Services not restarted after unattended-upgrade

[mbologna]

I am using needrestart 3.5 with the Ubuntu defaults except the automatic restart of daemons:

# grep -E nrconf\{restart\} /etc/needrestart/needrestart.conf
$nrconf{restart} = 'a';

After unattedend-upgrade is run, services aren't restarted.

unattended-upgrade log:

Setting up krb5-locales (1.19.2-2ubuntu0.2) ...
NEEDRESTART-VER: 3.5
NEEDRESTART-KCUR: 5.15.0-71-generic
NEEDRESTART-KEXP: 5.15.0-71-generic
NEEDRESTART-KSTA: 1
NEEDRESTART-UCSTA: 1
NEEDRESTART-UCCUR: 0x0049
NEEDRESTART-UCEXP: 0x0049
[...]
NEEDRESTART-SVC: netatalk.service
[...]
Log ended: 2023-05-11  02:00:22

Manually listing with needrestart:

# needrestart -rl
[...]
Services to be restarted:
 systemctl restart netatalk.service
 [...]

Service restarts being deferred:
 systemctl restart libvirtd.service
 [...]

Obviously there is no exclusion for that particular service, nor the others listed under "to be restarted":

# grep -R -i neta * /etc/needrestart/
#

What am I missing to have services restarted by unattended-upgrade?

[pietervogelaar]

I experience the same problem on Ubuntu 22.04 (needrestart 3.5-5ubuntu2.1).

I have an unattended upgrade script like:

export DEBIAN_FRONTEND=noninteractive
export NEEDRESTART_MODE=a

yes '' | apt-get --yes --quiet --with-new-pkgs \
  -o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold" \
  upgrade 2>&1

But instead of restarting the services automatically, needrestart only lists the services:

NEEDRESTART-VER: 3.5
NEEDRESTART-KCUR: 5.15.0-25-generic
NEEDRESTART-KEXP: 5.15.0-48-generic
NEEDRESTART-KSTA: 3
NEEDRESTART-SVC: ModemManager.service
NEEDRESTART-SVC: multipathd.service
NEEDRESTART-SVC: open-vm-tools.service
NEEDRESTART-SVC: packagekit.service
NEEDRESTART-SVC: udisks2.service
NEEDRESTART-SVC: unattended-upgrades.service

On Ubuntu 18.04 and 20.04 the above script works perfectly and needrestart restarts the services automatically.

Setting "a" in the configuration also didn't change anything.

# Restart mode: (l)ist only, (i)nteractive or (a)utomatically.
#
# ATTENTION: If needrestart is configured to run in interactive mode but is run
# non-interactive (i.e. unattended-upgrades) it will fallback to list only mode.
#
$nrconf{restart} = 'a';

If I execute unset DEBIAN_FRONTEND, I only get the prompt about rebooting because the kernel is upgraded, after pressing ENTER the services are automatically restarted. The ATTENTION comment mentions a fallback to list. But it seems to affect both the "i" and "a" mode.

root@myhost:~# export DEBIAN_FRONTEND=noninteractive
root@myhost:~# export NEEDRESTART_MODE=a
root@myhost:~# needrestart
NEEDRESTART-VER: 3.5
NEEDRESTART-KCUR: 5.15.0-25-generic
NEEDRESTART-KEXP: 5.15.0-48-generic
NEEDRESTART-KSTA: 3
NEEDRESTART-SVC: ModemManager.service
NEEDRESTART-SVC: multipathd.service
NEEDRESTART-SVC: open-vm-tools.service
NEEDRESTART-SVC: packagekit.service
NEEDRESTART-SVC: udisks2.service
NEEDRESTART-SVC: unattended-upgrades.service
root@myhost:~# unset DEBIAN_FRONTEND
root@myhost:~# needrestart
Scanning processes...
Scanning candidates...
Scanning linux images...

Restarting services...
 systemctl restart multipathd.service open-vm-tools.service packagekit.service udisks2.service

Service restarts being deferred:
 systemctl restart ModemManager.service
 systemctl restart unattended-upgrades.service

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.

As a workaround to make it also work on Ubuntu 22.04, I added the following code at the end of my upgrade script:

# On Ubuntu 22.04, execute needrestart manually with a "readline" frontend to automatically
# restart services that need a restart. With this frontend there is no prompt about rebooting
# due to upgraded kernel.

if [ "$(lsb_release -rs)" == '22.04' ]; then
  needrestart -r a -f readline
fi

[liske]

It looks like needrestart is running in nagios plugin mode. This should only happen if needrestart is run with the -p parameter. Can you check how it is called?

[mbologna]

It looks like needrestart is running in nagios plugin mode. This should only happen if needrestart is run with the -p parameter. Can you check how it is called?

In my case it is the plain installation of the Ubuntu package:

/etc/apt/apt.conf.d# cat 99needrestart 
DPkg::Post-Invoke {"test -x /usr/lib/needrestart/apt-pinvoke && /usr/lib/needrestart/apt-pinvoke || true"; };

[electrofloat]

Services are also only listed and not restarted when using either of the following commands (assuming that there would a service to be restarted) on a Ubuntu 22.04:

DEBIAN_FRONTEND=noninteractive needrestart -r a

DEBIAN_FRONTEND=noninteractive NEEDRESTART_MODE=a needrestart

DEBIAN_FRONTEND=noninteractive NEEDRESTART_MODE=a apt-get upgrade -y

[electrofloat]

I've found an interesting patch by diffing Ubuntu's version of needrestart between 20.04 (reportedly working) and 22.04 (reportedly not working):

cat debian/patches/168.patch 
From e74dfa6950a298419ffa7a21858f9c1686716f58 Mon Sep 17 00:00:00 2001
From: Simon Peeters <simon@inuits.eu>
Date: Tue, 5 Nov 2019 11:08:42 +0100
Subject: [PATCH 1/2] run in batch mode if DEBIAN_FRONTEND is noninteractive

fixes #129
---
 needrestart | 2 ++
 1 file changed, 2 insertions(+)

Index: needrestart-3.5/needrestart
===================================================================
--- needrestart-3.5.orig/needrestart
+++ needrestart-3.5/needrestart
@@ -220,6 +220,8 @@ $opt_r = $nrconf{restart} unless(defined
 die "ERROR: Unknown restart option '$opt_r'!\n" unless($opt_r =~ /^(l|i|a)$/);
 $is_tty = 0 if($opt_r eq 'i' && exists($ENV{DEBIAN_FRONTEND}) && $ENV{DEBIAN_FRONTEND} eq 'noninteractive');
 $opt_r = 'l' if(!$is_tty && $opt_r eq 'i');
+# always run in batch mode if we run noninteractive
+$opt_b++ if(exists($ENV{DEBIAN_FRONTEND}) && $ENV{DEBIAN_FRONTEND} eq 'noninteractive');

 $opt_m = $nrconf{ui_mode} unless(defined($opt_m));
 die "ERROR: Unknown UI mode '$opt_m'!\n" unless($opt_m =~ /^(e|a)$/);

Could that forced batch mode cause this kind of behavior?

(This is the whole diff by the way: https://pastebin.com/WQyUWRxu)

[black-magius]

have the same issue

[webracer999]

Is this an Ubuntu specific issue? Should we create a bug report on https://bugs.launchpad.net/ubuntu/+source/needrestart?

[webracer999]

I found this bug report on Launchpad describing the same problem: https://bugs.launchpad.net/bugs/2004203

[liske]

I've found an interesting patch by diffing Ubuntu's version of needrestart between 20.04 (reportedly working) and 22.04 (reportedly not working):

cat debian/patches/168.patch 
From e74dfa6950a298419ffa7a21858f9c1686716f58 Mon Sep 17 00:00:00 2001
From: Simon Peeters <simon@inuits.eu>
Date: Tue, 5 Nov 2019 11:08:42 +0100
Subject: [PATCH 1/2] run in batch mode if DEBIAN_FRONTEND is noninteractive

fixes #129
---
 needrestart | 2 ++
 1 file changed, 2 insertions(+)

Index: needrestart-3.5/needrestart
===================================================================
--- needrestart-3.5.orig/needrestart
+++ needrestart-3.5/needrestart
@@ -220,6 +220,8 @@ $opt_r = $nrconf{restart} unless(defined
 die "ERROR: Unknown restart option '$opt_r'!\n" unless($opt_r =~ /^(l|i|a)$/);
 $is_tty = 0 if($opt_r eq 'i' && exists($ENV{DEBIAN_FRONTEND}) && $ENV{DEBIAN_FRONTEND} eq 'noninteractive');
 $opt_r = 'l' if(!$is_tty && $opt_r eq 'i');
+# always run in batch mode if we run noninteractive
+$opt_b++ if(exists($ENV{DEBIAN_FRONTEND}) && $ENV{DEBIAN_FRONTEND} eq 'noninteractive');

 $opt_m = $nrconf{ui_mode} unless(defined($opt_m));
 die "ERROR: Unknown UI mode '$opt_m'!\n" unless($opt_m =~ /^(e|a)$/);

Could that forced batch mode cause this kind of behavior?

(This is the whole diff by the way: https://pastebin.com/WQyUWRxu)

This might be the cause. When needrestart is run in batch mode (read: non-interactive) and the restart mode is set to interactive (default) than nothing will be restarted, intentionally. But it should restart services when restart mode is set to a.

[Flow86]

But it should restart services when restart mode is set to a.

definitely, since if you have unattended-upgrades active and needrestart does not restart necessary services, the whole purpose of needrestart must be questioned.

[cwegener]

For anyone who is interested - this issue was caused when @xnox added the wrong (broken) patch [^1] into Ubuntu Impish instead of the correct and working patch ^2. That change then also ended up in Ubuntu Jammy. ^3

Ubuntu Kinetic and later no longer includes the broken patch, because the version of needrestart in Kinetic was upgraded from 3.5 to 3.6. And @juergh's working patch was merged by @liske a day before the 3.6 release.

So, anyone who is stuck on Jammy unfortunately has to live with the results of this mess as there is nothing in jammy-backports

[^1]: https://git.launchpad.net/ubuntu/+source/needrestart/commit/?h=ubuntu/impish&id=66c0350190f01ee471cf0f74ed07686fd3df196d, original: https://github.com/liske/needrestart/pull/168

[cwegener]

So, anyone who is stuck on Jammy unfortunately has to live with the results of this mess as there is nothing in jammy-backports

Although, manually downloading and installing a working package does work in my case ^1. YMMV

[xnox]

@mwhudson @juergh see above comments =/ in case there is something that can be sru'ed into jammy.

[juergh]

@xnox just did :-) https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2004203/comments/12

[juergh]

@cwegener Can you give the package from this PPA a try? https://launchpad.net/~juergh/+archive/ubuntu/needrestart

[cwegener]

@juergh Thanks. The jammy package from your PPA works just as well for me as manually installing the 3.6 package from lunar. No issues to report and my primary use case (adding Environment=NEEDRESTART_MODE=a to apt-daily-upgrade.service) works well with it too.

[xnox]

@juergh thank you.

[liske]

I'm going to close this issue since it's seems not to be an upstream issue.