Desktop Environment: No DM, FVWM configured via .xsession and started via startx, KDE metapackage installed for apps, but otherwise not used
Problem Description:
Today a very strange problem appeared with forking.
Other strange things were there that felt like some maybe version conflicts after background updates.
I sighed and decided to reboot.
And then was greeted by a graphics screen I never saw before: “Kubuntu”.
Until that, the computer booted normally into text mode. Not into some graphical login screen.
(Again, this is Ubuntu Server… is it any longer… ?!? confused )
Login into FVWM worked, but the problem with forking persisted. Rolling back my scripts to older versions did not make the forking problem disappear.
Could this maybe have been caused by a remote update, as we know it from certain OSes, which sort of “upgraded” to another version?
Wasn’t there some advertising of no longer needing to reboot Ubuntu LTS after updates or something like that?
So, are there any auto-updates activated by default on Ubuntu LTS?
Anyway, I guess it is time to set up a new installation
The strange thing is that the KDE metapackage did not cause problems before.
In particular, I do not recall that installations started to boot into a DM.
This happened all of a sudden months after installation of the KDE package.
Thus I have the strong feeling that there could be some auto-update involved.
So I want to make sure that no kind of autoupdating is active.
Had you used 24.04 or noble?, as metapackages will differ between releases, as each release has its own packaging (thus dependencies can vary between releases).
You can view your apt logs for when & why you installed packages (if you didn’t scan what would be installed when you installed packages; eg. used a -y or something & accepted everything)
I found that “kubuntu-desktop” was installed two months ago.
I tried this to find out whether this made the poorly-working packages for the KDE stuff I actually use (Konsole, Kate, Dolphin, Spectacle) work better (e.g less missing icons and other resources).
Maybe installing “kubuntu-desktop” is what destroyed the system configuration. I am not familiar with Ubuntu, but I believe that installing a package should not destroy the system configuration.
But, what is even worse, the apt logs show constant unattended updates every few days. Yikes!
What exactly “was destroyed” ? Ubuntu has never used startx anywhere, if you have created an ~/.xsession file it will not have been touched either and you should still get the very same session when you run startx in a console, no .deb has ever touched user configuration in your home dir in any ubuntu release…
On the other hand you told it to install a fully blown kubuntu desktop session on a server machine which indeed brings along everything needed for this, including a graphical login manager etc
Yes, it is a well documented procedure that Ubuntu installs security updates in the background (since 2018 or 2020 IIRC), to not leave you with open zero day exploits. It was documented in the release notes of the release that turned this on several years ago and was a long standing asked feature of enterprises running server farms that are reachable on the internet…
If you prefer to keep your server insecure and vulnerable (or your server is not exposed online in any way), you can always turn this off with the apt-config command:
Thank you @ogra for your excellent explanation.
I didn’t know that installing kubuntu-desktop does more than just installing KDE. Now I know.
Is there any meta package that installs full KDE (eg. complete resource set) but leaves the startup untouched?
Regarding the automatic updates, I did not know that that these are now opt-out instead of opt-in.
The system in question is a development system not exposed to the internet, and there it is preferrable to update manually only at times where this does not interfere with development.
I forgot to mention that, according to the apt log, a month ago the automatic updates stopped.
That was immediately after I reinstalled Python and then installed Docker.
No idea why. Maybe some Python failure? Or Docker turns automatic updates off to avoid breakage? Or have there been just no security updates in June?
So this is even more strange.
Unattended upgrades at least don’t look very deactivated:
Why did you have to do this and how ? IIRC unattended-upgrade indeed uses python, if you installed some third party python that is not compatible with the OS or has its modules in a different place you might indeed have caused some breakage …
Docker is likely not at fault here (though I usually do not touch it with a ten foot pole, so I have no first hand experience, if I use containers I use the original implementation instead (LXD))
Well I need some server written in Python and iirc it said it needs newer Python than on the system, I looked and saw there is a more recent Python version available and thought, why not upgrade?
But of course, Python, enough said. I ended up installing a docker image to get the thing run.
You are right imho, there exists software that is so radioactive that one wants to keep distance.
Sounds like unattended-upgrades pulled in a display manager with KDE stuff. That’s why you saw Kubuntu. Forking issue might be unrelated. Yeah, fresh install is probably cleanest.
No, this is not possible, unattended-upgrades only installs security fixes of already installed packages unless you explicitly re-configure it to do something else.
Please re-read the whole thread above, the OP explicitly installed the kubuntu-desktop package by hand which indeed pulls in a display manager (SDDM I think) for kubuntu
On any installation the first thing I do is stop all unattended upgrades.
This is what I do:
‘’'Steps to Disable Unattended Upgrades on Ubuntu
Follow these steps carefully to disable automatic updates on your Ubuntu system. This will give you full control over when and how updates are installed, which is crucial for managing dependencies and system stability, especially when you need to ensure that updates do not disrupt existing software configurations.
Disable the Unattended-Upgrades Service: The first step is to stop the unattended-upgrades service from running automatically.
$ sudo systemctl disable --now unattended-upgrades
This command stops the ‘unattended-upgrades’ service if it is currently running and prevents it from starting during the system boot. Disabling this service ensures that no upgrades are applied without your intervention.
Edit the 20auto-upgrades File: To take control over the automatic installation of updates, modify the apt configuration file.
$ sudo nano(or whatever editor you use) /etc/apt/apt.conf.d/20auto-upgrades
You need to insert or update the following lines:
APT::Periodic::Update-Package-Lists "1"; // "1" enables, "0" disables automatic checking for new packages
APT::Periodic::Unattended-Upgrade "0"; // Setting to "0" disables automatic installations
This configuration ensures the package lists are still updated regularly if set to 1 (useful for manual upgrades), but prevents any updates from being installed automatically by setting Unattended-Upgrade to 0. To completely disable automatic checking for updates, change APT::Periodic::Update-Package-Lists to 0. This stops your system from even checking for new updates automatically, thereby requiring you to manually check and update your packages to maintain system security and performance.
Disabled unattended upgrades in 20auto-upgrades File
Disabled unattended upgrades in 20auto-upgrades File'''
My original post was defaced by a moderator instilling his opinion over the top of my post.
This is not acceptable in a free forum such as this. Just because he happens to disagree with my post does not entitle him to censor or add a caution to the top of my post and further restrict my subsequent editing. What sort of forum do we want? I am absolutely incensed by the arrogance of this action.
EDIT: It is very important to establish a routine of manual updates if you implement this fix.
On any installation the first thing I do is stop all unattended upgrades.
This is what I do:
‘’'Steps to Disable Unattended Upgrades on Ubuntu
Follow these steps carefully to disable automatic updates on your Ubuntu system. This will give you full control over when and how updates are installed, which is crucial for managing dependencies and system stability, especially when you need to ensure that updates do not disrupt existing software configurations.
Disable the Unattended-Upgrades Service: The first step is to stop the unattended-upgrades service from running automatically.
$ sudo systemctl disable --now unattended-upgrades
This command stops the ‘unattended-upgrades’ service if it is currently running and prevents it from starting during the system boot. Disabling this service ensures that no upgrades are applied without your intervention.
Edit the 20auto-upgrades File: To take control over the automatic installation of updates, modify the apt configuration file.
$ sudo nano(or whatever editor you use) /etc/apt/apt.conf.d/20auto-upgrades
You need to insert or update the following lines:
APT::Periodic::Update-Package-Lists "1"; // "1" enables, "0" disables automatic checking for new packages
APT::Periodic::Unattended-Upgrade "0"; // Setting to "0" disables automatic installations
This configuration ensures the package lists are still updated regularly if set to 1 (useful for manual upgrades), but prevents any updates from being installed automatically by setting Unattended-Upgrade to 0. To completely disable automatic checking for updates, change APT::Periodic::Update-Package-Lists to 0. This stops your system from even checking for new updates automatically, thereby requiring you to manually check and update your packages to maintain system security and performance.
Disabled unattended upgrades in 20auto-upgrades File
Disabled unattended upgrades in 20auto-upgrades File'''
Well, that you expose your system to zero-day exploits when disabling security updates is simply a fact, not an “opinion”, so putting such a warning over a post that tells you how to turn off the built-in feature included in the distro to prevent exactly this is definitely not wrong …
It isn’t like anyone censored your post by editing content of it or suppressing anything inside it. You turn off an important built-in security feature of the distro, so people following your post should know what the results of this are (in fact from next year on when the CRA comes into effect it will be illegal in the EU to run systems without automatic security updates and you as a user will be held liable for any damage done from your IP through a system that got hacked due to you turning off the regular security updates) …
(I also find it noticeable that you do not feel the need to mention this in any way or at least tell inexperienced readers that they now should make sure to do regular manual updates to not keep their system vulnerable)
I’m not a moderator here but I personally think such a warning is definitely due in such a topic if it results in potentially making other users systems hackable …
I am closing this topic temporarily to make the following comments:
The Ubuntu developers have spent decades working to bring an operating system to people that is secure out-of-the-box.
This philosophy works for 99% of all users, no matter where they come from or their skill levels.
For those who prefer more fine-grained control over their systems, including how and when to update, those options exist.
But, know this: you are potentially exposing your systems to zero-day exploits and all kinds of other security vulnerabilities.
Therefore, because we are a community whose goal is to provide support to the majority, whose aim is to ensure that Ubuntu is a secure operating system for the majority, it is well within our rights to add banner warnings that action A or command B may cause system instability or expose it to vulnerabilities.
As a community, we ask users that if you suggest such an action you absolutely MUST make it clear in your post that this is not the recommended or necessarily secure way to maintain your install.
I am going to engage Slow Mode for this topic because I want everyone to please take a deep breath and remember that we are supposed to be focused on helping the OP solve their problem and not engage in a discussion about whether disabling this or that feature is advisable.
(LXD))
welcome to the forum!