Skip to content
This repository has been archived by the owner on Jun 25, 2023. It is now read-only.

Install the update-notifier-common package if required #6

Closed
jmgq opened this issue Apr 12, 2015 · 21 comments
Closed

Install the update-notifier-common package if required #6

jmgq opened this issue Apr 12, 2015 · 21 comments

Comments

@jmgq
Copy link
Contributor

jmgq commented Apr 12, 2015

According to https://help.ubuntu.com/community/AutomaticSecurityUpdates (and several other sources):

If you want the script to automatically reboot when needed, you not only need to set Unattended-Upgrade::Automatic-Reboot "true", but you also need to have the "update-notifier-common" package installed. On minimal installations this is not installed by default and without it the automatic updater will never reboot and will not even tell you that you need to reboot manually if you have email notifications configured!

I think it would be nice to have a conditional task that installs the aforementioned package if necessary (that is, if the unattended_automatic_reboot variable is set to true).

jmgq added a commit to jmgq/ansible-role-unattended-upgrades that referenced this issue Apr 12, 2015
@jnv
Copy link
Owner

jnv commented Apr 14, 2015

Thank you Jose for the report and PR, though I am not sure about Debian compatibility. It seems this package is missing in Jessie: https://packages.debian.org/search?suite=all&searchon=names&keywords=update-notifier-common

The Debian wiki does not mention this dependency, so I think it would be probably better to limit this only to Ubuntu. What do you think?

@jmgq
Copy link
Contributor Author

jmgq commented Apr 15, 2015

That's a very good point, @jnv. I tried it on Debian Wheezy and it worked, but it looks like it has been removed in Jessie, which is going to be the stable release soon.

Regarding your question, I think that limiting this task to Ubuntu is a valid solution, but doing so will also mean that it would be confusing for the Debian users (as for them the computer won't automatically restart, despite the fact that they explicitly set unattended_automatic_reboot to true).

Apparently, it looks like the update-notifier package is being replaced by gnome-packagekit in Debian Jessie. So another option could be to install this package for the Debian users, but to me it seems like an overkill to install it, as it needs to install A LOT of dependencies.

Please, let me send an e-mail to the Debian's update-notifier maintainer, see if he can give us an insight into this problem, and I'll come back and share what I learn from that conversation. Does that sound ok?

@jnv
Copy link
Owner

jnv commented Apr 15, 2015

Yes, thank you for looking into this!

It seems the only reason for this unspecified dependency is that the script looks for an existence of /var/run/reboot-required file, which is supposedly created by the update-notifier-common. Since this is used also for MOTD, I don't think they'd roll this functionality into a Gnome application, maybe it was replaced by something in the packagekit.

Either way, I think we could attempt to install update-notifier-common first and then fallback to whatever the replacement is, or just handle distro/release versions directly.

@jmgq
Copy link
Contributor Author

jmgq commented Apr 28, 2015

I wrote an e-mail to two different maintainers, but unfortunately I haven't received a response.

For testing purposes, I've been installing different packages that are dependencies to gnome-packagekit in Jessie, but I couldn't find any package that creates the /var/run/reboot-required file.

One of the things I found out is that after installing update-notifier-common, a script (/usr/share/update-notifier/notify-reboot-required) is created. This script handles the creation of the /var/run/reboot-required file. Unfortunately, update-notifier-common is the only package that provides the notify-reboot-required script (you can test this by installing apt-file, then running apt-file update and apt-file search notify-reboot-required).

However, it looks like a new package called reboot-notifier is going to be added to Debian, according to this source.

The description in the reboot-notifier package states that:

The format used for the temporary files in /var/run/ is designed to be compatible with any scripts that were written to work with the late update-notifier-common package.

So it looks like it's just a matter of time, apparently in the future Debian will have a "replacement" for update-notifier-common.

Because of all this, my suggestion would be (as you indicated in your last paragraph):

  1. Install update-notifier-common if the distribution is Ubuntu (any), Debian Squeeze or Debian Wheezy (this is my favourite option).
  2. In case the user's Debian release does not have the update-notifier-common package, inform the user by either:
    1. Failing and displaying a user friendly message via ansible fail.
    2. Attempting to install the package, and letting ansible fail when the apt module is unable to find the package.
    3. Skip the installation of the update-notifier-common package and continue running the playbook. In this case, as this is similar to failing silently, I think we should include a note in the Readme explaining that the user needs to find a way to create the /var/run/reboot-required file himself. This is my least favourite option, as the user may not read the Readme file and the playbook will run correctly and the user will mistakenly think that his system will be rebooted automatically.
  3. In the future, when the reboot-notifier package is added to Debian, we could modify this ansible role so it installs reboot-notifier if update-notifier-common is not found.

Any thoughts on this?

@jnv
Copy link
Owner

jnv commented Apr 29, 2015

Wow, thanks for a thorough research!

First of all, I think we should avoid fixing or working around issues with distributions' packaging and documentation. If the software provides a feature which depends on other software, but the package itself doesn't communicate this dependency (at least in form of recommended or suggested package with proper explanation), I think we should first escalate this to upstream.

Therefore I would prefer to avoid assuming anything until Debian fixes their packages: if Jessie has been released with unattended-upgrades dependent on update-notifier but there is neither appropriate replacement nor documentation, this is clearly a bug on their side. We can at the very least inform the user that the thing they want to do probably won't work.

Otherwise we may end up implementing our own workaround like the Chef folks (see sous-chefs/apt#80), which is clearly out of the scope for this package.

Furthermore I would prefer to avoid tying the behaviour to specific distribution versions. So I propose the following:

If unattended_automatic_reboot is set to true then, regardless of distribution:

  1. Attempt to install update-notifier-common
  2. If that fails, attempt to install reboot-notifier
  3. If that fails, bail out (with an explanation of what went wrong).

…and explain this in documentation.

Just warning the user seems like a potiential source of unintended behaviour. Unless, say, user wants to introduce their own workaround.

@jmgq
Copy link
Contributor Author

jmgq commented May 2, 2015

Excellent, I'll implement it like that in the next few days :)

Just to clarify, I think we shouldn't attempt to install reboot-notifier right now, as that package is not yet part of Debian, not even in Sid. And even if it's accepted in the future, we cannot guarantee that its final name will be reboot-notifier. I think that once it's included in Sid we could send a new Pull Request to add it to this role, what do you think?

@jnv
Copy link
Owner

jnv commented May 2, 2015

Yes, I agree about reboot-notifier, let's leave it out for now. Just one thing: could you please add this functionality to a separate file in tasks and include it only when unattended_automatic_reboot is truthy?

Thank you so much for taking care of this, I'm looking forward to your PR!

@jmgq
Copy link
Contributor Author

jmgq commented May 2, 2015

I've updated my PR to accommodate the changes you requested. However, in your previous comment you said:

…and explain this in documentation.

But I'm not sure what to write in the README.md file. So if you could give me the exact text you want to include in the documentation, I'll happily update my PR again. Or of course you can add it yourself if it's easier.

@jnv jnv closed this as completed in 496a2de May 4, 2015
jnv pushed a commit that referenced this issue May 4, 2015
jnv added a commit that referenced this issue May 4, 2015
@jnv
Copy link
Owner

jnv commented May 4, 2015

I have merged your PR, added the note to the README and released it as version 1.1.0. Thank you so much for your help, Jose!

Please, let me know once the reboot-notifier (or whatever the package will be named) makes it to the repository.

@jmatsushita
Copy link

Hi there, looks like reboot-notifier is in sid now : https://packages.debian.org/sid/reboot-notifier

@jnv
Copy link
Owner

jnv commented Sep 24, 2015

Thanks @jmatsushita, though is it sid only? No recommended solution for Jessie?

@zuzzas
Copy link

zuzzas commented Oct 11, 2015

It looks like reboot-notifier is in "jessie-backports" now: https://packages.debian.org/jessie-backports/reboot-notifier

Knowing the Debian team, it won't make it to the stable dist until after stretch comes out.

Would you consider adding support for reboot-notifier now?

@jnv
Copy link
Owner

jnv commented Oct 11, 2015

Sure! We will need extra instructions, perhaps a separate role for adding backports.

@sebalix
Copy link

sebalix commented Oct 28, 2015

An update made in June of unattended-upgrades in Jessie claims that the automatic reboot is fixed:

unattended-upgrades (0.83.3.2) stable; urgency=low

  * Rebuild in a clean schroot (closes: #783690, #788066)
  * Cherry pick 4c755d7 so that the optional automatic-reboot
    feature works again (closes: #788358)

 -- Michael Vogt <mvo@debian.org>  Mon, 15 Jun 2015 15:32:33 +0200

http://metadata.ftp-master.debian.org/changelogs//main/u/unattended-upgrades/unattended-upgrades_0.83.3.2+deb8u1_changelog

The associated commit: mvo5/unattended-upgrades@4c755d7

Not tested however.

@jnv jnv reopened this Dec 2, 2015
@jnv
Copy link
Owner

jnv commented Dec 8, 2015

Thanks @sebalix! So to my understanding, unattended-upgrades has merged-in the reboot notifier feature, therefore no extra dependency is required. So for our part, just removing the conditional failure should work.

jnv added a commit that referenced this issue Dec 8, 2015
@sebalix
Copy link

sebalix commented Mar 26, 2016

Hi,
Any news about this? There is a reboot branch, but it is not merged into master. Is there a blocking point?

@ghost
Copy link

ghost commented Jan 29, 2018

Are you sure that reboot-notifier was the correct replacement for update-notifier-common, and not update-notifier?

@ghost
Copy link

ghost commented Jan 29, 2018

Using v1.4.0 of this module, with both reboot-notifier and update-notifier installed on the target host, I get:

TASK [jnv.unattended-upgrades : install update-notifier-common] *******************
fatal: [my_host]: FAILED! => {"changed": false, "msg": "No package matching 'update-notifier-common' is available"}
...ignoring

@ghost
Copy link

ghost commented Jan 29, 2018

Ah, I guess that was this part kicking in:

If that fails, bail out (with an explanation of what went wrong).

Might be an idea to make it an informational notification, rather than a red warning that says, "FAILED!" ;)

@jnv
Copy link
Owner

jnv commented Jan 29, 2018

@sampablokuper Ah, yes, good point. Perhaps we could remove this completely, but I am not sure what is the status of LTS distros which still require update-notifier-common.

@ghost
Copy link

ghost commented Jan 30, 2018

@jnv wrote:

Perhaps we could remove this completely, but I am not sure what is the status of LTS distros which still require update-notifier-common.

I'm not suggesting the warning be removed completely, but there doesn't seem to be much point in retaining it on distro versions for which it is irrelevant (e.g. Debian 8 or 9). This PR fixes that :)

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

5 participants