[Bug 2065229] Re: Upgrades to 24.04 LTS should be temporarily prevented for TPM FDE systems

Tue May 21 17:08:53 UTC 2024

This bug was fixed in the package ubuntu-release-upgrader - 1:24.04.18

---------------
ubuntu-release-upgrader (1:24.04.18) noble; urgency=medium

  [ Nick Rosbrook ]
  * tests: fix un-templated expected ubuntu.sources
  * DistUpgradeQuirks: prevent upgrades of TPM FDE desktops (LP: #2065229)
  * Run pre-build.sh: updating mirrors, demotions, and translations.

  [ Dave Jones ]
  * New quirk to add KMS overlay on Pi Server images (LP: #2065051)

ubuntu-release-upgrader (1:24.04.17) noble; urgency=medium

  [ Nick Rosbrook ]
  * Revert "DistUpgrade.cfg.jammy: keep {netfilter,iptables}-persistent installed"
  * DistUpgradeQuirks: keep {netfilter,iptables}-persistent instead of ufw
    (LP: #2061891)

  [ Julian Andres Klode ]
  * DistUpgrade.cfg.jammy: Add systemd-resolved to PostUpgradeInstall
    (LP: #2063464)
  * Transition the automatically installed bit to t64 libraries, and
    do not write automatically installed bit in simulation (LP: #2064090)
  * Run pre-build.sh: updating mirrors, demotions, and translations.

 -- Nick Rosbrook <enr0n at ubuntu.com>  Thu, 09 May 2024 15:39:56 -0400

** Changed in: ubuntu-release-upgrader (Ubuntu Noble)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubuntu-release-upgrader in
Ubuntu.
https://bugs.launchpad.net/bugs/2065229

Title:
  Upgrades to 24.04 LTS should be temporarily prevented for TPM FDE
  systems

Status in ubuntu-release-upgrader package in Ubuntu:
  Fix Released
Status in ubuntu-release-upgrader source package in Noble:
  Fix Released

Bug description:
  [Impact]
  It is not currently supported to upgrade desktop systems installed with TPM-backed FDE, so we should not allow such upgrades to start. We should notify the user of this and abort the upgrade.

  [Test Plan]

  Attempt an upgrade from 23.10 to 24.04 LTS on various types of Ubuntu
  installs:

  1. Desktop with TPM FDE
  2. Desktop classic
  3. LXD Container

  In case (1), the upgrade should be aborted with an appropriate message
  to the user. In cases (2) and (3), the upgrade should proceed as
  normally.

  [Where problems could occur]
  The test condition for determining that we are on Desktop with TPM FDE is checking that (a) pc-kernel snap is installed, and (b) ubuntu-desktop-minimal is installed. If the test condition is inadequate in some way, we would see bug reports about upgrades being blocked unnecessarily, or possibly users being allowed to upgrade despite running TPM FDE.

  As always with these kinds of quirks, if any package or snap names
  were spelled incorrectly, the quirk would not work correctly.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/2065229/+subscriptions