notify user that the lock screen has been disabled
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | ubuntu-release-upgrader (Ubuntu) |
Wishlist
|
Brian Murray | ||
| | Bionic |
High
|
Brian Murray | ||
Bug Description
[Impact]
Users are not notified that their lock screen is disabled during an upgrade and may left there system in an insecure location during the upgrade process.
[Test Case]
1) Configure a screen lock with a short (2 minute?) timeout
2) Upgrade from Ubuntu 16.04 to Ubuntu 18.04
3) Observe that the screen is not locked during the upgrade process and you that you were not warned about it
With the version of ubuntu-
[Regression Potential]
A new dialog is being added so there is little chance of regression.
I set an upgrade running from 12.10 to 13.04 (my second attempt, the first had failed due to loss of network), and as I expected this to take some time, locked the screen and left. I returned to an _unlocked_ screen, which is obviously a security risk.
It was showing a debconf dialog (asking if I wanted to restart cron, atd, cups and rsync after upgrading libc6, probably not the most helpful thing to ask a user who may well have no idea what these are), but the logs suggest update-manager deliberately kills gnome-screensaver before starting the install phase (possibly a fix for bug 319332 or similar problems?).
If it is not practical to have screen lock actually working during an upgrade, I suggest either disabling it right at the start and giving an appropriate message if the user tries it, or pausing and waiting for user input if the screen is locked at the point where the lock needs to be disabled.
Related branches
- Steve Langasek: Approve on 2018-07-06
- Sebastien Bacher: Approve on 2018-07-06
-
Diff: 186 lines (+66/-56)3 files modifiedDistUpgrade/DistUpgradeController.py (+55/-0)
DistUpgrade/DistUpgradeQuirks.py (+1/-56)
debian/changelog (+10/-0)
| Rebecca Palmer (rebecca-palmer) wrote : | #1 |
| Rebecca Palmer (rebecca-palmer) wrote : | #2 |
| Rebecca Palmer (rebecca-palmer) wrote : | #3 |
| information type: | Private Security → Public Security |
| Changed in update-manager (Ubuntu): | |
| status: | New → Confirmed |
| importance: | Undecided → Wishlist |
| affects: | update-manager (Ubuntu) → ubuntu-release-upgrader (Ubuntu) |
| summary: |
- screen unlocks itself during upgrade to 13.04 + disable screensaver locking at start of upgrade |
| Changed in ubuntu-release-upgrader (Ubuntu): | |
| status: | Confirmed → Triaged |
| summary: |
- disable screensaver locking at start of upgrade + notify user that the lock screen has been disabled |
| Changed in ubuntu-release-upgrader (Ubuntu): | |
| status: | Triaged → In Progress |
| assignee: | nobody → Brian Murray (brian-murray) |
| tags: | added: id-5b32dfc70f54891287c5942a |
| Launchpad Janitor (janitor) wrote : | #5 |
This bug was fixed in the package ubuntu-
---------------
ubuntu-
* DistUpgradeQuir
gnome-session idle so that it is called immediately after the upgrade
starts (LP: #1778817), present a dialog notifying that the lock screen has
been disabled (LP: #1174093), and do not reenable the lock screen as it
may fail to work after a release upgrade. (LP: #1780342)
* DistUpgradeQuir
check if the system has connectivity to the snap store and replace some
desktop packages with snaps to ensure the system is similar to a fresh
install.
-- Brian Murray <email address hidden> Fri, 06 Jul 2018 11:21:11 -0700
| Changed in ubuntu-release-upgrader (Ubuntu): | |
| status: | In Progress → Fix Released |
| Changed in ubuntu-release-upgrader (Ubuntu Bionic): | |
| status: | New → In Progress |
| importance: | Undecided → Wishlist |
| assignee: | nobody → Brian Murray (brian-murray) |
| importance: | Wishlist → High |
| description: | updated |
Hello Rebecca, or anyone else affected,
Accepted ubuntu-
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-
Further information regarding the verification process can be found at https:/
| Changed in ubuntu-release-upgrader (Ubuntu Bionic): | |
| status: | In Progress → Fix Committed |
| tags: | added: verification-needed verification-needed-bionic |
| Łukasz Zemczak (sil2100) wrote : | #7 |
Hello Rebecca, or anyone else affected,
Accepted ubuntu-
Please help us by testing this new package. See https:/
If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-
Further information regarding the verification process can be found at https:/
| Brian Murray (brian-murray) wrote : | #8 |
Here's a screenshot of the lock screen dialog.
| tags: |
added: verification-done verification-done-bionic removed: verification-needed verification-needed-bionic |
| Launchpad Janitor (janitor) wrote : | #9 |
This bug was fixed in the package ubuntu-
---------------
ubuntu-
* DistUpgradeQuir
instead of trying to check the return code of the called process which
causes a Traceback. (LP: #1781412)
* data/mirrors.cfg: Update the list of official mirrors.
ubuntu-
* Purge obsolete packages, if user agrees to remove obsolete
packages. LP: #1775660
* DistUpgradeQuir
gnome-session idle so that it is called immediately after the upgrade
starts (LP: #1778817), present a dialog notifying that the lock screen has
been disabled (LP: #1174093), and do not reenable the lock screen as it
may fail to work after a release upgrade. (LP: #1780342)
* DistUpgradeQuir
check if the system has connectivity to the snap store and replace some
desktop packages with snaps to ensure the system is similar to a fresh
install. (LP: #1780841)
* data/mirrors.cfg: Update the list of official mirrors.
-- Brian Murray <email address hidden> Sun, 15 Jul 2018 10:16:16 -0700
| Changed in ubuntu-release-upgrader (Ubuntu Bionic): | |
| status: | Fix Committed → Fix Released |
The verification of the Stable Release Update for ubuntu-
This also happens on 13.04 -> 13.10 (on the first attempt and without the debconf message).