Control: fixed -1 1.11
Hi Marc,
I'm sure this is fixed in recent releases. Please reopen otherwise.
Cheers,
Balint
Marc Lehmann <debian-report...@plan9.de> ezt írta (időpont: 2019.
szept. 9., H, 16:18):
>
> Package: unattended-upgrades
> Version: 0.93.1+nmu1
> Severity: normal
>
> Dear Maintainer,
>
> I'm sure I am doing something wrong, but if I do, then I think
> unattended-upgrades should explain itself better.
>
> I maintain a small pool of stretch machines which were all cloned from
> the same master image, with some local package changes - some use
> exim4-daemon-light, some use exim4-daemon-heavy.
>
> After CVE-2019-15846, I had a look at whether unattended-upgrades has
> properly installed security fixes, but what I found I cannot explain:
>
> On machines using exim4-daemon-light, everything was upgraded:
>
> ii exim4-base 4.89-2+deb9u6
> ii exim4-config 4.89-2+deb9u6
> ii exim4-daemon-light 4.89-2+deb9u6
>
> On machines using exim4-daemon-heavy, everything but that package was
> upgraded:
>
> ii exim4-base 4.89-2+deb9u6
> ii exim4-config 4.89-2+deb9u6
> ii exim4-daemon-heavy 4.89-2+deb9u3
>
> If I run unattended-upgrades -v manually, it clearly claims to have
> installed it successfully:
>
> 2019-09-08 13:22:07,884 INFO Packages that will be upgraded:
> exim4-daemon-heavy
> 2019-09-08 13:22:07,884 INFO Writing dpkg log to
> '/var/log/unattended-upgrades/unattended-upgrades-dpkg.log'
> 2019-09-08 13:22:07,926 INFO All upgrades installed
>
> But it didn't. And in fact, looking at the log, it keeps saying this for a
> while already:
>
> 2019-06-07 06:36:19,385 INFO Starting unattended upgrades script
> 2019-06-07 06:36:19,385 INFO Allowed origins are:
> ['origin=Debian,codename=stretch,label=Debian-Security']
> 2019-06-07 06:36:23,617 INFO Packages that will be upgraded: exim4-base
> exim4-config exim4-daemon-heavy
> 2019-06-07 06:36:23,618 INFO Writing dpkg log to
> '/var/log/unattended-upgrades/unattended-upgrades-dpkg.log'
> 2019-06-07 06:37:08,647 INFO All upgrades installed
> 2019-06-08 06:18:09,946 INFO Starting unattended upgrades script
> 2019-06-08 06:18:09,947 INFO Allowed origins are:
> ['origin=Debian,codename=stretch,label=Debian-Security']
> 2019-06-08 06:18:15,564 INFO Packages that will be upgraded:
> exim4-daemon-heavy qemu-kvm qemu-system-common qemu-system-x86 qemu-utils
> 2019-06-08 06:18:15,564 INFO Writing dpkg log to
> '/var/log/unattended-upgrades/unattended-upgrades-dpkg.log'
> 2019-06-08 06:18:50,208 INFO All upgrades installed
> 2019-06-09 06:00:07,184 INFO Allowed origins are:
> ['origin=Debian,codename=stretch,label=Debian-Security']
> 2019-06-09 06:00:10,673 INFO Packages that will be upgraded:
> exim4-daemon-heavy
> 2019-06-09 06:00:10,673 INFO Writing dpkg log to
> '/var/log/unattended-upgrades/unattended-upgrades-dpkg.log'
> 2019-06-09 06:00:10,721 INFO All upgrades installed
> ... from here on the last lines keep repeating.
>
> Nothing in the log indicates that it installs some packages, but not others.
>
> There is no mention of even trying to install exim4-daemon-heavy in
> unattended-upgrades-dpkg.log.
>
> So, unattended-upgrades on this machine clearly installed most security
> updates, but not exim4-daemon-heavy. It claims to install it, and that
> everything went ok, but in fact, it doesn't even try.
>
> When I run apt install exim4-daemon-heavy manually, it installs it without
> issues.
>
> Even if this is some kind of misconfiguration on my part, I think that
> unattended-upgrades should not claim it has installed security updates
> when in fact it didn't do anything at all.
>
> Version of unattended upgrades is:
>
> ii unattended-upgrades 0.93.1+nmu1
>
> </etc/apt/apt.conf.d/50unattended-upgrades grep -v ^\/
>
> Unattended-Upgrade::Origins-Pattern {
> "origin=Debian,codename=${distro_codename},label=Debian-Security";
> };
>
> Unattended-Upgrade::Package-Blacklist {
> };
>
> tail of unattended-upgrades-dpkg.log (the log does not otherwise contain
> the word exim4-daemon-heavy):
>
> Log started: 2019-09-03 06:27:28
> (Reading database ... 62135 files and directories currently installed.)
> Preparing to unpack .../libnghttp2-14_1.18.1-1+deb9u1_amd64.deb ...
> Unpacking libnghttp2-14:amd64 (1.18.1-1+deb9u1) over (1.18.1-1) ...
> Setting up libnghttp2-14:amd64 (1.18.1-1+deb9u1) ...
> Processing triggers for libc-bin (2.24-11+deb9u1) ...
> Log ended: 2019-09-03 06:27:51
>
> Log started: 2019-09-08 06:20:08
> Preconfiguring packages ...
> (Reading database ... 62135 files and directories currently installed.)
> Preparing to unpack .../exim4-config_4.89-2+deb9u6_all.deb ...
> Unpacking exim4-config (4.89-2+deb9u6) over (4.89-2+deb9u5) ...
> Preparing to unpack .../exim4-base_4.89-2+deb9u6_amd64.deb ...
> Unpacking exim4-base (4.89-2+deb9u6) over (4.89-2+deb9u5) ...
> Setting up exim4-config (4.89-2+deb9u6) ...
> Setting up exim4-base (4.89-2+deb9u6) ...
> Processing triggers for systemd (232-25+deb9u11) ...
> Processing triggers for man-db (2.7.6.1-2) ...
> Log ended: 2019-09-08 06:20:39
>
