Automatic-Reboot-With(out)Users or as soon as possible

[kousu]

I've been using unattended-upgrades to great effect for a couple years now to keep a small lab of Debian/Ubuntu systems up to date. My users don't like losing their batch jobs when the automatic reboot happens though, so I set it to only happen once a week:

Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "19:00";
Unattended-Upgrade::Update-Days {4};

and in practice this really means once every two weeks, because it only really triggers when the kernel gets an update. This two week cycle has reduced the friction with my users but it still means an occasional unlucky batch job dies overnight and has to be re-run.

Today I learned about Automatic-Reboot-WithUsers (by reading the code, the debian wiki doesn't mention it). That seems like it would be ideal! It would mean batch jobs could block the shutdown. However, if I add it to my current config

Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "19:00";
Unattended-Upgrade::Update-Days {4};
Unattended-Upgrade::Automatic-Reboot-WithUsers "false"; 

it goes too far in the other direction, meaning the required reboot can't happen until at least the next week.

Code Trace

If I understand this correctly:

unattended-upgrades/unattended-upgrade

Lines 2107 to 2109 in 5f979a2

	# check if today is a patch day
	if not is_update_day():
	return UnattendedUpgradesResult(True)

plus this default:

unattended-upgrades/unattended-upgrade

Line 650 in 5f979a2

update_stamp=False # type: bool

plus

unattended-upgrades/unattended-upgrade

Lines 2060 to 2065 in 5f979a2

	if res.update_stamp:
	# write timestamp file
	write_stamp_file()
	if not options.dry_run:
	# check if the user wants a reboot
	reboot_if_requested_and_needed()

Means it can't try to reboot unless it's an update day. In fact it won't try unless it gets all the way through run() -- any error will throw it off, jamming up the reboot cycle (probably making the system state more fragile).

---

I'm hoping I can arrange it so that if /var/run/upgrade-required exists but Unattended-Upgrade::Automatic-Reboot-WithUsers "false", then unattended-upgrades will reboot as soon as (or close to) everyone logs out. Is this possible?

I could drop the weekly schedule

Unattended-Upgrade::Automatic-Reboot "true";
Unattended-Upgrade::Automatic-Reboot-Time "19:00";
Unattended-Upgrade::Automatic-Reboot-WithUsers "false";

and then it run once a day, but only once a day, so it's likely it will miss its window of opportunity -- a single stray idle connection will block the reboot.

An alternate solution, though I haven't tested, is to instead set

Unattended-Upgrade::Automatic-Reboot "false";
Unattended-Upgrade::InstallOnShutdown "true";

and then write a separate, more aggressive, cronjob that reimplements the Automatic-Reboot-WithUsers logic:

# /etc/cron.d/automatic-reboot
*/15 * * * *     root      [ -f /var/run/reboot-required ] && [ "$(users)" = "" ] && reboot

but I'd rather keep everything tidy inside unattended-upgrades.

Is there a canonical way to configure unattended-upgrades on multiuser systems? Thank you in advance for taking the time to read through this and any pointers you can toss back my way. 🌸

[a-detiste]

I did this feature back then... your problem is interresting, I'll have a look