Why do apache2 upgrades remove and not re-install libapache2-mod-php5?
- by nutznboltz
We repeatedly see that when an apache2 update arrives and is installed it causes the libapache2-mod-php5 package to be removed and does not subsequently re-install it automatically.
We must subsequently re-install the libapache2-mod-php5 manually in order to restore functionality to our web server.
Please see the following github gist, it is a contiguous section of our server's dpkg.log showing the November 14, 2011 update to apache2:
https://gist.github.com/1368361
it includes
2011-11-14 11:22:18 remove libapache2-mod-php5 5.3.2-1ubuntu4.10 5.3.2-1ubuntu4.10
Is this a known issue? Do other people see this too? I could not find any launchpad bug reports about it.
Platform details:
$ lsb_release -ds
Ubuntu 10.04.3 LTS
$ uname -srvm
Linux 2.6.38-12-virtual #51~lucid1-Ubuntu SMP Thu Sep 29 20:27:50 UTC 2011 x86_64
$ dpkg -l | awk '/ii.*apache/ {print $2 " " $3 }'
apache2 2.2.14-5ubuntu8.7
apache2-mpm-prefork 2.2.14-5ubuntu8.7
apache2-utils 2.2.14-5ubuntu8.7
apache2.2-bin 2.2.14-5ubuntu8.7
apache2.2-common 2.2.14-5ubuntu8.7
libapache2-mod-authnz-external 3.2.4-2+squeeze1build0.10.04.1
libapache2-mod-php5 5.3.2-1ubuntu4.10
Thanks
At a high-level the update process looks like:
package package_name do
action :upgrade
case node[:platform]
when 'centos', 'redhat', 'scientific'
options '--disableplugin=fastestmirror'
when 'ubuntu'
options '-o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold"'
end
end
But at a lower level
def install_package(name, version)
run_command_with_systems_locale(
:command = "apt-get -q -y#{expand_options(@new_resource.options)} install #{name}=#{version}",
:environment = {
"DEBIAN_FRONTEND" = "noninteractive"
}
)
end
def upgrade_package(name, version)
install_package(name, version)
end
So Chef is using "install" to do "update".
This sort of moves the question around to "how does apt-get safe-upgrade" remember to re-install libapache-mod-php5?
The exact sequence of packages that triggered this was:
apache2
apache2-mpm-prefork
apache2-mpm-worker
apache2-utils
apache2.2-bin
apache2.2-common
But the code is attempting to run checks to make sure the packages in that list are installed already before attempting to "upgrade" them.
case node[:platform]
when 'debian', 'centos', 'fedora', 'redhat', 'scientific', 'ubuntu'
# first primitive way is to define the updates in the recipe
# data bags will be used later
%w/
apache2
apache2-mpm-prefork
apache2-mpm-worker
apache2-utils
apache2.2-bin
apache2.2-common
/.each{ |package_name|
Chef::Log.debug("is #{package_name} among local packages available for changes?")
next unless node[:packages][:changes].keys.include?(package_name)
Chef::Log.debug("is #{package_name} available for upgrade?")
next unless node[:packages][:changes][package_name][:action] == 'upgrade'
package package_name do
action :upgrade
case node[:platform]
when 'centos', 'redhat', 'scientific'
options '--disableplugin=fastestmirror'
when 'ubuntu'
options '-o Dpkg::Options::="--force-confdef" -o Dpkg::Options::="--force-confold"'
end
end
tag('upgraded')
}
# after upgrading everything, run yum cache updater
if tagged?('upgraded')
# Remove old orphaned dependencies and kernel images and kernel headers etc.
# Remove cached deb files.
case node[:platform]
when 'ubuntu'
execute 'apt-get -y autoremove'
execute 'apt-get clean'
# Re-check what updates are available soon.
when 'centos', 'fedora', 'redhat', 'scientific'
node[:packages][:last_time_we_looked_at_yum] = 0
end
untag('upgraded')
end
end
But it's clear that it fails since the dpkg.log has
2011-11-14 11:22:25 install apache2-mpm-worker 2.2.14-5ubuntu8.7
on a system which does not currently have apache2-mpm-worker. I will have to discuss this with the author, thanks again.
