I had an actual look at the (scary) postinst: the code you've quoted is the only live code left (the rest can only be triggered when upgrading from 18.04).
The good^Wgreat news is that I will delete ". /usr/share/debconf/confmodule" from the script, and it probably should have been behind a conditional. Now, I'm not sure what we want here in general. If I understand the code right, it will only show the notification when X is not running but avoids servers (due to the check against needrestart). That seems quite inconsistent. Or do I misunderstand something? The code looks like it has grown organically over a fairly long timeframe. Shall we assume on both desktops and servers that an openssl update always requires a reboot? At least until we do anything related to needrestart. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to openssl in Ubuntu. https://bugs.launchpad.net/bugs/1971650 Title: wrong check for "server" in libssl3.postinst Status in openssl package in Ubuntu: Confirmed Bug description: A security update has just been applied to my system for openssl, and the 'reboot required' message just popped on my desktop. I looked to see why this was, and found the following code in the libssl3 postinst: # Here we issue the reboot notification for upgrades and # security updates. We do want services to be restarted when we # update for a security issue, but planned by the sysadmin, not # automatically. # Only issue the reboot notification for servers; we proxy this by # testing that the X server is not running (LP: #244250) if ! pidof /usr/lib/xorg/Xorg > /dev/null && [ -x /usr/share/update-notifier/notify-reboot-required ]; then /usr/share/update-notifier/notify-reboot-required fi Now, AFAIK this is the only package that interfaces with notify- reboot-required but omits the notification on desktops, so that seems to be an inconsistent policy; but even if we thought that was the correct policy to apply, the above check for a desktop is not because it doesn't match in the case the user is running Xwayland, which most users not using the nvidia driver will be doing now by default. Also, this is now inside a block that checks for the presence of needrestart, which is part of the server seed; so in effect this notification now *never* fires on servers, it *only* fires on desktops. ProblemType: Bug DistroRelease: Ubuntu 22.04 Package: openssl 3.0.2-0ubuntu1.1 ProcVersionSignature: Ubuntu 5.15.0-27.28-generic 5.15.30 Uname: Linux 5.15.0-27-generic x86_64 NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair ApportVersion: 2.20.11-0ubuntu82 Architecture: amd64 CasperMD5CheckResult: unknown CurrentDesktop: ubuntu:GNOME Date: Thu May 5 05:39:06 2022 InstallationDate: Installed on 2019-12-23 (863 days ago) InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017) RebootRequiredPkgs: Error: path contained symlinks. SourcePackage: openssl UpgradeStatus: Upgraded to jammy on 2022-04-15 (19 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/1971650/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
