Ubuntu
redmine package

unattended-upgrades brakes redmine gem dependency

Bug #1706740 reported by Mikkel Kirkgaard Nielsen
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
redmine (Ubuntu)
New
Undecided
Unassigned

Bug Description

On a Ubuntu 16.04 system deploying a Redmine issue tracker using the Ubuntu redmine package this night's (the systemd apt-daily timer has been rescheduled to run at 00:30) unattended upgrade of USN-3365 security updates to Ruby packages (https://usn.ubuntu.com/usn/usn-3365-1/) caused the Redmine application to break.

Accessing the site caused Phusion Passenger to come up with a "We're sorry, but something went wrong.". The problem was identified and notified by email during the upgrade's processing of triggers on the redmine package where it was determined that the gem dependency "webrat" somehow was unavailable.

The situation was resolved by running "bundle install" in the base directory /usr/share/redmine which caused most of the gems to be updated but I feel uneasy about this being a problem at all and fear breakage on future upgrades.

I'm not too familiar with ruby, gems, bundler and apt triggers, so I've been unable to grasp where things go wrong and where a remedy is best deployed. Could it be as simple as adding a bundle update/install to the redmine trigger?

Besides the core dependency to webrat, I got a plugin referring to webrat also:
$ grep -r webrat /var/lib/redmine/ /usr/share/redmine
/var/lib/redmine/Gemfile.lock: webrat (0.7.3)
/var/lib/redmine/Gemfile.lock: webrat
/usr/share/redmine/plugins/redmine_timesheet_plugin/Gemfile: gem 'webrat'
/usr/share/redmine/plugins/redmine_timesheet_plugin/test/test_helper.rb:require "webrat"

From /var/log/unattended-upgrades/unattended-upgrades-dpkg.log

    Log started: 2017-07-26 00:30:16
    Reading changelogs...
    (Reading database ... ^M(Reading database ... 5%^M(Reading database ... 10%^M(Reading database ... 15%^M(Reading database ... 20%^M(Reading database ... 25%^M(Reading database ... 30%^M(Reading database ... 35%^M(Reading database ... 40%^M(Reading database ... 45%^M(Reading database ... 50%^M(Reading database ... 55%^M(Reading database ... 60%^M(Reading database ... 65%^M(Reading database ... 70%^M(Reading database ... 75%^M(Reading database ... 80%^M(Reading database ... 85%^M(Reading database ... 90%^M(Reading database ... 95%^M(Reading database ... 100%^M(Reading database ... 286395 files and directories currently installed.)
    Preparing to unpack .../ruby2.3-dev_2.3.1-2~16.04.2_amd64.deb ...
    Unpacking ruby2.3-dev:amd64 (2.3.1-2~16.04.2) over (2.3.1-2~16.04) ...
    Preparing to unpack .../libruby2.3_2.3.1-2~16.04.2_amd64.deb ...
    Unpacking libruby2.3:amd64 (2.3.1-2~16.04.2) over (2.3.1-2~16.04) ...
    Preparing to unpack .../ruby2.3_2.3.1-2~16.04.2_amd64.deb ...
    Unpacking ruby2.3 (2.3.1-2~16.04.2) over (2.3.1-2~16.04) ...
    Processing triggers for libc-bin (2.23-0ubuntu9) ...
    Processing triggers for redmine (3.2.1-2) ...
    Determining localhost credentials from /etc/mysql/debian.cnf: succeeded.
    ESC[31mCould not find gem 'webrat' in any of the gem sources listed in your Gemfile or
    available on this machine.ESC[0m
    dpkg: error processing package redmine (--unpack):
    subprocess installed post-installation script returned error exit status 7
    Processing triggers for man-db (2.7.5-1) ...
    Errors were encountered while processing:
    redmine
    Log ended: 2017-07-26 00:30:21

From /var/log/unattended-upgrades/unattended-upgrades.log

    2017-07-26 00:30:11,371 INFO Starting unattended upgrades script
    2017-07-26 00:30:11,371 INFO Allowed origins are: ['o=Ubuntu,a=xenial', 'o=Ubuntu,a=xenial-security', 'o=UbuntuESM,a=xenial']
    2017-07-26 00:30:15,947 INFO Packages that will be upgraded: libruby2.3 ruby2.3 ruby2.3-dev
    2017-07-26 00:30:15,948 INFO Writing dpkg log to '/var/log/unattended-upgrades/unattended-upgrades-dpkg.log'
    2017-07-26 00:30:21,299 ERROR Installing the upgrades failed!
    2017-07-26 00:30:21,299 ERROR error message: 'installArchives() failed'
    2017-07-26 00:30:21,299 ERROR dpkg returned a error! See '/var/log/unattended-upgrades/unattended-upgrades-dpkg.log' for details

$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.2 LTS
Release: 16.04
Codename: xenial

$ apt-cache policy redmine passenger
redmine:
  Installed: 3.2.1-2
  Candidate: 3.2.1-2
  Version table:
 *** 3.2.1-2 500
        500 http://dk.archive.ubuntu.com/ubuntu xenial/universe amd64 Packages
        500 http://dk.archive.ubuntu.com/ubuntu xenial/universe i386 Packages
        100 /var/lib/dpkg/status
passenger:
  Installed: 5.0.27-2
  Candidate: 5.0.27-2
  Version table:
 *** 5.0.27-2 500
        500 http://dk.archive.ubuntu.com/ubuntu xenial/universe amd64 Packages
        100 /var/lib/dpkg/status

Mikkel Kirkgaard Nielsen (mikini)
affects: unattended-upgrades (Ubuntu) → redmine (Ubuntu)
Revision history for this message
Mikkel Kirkgaard Nielsen (mikini) wrote :
Download full text (8.3 KiB)

Issue popped up again this night on unattended-upgrade of apache packages affected by USN-3370 (https://usn.ubuntu.com/usn/usn-3370-1/).

Running "bundle install" manually, again, fixed the issue (sudo seems to be necessary despite the warning). Note that none of the gems are actually updated, but some meta-data must be refreshed which brings it back to a functional state:

/usr/share/redmine$ sudo bundler install
Don't run Bundler as root. Bundler can ask for sudo if it is needed, and installing your bundle as root will break this
application for all non-root users on this machine.
Fetching gem metadata from https://rubygems.org/...........
Fetching version metadata from https://rubygems.org/...
Fetching dependency metadata from https://rubygems.org/..
Resolving dependencies....
Using rake 12.0.0
Using i18n 0.8.6
Using minitest 5.10.3
Using thread_safe 0.3.6
Using builder 3.2.3
Using erubis 2.7.0
Using nokogiri 1.6.7.2
Using rack 1.6.8
Using mime-types-data 3.2016.0521
Using arel 6.0.4
Using public_suffix 2.0.5
Using bundler 1.11.2
Using coderay 1.1.1
Using colorize 0.8.1
Using concurrent-ruby 1.0.5
Using polyglot 0.3.5
Using thor 0.19.4
Using htmlentities 4.3.4
Using mysql2 0.4.8
Using net-ldap 0.16.0
Using ruby-openid 2.7.0
Using rbpdf-font 1.19.1
Using redcarpet 3.4.0
Using request_store 1.3.2
Using rmagick 2.16.0
Using tzinfo 1.2.3
Using loofah 2.0.3
Using rack-test 0.6.3
Using mime-types 3.1
Using addressable 2.5.1
Using sprockets 3.7.1
Using rack-openid 1.4.2
Using rbpdf 1.19.2
Using activesupport 4.2.9
Using rails-html-sanitizer 1.0.3
Using mail 2.6.6
Using css_parser 1.5.0
Using rails-deprecated_sanitizer 1.0.3
Using globalid 0.4.0
Using activemodel 4.2.9
Using roadie 3.2.2
Using rails-dom-testing 1.0.8
Using activejob 4.2.9
Using activerecord 4.2.9
Using protected_attributes 1.1.4
Using actionview 4.2.9
Using actionpack 4.2.9
Using actionmailer 4.2.9
Using actionpack-action_caching 1.2.0
Using actionpack-xml_parser 1.0.2
Using railties 4.2.9
Using sprockets-rails 3.2.0
Using jquery-rails 4.3.1
Using roadie-rails 1.2.1
Using rails 4.2.9
Using deface 1.0.2
Bundle complete! 25 Gemfile dependencies, 56 gems now installed.
Gems in the groups development and test were not installed.

Error from Passenger in Apache log:

[ 2017-07-28 00:30:46.2854 5565/7f4b20418700 age/Cor/App/Implementation.cpp:304 ]: Could not spawn process for application /u
sr/share/redmine: An error occurred while starting up the preloader.
  Error ID: ea7fc5a3
  Error details saved to: /tmp/passenger-error-U5xzoP.html
  Message from application: <p>It looks like Bundler could not find a gem. Maybe you didn't install all the gems that this ap
plication needs. To install your gems, please run:</p>

  <pre class="commands">bundle install</pre>

<p>If that didn't work, then the problem is probably caused by your application being run under a different environment than it's supposed to. Please check the following:</p>

<ol>
  <li>Is this app supposed to be run as the <code>www-data</code> user?</li>
  <li>Is this app being run on the correct Ruby interpreter? Below you will
      see which Ruby interpreter Phusion Passenger attempted to use.</li>
</ol>

<p>-------- The ex...

Read more...

summary: - ruby upgrade broke redmine dependency
+ unattended-upgrades brakes redmine gem dependency
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.