[Bug 2049208] [NEW] needrestart: bump the debconf severity to medium

[Simon Chopin]

Public bug reported:

Currently, by default needrestart is installed on Server installs and
kicks in at the end of apt commands changing the state of the system
(e.g. upgrades). In its default configuration, it will send a
notification through debconf if the user needs to reboot (e.g. kernel
upgrade, microcode update), and will use a multiselect debconf prompt to
restart services selectively.

The default selection of services *not* to be restarted is based upon a
configurable blacklist (see /etc/needrestart/needrestart.conf, it is
fairly extensive by default), as well as a cgroup-based heuristic to
differentiate services vs user sessions. From the upstream README:

> If needrestart detects systemd it will assume that libpam-systemd is
used and relies on cgroup names to detect if a process belongs to a user
session or a daemon

I'm assuming we're only considering scenarios where libpam-systemd is
used?

The issue here is that the debconf prompts used by needrestart have a
'critical' severity, which means they'll block the process if debconf is
in interactive mode. To avoid this, there are two possibilities:

1/ configure needrestart to use the stdout backend by default. This means the services will *not* be restarted (needrestart defaults to not doing anything when using a non-interactive backend)
2/ reduce the debconf severity to 'normal' or below so that its prompts don't appear by default, and the default choices are used instaed.

I'd rather have the services restarted by default, but the issue is that
users would lose the reboot notifications altogether.

** Affects: needrestart (Ubuntu)
     Importance: Undecided
         Status: New

** Attachment added: "needrestart.debdiff"
   https://bugs.launchpad.net/bugs/2049208/+attachment/5738758/+files/needrestart.debdiff

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to needrestart in Ubuntu.
https://bugs.launchpad.net/bugs/2049208

Title:
  needrestart: bump the debconf severity to medium

Status in needrestart package in Ubuntu:
  New

Bug description:
  Currently, by default needrestart is installed on Server installs and
  kicks in at the end of apt commands changing the state of the system
  (e.g. upgrades). In its default configuration, it will send a
  notification through debconf if the user needs to reboot (e.g. kernel
  upgrade, microcode update), and will use a multiselect debconf prompt
  to restart services selectively.

  The default selection of services *not* to be restarted is based upon
  a configurable blacklist (see /etc/needrestart/needrestart.conf, it is
  fairly extensive by default), as well as a cgroup-based heuristic to
  differentiate services vs user sessions. From the upstream README:

  > If needrestart detects systemd it will assume that libpam-systemd is
  used and relies on cgroup names to detect if a process belongs to a
  user session or a daemon

  I'm assuming we're only considering scenarios where libpam-systemd is
  used?

  The issue here is that the debconf prompts used by needrestart have a
  'critical' severity, which means they'll block the process if debconf
  is in interactive mode. To avoid this, there are two possibilities:

  1/ configure needrestart to use the stdout backend by default. This means the services will *not* be restarted (needrestart defaults to not doing anything when using a non-interactive backend)
  2/ reduce the debconf severity to 'normal' or below so that its prompts don't appear by default, and the default choices are used instaed.

  I'd rather have the services restarted by default, but the issue is
  that users would lose the reboot notifications altogether.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/needrestart/+bug/2049208/+subscriptions