New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Apt lock file due to unattended-upgrades causes issues with initial provisioning #3
Comments
Testing a new base box build with the changed unattended-upgrades setting. |
Hi @geerlingguy - Whats the approach then? :) |
@topikito - I'm uploading the new box version now. I'll be pushing a commit to fix this issue in a couple minutes, once I finish validating the build. |
Thanks for taking the time to consider my issue @geerlingguy |
In case anyone else comes across this thread, I found a way to solve this problem without disabling unattended-upgrades. What I found was that the apt-daily service was triggering the unattended-upgrades immediately on bootup, and that caused the dpkg lock to occur. The systemd setting that causes it to do that is a timer (which now replaces cron and anacron from what I gather) which is in this file: /lib/systemd/system/apt-daily.timer
and the direct cause is the "Persistent" directive, which tells systemd to run the command immediately on bootup if the job was missed while the system was down. Of course, with vagrant, it will always miss this run as long as the image is older than a day. I solved this on my own Xenial vagrant box by adding this file: /etc/systemd/system/apt-daily.timer.d/apt-daily.timer.conf consisting entirely of these 2 lines (which override the setting in the other file):
I suspect there may be a better way (I'm new to vagrant) but I can't see how the default ubuntu timer setting is a good idea for vagrant boxes, since they are started and stopped on a more frequent basis than a regular computer. Anytime a vagrant box is brought up, it will run the unattended-upgrades if it missed running it, which will break any apt-get provisioning that gets done. So setting Persistent=false will avoid that. |
@agilethomas - Awesome! I still kind of like leaving it off by default and having the user enable if desired, mostly because my Vagrant boxes are only intended for local dev, and I always add the caveat that if you consider doing something like |
…n dpkg database. unattended-updates will set a lock at boot time and prevent provisioning. proper solution would be a custom build ubuntu box see <geerlingguy/packer-boxes#3> for further details.
I could reproduce this issue one time last night, though I've seen a couple other reports of it happening. Basically, Ubuntu 16.04 defaults to running uattended-upgrades automatically (out of the box). What happens is that the first time a box is brought up, unattended-upgrades locks apt (see
/var/lib/dpkg/lock
), and then provisioning scripts error out if they install anything via apt.The solution I think I'll go with (since I recommend people use the
geerlingguy.security
) to manage automatic upgrades themselves) is to disable the feature when building via kickstart (as suggested by @gretel):See related: hashicorp/vagrant#7155 (comment)
The text was updated successfully, but these errors were encountered: