Protected/Important packages are not deconfigured, require Force-LoopBreak

Bug #1916725 reported by Julian Andres Klode
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apt (Ubuntu)
Fix Released
Undecided
Unassigned
Bionic
Fix Released
Undecided
Unassigned
Focal
Fix Released
Undecided
Unassigned
Groovy
Fix Released
Undecided
Unassigned
Hirsute
Fix Released
Undecided
Unassigned

Bug Description

[Impact]
If a package that is Protected: yes (or Important: yes), or one of it's dependencies, is involved in a dependency loop with Breaks, APT requires APT::Force-LoopBreak instead of resolving the situation directly.

On focal, we also introduce the actual support for protected packages to enable upgrading to later releases more easily (in case a protected package needs to be removed during the upgrade), and to make the backport more similar to main.

[Test plan]
Run the integration test suite (the autopkgtest) :)

Our test suite covers the tests for both Breaks and Conflicts.

Breaks:

protected-sysvinit (= 1) without dependencies is installed
protected-sysvinit (= 2) Pre-Depends protected-systemd-sysv
protected-systemd-sysv (= 2) Breaks: protected-sysvinit (<< 2)

Test: Install protected-sysvinit (= 2)
Expected result: Unpacking protected-sysvinit (= 2) deconfigures protected-sysvinit (= 1), and then we unpack and configure protected-sysvinit (= 2) and end up with a working system.

Conflicts: As for Breaks, but the Conflicts will remove the package temporarily, requiring the use of APT::Force-LoopBreak option.

For focal, we also do have a test to check that the Protected field is being used.

[Where problems could occur]
We now allow dpkg to automatically deconfigure protected packages. This should just make them behave like normal packages to APT's eye, but bugs I guess could occur somewhere in the APT/dpkg interaction (this only applies to releases with Protected support in dpkg, Important is not affected, it's always been "normal" for dpkg).

During development, we accidentally simplified the patch so much that Conflicts did not require Force-LoopBreak for temporary removal. We fixed that, but it points out that there is a place where the loop break check happens that is a potential regression place.

On focal, we pass additional flags to dpkg that focal's dpkg does not understand, however, we only do that if dpkg asserts it does that, so in practice, this should all work fine and the code path will only be taken with >=groovy dpkg.

description: updated
Changed in apt (Ubuntu Hirsute):
status: New → Triaged
Changed in apt (Ubuntu Groovy):
status: New → Incomplete
status: Incomplete → Triaged
Changed in apt (Ubuntu Focal):
status: New → Triaged
Changed in apt (Ubuntu Bionic):
status: New → Triaged
description: updated
Changed in apt (Ubuntu Groovy):
status: Triaged → In Progress
Changed in apt (Ubuntu Hirsute):
status: Triaged → Fix Released
description: updated
Revision history for this message
Brian Murray (brian-murray) wrote : Please test proposed package

Hello Julian, or anyone else affected,

Accepted apt into groovy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/2.1.10ubuntu0.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-groovy to verification-done-groovy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-groovy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in apt (Ubuntu Groovy):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-groovy
Revision history for this message
Ubuntu SRU Bot (ubuntu-sru-bot) wrote : Autopkgtest regression report (apt/2.1.10ubuntu0.3)

All autopkgtests for the newly accepted apt (2.1.10ubuntu0.3) for groovy have finished running.
The following regressions have been reported in tests triggered by the package:

reprotest/0.7.15 (arm64, s390x)
livecd-rootfs/2.694.3 (amd64, s390x)
dgit/9.11ubuntu1 (arm64)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/groovy/update_excuses.html#apt

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message
Łukasz Zemczak (sil2100) wrote : Please test proposed package

Hello Julian, or anyone else affected,

Accepted apt into focal-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/2.0.5 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-focal to verification-done-focal. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-focal. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in apt (Ubuntu Focal):
status: Triaged → Fix Committed
tags: added: verification-needed-focal
Revision history for this message
Łukasz Zemczak (sil2100) wrote :

Hello Julian, or anyone else affected,

Accepted apt into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/apt/1.6.13 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in apt (Ubuntu Bionic):
status: Triaged → Fix Committed
tags: added: verification-needed-bionic
Revision history for this message
Ubuntu SRU Bot (ubuntu-sru-bot) wrote : Autopkgtest regression report (apt/1.6.13)

All autopkgtests for the newly accepted apt (1.6.13) for bionic have finished running.
The following regressions have been reported in tests triggered by the package:

apport/2.20.9-0ubuntu7.23 (amd64, i386)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/bionic/update_excuses.html#apt

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message
Ubuntu SRU Bot (ubuntu-sru-bot) wrote : Autopkgtest regression report (apt/2.0.5)

All autopkgtests for the newly accepted apt (2.0.5) for focal have finished running.
The following regressions have been reported in tests triggered by the package:

reprotest/0.7.14 (s390x, ppc64el)

Please visit the excuses page listed below and investigate the failures, proceeding afterwards as per the StableReleaseUpdates policy regarding autopkgtest regressions [1].

https://people.canonical.com/~ubuntu-archive/proposed-migration/focal/update_excuses.html#apt

[1] https://wiki.ubuntu.com/StableReleaseUpdates#Autopkgtest_Regressions

Thank you!

Revision history for this message
Julian Andres Klode (juliank) wrote :

autopkgtests for apt have passed, so validation was successful. I'm confident the autopkgtest failures are unrelated intermittent ones; I've done some more retries.

tags: added: verification-done verification-done-bionic verification-done-groovy verification-donefocal
removed: verification-needed verification-needed-bionic verification-needed-focal verification-needed-groovy
tags: added: verification-done-focal
removed: verification-donefocal
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 2.1.10ubuntu0.3

---------------
apt (2.1.10ubuntu0.3) groovy; urgency=medium

  [ David Kalnischkies ]
  * Fix incorrect base64 encoding due to int promotion (LP: #1916050)
  * Harden test for no new acquires after transaction abort (Closes: #984966)
    (LP: #1918920)

  [ Julian Andres Klode ]
  * Implement update --error-on=any (Closes: #594813) (LP: #1693900)
  * Include all translations when building the cache (LP: #1907850)
  * Do not require force-loopbreak on Protected packages (Closes: #983014)
    (LP: #1916725)
  * RunScripts: Do not reset SIGQUIT and SIGINT to SIG_DFL (LP: #1898026)
  * Protect currently running kernel at run-time (LP: #1615381)
  * Make ADDARG{,C}() macros expand to single statements

 -- Julian Andres Klode <email address hidden> Fri, 12 Mar 2021 09:22:11 +0100

Changed in apt (Ubuntu Groovy):
status: Fix Committed → Fix Released
Revision history for this message
Brian Murray (brian-murray) wrote : Update Released

The verification of the Stable Release Update for apt has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 1.6.13

---------------
apt (1.6.13) bionic; urgency=medium

  [ David Kalnischkies ]
  * Fix incorrect base64 encoding due to int promotion (LP: #1916050)
  * Harden test for no new acquires after transaction abort (Closes: #984966)
    (LP: #1918920)

  [ Julian Andres Klode ]
  * Implement update --error-on=any (Closes: #594813) (LP: #1693900)
  * Include all translations when building the cache (LP: #1907850)
  * Add basic support for the Protected field
  * Do not require force-loopbreak on Important packages
    (Closes: #983014) (LP: #1916725)
  * Protect currently running kernel at run-time (LP: #1615381)
  * Make ADDARG{,C}() macros expand to single statements
  * Improve immediate configuration handling (LP: #1871268)
    - Do not immediately configure m-a: same packages in lockstep
    - Ignore failures from immediate configuration. This does not change the
      actual installation ordering - we never passed the return code to the
      caller and installation went underway anyway if it could be ordered at a
      later stage, this just removes spurious after-the-fact errors.
      (Closes: #973305, #188161, #211075, #649588)
  * Default Acquire::AllowReleaseInfoChange::Suite to "true" (Closes: #931566)
    (LP: #1918907)

  [ Balint Reczey ]
  * Set LC_ALL=C.UTF-8 for unattended-upgrades environment when parsing its --help
    (LP: #1806076)

 -- Julian Andres Klode <email address hidden> Fri, 12 Mar 2021 14:09:15 +0100

Changed in apt (Ubuntu Bionic):
status: Fix Committed → Fix Released
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 2.0.5

---------------
apt (2.0.5) focal; urgency=medium

  [ Julian Andres Klode ]
  * private-search: Only use V.TranslatedDescription() if good (LP: #1877987)
  * Implement update --error-on=any (Closes: #594813) (LP: #1693900)
  * Include all translations when building the cache (LP: #1907850)
  * Add basic support for the Protected field, and do not require force-loopbreak
    on Protected/Important packages (Closes: #983014) (LP: #1916725)
  * Protect currently running kernel at run-time (LP: #1615381)
  * Make ADDARG{,C}() macros expand to single statements
  * Default Acquire::AllowReleaseInfoChange::Suite to "true" (Closes: #931566)
    (LP: #1918907)

  [ David Kalnischkies ]
  * Fix incorrect base64 encoding due to int promotion (LP: #1916050)
  * Harden test for no new acquires after transaction abort (Closes: #984966)
    (LP: #1918920)

 -- Julian Andres Klode <email address hidden> Fri, 12 Mar 2021 12:47:30 +0100

Changed in apt (Ubuntu Focal):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.