group.of.nepali.translators team mailing list archive
-
group.of.nepali.translators team
-
Mailing list archive
-
Message #43892
[Bug 1980865] Re: ua auto-attach hangs whilst starting ubuntu-advantage on FIPS machines
This bug was fixed in the package ubuntu-advantage-tools -
27.10.1~16.04.1
---------------
ubuntu-advantage-tools (27.10.1~16.04.1) xenial; urgency=medium
* Backport new upstream release: (LP: #1980990) to xenial
ubuntu-advantage-tools (27.10.1~22.10.1) kinetic; urgency=medium
* apt-hook: Fix missing import warning when compiling
ubuntu-advantage-tools (27.10~22.10.1) kinetic; urgency=medium
* d/control:
- Drop golang dependencies
* d/rules:
- Only install APT hooks on LTS series
* New upstream release 27.10 (LP: #1980990)
- apt-hook: replace golang with cpp for json-hook
- cli
+ properly sort services for detach/attach (GH: #1831)
+ collect-logs include rotated log files
+ display UA features directly on status
- daemon: do not try enabling daemon during auto-attach (LP: #1980865)
- fix:
+ update ua portal url when asking for attach
+ add --dry-run option
- gcp-pro: better error message for metadata endpoint error
- requests: Add default timeout for web requests
- timer: log when job start running
- security-status: include download size of package updates
-- Lucas Moura <lucas.moura@xxxxxxxxxxxxx> Tue, 12 Jul 2022 15:09:46
-0300
** Changed in: ubuntu-advantage-tools (Ubuntu Xenial)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1980865
Title:
ua auto-attach hangs whilst starting ubuntu-advantage on FIPS machines
Status in ubuntu-advantage-tools package in Ubuntu:
Fix Released
Status in ubuntu-advantage-tools source package in Xenial:
Fix Released
Status in ubuntu-advantage-tools source package in Bionic:
Fix Released
Status in ubuntu-advantage-tools source package in Focal:
Fix Released
Status in ubuntu-advantage-tools source package in Jammy:
Fix Released
Bug description:
[Impact]
This bug causes custom images based on Ubuntu Pro in public clouds
that were built in a certain way to never finish booting (as
determined by `cloud-init status --wait` never exiting). The bug
occcurs when `ua detach` is not run as part of the custom image
creation process.
The bug occurs because of a systemd service starting deadlock. The
oneshot `ua-auto-attach.service` erroneously trys to start (and wait
on) `ubuntu-advantage.service`, but `ubuntu-advantage.service` is
`After: ua-auto-attach.service`. The result is that `ubuntu-
advantage.service` never starts and `ua-auto-attach.service` never
finishes.
The fix is to not start `ubuntu-advantage.service` during `ua-auto-
attach.service`. This is never necessary anyway and never should have
happened. So just removing the call is sufficient.
[Test Plan]
To Reproduce:
Use a packer.json like the following:
```
{
"builders": [
{
"type": "amazon-ebs",
"access_key": "{{user `aws_access_key`}}",
"secret_key": "{{user `aws_secret_key`}}",
"region": "us-east-2",
"instance_type": "t2.micro",
"ami_name": "My-Ubuntu-Pro-20.04-{{timestamp}}",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "ubuntu-pro-server*20.04-amd64*",
"root-device-type": "ebs"
},
"owners": ["679593333241"],
"most_recent": true
},
"ssh_username": "ubuntu"
}
],
"provisioners": [
{
"type": "shell",
"inline": [
"cloud-init status --wait"
]
}
]
}
```
build the image with packer
```
packer build packer.json
```
use the ami to launch a new instance
ssh into the machine and run
```
cloud-init status --wait
```
That command will never finish.
Also systemctl status will report the system as "starting" forever. And ua-auto-attach.service will show "systemctl start ubuntu-advantage.service" as a subprocess that never exits.
To test that release 27.10.1 of ubuntu-advantage-tools fixes the problem, you can use the following packer.json to enable proposed and upgrade during image creation.
```
{
"builders": [
{
"type": "amazon-ebs",
"access_key": "{{user `aws_access_key`}}",
"secret_key": "{{user `aws_secret_key`}}",
"region": "us-east-2",
"instance_type": "t2.micro",
"ami_name": "My-Ubuntu-Pro-20.04-{{timestamp}}",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "ubuntu-pro-server*20.04-amd64*",
"root-device-type": "ebs"
},
"owners": ["679593333241"],
"most_recent": true
},
"ssh_username": "ubuntu"
}
],
"provisioners": [
{
"type": "shell",
"inline": [
"cloud-init status --wait",
"printf \"deb http://archive.ubuntu.com/ubuntu/ focal-proposed main\" | sudo tee /etc/apt/sources.
list.d/uaclient-proposed.list",
"sudo apt update",
"sudo apt install ubuntu-advantage-tools"
]
}
]
}
```
In an instance launched from that packer.json, `cloud-init status
--wait` will complete. And the other symptoms mentioned above will not
be present.
[Where problems could occur]
The fix is to move the `systemctl start ubuntu-advantage.service` call
out of a shared function that gets called during auto-attach.
If we made a mistake, it may happen that the service is not started in
some scenario where it should be started.
[Original Description]
When ua auto-attach v27.9 is ran on Ubuntu Pro hosts (with FIPS
enabled) it issues an systemctl start ubuntu-advantage command which
hangs forever and is never killed, my understanding is this service is
only meant to run on GCP and has constraints in the systemd unit which
should ensure this is true so unsure whats causing the systemctl
command to hang rather than exit immediately
root@<hostname>:~# ps f -g 590
PID TTY STAT TIME COMMAND
590 ? Ss 0:00 /usr/bin/python3 /usr/bin/ua auto-attach
15387 ? S 0:00 \_ systemctl start ubuntu-advantage.service
Description: Ubuntu 20.04.4 LTS
Release: 20.04
Also confirmed the same behaviour on Ubuntu 18.04 LTS
ubuntu-advantage-tools:
Installed: 27.9~20.04.1
Candidate: 27.9~20.04.1
Version table:
*** 27.9~20.04.1 500
500 http://us-gov-west-1.ec2.archive.ubuntu.com/ubuntu focal-updates/main amd64 Packages
100 /var/lib/dpkg/status
Packages
20.3 500
500 http://us-gov-west-1.ec2.archive.ubuntu.com/ubuntu focal/main amd64 Packages
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1980865/+subscriptions
