[Bug 2019089] Re: shutdown-scripts service is restarted on package upgrade - causing any configured shutdown scripts to be run

Thu May 25 08:32:17 UTC 2023

** Also affects: google-guest-agent (Ubuntu Focal)
   Importance: Undecided
       Status: New

** Also affects: google-guest-agent (Ubuntu Bionic)
   Importance: Undecided
       Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to google-guest-agent in Ubuntu.
https://bugs.launchpad.net/bugs/2019089

Title:
  shutdown-scripts service is restarted on package upgrade - causing any
  configured shutdown scripts to be run

Status in google-guest-agent package in Ubuntu:
  Fix Released
Status in google-guest-agent source package in Bionic:
  New
Status in google-guest-agent source package in Focal:
  New
Status in google-guest-agent source package in Jammy:
  Confirmed
Status in google-guest-agent source package in Kinetic:
  Confirmed
Status in google-guest-agent source package in Lunar:
  Confirmed
Status in google-guest-agent source package in Mantic:
  Fix Released

Bug description:
  [Impact]
  ========

  Initially reported @ https://github.com/GoogleCloudPlatform/guest-
  agent/issues/119

  Basically anytime the google-guest-agent package is updated, these
  services are restarted which means the customer scripts are run at a
  time they are not supposed to be. This caused an outage for one
  customer who had some logic in their shutdown script that basically
  turned off their services.

  The issue is most certainly in the autogenerated preinst script which
  should not be there. Stopping the shutdown service will invoke the
  shutdown script. This wasn't there in previous Ubuntu versions.

  Ubuntu 22.04 preinst script
  ```
  #!/bin/sh
  set -e
  # Automatically added by dh_installdeb/13.6ubuntu1
  dpkg-maintscript-helper rm_conffile /etc/defaults/instance_configs.cfg 20200617.00-0ubuntu2\~ -- "$@"
  # End automatically added section
  # Automatically added by dh_installsystemd/13.6ubuntu1
  if [ -z "${DPKG_ROOT:-}" ] && [ "$1" = upgrade ] && [ -d /run/systemd/system ] ; then
  deb-systemd-invoke stop 'google-shutdown-scripts.service' 'google-startup-scripts.service' >/dev/null || true
  fi
  # End automatically added section
  ```

  Ubuntu 20.04 preinst script

  ```
  root at ubu2004:/tmp/DEBIAN# cat preinst
  #!/bin/sh
  set -e
  # Automatically added by dh_installdeb/12.10ubuntu1
  dpkg-maintscript-helper rm_conffile /etc/defaults/instance_configs.cfg 20200617.00-0ubuntu2\~ -- "$@"
  # End automatically added section
  ```

  One reason this issue was of concern as the latest google-guest-agent
  update was a rebuild promoted by golang-1.18 being updated to address
  CVEs prompting a rebuild of all packages dependant on golang-1.18 and
  publication of those rebuilds to the -security pocket. unattended-
  upgrades then upgraded google-guest-agent in the background which
  restarted the shutdown-scripts.

  We do want the services to be enabled on initial installation and to
  be started on instance start but they should not be restarted/stopped
  during the lifetime of the instance.

  [Test Plan]
  ===========

  After having the fixes in, we'll run the reproducer and the test
  script mentioned in the first comment:
  https://bugs.launchpad.net/ubuntu/+source/google-guest-
  agent/+bug/2019089/comments/1.

  This will help us validate that the fix is indeed working as it
  should.

  A demonstration of that reproducer script is shown in the 2nd comment:
  https://bugs.launchpad.net/ubuntu/+source/google-guest-agent/+bug/2019089/comments/2.

  Further, we'll also build the images and run the CTF tests (internal
  tests) on them on our side and then ask Google to validate these
  images to make sure they also confirm that the bug is indeed fix and
  there's no regression or fallout with this update.

  Once Google comes back with the validation, we'll assume enough
  testing and verification has been done and will mark the bug with the
  same.

  [Where Problems Could Occur]
  ============================

  The patch just adds "--no-stop-on-upgrade" to the already existing "--
  no-start --no-restart-after-upgrade". So if somebody is relying on
  that behavior or has a workaround that somehow, it'll break the setup
  for them. But this update should bring them the right fix. I don't
  expect a lot of users to regress because of that, though.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/google-guest-agent/+bug/2019089/+subscriptions