DistUpgradeController to release apt lock during PostInstallScripts
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ubuntu-release-upgrader (Ubuntu) |
Fix Released
|
Undecided
|
Chad Smith | ||
Xenial |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
=== Begin SRU Template ===
[Impact]
Any Ubuntu Advantage apt-based service is enbled via a PPA. If those PPAs are not listed as valid mirrors in mirrors.cfg the PPAs get disabled across upgrade.
UA-client has a script which will enable those PPAs across upgrade path, but needs the apt cache lock released during runPostInstallS
Validate Ubuntu Advantage apt access is retained across do-release-upgrade path so customers to not lose access to security updates after performing an upgrade.
[Test Case]
#!/bin/bash
#
# SRU Verification ubuntu-
# Test procedure:
# - launch container Trusty, Xenial or Bionic
# - Attach container to UA subscription (which activates a number of commerical PPAs
# - download and run -proposed ubuntu-
# - Assert successful upgrade
# - Confirm valid mirrors not disabled
# - Confirm third party non-commercial PPA URLs still disabled
# - Confirm third party UA commercial URLs still disabled
# (due to expected feature gap)
# - Confirm UA status reports esm-infra still disabled (known feature gap)
set -e
UA_TOKEN=$1
if [ -z "$1" ]; then
echo "Usage: $0 <contractTOKEN>"
exit 1
fi
# sources:
# ua.proposed:
# source: deb http://
# keyid: 6E34E7116C0BC933
# sources:
# ua.proposed:
# source: deb http://
# keyid: 94E187AD53A59D1
cat > test-uru.yaml <<EOF
#cloud-config
package_update: true
package_upgrade: true
apt:
sources:
ua.daily:
source: deb http://
keyid: 94E187AD53A59D1
EOF
# ua.list:
# source: deb http://
# keyid: 94E187AD53A59D1
cat > checkaptpolicy.sh <<EOF
#!/bin/bash
set -x
RELEASE=
echo -n "Current release: $RELEASE"
echo "Assert no disabled valid mirrors in /eta/apt/
! grep disable /etc/apt/
echo "Checking commercial Ubuntu Advantage PPAs apt policy and config"
apt-cache policy | grep esm.ubuntu.com
for file in \`ls /etc/apt/
echo "--- file: \${file}"
cat \${file}
done
EOF
chmod 755 checkaptpolicy.sh
declare -A NEXTDIST=( [bionic]=focal [xenial]=bionic [trusty]=xenial )
wait_for_boot() {
local vm=$1 release=$2
echo "--- Wait for cloud-init to finish"
sleep 5
if [ "${release}" = "trusty" ]; then
while [ "N 2" != "$(lxc exec ${vm} -- runlevel)" ]; do
echo "waiting on runlevel 2"
sleep 5
done
status=$(lxc exec ${vm} -- test -f /var/run/
while [ "done" != "${status}" ]; do
echo -n '.'
sleep 5
done
else
lxc exec ${vm} -- cloud-init status --wait --long
fi
}
for release in xenial; do
vm=test-
echo "--- Launch cloud-init with ua-client-
lxc launch ubuntu-
upgradereleas
if [ "${release}" != "trusty" ]; then
dist_
fi
wait_for_boot ${vm} ${release}
echo "--- Attach Ubuntu-Advantage, enabling services"
lxc exec ${vm} -- ua attach ${UA_TOKEN}
lxc exec ${vm} -- ua status --wait | tee ua-status.orig
lxc file push checkaptpolicy.sh ${vm}/
lxc exec ${vm} -- /checkaptpolicy.sh > policy.orig
lxc exec ${vm} -- wget http://
lxc exec ${vm} -- tar xzvf $upgraderelease
echo "--- Add proposed PPA to valid mirrors to exercise ua-tools do-release-upgrade"
lxc file pull ${vm}/root/
echo "http://
lxc file push mirrors.cfg ${vm}/root/
lxc exec ${vm} -- /root/$
lxc exec ${vm} -- reboot || true
sleep 10
lxc exec ${vm} grep disable /etc/apt/
lxc exec ${vm} -- ua status --wait | tee ua-status.upgrade
if [ ! -z "${dist_
echo "--- Expect do-release-upgrade disable reason to be '$dist_
lxc exec ${vm} grep "${dist_
fi
echo "--- Expect no diffs from original and upgraded ua status"
status_
[ -z "$status_diff" ] && echo "SUCCESS: no diff" || echo -e "FAILURE: unexpected diff\n$
echo "--- Ensure UA re-enabled esm across upgrade"
lxc exec ${vm} -- egrep 'lts|change' /var/log/
echo "--- Ensure UA status reports ESM enabled after upgrade"
egrep 'esm-infra.
done
[Regression Potential]
None as UA support is not yet officially introduced in Xenial or later.
This patch only allows anyone currently overriding PostUpgradeScripts in DistUpgrade.cfg to perform apt update|install operations, which were previously prohibited due to apt lock.
=== End SRU Template ===
==== Original Description ===
In order for custom PostInstallScript to add/remove apt packages and call apt update, DistUpgradecont
If the lock is still in place, DistUpgradeCont
E: Could not get lock /var/lib/
E: Unable to lock directory /var/lib/apt/lists/
Related branches
- Brian Murray (community): Approve
- git-ubuntu developers: Pending requested
-
Diff: 74 lines (+23/-3)4 files modifiedDistUpgrade/DistUpgradeController.py (+9/-1)
data/mirrors.cfg (+2/-0)
debian/changelog (+10/-0)
utils/update_mirrors.py (+2/-2)
- Brian Murray (community): Approve
-
Diff: 150 lines (+55/-19)6 files modifiedDistUpgrade/DistUpgradeController.py (+8/-0)
DistUpgrade/DistUpgradeQuirks.py (+25/-15)
data/DistUpgrade.cfg.bionic (+1/-1)
data/mirrors.cfg (+2/-0)
debian/changelog (+17/-1)
utils/update_mirrors.py (+2/-2)
- Brian Murray (community): Approve
- git-ubuntu developers: Pending requested
-
Diff: 72 lines (+22/-2)4 files modifiedDistUpgrade/DistUpgradeController.py (+8/-0)
data/mirrors.cfg (+2/-0)
debian/changelog (+10/-0)
utils/update_mirrors.py (+2/-2)
- Brian Murray: Approve
-
Diff: 37 lines (+3/-2)3 files modifiedDistUpgrade/DistUpgradeController.py (+1/-0)
data/mirrors.cfg (+1/-1)
debian/changelog (+1/-1)
- Brian Murray: Pending requested
-
Diff: 72 lines (+21/-2)4 files modifiedDistUpgrade/DistUpgradeController.py (+7/-0)
data/mirrors.cfg (+2/-0)
debian/changelog (+10/-0)
utils/update_mirrors.py (+2/-2)
Changed in ubuntu-release-upgrader (Ubuntu): | |
assignee: | nobody → Chad Smith (chad.smith) |
status: | New → In Progress |
description: | updated |
description: | updated |
tags: |
added: verification-done-bionic verification-done-focal removed: verification-needed-bionic verification-needed-focal |
description: | updated |
This bug was fixed in the package ubuntu- release- upgrader - 1:20.10.12
--------------- release- upgrader (1:20.10.12) groovy; urgency=medium
ubuntu-
[ Chad Smith ] DistUpgradeCont roller. py: release cache lock during allScripts (LP: #1897778)
* data/mirrors.cfg: add ubuntu advantage pro PPA url as valid mirror
(LP: #1893717)
* DistUpgrade/
runPostInst
[ Brian Murray ] DistUpgradeQuir ks.py: In addition to quirking python-minimal
* DistUpgrade/
we also need to quirk python-dbg. (LP: #1887544)
* Update demotions and mirrors data.
-- Chad Smith <email address hidden> Tue, 22 Sep 2020 16:59:52 -0600