** Description changed:
+ [Impact]
+
+ * Unattended-upgrades crashes when strict whitelist is enabled and
+ there is an update available.
+
+ [Test Case]
+
+ Set up a system with at least one updated package available:
+
+ $ lxc launch ubuntu:focal ff-uu-strict
+ Creating ff-uu-strict
+ Starting ff-uu-strict
+ $ lxc shell ff-uu-strict
+ root@ff-uu-strict:~# apt update
+ ...
+ root@ff-uu-strict:~# apt list --upgradable
+ Listing... Done
+ open-vm-tools/focal-updates 2:11.1.0-2~ubuntu20.04.1 amd64 [upgradable
from: 2:11.0.5-4]
+ N: There is 1 additional version. Please use the '-a' switch to see it
+
+ Set up strict whitelist not covering the package:
+
+ root@ff-uu-strict:~# echo 'Unattended-Upgrade::Package-Whitelist-Strict
"true";' > /etc/apt/apt.conf.d/51unattended-upgrades-whitelist
+ root@ff-uu-strict:~# echo 'Unattended-Upgrade::Package-Whitelist {"foo";}'
>> /etc/apt/apt.conf.d/51unattended-upgrades-whitelist
+
+ Run unattended-upgrades:
+ root@ff-uu-strict:~# unattended-upgrade
+
+ The fixed version does not crash here, the not fixed one does.
+
+
+ [Regression Potential]
+
+ Minimal. The fix adds only one extra check to not crash dereferencing
+ None.
+
+ [Original Bug Text]
+
+
Hi,
I'm trying to use unattended-upgrades only with a few packages from a
list; to do that I tried this simple /etc/apt/apt.conf.d/51local-ua
file:
- root@focal-ua:~# cat /etc/apt/apt.conf.d/51local-ua
- Unattended-Upgrade::Package-Whitelist-Strict "true";
+ root@focal-ua:~# cat /etc/apt/apt.conf.d/51local-ua
+ Unattended-Upgrade::Package-Whitelist-Strict "true";
Unattended-Upgrade::Package-Whitelist {
"firefox";
"bash";
"openssh-server";
}
When running unattended-upgrades in dry run mode I get this crash:
root@focal-ua:~# unattended-upgrade --debug --dry-run
Running on the development release
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=focal, o=Ubuntu,a=focal-security,
o=UbuntuESMApps,a=focal-apps-security, o=UbuntuESM,a=focal-infra-security,
o=UbuntuESM,a=focal-security
- Initial blacklist:
+ Initial blacklist:
Initial whitelist (strict): firefox bash openssh-server
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-backports_universe_i18n_Translation-en'
a=focal-backports,c=universe,v=20.04,o=Ubuntu,l=Ubuntu arch=''
site='archive.ubuntu.com' IndexType='Debian Translation Index' Size=2895 ID:17>
with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-backports_universe_binary-amd64_Packages'
a=focal-backports,c=universe,v=20.04,o=Ubuntu,l=Ubuntu arch='amd64'
site='archive.ubuntu.com' IndexType='Debian Package Index' Size=11575 ID:16>
with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_multiverse_i18n_Translation-en'
a=focal-updates,c=multiverse,v=20.04,o=Ubuntu,l=Ubuntu arch=''
site='archive.ubuntu.com' IndexType='Debian Translation Index' Size=783 ID:15>
with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_multiverse_binary-amd64_Packages'
a=focal-updates,c=multiverse,v=20.04,o=Ubuntu,l=Ubuntu arch='amd64'
site='archive.ubuntu.com' IndexType='Debian Package Index' Size=2025 ID:14>
with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_universe_i18n_Translation-en'
a=focal-updates,c=universe,v=20.04,o=Ubuntu,l=Ubuntu arch=''
site='archive.ubuntu.com' IndexType='Debian Translation Index' Size=297335
ID:13> with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_universe_binary-amd64_Packages'
a=focal-updates,c=universe,v=20.04,o=Ubuntu,l=Ubuntu arch='amd64'
site='archive.ubuntu.com' IndexType='Debian Package Index' Size=658122 ID:12>
with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_restricted_i18n_Translation-en'
a=focal-updates,c=restricted,v=20.04,o=Ubuntu,l=Ubuntu arch=''
site='archive.ubuntu.com' IndexType='Debian Translation Index' Size=34222
ID:11> with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_restricted_binary-amd64_Packages'
a=focal-updates,c=restricted,v=20.04,o=Ubuntu,l=Ubuntu arch='amd64'
site='archive.ubuntu.com' IndexType='Debian Package Index' Size=76674 ID:10>
with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_main_i18n_Translation-en'
a=focal-updates,c=main,v=20.04,o=Ubuntu,l=Ubuntu arch=''
site='archive.ubuntu.com' IndexType='Debian Translation Index' Size=660043
ID:9> with -32768 pin
Marking not allowed <apt_pkg.PackageFile object:
filename:'/var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_focal-updates_main_binary-amd64_Packages'
a=focal-updates,c=main,v=20.04,o=Ubuntu,l=Ubuntu arch='amd64'
site='archive.ubuntu.com' IndexType='Debian Package Index' Size=1198660 ID:8>
with -32768 pin
An error occurred: '>' not supported between instances of 'apt_pkg.Version'
and 'int'
Traceback (most recent call last):
- File "/usr/bin/unattended-upgrade", line 1983, in main
- res = run(options, rootdir, mem_log, logfile_dpkg,
- File "/usr/bin/unattended-upgrade", line 2124, in run
- cache = UnattendedUpgradesCache(rootdir=rootdir)
- File "/usr/bin/unattended-upgrade", line 171, in __init__
- apt.Cache.__init__(self, rootdir=rootdir)
- File "/usr/lib/python3/dist-packages/apt/cache.py", line 170, in __init__
- self.open(progress)
- File "/usr/bin/unattended-upgrade", line 330, in open
- self.apply_pinning(self.pinning_from_config())
- File "/usr/bin/unattended-upgrade", line 302, in pinning_from_config
- and policy.get_candidate_ver(pkg) > -1: # type: ignore
- TypeError: '>' not supported between instances of 'apt_pkg.Version' and 'int'
- Extracting content from
/var/log/unattended-upgrades/unattended-upgrades-dpkg.log since 2020-06-11
09:38:25
- Traceback (most recent call last):
- File "/usr/bin/unattended-upgrade", line 2512, in <module>
- sys.exit(main(options))
- File "/usr/bin/unattended-upgrade", line 1983, in main
- res = run(options, rootdir, mem_log, logfile_dpkg,
- File "/usr/bin/unattended-upgrade", line 2124, in run
- cache = UnattendedUpgradesCache(rootdir=rootdir)
- File "/usr/bin/unattended-upgrade", line 171, in __init__
- apt.Cache.__init__(self, rootdir=rootdir)
- File "/usr/lib/python3/dist-packages/apt/cache.py", line 170, in __init__
- self.open(progress)
- File "/usr/bin/unattended-upgrade", line 330, in open
- self.apply_pinning(self.pinning_from_config())
- File "/usr/bin/unattended-upgrade", line 302, in pinning_from_config
- and policy.get_candidate_ver(pkg) > -1: # type: ignore
+ File "/usr/bin/unattended-upgrade", line 1983, in main
+ res = run(options, rootdir, mem_log, logfile_dpkg,
+ File "/usr/bin/unattended-upgrade", line 2124, in run
+ cache = UnattendedUpgradesCache(rootdir=rootdir)
+ File "/usr/bin/unattended-upgrade", line 171, in __init__
+ apt.Cache.__init__(self, rootdir=rootdir)
+ File "/usr/lib/python3/dist-packages/apt/cache.py", line 170, in __init__
+ self.open(progress)
+ File "/usr/bin/unattended-upgrade", line 330, in open
+ self.apply_pinning(self.pinning_from_config())
+ File "/usr/bin/unattended-upgrade", line 302, in pinning_from_config
+ and policy.get_candidate_ver(pkg) > -1: # type: ignore
TypeError: '>' not supported between instances of 'apt_pkg.Version' and 'int'
+ Extracting content from
/var/log/unattended-upgrades/unattended-upgrades-dpkg.log since 2020-06-11
09:38:25
+ Traceback (most recent call last):
+ File "/usr/bin/unattended-upgrade", line 2512, in <module>
+ sys.exit(main(options))
+ File "/usr/bin/unattended-upgrade", line 1983, in main
+ res = run(options, rootdir, mem_log, logfile_dpkg,
+ File "/usr/bin/unattended-upgrade", line 2124, in run
+ cache = UnattendedUpgradesCache(rootdir=rootdir)
+ File "/usr/bin/unattended-upgrade", line 171, in __init__
+ apt.Cache.__init__(self, rootdir=rootdir)
+ File "/usr/lib/python3/dist-packages/apt/cache.py", line 170, in __init__
+ self.open(progress)
+ File "/usr/bin/unattended-upgrade", line 330, in open
+ self.apply_pinning(self.pinning_from_config())
+ File "/usr/bin/unattended-upgrade", line 302, in pinning_from_config
+ and policy.get_candidate_ver(pkg) > -1: # type: ignore
+ TypeError: '>' not supported between instances of 'apt_pkg.Version' and 'int'
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1883082
Title:
Crash when using Package-Whitelist-Strict
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1883082/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
