search

hifis-net / ansible-collection-toolkit

This Ansible collection provides production-ready Ansible roles used for providing services used in research and by research software engineers, but not exclusively.
https://galaxy.ansible.com/hifis/toolkit/
Other
97 stars 22 forks source link

ValueError: not enough values to unpack (expected 2, got 1) on Ubuntu Jammy #55

Closed shawly closed 1 year ago

shawly commented 1 year ago

With Ubuntu Jammy I get the following error after running the Ansible role:

$ unattended-upgrades --debug --dry-run                                                                                                                                                                                 
Starting unattended upgrades script                                                                                                                                                                                                         
Allowed origins are: Ubuntu:jammy, Ubuntu:jammy-security, Ubuntu:jammy-updates, Ubuntu:jammy-proposed, UbuntuESMApps:jammy-apps-security, UbuntuESM:jammy-infra-security, Docker:jammy
Initial blacklist: 
Initial whitelist (not strict):        
An error occurred: not enough values to unpack (expected 2, got 1)
Traceback (most recent call last):                 
  File "/usr/bin/unattended-upgrades", line 1993, in main
    res = run(options, rootdir, mem_log, logfile_dpkg,
  File "/usr/bin/unattended-upgrades", line 2134, in run                                                              
    cache = UnattendedUpgradesCache(rootdir=rootdir)                                                                  
  File "/usr/bin/unattended-upgrades", line 171, in __init__
    apt.Cache.__init__(self, rootdir=rootdir)
  File "/usr/lib/python3/dist-packages/apt/cache.py", line 152, in __init__
    self.open(progress)                                                                                               
  File "/usr/bin/unattended-upgrades", line 333, in open
    self.apply_pinning(self.pinning_from_config())
  File "/usr/bin/unattended-upgrades", line 279, in pinning_from_config
    if not is_allowed_origin(pkg_file, self.allowed_origins):
  File "/usr/bin/unattended-upgrades", line 981, in is_allowed_origin  
    if match_whitelist_string(allowed, origin):                                                                       
  File "/usr/bin/unattended-upgrades", line 820, in match_whitelist_string   
    (what, value) = [s.strip().replace("%2C", ",")  
ValueError: not enough values to unpack (expected 2, got 1)    
Extracting content from /var/log/unattended-upgrades/unattended-upgrades-dpkg.log since 2022-11-02 13:36:04
Traceback (most recent call last):                
  File "/usr/bin/unattended-upgrades", line 2522, in <module>
    sys.exit(main(options))         
  File "/usr/bin/unattended-upgrades", line 1993, in main
    res = run(options, rootdir, mem_log, logfile_dpkg,
  File "/usr/bin/unattended-upgrades", line 2134, in run
    cache = UnattendedUpgradesCache(rootdir=rootdir)
  File "/usr/bin/unattended-upgrades", line 171, in __init__
    apt.Cache.__init__(self, rootdir=rootdir)
  File "/usr/lib/python3/dist-packages/apt/cache.py", line 152, in __init__
    self.open(progress)
  File "/usr/bin/unattended-upgrades", line 333, in open
    self.apply_pinning(self.pinning_from_config())
  File "/usr/bin/unattended-upgrades", line 279, in pinning_from_config
    if not is_allowed_origin(pkg_file, self.allowed_origins):
  File "/usr/bin/unattended-upgrades", line 981, in is_allowed_origin
    if match_whitelist_string(allowed, origin):
  File "/usr/bin/unattended-upgrades", line 820, in match_whitelist_string
    (what, value) = [s.strip().replace("%2C", ",")
ValueError: not enough values to unpack (expected 2, got 1)

With the default unattended-upgrades configuration it works fine. I compared the original and the newly generated configuration and it seems that Unattended-Upgrade::Origins-Pattern changed to Unattended-Upgrade::Allowed-Origins with Jammy. The Ubuntu documentation also was updated https://help.ubuntu.com/community/AutomaticSecurityUpdates

When I change Origins-Pattern to Allowed-Origins it works again. So I guess there should be a check for the distro codename.

Normo commented 1 year ago

Thanks @shawly for reporting this bug.

Could you please provide the Ansible configuration or the original configuration file that throws this error?

shawly commented 1 year ago

Is there any need for me to provide it? The issue is that unattended updates changed the pattern, that doesn't relate to any special configuration.

Normo commented 1 year ago

I can't recreate the error on Ubuntu 22.04 at the moment. Either the config or the steps to reproduce the error would be very helpful to me here.

shawly commented 1 year ago

This is currently the config I used to produce the error:


- name: Configure unattended upgrades
  hosts: all
  strategy: free
  pre_tasks:
    - name: Set debian origin patterns
      ansible.builtin.set_fact:
        unattended_origins_patterns:
          - "origin=Debian,codename=${distro_codename},label=Debian-Security"
          - "o=Debian,codename=${distro_codename},label=Debian"
          - "o=Debian,codename=${distro_codename},a=proposed-updates"
          - "Docker:${distro_codename}"
      when: ansible_distribution == "Debian" and ansible_distribution_major_version > "7"
    - name: Set ubuntu origin patterns
      ansible.builtin.set_fact:
        unattended_origins_patterns:
          - "origin=Ubuntu,archive=${distro_codename}-security"
          - "o=Ubuntu,a=${distro_codename}"
          - "o=Ubuntu,a=${distro_codename}-updates"
          - "o=Ubuntu,a=${distro_codename}-proposed-updates"
          - "Docker:${distro_codename}"
      when: ansible_distribution == "Ubuntu" and ansible_distribution_major_version < "22"
    - name: Set ubuntu jammy origin patterns
      ansible.builtin.set_fact:
        unattended_origins_patterns:
          - "${distro_id}:${distro_codename}"
          - "${distro_id}:${distro_codename}-security"
          - "${distro_id}:${distro_codename}-updates"
          - "${distro_id}:${distro_codename}-proposed"
          - "${distro_id}ESMApps:${distro_codename}-apps-security"
          - "${distro_id}ESM:${distro_codename}-infra-security"
          - "Docker:${distro_codename}"
      when: ansible_distribution == "Ubuntu" and ansible_distribution_major_version >= "22"
  roles:
    - role: hifis.unattended_upgrades
      unattended_automatic_reboot: true
      unattended_automatic_reboot_time: "02:00"
  tags:
    - unattended_upgrades
    - system

As a workaround I added these post_tasks:

  post_tasks:
    - name: Ubuntu Jammy fix for unattended upgrades patterns
      become: true
      ansible.builtin.replace:
        path: /etc/apt/apt.conf.d/50unattended-upgrades
        regexp: '(\s+)Unattended-Upgrade::Origins-Pattern(\s+.*)?$'
        replace: '\1Unattended-Upgrade::Allowed-Origins\2'
      when: ansible_distribution_major_version >= "22"

On Ubuntu 20.04 unattended upgrades uses v2.3 and on 22.04 it has been updated to v2.8. Maybe the reason this happens is because I just use Docker:${distro_codename} which worked with v2.3 but not with v2.8?