unattended-upgrade hangs on shutdown when network is required for updates

Bug #1723761 reported by Juergen Scholz on 2017-10-15
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apt (Ubuntu)
unattended-upgrades (Ubuntu)

Bug Description

Recently an update for flashplugin-installer on xenial was available in the ubuntu repositories.

During the installation of this package a blob is downloaded from Adobe servers, which requires network connectivity/internet access.

Because the network interface(s) have already stopped when this package is installed, the server cannot be reached, thus blocking the shutdown process until a timeout kills the unattended-upgrades process.

On my machines the shutdown takes about 30 minutes in this case. The systemd configuration is standard here, except for a few additional services.

A possible fix could be adding After=network-online.target NetworkManager-wait-online.service to After= in the systemd unit file.

As a workaround I pinned the flashplugin-installer to -1:
#echo >/etc/apt/preferences.d/forbid_flashplugin "\
Package: flashplugin-installer
Pin: release *
Pin-Priority: -1";

Balint Reczey (rbalint) wrote :

There are two modes of running u-u chosen by setting Unattended-Upgrade::InstallOnShutdown to "false" (default) or "true".

When InstallOnShutdown is "false" apt's apt-daily-upgrade.service runs u-u thus this service needs to ensure that network is still up, to not break similar packages.

Note that while vast majority of packages do not need network connection during installation a small fraction of them do perform downloads thus apt's service should try to keep the network up.

When InstallOnShutdown is "true" unattended-upgrades.service is responsible for keeping the network connection up and I believe versions starting with 0.93.1+nmu1 are fixed.

Changed in unattended-upgrades (Ubuntu):
status: New → Fix Released
Julian Andres Klode (juliank) wrote :

grr. So we actually need to add an After=network.target there for shutdown. For start up, we actually also need to do the whole network-online dance, meaning

<= 1.4.y:
 After=network-online.target Wants=network-online.target

>= 1.5.y:

 After=network.target network-online.target systemd-networkd.service NetworkManager.service connman.service
 ExecStartPre=-/usr/lib/apt/apt-helper wait-online

(basically, just copy that stuff from apt-daily.service)

Installer packages are fun!

Changed in unattended-upgrades (Ubuntu):
importance: Undecided → High
Changed in apt (Ubuntu):
importance: Undecided → High
status: New → Triaged
Julian Andres Klode (juliank) wrote :

I guess I'll really have to do 1.6~alpha1 finally this week, so I'll put it in there, and after we have verified and migrated the old SRUs, we can do SRUs for stable releases as well (1.2.26, 1.4.9, 1.5.1).

This really is the APT problem with the most fixups ever :D :(

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers