Ubuntu
conntrack-tools package

Shift of conntrackd to systemd notification causes upgrade issues from Xenial

Bug #1761994 reported by Mark Shuttleworth
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
conntrack-tools (Ubuntu)
Fix Released
High
Unassigned

Bug Description

In Bionic, conntrackd configuration needs to be updated to use systemd notification otherwise we get problems during the upgrade process.

Ultimately, it requires putting up with broken debconf scripts in the upgrade process, editing the file to reflect the new location, and rebooting.

It may also have to do with the UNIX socket configuration for conntrackd which changed between 16.04 and 18.04, to:

        UNIX {
                Path /var/run/conntrackd.sock
                Backlog 20
        }

I think it was previously conntrackd.ctl.

Tags: bionic
Hans Joachim Desserud (hjd)
tags: added: bionic
Revision history for this message
Corey Bryant (corey.bryant) wrote :

Hi Mark,

Thanks for reporting this.

Does this look like the error that you hit? https://paste.ubuntu.com/p/4bv3PGBfMF/

I wasn't able to reproduce this using the default package config when upgrading conntrackd from xenial to bionic, however if I remove "Systemd on" from the bionic config file (/etc/conntrackd/conntrackd.conf), it fails due to timeout as shown in the above paste.

I have the broken package built in the following PPA in case anyone wants to test:

sudo add-apt-repository ppa:corey.bryant/bionic-queens
sudo apt update

Note: That particular issue appears to have been fixed in artful and bionic via https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835384. However if you're not using the default config provided by the bionic package then it's possible you'd hit it on upgrade.

Thanks,
Corey

Revision history for this message
Mark Shuttleworth (sabdfl) wrote : Re: [Bug 1761994] Re: Shift of conntrackd to systemd notification causes upgrade issues from Xenial

Yes, the issue is on upgrade, where if you don't add the 'Systemd on'
config, it fails.

Revision history for this message
Corey Bryant (corey.bryant) wrote :

Since the package is built with --enable-systemd I don't see why we wouldn't default the config to 'Systemd on'. I'm going to look into patching this.

Changed in conntrack (Ubuntu):
status: New → Triaged
importance: Undecided → High
Revision history for this message
Corey Bryant (corey.bryant) wrote :

I've uploaded conntrack-tools 1:1.4.4+snapshot20161117-6ubuntu2 to bionic. This version of the package defaults to using 'Systemd on' for conntrackd config. I tested upgrades from xenial to bionic with the following in the bionic config /etc/conntrackd/conntrackd.conf:

1) 'Systemd on' # upgrade is successful
2) Systemd config not specified # upgrade is successful (defaults to 'Systemd on')
3) 'Systemd off' # upgrade fails as expected with timeout

I'll submit the patch back to Debian as well.

Note: The package in my ppa now has the new package version.

Changed in conntrack-tools (Ubuntu):
status: New → Triaged
importance: Undecided → High
no longer affects: conntrack (Ubuntu)
Revision history for this message
Corey Bryant (corey.bryant) wrote :

Just to be clear, the new version of the package patches the conntrackd code to default to 'Systemd on', as opposed to requiring 'Systemd on' in /etc/conntrackd/conntrackd.conf.

Revision history for this message
Corey Bryant (corey.bryant) wrote :

Debian bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895826

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package conntrack-tools - 1:1.4.4+snapshot20161117-6ubuntu2

---------------
conntrack-tools (1:1.4.4+snapshot20161117-6ubuntu2) bionic; urgency=medium

  * d/p/enable-runtime-systemd.patch: Enable systemd runtime support by
    default since the package is compiled with --enable-systemd
    (LP: #1761994).

 -- Corey Bryant <email address hidden> Mon, 16 Apr 2018 09:21:40 -0400

Changed in conntrack-tools (Ubuntu):
status: Triaged → Fix Released
Revision history for this message
Mark Shuttleworth (sabdfl) wrote :

Ah, elegant approach, BUT we'll need to maintain that patch carefully if
it doesn't get upstreamed, a lazy future merge will just cause the
problem to resurface.

Mark

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.