Blacklisted packages are included in the "upgradable origin", while they should not

Bug #1781176 reported by Balint Reczey on 2018-07-11
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
unattended-upgrades
Fix Released
Unknown
unattended-upgrades (Ubuntu)
Undecided
Unassigned
Xenial
Undecided
Unassigned
Bionic
Undecided
Balint Reczey

Bug Description

[Impact]

 * Reports from u-u incorrectly list packages from non-upgradable origins as "Packages with upgradable origin but kept back"

 * Listing the packages incorrectly is a result of is_pkgname_in_blacklist() having a side effect and removing the side effect is part of fixing LP: #1396787 which fix is also being SRU-d.

 * The fix is removing the side effect of is_pkgname_in_blacklist()

[Test Case]

 * There is a build-time test in test/test_blacklisted_wrong_origin.py
 * To reproduce the original problem set up a system where all security updates are installed but ebtables (from bionic-updates) is not updated:
$ sudo unattended-upgrade --verbose
Initial blacklisted packages:
Initial whitelisted packages:
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
No packages found that can be upgraded unattended and no pending auto-removals
$ sudo apt upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages will be upgraded:
  apt apt-utils ebtables initramfs-tools initramfs-tools-bin initramfs-tools-core libapt-inst2.0 libapt-pkg5.0
  liblxc-common liblxc1 libpython3-stdlib lxcfs lxd lxd-client netplan.io networkd-dispatcher nplan
  python-apt-common python3 python3-apt python3-minimal python3-update-manager snapd squashfs-tools
  unattended-upgrades update-manager-core update-notifier-common
27 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 24.1 MB of archives.
After this operation, 1454 kB of additional disk space will be used.
Do you want to continue? [Y/n] n
Abort.

* blacklist ebtables, set up emails from u-u, then run u-u again:
$ sudo echo 'Unattended-Upgrade::Package-Blacklist {"ebtables";};' > /etc/apt/apt.conf.d/51unattended-upgrades-blacklist-ebtables
$ sudo echo 'Unattended-Upgrade::Mail "root";' > /etc/apt/apt.conf.d/51unattended-upgrades-mail
$ sudo unattended-upgrade --verbose
Initial blacklisted packages: ebtables
Initial whitelisted packages:
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
Packages that will be upgraded:

* Observe ebtables listed as being kept back and having upgradable origin with buggy u-u:
$ sudo cat /var/mail/mail
...
Packages with upgradable origin but kept back:
 ebtables=20
...

* Upgrade u-u to a fixed version and run it, observing ebtables to be not listed as having upgradable origin

[Regression Potential]

 * Regressions may make packages incorrectly missing from u-u's report, but the autopkgtests also cover that to some extent.

[Other Info]

 * Original report: https://github.com/mvo5/unattended-upgrades/issues/116

Changed in unattended-upgrades:
status: Unknown → Fix Released
Łukasz Zemczak (sil2100) wrote :

Looks like fixed in 1.4.

Changed in unattended-upgrades (Ubuntu):
status: New → Fix Released
Changed in unattended-upgrades (Ubuntu Bionic):
status: New → Fix Committed
tags: added: verification-needed verification-needed-bionic

Hello Balint, or anyone else affected,

Accepted unattended-upgrades into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unattended-upgrades/1.1ubuntu1.18.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Steve Langasek (vorlon) wrote :

Hello Balint, or anyone else affected,

Accepted unattended-upgrades into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unattended-upgrades/1.1ubuntu1.18.04.3 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Łukasz Zemczak (sil2100) wrote :

Hello Balint, or anyone else affected,

Accepted unattended-upgrades into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unattended-upgrades/1.1ubuntu1.18.04.4 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Balint Reczey (rbalint) on 2018-07-18
description: updated
Balint Reczey (rbalint) on 2018-07-18
tags: added: verification-failed verification-failed-bionic
removed: verification-needed verification-needed-bionic
Balint Reczey (rbalint) on 2018-07-19
Changed in unattended-upgrades (Ubuntu Bionic):
status: Fix Committed → In Progress
assignee: nobody → Balint Reczey (rbalint)
description: updated
Balint Reczey (rbalint) wrote :

I tested 1.1ubuntu1.18.04.4 and found the problem not fixed here. The problem was fixed in u-u 1.3 but changes in 1.4 made the original fix incomplete.
The side-effect of is_pkgname_in_blacklist() is still removed, but assumptions broke at the place where the function is called and as a result the content of u-u's email is the same, listing blacklisted packages like they would have allowed origins.

I submitted a fix for the current code in https://github.com/mvo5/unattended-upgrades/pull/137.

Balint Reczey (rbalint) on 2018-07-19
Changed in unattended-upgrades (Ubuntu):
status: Fix Released → In Progress
Łukasz Zemczak (sil2100) wrote :

After a quick discussion with Balint, seeing that this is an incomplete fix but without any reverse effects and introducing no regressions, I have decided to release this version as-is without the need of removal of the changes. Please re-open the bug after the package lands in -updates and fix it properly with the next upload.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unattended-upgrades - 1.1ubuntu1.18.04.4

---------------
unattended-upgrades (1.1ubuntu1.18.04.4) bionic; urgency=medium

  * Redirect stderr output in upgrade-between-snapshots, too, otherwise it
    breaks the test sometimes (LP: #1781446)

unattended-upgrades (1.1ubuntu1.18.04.3) bionic; urgency=medium

  * Redirect stderr output in upgrade-all-security, otherwise it breaks the
    test (LP: #1781446)

unattended-upgrades (1.1ubuntu1.18.04.2) bionic; urgency=medium

  [ Balint Reczey ]
  * Clear cache when autoremoval is invalid for a package set marked for
    removal and clear cache after failed commits to return from a possibly
    invalid state (LP: #1779157)
  * Don't start or gracefully stop upgrade on battery (LP: #1773033)
  * Skip updates on metered connections (Closes: #855570) (LP: #1781183)
  * Add debian/tests/upgrade-all-security to install all current security updates.
    On development releases this tests latest stable, on stable releases it tests
    the release itself.
  * Speed up unattended-upgrade (Closes: #892028, #899366) (LP: #1396787)
    - Adjust candidates only for packages to be possibly installed
    - Filter out packages cheaper when they are not from allowed origins
    - Collect autoremovable packages, too, when looking for upgradable ones
    - Measure time of running with --dry-run in autopkgtests
  * Skip starting init.d script in debhelper-generated postinst part
    (LP: #1778800)

  [ Ivan Kurnosov ]
  * Fixed is_pkgname_in_blacklist to be side-effect free. (LP: #1781176)
    Otherwise 'is_pkgname_in_blacklist' mutates the 'pkgs_kept_back' and
    'unattended-upgrades' treats the package as a blacklisted candidate

 -- Balint Reczey <email address hidden> Fri, 13 Jul 2018 10:36:23 +0200

Changed in unattended-upgrades (Ubuntu Bionic):
status: In Progress → Fix Released

The verification of the Stable Release Update for unattended-upgrades has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unattended-upgrades - 1.5ubuntu2

---------------
unattended-upgrades (1.5ubuntu2) cosmic; urgency=medium

  * Reopen Cache after commit() even when frontend locking is supported.
    This fixes build and operation with latest python-apt.

 -- Balint Reczey <email address hidden> Tue, 28 Aug 2018 15:46:25 +0200

Changed in unattended-upgrades (Ubuntu):
status: In Progress → Fix Released

Hello Balint, or anyone else affected,

Accepted unattended-upgrades into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unattended-upgrades/1.1ubuntu1.18.04.7~16.04.0 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in unattended-upgrades (Ubuntu Xenial):
status: New → Fix Committed
tags: added: verification-needed verification-needed-xenial
removed: verification-failed
Łukasz Zemczak (sil2100) wrote :

Hello Balint, or anyone else affected,

Accepted unattended-upgrades into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unattended-upgrades/1.1ubuntu1.18.04.7~16.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Balint Reczey (rbalint) wrote :

The fix is incomplete in Xenail the same way as it is incomplete in Bionic.
Tested version: 1.1ubuntu1.18.04.7~16.04.1

tags: added: verification-failed verification-failed-xenial
removed: verification-needed verification-needed-xenial
Changed in unattended-upgrades (Ubuntu Bionic):
status: Fix Released → Confirmed
Balint Reczey (rbalint) on 2019-02-11
Changed in unattended-upgrades (Ubuntu Xenial):
status: Fix Committed → In Progress
tags: added: id-5c5c4493f028f40f2e8867c3
Łukasz Zemczak (sil2100) wrote :

Hello Balint, or anyone else affected,

Accepted unattended-upgrades into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unattended-upgrades/1.1ubuntu1.18.04.9 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in unattended-upgrades (Ubuntu Bionic):
status: Confirmed → Fix Committed
tags: added: verification-needed verification-needed-bionic
removed: verification-failed verification-failed-bionic
Balint Reczey (rbalint) wrote :

Tested with 1.1ubuntu1.18.04.9 on Bionic:

...
root@bb-uu-lp-1781176-2:~# apt list --upgradable
Listing... Done
e2fsprogs/bionic-updates 1.44.1-1ubuntu1.1 amd64 [upgradable from: 1.44.1-1]
ebtables/bionic-updates 2.0.10.4-3.5ubuntu2.18.04.3 amd64 [upgradable from: 2.0.10.4-3.5ubuntu2]
libext2fs2/bionic-updates 1.44.1-1ubuntu1.1 amd64 [upgradable from: 1.44.1-1]
wireshark-common/bionic-updates,bionic-security 2.6.6-1~ubuntu18.04.0 amd64 [upgradable from: 2.4.5-1]
...
root@bb-uu-lp-1781176-2:~# unattended-upgrade --verbose --debug
Initial blacklisted packages: ebtables
Initial whitelisted packages:
Starting unattended upgrades script
...
fetch.run() result: 0
blacklist: ['ebtables']
whitelist: []
Packages that will be upgraded:=20
InstCount=3D0 DelCount=3D0 BrokenCount=3D0
Extracting content from /var/log/unattended-upgrades/unattended-upgrades-dp=
kg.log since 2019-02-22 13:20:19
Sending mail to root

From <email address hidden> Fri Feb 22 13:43:21 2019
Return-path: <email address hidden>
Envelope-to: <email address hidden>
Delivery-date: Fri, 22 Feb 2019 13:43:21 +0000
Received: from root by bb-uu-lp-1781176-2.lxd with local (Exim 4.90_1)
 (envelope-from <email address hidden>)
 id 1gxB6n-0001bL-Kz
 for <email address hidden>; Fri, 22 Feb 2019 13:43:21 +0000
Subject: unattended-upgrades result for bb-uu-lp-1781176-2: True
To: <email address hidden>
Auto-Submitted: auto-generated
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: root <email address hidden>
Message-Id: <email address hidden>
Date: Fri, 22 Feb 2019 13:43:21 +0000

Unattended upgrade returned: True

Packages that were upgraded:
 wireshark-common=20

Packages that were auto-removed:
 libwsutil8 libwiretap7 libwireshark10 libwscodecs1=20

...

root@bb-uu-lp-1781176-2:~# apt list --upgradable
Listing... Done
e2fsprogs/bionic-updates 1.44.1-1ubuntu1.1 amd64 [upgradable from: 1.44.1-1]
ebtables/bionic-updates 2.0.10.4-3.5ubuntu2.18.04.3 amd64 [upgradable from: 2.0.10.4-3.5ubuntu2]
libext2fs2/bionic-updates 1.44.1-1ubuntu1.1 amd64 [upgradable from: 1.44.1-1]

tags: added: verification-done-bionic
removed: verification-needed-bionic
Łukasz Zemczak (sil2100) wrote :

Hello Balint, or anyone else affected,

Accepted unattended-upgrades into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/unattended-upgrades/1.1ubuntu1.18.04.7~16.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Changed in unattended-upgrades (Ubuntu Xenial):
status: In Progress → Fix Committed
tags: added: verification-needed-xenial
removed: verification-failed-xenial
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package unattended-upgrades - 1.1ubuntu1.18.04.9

---------------
unattended-upgrades (1.1ubuntu1.18.04.9) bionic; urgency=medium

  * debian/changlog: Drop extra trailer after old entry
  * Don't check blacklist too early and report updates from not allowed origins
    as kept back. (LP: #1781176)
  * test/test_blacklisted_wrong_origin.py: Fix and enable test
  * Clear cache when autoremoval fails (LP: #1779157)
  * Find autoremovable kernel packages using the patterns in APT's way
    (LP: #1815494)

 -- Balint Reczey <email address hidden> Thu, 21 Feb 2019 14:58:38 +0100

Changed in unattended-upgrades (Ubuntu Bionic):
status: Fix Committed → Fix Released
Balint Reczey (rbalint) wrote :

Verified with 1.1ubuntu1.18.04.7~16.04.2 on Xenial:

...
2019-04-05 16:17:32,704 INFO Initial blacklisted packages: ebtables
2019-04-05 16:17:32,705 INFO Initial whitelisted packages:
2019-04-05 16:17:32,705 INFO Starting unattended upgrades script
2019-04-05 16:17:32,705 INFO Allowed origins are: o=Ubuntu,a=xenial, o=Ubuntu,a=xenial-security, o=UbuntuESM,a=xenial
...
2019-04-05 16:17:33,813 DEBUG Checking: busybox-static ([<Origin component:'main' archive:'xenial-updates' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>, <Origin component:'main' archive:'xenial-security' origin:'Ubuntu' label:'Ubuntu' site:'security.ubuntu.com' isTrusted:True>])
2019-04-05 16:17:33,960 DEBUG Checking: ebtables ([<Origin component:'main' archive:'xenial-updates' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>])
2019-04-05 16:17:33,962 DEBUG adjusting candidate version: ebtables=2.0.10.4-3.4ubuntu1
2019-04-05 16:17:34,660 DEBUG pkgs that look like they should be upgraded: busybox-static
2019-04-05 16:17:34,712 DEBUG fetch.run() result: 0
...
2019-04-05 16:17:37,879 INFO All upgrades installed

From <email address hidden> Fri Apr 05 16:17:38 2019
Return-path: <email address hidden>
Envelope-to: <email address hidden>
Delivery-date: Fri, 05 Apr 2019 16:17:38 +0000
Received: from root by x-uu-verify.lxd with local (Exim 4.86_2)
 (envelope-from <email address hidden>)
 id 1hCRX8-0004lu-Pd
 for <email address hidden>; Fri, 05 Apr 2019 16:17:38 +0000
Subject: [reboot required] unattended-upgrades result for x-uu-verify: True
To: <email address hidden>
Auto-Submitted: auto-generated
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: root <email address hidden>
Message-Id: <email address hidden>
Date: Fri, 05 Apr 2019 16:17:38 +0000

Unattended upgrade returned: True

Warning: A reboot is required to complete this upgrade.

Packages that were upgraded:
 busybox-static=20

Package installation log:
Log started: 2019-04-05 16:17:35
Preparing to unpack .../busybox-static_1%3a1.22.0-15ubuntu1.4_amd64.deb ...
Unpacking busybox-static (1:1.22.0-15ubuntu1.4) over (1:1.22.0-15ubuntu1) .=
..
Processing triggers for man-db (2.7.5-1) ...
Setting up busybox-static (1:1.22.0-15ubuntu1.4) ...
Log ended: 2019-04-05 16:17:37

Unattended-upgrades log:
...

Balint Reczey (rbalint) wrote :

The build-time test also passed:

https://launchpadlibrarian.net/413160112/buildlog_ubuntu-xenial-amd64.unattended-upgrades_1.1ubuntu1.18.04.7~16.04.2_BUILDING.txt.gz :
...
Running ./test_blacklisted_wrong_origin.py with python3
DEBUG:root:Checking: postgresql ([<Mock id='140375224753288'>])
.
----------------------------------------------------------------------
Ran 1 test in 0.002s

OK
...

tags: added: verification-done verification-done-xenial
removed: verification-needed verification-needed-xenial
Launchpad Janitor (janitor) wrote :
Download full text (33.9 KiB)

This bug was fixed in the package unattended-upgrades - 1.1ubuntu1.18.04.7~16.04.2

---------------
unattended-upgrades (1.1ubuntu1.18.04.7~16.04.2) xenial; urgency=medium

  * Don't check blacklist too early and report updates from not allowed origins
    as kept back. (LP: #1781176)
  * test/test_blacklisted_wrong_origin.py: Fix and enable test
  * Filter out progress indicator from dpkg log (LP: #1599646)
  * Clear cache when autoremoval fails (LP: #1779157)
  * Find autoremovable kernel packages using the patterns in APT's way
    (LP: #1815494)

unattended-upgrades (1.1ubuntu1.18.04.7~16.04.1) xenial; urgency=medium

  * Start service after systemd-logind.service to be able to take inhibition
    lock (LP: #1806487)
  * Handle gracefully when logind is down (LP: #1806487)

unattended-upgrades (1.1ubuntu1.18.04.7~16.04.0) xenial; urgency=medium

  * Backport to Xenial (LP: #1702793)
  * Revert to build-depending on debhelper (>= 9~) and dh-systemd
  * Revert configuration example changes to avoid triggering a debconf question
  * debian/postinst: Update recovery to be triggered on Xenial's package versions

unattended-upgrades (1.1ubuntu1.18.04.7) bionic; urgency=medium

  * Trigger unattended-upgrade-shutdown actions with PrepareForShutdown()
    Performing upgrades in service's ExecStop did not work when the upgrades
    involved restarting services because systemd blocked other stop/start
    actions making maintainer scripts time out and be killed leaving a broken
    system behind.
    Running unattended-upgrades.service before shutdown.target as a oneshot
    service made it run after unmounting filesystems and scheduling services
    properly on shutdown is a complex problem and adding more services to the
    mix make it even more fragile.
    The solution of monitoring PrepareForShutdown() signal from DBus
    allows Unattended Upgrade to run _before_ the jobs related to shutdown are
    queued thus package upgrades can safely restart services without
    risking causing deadlocks or breaking part of the shutdown actions.
    Also ask running unattended-upgrades to stop when shutdown starts even in
    InstallOnShutdown mode and refactor most of unattended-upgrade-shutdown to
    UnattendedUpgradesShutdown class. (LP: #1778219)
  * Increase logind's InhibitDelayMaxSec to 30s. (LP: #1778219)
    This allows more time for unattended-upgrades to shut down gracefully
    or even install a few packages in InstallOnShutdown mode, but is still a
    big step back from the 30 minutes allowed for InstallOnShutdown previously.
    Users enabling InstallOnShutdown node are advised to increase
    InhibitDelayMaxSec even further possibly to 30 minutes.
    - Add NEWS entry about increasing InhibitDelayMaxSec and InstallOnShutdown
      changes
  * Ignore "W503 line break before binary operator"
    because it will become the best practice and breaks the build
  * Stop using ActionGroups, they interfere with apt.Cache.clear()
    causing all autoremovable packages to be handled as newly autoremovable
    ones and be removed by default. Dropping ActionGroup usage does not slow
    down the most frequent case of not having anything to upgrade a...

Changed in unattended-upgrades (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.