please add support to run postinst-style code on first boot after upgrades
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Ubuntu system image |
In Progress
|
Critical
|
Unassigned | ||
click-apparmor (Ubuntu) |
Won't Fix
|
Undecided
|
Unassigned | ||
Saucy |
Won't Fix
|
Undecided
|
Unassigned | ||
Trusty |
Won't Fix
|
Undecided
|
Unassigned | ||
lxc-android-config (Ubuntu) |
Fix Released
|
High
|
Unassigned | ||
Saucy |
Fix Released
|
High
|
Unassigned |
Bug Description
Currently updates to system packages are run on the server with postinst, triggers, etc running there such that when an image based update is delivered, all of this already done. This a great for the vast majority of cases but there are times when this is not enough, for example, updating click package apparmor profiles after the system has apparmor policy updates. Consider this scenario:
1. user uses RO Ubuntu image on a device
2. user install 15 click packages
3. bug is found in apparmor policy for the ubuntu-sdk apparmor template
4. apparmor-
5. image based upgrades picks this up and include the new apparmor-
6. the update is delivered to users
At this point, newly installed click packages will get the apparmor policy fixes, but not the original 15. It is a requirement for application confinement that we are able to update policy for already installed click packages. Currently, policy updates may happen via apparmor, apparmor-
Related branches
summary: |
- please add support to run code on first boot after upgrades + please add support to run postinst-style code on first boot after + upgrades |
tags: | added: appstore |
Changed in lxc-android-config (Ubuntu Saucy): | |
importance: | Undecided → High |
assignee: | nobody → Stéphane Graber (stgraber) |
status: | New → Triaged |
Changed in ubuntu-system-image: | |
assignee: | nobody → Stéphane Graber (stgraber) |
importance: | Undecided → High |
status: | New → Triaged |
Changed in ubuntu-system-image: | |
importance: | High → Critical |
status: | Triaged → In Progress |
Changed in ubuntu-system-image: | |
assignee: | Stéphane Graber (stgraber) → nobody |
Changed in lxc-android-config (Ubuntu): | |
assignee: | Stéphane Graber (stgraber) → nobody |
Changed in lxc-android-config (Ubuntu Saucy): | |
assignee: | Stéphane Graber (stgraber) → nobody |
apparmor, apparmor- easyprof- ubuntu and click-apparmor will need to be adjusted to use what Stephane comes up with. Add tasks for those.