Upgrade using do-release-upgrade takes a long time to start because 'iptables -L' runs with DNS lookups enabled
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
ubuntu-release-upgrader (Ubuntu) |
Invalid
|
Medium
|
Brian Murray | ||
update-manager (Ubuntu) |
Fix Released
|
Medium
|
Brian Murray |
Bug Description
An upgrade from Ubuntu 12.04 to 14.04 using 'sudo do-release-upgrade -d' takes a long time (over 3 minutes) to start after answering "yes" to the question:
If you continue, an additional SSH daemon will be started at port '1022'. Do you want to continue?
Running 'ps afx' at this time shows that 'iptables -L' is being run from '/usr/bin/python /tmp/update-
I think this is because there is an iptables blacklist created by the shorewall package. So running 'iptables' without the '-n' option to disable DNS lookups means that a DNS query is launched for every IP address in the blacklist, some of which do not resolve and so the upgrade scripts has to wait for a timeout on each of them.
Example of iptables being run with DNS lookups:
$ sudo time -p iptables -L > /dev/null
real 174.34
user 0.08
sys 0.09
Example of iptables being run without DNS lookups:
$ sudo time -p iptables -nL > /dev/null
real 0.08
user 0.00
sys 0.00
The code that runs the 'iptables -L' command seems to be in the utils.py in the update-manager temp directory in /tmp/ (/tmp/update-
So would it be possible to change the iptables command to be 'iptables -nL' so that DNS queries are disabled?
I think this bug may also effect other upgrades, for example 10.04 to 12.04.
Related branches
tags: | added: dist-upgrade |
summary: |
- Upgrade using takes a long time to start because 'iptables -L' runs with - DNS lookups enabled + Upgrade using do-release-upgrade takes a long time to start because + 'iptables -L' runs with DNS lookups enabled |
Changed in update-manager (Ubuntu): | |
status: | New → Confirmed |
Changed in update-manager (Ubuntu): | |
status: | Triaged → In Progress |
Changed in ubuntu-release-upgrader (Ubuntu): | |
status: | Triaged → Invalid |
Suggested patch for a one line change to utils.py in the trusty update-manager code that is unpacked into /tmp/.