Auto-Update Failing: Fedora 40

Question

Auto-Update Failing: Fedora 40

shladek opened this issue 18 days ago · comments

What is the issue?

1.66.3 was released today , and I was trying to update it on a node that has auto-updates enabled. I went to the admin console and hit the "start update" button and received the notification that it was up and running.

Looking at the node in question I see from the journal:

May 15 20:53:39 appland tailscaled[623]: c2n: update command failed: exit status 1, output: Failed to start transient service unit: Connection reset by peer
May 15 20:53:39 appland systemd[1]: tailscaled.service: Got notification message from PID 3462, but reception only permitted for main PID 623
May 15 20:53:39 appland systemd[1]: tailscaled.service: Got notification message from PID 3462, but reception only permitted for main PID 623
May 15 20:53:39 appland tailscaled[623]: c2n: running "systemd-run --wait --pipe --collect /usr/bin/tailscale update --yes"
May 15 20:53:38 appland tailscaled[623]: c2n: GET /update received
May 15 20:53:38 appland tailscaled[623]: c2n: POST /update received

The update doesn't complete and dnf update does show it as still available:

sudo dnf update tailscale

Last metadata expiration check: 0:14:44 ago on Wed 15 May 2024 10:12:07 PM EDT.
Dependencies resolved.

Package Architecture Version Repository Size

Upgrading:
tailscale aarch64 1.66.3-1 tailscale-stable 25 M

Transaction Summary

Upgrade 1 Package

Don't see a similar issue, so thought I'd raise this one.

Steps to reproduce

See the upgrade available arrow in Admin Console
Click start upgrade
Upgrade says successful, but still doesn't apply the upgrade

Are there any recent changes that introduced the issue?

N/A

OS

Linux

OS version

Fedora 40

Tailscale version

1.66.1

Other software

This system runs nftables with a very basic firewall:
sudo cat /etc/sysconfig/nftables.conf
#This is our tailscale exit node firewall that will
#reside in another location other than our own
#don't trust anything coming in on the local network
#that we haven't established
#but always allow incoming tailscale connections

table inet firewall {
chain incoming {
type filter hook input priority 0; policy accept;
ct state vmap { invalid : drop, established : accept, related : accept }
iifname {end0, wlan0} drop
}
}

Bug report

BUG-4cdf818b0f9a73b8744cf16b6c8d23574f592b71d9cd3d1759d417d0dddac21d-20240516023044Z-2d19ef9f795e6ec1

tailscale / tailscale

Auto-Update Failing: Fedora 40

What is the issue?

Last metadata expiration check: 0:14:44 ago on Wed 15 May 2024 10:12:07 PM EDT.
Dependencies resolved.

Package Architecture Version Repository Size

Transaction Summary

Steps to reproduce

Are there any recent changes that introduced the issue?

OS

OS version

Tailscale version

Other software

Bug report

Auto-Update Failing: Fedora 40

What is the issue?

Last metadata expiration check: 0:14:44 ago on Wed 15 May 2024 10:12:07 PM EDT. Dependencies resolved.

Package Architecture Version Repository Size

Transaction Summary

Steps to reproduce

Are there any recent changes that introduced the issue?

OS

OS version

Tailscale version

Other software

Bug report

Last metadata expiration check: 0:14:44 ago on Wed 15 May 2024 10:12:07 PM EDT.
Dependencies resolved.