Bug#851967: marked as done (unattended-upgrades broken with more than one origin)

Debian Bug Tracking System Sat, 16 Dec 2017 19:39:57 -0800

Your message dated Sat, 16 Dec 2017 19:35:01 -0800
with message-id <[email protected]>
and subject line Re: Bug#851967: unattended-upgrades broken with more than one 
origin
has caused the Debian Bug report #851967,
regarding unattended-upgrades broken with more than one origin
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
851967: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=851967
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: puppet-module-puppetlabs-apt
Version: 1.4.2-1
Severity: important
Tags: patch

Dear maintainer,

This week I tested APT / unattended-upgrades management for puppet on a Debian
jessie machine. The config patch that added the feature on our side is this:

```
diff --git a/manifests/site.pp b/manifests/site.pp
index 72db306..2a411d8 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -1,3 +1,5 @@
+include apt
+
 class ssh_pubkeys_admins {
    # Mike Gabriel, IT-Zukunft Schule
    ssh_authorized_key { 'mike@minobo':
@@ -65,6 +67,27 @@ node "all_hosts" {
    class { 'ssh_pubkeys_admins': }
    class { 'ssh_pubkeys_firedadmins': }
 #      class { 'login_manager': }
+
+       # settings appropriate for workstation hosts
+       class { 'apt::unattended_upgrades': 
+               origins => [
+                       'o=Debian,n=${distro_codename}',
+                       'o=Debian,n=${distro_codename}-updates',
+                       'o=Debian,n=${distro_codename},l=Debian-Security',
+                       'o=IT-Zukunft Schule,n=${distro_codename},l=IT-Zukunft 
Schule',
+               ],
+               update => "1",
+               download => "1",
+               upgrade => "1",
+               autoclean => "7",
+               auto_fix => true,
+               minimal_steps => true,
+               install_on_shutdown => false,
+               remove_unused => true,
+               auto_reboot => false,
+               download_delta => "1",
+       }
+
 }
 
 node "all_servers" {
```

The resulting /etc/apt/apt.conf.d/50unattended-upgrades did not really
work afterwards. It worked with one origin in the above snippet though,
but not with more than one.

I checked the 50unattended-upgrades template file in this package and
patched it (like seen in the attached .debdiff) and then things worked.

Could you please upload a fixed puppet-module-puppetlabs-apt to
jessie-pu, please? If needed, I can help with the Release Team
formalities. Please let me know.

Thanks,
Mike

-- System Information:
Debian Release: 8.6
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'stable-updates'), (500, 
'proposed-updates')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.8.0-0.bpo.2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

diff -Nru puppet-module-puppetlabs-apt-1.4.2/debian/changelog puppet-module-puppetlabs-apt-1.4.2/debian/changelog
--- puppet-module-puppetlabs-apt-1.4.2/debian/changelog	2014-03-07 20:18:51.000000000 +0000
+++ puppet-module-puppetlabs-apt-1.4.2/debian/changelog	2017-01-20 12:47:03.000000000 +0000
@@ -1,3 +1,11 @@
+puppet-module-puppetlabs-apt (1.4.2-1+deb8u1) jessie-proposed-updates; urgency=medium
+
+  * debian/patches:
+    - Add origins-fix-in-unattended-upgrades-template.patch. Fix deployment
+      of more than two origins in /etc/apt/apt.conf.d/50unattended-upgrades.
+
+ -- Thomas Bechtold <[email protected]>  Fri, 20 Jan 2017 12:47:03 +0000
+
 puppet-module-puppetlabs-apt (1.4.2-1) unstable; urgency=medium
 
   * New upstream release. 
diff -Nru puppet-module-puppetlabs-apt-1.4.2/debian/patches/origins-fix-in-unattended-upgrades-template.patch puppet-module-puppetlabs-apt-1.4.2/debian/patches/origins-fix-in-unattended-upgrades-template.patch
--- puppet-module-puppetlabs-apt-1.4.2/debian/patches/origins-fix-in-unattended-upgrades-template.patch	1970-01-01 00:00:00.000000000 +0000
+++ puppet-module-puppetlabs-apt-1.4.2/debian/patches/origins-fix-in-unattended-upgrades-template.patch	2017-01-20 12:46:54.000000000 +0000
@@ -0,0 +1,12 @@
+Description: Fix deployment of >= 2 origins for unattended-upgrades
+Author: Mike Gabriel <[email protected]>
+
+--- a/templates/50unattended-upgrades.erb
++++ b/templates/50unattended-upgrades.erb
+@@ -1,5 +1,5 @@
+ // Automatically upgrade packages from these (origin:archive) pairs
+-Unattended-Upgrade::Allowed-Origins {
++Unattended-Upgrade::Origins-Pattern {
+ <% @origins.each do |origin| -%>
+ 	"<%= origin %>";
+ <% end -%>
diff -Nru puppet-module-puppetlabs-apt-1.4.2/debian/patches/series puppet-module-puppetlabs-apt-1.4.2/debian/patches/series
--- puppet-module-puppetlabs-apt-1.4.2/debian/patches/series	1970-01-01 00:00:00.000000000 +0000
+++ puppet-module-puppetlabs-apt-1.4.2/debian/patches/series	2017-01-20 12:44:40.000000000 +0000
@@ -0,0 +1 @@
+origins-fix-in-unattended-upgrades-template.patch

--- End Message ---

--- Begin Message ---

Control: tags -1 wontfix
Version: 2.1.1-1

Mike Gabriel <[email protected]> writes:

> This week I tested APT / unattended-upgrades management for puppet on a
> Debian jessie machine. The config patch that added the feature on our
> side is this:

Hi Mike,

Apologies for not having replied to this earlier.  It looks like upstream
has now dropped this entirely from the puppetlabs-apt module in favor of
publishing https://forge.puppetlabs.com/puppet/unattended_upgrades, so
there's no longer anything to fix in the current version (or the version
that released with stretch).  I'm going to go ahead and close this with
the version that upstream removed this support.

> Could you please upload a fixed puppet-module-puppetlabs-apt to
> jessie-pu, please? If needed, I can help with the Release Team
> formalities. Please let me know.

I'm afraid that I don't have the time to propose fixes for jessie or a
jessie system on which to test (and from the long delay I suspect no one
else working on Puppet stuff has resources).  Absolutely no objections if
you want to do this yourself, though (but given the time that's passed, it
may now be irrelevant).

-- 
Russ Allbery ([email protected])               <http://www.eyrie.org/~eagle/>

--- End Message ---

Bug#851967: marked as done (unattended-upgrades broken with more than one origin)

Reply via email to