ubuntu-support-status returns inaccurate information

Bug #1574670 reported by Marc Deslauriers on 2016-04-25
360
This bug affects 13 people
Affects Status Importance Assigned to Milestone
update-manager (Ubuntu)
High
Marc Deslauriers
Precise
Undecided
Unassigned
Trusty
Undecided
Marc Deslauriers
Wily
Undecided
Unassigned
Xenial
High
Marc Deslauriers
Yakkety
Undecided
Unassigned
Artful
High
Marc Deslauriers

Bug Description

[Impact]

ubuntu-support-status returns inaccurate and misleading information.

It uses the Supported field in the Packages file which hasn't been used or updated since Ubuntu 10.04 LTS and earlier releases when we had a 3 year/5 year support split between desktop and server. (See https://wiki.ubuntu.com/SecurityTeam/FAQ#Official%20Support)

It also uses the term "unsupported" instead of "community-supported" which doesn't accurately portray the status of universe packages.

[Test Case]

After updating, ubuntu-support-status should return accurate information, and list which packages are community-supported and which are Canonical-supported. Here is an example from Xenial:

Before:

You have 1710 packages (98.8%) supported until April 2021 (5y)
You have 4 packages (0.2%) supported until April 2019 (3y)
You have 11 packages (0.6%) supported until February 2023 (5y)

You have 0 packages (0.0%) that can not/no longer be downloaded
You have 5 packages (0.3%) that are unsupported

After:

You have 1722 packages (99.5%) supported until April 2021 (Canonical - 5y)
You have 4 packages (0.2%) supported until April 2019 (Community - 3y)

You have 0 packages (0.0%) that can not/no longer be downloaded
You have 4 packages (0.2%) that are unsupported

[Regression Potential]

The changes are limited to the ubuntu-support-status tool, so in case of breakage, only the results of that tool would be either inaccurate, or the tool would not run at all.

Changed in update-manager (Ubuntu Precise):
status: New → Confirmed
Changed in update-manager (Ubuntu Trusty):
status: New → Confirmed
Changed in update-manager (Ubuntu Wily):
status: New → Confirmed
Changed in update-manager (Ubuntu Xenial):
status: New → Confirmed
Changed in update-manager (Ubuntu Yakkety):
status: New → Confirmed
Pjotr12345 (computertip) wrote :

Thanks for taking this matter up. Please provide a rewritten tool that does give accurate information....

This issue has already created worries on several Linux fora, as a consequence of this article in a reputable German IT magazine:
http://www.heise.de/ct/artikel/Ubuntu-LTS-Langzeitpflege-gibt-es-nur-fuer-das-Wichtigste-3179960.html

If German is not your strong point: the article accuses Ubuntu of breaking its LTS promise, mainly on the basis of the output of ubuntu-support-status.

It would help a lot to rebuild confidence in Ubuntu LTS support, if we would have a rewritten tool that does give correct information about the support timespan for the installed packages in Ubuntu.

Soul-Sing (soulzing) wrote :

@Marc:"Short answer: don't use ubuntu-support-status, it doesn't work."
Would you be so kind to elaborate this answer?

Marc Deslauriers (mdeslaur) wrote :

As described in the description of this bug, it uses the Supported field in the Packages file which doesn't contain accurate information for now. The output of the tool is therefore wrong.

We are looking into updating the Supported field for Ubuntu 16.04, and releasing an updated ubuntu-support-status tool for earlier releases that will return accurate information.

Pjotr12345 (computertip) wrote :

Thanks for the information about the progress. This matter has the potential of generating a lot of unnecessary bad publicity (it already did so in Germany), so hopefully you guys will be able to fix it quickly.... :-)

Thorsten Leemhuis (thleemhuis) wrote :

@Marc: You wrote "The output of the tool is therefore wrong."
Then it might be a good idea to update http://www.ubuntu.com/info/release-end-of-life, as that's a very prominent place that suggest to use this tool (to Quote: """[…]
This command will print the exact status of your system.
$ ubuntu-support-status """

Brian Murray (brian-murray) wrote :

The supported field for Yakkety is correct, so I'm setting that task to Fix Released.

bdmurray@bizarro:~$ zgrep Supported: /mnt/storage/archive-mirror/dists/yakkety/main/binary-amd64/Packages.gz | sort | uniq -c
   7414 Supported: 9m
bdmurray@bizarro:~$ zgrep -c ^Package: /mnt/storage/archive-mirror/dists/yakkety/main/binary-amd64/Packages.gz
7414

Changed in update-manager (Ubuntu Yakkety):
status: Confirmed → Fix Released
Marc Deslauriers (mdeslaur) wrote :

I'm not sure the supported field for Yakkety is in fact correct...it shows universe packages as being supported:

$ zgrep Supported: yakkety/universe/binary-amd64/Packages.gz | sort | uniq -c
     13 Supported: 9m

Moritz (moritz-naumann) wrote :

From a user perspective, ubuntu-support-status has not just been not working, but has been providing false / misleading information across the past two or three LTS releases. There is no hint on this fact available anywhere but no this bug report. Plus (to my knowledge) there is no other utility which provides reliable information on a systems' support status.

As a user, this provides me with discomfort. Maybe, as a first step, it would be good to SRU a patch which just suggests to take the utilities' output with a grain of salt?

Nish Aravamudan (nacc) on 2017-06-29
Changed in update-manager (Ubuntu):
status: Fix Released → Confirmed
Changed in update-manager (Ubuntu Yakkety):
status: Fix Released → Confirmed
Scott Moser (smoser) wrote :

I just stumbled across this in bug 1701312.
I'd like to point out that the tool claims there are unsupported packages installed by default in our official Ubuntu Images (lxd or other) in the current LTS. That seems to add to the gravity of the issue.

Changed in update-manager (Ubuntu Xenial):
importance: Undecided → High
Achim Behrens (k1l) wrote :

The issue seems to be, that ubuntu-support-status reads the package information about support timeframe and some maintainers get confused or mix or forget to set the proper timeframe for the LTS releases to 5 years (for the main repo).

On a 16.04 machine it lists python-dbg as unsupported. the reason is its set to 9month support:

> apt show python-dbg
Package: python-dbg
Version: 2.7.11-1
Priority: extra
Section: python
Source: python-defaults
Origin: Ubuntu
Maintainer: Ubuntu Developers <email address hidden>
Original-Maintainer: Matthias Klose <email address hidden>
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Installed-Size: 25,6 kB
Depends: python (= 2.7.11-1), libpython-dbg (= 2.7.11-1), python2.7-dbg (>= 2.7.11-1~)
Homepage: http://www.python.org/
Supported: 9m
Download-Size: 1.252 B
APT-Sources: http://de.archive.ubuntu.com/ubuntu xenial/main amd64 Packages
Description: Debugversion des Python-Interpreters (Version 2.7)
 Dieser Python-Interpreter wurde mit --pydebug konfiguriert. Dynamisch
 ladbare Module sucht er zuerst in /usr/lib/python2.7/lib-dynload/debug.

So what is the correct path now? file bugs for every Package where the maintainers set the Support timeframe to 9 months?

tags: added: rls-aa-incoming
Achim Behrens (k1l) wrote :

I marked the bugreports for packages affected by this on my system as duplicates:
Bug #1710718
Bug #1710719
Bug #1710720
Bug #1710721

Steve Langasek (vorlon) on 2017-08-17
Changed in update-manager (Ubuntu):
importance: Undecided → High
Changed in update-manager (Ubuntu Yakkety):
status: Confirmed → Won't Fix
Changed in update-manager (Ubuntu Wily):
status: Confirmed → Won't Fix
Changed in update-manager (Ubuntu Precise):
status: Confirmed → Won't Fix
Steve Langasek (vorlon) on 2017-08-24
tags: removed: rls-aa-incoming
Changed in update-manager (Ubuntu Artful):
assignee: nobody → Brian Murray (brian-murray)
assignee: Brian Murray (brian-murray) → Adam Conrad (adconrad)
tags: added: id-5995b3994d7b93bc9b37fad9
Marc Deslauriers (mdeslaur) wrote :
Marc Deslauriers (mdeslaur) wrote :
Marc Deslauriers (mdeslaur) wrote :
Marc Deslauriers (mdeslaur) wrote :
Marc Deslauriers (mdeslaur) wrote :
Marc Deslauriers (mdeslaur) wrote :

(need to s/supported_by_who/supported_by_whom/ or supported_by in final version of fix) (Thanks ratliff!)

tags: added: patch
Brian Murray (brian-murray) wrote :

This looks fine to me but I thought our intent was to fix it in the archive. I'll bring this up with the Foundations team tomorrow.

Marc Deslauriers (mdeslaur) wrote :

I'm only overriding the archive Supported tags in trusty and xenial. I was told we couldn't regenerate the release pocket to fix it.

Marc Deslauriers (mdeslaur) wrote :

Fix uploaded to bionic.
Uploaded packages to stable releases for sponsoring by the SRU team.

description: updated
Changed in update-manager (Ubuntu):
status: Confirmed → Fix Committed
Changed in update-manager (Ubuntu Trusty):
status: Confirmed → In Progress
Changed in update-manager (Ubuntu Xenial):
status: Confirmed → In Progress
Changed in update-manager (Ubuntu Artful):
status: Confirmed → In Progress
assignee: Adam Conrad (adconrad) → Marc Deslauriers (mdeslaur)
Changed in update-manager (Ubuntu):
assignee: Adam Conrad (adconrad) → Marc Deslauriers (mdeslaur)
Changed in update-manager (Ubuntu Trusty):
assignee: nobody → Marc Deslauriers (mdeslaur)
Changed in update-manager (Ubuntu Xenial):
assignee: nobody → Marc Deslauriers (mdeslaur)
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package update-manager - 1:18.04.3

---------------
update-manager (1:18.04.3) bionic; urgency=medium

  * ubuntu-support-status: use component to differentiate packages
    supported by the community and packages supported by Canonical.
    (LP: #1574670)

 -- Marc Deslauriers <email address hidden> Fri, 02 Feb 2018 08:07:04 -0500

Changed in update-manager (Ubuntu):
status: Fix Committed → Fix Released

Hello Marc, or anyone else affected,

Accepted update-manager into artful-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/update-manager/1:17.10.13 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-artful to verification-done-artful. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-artful. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in update-manager (Ubuntu Artful):
status: In Progress → Fix Committed
tags: added: verification-needed verification-needed-artful
Changed in update-manager (Ubuntu Xenial):
status: In Progress → Fix Committed
tags: added: verification-needed-xenial
Brian Murray (brian-murray) wrote :

Hello Marc, or anyone else affected,

Accepted update-manager into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/update-manager/1:16.04.11 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-xenial to verification-done-xenial. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-xenial. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in update-manager (Ubuntu Trusty):
status: In Progress → Fix Committed
tags: added: verification-needed-trusty
Brian Murray (brian-murray) wrote :

Hello Marc, or anyone else affected,

Accepted update-manager into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/update-manager/1:0.196.25 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-trusty to verification-done-trusty. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-trusty. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Marc Deslauriers (mdeslaur) wrote :

I have tested these updates on all releases, trusty, xenial, and artful. ubuntu-support-status now returns accurate information, and update-manager still works.

tags: added: verification-done verification-done-artful verification-done-trusty verification-done-xenial
removed: verification-needed verification-needed-artful verification-needed-trusty verification-needed-xenial
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package update-manager - 1:17.10.13

---------------
update-manager (1:17.10.13) artful; urgency=medium

  * ubuntu-support-status: use component to differentiate packages
    supported by the community and packages supported by Canonical.
    (LP: #1574670)

 -- Marc Deslauriers <email address hidden> Fri, 02 Feb 2018 09:01:11 -0500

Changed in update-manager (Ubuntu Artful):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for update-manager has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package update-manager - 1:16.04.11

---------------
update-manager (1:16.04.11) xenial; urgency=medium

  [ Steve Langasek ]
  * ubuntu-support-status: instead of checking the Release timestamp in
    the releases file for every single package on the system, get the
    release date from distro-info-data because it will always be the same.
    This speeds up the script by > 50% in testing.

  [ Marc Deslauriers ]
  * ubuntu-support-status: use component to differentiate packages
    supported by the community and packages supported by Canonical, and
    override the Supported tag for main and restricted to work around the
    inaccurate Packages files. (LP: #1574670)

 -- Marc Deslauriers <email address hidden> Fri, 02 Feb 2018 09:02:45 -0500

Changed in update-manager (Ubuntu Xenial):
status: Fix Committed → Fix Released
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package update-manager - 1:0.196.25

---------------
update-manager (1:0.196.25) trusty; urgency=medium

  [ Steve Langasek ]
  * ubuntu-support-status: instead of checking the Release timestamp in
    the releases file for every single package on the system, get the
    release date from distro-info-data because it will always be the same.
    This speeds up the script by > 50% in testing.

  [ Marc Deslauriers ]
  * ubuntu-support-status: use component to differentiate packages
    supported by the community and packages supported by Canonical,
    override the Supported tag for main and restricted to work around the
    inaccurate Packages files, hardcode the release date since
    distro-info-date isn't installed by default in Trusty. (LP: #1574670)

 -- Marc Deslauriers <email address hidden> Fri, 02 Feb 2018 09:03:31 -0500

Changed in update-manager (Ubuntu Trusty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers