Ubuntu
apt package

frontend locking regression: dpkg::post-invoke scripts can't install packages

Bug #1796808 reported by Julian Andres Klode on 2018-10-09

This bug affects 1 person

	Status	Importance	Assigned to
apt (Ubuntu)	Fix Released	Undecided	Unassigned
Xenial	Fix Released	Undecided	Unassigned
Bionic	Fix Released	Undecided	Unassigned
Cosmic	Fix Released	Undecided	Unassigned

Bug Description

[Impact]
The switch to frontend locking in 1.2.28/1.6.5/1.7~ caused scripts registered in

DPkg::Pre-Install-Pkgs
DPkg::Pre-Invoke
DPkg::Post-Invoke

To be run with the frontend lock held. This caused problems with some installer packages like libdvd-pkg which install a locally built package in such a hook.

To reduce the impact, a fix has been applied in 1.7.0 which exports the DPKG_FRONTEND_LOCKED variable when running those scripts, allowing dpkg to be run from those scripts.

[Test case]
Make sure that the test-frontend-lock test run by autopkgtest succeeds. This checks that:

(1) the variable is correctly exported to those scripts
(2) the frontend lock is still held
(3) dpkg can be run from the post-invoke script

[Regression potential]
Depending on the script (for example, if the script starts a daemon manually or something like that), DPKG_FRONTEND_LOCKED might leak to other processes which might survive the apt call and thus revert surviving process to not using frontend locking.

[Other info]
This fix is for backwards compatibility only. Starting with the dd cycle, it will be dropped for the Pre-Install-Pkgs and Pre-Invoke scripts. Potentially for post-invoke as well, if we find a better solution for it.

Tags:

Julian Andres Klode (juliank) on 2018-10-09

Changed in apt (Ubuntu Xenial):
status:	New → Triaged
Changed in apt (Ubuntu Bionic):
status:	New → Triaged
Changed in apt (Ubuntu Cosmic):
status:	New → Fix Released

Revision history for this message

Brian Murray (brian-murray) wrote on 2018-10-17: Please test proposed package

Hello Julian, or anyone else affected,

Accepted apt into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.2.29 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in apt (Ubuntu Xenial):
status:	Triaged → Fix Committed
tags:	added: verification-needed verification-needed-xenial

Revision history for this message

Brian Murray (brian-murray) wrote on 2018-10-17:

Hello Julian, or anyone else affected,

Accepted apt into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.6.6 in a few hours, and then in the -proposed repository.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in apt (Ubuntu Bionic):
status:	Triaged → Fix Committed
tags:	added: verification-needed-bionic

Revision history for this message

Julian Andres Klode (juliank) wrote on 2018-10-18:

The specified tests passed on both:

bionic (1.6.6):

(187/248) Testcase test-frontend-lock: P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P

xenial (1.2.29):

(165/220) Testcase test-frontend-lock: P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P P

tags:

added: verification-done verification-done-bionic verification-done-xenial
removed: verification-needed verification-needed-bionic verification-needed-xenial

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-10-25:

This bug was fixed in the package apt - 1.6.6

---------------
apt (1.6.6) bionic; urgency=medium

  * Set DPKG_FRONTEND_LOCKED when running {pre,post}-invoke scripts.
    Some post-invoke scripts install packages, which fails because
    the environment variable is not set. This sets the variable for
    all three kinds of scripts {pre,post-}invoke and pre-install-pkgs,
    but we will only allow post-invoke at a later time.
    (LP: #1796808)

apt (1.6.5) bionic; urgency=medium

  [ David Kalnischkies ]
  * Support records larger than 32kb in 'apt show' (Closes: #905527)
    (LP: #1787120)

  [ Julian Andres Klode ]
  * Add support for dpkg frontend lock (Closes: #869546) (LP: #1781169)
  * Set DPKG_FRONTEND_LOCKED as needed when doing selection changes
  * http: Stop pipeline after close only if it was not filled before
    (LP: #1794957)
  * pkgCacheFile: Only unlock in destructor if locked before (LP: #1794053)
  * Update libapt-pkg5.0 symbols for frontend locking

-- Julian Andres Klode <email address hidden> Tue, 09 Oct 2018 12:16:51 +0200

Changed in apt (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Revision history for this message

Łukasz Zemczak (sil2100) wrote on 2018-10-25: Update Released

The verification of the Stable Release Update for apt has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-10-25:

This bug was fixed in the package apt - 1.2.29

---------------
apt (1.2.29) xenial; urgency=medium

apt (1.2.28) xenial; urgency=medium

  [ Julian Andres Klode ]
  * apt.conf.autoremove: Add linux-cloud-tools to list (LP: #1698159)
  * Add support for dpkg frontend lock (Closes: #869546) (LP: #1781169)
  * Set DPKG_FRONTEND_LOCKED as needed when doing selection changes
  * http: Stop pipeline after close only if it was not filled before
    (LP: #1794957)
  * pkgCacheFile: Only unlock in destructor if locked before (LP: #1794053)
  * Update libapt-pkg5.0 symbols for frontend locking

  [ David Kalnischkies ]
  * Support records larger than 32kb in 'apt show' (Closes: #905527)
    (LP: #1787120)

-- Julian Andres Klode <email address hidden> Tue, 09 Oct 2018 12:35:03 +0200

Changed in apt (Ubuntu Xenial):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuapt package

frontend locking regression: dpkg::post-invoke scripts can't install packages

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
apt package