[Bug 1778219] Re: unattended-upgrades hangs on shutdown, leaves system in a broken state

Balint Reczey balint.reczey at canonical.com
Sun Oct 14 11:43:33 UTC 2018 

The hang can also occur when unattended-upgrades is started by apt's
timer (u-u is modified to help hitting it at the right time):

$ cat reproduce-apt-ran-uu.sh
#!/bin/sh

set -e

apt update
apt upgrade -y
echo 'Unattended-Upgrade::Allowed-Origins:: "${distro_id}:${distro_codename}-updates";' > /etc/apt/apt.conf.d/51unattended-upgrades-updates-too
case $(lsb_release -c -s) in
    bionic)
        apt install --allow-downgrades -y apport=2.20.9-0ubuntu7 snapd=2.32.5+18.04
        ;;
esac

grep -q 'sleep' /usr/bin/unattended-upgrade || sed -i 's/import
atexit/import time\nimport atexit/;s/res = cache\.commit/time.sleep(5)\n
res = cache.commit/' /usr/bin/unattended-upgrade

rm -f /var/lib/apt/periodic/u*
apt upgrade -d -y
service apt-daily-upgrade start &
sleep 7
reboot

@juliank In https://bugs.launchpad.net/ubuntu/+source/unattended-
upgrades/+bug/1690980/comments/50 you suggested inhibiting shutdown for
the commit operations only in u-u, but IMO that would still leave the
race condition open where the user can start shutdown between commits
thus possibly hanging the system with the issue reported in this bug.

One option (1) would be u-u starting the inhibition at the beginning of its run via dbus, the other (2) would be  apt.systemd.daily calling  u-u with the systemd-inhibit wrapper.
2 would be cleaner and u-u would not have to grow dependency on Python3 dbus modules.

Apt.systemd.daily calling u-u with systemd-inhibit would not back
shutdown for long on average since it is already unlikely to hit an
upgrade with a shutdown, but in the worst case installing all bionic
security updates can take 10-s of minutes. Again, this is a highly
unlikely scenario, but if users are hitting that u-u could still get
support for monitoring inhibited shutdown requests on dbus and
gracefully stop without applying all updates.


https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac
/autopkgtest-bionic/bionic/amd64/u/unattended-
upgrades/20181010_011153_2b8c7@/log.gz

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to unattended-upgrades in Ubuntu.
https://bugs.launchpad.net/bugs/1778219

Title:
  unattended-upgrades hangs on shutdown, leaves system in a broken state

Status in apt package in Ubuntu:
  New
Status in init-system-helpers package in Ubuntu:
  Invalid
Status in snapd package in Ubuntu:
  New
Status in unattended-upgrades package in Ubuntu:
  Fix Released

Bug description:
  [Impact]

   * Unattended-upgrades hangs and gets killed when installing upgrades
  that stat/stop services on shutdown, leaving the system in a broken
  state

  [Test Case]

   * Install an updated bionic system:
     $ lxc launch ubuntu:18.04 uu-shutdown-test
     # apt update
     ...

   * When testing the fixed version, install upgrade u-u at this point checking that u-u.service is set up before and is wanted by shutdown.target:
  # systemd-analyze dot | grep unatt
  	"unattended-upgrades.service"->"-.mount" [color="green"];
  	"unattended-upgrades.service"->"system.slice" [color="green"];
  	"unattended-upgrades.service"->"network.target" [color="green"];
  	"unattended-upgrades.service"->"systemd-journald.socket" [color="green"];
  	"unattended-upgrades.service"->"local-fs.target" [color="green"];
  	"unattended-upgrades.service"->"-.mount" [color="black"];
  	"unattended-upgrades.service"->"system.slice" [color="black"];
  	"shutdown.target"->"unattended-upgrades.service" [color="green"];
  	"shutdown.target"->"unattended-upgrades.service" [color="grey66"];
     Color legend: black     = Requires
                   dark blue = Requisite
                   dark grey = Wants
                   red       = Conflicts
                   green     = After

   * Configure u-u to run on shutdown and install -updates:
     # echo 'Unattended-Upgrade::InstallOnShutdown "true";' > /etc/apt/apt.conf.d/51unattended-upgrades-on-shutdown
     # echo 'Unattended-Upgrade::Allowed-Origins:: "${distro_id}:${distro_codename}-updates";' > /etc/apt/apt.conf.d/51unattended-upgrades-updates-too

   * Downgrade snapd:
     # apt install snapd=2.32.5+18.04
   
   * # reboot

   * With not fixed u-u observe the upgrade process being stuck:
    # pstree| grep unatt
          `-unattended-upgr---unattended-upgr-+-unattended-upgr---dpkg---snapd.prerm---systemctl
                                              `-{unattended-upgr}

   * With fixed u-u observe snapd update taking place and system
  rebooting after a few seconds with all updates installed

   * Since this fix is partially reverting the fix for LP: #1654600
  please test LP: #1654600 as well to avoid regressions.

  [Regression Potential]

   * As part of the fix manual changes were made to postinst to properly transition from coupling u-u.service with multi-user.target to coupling it with shutdown.target again which can make u-u started during normal boot when there is a bug in the implementation.
  on-testing the SRU.
   * Due to relationship changes between u-u.service, other services and targets u-u may fail to run on shutdown in case of an unexpected regression.

  [Original Bug Text]

  When using unattended-upgrades with "InstallOnShutdown" on Bionic, the
  package installation on various packages hangs until the systemd
  ShutdownTimeout (30min) is expired and systemd kills all processes and
  powers off/reboots the system.

  This leaves packages in an unconfigured, broken state. At least
  sometimes this cannot be fixed with a "dpkg --configure -a", but
  instead requires the user to manually reinstall the package that
  caused the hang.

  This appears to be a deadlock, because the hanging commands are always
  "systemctl stop ..." or "systemctl restart ...", etc.. If I understand
  this correctly, those systemctl commands block because systemd tries
  to shutdown the system and tries to satisfy all dependencies for the
  shutdown targets before those systemctl commands could get executed,
  which creates a deadlock.

  Steps to reproduce:

  - Install 18.04
  - activate "InstallOnShutdown" in /etc/apt/apt.conf.d/50unattended-upgrades
  - disable bionic-updates in /etc/apt/sources.list (more on that later)
  - execute "unattended-upgrade --download-only"
  - reboot the system

  -> The upgrade on shutdown hangs when configuring the apport package.
  The hanging command is "systemctl stop apport-forward.socket". The
  system hangs until the systemd ShutdownTimeout expires and systemd
  forcefully reboots the system.

  After the system is rebooted the apport package is in "iUR" state, and
  needs to be reinstalled to fix this.

  I disabled the bionic-updates pocket in sources.list, because in the
  default configuration unattended-updates does not use bionic-updates,
  and seems to have skipped installation of apport from bionic-security
  (supposedly because an already newer version of apport was in bionic-
  updates). If my understanding of why apport initially did not get
  installed is correct, then this would be another problem, because it
  would mean that unattended-upgrades potentially does not install all
  available security updates when bionic-updates is enabled in
  sources.list (which is the default).

  The problem can also be reproduced without disabling bionic-updates in sources.list, but instead enabling bionic-updates in /etc/apt/apt.conf.d/50unattended-upgrades. Then, in my case, the upgrade did hang when installing the package snapd (the hanging command was "systemctl stop snapd.autoimport.service snapd.core-fixup.service snapd.service snapd.snap-repair.service snapd.snap-repair.service snapd.socket snapd.system-shutdown.service"). This leads to the same problems as described above.
  ---
  ApportVersion: 2.20.9-0ubuntu7.1
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  DistroRelease: Ubuntu 18.04
  InstallationDate: Installed on 2018-06-22 (0 days ago)
  InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
  Package: unattended-upgrades 1.1ubuntu1
  PackageArchitecture: all
  ProcVersionSignature: Ubuntu 4.15.0-20.21-generic 4.15.17
  Tags:  bionic
  Uname: Linux 4.15.0-20-generic x86_64
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dip lpadmin plugdev sambashare sudo
  _MarkForUpload: True

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1778219/+subscriptions

More information about the foundations-bugs mailing list