Tested this on Ubuntu 24.04.4 LTS in a fresh LXD container with ubuntu- release-upgrader-core 1:24.04.28, python3-update-manager 1:24.04.12, python3-distupgrade 1:24.04.28.
What was reproduced: With changelogs.ubuntu.com blocked (127.0.0.1 changelogs.ubuntu.com in /etc/hosts), the error message appears in the user's login banner. Confirmed via run-parts /etc/update-motd.d/, which is what pam_motd invokes at SSH login: run-parts /etc/update-motd.d/ 2>&1 | tail -5 Enable ESM Apps to receive additional future security updates. See https://ubuntu.com/esm or run: sudo pro status Failed to connect to https://changelogs.ubuntu.com/meta-release-lts. Check your Internet connection or proxy settings So the bug is real and reaches users. But the proposed shell patch alone doesn't fix the error: The error from check-new-release -q is initially written to stdout, not stderr: command: /usr/lib/ubuntu-release-upgrader/check-new-release -q 2>/dev/null output: Failed to connect to https://changelogs.ubuntu.com/meta-release-lts... command: /usr/lib/ubuntu-release-upgrader/check-new-release -q >/dev/null output: [no output] Since release-upgrade-motd already redirects stdout into the stamp file (> "$stamp"),the error gets captured into/var/lib/ubuntu-release-upgrader/release-upgrade-available on the failed background run. On the next login, the script sees a non-empty stamp file less than a day old and takes the elif[-s "$stamp"] branch, cat-ing the stamp file's contents to the terminal as if they were a release announcement. With only the shell patch applied, the stamp file still contains the error after a failed run, so the next login still displays it. what the root cause could be: /usr/lib/python3/dist-packages/UpdateManager/Core/MetaRelease.py line 400 prints the connection error with a bare print(), defaulting to stdout: except (URLError, BadStatusLine, socket.timeout) as e: self._debug("result of meta-release download: '%s'" % e) print( "Failed to connect to %s. Check your Internet connection " "or proxy settings" % self.METARELEASE_URI ) An identical copy is shipped at /usr/lib/python3/dist- packages/DistUpgrade/MetaRelease.py by python3-distupgrade. The two files are byte-identical at these versions. verified tested fix: Changing the print(...) to print(..., file=sys.stderr) in MetaRelease.py, combined with the proposed shell patch, resolves the bug end-to-end. After applying both changes: command: /usr/lib/ubuntu-release-upgrader/check-new-release -q 2>/dev/null output: [no output] command: /usr/lib/ubuntu-release-upgrader/check-new-release -q >/dev/null output: Failed to connect to https://changelogs.ubuntu.com/meta-release-lts... command: rm /var/lib/ubuntu-release-upgrader/release-upgrade-available command: /usr/lib/ubuntu-release-upgrader/release-upgrade-motd command: sleep 3 command: ls -la /var/lib/ubuntu-release-upgrader/release-upgrade-available output: -rw-r--r-- 1 root root 0 ... release-upgrade-available command: run-parts /etc/update-motd.d/ 2>&1 | tail -5 output: [normal motd footer, no error string] The stamp file is empty after a failed background run, and the login banner is clean. The existing patch on this bug is necessary but not sufficient. It needs a companion one-line change in UpdateManager/Core/MetaRelease.py (and the identical copy in DistUpgrade/MetaRelease.py) to redirect the connection-error print() to sys.stderr. Both changes are required. The fix touches three source packages: ubuntu-release-upgrader (the shell script), update-manager (the Python module), and python3-distupgrade (the duplicate copy). there may be a reason MetaReleaseCore writes its connection-error message to stdout that I'm missing which could be that possibly something downstream parses it. If a maintainer can confirm whether routing this to stderr is the right direction, I'm happy to prepare debdiffs for the three source packages and request sponsorship. Alternatively, if the preferred fix is to gate the stamp write on check- new-release's exit code in release-upgrade-motd instead, that would be a single-package change and I can take a look at that approach. ** Changed in: ubuntu-release-upgrader (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2143786 Title: release-upgrade-motd leaks stderr to terminal To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/2143786/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
