linux-headers-5\.4\.0\-109\-generic$|^linux-headers-5\.4\.0\-109$) regexp to find running kernel packages
{'old-unused-dependency', 'any-old-unused-modules'}
Keeping auto-removable test-package-dependency package(s) because it would also remove the following packages which should be kept in this step: old-unused-dependency
The following packages are marked for installation or upgrade which is not allowed when performing autoremovals: forbidden-dependency
.
======================================================================
FAIL: test_remove_unused_dependencies_new_unused_only (__main__.TestRemoveUnused)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "./test_remove_unused.py", line 164, in test_remove_unused_dependencies_new_unused_only
    self.assertTrue(needle_kernel_good in haystack,
AssertionError: False is not true : Can not find 'Removing unused kernel packages: linux-image-4.05.0-1021-kvm
' in '2022-05-10 20:56:21,336 INFO Starting unattended upgrades script

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to unattended-upgrades in Ubuntu.
https://bugs.launchpad.net/bugs/1747499

Title:
  98-reboot-required and Interaction with livepatch

Status in unattended-upgrades package in Ubuntu:
  Fix Released
Status in update-notifier package in Ubuntu:
  Fix Released
Status in unattended-upgrades source package in Focal:
  Fix Committed
Status in update-notifier source package in Focal:
  Fix Committed

Bug description:

  [Impact]

   * If a system is using canonical livepatch, has it enabled, and
  patches are applied, it could be confusing for a user to receive a
  "system restart required" messages in the MOTD when logging in.

   * Livepatch is available on LTS releases. Thus, the users can be
  confused following a kernel update on 20.04.

   * The upload prevents update-notifier and unattended-ugprades hooks from adding "system restart"-related messages to motd when Livepatch is enabled.
  Livepatch, when enabled, already contributes to the motd message so there is no need to have duplicate (and sometimes contradictory) information.

  [Test Plan]

   * how to reproduce the bug:

     1. Install and boot a 20.04 server VM
     2. Make sure it runs a generic kernel (or another flavour that supports Livepatch)
     3. Enable Livepatch using the following command:
         $ ua attach <token>    # replace <token> by an actual contract token
     4. Upgrade the kernel (if you are already running the latest available kernel update, you can install a different flavour)
     5. Upon logging in again, the motd will show ***System restart required***.

   * other testing appropriate to perform before landing this update:

    * Making sure that the patch has no impact when livepatch is not enabled.
    * The motd should show ***System restart required*** after upgrading the kernel if livepatch is not enabled.

  [Where problems could occur]

   * The change updates a hook script in /etc/kernel/postinst.d/.
  Scripts in this directory are executing when upgrading / installing a
  kernel. If somehow the script is broken, it can prevent dpkg for
  succeeding when upgrading / installing the kernel.

   * If the implementation is wrong, we might end up "losing" the
  ***System restart required*** message when livepatch is disabled

  [Original bug description]

  If a system is using canonical livepatch, has it enabled, and patches
  are applied, it could be confusing for a user to receive a "system
  restart required" messages in the MOTD when logging in.

  That message, when present, is printed by 98-reboot-required which
  essentially just cats /var/run/reboot-required to stdout. That file is
  placed by packages that require a reboot so that they are properly
  used in their updated versions. Examples that come to mind are libc
  and the kernel.

  There is a secondary file that can be created which says which
  packages requested the reboot. That would be /var/run/reboot-
  required.pkgs

  Ideally that script should not print out the reboot required message
  if a) livepatch is installed and enabled; b) the only trigger for the
  reboot is a kernel update.

  For (a), one can use the command "ubuntu-advantage is-livepatch-
  enabled" and check $?. That is in the ubuntu-advantage-tools package.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1747499/+subscriptions