** Description changed:
+ [ Impact ]
+
+ When the a factory image is installed onto a new system it ends up with
+ very old packages installed as available when that image was frozen.
+ Due to the presence of strict version clamps in some older linux-
+ restricted-modules packages these will not upgrade as removals are
+ required, however the associated kernel can still upgrade. This leads
+ unattended-upgrades to upgrade one without the other rendering the
+ latest kernel unable to drive the display. A very poor user experience
+ on second boot.
+
+ [ Test Plan ]
+
+ Install a factory image into a VM and allow unattended-upgrades to
+ upgrade the system; expect the kernel to upgrade and Nvidia components
+ to be held-back. Then install this package and expect both to upgrade.
+
+ [ Where problems could occur ]
+
+ The new source provides updated packages for very old and now abandoned
+ ABI specific packages. No current install should have the packages we
+ are changing nor should they be installed by normal updates. Affected
+ installs from frozen media should install a single package out of this
+ set based on their frozen ABI version releasing the strict version
+ clamp, and then immediately upgrade to the latest packages in the
+ archive. We do not expect these packages to remain installed on any
+ system.
+
+ [ Other Info ]
+
+ All included packages are pulled directly from the Launchpad Librarian.
+
+ ===
+
If the GMed image used earlier kernel than 5.17.0-1020-oem, then you
would like meet this issue.
- 1020-oem is in security channel. In jammy the unattende-upgrade will
+ 1020-oem is in security channel. In jammy the unattended-upgrade will
install security fixes by default.
For the I+N platforms, the nvidia driver couldn't be installed for
1020-oem kernel, then user will meet a black screen cause of nvidia
modules couldn't be loaded.
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}";
"${distro_id}:${distro_codename}-security";
// Extended Security Maintenance; doesn't necessarily exist for
// every release and this system may not have it installed, but if
// available, the policy for updates is such that unattended-upgrades
// should also install from here by default.
"${distro_id}ESMApps:${distro_codename}-apps-security";
"${distro_id}ESM:${distro_codename}-infra-security";
** Changed in: linux-meta-oem-5.14 (Ubuntu)
Importance: Undecided => Critical
** Also affects: oem-priority/focal
Importance: Critical
Assignee: Bin Li (binli)
Status: Confirmed
** No longer affects: oem-priority/focal
** Also affects: linux-meta-oem-5.14 (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: linux-meta-oem-5.17 (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: linux-meta-oem-5.14 (Ubuntu Focal)
Importance: Undecided
Status: New
** Also affects: linux-meta-oem-5.17 (Ubuntu Focal)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux-meta-oem-5.17 in Ubuntu.
https://bugs.launchpad.net/bugs/1997505
Title:
Unattended-Upgrade will upgrade 1020-oem kernel without nvidia-driver
Status in OEM Priority Project:
Confirmed
Status in linux-meta-oem-5.14 package in Ubuntu:
New
Status in linux-meta-oem-5.17 package in Ubuntu:
Fix Released
Status in linux-meta-oem-5.14 source package in Focal:
New
Status in linux-meta-oem-5.17 source package in Focal:
New
Status in linux-meta-oem-5.14 source package in Jammy:
New
Status in linux-meta-oem-5.17 source package in Jammy:
New
Bug description:
[ Impact ]
When the a factory image is installed onto a new system it ends up
with very old packages installed as available when that image was
frozen. Due to the presence of strict version clamps in some older
linux-restricted-modules packages these will not upgrade as removals
are required, however the associated kernel can still upgrade. This
leads unattended-upgrades to upgrade one without the other rendering
the latest kernel unable to drive the display. A very poor user
experience on second boot.
[ Test Plan ]
Install a factory image into a VM and allow unattended-upgrades to
upgrade the system; expect the kernel to upgrade and Nvidia components
to be held-back. Then install this package and expect both to
upgrade.
[ Where problems could occur ]
The new source provides updated packages for very old and now
abandoned ABI specific packages. No current install should have the
packages we are changing nor should they be installed by normal
updates. Affected installs from frozen media should install a single
package out of this set based on their frozen ABI version releasing
the strict version clamp, and then immediately upgrade to the latest
packages in the archive. We do not expect these packages to remain
installed on any system.
[ Other Info ]
All included packages are pulled directly from the Launchpad
Librarian.
===
If the GMed image used earlier kernel than 5.17.0-1020-oem, then you
would like meet this issue.
1020-oem is in security channel. In jammy the unattended-upgrade will
install security fixes by default.
For the I+N platforms, the nvidia driver couldn't be installed for
1020-oem kernel, then user will meet a black screen cause of nvidia
modules couldn't be loaded.
Unattended-Upgrade::Allowed-Origins {
"${distro_id}:${distro_codename}";
"${distro_id}:${distro_codename}-security";
// Extended Security Maintenance; doesn't necessarily exist for
// every release and this system may not have it installed, but if
// available, the policy for updates is such that unattended-upgrades
// should also install from here by default.
"${distro_id}ESMApps:${distro_codename}-apps-security";
"${distro_id}ESM:${distro_codename}-infra-security";
To manage notifications about this bug go to:
https://bugs.launchpad.net/oem-priority/+bug/1997505/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
