[Bug 2006589] Re: Anacron service and timer disabled after upgrading from 2.3-33
Adrien Nader
2006589 at bugs.launchpad.net
Wed Mar 22 12:35:02 UTC 2023
** Description changed:
As hinted by https://lists.debian.org/debian-devel-
announce/2022/11/msg00001.html , anacron 2.3-33's packaging has a bug
which disables both the timer and service when its postrm script is
invoked and that includes upgrades from this package.
We need to work-around this issue since it is the version in kinetic.
+
+ === SRU request below ===
+
+ [ Impact ]
+
+ * Due to an issue in the postrm script of anacron 2.3-33, upgrades
+ *from* that version disable the anacron service and timer.
+ Timeline:
+ - 2.3-32*: not buggy
+ - 2.3-33*: buggy
+ - 2.3-34*: buggy
+ - 2.3-35*: not buggy, no work-around (Debian decided against further
+ actions due to the affected versions only hitting unstable)
+ - 2.3-36: not buggy, no work-around
+ - 2.3-36ubuntu1: not buggy, no work-around
+ - 2.3-36ubuntu2: not buggy, work-around added
+
+ * We need to make sure that users do not upgrade to any version that is
+ less than 2.3-36ubuntu2 which contains a work-around for the bug in
+ 2.3-33's postrm. This means that security updates must contain the
+ fix and the work-around, hence this SRU.
+ There are two aspects to this SRU:
+ - fixing the bug introduced in 2.3-33 and removed in 2.3-35
+ (responsible code was reverted back),
+ - working around the fact that the bug gets triggered when updating
+ from 2.3-33.
+
+ * The fix has been discussed as part of
+ https://bugs.launchpad.net/ubuntu/+source/anacron/+bug/2006589
+ The work-around uses 1) preinst to backup the service state before
+ the buggy postrm script runs, 2) postinst to restore the backup.
+
+ [ Test Plan ]
+
+ * NB: if you're running Lunar, your anacron.service and anacron.timer
+ are likely disabled due to this issue.
+
+ * Steps to reproduce the issue:
+ - install anacron-2.3-33* or anacron-2.3-34* (kinetic uses 2.3-33)
+ - check whether anacron.service (same for anacron.timer) is enabled:
+ systemctl show anacron.service --property=UnitFileState
+ - update anacron to any other version before 2.3-36ubuntu2 (including
+ previous version and including reinstalling the same version);
+ - check whether anacron.service (same for anacron.timer) is enabled:
+ systemctl show anacron.service --property=UnitFileState
+ if the service or timer were enabled before, they will now be
+ disabled; if they are not disabled, run "systemctl daemon-reload"
+ and check again
+
+ * Steps to test the fix:
+ - install anacron-2.3-33* or anacron-2.3-34*
+ - enable anacron.service and anacron.timer:
+ systemctl enable anacron.service anacron.timer
+ - update to anacron >= 2.3-36ubuntu2; if you pay attention to the
+ console output, you will see messages related to the issue
+ - check that anacron.service and anacron.timer are still enabled:
+ systemctl show anacron.service --property=UnitFileState
+ systemctl show anacron.timer --property=UnitFileState
+
+ [ Where problems could occur ]
+
+ * The fixed version is in lunar and is installed on a number of
+ machines already with no report so far. Unfortunately there has been
+ a window of opportunity for people to upgrade to an intermediate and
+ trigger the issue, therefore preventing the work-around to run. This
+ is not a specifically a problem with this update but it is a
+ limitation.
+
+ * There is always the possibility that this change breaks anacron.
+ However, without the work-around, anacron will be disabled silently.
+ As such, this update cannot make things worse in this regard.
+
+ * There is always the possibility of a grave bug that removes
+ everything on the machine. This is made more likely because the
+ postinst and postrm scripts are shell scripts and shell script makes
+ all errors more likely.
+ The code has however been written defensively, has been reviewed,
+ has been analyzed with shellcheck and has been tested on several
+ machines thanks to the update being in lunar. Moreover it does not
+ use destructive operations like "rm" (the exception is "rmdir
+ --ignore-fail-on-non-empty" which is zero-risk).
+
+ [ Other Info ]
+
+ * We should communicate to LL users about this issue once the SRU is
+ done.
+ Why wait for the SRU to communicate to users of an unreleased
+ version? Because it makes the message simpler: "all versions now are
+ fixed; update and check the service/timer status, you can't stumble
+ on the issue anymore".
+ While preparing the SRU, I was also reminded that we've been
+ including this NEWS file from Debian:
+ https://salsa.debian.org/debian/anacron/-/raw/0ce23b/debian/NEWS
+ I've tweaked it but the change isn't present in the lunar package
+
+ * Since the only requirement for this SRU is to be present before any
+ other update of anacron, this should be blocked forever. The bug
+ report on launchpad has the block-proposed-kinetic tag.
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/2006589
Title:
Anacron service and timer disabled after upgrading from 2.3-33
Status in anacron package in Ubuntu:
Fix Released
Bug description:
As hinted by https://lists.debian.org/debian-devel-
announce/2022/11/msg00001.html , anacron 2.3-33's packaging has a bug
which disables both the timer and service when its postrm script is
invoked and that includes upgrades from this package.
We need to work-around this issue since it is the version in kinetic.
=== SRU request below ===
[ Impact ]
* Due to an issue in the postrm script of anacron 2.3-33, upgrades
*from* that version disable the anacron service and timer.
Timeline:
- 2.3-32*: not buggy
- 2.3-33*: buggy
- 2.3-34*: buggy
- 2.3-35*: not buggy, no work-around (Debian decided against further
actions due to the affected versions only hitting unstable)
- 2.3-36: not buggy, no work-around
- 2.3-36ubuntu1: not buggy, no work-around
- 2.3-36ubuntu2: not buggy, work-around added
* We need to make sure that users do not upgrade to any version that is
less than 2.3-36ubuntu2 which contains a work-around for the bug in
2.3-33's postrm. This means that security updates must contain the
fix and the work-around, hence this SRU.
There are two aspects to this SRU:
- fixing the bug introduced in 2.3-33 and removed in 2.3-35
(responsible code was reverted back),
- working around the fact that the bug gets triggered when updating
from 2.3-33.
* The fix has been discussed as part of
https://bugs.launchpad.net/ubuntu/+source/anacron/+bug/2006589
The work-around uses 1) preinst to backup the service state before
the buggy postrm script runs, 2) postinst to restore the backup.
[ Test Plan ]
* NB: if you're running Lunar, your anacron.service and anacron.timer
are likely disabled due to this issue.
* Steps to reproduce the issue:
- install anacron-2.3-33* or anacron-2.3-34* (kinetic uses 2.3-33)
- check whether anacron.service (same for anacron.timer) is enabled:
systemctl show anacron.service --property=UnitFileState
- update anacron to any other version before 2.3-36ubuntu2 (including
previous version and including reinstalling the same version);
- check whether anacron.service (same for anacron.timer) is enabled:
systemctl show anacron.service --property=UnitFileState
if the service or timer were enabled before, they will now be
disabled; if they are not disabled, run "systemctl daemon-reload"
and check again
* Steps to test the fix:
- install anacron-2.3-33* or anacron-2.3-34*
- enable anacron.service and anacron.timer:
systemctl enable anacron.service anacron.timer
- update to anacron >= 2.3-36ubuntu2; if you pay attention to the
console output, you will see messages related to the issue
- check that anacron.service and anacron.timer are still enabled:
systemctl show anacron.service --property=UnitFileState
systemctl show anacron.timer --property=UnitFileState
[ Where problems could occur ]
* The fixed version is in lunar and is installed on a number of
machines already with no report so far. Unfortunately there has been
a window of opportunity for people to upgrade to an intermediate and
trigger the issue, therefore preventing the work-around to run. This
is not a specifically a problem with this update but it is a
limitation.
* There is always the possibility that this change breaks anacron.
However, without the work-around, anacron will be disabled silently.
As such, this update cannot make things worse in this regard.
* There is always the possibility of a grave bug that removes
everything on the machine. This is made more likely because the
postinst and postrm scripts are shell scripts and shell script makes
all errors more likely.
The code has however been written defensively, has been reviewed,
has been analyzed with shellcheck and has been tested on several
machines thanks to the update being in lunar. Moreover it does not
use destructive operations like "rm" (the exception is "rmdir
--ignore-fail-on-non-empty" which is zero-risk).
[ Other Info ]
* We should communicate to LL users about this issue once the SRU is
done.
Why wait for the SRU to communicate to users of an unreleased
version? Because it makes the message simpler: "all versions now are
fixed; update and check the service/timer status, you can't stumble
on the issue anymore".
While preparing the SRU, I was also reminded that we've been
including this NEWS file from Debian:
https://salsa.debian.org/debian/anacron/-/raw/0ce23b/debian/NEWS
I've tweaked it but the change isn't present in the lunar package
* Since the only requirement for this SRU is to be present before any
other update of anacron, this should be blocked forever. The bug
report on launchpad has the block-proposed-kinetic tag.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/anacron/+bug/2006589/+subscriptions
More information about the Ubuntu-sponsors
mailing list