Replies: 4 comments
-
|
Thanks @shawly for reporting this bug. Could you please provide the Ansible configuration or the original configuration file that throws this error? |
Beta Was this translation helpful? Give feedback.
-
|
Is there any need for me to provide it? The issue is that unattended updates changed the pattern, that doesn't relate to any special configuration. |
Beta Was this translation helpful? Give feedback.
-
|
I can't recreate the error on Ubuntu 22.04 at the moment. Either the config or the steps to reproduce the error would be very helpful to me here. |
Beta Was this translation helpful? Give feedback.
-
|
This is currently the config I used to produce the error: - name: Configure unattended upgrades
hosts: all
strategy: free
pre_tasks:
- name: Set debian origin patterns
ansible.builtin.set_fact:
unattended_origins_patterns:
- "origin=Debian,codename=${distro_codename},label=Debian-Security"
- "o=Debian,codename=${distro_codename},label=Debian"
- "o=Debian,codename=${distro_codename},a=proposed-updates"
- "Docker:${distro_codename}"
when: ansible_distribution == "Debian" and ansible_distribution_major_version > "7"
- name: Set ubuntu origin patterns
ansible.builtin.set_fact:
unattended_origins_patterns:
- "origin=Ubuntu,archive=${distro_codename}-security"
- "o=Ubuntu,a=${distro_codename}"
- "o=Ubuntu,a=${distro_codename}-updates"
- "o=Ubuntu,a=${distro_codename}-proposed-updates"
- "Docker:${distro_codename}"
when: ansible_distribution == "Ubuntu" and ansible_distribution_major_version < "22"
- name: Set ubuntu jammy origin patterns
ansible.builtin.set_fact:
unattended_origins_patterns:
- "${distro_id}:${distro_codename}"
- "${distro_id}:${distro_codename}-security"
- "${distro_id}:${distro_codename}-updates"
- "${distro_id}:${distro_codename}-proposed"
- "${distro_id}ESMApps:${distro_codename}-apps-security"
- "${distro_id}ESM:${distro_codename}-infra-security"
- "Docker:${distro_codename}"
when: ansible_distribution == "Ubuntu" and ansible_distribution_major_version >= "22"
roles:
- role: hifis.unattended_upgrades
unattended_automatic_reboot: true
unattended_automatic_reboot_time: "02:00"
tags:
- unattended_upgrades
- systemAs a workaround I added these post_tasks: post_tasks:
- name: Ubuntu Jammy fix for unattended upgrades patterns
become: true
ansible.builtin.replace:
path: /etc/apt/apt.conf.d/50unattended-upgrades
regexp: '(\s+)Unattended-Upgrade::Origins-Pattern(\s+.*)?$'
replace: '\1Unattended-Upgrade::Allowed-Origins\2'
when: ansible_distribution_major_version >= "22"On Ubuntu 20.04 unattended upgrades uses v2.3 and on 22.04 it has been updated to v2.8. |
Beta Was this translation helpful? Give feedback.
-
With Ubuntu Jammy I get the following error after running the Ansible role:
With the default unattended-upgrades configuration it works fine.
I compared the original and the newly generated configuration and it seems that
Unattended-Upgrade::Origins-Patternchanged toUnattended-Upgrade::Allowed-Originswith Jammy. The Ubuntu documentation also was updated https://help.ubuntu.com/community/AutomaticSecurityUpdatesWhen I change
Origins-PatterntoAllowed-Originsit works again. So I guess there should be a check for the distro codename.Beta Was this translation helpful? Give feedback.
All reactions