Page MenuHomePhabricator

Disable Ubuntu unattended upgrades
Closed, ResolvedPublic

Description

The deploy process should:

$ sudo apt remove unattended-upgrades

These "unattended security upgrades" have been "unattended downtime" twice now:

  • T13673 was a backward-incompatible change which could not possibly have had any security impact in the Phacility environment.
  • This MySQL thing, which fixes some kind of vulnerability that I can't actually figure out the details for, deployed a couple hours ago and took MySQL out of service. I think it is DOS of MySQL if an attacker has local network access.

I don't know how Ubuntu chooses which upgrades to push automatically (and couldn't figure it out in two minutes of Googling) but I think the criteria are just wildly different from the desired criteria. Phacility services don't generally benefit from getting local privilege escalation patches in the middle of the night.

And even this charitably assumes that the "MySQL goes out of service" part is my fault somehow. I don't immediately know how it could be -- MySQL uses normal system service management, and restarted cleanly when given normal restart commands.

Event Timeline

epriestley created this task.

I patched and partially deployed this in early August. Another unattended MySQL upgrade went out on Monday night, also didn't restart MySQL on affected hosts, and caused some downtime on hosts that didn't have the patch (to "disable unattended upgrades"). I've now deployed this everywhere, and am presuming this is fixed until evidence arises to the contrary.