After providing more background, the Trusty package needs to be uploaded
to the security pockets to ensure our Ubuntu Pro users are able to get
this update. This is essential to Pro users getting updates from the new
esm-infra pockets.
** Changed in: unattended-upgrades (Ubuntu Trusty)
Status: Won't Fix => In Progress
--
You received this bug notification because you are a member of नेपाली
भाषा समायोजकहरुको समूह, which is subscribed to Xenial.
Matching subscriptions: Ubuntu 16.04 Bugs
https://bugs.launchpad.net/bugs/1857051
Title:
Please add ${distro_id}ESM:${distro_codename}-infra-security and
${distro_id}ESMApps:${distro_codename}-apps-security to allowed
origins (on Ubuntu)
Status in unattended-upgrades package in Ubuntu:
Fix Released
Status in unattended-upgrades source package in Trusty:
In Progress
Status in unattended-upgrades source package in Xenial:
Fix Committed
Status in unattended-upgrades source package in Bionic:
Fix Committed
Status in unattended-upgrades source package in Eoan:
Fix Committed
Bug description:
[Impact]
* Changes to the ESM repo naming and the introduction of the new esm-infra
and esm-apps suites require an update to unattended-upgrades to ensure the
security pockets are used.
* This change will ensure users are actually receiving updates, where as
today they will not without making manual changes.
[Test Case]
* 1) Bionic and Xenial ESM-Apps/ESM-infra with Ubuntu Pro
* 2) Trusty ESM
[Regression Potential]
* This change is ensuring users actually receive security updates when using
ESM. Therefore, 1) users of ESM-apps on Ubuntu Pro and 2) ESM-infra on Trusty
will be the only users affected.
* The possible issue would be if/when users receive actual security updates
that then regress or cause issues to the system.
[Other Info]
Previous description:
ESM <distro>-infra-security and <distro>-apps-security will need to
participate in unattended upgrades.
Currently /etc/apt/apt.conf.d/50unattended-upgrades provides:
Unattended-Upgrade::Allowed-Origins {
"${distro_id}ESM:${distro_codename}";
}
Given that there have been ESM apt pocket renames over the last few
months, the above ESM allowed-origin should not apply anymore and can
be dropped or replaced.
See RT #C122697 and #C121067 for the pocket/suite renames related to
ESM
What is needed after the ESM apt pocket/suite renames:
Support for unattended upgrades for ESM for Infrastructure customers:
Unattended-Upgrade::Allowed-Origins {
// Extended Security Maintenance; doesn't necessarily exist for
// every release and this system may not have it installed, but if
// available, the policy for updates is such that unattended-upgrades
// should also install from here by default.
"${distro_id}ESM:${distro_codename}-infra-security";
"${distro_id}ESMApps:${distro_codename}-apps-security";
};
=== Confirmed proper origin on an attached Trusty instance with ESM-
infra enabled:
500 https://esm.ubuntu.com/ubuntu/ trusty-infra-security/main amd64 Packages
release
v=14.04,o=UbuntuESM,a=trusty-infra-security,n=trusty,l=UbuntuESM,c=main
=== Confirmed proper origins on Bionic for enabled ESM-infra and ESM-apps on
an AWS Ubuntu PRO instance:
500 https://esm.ubuntu.com/infra/ubuntu bionic-infra-security/main amd64
Packages
release
v=18.04,o=UbuntuESM,a=bionic-infra-security,n=bionic,l=UbuntuESM,c=main,b=amd64
500 https://esm.ubuntu.com/apps/ubuntu bionic-apps-security/main amd64
Packages
release
v=18.04,o=UbuntuESMApps,a=bionic-apps-security,n=bionic,l=UbuntuESMApps,c=main,b=amd64
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1857051/+subscriptions
_______________________________________________
Mailing list: https://launchpad.net/~group.of.nepali.translators
Post to : group.of.nepali.translators@lists.launchpad.net
Unsubscribe : https://launchpad.net/~group.of.nepali.translators
More help : https://help.launchpad.net/ListHelp
