tag 803249 upstream fixed-upstream -moreinfo thanks Hi,
On Fri, Jan 22, 2016 at 06:26:04PM -0700, Stephen Dowdy wrote: > Thomas, > > Summary: > - using an auxiliary conf.d file seems to mostly work but it was not perfect... it disables auto restart mode in case of running noninteractive. > - 'needrestart' should, however flag 'systemctl restart' notice with > 'skipping' in this case? It just lists the commands for copy'n'paste-on-demand ("Services to be restarted:"). > - 'needrestart' should not prompt to read <RETURN> on 'consider > rebooting kernel' notification in this case ACK I've added a simple check in needrestart to handle debconf's noninteractive frontend correctly. If noninteractive is used, needrestart now behaves like there is no TTY attached to /dev/std*. HTH, Thomas > (hostname)# cat /etc/needrestart/conf.d/debian_frontend_noninteractive.conf > # Switch to list mode if debconf is running noninteractive > # Ref: Bug#803249: needrestart: Restarts services in debconf noninteractive > # Thomas Liske <tho...@fiasko-nw.net> > > $nrconf{restart} = ( ($ENV{DEBIAN_FRONTEND} // '') eq 'noninteractive' ? > 'l' : 'i'); > > 1; > (changed it a tiny bit) > > I ran an update on a system that hasn't been updated for quite some time, > with : > > 19 DEBIAN_FRONTEND=noninteractive aptitude upgrade 2>&1 | tee > /tmp/aptup.log > 20 grep -i -e restart -e systemctl /tmp/aptup.log > > and nothing appeared in the log. :-) > > (hostname)# DEBIAN_FRONTEND='noninteractive' needrestart > Scanning processes... > Scanning candidates... > Scanning kernel images... > Services to be restarted: > Skipping dbus.service... > Skipping getty@tty1.service... > Skipping kdm.service... > Skipping NetworkManager.service... > Skipping systemd-journald.service... > systemctl restart acpid.service atd.service autofs.service > console-kit-daemon.service cron.service dirmngr.service gpm.service > inetd.service irqbalance.service mcelog.service mdmonitor.service > nfs-common.service nis.service packagekit.service polkitd.service > rpcbind.service sendmail.service smartd.service ssh.service udisks2.service > upower.service user@0.service user@115.service user@3619.service > > Looks like it's in list-only mode (still disconcerting to see the > 'systemctl restart' line without a "Skipping"/"DEBUG" or other flagging > prefix, but clearly it's not actually issuing restarts: > > pomelo2:~# systemctl status acpid.service > * acpid.service - ACPI event daemon > Loaded: loaded (/lib/systemd/system/acpid.service; disabled) > Active: active (running) since Sat 2015-11-28 10:30:26 MST; 1 months 24 > days ago > ... > > > (hostname)# needrestart > Scanning processes... > Scanning candidates... > Scanning kernel images... > > Graphic (curses) UI comes up, queries if i want to restart various services > (i hit CANCEL) > > BUT! > (hostname)# DEBIAN_FRONTEND='noninteractive' needrestart -v > ... > Restarting the system to load the new kernel will not be handled > automatically, so you should consider rebooting. [Return] > ... > > So, it still blocks there on a terminal read -- which it should not do if > we're truly noninteractive (but, it obviously "Does The Right Thing(tm)"if > stdin redirected from /dev/null. Just would be nice if it did NOT prompt > if it's non-interactive (even in verbose mode). > > --stephen > > On Fri, Jan 22, 2016 at 4:21 PM, Thomas Liske <tho...@fiasko-nw.net> wrote: > > > Hi Stephen, > > > > On Fri, Jan 22, 2016 at 11:44:30AM -0700, Stephen Dowdy wrote: > > > I believe the Felix is saying that 'needrestart' appears to be unaware of > > > the common explicit DEBIAN_FRONTEND=noninteractive setting used to > > indicate > > > that package management should be non-interactive (and if not, then *I* > > am) > > > > > > I will often use 'pdsh' to run forced package updates like so: > > > > > > $ cut -d: -f1 vulnerable.log | WCOLL=- pdsh -lroot 'aptitude update -q=2; > > > DEBIAN_FRONTEND=noninteractive aptitude -q=2 safe-upgrade --assume-yes -o > > > Dpkg::Options::="--force-confold" </dev/null' > > > > > > Unfortunately, 'needrestart's 'isatty' style checks are insufficient for > > my > > > needs here, as STDERR/STDOUT are attached to a pty associated with the > > > 'ssh' hitting all the systems i am updating... I have no way of then > > > telling 'needrestart' to not restart services > > > > > > So, i unexpectedly got a bunch of systemctl restart invocations, and i > > find > > > that often borks things badly. > > > > > > If 'needrestart' could also check ${DEBIAN_FRONTEND}, that would be > > awesome. > > > > > > Otherwise, i suppose i will have to cfengine out a "Default No" > > > needrestart.conf configuration to all my systems. > > > > you could try to put something like > > > > cat <<EOF > > # Switch to list mode if debconf is running noninteractive > > $nrconf{restart} = (exists($ENV{DEBIAN_FRONTEND}) && > > $ENV{DEBIAN_FRONTEND} eq 'noninteractive' ? 'l' : 'i'); > > > > 1; > > EOF > > > > into /etc/needrestart/conf.d/noninteractive.conf. If it works we might > > should add it upstream... > > > > > > > So, indeed 'unattended-upgrades' runs are also triggering needrestart to > > > believe it is running interactively, and thus it restarts things. > > > 'unattended-upgrade' appears to buy into the "DEBIAN_FRONTEND" notion of > > > noninteractivity as well: > > > > > > # grep -i interactive /usr/bin/unattended-upgrade > > > # set debconf to NON_INTERACTIVE, redirect output > > > os.putenv("DEBIAN_FRONTEND", "noninteractive") > > > env["DEBIAN_FRONTEND"] = "noninteractive" > > > > So the fix should work for unattended-upgrades, too. > > > > > > Thx & HTH, > > Thomas > > > > -- > > > > :: WWW: https://fiasko-nw.net/~thomas/ :: > > ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: > > :: flickr: https://www.flickr.com/photos/laugufe/ :: > > > > > > -- > Stephen Dowdy - Systems Administrator - NCAR/RAL > 303.497.2869 - sdo...@ucar.edu - http://www.ral.ucar.edu/~sdowdy/ -- :: WWW: https://fiasko-nw.net/~thomas/ :: ::: Jabber: xmpp:tho...@jabber.fiasko-nw.net ::: :: flickr: https://www.flickr.com/photos/laugufe/ ::