Univention Bugzilla – Full Text Bug Listing |
Summary: | python-apt does not trust cdrom | ||
---|---|---|---|
Product: | UCS | Reporter: | Philipp Hahn <hahn> |
Component: | UCS Installer - DVD | Assignee: | Richard Ulmer <ulmer> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | normal | ||
Priority: | P5 | CC: | best, brodersen, gohmann, ulmer, wiesenthal |
Version: | UCS 4.3 | ||
Target Milestone: | UCS 4.3-0-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
See Also: |
https://forge.univention.org/bugzilla/show_bug.cgi?id=45868 https://forge.univention.org/bugzilla/show_bug.cgi?id=46992 |
||
What kind of report is it?: | Development Internal | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | |||
Bug Depends on: | 45896 | ||
Bug Blocks: |
Description
Philipp Hahn
2017-12-22 15:18:01 CET
#0 AllowInsecureRepositories (msg=msg@entry=InsecureType::NORELEASE, repo="cdrom://[UCS Linux 4.3 GNU/Linux 4.3-0 _Ucs430_ - Official amd64 DVD Binary-1 20171220-08:40] ucs430 Release", MetaIndexParser=0x555555d63e10, TransactionManager=0x555555db1f60, I=I@entry=0x555555db1130) at ./apt-pkg/acquire-item.cc:222 #1 0x00007ffff6910527 in pkgAcqMetaIndex::Failed (this=0x555555db1130, Message=..., Cnf=<optimized out>) at ./apt-pkg/acquire-item.cc:1814 #2 0x00007ffff6923b7a in pkgAcquire::Worker::RunMessages (this=this@entry=0x555555db2790) at ./apt-pkg/acquire-worker.cc:530 #3 0x00007ffff692660c in pkgAcquire::Worker::InFdReady (this=this@entry=0x555555db2790) at ./apt-pkg/acquire-worker.cc:737 #4 0x00007ffff69282ea in pkgAcquire::RunFdsSane (this=this@entry=0x7fffffffd4b0, RSet=RSet@entry=0x7fffffffd1d0, WSet=WSet@entry=0x7fffffffd250) at ./apt-pkg/acquire.cc:532 #5 0x00007ffff692ceaa in pkgAcquire::Run (this=this@entry=0x7fffffffd4b0, PulseIntervall=<optimized out>) at ./apt-pkg/acquire.cc:704 #6 0x00007ffff6a18797 in AcquireUpdate (Fetcher=..., PulseInterval=PulseInterval@entry=0, RunUpdateScripts=RunUpdateScripts@entry=true, ListCleanup=ListCleanup@entry=true) at ./apt-pkg/update.cc:57 # apt-cache policy apt python-apt apt: Installed: 1.4.8A~4.3.0.201711271936 Candidate: 1.4.8A~4.3.0.201711271936 Version table: *** 1.4.8A~4.3.0.201711271936 500 500 cdrom://[UCS Linux 4.3 GNU/Linux 4.3-0 _Ucs430_ - Official amd64 DVD Binary-1 20171220-08:40] ucs430/main amd64 Packages 100 /var/lib/dpkg/status python-apt: Installed: 1.4.0~beta3 Candidate: 1.4.0~beta3 Version table: *** 1.4.0~beta3 500 500 cdrom://[UCS Linux 4.3 GNU/Linux 4.3-0 _Ucs430_ - Official amd64 DVD Binary-1 20171220-08:40] ucs430/main amd64 Packages 100 /var/lib/dpkg/status r17892 debian-installer/4.3-0-0-ucs/20170615+deb9u2/0010-local-univention-sources.patch is also a workaround for that. Note: I think due to this workaround, setting the repository for 4.3 dvd builds has currently no effect. Due to recent changes in apt-secure the template for the UCRV update/secure_apt has become outdated. Thus the old way, of allowing for insecure repositories, failed here. "man apt-secure" in Debian Stretch [1] suggests using different configuration options. I have committed an updated version of the UCRV-template. univention-base-files.yaml 099878ddfc16 | Bug #45950: Add yaml entry univention-base-files (7.0.0-10) 05f5806dc959 | Bug #45950: Update broken template for UCRV update/secure_apt [1] https://manpages.debian.org/stretch/apt/apt-secure.8.en.html OK: 05f5806dc9 OK: 099878ddfc OK: errata-announce -V --only univention-base-files.yaml OK: ucr set repository/online=no repository/mirror=no apt-cdrom add echo 'Acquire::AllowInsecureRepositories "true";' >>/etc/apt/apt.conf.d/00trustcdrom python -c 'from apt import Cache;cache = Cache();cache.update()' apt -qq update apt-get -qq update This breaks installing Apps from the Test App Center. Please include APT::Get::AllowUnauthenticated "true"; *** Bug 46758 has been marked as a duplicate of this bug. *** I have added APT::Get::AllowUnauthenticated to the configuration, again. univention-base-files.yaml 051d1a58d9 | Bug #45950: Update yaml entry univention-base-files (7.0.0-12) 8b4541960e | Bug #45950: Update broken template for UCRV update/secure_apt OK: 8b4541960e OK: 051d1a58d9 OK: errata-announce -V --only univention-base-files.yaml WIP: ucs-test (In reply to Philipp Hahn from comment #8) > WIP: ucs-test [4.3-0] c49e14f023 Bug #45950 QA: Test secure apt-cdrom [4.3-0] 76f439bc6b Bug #45950 QA: Test secure APT |