motd-news: use wget instead of curl
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
| base-files (Ubuntu) |
Undecided
|
Unassigned | ||
| Xenial |
Undecided
|
Andreas Hasenack | ||
| Bionic |
Undecided
|
Andreas Hasenack | ||
| Focal |
Undecided
|
Andreas Hasenack |
Bug Description
[Impact]
The motd-news script is using curl, but since that is an optional package, there is no guarantee that it will be installed. The script correctly checks for its presence before trying to use it, though, so it won't fail. As we don't want to add such a dependency to the base-files package, we should switch to wget, which is standard.
[Test Case]
wget has a different behavior than curl in some areas, one of which is crucial for the motd-per-cloud feature. While curl will only complain about a 404 from the server if given a specific parameter (-f), wget does that by default, and needs special handling.
a) With curl, base-files and ubuntu-server installed, first verify motd-news works:
$ sudo /etc/update-
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
Now remove curl, and retry. It should exit immediately with no output:
$ sudo /etc/update-
Install the updated base-files package and the new motd-news-config package from proposed:
$ sudo apt install base-files motd-news-config
Note curl is still not available:
$ curl
Command 'curl' not found, but can be installed with:
sudo apt install curl
Re-run the motd-news script, this time it should produce output again:
$ sudo /etc/update-
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
b) Verify motd-news per cloud remains working.
If you have /usr/bin/cloud-id, copy it to a backup:
sudo cp /usr/bin/
Create a new one, per supported cloud. For aws, for example:
echo -e '#!/bin/sh\necho aws' | sudo tee /usr/bin/cloud-id
Confirm by running it:
$ cloud-id
aws
And confirm motd-news keeps working (it might return different content):
$ sudo /etc/update-
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
Repeat for the gce and azure clouds, by changing the cloud-id script accordingly.
To confirm the right cloud_id is being used, use sh -x and grep for its output:
$ sudo sh -x /etc/update-
+ wget --timeout 60 -U wget/1.
This also verifies again it's using wget instead of curl.
[Regression Potential]
Possible regressions will likely be tied to a difference in behavior between curl and wget. In fact, one was caught[1] in the development release and the fix is included here, with a test.
[Other Info]
N/A
Related branches
- Canonical Server Core Reviewers: Pending requested 2020-09-15
- Canonical Server Team: Pending requested 2020-09-15
-
Diff: 234 lines (+95/-0) (has conflicts)9 files modifieddebian/base-files.maintscript (+4/-0)
debian/changelog (+40/-0)
debian/control (+9/-0)
debian/motd-news-config.postinst (+8/-0)
debian/postinst.in (+12/-0)
etc/issue (+4/-0)
etc/issue.net (+4/-0)
etc/lsb-release (+6/-0)
etc/os-release (+8/-0)
- Christian Ehrhardt : Approve on 2020-08-17
- Canonical Server Team: Pending requested 2020-08-13
-
Diff: 362 lines (+197/-15)10 files modifieddebian/changelog (+35/-0)
debian/conffiles (+0/-1)
debian/control (+13/-1)
debian/motd-news-config.conffiles (+1/-0)
debian/motd-news-config.postinst (+50/-0)
debian/postinst.in (+19/-0)
debian/postrm (+6/-0)
debian/preinst (+34/-0)
debian/rules (+19/-4)
debian/update-motd.d/50-motd-news (+20/-9)
- Christian Ehrhardt : Approve on 2020-08-17
- Canonical Server Team: Pending requested 2020-08-07
-
Diff: 254 lines (+137/-11)8 files modifieddebian/base-files.maintscript (+2/-0)
debian/changelog (+33/-0)
debian/control (+13/-1)
debian/motd-news-config.install (+1/-0)
debian/motd-news-config.postinst (+55/-0)
debian/postinst.in (+13/-0)
debian/rules (+0/-1)
update-motd.d/50-motd-news (+20/-9)
- Christian Ehrhardt : Approve on 2020-08-17
- Canonical Server Team: Pending requested 2020-08-06
-
Diff: 252 lines (+137/-11)8 files modifieddebian/base-files.maintscript (+1/-0)
debian/changelog (+33/-0)
debian/control (+14/-1)
debian/motd-news-config.install (+1/-0)
debian/motd-news-config.postinst (+55/-0)
debian/postinst.in (+13/-0)
debian/rules (+0/-1)
motd/50-motd-news (+20/-9)
Andreas Hasenack (ahasenack) wrote : | #1 |
Changed in base-files (Ubuntu Xenial): | |
status: | New → In Progress |
Changed in base-files (Ubuntu Bionic): | |
status: | New → In Progress |
Changed in base-files (Ubuntu Focal): | |
status: | New → In Progress |
Changed in base-files (Ubuntu Xenial): | |
assignee: | nobody → Andreas Hasenack (ahasenack) |
Changed in base-files (Ubuntu Bionic): | |
assignee: | nobody → Andreas Hasenack (ahasenack) |
Changed in base-files (Ubuntu Focal): | |
assignee: | nobody → Andreas Hasenack (ahasenack) |
Changed in base-files (Ubuntu): | |
assignee: | Andreas Hasenack (ahasenack) → nobody |
status: | In Progress → Fix Released |
description: | updated |
Hello Andreas, or anyone else affected,
Accepted base-files into focal-proposed. The package will build now and be available at https:/
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-
Further information regarding the verification process can be found at https:/
N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.
Changed in base-files (Ubuntu Focal): | |
status: | In Progress → Fix Committed |
tags: | added: verification-needed verification-needed-focal |
Changed in base-files (Ubuntu Bionic): | |
status: | In Progress → Fix Committed |
tags: | added: verification-needed-bionic |
Timo Aaltonen (tjaalton) wrote : | #3 |
Hello Andreas, or anyone else affected,
Accepted base-files into bionic-proposed. The package will build now and be available at https:/
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-
Further information regarding the verification process can be found at https:/
N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.
Changed in base-files (Ubuntu Xenial): | |
status: | In Progress → Fix Committed |
tags: | added: verification-needed-xenial |
Timo Aaltonen (tjaalton) wrote : | #4 |
Hello Andreas, or anyone else affected,
Accepted base-files into xenial-proposed. The package will build now and be available at https:/
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-
Further information regarding the verification process can be found at https:/
N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.
Andreas Hasenack (ahasenack) wrote : | #5 |
Focal verification
Test (a)
Current base-files, ubuntu-server and curl installed:
ii base-files 11ubuntu5.1 amd64 Debian base system miscellaneous files
ii curl 7.68.0-1ubuntu2.2 amd64 command line tool for transferring data with URL syntax
ii ubuntu-server 1.450.1 amd64 The Ubuntu Server system
motd-news runs:
$ sudo /etc/update-
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
Without curl:
$ dpkg -l curl | grep curl
un curl <none> <none> (no description available)
motd-news exits immediately:
ubuntu@
ubuntu@
0
With base-files and motd-news-config from focal-proposed:
ubuntu@
base-files:
Installed: 11ubuntu5.2
Candidate: 11ubuntu5.2
Version table:
*** 11ubuntu5.2 500
500 http://
(...)
motd-news-config:
Installed: 11ubuntu5.2
Candidate: 11ubuntu5.2
Version table:
*** 11ubuntu5.2 500
500 http://
Still no curl:
$ dpkg -l curl | grep curl
un curl <none> <none> (no description available)
motd-news works again:
$ sudo /etc/update-
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
Test (b)
Verify motd-news per cloud remains working.
b1) aws
ubuntu@
aws
$ sudo /etc/update-
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
cloud_id/aws was sent:
$ sudo sh -x /etc/update-
+ wget --timeout 60 -U wget/1.
b2) gce
ubuntu@
gce
ubuntu@
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
ubuntu@
+ wget --timeout 60 -U wget/1.
b3) azure
ubuntu@
azure
ubuntu@
* Are you ready for Kubernetes 1.19?...
Andreas Hasenack (ahasenack) wrote : | #6 |
Bionic verification
Test (a)
Current base-files, ubuntu-server and curl installed:
ii base-files 10.1ubuntu2.9 amd64 Debian base system miscellaneous files
ii curl 7.58.0-2ubuntu3.10 amd64 command line tool for transferring data with URL syntax
ii ubuntu-server 1.417.4 amd64 The Ubuntu Server system
motd-news runs:
$ sudo /etc/update-
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
Without curl, it exits immediately:
ubuntu@
un curl <none> <none> (no description available)
ubuntu@
ubuntu@
0
ubuntu@
Installing base-files and motd-news-config from bionic-proposed:
ubuntu@
base-files:
Installed: 10.1ubuntu2.10
Candidate: 10.1ubuntu2.10
Version table:
*** 10.1ubuntu2.10 500
500 http://
100 /var/lib/
(...)
motd-news-config:
Installed: 10.1ubuntu2.10
Candidate: 10.1ubuntu2.10
Version table:
*** 10.1ubuntu2.10 500
500 http://
Still no curl:
$ dpkg -l curl | grep curl
un curl <none> <none> (no description available)
motd-news works again:
ubuntu@
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
ubuntu@
0
Test (b)
Verify motd-news per cloud remains working.
b1) aws
ubuntu@
aws
ubuntu@
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
ubuntu@
+ wget --timeout 60 -U wget/1.
b2) gce
ubuntu@
gce
ubuntu@
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
ubuntu@
+ wget --timeout 60 -U wget/1.
tags: |
added: verification-done-bionic verification-done-focal removed: verification-needed-bionic verification-needed-focal |
Andreas Hasenack (ahasenack) wrote : | #7 |
Xenial verification
Test (a)
Current base-files and curl installed (no ubuntu-server out-of-the-box on xenial lxd images):
ii base-files 9.4ubuntu4.12 amd64 Debian base system miscellaneous files
ii curl 7.47.0-1ubuntu2.16 amd64 command line tool for transferring data with URL syntax
motd-news runs:
ubuntu@
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
Remove curl, and it exits immediatelly:
ubuntu@
un curl <none> <none> (no description available)
ubuntu@
ubuntu@
0
With base-files and motd-news-config from xenial-proposed:
base-files:
Installed: 9.4ubuntu4.13
Candidate: 9.4ubuntu4.13
Version table:
*** 9.4ubuntu4.13 500
500 http://
100 /var/lib/
(...)
motd-news-config:
Installed: 9.4ubuntu4.13
Candidate: 9.4ubuntu4.13
Version table:
*** 9.4ubuntu4.13 500
500 http://
Still with curl removed:
ubuntu@
un curl <none> <none> (no description available)
motd-news works again:
ubuntu@
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
ubuntu@
0
Test (b)
Verify motd-news per cloud remains working.
b1) aws
ubuntu@
aws
ubuntu@
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
ubuntu@
+ wget --timeout 60 -U wget/1.
b2) gce
ubuntu@
gce
ubuntu@
* Are you ready for Kubernetes 1.19? It's nearly here! Try RC3 with
sudo snap install microk8s --channel=
https:/
ubuntu@
+ wget --timeout 60 -U wget/1.
b3) azure
ubuntu@...
tags: |
added: verification-done-xenial removed: verification-needed-xenial |
Can you stop launching wget or curl as root? -- Please!
Launching a web crawler/browser such as wget or curl as super user root is a bad design
specially if it runs in background without user consent and knowledge every 12h on all
Ubuntu Desktop and Server based devices worldwide.
It does not following IT Best Practices and is part of a unremovable package aka base-files
https:/
REFERENCES
https:/
tags: | removed: verification-needed |
Launchpad Janitor (janitor) wrote : | #9 |
This bug was fixed in the package base-files - 9.4ubuntu4.13
---------------
base-files (9.4ubuntu4.13) xenial; urgency=medium
[ Andreas Hasenack ]
* motd/50-motd-news: don't include uptime in the user-agent string
(LP: #1886572)
* Move the /etc/default/
package (LP: #1888575):
- d/postinst.in, d/postrm, d/preinst: remove /etc/default/
config file on base-files upgrade using dpkg-maintscrip
- d/rules: install d/preinst
- d/control: break on ubuntu-server << 1.361.5 to force an upgrade if
it is installed, which will pull motd-news-config and the conffile
back in
- d/control: new motd-news-config package, carrying the
configuration file for the /etc/update-
- d/motd-
+ handle the upgrade case where the motd-news config file was
changed while it belonged to base-files
+ disable motd-news if the config file was removed by hand before
the upgrade
- d/postinst.in: signal the motd-news-config package if the
motd-news config file was removed manually before the upgrade
- d/conffiles: remove motd-news
- d/rules, d/motd-
without debhelper
[ Steve Langasek ]
* motd/50-motd-news: use wget instead of curl, since wget is standard but
curl is optional (LP: #1888572):
- This changes the timeout behavior slightly because wget does not have
an exact equivalent to curl's --max-time argument, we are using
--timeout instead.
-- Andreas Hasenack <email address hidden> Mon, 17 Aug 2020 11:19:19 -0300
Changed in base-files (Ubuntu Xenial): | |
status: | Fix Committed → Fix Released |
The verification of the Stable Release Update for base-files has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.
Launchpad Janitor (janitor) wrote : | #11 |
This bug was fixed in the package base-files - 10.1ubuntu2.10
---------------
base-files (10.1ubuntu2.10) bionic; urgency=medium
[ Andreas Hasenack ]
* motd/50-motd-news: don't include uptime in the user-agent string
(LP: #1886572)
* Move the /etc/default/
package (LP: #1888575):
- d/base-
on upgrade
- d/control: break on ubuntu-server << 1.417.5 to force an upgrade if
it is installed, which will pull motd-news-config and the conffile
back in
- d/motd-
+ handle the upgrade case where the motd-news config file was
changed while it belonged to base-files
+ disable motd-news if the config file was removed by hand before
the upgrade
- d/postinst.in: signal the motd-news-config package if the
motd-news config file was removed manually before the upgrade
- d/control: new motd-news-config package, carrying the
configuration file for the /etc/update-
- d/rules, d/motd-
motd-
[ Steve Langasek ]
* motd/50-motd-news: use wget instead of curl, since wget is standard but
curl is optional (LP: #1888572):
- This changes the timeout behavior slightly because wget does not have
an exact equivalent to curl's --max-time argument, we are using
--timeout instead.
-- Andreas Hasenack <email address hidden> Thu, 13 Aug 2020 15:59:47 -0300
Changed in base-files (Ubuntu Bionic): | |
status: | Fix Committed → Fix Released |
Launchpad Janitor (janitor) wrote : | #12 |
This bug was fixed in the package base-files - 11ubuntu5.2
---------------
base-files (11ubuntu5.2) focal; urgency=medium
[ Andreas Hasenack ]
* motd/50-motd-news: don't include uptime in the user-agent string
(LP: #1886572)
* Move the /etc/default/
package (LP: #1888575):
- d/base-
on upgrade
- d/control: break on ubuntu-server << 1.450.2 to force an upgrade if
it is installed, which will pull motd-news-config and the conffile
back in
- d/motd-
+ handle the upgrade case where the motd-news config file was
changed while it belonged to base-files
+ disable motd-news if the config file was removed by hand before
the upgrade
- d/postinst.in: signal the motd-news-config package if the
motd-news config file was removed manually before the upgrade
- d/control: new motd-news-config package, carrying the
configuration file for the /etc/update-
- d/rules, d/motd-
motd-
[ Steve Langasek ]
* motd/50-motd-news: use wget instead of curl, since wget is standard but
curl is optional (LP: #1888572):
- This changes the timeout behavior slightly because wget does not have
an exact equivalent to curl's --max-time argument, we are using
--timeout instead.
-- Andreas Hasenack <email address hidden> Mon, 17 Aug 2020 10:31:58 -0300
Changed in base-files (Ubuntu Focal): | |
status: | Fix Committed → Fix Released |
This was fixed for groovy in https:/ /launchpad. net/ubuntu/ +source/ base-files/ 11ubuntu9