Univention Bugzilla – Bug 39306
Use HTTPS by default
Last modified: 2018-06-28 15:57:55 CEST
We will use a user name and a password to access the repository servers: Bug #39305. I think we should switch from HTTP to HTTPS. Before changing the default, we have to change the certificates on the repository and app center servers (https://univinternit.plan.io/issues/153).
(In reply to Stefan Gohmann from comment #0) > Before changing the default, we have to change the certificates on the > repository and app center servers (https://univinternit.plan.io/issues/153). That has been fixed: http://bygga.knut.univention.de/blog/?p=3667
(In reply to Stefan Gohmann from comment #1) > (In reply to Stefan Gohmann from comment #0) > > Before changing the default, we have to change the certificates on the > > repository and app center servers (https://univinternit.plan.io/issues/153). > > That has been fixed: http://bygga.knut.univention.de/blog/?p=3667 See Ticket #2015102021000288.
r64695 | Bug #39305 Updater: Implement repository access restriction r64694 | Bug #39305 Updater: Rework URL concatenation r64693 | Bug #39306 updater: Use https:// by default r64692 | Bug #39306 updater: miscellaneous packaging fixes r64691 | Bug #39306 updater: Switch external URLs to https:// r64690 | Bug #39306 updater: Separate UCS_Version r64689 | Bug #39306 updater: Updater-lock as context manager r64688 | Bug #39306 updater: Fix pyflakes/pep8 issues r64687 | Bug #39306 updater: autopep8 fixes r64686 | Bug #39306 updater: autopep8 Package: univention-updater Version: 11.0.3-1.1412.201510211632 Branch: ucs_4.1-0 r64696 | Bug #39305, Bug #39306 updater CL
(In reply to Philipp Hahn from comment #3) > r64688 | Bug #39306 updater: Fix pyflakes/pep8 issues The following code fails now, it worked previously: >>> from univention.updater import UniventionUpdater Traceback (most recent call last): File "<stdin>", line 1, in <module> ImportError: cannot import name UniventionUpdater >>>
Between DI and system setup a login screen with __systemsetup__ as the user is briefly visible. After this one get this traceback: Traceback (most recent call last): File "/usr/lib/pymodules/python2.7/univention/management/console/base.py", line 283, in execute function(self, request) File "/usr/lib/pymodules/python2.7/univention/management/console/modules/decorators.py", line 318, in _response result = _multi_response(self, request) File "/usr/lib/pymodules/python2.7/univention/management/console/modules/decorators.py", line 462, in _response return list(function(self, iterator, *nones)) File "/usr/lib/pymodules/python2.7/univention/management/console/modules/decorators.py", line 284, in _fake_func yield function(self, *args) File "/usr/lib/pymodules/python2.7/univention/management/console/modules/setup/__init__.py", line 711, in apps_query return util.get_apps(True) File "/usr/lib/pymodules/python2.7/univention/management/console/modules/setup/util.py", line 708, in get_apps package_manager = PackageManager( NameError: global name 'PackageManager' is not defined It seems that import statement (util.py) before the PackageManager failed and so the module is not available.
(In reply to Alexander Kramer from comment #5) > Between DI and system setup a login screen with __systemsetup__ as the user > is briefly visible. After this one get this traceback: > > Traceback (most recent call last): > File "/usr/lib/pymodules/python2.7/univention/management/console/base.py", > line 283, in execute > function(self, request) > File > "/usr/lib/pymodules/python2.7/univention/management/console/modules/ > decorators.py", line 318, in _response > result = _multi_response(self, request) > File > "/usr/lib/pymodules/python2.7/univention/management/console/modules/ > decorators.py", line 462, in _response > return list(function(self, iterator, *nones)) > File > "/usr/lib/pymodules/python2.7/univention/management/console/modules/ > decorators.py", line 284, in _fake_func > yield function(self, *args) > File > "/usr/lib/pymodules/python2.7/univention/management/console/modules/setup/ > __init__.py", line 711, in apps_query > return util.get_apps(True) > File > "/usr/lib/pymodules/python2.7/univention/management/console/modules/setup/ > util.py", line 708, in get_apps > package_manager = PackageManager( > NameError: global name 'PackageManager' is not defined > > > It seems that import statement (util.py) before the PackageManager failed > and so > the module is not available. /me Just noting that this should be fixed in system-setup! → https://forge.univention.org/bugzilla/show_bug.cgi?id=38665
r64762 | Bug #39306 up: Fix backward compatibility re-import UniventionUpdater Package: univention-updater Version: 11.0.3-3.1414.201510221532 Branch: ucs_4.1-0
(In reply to Stefan Gohmann from comment #4) > (In reply to Philipp Hahn from comment #3) > > r64688 | Bug #39306 updater: Fix pyflakes/pep8 issues > > The following code fails now, it worked previously: > > >>> from univention.updater import UniventionUpdater > Traceback (most recent call last): > File "<stdin>", line 1, in <module> > ImportError: cannot import name UniventionUpdater > >>> Another one, maybe also caused by these changes? [2015-10-22 18:24:10.422954] E: updater.log:4483, Traceback (most recent call last): [2015-10-22 18:24:10.422969] File "/usr/share/univention-appcenter/univention-appcenter-register-40-to-41", line 37, in <module> [2015-10-22 18:24:10.422979] import univention.management.console.modules.appcenter.app_center [2015-10-22 18:24:10.422989] File "/usr/lib/pymodules/python2.7/univention/management/console/modules/appcenter/__init__.py", line 57, in <module> [2015-10-22 18:24:10.423001] from univention.updater import UniventionUpdater [2015-10-22 18:24:10.423012] File "/usr/lib/pymodules/python2.7/univention/updater/__init__.py", line 34, in <module> [2015-10-22 18:24:10.423022] from univention.updater.tools import UniventionUpdater # NOQA [2015-10-22 18:24:10.423031] File "/usr/lib/pymodules/python2.7/univention/updater/tools.py", line 54, in <module> [2015-10-22 18:24:10.423040] from ucs_version import UCS_Version [2015-10-22 18:24:10.423051]ImportError: No module named ucs_version Found by Jenkins: http://jenkins.knut.univention.de:8080/job/UCS-4.1/job/UCS-4.1-0/job/Autotest%20MultiEnv/73/SambaVersion=s4,Systemrolle=member/testReport/00_checks/99check_log_files/test/
(In reply to Stefan Gohmann from comment #8) ... > "/usr/share/univention-appcenter/univention-appcenter-register-40-to-41", ... > [2015-10-22 18:24:10.423051]ImportError: No module named ucs_version No, univention-appcenter was broken: Bug #39585 comment 2: Its script use univention-updater and python modules without declaring a dependency on them due to the missing ${*:Depends}, so dpkg is not force to have the package configured.
If univention-repository-create is called, univention-debmirror is installed and sets univention/mirror/server=updates.software-univention.de This should be "univention/mirror/server=https://updates.software-univention.de" → REOPEN
(In reply to Philipp Hahn from comment #9) > (In reply to Stefan Gohmann from comment #8) > ... > > "/usr/share/univention-appcenter/univention-appcenter-register-40-to-41", > ... > > [2015-10-22 18:24:10.423051]ImportError: No module named ucs_version > > No, univention-appcenter was broken: Bug #39585 comment 2: Its script use > univention-updater and python modules without declaring a dependency on them > due to the missing ${*:Depends}, so dpkg is not force to have the package > configured. r65233 | Bug #39306 mirror: Switch mirror to https:// Package: univention-debmirror Version: 7.0.1-2.71.201511051403 Branch: ucs_4.1-0
> r65233 | Bug #39306 mirror: Switch mirror to https:// > > Package: univention-debmirror > Version: 7.0.1-2.71.201511051403 > Branch: ucs_4.1-0 OK: code change OK: functional test (In reply to Philipp Hahn from comment #9) > No, univention-appcenter was broken: Bug #39585 comment 2: Its script use > univention-updater and python modules without declaring a dependency on them > due to the missing ${*:Depends}, so dpkg is not force to have the package > configured. → OK See also Bug #39305 for performed tests.
From bug 39305 c5: > REOPEN: > - release-notes*xml should mention, that the repo uses HTTPS now by default I added a separate statement to release notes that the new default protocol for repo access is HTTPS. r65236 | Bug #39306: added release notes entry for HTTPS as new default protocoll for repo access r65235 | Bug #39306: fixed typos
UCS 4.1 has been released: https://docs.software-univention.de/release-notes-4.1-0-en.html https://docs.software-univention.de/release-notes-4.1-0-de.html If this error occurs again, please use "Clone This Bug".