From 4674c1754e6b3d0c45702c01a0f9a500f6bb5ad1 Mon Sep 17 00:00:00 2001
From: Brian Murray <brian@ubuntu.com>
Date: Mon, 17 Jan 2022 09:52:52 -0800
Subject: [PATCH] kernel/postinst.d/unattended-upgrades: check to see if
 canonical-livepatch is installed and enabled. In the event that it is and it
 says a reboot is required do not update reboot-required files so that only
 one reboot message appears in the message of the day.

---
 debian/changelog                      |  9 +++++++++
 kernel/postinst.d/unattended-upgrades | 23 +++++++++++++++++++++++
 2 files changed, 32 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 9a0fe4d3..e0ecbb1f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+unattended-upgrades (2.9) UNRELEASED; urgency=medium
+
+  * kernel/postinst.d/unattended-upgrades: check to see if canonical-livepatch
+    is installed and enabled. In the event that it is and it says a reboot is
+    required do not update reboot-required files so that only one reboot
+    message appears in the message of the day.
+
+ -- Brian Murray <brian@ubuntu.com>  Mon, 17 Jan 2022 09:52:04 -0800
+
 unattended-upgrades (2.8) unstable; urgency=medium
 
   [ Lucas Moura ]
diff --git a/kernel/postinst.d/unattended-upgrades b/kernel/postinst.d/unattended-upgrades
index 3f54dea3..dafc4913 100755
--- a/kernel/postinst.d/unattended-upgrades
+++ b/kernel/postinst.d/unattended-upgrades
@@ -5,6 +5,29 @@ case "$DPKG_MAINTSCRIPT_PACKAGE::$DPKG_MAINTSCRIPT_NAME" in
       exit 0;;
 esac
 
+KERNEL_UPGRADED=0
+# Prefer showing the canonical-livepatch reboot message if one is required
+if [ -f "/snap/bin/canonical-livepatch" ]; then
+    # k-u-r returns 1 if livepatch isn't enabled or if a reboot isn't required
+    kur_rc=$(/snap/bin/canonical-livepatch kernel-upgrade-required 2> /dev/null)
+    if [ $? -eq 0 ]; then
+        exit 0;
+    elif [ $? -eq 1 ]; then
+        # status returns 1 if livepatch isn't enabled
+        status_rc=$(/snap/bin/canonical-livepatch status 2> /dev/null)
+        if [ $? -eq 0 ]; then
+            KERNEL_UPGRADED=1
+        fi
+    fi
+fi
+
+# while a reboot isn't required for the new kernel it might be for another package
+if [ $KERNEL_UPGRADED -eq 1 ]; then
+    if [ "$(echo $DPKG_MAINTSCRIPT_PACKAGE | cut -c1-5)" = "linux" ]; then
+        exit 0;
+    fi
+fi
+
 if [ -d /var/run ]; then
     touch /var/run/reboot-required
     if ! grep -q "^$DPKG_MAINTSCRIPT_PACKAGE$" /var/run/reboot-required.pkgs 2> /dev/null ; then