Ansible.builtin.package - Could not get lock

Get Help
1

Dear community,

I am having some issues when running ansible against target running unattende-upgrades.
Sometimes run failed with this error :

TASK [figlet : Install figlet] *************************************************
fatal: [server01]: FAILED! => {"cache_update_time": 1772446127, "cache_updated": false, "changed": false, "msg": "'/usr/bin/apt-get -y -o \"Dpkg::Options::=--force-confdef\" -o \"Dpkg::Options::=--force-confold\"       install 'figlet=2.2.5-3+b1'' failed: E: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 5374 (unattended-upgr)\nE: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), is another process using it?\n", "rc": 100, "stderr": "E: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 5374 (unattended-upgr)\nE: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), is another process using it?\n", "stderr_lines": ["E: Could not get lock /var/lib/dpkg/lock-frontend. It is held by process 5374 (unattended-upgr)", "E: Unable to acquire the dpkg frontend lock (/var/lib/dpkg/lock-frontend), is another process using it?"], "stdout": "", "stdout_lines": []}

When this happen I just need to re-run the playbook and it works. Now I want to make my playbook bulletproof to this error. After reading documentation, the cleanest way seems to use the module_defaults to increase lock_timeout for ansible.builtin.apt

So I came to this :

---
- name: Commons roles
  hosts: server01
  module_defaults:
    ansible.builtin.apt:
      lock_timeout: 300
  gather_facts: true
  roles:
    - { role: figlet, tags: figlet }

looks like module_defaults was somehow ignored. Any idea on what I did wrong ?

thanks

2

Your post title says you’re using ansible.builtin.package, but the code you shared has a default for ansible.builtin.apt. Those are different modules, and as such, the defaults applied to one won’t apply to the other.

Could you share the code from the role that’s actually doing the package updates?

3

package is an action plugin, that chooses the appropriate module to use on the target system

4

Oh, well, today I learned. Thanks for the insight.

5

hello,

indeed I install the package like this in the role :

---
# tasks file for figlet
- name: Install figlet
  ansible.builtin.package:
    name: figlet
    state: present

My subsystem is debian so ansible.builtin.apt should be use, but maybe the parameter is ignored ?

6

@romgo there was a bug with module_defaults not being recognized as it went by the task action, not the module executed, please check with the latest version of ansible, if it still does not work, open a bug report new issue

7

I am currently using :

ansible [core 2.15.8]
  config file = /root/.ansible.cfg
  configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
  ansible python module location = /builds/path/infra/ansible/venv/lib/python3.11/site-packages/ansible
  ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
  executable location = /builds/path/infra/ansible/venv/bin/ansible
  python version = 3.11.2 (main, Apr 28 2025, 14:11:48) [GCC 12.2.0] (/builds/path/infra/ansible/venv/bin/python3)
  jinja version = 3.1.6
  libyaml = True

The thing is I’m not able to reproduce the error on demand, because this needs unattended upgrades to be busy

8

that version has the bug, its EOL, 2.20 is current version