flatcar
Flatcar update-engine fails to update due to GitHub OAuth redirect and network connectivity issues
Description
I am trying to perform a system update on Flatcar Linux using the update_engine_client -update command, but it fails to successfully check for or apply updates.
Environment and steps to reproduce
- Set-up:
# uname -a
Linux flatcar-autoupdate 6.6.110-flatcar #1 SMP PREEMPT_DYNAMIC Sun Oct 12 22:36:11 -00 2025 x86_64 Intel Xeon Processor (Skylake, IBRS) GenuineIntel GNU/Linux
- Task: I am attempting to perform a system update on Flatcar Linux using the command:
# sudo update_engine_client -update
I20251024 12:01:23.361995 52721 update_engine_client.cc:251] Initiating update check and install.
I20251024 12:01:23.365397 52721 update_engine_client.cc:256] Waiting for update to complete.
LAST_CHECKED_TIME=0
PROGRESS=0.000000
CURRENT_OP=UPDATE_STATUS_CHECKING_FOR_UPDATE
NEW_VERSION=0.0.0
NEW_SIZE=0
LAST_CHECKED_TIME=0
PROGRESS=0.000000
CURRENT_OP=UPDATE_STATUS_IDLE
NEW_VERSION=0.0.0
NEW_SIZE=0
I20251024 12:01:33.744167 52721 update_engine_client.cc:194] No update available
# ping public.update.flatcar-linux.net
PING nebraska-lb-746246376.eu-central-1.elb.amazonaws.com (52.58.225.254) 56(84) bytes of data.
--- nebraska-lb-746246376.eu-central-1.elb.amazonaws.com ping statistics ---
9 packets transmitted, 0 received, 100% packet loss, time 8199ms
- Action(s): I am able to curl to the url, but it is redirecting to the github authentication.
curl -v https://public.update.flatcar-linux.net/v1/update/
****
> GET /v1/update/ HTTP/2
> Host: public.update.flatcar-linux.net
> User-Agent: curl/8.11.1
> Accept: */*
>
* Request completely sent off
< HTTP/2 307
< date: Fri, 24 Oct 2025 06:34:36 GMT
< content-length: 0
< location: https://github.com/login/oauth/authorize?access_type=online&client_id=Iv1.2a8c84944d8da7f8&response_type=code&scope=read%3Aorg&state=GFZNO4CR46Z27X4EEJHVB2GZRUWUCPBF7IR2QCGFS57JNBLLAJUJ6HO6PJWXSP7V
< set-cookie: github=MTc2MTI4NzY3NXxraDl1SG5TMWp4SjZJRFVqZkxBam9UYWdSaExQVWVtS2ZRZlViM2pkZG1NMlhqY3VaYWpKS0o3Qk14aHVOaDhPaXNlNjNibDNXQThKb3hRT2NYTkI5OC0zQkgtS20xQW5Ibk1Ma1BJbDZxVnNPMlJ2fKQwuqOqerfE8BruI1Y0HgvdssObzBuUMpBPoItcca6-; Path=/; Max-Age=2592000
< vary: Origin
< x-request-id: kkcpslUnoCquWbjqrgLMXAZOqZMFtYPR
<
* Connection #0 to host proxy left intact
- Error: This task consistently fails to complete the update, blocking any system version upgrades.
# systemctl status update-engine
● update-engine.service - Update Engine
Loaded: loaded (/usr/lib/systemd/system/update-engine.service; enabled; preset: disabled)
Active: active (running) since Fri 2025-10-24 11:52:23 IST; 30min ago
Invocation: df142990a828415b8f8ba2d435911e4d
Main PID: 52309 (update_engine)
Tasks: 1 (limit: 30972)
Memory: 1.8M (peak: 2.6M)
CPU: 37ms
CGroup: /system.slice/update-engine.service
└─52309 /usr/sbin/update_engine -foreground -logtostderr
Oct 24 12:01:33 flatcar-autoupdate update_engine[52309]: </request>
Oct 24 12:01:33 flatcar-autoupdate update_engine[52309]: I20251024 12:01:33.742151 52309 libcurl_http_fetcher.cc:47] Starting/Resuming transfer
Oct 24 12:01:33 flatcar-autoupdate update_engine[52309]: I20251024 12:01:33.742404 52309 libcurl_http_fetcher.cc:151] Setting up curl options for HTTP
Oct 24 12:01:33 flatcar-autoupdate update_engine[52309]: E20251024 12:01:33.742444 52309 libcurl_http_fetcher.cc:266] Unable to get http response code: URL rejected: Malformed input to a URL function
Oct 24 12:01:33 flatcar-autoupdate update_engine[52309]: I20251024 12:01:33.742486 52309 libcurl_http_fetcher.cc:297] Transfer resulted in an error (0), 0 bytes downloaded
Oct 24 12:01:33 flatcar-autoupdate update_engine[52309]: I20251024 12:01:33.742502 52309 omaha_request_action.cc:617] Omaha request response:
Oct 24 12:01:33 flatcar-autoupdate update_engine[52309]: I20251024 12:01:33.742518 52309 action_processor.cc:65] ActionProcessor::ActionComplete: finished last action of type OmahaRequestAction
Oct 24 12:01:33 flatcar-autoupdate update_engine[52309]: I20251024 12:01:33.742534 52309 action_processor.cc:73] ActionProcessor::ActionComplete: finished last action of type OmahaRequestAction
Oct 24 12:01:33 flatcar-autoupdate update_engine[52309]: I20251024 12:01:33.742548 52309 update_attempter.cc:306] Processing Done.
Oct 24 12:01:33 flatcar-autoupdate update_engine[52309]: I20251024 12:01:33.742563 52309 update_attempter.cc:310] Error event sent.
Expected behavior
The updates should have worked as below URLs are already whitelisted through proxy. https://stable.release.flatcar-linux.net/ https://public.update.flatcar-linux.net/**
It should be able to update the server, if updates are not available then the LAST_CHECKED_TIME=0 should be updated accordingly and no error should be thrown.
Hi, thanks for the detailed report.
FYI the redirect to Github OAuth is expected, one is not supposed to GET but to POST on this endpoint:
$ curl -X POST --head --location https://public.update.flatcar-linux.net/v1/update/
HTTP/2 200
What is your current Flatcar version ?
Hi, Thanks for quick response.
Please find the Flatcar version below.
NAME="Flatcar Container Linux by Kinvolk"
ID=flatcar
ID_LIKE=coreos
VERSION=4230.2.4
VERSION_ID=4230.2.4
BUILD_ID=2025-10-12-2304
SYSEXT_LEVEL=1.0
PRETTY_NAME="Flatcar Container Linux by Kinvolk 4230.2.4 (Oklo)"
ANSI_COLOR="38;5;75"
HOME_URL="https://flatcar.org/"
BUG_REPORT_URL="https://issues.flatcar.org"
FLATCAR_BOARD="amd64-usr"
CPE_NAME="cpe:2.3:o:flatcar-linux:flatcar_linux:4230.2.4:*:*:*:*:*:*:*"```
Ok thanks. So this is the last version, no error nor update should be reported.
From 4230.2.4, if you run again: update_engine_client -update, what do you see in the logs: journalctl --boot -u update-engine -o cat --no-pager ?
Maybe it was a transient error? Do you run in a custom network setup? (e.g proxy)