[Merge] ~magalilemes/ubuntu-release-upgrader:block-focal-fips into ubuntu-release-upgrader:ubuntu/jammy
Magali Lemes do Sacramento
mp+478097 at code.launchpad.net
Thu Jan 30 21:02:20 UTC 2025
Fixed the code based on your comments.
You're right in that do-release-upgrade requires the system to have all the packages up-to-date before proceeding. Even so, it doesn't seem to require the latest available kernel to be running at the time of upgrade, just that it is installed. Now I'd imagine this to be a very rare case, but the issue can still be reproduced if the system is running an unfixed FIPS kernel, even if the system in question has the fixed kernel installed. Here's one way I could find to reproduce the issue:
pro attach <your-token>
pro enable fips --assume-yes
pro enable fips-updates --assume-yes
grub-reboot '1>2' # or any other command to boot into the -1024 kernel from the "fips" channel, obtained by enabling "fips" previously
reboot
apt upgrade -y
do-release-upgrade
Other than the way above, I could also imagine that a fips-updates system running an older fips-updates kernel but with the newest kernel installed could also face this issue.
--
https://code.launchpad.net/~magalilemes/ubuntu-release-upgrader/+git/ubuntu-release-upgrader/+merge/478097
Your team Ubuntu Core Development Team is subscribed to branch ubuntu-release-upgrader:ubuntu/jammy.
More information about the Ubuntu-reviews
mailing list