Ubuntu
apt package

Daily apt update timer downloads all dist-upgradable packages

Bug #1825812 reported by Julian Andres Klode on 2019-04-22

8

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	apt (Ubuntu)	New	Undecided	Unassigned
	software-properties (Ubuntu)	New	Undecided	Unassigned
	unattended-upgrades (Ubuntu)	Invalid	Undecided	Unassigned
	update-notifier (Ubuntu)	New	Undecided	Unassigned

Bug Description

[Impact]
apt-daily.service accidentally runs apt-get -d dist-upgrade after the first time it runs unattended-upgrades -d due to the latter reusing the stamp of the former.

This means that machines download all packages that can be dist-upgraded rather than just the security updates unattended-upgrades will install; which means they might be wasting bandwidth.

[Test case]
TODO

[Regression potential]
TODO

Revision history for this message

Julian Andres Klode (juliank) wrote on 2019-04-22:

#1

This is caused by these options:

$ grep -R Download-Upgradeable-Packages /etc/apt
/etc/apt/apt.conf.d/10periodic:APT::Periodic::Download-Upgradeable-Packages "1";
/etc/apt/apt.conf.d/20auto-upgrades:APT::Periodic::Download-Upgradeable-Packages "1";

They should be 0 w/ recent APT (which runs unattended-upgrade --download-only based on the unattended-upgrades interval), but are set to 1, which means we download all upgradable packages before running u-u --download-only.

Revision history for this message

Steve Langasek (vorlon) wrote on 2019-04-22:

#2

I somehow thought that this was intentional behavior, that we would download all of the packages so that they would be available to apply quickly, even if we would only automatically install the security updates.

Revision history for this message

Julian Andres Klode (juliank) wrote on 2019-04-22:

#3

Hmm well it was not what I intended, otherwise I'd not have bothered with the u-u option. But um, worth weighing the options.

Balint Reczey (rbalint) on 2019-05-07

Changed in unattended-upgrades (Ubuntu):
status:	New → Invalid

Revision history for this message

Balint Reczey (rbalint) wrote on 2019-05-07:

#4

Unattended-upgrades in not affected by this bug because it downloads only packages it would install and the configuration files it ships are set to only do that.

It looks like software properties changes the files to include those keys.
https://sources.debian.org/src/software-properties/0.96.20.2-2/softwareproperties/SoftwareProperties.py/?hl=605#L605

Revision history for this message

Balint Reczey (rbalint) wrote on 2019-05-07:

#5

Regarding the optimal behaviour u-u spends significant amount of CPU time on deciding which are the upgradable packages especially if there are held packages thus there is a tradeoff between network and CPU usage.
I believe both of the options have their benefits, and on a desktop system -updates are more likely to be installed quickly after downloading them thus software-properties seems to be doing the right thing by requesting all packages to be downloaded.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.