Ubuntu
debconf package

Upgrading unattended-upgrades gives errors and a warning

Bug #1642863 reported by Chai T. Rex
10
This bug affects 2 people
Affects Status Importance Assigned to Milestone
debconf (Ubuntu)
Confirmed
Wishlist
Unassigned

Bug Description

Ubuntu release
==============

Description: Ubuntu 16.04.1 LTS
Release: 16.04

Package version
===============

unattended-upgrades:
  Installed: 0.90ubuntu0.2
  Candidate: 0.90ubuntu0.2
  Version table:
 *** 0.90ubuntu0.2 500
        500 http://archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
        500 http://archive.ubuntu.com/ubuntu xenial-updates/main i386 Packages
        100 /var/lib/dpkg/status
     0.90 500
        500 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
        500 http://archive.ubuntu.com/ubuntu xenial/main i386 Packages

What I expected to happen
=========================

No error or warning messages during a software upgrade.

What happened instead
=====================

When an updated version of unattended-upgrades is installed, the following error messages appear because /tmp is mounted noexec for security reasons (see the Securing Debian Manual, section 4.10 at https://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html#s4.10):

    Preconfiguring packages ...
    Can't exec "/tmp/unattended-upgrades.config.5svL0F": Permission denied at /usr/share/perl/5.22/IPC/Open3.pm line 178.
    open2: exec of /tmp/unattended-upgrades.config.5svL0F configure 0.90ubuntu0.1 failed at /usr/share/perl5/Debconf/ConfModule.pm line 59.

Also, the following warning occurs later on:

    Setting up unattended-upgrades (0.90ubuntu0.2) ...
    update-rc.d: warning: start and stop actions are no longer supported; falling back to defaults

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: unattended-upgrades 0.90ubuntu0.2
ProcVersionSignature: Ubuntu 4.4.0-47.68-generic 4.4.24
Uname: Linux 4.4.0-47-generic x86_64
ApportVersion: 2.20.1-0ubuntu2.1
Architecture: amd64
CurrentDesktop: Unity
Date: Fri Nov 18 02:36:54 2016
DistributionChannelDescriptor:
 # This is a distribution channel descriptor
 # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor
 canonical-oem-somerville-xenial-amd64-20160624-2
EcryptfsInUse: Yes
InstallationDate: Installed on 2016-11-01 (17 days ago)
InstallationMedia: Ubuntu 16.04 "Xenial" - Build amd64 LIVE Binary 20160624-10:47
PackageArchitecture: all
SourcePackage: unattended-upgrades
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.apt.apt.conf.d.10periodic:
 APT::Periodic::Update-Package-Lists "0";
 APT::Periodic::Download-Upgradeable-Packages "0";
 APT::Periodic::AutocleanInterval "0";
 APT::Periodic::Unattended-Upgrade "1";
mtime.conffile..etc.apt.apt.conf.d.10periodic: 2016-11-07T13:58:08.805628

Revision history for this message
Chai T. Rex (chaitrex) wrote :
Brian Murray (brian-murray)
Changed in unattended-upgrades (Ubuntu):
importance: Undecided → Low
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in unattended-upgrades (Ubuntu):
status: New → Confirmed
Revision history for this message
Balint Reczey (rbalint) wrote :

Debconf executes scripts from /tmp by default but you can try continuing securing the system by changing apt's temp file configuration:
https://serverfault.com/questions/72356/how-useful-is-mounting-tmp-noexec

Anyway this is definitely not a bug in u-u, maybe a wishlist one for debconf.

Changed in unattended-upgrades (Ubuntu):
importance: Low → Wishlist
affects: unattended-upgrades (Ubuntu) → debconf (Ubuntu)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.