Ubuntu
update-manager package

Security update 42.9-0ubuntu2.2 uninstalls GDM

Bug #2077232 reported by Tisza Gergő
22
This bug affects 3 people
Affects Status Importance Assigned to Milestone
gnome-shell (Ubuntu)
Status tracked in Oracular
Jammy
Won't Fix
Undecided
Unassigned
Noble
Won't Fix
Undecided
Unassigned
Oracular
Fix Committed
Medium
Daniel van Vugt
gnome-software (Ubuntu)
Status tracked in Oracular
Jammy
New
Critical
Unassigned
Noble
New
Critical
Unassigned
Oracular
New
Critical
Unassigned
update-manager (Ubuntu)
Status tracked in Oracular
Jammy
New
Critical
Unassigned
Noble
New
Critical
Unassigned
Oracular
New
Critical
Unassigned

Bug Description

After running the Software Updater app, the GUI disappears and I only have terminal access. The cause seems to be gnome-shell-common 42.9-0ubuntu2.2 being marked as incompatible with gdm3.

cat /var/log/apt/history.log
```
...
Start-Date: 2024-08-16 16:05:36
Commandline: packagekit role='update-packages'
Install: notification-daemon:amd64 (3.20.0-4build1, automatic), policykit-1-gnome:amd64 (0.105-7ubuntu3, automatic)
Upgrade: gnome-shell-common:amd64 (42.9-0ubuntu2.1, 42.9-0ubuntu2.2)
Remove: gnome-shell:amd64 (42.9-0ubuntu2.1), ubuntu-desktop:amd64 (1.481.3), gdm3:amd64 (42.0-1ubuntu7.22.04.4), gnome-shell-extension-desktop-icons-ng:amd64 (43-2ubuntu1), gnome-shell-extension-appindicator:amd64 (42-2~fakesync1), chrome-gnome-shell:amd64 (10.1-5), ubuntu-session:amd64 (42.0-1ubuntu2), gnome-shell-extension-manager:amd64 (0.3.0-0ubuntu2.1), gnome-shell-extension-ubuntu-dock:amd64 (72~ubuntu5.22.04.2.1), ubuntu-desktop-minimal:amd64 (1.481.3)
End-Date: 2024-08-16 16:05:39
...
```

apt-cache policy gnome-shell gnome-shell-common
```
gnome-shell:
  Installed: 42.9-0ubuntu2.1
  Candidate: 42.9-0ubuntu2.1
  Version table:
 *** 42.9-0ubuntu2.1 500
        500 http://us.archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages
        100 /var/lib/dpkg/status
     42.0-2ubuntu1 500
        500 http://us.archive.ubuntu.com/ubuntu jammy/main amd64 Packages
gnome-shell-common:
  Installed: 42.9-0ubuntu2.1
  Candidate: 42.9-0ubuntu2.2
  Version table:
     42.9-0ubuntu2.2 500
        500 http://security.ubuntu.com/ubuntu jammy-security/main i386 Packages
 *** 42.9-0ubuntu2.1 500
        500 http://us.archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages
        500 http://us.archive.ubuntu.com/ubuntu jammy-updates/main i386 Packages
        500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages
        100 /var/lib/dpkg/status
     42.0-2ubuntu1 500
        500 http://us.archive.ubuntu.com/ubuntu jammy/main amd64 Packages
        500 http://us.archive.ubuntu.com/ubuntu jammy/main i386 Packages
```

apt install --simulate gnome-shell-common=42.9-0ubuntu2.2
```
...
The following packages will be REMOVED:
  chrome-gnome-shell gdm3 gnome-shell gnome-shell-extension-appindicator gnome-shell-extension-desktop-icons-ng gnome-shell-extension-manager gnome-shell-extension-ubuntu-dock ubuntu-desktop
  ubuntu-desktop-minimal ubuntu-session
...
```

apt install --simulate -o Debug::pkgProblemResolver=true gnome-shell-common=42.9-0ubuntu2.2
```
...
Starting pkgProblemResolver with broken count: 9
Starting 2 pkgProblemResolver with broken count: 9
Investigating (0) ubuntu-session:amd64 < 42.0-1ubuntu2 @ii mK Ib >
Broken ubuntu-session:amd64 Depends on gnome-shell:amd64 < 42.9-0ubuntu2.1 @ii pmR > (>= 3.37.91)
  Considering gnome-shell:amd64 8 as a solution to ubuntu-session:amd64 14
  Added gnome-shell:amd64 to the remove list
Investigating (0) gnome-shell-extension-appindicator:amd64 < 42-2~fakesync1 @ii mK Ib >
Broken gnome-shell-extension-appindicator:amd64 Depends on gnome-shell:amd64 < 42.9-0ubuntu2.1 @ii pmR > (>= 3.33)
  Considering gnome-shell:amd64 14 as a solution to gnome-shell-extension-appindicator:amd64 5
  Removing gnome-shell-extension-appindicator:amd64 rather than change gnome-shell:amd64
Investigating (0) gnome-shell-extension-desktop-icons-ng:amd64 < 43-2ubuntu1 @ii mK Ib >
Broken gnome-shell-extension-desktop-icons-ng:amd64 Depends on gnome-shell:amd64 < 42.9-0ubuntu2.1 @ii pmR > (>= 3.38)
  Considering gnome-shell:amd64 14 as a solution to gnome-shell-extension-desktop-icons-ng:amd64 5
  Removing gnome-shell-extension-desktop-icons-ng:amd64 rather than change gnome-shell:amd64
Investigating (0) gnome-shell-extension-ubuntu-dock:amd64 < 72~ubuntu5.22.04.2.1 @ii mK Ib >
Broken gnome-shell-extension-ubuntu-dock:amd64 Depends on gnome-shell:amd64 < 42.9-0ubuntu2.1 @ii pmR > (< 43)
  Considering gnome-shell:amd64 14 as a solution to gnome-shell-extension-ubuntu-dock:amd64 5
  Removing gnome-shell-extension-ubuntu-dock:amd64 rather than change gnome-shell:amd64
Investigating (0) gdm3:amd64 < 42.0-1ubuntu7.22.04.4 @ii mK Ib >
Broken gdm3:amd64 Depends on gnome-shell:amd64 < 42.9-0ubuntu2.1 @ii pmR > (>= 3.37.90)
  Considering gnome-shell:amd64 14 as a solution to gdm3:amd64 5
  Removing gdm3:amd64 rather than change gnome-shell:amd64
Investigating (0) ubuntu-desktop-minimal:amd64 < 1.481.3 @ii mK Ib >
Broken ubuntu-desktop-minimal:amd64 Depends on gdm3:amd64 < 42.0-1ubuntu7.22.04.4 @ii mR >
  Considering gdm3:amd64 5 as a solution to ubuntu-desktop-minimal:amd64 3
  Removing ubuntu-desktop-minimal:amd64 rather than change gdm3:amd64
Investigating (0) ubuntu-desktop:amd64 < 1.481.3 @ii mK Ib >
Broken ubuntu-desktop:amd64 Depends on gdm3:amd64 < 42.0-1ubuntu7.22.04.4 @ii mR >
  Considering gdm3:amd64 5 as a solution to ubuntu-desktop:amd64 1
  Removing ubuntu-desktop:amd64 rather than change gdm3:amd64
Investigating (0) chrome-gnome-shell:amd64 < 10.1-5 @ii mK Ib >
Broken chrome-gnome-shell:amd64 Depends on gnome-shell:amd64 < 42.9-0ubuntu2.1 @ii pmR >
  Considering gnome-shell:amd64 14 as a solution to chrome-gnome-shell:amd64 0
  Removing chrome-gnome-shell:amd64 rather than change gnome-shell:amd64
Investigating (0) gnome-shell-extension-manager:amd64 < 0.3.0-0ubuntu2.1 @ii mK Ib >
Broken gnome-shell-extension-manager:amd64 Depends on gnome-shell:amd64 < 42.9-0ubuntu2.1 @ii pmR >
  Considering gnome-shell:amd64 14 as a solution to gnome-shell-extension-manager:amd64 0
  Removing gnome-shell-extension-manager:amd64 rather than change gnome-shell:amd64
Investigating (1) ubuntu-session:amd64 < 42.0-1ubuntu2 @ii mK Ib >
Broken ubuntu-session:amd64 Depends on gnome-shell:amd64 < 42.9-0ubuntu2.1 @ii pmR > (>= 3.37.91)
  Considering gnome-shell:amd64 14 as a solution to ubuntu-session:amd64 14
  Removing ubuntu-session:amd64 rather than change gnome-shell:amd64
Done
...
```

lsb_release -rd
```
Description: Ubuntu 22.04.4 LTS
Release: 22.04
```

Revision history for this message
Tisza Gergő (gtisza) wrote :

I could restore the old state by running
    sudo apt install gnome-shell-common=42.9-0ubuntu2.1
    sudo apt install gnome-shell ubuntu-desktop gdm3 gnome-shell-extension-desktop-icons-ng gnome-shell-extension-appindicator chrome-gnome-shell ubuntu-session gnome-shell-extension-manager gnome-shell-extension-ubuntu-dock ubuntu-desktop-minimal

but for a user who is not familiar with package management tools and the command line more generally, this would practically brick their machine.

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

I'm running gnome-shell 42.9-0ubuntu2.2 right now and didn't encounter any problems, so I wonder what's different...

Changed in gnome-shell (Ubuntu):
importance: Undecided → Critical
tags: added: jammy regression-update
Revision history for this message
Steve Langasek (vorlon) wrote :

Upgrade: gnome-shell-common:amd64 (42.9-0ubuntu2.1, 42.9-0ubuntu2.2)
Remove: gnome-shell:amd64 (42.9-0ubuntu2.1),

This shows only gnome-shell-common being installed and gnome-shell being removed. What does `apt policy` show for these two packages?

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gnome-shell (Ubuntu):
status: New → Confirmed
Steve Langasek (vorlon)
Changed in gnome-shell (Ubuntu):
status: Confirmed → Incomplete
Revision history for this message
Tisza Gergő (gtisza) wrote :

> What does `apt policy` show for these two packages?

See the bug description.

I found this StackExchange question: https://askubuntu.com/questions/1477377/gnome-shell-broken-after-the-latest-update
which reports a similar error, but for an older upgrade a year ago.

Revision history for this message
Steve Langasek (vorlon) wrote :

Ok, sorry for overlooking.

Here's what it should look like:

$ apt policy gnome-shell
gnome-shell:
  Installed: (none)
  Candidate: 42.9-0ubuntu2.2
  Version table:
     42.9-0ubuntu2.2 500
        500 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages
        500 http://security.ubuntu.com/ubuntu jammy-security/main amd64 Packages
     42.0-2ubuntu1 500
        500 http://archive.ubuntu.com/ubuntu jammy/main amd64 Packages
$

The gnome-shell update is published in jammy-updates and in jammy-security, but does not show up in your apt policy output. You somehow have out of date package indices for these repositories - but you DID have an up-to-date package index for i386, which is what caused gnome-shell-common to be visible.

How did you trigger the actual update? Was this through the update-manager GUI? Did it offer to install gnome-shell-common for you and remove the other packages? Or did you use apt directly to do this?

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

This is the second time in recent memory that gnome-shell-common has caused upgrades grief. In this case, I don't think requiring equal versions is sensible:

Package: gnome-shell
  ...
  gnome-shell-common (= ${source:Version}),

The main ABIs of gnome-shell-common are /usr/share/glib-2.0/schemas and those don't change very often, so we should either:

 (a) Automatically depend on the upstream version prefix without Debian suffixes; or
 (b) Manually depend on the last version where the "common" ABI actually changed (risky because we'll forget).

That doesn't help this bug right now, but it will prevent it happening again.

Daniel van Vugt (vanvugt)
Changed in gnome-shell (Ubuntu):
importance: Critical → High
status: Incomplete → New
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

Removed tag 'regression-update' because this sounds like it's correlated with the unusual state of this machine, and could in fact happen in any gnome-shell update.

Changed in gnome-shell (Ubuntu):
status: New → Incomplete
tags: removed: regression-update
Revision history for this message
Jeremy Bícha (jbicha) wrote :

Daniel, see https://salsa.debian.org/gnome-team/libshumate/-/merge_requests/4

I didn't get any feedback on that proposal. If successful, I was intending to copy that pattern to other Debian GNOME packages.

Revision history for this message
Daniel van Vugt (vanvugt) wrote (last edit ):

Cool, that's what I was thinking of in UDENG-4068. I too was thinking an upper bound would be preferable but if lack of an upper bound isn't causing problems yet then at least ">= ${upstream:Version}" doesn't require any maintenance.

Revision history for this message
Jeremy Bícha (jbicha) wrote :

My current libshumate proposal still wouldn't help to solve this class of problem if we update gnome-shell 42.8 to 42.9; it would only help for something like 42.9-0ubuntu2.1 to 42.9-0ubuntu2.2

Revision history for this message
Tisza Gergő (gtisza) wrote :

> How did you trigger the actual update? Was this through the update-manager GUI? Did it offer to install gnome-shell-common for you and remove the other packages? Or did you use apt directly to do this?

It was a recommended upgrade, suggested by one of the GUIs that sometimes come up automatically after restart, either gnome-software or update-manager. I think gnome-software, but not really sure. I don't think it asked me anything (other than whether to do system upgrades).

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

> My current libshumate proposal still wouldn't help to solve this class of problem if we update gnome-shell 42.8 to 42.9; it would only help for something like 42.9-0ubuntu2.1 to 42.9-0ubuntu2.2

Good point. I think we'll need to use hardcoded ">= MAJORVERSION" or ">= LASTSCHEMACHANGE", not ">= ${upstream:Version}". And a ceiling isn't necessary because we're only guessing when the next breakage occurs.

Revision history for this message
Daniel van Vugt (vanvugt) wrote :

I'm going to declare this done for Oracular, but we can't fix the hard dependencies that already exist up to and including Noble. Because those dependencies are already on peoples' hard disks.

https://salsa.debian.org/gnome-team/gnome-shell/-/commit/40849f7efd55e48346ecb9ed3e171ae1ad75adb0

No longer "Incomplete" awaiting a reply to comment #6.

Changed in gnome-shell (Ubuntu Oracular):
assignee: nobody → Daniel van Vugt (vanvugt)
status: Incomplete → Fix Committed
Changed in gnome-shell (Ubuntu Noble):
status: New → Won't Fix
Changed in gnome-shell (Ubuntu Jammy):
status: New → Won't Fix
Changed in gnome-shell (Ubuntu Oracular):
importance: High → Medium
Revision history for this message
Daniel van Vugt (vanvugt) wrote :

I suppose we *could* do the same in Jammy and Noble updates. But again that only prevents the issue from recurring and doesn't fix the brokenness if it's already in that state.

Revision history for this message
Steve Langasek (vorlon) wrote :

The only thing is, installing updates through the GUI default upgrader is NOT supposed to accept solutions that require removing packages. So this really needs to be tracked down and fixed. I don't think there's anything further to be done in gnome-shell.

Changed in gnome-software (Ubuntu Jammy):
importance: Undecided → Critical
Changed in gnome-software (Ubuntu Noble):
importance: Undecided → Critical
Changed in gnome-software (Ubuntu Oracular):
importance: Undecided → Critical
Changed in update-manager (Ubuntu Jammy):
importance: Undecided → Critical
Changed in update-manager (Ubuntu Noble):
importance: Undecided → Critical
Changed in update-manager (Ubuntu Oracular):
importance: Undecided → Critical
Steve Langasek (vorlon)
tags: added: foundations-todo
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.