** Description changed: + [Impact] + + * If an update has a new conffile at a path that in a former version was + a directory like + old: /a/b/c + new: a/b + Here b is the new file name and was a directory in the old version. + Then unattended upgrades breaks on installing such a package. + + * a recent qemu update has such a case and due to that triggered the + issue in >=Bionic + + * The fix is to harden unattended upgrades to be able to handle the case + without aborting. + + [Test Case] + + Get a qemu guest e.g. of Bionic before the update to 1:2.11+dfsg-1ubuntu7.12 + That can be done with: + $ time uvt-simplestreams-libvirt --verbose sync --source http://cloud-images.ubuntu.com/daily arch=amd64 label=daily release=bionic + $ uvt-kvm create --password ubuntu bionic-testuu arch=amd64 release=bionic label=daily + + Log in and apt update & upgrade all packages, then Install the release level qemu in there. + $ uvt-kvm ssh bionic-testuu + $ sudo apt update + $ sudo apt dist-upgrade + $ sudo apt install unattended-upgrades + $ sudo apt install qemu-guest-agent=1:2.11+dfsg-1ubuntu7 + + All before was preparation, now force the unattended upgrade to trigger the bug. + $ sudo unattended-upgrade -d + + With the bug you'll find some error like: + found pkg: qemu-guest-agent + conffile line: /etc/init.d/qemu-guest-agent f61a64ac1e48993023018fd1cff85191 + current md5: f61a64ac1e48993023018fd1cff85191 + conffile line: /etc/qemu/fsfreeze-hook/fsfreeze-hook 15f6ff42cbc5550a07ee21c2a471d905 + /etc/qemu/fsfreeze-hook/fsfreeze-hook not in package conffiles /etc/init.d/qemu-guest-agent + /etc/qemu/fsfreeze-hook + found conffile /etc/qemu/fsfreeze-hook in new pkg but on dpkg status + Traceback (most recent call last): + File "/usr/bin/unattended-upgrade", line 2057, in <module> + sys.exit(main(options)) + File "/usr/bin/unattended-upgrade", line 1773, in main + if conffile_prompt(item.destfile): + File "/usr/bin/unattended-upgrade", line 988, in conffile_prompt + with open(prefix + conf_file, 'rb') as fp: + IsADirectoryError: [Errno 21] Is a directory: '/etc/qemu/fsfreeze-hook' + + [Regression Potential] + + TODO: rbalint who writes the fix + * discussion of how regressions are most likely to manifest as a result of this change. + + * It is assumed that any SRU candidate patch is well-tested before + upload and has a low overall risk of regression, but it's important + to make the effort to think about what ''could'' happen in the + event of a regression. + + * This both shows the SRU team that the risks have been considered, + and provides guidance to testers in regression-testing the SRU. + + [Other Info] + + * n/a + + --- + As reported on https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1820291/comments/20 We fixed an issue and we added workrounds since basic mv_conffile coudn't handle it and did all sort of upgrade tests. That all worked fine and moved the conffile. It was now reported that due to some pre-checks that unattended upgrades might do this might do some checks on its own. Next step: - check unattended upgrades through this change - check if it only affects cases were the former config was modified (minority) or the default file layout (majority) - --- original report copied --- just wanted to add: This bug also crashes unattended-upgrade and thus prevents security updates on 18.04: root@mailin1:~# unattended-upgrade Traceback (most recent call last): - File "/usr/bin/unattended-upgrade", line 1998, in <module> - sys.exit(main(options)) - File "/usr/bin/unattended-upgrade", line 1714, in main - if conffile_prompt(item.destfile): - File "/usr/bin/unattended-upgrade", line 929, in conffile_prompt - with open(prefix + conf_file, 'rb') as fp: + File "/usr/bin/unattended-upgrade", line 1998, in <module> + sys.exit(main(options)) + File "/usr/bin/unattended-upgrade", line 1714, in main + if conffile_prompt(item.destfile): + File "/usr/bin/unattended-upgrade", line 929, in conffile_prompt + with open(prefix + conf_file, 'rb') as fp: IsADirectoryError: [Errno 21] Is a directory: '/etc/qemu/fsfreeze-hook' Basically, unattended-upgrade wants to compare old/new conffiles and doesn't like it when the old conffile turns out to be a directory... This prevents security updates to be installed. The unattended-upgrade logs do not contain the trace, only the messages: 2019-04-05 13:24:24,851 INFO Initial blacklisted packages: 2019-04-05 13:24:24,853 INFO Initial whitelisted packages: 2019-04-05 13:24:24,853 INFO Starting unattended upgrades script 2019-04-05 13:24:24,854 INFO Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic' And that's it. You can't really get out of this without manually running 'apt-get install qemu-guest-agent' because at this point, unattended-upgrade can't update itself anymore.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to unattended-upgrades in Ubuntu. https://bugs.launchpad.net/bugs/1823872 Title: Fixing fsfreeze-hook can break unattended upgrades Status in qemu package in Ubuntu: Confirmed Status in unattended-upgrades package in Ubuntu: Confirmed Bug description: [Impact] * If an update has a new conffile at a path that in a former version was a directory like old: /a/b/c new: a/b Here b is the new file name and was a directory in the old version. Then unattended upgrades breaks on installing such a package. * a recent qemu update has such a case and due to that triggered the issue in >=Bionic * The fix is to harden unattended upgrades to be able to handle the case without aborting. [Test Case] Get a qemu guest e.g. of Bionic before the update to 1:2.11+dfsg-1ubuntu7.12 That can be done with: $ time uvt-simplestreams-libvirt --verbose sync --source http://cloud-images.ubuntu.com/daily arch=amd64 label=daily release=bionic $ uvt-kvm create --password ubuntu bionic-testuu arch=amd64 release=bionic label=daily Log in and apt update & upgrade all packages, then Install the release level qemu in there. $ uvt-kvm ssh bionic-testuu $ sudo apt update $ sudo apt dist-upgrade $ sudo apt install unattended-upgrades $ sudo apt install qemu-guest-agent=1:2.11+dfsg-1ubuntu7 All before was preparation, now force the unattended upgrade to trigger the bug. $ sudo unattended-upgrade -d With the bug you'll find some error like: found pkg: qemu-guest-agent conffile line: /etc/init.d/qemu-guest-agent f61a64ac1e48993023018fd1cff85191 current md5: f61a64ac1e48993023018fd1cff85191 conffile line: /etc/qemu/fsfreeze-hook/fsfreeze-hook 15f6ff42cbc5550a07ee21c2a471d905 /etc/qemu/fsfreeze-hook/fsfreeze-hook not in package conffiles /etc/init.d/qemu-guest-agent /etc/qemu/fsfreeze-hook found conffile /etc/qemu/fsfreeze-hook in new pkg but on dpkg status Traceback (most recent call last): File "/usr/bin/unattended-upgrade", line 2057, in <module> sys.exit(main(options)) File "/usr/bin/unattended-upgrade", line 1773, in main if conffile_prompt(item.destfile): File "/usr/bin/unattended-upgrade", line 988, in conffile_prompt with open(prefix + conf_file, 'rb') as fp: IsADirectoryError: [Errno 21] Is a directory: '/etc/qemu/fsfreeze-hook' [Regression Potential] TODO: rbalint who writes the fix * discussion of how regressions are most likely to manifest as a result of this change. * It is assumed that any SRU candidate patch is well-tested before upload and has a low overall risk of regression, but it's important to make the effort to think about what ''could'' happen in the event of a regression. * This both shows the SRU team that the risks have been considered, and provides guidance to testers in regression-testing the SRU. [Other Info] * n/a --- As reported on https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1820291/comments/20 We fixed an issue and we added workrounds since basic mv_conffile coudn't handle it and did all sort of upgrade tests. That all worked fine and moved the conffile. It was now reported that due to some pre-checks that unattended upgrades might do this might do some checks on its own. Next step: - check unattended upgrades through this change - check if it only affects cases were the former config was modified (minority) or the default file layout (majority) --- original report copied --- just wanted to add: This bug also crashes unattended-upgrade and thus prevents security updates on 18.04: root@mailin1:~# unattended-upgrade Traceback (most recent call last): File "/usr/bin/unattended-upgrade", line 1998, in <module> sys.exit(main(options)) File "/usr/bin/unattended-upgrade", line 1714, in main if conffile_prompt(item.destfile): File "/usr/bin/unattended-upgrade", line 929, in conffile_prompt with open(prefix + conf_file, 'rb') as fp: IsADirectoryError: [Errno 21] Is a directory: '/etc/qemu/fsfreeze-hook' Basically, unattended-upgrade wants to compare old/new conffiles and doesn't like it when the old conffile turns out to be a directory... This prevents security updates to be installed. The unattended-upgrade logs do not contain the trace, only the messages: 2019-04-05 13:24:24,851 INFO Initial blacklisted packages: 2019-04-05 13:24:24,853 INFO Initial whitelisted packages: 2019-04-05 13:24:24,853 INFO Starting unattended upgrades script 2019-04-05 13:24:24,854 INFO Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic' And that's it. You can't really get out of this without manually running 'apt-get install qemu-guest-agent' because at this point, unattended-upgrade can't update itself anymore. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1823872/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
