Distributor ID: Ubuntu
Description: Ubuntu 18.04.2 LTS
Release: 18.04
Codename: bionic
During unattended-upgrade the CPU use 100% of resouce for 4 hours
Example:
unattended-upgrade –dry-run –debug
2019-02-16 10:34:46,087 INFO Enabled logging to syslog via daemon facility
2019-02-16 10:34:46,087 INFO Initial blacklisted packages:
2019-02-16 10:34:46,088 INFO Initial whitelisted packages:
2019-02-16 10:34:46,088 INFO Starting unattended upgrades script
2019-02-16 10:34:46,088 INFO Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
2019-02-16 10:34:56,044 INFO Enabled logging to syslog via daemon facility
2019-02-16 10:34:56,045 INFO Initial blacklisted packages:
2019-02-16 10:34:56,045 INFO Initial whitelisted packages:
2019-02-16 10:34:56,045 INFO Starting unattended upgrades script
*2019-02-16 10:34:56,046 INFO Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
2019-02-16 10:34:56,290 DEBUG Using (^linux-image|^linux-headers|^linux-image-extra|^linux-modules|^linux-modules-extra|^linux-signed-image|^kfreebsd-image|^kfreebsd-headers|^gnumach-image|^.*-modules|^.*-kernel|^linux-backports-modules-
.*|^linux-modules-.*|^linux-tools|^linux-cloud-tools) regexp to find kernel packages
2019-02-16 10:34:56,294 DEBUG Using (^linux-image.*4.15.0-45-generic|^linux-headers.*4.15.0-45-generic|^linux-image-extra.*4.15.0-45-generic|^linux-modules.*4.15.0-45-generic|^linux-modules-extra.*4.15.0-45-generic|^linux-signed-image.*4
.15.0-45-generic|^kfreebsd-image.*4.15.0-45-generic|^kfreebsd-headers.*4.15.0-45-generic|^gnumach-image.*4.15.0-45-generic|4.15.0-45-generic.*-modules|4.15.0-45-generic.*-kernel|^linux-backports-modules-.*.*4.15.0-45-generic|^linux-modul
es-.*.*4.15.0-45-generic|^linux-tools.*4.15.0-45-generic|^linux-cloud-tools.*4.15.0-45-generic) regexp to find running kernel packages
2019-02-16 10:34:57,345 DEBUG pkgs that look like they should be upgraded:
2019-02-16 10:37:17,591 INFO Enabled logging to syslog via daemon facility
2019-02-16 10:37:17,592 INFO Initial blacklisted packages:
2019-02-16 10:37:17,593 INFO Initial whitelisted packages:
2019-02-16 10:37:17,593 INFO Starting unattended upgrades script
2019-02-16 10:37:17,593 INFO Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
2019-02-16 10:37:17,836 DEBUG Using (^linux-image|^linux-headers|^linux-image-extra|^linux-modules|^linux-modules-extra|^linux-signed-image|^kfreebsd-image|^kfreebsd-headers|^gnumach-image|^.*-modules|^.*-kernel|^linux-backports-modules-
.*|^linux-modules-.*|^linux-tools|^linux-cloud-tools) regexp to find kernel packages
2019-02-16 10:37:17,840 DEBUG Using (^linux-image.*4.15.0-45-generic|^linux-headers.*4.15.0-45-generic|^linux-image-extra.*4.15.0-45-generic|^linux-modules.*4.15.0-45-generic|^linux-modules-extra.*4.15.0-45-generic|^linux-signed-image.*4
.15.0-45-generic|^kfreebsd-image.*4.15.0-45-generic|^kfreebsd-headers.*4.15.0-45-generic|^gnumach-image.*4.15.0-45-generic|4.15.0-45-generic.*-modules|4.15.0-45-generic.*-kernel|^linux-backports-modules-.*.*4.15.0-45-generic|^linux-modul
es-.*.*4.15.0-45-generic|^linux-tools.*4.15.0-45-generic|^linux-cloud-tools.*4.15.0-45-generic) regexp to find running kernel packages
2019-02-16 10:37:18,903 DEBUG pkgs that look like they should be upgraded:
2019-02-16 14:22:00,768 DEBUG fetch.run() result: 0
2019-02-16 14:22:00,769 DEBUG blacklist: []
2019-02-16 14:22:00,769 DEBUG whitelist: []
2019-02-16 14:22:00,771 INFO No packages found that can be upgraded unattended and no pending auto-removals
2019-02-16 10:37:18,903 DEBUG pkgs that look like they should be upgraded:
2019-02-16 14:22:00,768 DEBUG fetch.run() result: 0
This is a "manual run" but the issue is also present during automatic-updates:
3541 ? Ss 0:00 /bin/sh /usr/lib/apt/apt.systemd.daily update
3546 ? S 0:00 \_ /bin/sh /usr/lib/apt/apt.systemd.daily lock_is_held update
4072 ? Rl 158:20 \_ /usr/bin/python3 /usr/bin/unattended-upgrade --download-only
==UPDATE==
today there are updates, but this is the result (top):
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
23271 root 20 0 269328 181084 49932 R 100.0 4.5 0:22.21 unattended-upgr
and still waiting here from hours with CPU 100%….
# unattended-upgrade --dry-run --debug
Enabled logging to syslog via daemon facility
Initial blacklisted packages:
Initial whitelisted packages:
Starting unattended upgrades script
Allowed origins are: o=Ubuntu,a=bionic, o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
Using (^linux-image|^linux-headers|^linux-image-extra|^linux-modules|^linux-modules-extra|^linux-signed-image|^kfreebsd-image|^kfreebsd-headers|^gnumach-image|^.*-modules|^.*-kernel|^linux-backports-modules-.*|^linux-modules-.*|^linux-tools|^linux-cloud-tools) regexp to find kernel packages
Using (^linux-image.*4.15.0-45-generic|^linux-headers.*4.15.0-45-generic|^linux-image-extra.*4.15.0-45-generic|^linux-modules.*4.15.0-45-generic|^linux-modules-extra.*4.15.0-45-generic|^linux-signed-image.*4.15.0-45-generic|^kfreebsd-image.*4.15.0-45-generic|^kfreebsd-headers.*4.15.0-45-generic|^gnumach-image.*4.15.0-45-generic|4.15.0-45-generic.*-modules|4.15.0-45-generic.*-kernel|^linux-backports-modules-.*.*4.15.0-45-generic|^linux-modules-.*.*4.15.0-45-generic|^linux-tools.*4.15.0-45-generic|^linux-cloud-tools.*4.15.0-45-generic) regexp to find running kernel packages
Checking: libnss-systemd ([<Origin component:'main' archive:'bionic-updates' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>, <Origin component:'main' archive:'bionic-security' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>])
Checking: libpam-systemd ([<Origin component:'main' archive:'bionic-updates' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>, <Origin component:'main' archive:'bionic-security' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>])
Checking: libpci3 ([<Origin component:'main' archive:'bionic-updates' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>])
adjusting candidate version: libpci3=1:3.5.2-1ubuntu1
Checking: libsystemd0 ([<Origin component:'main' archive:'bionic-updates' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>, <Origin component:'main' archive:'bionic-security' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>])
Checking: libudev1 ([<Origin component:'main' archive:'bionic-updates' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>, <Origin component:'main' archive:'bionic-security' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>])
Checking: pciutils ([<Origin component:'main' archive:'bionic-updates' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>])
adjusting candidate version: pciutils=1:3.5.2-1ubuntu1
Checking: systemd ([<Origin component:'main' archive:'bionic-updates' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>, <Origin component:'main' archive:'bionic-security' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>])
Checking: systemd-sysv ([<Origin component:'main' archive:'bionic-updates' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>, <Origin component:'main' archive:'bionic-security' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>])
Checking: udev ([<Origin component:'main' archive:'bionic-updates' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>, <Origin component:'main' archive:'bionic-security' origin:'Ubuntu' label:'Ubuntu' site:'archive.ubuntu.com' isTrusted:True>])
pkgs that look like they should be upgraded: libnss-systemd
libpam-systemd
libsystemd0
libudev1
systemd
systemd-sysv
udev
I still think that Ubuntu is the worst linux distribution…
[UPDATE]
I discovered the issue!
The problem only happens when I have many routing tables…
Inexplicable, but reproducible on all installations
Best Answer
Consider turning off unattended upgrades in APT. Disable it by doing a
grep -R Unattended /etc/apt
and looking for:APT::Periodic::Unattended-Upgrade "1";
Then, change the 1 to a 0. You can try to restart the unattended-upgrade service, but sometimes it's actually faster to just reboot the whole machine.