reports packages not installed from repository
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| hobbit-plugins (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
the apt check from /usr/lib/
Ubuntu 22.04.1 LTS
yellow Packages not installed from apt repositories (4):
gnome-shell (42.4-0ubuntu0.
gnome-
gnome-
mutter-common (42.2-0ubuntu1)
green Last apt update: 0.2 day(s) ago
while technically true, at that time of report the package is not from a repository anymore,
but it was from a repository before it was not from a repository anymore.
this is really annoying and it would be more than welcome to have the option to allow such
packages to be listed green in apt reports.
how to reproduce:
- turn off phased updates
- have the jammy-updates repository in sources.list
- have a phasedupdates package installed, and aptitude-robot doing updates of such packages
for reference, apt policy gnome-shell:
apt policy gnome-shell
gnome-shell:
Installed: 42.4-0ubuntu0.
Candidate: 42.4-0ubuntu0.
Version table:
42.5-0ubuntu1 1 (phased 30%)
2 http://
*** 42.4-0ubuntu0.
100 /var/lib/
42.0-2ubuntu1 500
500 http://
currently testing if pinning like this would solve it in the future, cumbersome to reproduce
as phased updates only happen sometimes, and their report page updates lags half a day behind:
https:/
pinning settings being tested (was pinning 2 and 1, now -1):
/etc/apt/
Package: *
Pin: release a=jammy-
Pin-Priority: 2
configuration to turn of phasedupdates:
/etc/apt/
# dont take part of phased updates
# Disable phased updates: https:/
# https:/
# https:/
Debug::Phasing "1";
APT::Get:
# see https:/
APT::Get:
APT::Get:
the reason for turning off phased updates is simple, when you don't take part in the
intransparent/not anymore publicly available automatic bug reports page, you don't want
to end with some machines with such updates, another part without such updates, facing
users with different problems, making everything harder to debug/fix. another very good
reason is, if you have disabled automatic crash reporting, it's kind of pointless to take
part anyways.
any help/suggestion is welcome
one way to get rid of the problem would be to turn off/remove jammy-updates completely. but there are different opinions to have it or not.
another is when you already have a lot of 22.04 it's a bit an operation to downgrade to jammy without jammy-updates (however perfectly possible with
a single apt reinstall operation, if anyone is interested can work a working oneliner)
addendum:
having jammy-updates with pin priority -1 (or any negative number), apt check claims the packages installed from there are not from repository, although apt policy claims otherwise:
$ apt policy apt
apt:
Installed: 2.4.8
Candidate: 2.4.8
Version table:
*** 2.4.8 100
-1 http://
100 /var/lib/
2.4.5 500
500 http://
CVE References
| description: | updated |
| description: | updated |
| Launchpad Janitor (janitor) wrote | #1 |
| Changed in hobbit-plugins (Ubuntu): | |
| status: | New → Fix Released |
This bug was fixed in the package hobbit-plugins - 20230211
---------------
hobbit-plugins (20230211) unstable; urgency=medium
[ Axel Beckert ]
* dirtyvcs: Automatically add existing repositories from
/etc/
safe.directory setting to handle fallout of the fix for
CVE-2022-24765. Thanks to Christian Herzog for the bug report!
+ Change owner and group of /var/lib/xymon/ to xymon:xymon.
* Remove postinst code relevant for hobbit to xymon migration.
* Remove debian/maintscript completely. Was relevant for migrations
before 2015, i.e. before oldoldstable.
* Replace all occurrences of egrep and fgrep with grep -E/-F.
Thanks tarzeau for reporting this!
* Fix typo in comment in libs.yaml.
* yum: Don't count "Errno" as alert if it is prepended by a dash or
followed by a full stop, e.g. in package names like perl-Errno.x86_64.
* Mention explicitly in the package description that hard dependencies
of plugins enabled by default are listed in Recommends and
dependencies of plugins disabled by default are listed in
Suggests. Based on the according comment in debian-goodies' package
description. (Closes: #1016162)
* Fix bogus "Last apt update: -0.0 day(s) ago" warning by adding a small
tolerance. (Closes: #1021775)
* Split off the kernel/reboot check from the libs check into a separate
check. (Closes: #752776)
+ Do not warn (and just report "clear") if the kernel image can't be
parsed. This doesn't prompt for an action by the administrator.
(Currently a common, but non-trivial issue on armhf, see
/
* temp:
+ Suppress grep error message if a host has no
/
+ Also support more than 26 (and up to 676) disks, i.e. disks named
/dev/sdaa to /dev/sdzz).
+ Support NVMe block devices via drivetemp.
+ Consistent paths below /sys/devices/
+ Completely remove hddtemp support. (Really closes: #1001950)
+ Report "clear" if no thermal zones or hwmons are found. Avoids going
purple after hddtemp has been removed.
+ Report "yellow" if no thermal zones or hwmons are found and
"drivetemp" driver is not loaded.
+ Fix "Use of uninitialized value" errors in exception handling.
* Declare compliance with Debian Policy 4.6.2.
* Add new server-side "xcl" check to query Lenovo XClarity API for
hardware failure events. (disabled by default; add Suggests and B-D on
libmojolici
* Use more precise Files stanzas and update years in debian/copyright.
* Also update my copyright years in some plugins.
[ Adam Goryachev ]
* kern: Be less strict in parsing kernel versions, allow trailing
garbage as present on Ubuntu for Raspberry Pi. (LP: #1904807)
[ Adam Thorn ]
* apt: Properly parse phased packages on Ubuntu. (LP: #2002391,
#2003062, #1995481)
[ Debian Janitor ]
* Remove constraints unnecessary since buster (oldstable):
+ Drop versioned build-dependency on essential package dpkg-dev.
+ Drop versioned pre-d...