Locally Mirrored ESM repositories are not properly being picked up by software updater.

Bug #2083081 reported by David Clark
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
update-manager (Ubuntu)
Triaged
High
Nathan Teodosio
Focal
New
Undecided
Unassigned
Jammy
New
Undecided
Unassigned
Noble
New
Undecided
Unassigned
Oracular
Triaged
High
Nathan Teodosio

Bug Description

When using locally mirrored repositories of Ubuntu ESM packages in 20.04, upgrades are picked up by software updater but being reported as needing to enable pro in settings (see screenshot). Client machines are attached to Ubuntu Pro but no additional services are enabled.

Also attached are outputs of the following commands from a machine in this state:

apt list --upgradable
Listing... Done
apparmor/devclient-focal-staging-updates 2.13.3-7ubuntu5.4 amd64 [upgradable from: 2.13.3-7ubuntu5.3]
curl/devclient-focal-staging-updates,devclient-focal-staging-security 7.68.0-1ubuntu2.24 amd64 [upgradable from: 7.68.0-1ubuntu2.23]
ffmpeg/devclient-focal-staging-apps-security 7:4.2.7-0ubuntu0.1+esm6 amd64 [upgradable from: 7:4.2.7-0ubuntu0.1]
firefox-locale-en/devclient-focal-staging-security 130.0.1+build1-0ubuntu0.20.04.1 amd64 [upgradable from: 130.0+build2-0ubuntu0.20.04.1]
firefox/devclient-focal-staging-security 130.0.1+build1-0ubuntu0.20.04.1 amd64 [upgradable from: 130.0+build2-0ubuntu0.20.04.1]
google-chrome-stable/stable 129.0.6668.70-1 amd64 [upgradable from: 128.0.6613.113-1]
krb5-locales/devclient-focal-staging-updates,devclient-focal-staging-updates 1.17-6ubuntu4.7 all [upgradable from: 1.17-6ubuntu4.6]
libapparmor1/devclient-focal-staging-updates 2.13.3-7ubuntu5.4 amd64 [upgradable from: 2.13.3-7ubuntu5.3]
libavcodec58/devclient-focal-staging-apps-security 7:4.2.7-0ubuntu0.1+esm6 amd64 [upgradable from: 7:4.2.7-0ubuntu0.1]
libavdevice58/devclient-focal-staging-apps-security 7:4.2.7-0ubuntu0.1+esm6 amd64 [upgradable from: 7:4.2.7-0ubuntu0.1]
libavfilter7/devclient-focal-staging-apps-security 7:4.2.7-0ubuntu0.1+esm6 amd64 [upgradable from: 7:4.2.7-0ubuntu0.1]
libavformat58/devclient-focal-staging-apps-security 7:4.2.7-0ubuntu0.1+esm6 amd64 [upgradable from: 7:4.2.7-0ubuntu0.1]
libavresample4/devclient-focal-staging-apps-security 7:4.2.7-0ubuntu0.1+esm6 amd64 [upgradable from: 7:4.2.7-0ubuntu0.1]
libavutil56/devclient-focal-staging-apps-security 7:4.2.7-0ubuntu0.1+esm6 amd64 [upgradable from: 7:4.2.7-0ubuntu0.1]
libcurl3-gnutls/devclient-focal-staging-updates,devclient-focal-staging-security 7.68.0-1ubuntu2.24 amd64 [upgradable from: 7.68.0-1ubuntu2.23]
libcurl4/devclient-focal-staging-updates,devclient-focal-staging-security 7.68.0-1ubuntu2.24 amd64 [upgradable from: 7.68.0-1ubuntu2.23]
libgssapi-krb5-2/devclient-focal-staging-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libk5crypto3/devclient-focal-staging-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libkrb5-3/devclient-focal-staging-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libkrb5support0/devclient-focal-staging-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libnss-systemd/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
libpam-systemd/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
libpcap0.8/devclient-focal-staging-updates 1.9.1-3ubuntu1.20.04.1 amd64 [upgradable from: 1.9.1-3]
libpostproc55/devclient-focal-staging-apps-security 7:4.2.7-0ubuntu0.1+esm6 amd64 [upgradable from: 7:4.2.7-0ubuntu0.1]
libpython2.7-minimal/devclient-focal-staging-apps-security 2.7.18-1~20.04.4+esm2 amd64 [upgradable from: 2.7.18-1~20.04.4+esm1]
libpython2.7-stdlib/devclient-focal-staging-apps-security 2.7.18-1~20.04.4+esm2 amd64 [upgradable from: 2.7.18-1~20.04.4+esm1]
libpython3.12-minimal/focal 3.12.6-1+focal1 amd64 [upgradable from: 3.12.4-1+focal1]
libpython3.12-stdlib/focal 3.12.6-1+focal1 amd64 [upgradable from: 3.12.4-1+focal1]
libpython3.8-dev/devclient-focal-staging-updates,devclient-focal-staging-security 3.8.10-0ubuntu1~20.04.12 amd64 [upgradable from: 3.8.10-0ubuntu1~20.04.11]
libpython3.8-minimal/devclient-focal-staging-updates,devclient-focal-staging-security 3.8.10-0ubuntu1~20.04.12 amd64 [upgradable from: 3.8.10-0ubuntu1~20.04.11]
libpython3.8-stdlib/devclient-focal-staging-updates,devclient-focal-staging-security 3.8.10-0ubuntu1~20.04.12 amd64 [upgradable from: 3.8.10-0ubuntu1~20.04.11]
libpython3.8/devclient-focal-staging-updates,devclient-focal-staging-security 3.8.10-0ubuntu1~20.04.12 amd64 [upgradable from: 3.8.10-0ubuntu1~20.04.11]
libreoffice-ogltrans/devclient-focal-staging-updates,devclient-focal-staging-updates,devclient-focal-staging-security,devclient-focal-staging-security 1:6.4.7-0ubuntu0.20.04.12 all [upgradable from: 1:6.4.7-0ubuntu0.20.04.11]
libreoffice-pdfimport/devclient-focal-staging-updates,devclient-focal-staging-updates,devclient-focal-staging-security,devclient-focal-staging-security 1:6.4.7-0ubuntu0.20.04.12 all [upgradable from: 1:6.4.7-0ubuntu0.20.04.11]
libswresample3/devclient-focal-staging-apps-security 7:4.2.7-0ubuntu0.1+esm6 amd64 [upgradable from: 7:4.2.7-0ubuntu0.1]
libswscale5/devclient-focal-staging-apps-security 7:4.2.7-0ubuntu0.1+esm6 amd64 [upgradable from: 7:4.2.7-0ubuntu0.1]
libsystemd0/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
libudev1/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
linux-generic-hwe-20.04/devclient-focal-staging-updates,devclient-focal-staging-security 5.15.0.122.132~20.04.1 amd64 [upgradable from: 5.15.0.121.131~20.04.1]
linux-headers-generic-hwe-20.04/devclient-focal-staging-updates,devclient-focal-staging-security 5.15.0.122.132~20.04.1 amd64 [upgradable from: 5.15.0.121.131~20.04.1]
linux-image-generic-hwe-20.04/devclient-focal-staging-updates,devclient-focal-staging-security 5.15.0.122.132~20.04.1 amd64 [upgradable from: 5.15.0.121.131~20.04.1]
linux-libc-dev/devclient-focal-staging-updates,devclient-focal-staging-security 5.4.0-196.216 amd64 [upgradable from: 5.4.0-195.215]
linux-oem-20.04/devclient-focal-staging-updates,devclient-focal-staging-security 5.15.0.122.132~20.04.1 amd64 [upgradable from: 5.15.0.121.131~20.04.1]
microsoft-edge-stable/stable 129.0.2792.52-1 amd64 [upgradable from: 128.0.2739.54-1]
nautilus-share/devclient-focal-staging-updates,devclient-focal-staging-security 0.7.3-2ubuntu3.1 amd64 [upgradable from: 0.7.3-2ubuntu3]
python-pip-whl/devclient-focal-staging-apps-security,devclient-focal-staging-apps-security 20.0.2-5ubuntu1.10+esm2 all [upgradable from: 20.0.2-5ubuntu1.10]
python2.7-minimal/devclient-focal-staging-apps-security 2.7.18-1~20.04.4+esm2 amd64 [upgradable from: 2.7.18-1~20.04.4+esm1]
python2.7/devclient-focal-staging-apps-security 2.7.18-1~20.04.4+esm2 amd64 [upgradable from: 2.7.18-1~20.04.4+esm1]
python3-pip/devclient-focal-staging-apps-security,devclient-focal-staging-apps-security 20.0.2-5ubuntu1.10+esm2 all [upgradable from: 20.0.2-5ubuntu1.10]
python3.12-minimal/focal 3.12.6-1+focal1 amd64 [upgradable from: 3.12.4-1+focal1]
python3.12-venv/focal 3.12.6-1+focal1 amd64 [upgradable from: 3.12.4-1+focal1]
python3.12/focal 3.12.6-1+focal1 amd64 [upgradable from: 3.12.4-1+focal1]
python3.8-dev/devclient-focal-staging-updates,devclient-focal-staging-security 3.8.10-0ubuntu1~20.04.12 amd64 [upgradable from: 3.8.10-0ubuntu1~20.04.11]
python3.8-minimal/devclient-focal-staging-updates,devclient-focal-staging-security 3.8.10-0ubuntu1~20.04.12 amd64 [upgradable from: 3.8.10-0ubuntu1~20.04.11]
python3.8-venv/devclient-focal-staging-updates,devclient-focal-staging-security 3.8.10-0ubuntu1~20.04.12 amd64 [upgradable from: 3.8.10-0ubuntu1~20.04.11]
python3.8/devclient-focal-staging-updates,devclient-focal-staging-security 3.8.10-0ubuntu1~20.04.12 amd64 [upgradable from: 3.8.10-0ubuntu1~20.04.11]
shim-signed/devclient-focal-staging-updates 1.40.10+15.8-0ubuntu1 amd64 [upgradable from: 1.40.9+15.7-0ubuntu1]
systemd-sysv/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
systemd-timesyncd/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
systemd/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
terraform/focal 1.9.6-1 amd64 [upgradable from: 1.8.5-1]
ubuntu-advantage-tools/devclient-focal-staging-updates,devclient-focal-staging-updates 34~20.04 all [upgradable from: 32.3.1~20.04]
ubuntu-pro-client-l10n/devclient-focal-staging-updates 34~20.04 amd64 [upgradable from: 33.2~20.04]
ubuntu-pro-client/devclient-focal-staging-updates 34~20.04 amd64 [upgradable from: 33.2~20.04]
udev/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
vault-enterprise/focal 1.17.6+ent-1 amd64 [upgradable from: 1.16.6+ent-1]

ua security-status --format=json
{"_schema_version": "0.1", "livepatch": {"fixed_cves": []}, "packages": [{"download_size": 984884, "origin": "esm.ubuntu.com", "package": "libavformat58", "service_name": "esm-apps", "status": "pending_enable", "version": "7:4.2.7-0ubuntu0.1+esm6"}, {"download_size": 1086036, "origin": "esm.ubuntu.com", "package": "libavfilter7", "service_name": "esm-apps", "status": "pending_enable", "version": "7:4.2.7-0ubuntu0.1+esm6"}, {"download_size": 1452588, "origin": "esm.ubuntu.com", "package": "ffmpeg", "service_name": "esm-apps", "status": "pending_enable", "version": "7:4.2.7-0ubuntu0.1+esm6"}, {"download_size": 57088, "origin": "esm.ubuntu.com", "package": "libswresample3", "service_name": "esm-apps", "status": "pending_enable", "version": "7:4.2.7-0ubuntu0.1+esm6"}, {"download_size": 1279808, "origin": "esm.ubuntu.com", "package": "python2.7-minimal", "service_name": "esm-apps", "status": "pending_enable", "version": "2.7.18-1~20.04.4+esm2"}, {"download_size": 248248, "origin": "esm.ubuntu.com", "package": "python2.7", "service_name": "esm-apps", "status": "pending_enable", "version": "2.7.18-1~20.04.4+esm2"}, {"download_size": 230504, "origin": "esm.ubuntu.com", "package": "python3-pip", "service_name": "esm-apps", "status": "pending_enable", "version": "20.0.2-5ubuntu1.10+esm2"}, {"download_size": 55016, "origin": "esm.ubuntu.com", "package": "libpostproc55", "service_name": "esm-apps", "status": "pending_enable", "version": "7:4.2.7-0ubuntu0.1+esm6"}, {"download_size": 4880172, "origin": "esm.ubuntu.com", "package": "libavcodec58", "service_name": "esm-apps", "status": "pending_enable", "version": "7:4.2.7-0ubuntu0.1+esm6"}, {"download_size": 241432, "origin": "esm.ubuntu.com", "package": "libavutil56", "service_name": "esm-apps", "status": "pending_enable", "version": "7:4.2.7-0ubuntu0.1+esm6"}, {"download_size": 74264, "origin": "esm.ubuntu.com", "package": "libavdevice58", "service_name": "esm-apps", "status": "pending_enable", "version": "7:4.2.7-0ubuntu0.1+esm6"}, {"download_size": 157420, "origin": "esm.ubuntu.com", "package": "libswscale5", "service_name": "esm-apps", "status": "pending_enable", "version": "7:4.2.7-0ubuntu0.1+esm6"}, {"download_size": 335528, "origin": "esm.ubuntu.com", "package": "libpython2.7-minimal", "service_name": "esm-apps", "status": "pending_enable", "version": "2.7.18-1~20.04.4+esm2"}, {"download_size": 1887704, "origin": "esm.ubuntu.com", "package": "libpython2.7-stdlib", "service_name": "esm-apps", "status": "pending_enable", "version": "2.7.18-1~20.04.4+esm2"}, {"download_size": 1808744, "origin": "esm.ubuntu.com", "package": "python-pip-whl", "service_name": "esm-apps", "status": "pending_enable", "version": "20.0.2-5ubuntu1.10+esm2"}, {"download_size": 54208, "origin": "esm.ubuntu.com", "package": "libavresample4", "service_name": "esm-apps", "status": "pending_enable", "version": "7:4.2.7-0ubuntu0.1+esm6"}], "summary": {"num_esm_apps_packages": 0, "num_esm_apps_updates": 16, "num_esm_infra_packages": 0, "num_esm_infra_updates": 0, "num_installed_packages": 2043, "num_main_packages": 0, "num_multiverse_packages": 0, "num_restricted_packages": 0, "num_standard_security_updates": 0, "num_third_party_packages": 2029, "num_universe_packages": 0, "num_unknown_packages": 14, "reboot_required": "no", "ua": {"attached": true, "enabled_services": [], "entitled_services": ["esm-apps", "esm-infra"]}}}

ua status
SERVICE ENTITLED STATUS DESCRIPTION
anbox-cloud yes disabled Scalable Android in the cloud
esm-apps yes disabled Expanded Security Maintenance for Applications
esm-infra yes disabled Expanded Security Maintenance for Infrastructure
fips yes disabled NIST-certified FIPS crypto packages
fips-updates yes disabled FIPS compliant crypto packages with stable security updates
livepatch yes disabled Canonical Livepatch service
usg yes disabled Security compliance and audit tools

For a list of all Ubuntu Pro services, run 'pro status --all'
Enable services with: pro enable <service>

                Account: Registers of Scotland
           Subscription: Ubuntu Pro Desktop + Support (weekday)
            Valid until: Mon Aug 18 00:59:59 2025 BST
Technical support level: standard

[info] A new version is available: 34~20.04
Please run:
    sudo apt install ubuntu-pro-client
to get the latest bug fixes and new features.

Related branches

Revision history for this message
David Clark (davy326) wrote :
Changed in update-manager (Ubuntu):
assignee: nobody → Nathan Teodosio (nteodosio)
Revision history for this message
Nathan Teodosio (nteodosio) wrote (last edit ):

I think I have a fix, I'm trying to create a reproduction case so I myself can verify it. Not very keen on setting up a local mirror, but if it is the only way, it will be.

Update: Nevermind, I can just use a PPA of course!

Changed in update-manager (Ubuntu):
status: New → In Progress
Revision history for this message
Nathan Teodosio (nteodosio) wrote :

David, would you be able to test the fix from a PPA[1] (update-manager 4:20.66) before we kick off the whole SRU process?

I tested this locally by publishing a sample package with a version matching the ESM's and disabling the ESM services, it seems to have worked, but I don't have the full mirror setup described in the report and as such I'm not convinced by it yet.

[1]https://launchpad.net/~nteodosio/+archive/ubuntu/ubuntu-pro

Revision history for this message
Nathan Teodosio (nteodosio) wrote :

Note: In 2023-07-04, what I think matches the present bug was described[1]:

> when the service is disabled (e.g. ua disable esm-apps), but the machine is attached (then ua security-status --fromat=json will not say pending_attach, but pending_enable). Will we treat this as a special case? Of course calling the user to enable Ubuntu Pro then will be inaccurate.

I added a comment as suggested to the design prototype[2], but without a response, I'm here relying merely on my intuition.

[1]https://warthogs.atlassian.net/browse/UDENG-361?focusedCommentId=272069
[2]https://www.figma.com/design/3hQb6iJvfYT9lavggC3Q5J?node-id=1455-3054#489146589

Changed in update-manager (Ubuntu):
status: In Progress → Triaged
Revision history for this message
Mark Robinson (markrobinsonros) wrote (last edit ):

Nathan,

I've tested your patch on my laptop (used for the original report above) and there's definitely an improvement, however the prompt to enable still shows. See attached screenshots of standard vs your version

Revision history for this message
Mark Robinson (markrobinsonros) wrote :
Revision history for this message
Mark Robinson (markrobinsonros) wrote :
Revision history for this message
Mark Robinson (markrobinsonros) wrote (last edit ):

I think I know why the Python2.7 packages are showing like that.

In the current cut of our ESM Landscape staged repos, we have Python 2.7.18-1~20.04.4+esm2, but version 2.7.18-1~20.04.4+esm3 is available directly from upstream ESM, even though ESM isn't enabled in UA pro.

That's the same behaviour as before.

For the python3-pip package that's showing nicely under the new Ubuntu Pro security updates section, that represents a move from a standard package to an ESM package that IS in our staged cut of ESM:

python3-pip/devclient-focal-staging-apps-security,devclient-focal-staging-apps-security 20.0.2-5ubuntu1.10+esm2 all [upgradable from: 20.0.2-5ubuntu1.10]

What we'd really like is for software updater to not show ESM packages that are only in upstream ESM if that's possible please?

Revision history for this message
Nathan Teodosio (nteodosio) wrote :

Thank you for the response and for promptly identifying what is special about the python-2.7 source packages.

I'll work on a fix and post here when it's ready for testing.

Revision history for this message
Nathan Teodosio (nteodosio) wrote :

Mark, did the output of 'ua security-status --format=json' change with respect to the python-2.7 packages, i.e., does it still says "version": "2.7.18-1~20.04.4+esm2" for python2.7-minimal, or did it meanwhile change to +esm3?

Revision history for this message
Nathan Teodosio (nteodosio) wrote : Re: [Bug 2083081] Re: Locally Mirrored ESM repositories are not properly being picked up by software updater.

Uploading 20.67 with tentative fix.

Revision history for this message
Mark Robinson (markrobinsonros) wrote (last edit ):

# ua security-status --format=json | jq .
{
  "_schema_version": "0.1",
  "livepatch": {
    "fixed_cves": []
  },
  "packages": [
    {
      "download_size": 1274208,
      "origin": "esm.ubuntu.com",
      "package": "python2.7-minimal",
      "service_name": "esm-apps",
      "status": "pending_enable",
      "version": "2.7.18-1~20.04.4+esm3"
    },
    {
      "download_size": 248228,
      "origin": "esm.ubuntu.com",
      "package": "python2.7",
      "service_name": "esm-apps",
      "status": "pending_enable",
      "version": "2.7.18-1~20.04.4+esm3"
    },
    {
      "download_size": 230504,
      "origin": "esm.ubuntu.com",
      "package": "python3-pip",
      "service_name": "esm-apps",
      "status": "pending_enable",
      "version": "20.0.2-5ubuntu1.10+esm2"
    },
    {
      "download_size": 335660,
      "origin": "esm.ubuntu.com",
      "package": "libpython2.7-minimal",
      "service_name": "esm-apps",
      "status": "pending_enable",
      "version": "2.7.18-1~20.04.4+esm3"
    },
    {
      "download_size": 1886160,
      "origin": "esm.ubuntu.com",
      "package": "libpython2.7-stdlib",
      "service_name": "esm-apps",
      "status": "pending_enable",
      "version": "2.7.18-1~20.04.4+esm3"
    },
    {
      "download_size": 1808744,
      "origin": "esm.ubuntu.com",
      "package": "python-pip-whl",
      "service_name": "esm-apps",
      "status": "pending_enable",
      "version": "20.0.2-5ubuntu1.10+esm2"
    }
  ],
  "summary": {
    "num_esm_apps_packages": 0,
    "num_esm_apps_updates": 6,
    "num_esm_infra_packages": 0,
    "num_esm_infra_updates": 0,
    "num_installed_packages": 2043,
    "num_main_packages": 0,
    "num_multiverse_packages": 0,
    "num_restricted_packages": 0,
    "num_standard_security_updates": 0,
    "num_third_party_packages": 2029,
    "num_universe_packages": 0,
    "num_unknown_packages": 14,
    "reboot_required": "no",
    "ua": {
      "attached": true,
      "enabled_services": [],
      "entitled_services": [
        "esm-apps",
        "esm-infra"
      ]
    }
  }
}

Revision history for this message
Sebastien Bacher (seb128) wrote :

Isn't the new screenshot right on status though? The local mirror lacks behind and enabling esm-apps would get a newer revision in that case... (the message is confusing though and should state to enable esm-apps and not pro since the systel is attached)

Changed in update-manager (Ubuntu):
importance: Undecided → High
Revision history for this message
Nathan Teodosio (nteodosio) wrote :

I'd say it is not right, because 'apt upgrade' would install a upgraded
python2-minimal, even if not the one upstream Pro has. As such update-manager
should list that as installable.

What is the systel?

Also the 20.67 upload had an error, I'm fixing it in the just uploaded 20.68 and
seems to be fine for my tests.

Changed in update-manager (Ubuntu):
status: Triaged → Fix Committed
status: Fix Committed → Triaged
Revision history for this message
Mark Robinson (markrobinsonros) wrote :
Download full text (3.5 KiB)

Morning Nathan,

apt wasn't offering the python2-minimal patch:

# apt list --upgradable
Listing... Done
google-chrome-stable/stable 129.0.6668.89-1 amd64 [upgradable from: 128.0.6613.113-1]
krb5-locales/devclient-focal-staging-updates,devclient-focal-staging-updates 1.17-6ubuntu4.7 all [upgradable from: 1.17-6ubuntu4.6]
libgssapi-krb5-2/devclient-focal-staging-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libk5crypto3/devclient-focal-staging-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libkrb5-3/devclient-focal-staging-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libkrb5support0/devclient-focal-staging-updates 1.17-6ubuntu4.7 amd64 [upgradable from: 1.17-6ubuntu4.6]
libnss-systemd/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
libpam-systemd/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
libpcap0.8/devclient-focal-staging-updates 1.9.1-3ubuntu1.20.04.1 amd64 [upgradable from: 1.9.1-3]
libpython3.12-minimal/focal 3.12.7-1+focal1 amd64 [upgradable from: 3.12.4-1+focal1]
libpython3.12-stdlib/focal 3.12.7-1+focal1 amd64 [upgradable from: 3.12.4-1+focal1]
libsystemd0/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
libudev1/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
microsoft-edge-stable/stable 129.0.2792.65-1 amd64 [upgradable from: 128.0.2739.54-1]
nautilus-share/devclient-focal-staging-updates,devclient-focal-staging-security 0.7.3-2ubuntu3.1 amd64 [upgradable from: 0.7.3-2ubuntu3]
python-pip-whl/devclient-focal-staging-apps-security,devclient-focal-staging-apps-security 20.0.2-5ubuntu1.10+esm2 all [upgradable from: 20.0.2-5ubuntu1.10]
python3-pip/devclient-focal-staging-apps-security,devclient-focal-staging-apps-security 20.0.2-5ubuntu1.10+esm2 all [upgradable from: 20.0.2-5ubuntu1.10]
python3-update-manager/focal,focal 4:20.67 all [upgradable from: 4:20.66]
python3.12-minimal/focal 3.12.7-1+focal1 amd64 [upgradable from: 3.12.4-1+focal1]
python3.12-venv/focal 3.12.7-1+focal1 amd64 [upgradable from: 3.12.4-1+focal1]
python3.12/focal 3.12.7-1+focal1 amd64 [upgradable from: 3.12.4-1+focal1]
shim-signed/devclient-focal-staging-updates 1.40.10+15.8-0ubuntu1 amd64 [upgradable from: 1.40.9+15.7-0ubuntu1]
systemd-sysv/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
systemd-timesyncd/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
systemd/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
terraform/focal 1.9.6-1 amd64 [upgradable from: 1.8.5-1]
ubuntu-advantage-tools/devclient-focal-staging-updates,devclient-focal-staging-updates 34~20.04 all [upgradable from: 32.3.1~20.04]
ubuntu-pro-client-l10n/devclient-focal-staging-updates 34~20.04 amd64 [upgradable from: 33.2~20.04]
ubuntu-pro-client/devclient-focal-staging-updates 34~20.04 amd64 [upgradable from: 33.2~20.04]
udev/devclient-focal-staging-updates 245.4-4ubuntu3.24 amd64 [upgradable from: 245.4-4ubuntu3.23]
update-manager-core...

Read more...

Revision history for this message
Nathan Teodosio (nteodosio) wrote :

Good morning Mark,

> apt wasn't offering the python2-minimal patch:

Oof... Sorry, I missed that.

I don't understand why it isn't offered but that might be some pinning configuration, 'apt policy pibpython2.7-minimal' should shed some light, although anyway update-manager does not need to know why.

I do not think that 20.68 will change anything then; rather we really need an explicit check for attachment, and if it is attached, to suppress that '(enable in settings...)' message.

Revision history for this message
Mark Robinson (markrobinsonros) wrote :

I don;t think we've pinned it - it's just not seeing the +esm3 package:

# apt policy python2.7-minimal
python2.7-minimal:
  Installed: 2.7.18-1~20.04.4+esm2
  Candidate: 2.7.18-1~20.04.4+esm2
  Version table:
 *** 2.7.18-1~20.04.4+esm2 500
        500 http://landscape.nowhere.com/repository/standalone/ubuntu devclient-focal-staging-apps-security/main amd64 Packages
        100 /var/lib/dpkg/status
     2.7.18-1~20.04.4 500
        500 http://landscape.nowhere.com/repository/standalone/ubuntu devclient-focal-staging-updates/universe amd64 Packages
     2.7.18-1~20.04.3 500
        500 http://landscape.nowhere.com/repository/standalone/ubuntu devclient-focal-staging-security/universe amd64 Packages
     2.7.18~rc1-2 500
        500 http://landscape.nowhere.com/repository/standalone/ubuntu devclient-focal-staging/universe amd64 Packages

Revision history for this message
Nathan Teodosio (nteodosio) wrote :

Ah OK, python2-minimal was updated meanwhile, so the bug description is not up
to date. The parts are moving during the investigation, of course this is
natural but confused me.

So I believe we can stand by #16, namely just suppress '(enable in
settings...)' message in addition to the 20.66 fix and then the view will be
accurate.

Revision history for this message
Nathan Teodosio (nteodosio) wrote :

20.69 is ready for testing, attached screen shots show how it looks on my side.
I'll prepare a merge request but please let us know if something still deviates
from expectations.

Revision history for this message
Mark Robinson (markrobinsonros) wrote :

I've now installed 4:20.69

Unfortunately, it's showing duplicate entries for updated packages that are in upstream ESM and also in our staged repos. The highlighted package in the screenshot is also one of the "Python package installer" updates in the "Other updates" section. I think that's going to be confusing for users.

The behaviour of 4:20.66 which showed the Ubuntu Pro security updates (coming from our staged repos) in a separate section was preferable.

Ideally, we would like a flag that we can set that would stop software updater from showing anything that it's found in upstream ESM. We would be happy with the default being that they're shown, but we could configure it to turn off that section. Is that something that's possible please?

Revision history for this message
Nathan Teodosio (nteodosio) wrote :

Thank you again for your quick responses and tests.

> for updated packages

You mean, "for to-be-updated packages", judiging by your 'apt list --upgradable' output.

"Python package installer" is the description of two binary packages, python3-pip and python3-pip-whl, both of which are installed and are upgradable.

Then there is the upstream ESM's upgrade of them, which you cannot install because you don't have ESM services enabled. The fact that it only shows once (corresponding to the source package rather than the two binaries) in the Pro section is a limitation in the way we can get that information from the UA client, there is nothing to do there.

I believe that although the view could be initially confusing, the situation should become clearar if the details of each du/tri/multi-plicate is listed, they are all different versions.

> Ideally, we would like a flag that we can set that would stop software updater from showing anything that it's found in upstream ESM. We would be happy with the default being that they're shown, but we could configure it to turn off that section. Is that something that's possible please?

We are discussing that request and will get back to you shortly.

Revision history for this message
Mark Robinson (markrobinsonros) wrote :

Sorry, I did mean "to be updated".

To clarify what I meant by the duplicate update issue, I have attached another screenshot.

The python3-pip package is showing in the "Other updates" section and also in the (disabled) Ubuntu Pro security updates section. It's the same versions in both sections
InStalled version: 20.0.2-5ubuntu1.10
Available version: 20.0.2-5ubuntu1.10+esm2

Revision history for this message
Sebastien Bacher (seb128) wrote :

We had discussions about having a such flag when the feature was added but we decided it's not an option we want to provide since it would just lead to an inaccurate status to be displayed. Reading the backlog it's a bit unclear what's the remaining issue? The initial problem, which the ppa resolved if I understand correctly, was that the upgrade was incorrectly listed in the 'enable pro to get it' section while available in the local mirror. What's the remaining problematic situation after getting that issue resolved?

Revision history for this message
Mark Robinson (markrobinsonros) wrote :

Sorry for the late reply - I was on holiday last week.
The only remaining was that the updates were appearing twice - under the normal updates section and under the greyed out Pro updates section. We have discussed this internally and have decided that it's not really an issue.
So, we're happy with the latest version in the ppa. My colleague has closed the support ticket with the same info.
Are you happy to release this fix into the normal update channel?

Revision history for this message
Nathan Teodosio (nteodosio) wrote :

Hi Mark, no worries. We're happy to ship it, we'll get it reviewed in the linked merge request and then it needs to go through the stable release update process; This will take some time. As you are in Focal, you will be able to get the fix when the bug task for Focal is set to "Fix Released".

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.