group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #30431
[Bug 1823872] Re: Fixing fsfreeze-hook can break unattended upgrades
Please add Breaks: unattended-upgrades (<< 1.1ubuntu1.18.04.11) to qemu-
guest-agent for Bionic and similar breaks for other affected releases to
prevent unfixed u-u from considering the upgrade the package. This
allows installation of other security fixes.
** Also affects: qemu (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1823872
Title:
Fixing fsfreeze-hook can break unattended upgrades
Status in qemu package in Ubuntu:
New
Status in unattended-upgrades package in Ubuntu:
Fix Released
Status in unattended-upgrades source package in Trusty:
Confirmed
Status in unattended-upgrades source package in Xenial:
Fix Released
Status in unattended-upgrades source package in Bionic:
Fix Released
Status in unattended-upgrades source package in Cosmic:
Fix Released
Status in unattended-upgrades source package in Disco:
Fix Released
Bug description:
[Impact]
* If an update has a new conffile at a path that in a former version was
a directory like
old: /a/b/c
new: a/b
Here b is the new file name and was a directory in the old version.
Then unattended upgrades breaks on installing such a package.
* a recent qemu update has such a case and due to that triggered the
issue in >=Bionic
* The fix is to harden unattended upgrades to be able to handle the case
without aborting.
[Test Case]
Get a qemu guest e.g. of Bionic before the update to 1:2.11+dfsg-1ubuntu7.12
That can be done with:
$ time uvt-simplestreams-libvirt --verbose sync --source http://cloud-images.ubuntu.com/daily arch=amd64 label=daily release=bionic
$ uvt-kvm create --password ubuntu bionic-testuu arch=amd64 release=bionic label=daily
Log in and apt update & upgrade all packages, then Install the release level qemu in there.
$ uvt-kvm ssh bionic-testuu
$ sudo apt update
$ sudo apt dist-upgrade
$ sudo apt install unattended-upgrades
$ sudo apt install qemu-guest-agent=1:2.11+dfsg-1ubuntu7
All before was preparation, now force the unattended upgrade to trigger the bug.
$ sudo unattended-upgrade -d
With the bug you'll find some error like:
found pkg: qemu-guest-agent
conffile line: /etc/init.d/qemu-guest-agent f61a64ac1e48993023018fd1cff85191
current md5: f61a64ac1e48993023018fd1cff85191
conffile line: /etc/qemu/fsfreeze-hook/fsfreeze-hook 15f6ff42cbc5550a07ee21c2a471d905
/etc/qemu/fsfreeze-hook/fsfreeze-hook not in package conffiles /etc/init.d/qemu-guest-agent
/etc/qemu/fsfreeze-hook
found conffile /etc/qemu/fsfreeze-hook in new pkg but on dpkg status
Traceback (most recent call last):
File "/usr/bin/unattended-upgrade", line 2057, in <module>
sys.exit(main(options))
File "/usr/bin/unattended-upgrade", line 1773, in main
if conffile_prompt(item.destfile):
File "/usr/bin/unattended-upgrade", line 988, in conffile_prompt
with open(prefix + conf_file, 'rb') as fp:
IsADirectoryError: [Errno 21] Is a directory: '/etc/qemu/fsfreeze-hook'
[Regression Potential]
* The fix is trying to detect moved conffiles by looking for /etc/foo/foo when the new package ships /etc/foo and /etc/foo is not a known conffile and also checking the renames in the opposite direction.
The potential regression is breaking the logic for detecting changed conffiles and either holding back a package for no reason or trying to install a package with a modified conffile on the system and aborting the upgrade in the middle due to the appearing conffile prompt. To avoid such regressions the test_conffile.py tests are extended to cover rename scenarios.
[Other Info]
* n/a
---
As reported on https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1820291/comments/20
We fixed an issue and we added workrounds since basic mv_conffile coudn't handle it and did all sort of upgrade tests.
That all worked fine and moved the conffile.
It was now reported that due to some pre-checks that unattended
upgrades might do this might do some checks on its own.
Next step:
- check unattended upgrades through this change
- check if it only affects cases were the former config was modified (minority) or the default file layout (majority)
--- original report copied ---
just wanted to add: This bug also crashes unattended-upgrade and thus
prevents security updates on 18.04:
root@mailin1:~# unattended-upgrade
Traceback (most recent call last):
File "/usr/bin/unattended-upgrade", line 1998, in <module>
sys.exit(main(options))
File "/usr/bin/unattended-upgrade", line 1714, in main
if conffile_prompt(item.destfile):
File "/usr/bin/unattended-upgrade", line 929, in conffile_prompt
with open(prefix + conf_file, 'rb') as fp:
IsADirectoryError: [Errno 21] Is a directory: '/etc/qemu/fsfreeze-hook'
Basically, unattended-upgrade wants to compare old/new conffiles and
doesn't like it when the old conffile turns out to be a directory...
This prevents security updates to be installed. The unattended-upgrade
logs do not contain the trace, only the messages:
2019-04-05 13:24:24,851 INFO Initial blacklisted packages:
2019-04-05 13:24:24,853 INFO Initial whitelisted packages:
2019-04-05 13:24:24,853 INFO Starting unattended upgrades script
2019-04-05 13:24:24,854 INFO Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic'
And that's it.
You can't really get out of this without manually running 'apt-get
install qemu-guest-agent' because at this point, unattended-upgrade
can't update itself anymore.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1823872/+subscriptions