[Bug 1747499] Re: 98-reboot-required and Interaction with livepatch
Olivier Gayot
1747499 at bugs.launchpad.net
Tue Apr 26 16:49:03 UTC 2022
** Description changed:
+
+ [Impact]
+
+ * If a system is using canonical livepatch, has it enabled, and patches
+ are applied, it could be confusing for a user to receive a "system
+ restart required" messages in the MOTD when logging in.
+
+ * Livepatch is available on LTS releases. Thus, the users can be
+ confused following a kernel update on 20.04.
+
+ * The upload prevents update-notifier and unattended-ugprades hooks from adding "system restart"-related messages to motd when Livepatch is enabled.
+ Livepatch, when enabled, already contributes to the motd message so there is no need to have duplicate (and sometimes contradictory) information.
+
+ [Test Plan]
+
+ * how to reproduce the bug:
+
+ 1. Install and boot a 20.04 server VM
+ 2. Make sure it runs a generic kernel (or another flavour that supports Livepatch)
+ 3. Enable Livepatch using the following command:
+ $ ua attach <token> # replace <token> by an actual contract token
+ 4. Upgrade the kernel (if you are already running the latest available kernel update, you can install a different flavour)
+ 5. Upon logging in again, the motd will show ***System restart required***.
+
+ * other testing appropriate to perform before landing this update:
+
+ * Making sure that the patch has no impact when livepatch is not enabled.
+ * The motd should show ***System restart required*** after upgrading the kernel if livepatch is not enabled.
+
+ [Where problems could occur]
+
+ * The change updates a hook script in /etc/kernel/postinst.d/. Scripts
+ in this directory are executing when upgrading / installing a kernel. If
+ somehow the script is broken, it can prevent dpkg for succeeding when
+ upgrading / installing the kernel.
+
+ * If the implementation is wrong, we might end up "losing" the
+ ***System restart required*** message when livepatch is disabled
+
+ [Original bug description]
+
If a system is using canonical livepatch, has it enabled, and patches
are applied, it could be confusing for a user to receive a "system
restart required" messages in the MOTD when logging in.
That message, when present, is printed by 98-reboot-required which
essentially just cats /var/run/reboot-required to stdout. That file is
placed by packages that require a reboot so that they are properly used
in their updated versions. Examples that come to mind are libc and the
kernel.
There is a secondary file that can be created which says which packages
requested the reboot. That would be /var/run/reboot-required.pkgs
Ideally that script should not print out the reboot required message if
a) livepatch is installed and enabled; b) the only trigger for the
reboot is a kernel update.
For (a), one can use the command "ubuntu-advantage is-livepatch-enabled"
and check $?. That is in the ubuntu-advantage-tools package.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to unattended-upgrades in Ubuntu.
https://bugs.launchpad.net/bugs/1747499
Title:
98-reboot-required and Interaction with livepatch
Status in unattended-upgrades package in Ubuntu:
Confirmed
Status in update-notifier package in Ubuntu:
Confirmed
Bug description:
[Impact]
* If a system is using canonical livepatch, has it enabled, and
patches are applied, it could be confusing for a user to receive a
"system restart required" messages in the MOTD when logging in.
* Livepatch is available on LTS releases. Thus, the users can be
confused following a kernel update on 20.04.
* The upload prevents update-notifier and unattended-ugprades hooks from adding "system restart"-related messages to motd when Livepatch is enabled.
Livepatch, when enabled, already contributes to the motd message so there is no need to have duplicate (and sometimes contradictory) information.
[Test Plan]
* how to reproduce the bug:
1. Install and boot a 20.04 server VM
2. Make sure it runs a generic kernel (or another flavour that supports Livepatch)
3. Enable Livepatch using the following command:
$ ua attach <token> # replace <token> by an actual contract token
4. Upgrade the kernel (if you are already running the latest available kernel update, you can install a different flavour)
5. Upon logging in again, the motd will show ***System restart required***.
* other testing appropriate to perform before landing this update:
* Making sure that the patch has no impact when livepatch is not enabled.
* The motd should show ***System restart required*** after upgrading the kernel if livepatch is not enabled.
[Where problems could occur]
* The change updates a hook script in /etc/kernel/postinst.d/.
Scripts in this directory are executing when upgrading / installing a
kernel. If somehow the script is broken, it can prevent dpkg for
succeeding when upgrading / installing the kernel.
* If the implementation is wrong, we might end up "losing" the
***System restart required*** message when livepatch is disabled
[Original bug description]
If a system is using canonical livepatch, has it enabled, and patches
are applied, it could be confusing for a user to receive a "system
restart required" messages in the MOTD when logging in.
That message, when present, is printed by 98-reboot-required which
essentially just cats /var/run/reboot-required to stdout. That file is
placed by packages that require a reboot so that they are properly
used in their updated versions. Examples that come to mind are libc
and the kernel.
There is a secondary file that can be created which says which
packages requested the reboot. That would be /var/run/reboot-
required.pkgs
Ideally that script should not print out the reboot required message
if a) livepatch is installed and enabled; b) the only trigger for the
reboot is a kernel update.
For (a), one can use the command "ubuntu-advantage is-livepatch-
enabled" and check $?. That is in the ubuntu-advantage-tools package.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1747499/+subscriptions
More information about the foundations-bugs
mailing list