Services restarted by unattended upgrades because of /etc/needrestart/restart.d/systemd-manager
Wiebe Cazemier
wiebe at halfgaar.net
Wed Jun 5 11:34:11 UTC 2024
----- Original Message -----
> From: "Simon Chopin" <simon.chopin at canonical.com>
> To: "Wiebe Cazemier" <wiebe at halfgaar.net>
> Cc: ubuntu-devel-discuss at lists.ubuntu.com
> Sent: Wednesday, 5 June, 2024 20:54:37
> Subject: RE: Services restarted by unattended upgrades because of /etc/needrestart/restart.d/systemd-manager
>
> Hi Wiebe,
>
> The default behaviour of needrestart *when invoked via APT* was indeed
> changed in 24.0, as mentioned in the release notes[0] and a dedicated
> Discourse thread[1].
>
> Now, I agree that we probably should amend the comments in the
> configuration file to reflect this. I also tried to make any explicit
> setting take precedence over the custom Ubuntu behaviour, so if
> you in fact have uncommented that line, that's indeed a bug.
>
> Would you mind reporting this on Launchpad, though?
>
> Cheers,
> Simon
>
> [0]:
> https://discourse.ubuntu.com/t/ubuntu-24-04-lts-noble-numbat-release-notes/39890#services-restart-on-unattended-upgrade-27
> [1]:
> https://discourse.ubuntu.com/t/needrestart-changes-in-ubuntu-24-04-service-restarts/44671
So, basically the default was changed from 'i' to 'a'?
Hmm, while I understand the reasoning, also considering the xz hack relating to linked objects that seem insignificant, it's not really a welcome change for me. One of the services was Redis as you saw, not exposed to the internet. An extra problem was that the 20 GB database took too long to load and systemd's start timeout expired, causing a never-ending start loop. The provided unit file does not cater to large deployments. The stop/start cycle takes about 7 minutes. I guess that deserves its own bug report.
I did not have "$nrconf{restart} = 'i'" uncommented. But when I do this
> # cat /etc/needrestart/conf.d/disable-restart.conf
> $nrconf{restart} = 'l';
and reinstall libssl (apt reinstall libssl3t64), it still restarts everything, without asking. Was that the proper way to disable it that warrants a bug report?
Regards,
Wiebe
More information about the Ubuntu-devel-discuss
mailing list