ISPConfig component locking apt update in Ubuntu 22.04

Hello,

I have several clean installations of ISPConfig on ubuntu 22.04 with apt update issues. apt update is always locked by a process.
I have to reboot the Ubuntu 22.04 ISPConfig server to patch Ubuntu with the latest updates.

Any idea?

 

Hi, Thank you for your answer.

I'll troubleshoot it next time. It only occurs on ISPConfig servers. (1 VPS, 1 Dedicated server and 1 VM)
I don't have this problem with other 10+ Ubuntu 22.04 servers. So it's a component of ISPConfig or a package.

 

Ah yes, I enabled unattended updates. That could be the right direction. Please note that this is a new installation with unattended updates. I followed the steps as described with the auto installer. No special adjustments/configs. Thanks so far! I'll let you know.

 

Unattended upgrades locks apt when doing something, but this should last only a short while. And while it is doing something lines get written to /var/log/unattended-upgrades/unattended-upgrades.log and /var/log/dpkg.log so monitoring those with tail -f should show if something is happening.
My signature has link to unattended-upgrades tutorial.

 

Thanks, compared the unattended updates with the other nodes. I'm sure it is related to unattended-updates. The updates are installed but the process locks 'apt' somehow. No errors, process finished.

Code:

NEEDRESTART-VER: 3.5
NEEDRESTART-KCUR: 5.15.0-78-generic
NEEDRESTART-KEXP: 5.15.0-78-generic
NEEDRESTART-KSTA: 1
NEEDRESTART-UCSTA: 1
NEEDRESTART-UCCUR: 0x0021
NEEDRESTART-UCEXP: 0x0021
Log ended: 2023-08-09  06:47:10

I will uncomment the following rule (compared to other nodes) and check it tomorrow:

Code:

"${distro_id}:${distro_codename}-updates";

 

Problem solved.

 

After I disabled & uninstalled unattended upgrades from my ispconfig servers:

Code:

E: Could not get lock /var/lib/apt/lists/lock. It is held by process 96203 (apt-get)
N: Be aware that removing the lock file is not a solution and may break your system.
E: Unable to lock directory /var/lib/apt/lists/

So something else is getting in the way. It doesn't seem to be resolved.

ps aux | grep apt

Code:

root        1160  0.0  0.0 126420  9160 ?        Ssl  Aug24   0:05 /usr/sbin/thermald --systemd --dbus-enable --adaptive
root       96203  0.0  0.0  18044 10300 ?        S    Aug25   0:06 apt-get update
_apt       96214  0.0  0.0  22096  9140 ?        S    Aug25   0:00 /usr/lib/apt/methods/http
_apt       96215  0.0  0.0  25128 13160 ?        S    Aug25   0:00 /usr/lib/apt/methods/https
_apt       96216  0.0  0.0  25128 12784 ?        S    Aug25   0:00 /usr/lib/apt/methods/https
_apt       96217  0.0  0.0  22096  9532 ?        S    Aug25   0:00 /usr/lib/apt/methods/http
_apt       96218  0.0  0.0  22100  9240 ?        S    Aug25   0:00 /usr/lib/apt/methods/http
_apt       96221  0.0  0.0  25128 12808 ?        S    Aug25   0:00 /usr/lib/apt/methods/https
_apt       96230  0.0  0.0  15460  6760 ?        S    Aug25   0:00 /usr/lib/apt/methods/gpgv
root      157634  0.0  0.0   7012  2176 pts/1    S+   14:59   0:00 grep --color=auto apt

Code:

pstree -p 96203
apt-get(96203)─┬─gpgv(96230)
               ├─http(96214)
               ├─http(96217)
               ├─http(96218)
               ├─https(96215)
               ├─https(96216)
               └─https(96221)

Disabled the daily update and upgrade services to test..

 

i have the same issue on several ubuntu 22.04 vps's.. all auto-installs..
3 aws ec2 instances and 1 digitalocean droplet..

1 control panel server with roundcube.
1 mailserver,
2 dns servers.
all have unattended-upgrades installed..
webservers don't currently have unattended-upgrades and haven't yet displayed any such issue.

but the issue doesn't always happen to every server running unattended-upgrades.
when it does happen, if i restart the unattended-upgrades service i can then run apt-update manually.
that said, they were all rebooted 2 days ago after a few manual config changes, and all can run apt-update manually right now without issue.

i know it's not down to not commenting out:

Code:

"${distro_id}:${distro_codename}-updates";

as alluded to in an earlier post, as that was already uncommented on all these servers and the issue still occurred.

believe the issue is the unattended-upgrades service installing upgrades that need a reboot. i believe it then only marks apt-upgrade as around 93% complete, and doesn't release the lockfile, if a reboot isn't needed, the upgrades complete and apt-update can then be run manually.

i have unattended-upgrades limited to upgrading on a schedule.
apt-daily-update.timer is unchanged from installed default, ie twice daily with random delays.
apt-daily-upgrade.timer is set to limit installing upgrades to sundays at 6am (gmt)
so i should be able to check more soon.

 

ok.. upgrades auto-installed on each server, only 1 of them states it needs a reboot. (kernel update)

i ran apt update manually on all of them without issue. so back to square one..
will keep checking, see if the issue resurfaces..

only other thing that i've changed is i was editing the file /var/lib/systemd/system/apt-daily-upgrade.timer but i found out those edits got wiped out when unattended-upgrades upgraded itself last week, so i copied that file to the /etc/systemd/system folder before the reboot earlier this week.. but i can't see how that would make any difference to this issue.

 

I've never had a problem with this sort of thing myself. It only occurs after the ISPConfig easy installation. I also completely uninstalled unattended upgrades and that didn't fix it either.

 

Code:

root@cp:/home/ubuntu# apt update
Reading package lists... Done
E: Could not get lock /var/lib/apt/lists/lock. It is held by process 20662 (apt-get)
N: Be aware that removing the lock file is not a solution and may break your system.
E: Unable to lock directory /var/lib/apt/lists/

Unattended updates disabled & deleted
Daily/weekly timers disabled.

Code:

 systemctl status apt-daily.timer
○ apt-daily.timer - Daily apt download activities
     Loaded: loaded (/lib/systemd/system/apt-daily.timer; disabled; vendor preset: enabled)
     Active: inactive (dead)
    Trigger: n/a
   Triggers: ● apt-daily.service

Still locking with Ubuntu 22.04..

 

i can't say that it doesn't affect older versions of ubuntu... i have got messages about apt update being locked on older versions, but i never really paid them much attention.. i was busy at those times.. and from memory.. usually the server had just been rebooted, so it may have been i'd just installed some updates and rebooted and it was checking for updates automatically just after the restart, and at the time i tried a manual update.. i just know i've not used unattended-upgrades on anything before ubuntu 22.04.

and now, i can't even be sure it is unattended-upgrades even causing the issue.. i tested on friday.. of the 4 servers with unattended-upgrades installed, 3 were stating that apt update was locked.. i did try restarting the unattended-upgrades service on one of those, but even after that, it still said apt update was locked..

all 4 servers installed updates as scheduled this morning... all stated a reboot was required (not done automatically).
of the 3 where apt update was locked on friday, it was still locked after the updates were installed..
the one where apt update worked, it still worked after the updates were installed. but on friday, it said there were 60+ updates available, during the unattended-upgrades scheduled update, it installed kernel updates, requiring a reboot, but 67 updates (all php 8.0-8.2 updates) were not installed, and still listed as upgradable after unattended-upgrades had finished.

i've rebooted all 4 servers.. and successfully ran apt update manually on them afterwards..
the 3 where apt update was previously locked, no further updates were available.
for the one where apt update hadn't got locked, and 67 updates were available, it still listed 67 updates as available after the reboot.
i could update those manually, but i'm prepared to wait and see what unattended-upgrades does at it's next scheduled run next sunday.

 

Unattended upgrades as default does not install updates from outside sources like Ondrej Surys PHP repo. See my Unattended Upgrades Tutorial, link in my signature.

 

cool... i thought i had already added the ondrej php repo to the unattended-upgrades config.. but maybe i only did that on a test install.

 

Maybe you did not create a file for local configuration, and new version of unattended_upgrade overwrote your config?