Running 'unattended-upgrades --dry-run' reboots the machine
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
unattended-upgrades (Ubuntu) |
Fix Released
|
High
|
Brian Murray | ||
Xenial |
Fix Released
|
Undecided
|
Brian Murray | ||
Zesty |
Fix Released
|
Undecided
|
Brian Murray | ||
Artful |
Fix Released
|
Undecided
|
Brian Murray | ||
Bionic |
Fix Released
|
High
|
Brian Murray |
Bug Description
Impact
------
An Ubuntu system will unexpectedly reboot if reboot-required exists and you run unattended-upgrades in dry-run mode.
Test Case
---------
1) modify /etc/apt/
2) Ensure all updates are installed
3) sudo touch /var/run/
4) run 'sudo unattended-upgrades --dry-run'
5) watch the system reboot
With the version of unattended-upgrades from -proposed the system will not reboot.
Regression Potential
-------
This checks to see if the --dry-run switch is passed to unattended-upgrades before calling the reboot function. I guess it would be a regression to people who expect the system to reboot but that seems like a very strange corner case.
Original Description
-------
Much to my surprise, when I did a dry-run test of unattended-upgrades my server was forcibly rebooted. I must have had the file '/var/run/
But needless to say: a --dry-run should NOT perform a reboot of the server with zero warning. Seriously.
Output from /var/log/
2014-01-15 11:14:26,474 INFO Initial blacklisted packages:
2014-01-15 11:14:26,474 INFO Starting unattended upgrades script
2014-01-15 11:14:26,475 INFO Allowed origins are: ['o=Ubuntu,
2014-01-15 11:14:35,846 INFO Option --dry-run given, *not* performing real actions
2014-01-15 11:14:35,846 INFO Packages that are upgraded: bind9-host dnsutils libbind9-80 libdns81 libisc83 libisccc80 libisccfg82 liblwres80 libssl1.0.0 linux-generic-pae linux-headers-
2014-01-15 11:14:35,847 INFO Writing dpkg log to '/var/log/
2014-01-15 11:15:10,610 INFO All upgrades installed
2014-01-15 11:15:10,611 WARNING Found /var/run/
Version: 0.76ubuntu1
As an aside, it makes a lot of sense to me to put the reboot on a timer, even if it's only a one minute (i.e. shutdown -r 1). That would have at least given me a chance to prevent the reboot if I had seen the warning. If that's a configuration setting I don't see it anywhere.
Related branches
- Michael Vogt: Approve
- unattended-upgrades-developers: Pending requested
-
Diff: 38 lines (+12/-1)2 files modifieddebian/changelog (+8/-0)
unattended-upgrade (+4/-1)
Changed in unattended-upgrades (Ubuntu): | |
assignee: | nobody → Brian Murray (brian-murray) |
status: | New → Triaged |
importance: | Undecided → High |
Changed in unattended-upgrades (Ubuntu): | |
status: | Triaged → Fix Committed |
description: | updated |
Changed in unattended-upgrades (Ubuntu Xenial): | |
assignee: | nobody → Brian Murray (brian-murray) |
Changed in unattended-upgrades (Ubuntu Zesty): | |
assignee: | nobody → Brian Murray (brian-murray) |
Changed in unattended-upgrades (Ubuntu Artful): | |
assignee: | nobody → Brian Murray (brian-murray) |
Changed in unattended-upgrades (Ubuntu Xenial): | |
status: | New → In Progress |
Changed in unattended-upgrades (Ubuntu Zesty): | |
status: | New → In Progress |
Changed in unattended-upgrades (Ubuntu Artful): | |
status: | New → In Progress |
tags: | removed: verification-failed |
To be clear, I did have:
Unattended- Upgrade: :Automatic- Reboot "true";
But I still feel a reboot shouldn't actually happen during a '--dry-run'.