unattended upgrade no longer actions on shutdown

Bug #1773033 reported by Anthony G on 2018-05-23
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
unattended-upgrades (Ubuntu)
Medium
Unassigned
Bionic
Undecided
Unassigned

Bug Description

[Impact]

 * Unattended-upgrades does not install upgrades when it is configured to install updates on shutdown and when it the system is started on battery, but installs updates on battery in other cases.

 * This behaviour is unintended and confuses users, moreover installing updates on battery risks the system to be shut down in the middle of an upgrade due to depleting the battery.

 * This upload changes u-u to skip updates or gracefully stop when the system is switching to batter-powered state by default minimizing the risk of breaking the system.

[Test Case]

 * Run "unattended-upgrade --dry-run --verbose" on battery and on AC power

 * With default configuration u-u should stop with the following message on battery:
Initial blacklisted packages:
Initial whitelisted packages:
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
System is on battery power, stopping

 * On AC power it should continue:
$ sudo ./unattended-upgrade --dry-run --verbose
Initial blacklisted packages:
Initial whitelisted packages:
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
No packages found that can be upgraded unattended and no pending auto-removals

 * Add the following configuration file and check u-u continuing even on battery:
$ cat /etc/apt/apt.conf.d/51unattended-upgrades-on-battery
Unattended-Upgrade::OnlyOnACPower "false";
rbalint@yogi:~/projects/deb/unattended-upgrades$ sudo ./unattended-upgrade --dry-run --verbose
Initial blacklisted packages:
Initial whitelisted packages:
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
No packages found that can be upgraded unattended and no pending auto-removals

[Regression Potential]

 * Unattended-upgrades may fail to install updates even on AC power, but this is unlikely to happen due to the code changed being fairly simple. on_ac_power may return 255 (false) Power status could not be determined, but this is mapped to being on AC power and installing the updates, only subprocess.call("on_ac_power") == 1 makes u-u skip updates.

[Original Bug Text]

Ubuntu 17.10 and 18.04 do not install updates with InstallOnShutdown flag set.

post-install script on 14.04 and 16.04 would set options in /etc/apt/apt.conf.d/50unattended-upgrades and /etc/apt/apt.conf.d/10periodic to install updates on shutdown of ubuntu desktop. This worked on 17.10 also, until an update before the release of 18.04. After a fresh install of 18.04, ran the post install script. Below is the contents of the two files, updates do not run, even if performing an apt update and leaving the machine up for a few hours to download packages in the back ground. Both the unattended-upgrades and unattended-upgrades-shutdown log files are empty.

Description: Ubuntu 18.04 LTS
Release: 18.04

ii unattended-upgrades 1.1ubuntu1 all automatic installation of security upgrades

----------------------/etc/apt/apt.conf.d/50unattended-upgrades----------------
Unattended-Upgrade::Allowed-Origins {
        "${distro_id}:${distro_codename}";
        "${distro_id}:${distro_codename}-security";
        // Extended Security Maintenance; doesn't necessarily exist for
        // every release and this system may not have it installed, but if
        // available, the policy for updates is such that unattended-upgrades
        // should also install from here by default.
        "${distro_id}ESM:${distro_codename}";
        "${distro_id}:${distro_codename}-updates";
// "${distro_id}:${distro_codename}-proposed";
// "${distro_id}:${distro_codename}-backports";
        "LP-PPA-libreoffice:${distro_codename}";
        "Canonical:${distro_codename}";
};

Unattended-Upgrade::Package-Blacklist {
// "vim";
// "libc6";
// "libc6-dev";
// "libc6-i686";
};

Unattended-Upgrade::DevRelease "false";
Unattended-Upgrade::InstallOnShutdown "true";
Unattended-Upgrade::Remove-Unused-Dependencies "true";

---------/etc/apt/apt.conf.d/10periodic:----------------------
APT::Periodic::Update-Package-Lists "1";
APT::Periodic::Download-Upgradeable-Packages "1";
APT::Periodic::AutocleanInterval "7";
APT::Periodic::Unattended-Upgrade "1";

Balint Reczey (rbalint) wrote :

In my tests i found u-u operating properly on shutdown except when the system was started on battery, and in that case the u-u.service did not start - thus did not stop on shutdown:

$ service unattended-upgrades status
● unattended-upgrades.service - Unattended Upgrades Shutdown
   Loaded: loaded (/lib/systemd/system/unattended-upgrades.service; enabled; vendor preset: enabled)
   Active: inactive (dead)
Condition: start condition failed at Fri 2018-05-25 20:18:34 UTC; 38s ago
           └─ ConditionACPower=true was not met
     Docs: man:unattended-upgrade(8)

The change to not run on battery was introduced in 0.97, right before Artful's release.

Did you start your system on battery?

Changed in unattended-upgrades (Ubuntu):
status: New → Triaged
importance: Undecided → Medium

I have confirmed the behavior on my 18.04 laptop. Yes, it was being
started on battery and the service status matches your post. When
started on power, the unattended-upgrades install on shutdown, although
the screen is blank during the action.

I have confirmed that my 16.04 laptop does not behave in the same
manner, regardless of being started on or off battery. In either case,
the service is started and the updates are installed on shutdown - with
screen status updates. The 16.04 machine is running unattended-upgrades
0.90ubuntu0.9 = which confirms the changes you mentioned.

Thank you for the information!

On 05/25/2018 04:36 PM, Balint Reczey wrote:
> In my tests i found u-u operating properly on shutdown except when the
> system was started on battery, and in that case the u-u.service did not
> start - thus did not stop on shutdown:
>
> $ service unattended-upgrades status
> ● unattended-upgrades.service - Unattended Upgrades Shutdown
> Loaded: loaded (/lib/systemd/system/unattended-upgrades.service; enabled; vendor preset: enabled)
> Active: inactive (dead)
> Condition: start condition failed at Fri 2018-05-25 20:18:34 UTC; 38s ago
> └─ ConditionACPower=true was not met
> Docs: man:unattended-upgrade(8)
>
> The change to not run on battery was introduced in 0.97, right before
> Artful's release.
>
> Did you start your system on battery?
>
> ** Changed in: unattended-upgrades (Ubuntu)
> Status: New => Triaged
>
> ** Changed in: unattended-upgrades (Ubuntu)
> Importance: Undecided => Medium
>

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unattended-upgrades - 1.3ubuntu3

---------------
unattended-upgrades (1.3ubuntu3) cosmic; urgency=medium

  * Stop rewriting test apt.conf in test_untrusted.py.
    This fixes overwriting Unattended-Upgrade::OnlyOnACPower "false" accidentally
    and breaking the build.

 -- Balint Reczey <email address hidden> Tue, 19 Jun 2018 21:24:40 +0200

Changed in unattended-upgrades (Ubuntu):
status: Triaged → Fix Released
Balint Reczey (rbalint) on 2018-07-11
description: updated

Hello Anthony, or anyone else affected,

Accepted unattended-upgrades into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unattended-upgrades/1.1ubuntu1.18.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in unattended-upgrades (Ubuntu Bionic):
status: New → Fix Committed
tags: added: verification-needed verification-needed-bionic
Steve Langasek (vorlon) wrote :

Hello Anthony, or anyone else affected,

Accepted unattended-upgrades into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unattended-upgrades/1.1ubuntu1.18.04.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Łukasz Zemczak (sil2100) wrote :

Hello Anthony, or anyone else affected,

Accepted unattended-upgrades into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unattended-upgrades/1.1ubuntu1.18.04.4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Balint Reczey (rbalint) wrote :

Tested 1.1ubuntu1.18.04.4 and it worked as expected.

Log:
rbalint@yogi:~$ sudo unattended-upgrade --dry-run --verbose
Initial blacklisted packages:
Initial whitelisted packages:
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
No packages found that can be upgraded unattended and no pending auto-removals

# here i put the laptop on battery

rbalint@yogi:~$ sudo unattended-upgrade --dry-run --verbose
Initial blacklisted packages:
Initial whitelisted packages:
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
System is on battery power, stopping
rbalint@yogi:~$ sudo vi /etc/apt/apt.conf.d/51unattended-upgrades-on-battery
rbalint@yogi:~$ cat /etc/apt/apt.conf.d/51unattended-upgrades-on-battery
Unattended-Upgrade::OnlyOnACPower "false";
rbalint@yogi:~$ on_ac_power ; echo $?
1
rbalint@yogi:~$ sudo unattended-upgrade --dry-run --verbose
Initial blacklisted packages:
Initial whitelisted packages:
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
No packages found that can be upgraded unattended and no pending auto-removals
rbalint@yogi:~$ dpkg -l unattended-upgrades | cat
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-===================-==================-============-===========================================
ii unattended-upgrades 1.1ubuntu1.18.04.4 all automatic installation of security upgrades

tags: added: verification-done verification-done-bionic
removed: verification-needed verification-needed-bionic
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unattended-upgrades - 1.1ubuntu1.18.04.4

---------------
unattended-upgrades (1.1ubuntu1.18.04.4) bionic; urgency=medium

  * Redirect stderr output in upgrade-between-snapshots, too, otherwise it
    breaks the test sometimes (LP: #1781446)

unattended-upgrades (1.1ubuntu1.18.04.3) bionic; urgency=medium

  * Redirect stderr output in upgrade-all-security, otherwise it breaks the
    test (LP: #1781446)

unattended-upgrades (1.1ubuntu1.18.04.2) bionic; urgency=medium

  [ Balint Reczey ]
  * Clear cache when autoremoval is invalid for a package set marked for
    removal and clear cache after failed commits to return from a possibly
    invalid state (LP: #1779157)
  * Don't start or gracefully stop upgrade on battery (LP: #1773033)
  * Skip updates on metered connections (Closes: #855570) (LP: #1781183)
  * Add debian/tests/upgrade-all-security to install all current security updates.
    On development releases this tests latest stable, on stable releases it tests
    the release itself.
  * Speed up unattended-upgrade (Closes: #892028, #899366) (LP: #1396787)
    - Adjust candidates only for packages to be possibly installed
    - Filter out packages cheaper when they are not from allowed origins
    - Collect autoremovable packages, too, when looking for upgradable ones
    - Measure time of running with --dry-run in autopkgtests
  * Skip starting init.d script in debhelper-generated postinst part
    (LP: #1778800)

  [ Ivan Kurnosov ]
  * Fixed is_pkgname_in_blacklist to be side-effect free. (LP: #1781176)
    Otherwise 'is_pkgname_in_blacklist' mutates the 'pkgs_kept_back' and
    'unattended-upgrades' treats the package as a blacklisted candidate

 -- Balint Reczey <email address hidden> Fri, 13 Jul 2018 10:36:23 +0200

Changed in unattended-upgrades (Ubuntu Bionic):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for unattended-upgrades has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers