Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Albretch Mueller]

On 1/29/24, David Wright  wrote:
> On Sat 27 Jan 2024 at 14:50:25 (+), Albretch Mueller wrote:
>> On 1/19/24, David Wright  wrote:
>> > On Fri 19 Jan 2024 at 22:19:21 (+), Albretch Mueller wrote:
>> >>  Package dependencies to me are just DAGs,
>> > Are they? No circular dependencies?
>>
>>  The way I see them, "circular dependencies" are "cultural".
>> "organizational" issues not essentially technical ones. circular
>> dependencies happen in packages which should be part of the same node.
>> Show me examples in which it is not the case.
>
> To save time, I just used the list's search, and found a reference
> to presumably the wheezy Packages file:
>
> Package: openjdk-6-jre-headless
> Version: 6b38-1.13.10-1~deb7u1
> Depends: openjdk-6-jre-lib (= 6b38-1.13.10-1~deb7u1), [ … ]
>
> Package: openjdk-6-jre-lib
> Version: 6b38-1.13.10-1~deb7u1
> Depends: openjdk-6-jre-headless (>= 6b27)
>
> I guess that example gives you something cultural or
> organisational to chew on?

 Ha! openjdk-6-jre- {headless, lib} both of version
6b38-1.13.10-1~deb7u1 depend on one another! ;-)

>> >> [ … ] I haven’t found a book yet, explaining it all.
>> >> At times I have found great explanations about single aspects.
>> > What sales figures would you expect to see with such a book?
>>  ... and since that sounds to me like ransom money aren't you the one
>> who would determine the amount yourself?
> I haven't a clue what you're rambling on about. Ransom money?
> You originally wrote:
>> >> [ … ] So, to start I would
>> >> like to study the Debian packages and how dpkg establishes and keeps
>> >> those dependencies. What happens on the hire and on the repositories
>> >> with certificates ... I haven’t found a book yet, explaining it all.
>> >> At times I have found great explanations about single aspects.
> For there to be a book on the subject, someone has to invest
> the time and effort to write it, and persuade others to
> proofread and publish it. But who's this book for—a whole
> book … on Debian's APT and dpkg?

 Well, yes! I think that Debian's APT, dpkg, apt-clone, ... within the
context of how they compare to other packaging systems, their essence
and functions has the potential to become  very beneficial to the
Debian and Linux culture. The other day I heard the author of Qubes OS
himself say that his project was not the be all and end all of Linux
security, that the only way to use a computing device with some of
that thing they used to call "privacy" is not to ever connect it to
the Internet (even physically removing the pertinent hardware and
compiling the kernel without networking libraries if it comes to that)
and I remember Linus Torvalds himself saying once publicly that he
never connects his work horse computer to the Internet. He was even
profusely making faces while he did.

 I think Qubes OS in a sense is an aberration, too wasteful
operatively and I do think that you could run the same box in
air-gapped and exposed mode in the "touch of God" way I already
explained.

> Perhaps after you've studied your issues long enough, though,
> you might write one.

 ... and I don't know if you care about exact arithmetical computing,
the mind-body link, corpora research, ... but as a way to thank
you/the Debian culture I will let you know what came out of your help.

 lbrtchx

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[David Wright]

On Sat 27 Jan 2024 at 14:50:25 (+), Albretch Mueller wrote:
> On 1/19/24, David Wright  wrote:
> > On Fri 19 Jan 2024 at 22:19:21 (+), Albretch Mueller wrote:
> >>  Package dependencies to me are just DAGs,
> > Are they? No circular dependencies?
> 
>  The way I see them, "circular dependencies" are "cultural".
> "organizational" issues not essentially technical ones. circular
> dependencies happen in packages which should be part of the same node.
> Show me examples in which it is not the case.

To save time, I just used the list's search, and found a reference
to presumably the wheezy Packages file:

Package: openjdk-6-jre-headless
Version: 6b38-1.13.10-1~deb7u1
Depends: openjdk-6-jre-lib (= 6b38-1.13.10-1~deb7u1), [ … ]

Package: openjdk-6-jre-lib
Version: 6b38-1.13.10-1~deb7u1
Depends: openjdk-6-jre-headless (>= 6b27)

I guess that example gives you something cultural or
organisational to chew on?

> >> [ … ] I haven’t found a book yet, explaining it all.
> >> At times I have found great explanations about single aspects.
> > What sales figures would you expect to see with such a book?
> 
>  ... and since that sounds to me like ransom money aren't you the one
> who would determine the amount yourself?

I haven't a clue what you're rambling on about. Ransom money?

You originally wrote:

> >> [ … ] So, to start I would
> >> like to study the Debian packages and how dpkg establishes and keeps
> >> those dependencies. What happens on the hire and on the repositories
> >> with certificates ... I haven’t found a book yet, explaining it all.
> >> At times I have found great explanations about single aspects.

For there to be a book on the subject, someone has to invest
the time and effort to write it, and persuade others to
proofread and publish it. But who's this book for—a whole
book … on Debian's APT and dpkg?

Perhaps after you've studied your issues long enough, though,
you might write one.

Cheers,
David.

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Albretch Mueller]

On 1/19/24, David Wright  wrote:
> On Fri 19 Jan 2024 at 22:19:21 (+), Albretch Mueller wrote:
>>  Package dependencies to me are just DAGs,
> Are they? No circular dependencies?

 The way I see them, "circular dependencies" are "cultural".
"organizational" issues not essentially technical ones. circular
dependencies happen in packages which should be part of the same node.
Show me examples in which it is not the case.

>> [ … ] I haven’t found a book yet, explaining it all.
>> At times I have found great explanations about single aspects.
> What sales figures would you expect to see with such a book?

 ... and since that sounds to me like ransom money aren't you the one
who would determine the amount yourself?

 lbrtchx

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[David Wright]

On Fri 19 Jan 2024 at 22:19:21 (+), Albretch Mueller wrote:

>  Package dependencies to me are just DAGs,

Are they? No circular dependencies?

> [ … ] I haven’t found a book yet, explaining it all.
> At times I have found great explanations about single aspects.

What sales figures would you expect to see with such a book?

Cheers,
David.

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Albretch Mueller]

On 1/19/24, Andrew M.A. Cater  wrote:
> On Fri, Jan 19, 2024 at 03:22:52PM +, Albretch Mueller wrote:
>> On 1/19/24, Max Nikulin  wrote:
>> > Precise steps
>> > depend on degree of your paranoia.
>>  ... and mine is of the totally irrevocable, even joyful kind; so,
>> where are the steps?
>>  I have always believe that Debian’s basic assumptions about using the
>> Internet as a relatively secure, “private” venue are definitely more
>> worryingly irrational than my paranoia.
>>  I think at some point I will have to learn more about Debian’s apt
>> utility. Any documentation you would suggest explaining it all from
>> the protocoled structure of deb packages to the various installation
>> procedures depending on degree of paranoia? When I learn something I
>> like to learn all of it.
> What aspect? apt sits on top of package dependencies, package signing,
> package validation ...

 Well, "my mind" has been partially trained, partially conditioned to
be kind of mix of poetic/artistic, scientific (mostly Math and
Physics, but anything empirical I find fascinating and technical
things somewhat, but I can’t be abused by all that AI cr@p you find
everywhere these days) and downright paranoid and proudly, joyfully so
;-)

 To me saying that you can ensure security, that thing they used to
call "privacy", ... with software would be like saying that you could
invent some sort of esperanto which would not allow for people to lie.

 Package dependencies to me are just DAGs, what I am mostly interested
in is how the various hard-, soft- and "mind"-ware "techne" aspects
related to one another and for that kind of semiotic study you need to
look into the grammar established by the different processes that go
on a computer. The nodes of the DAGs (the "characters" of that
grammar) conditioning the different kinds of transformations offered
by the packages’ utilities when programs run. So, to start I would
like to study the Debian packages and how dpkg establishes and keeps
those dependencies. What happens on the hire and on the repositories
with certificates ... I haven’t found a book yet, explaining it all.
At times I have found great explanations about single aspects.

 lbrtchx

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Max Nikulin]

On 1/19/24, Max Nikulin wrote:

When adding a third-party repository, evaluate that GPG key you are
going to add really belongs to repository maintainers.


The sentence above is important to get the next phrase right.

On 19/01/2024 22:22, Albretch Mueller wrote:

On 1/19/24, Max Nikulin wrote:

Precise steps
depend on degree of your paranoia.

[...]

  I have always believe that Debian’s basic assumptions about using the
Internet as a relatively secure, “private” venue are definitely more
worryingly irrational than my paranoia.


Debian does not control 3rd party repositories. It is up to users to 
decide if they trust such repositories and if they trust web pages 
containing an identifiers of GPG public keys.


Actually even in the case of official Debian images you need to get 
identifiers of GPG keys. Do you trust https://debian.org/? Are you sure 
that browser's certificate storage doesn't contain an extra certificate? 
Are you sure that you are not visiting an alternative site and some 
certification authority from "official" ones has not issued an 
alternative debian.org certificate? A particular WiFi hotspot might have 
malicious DNS and might direct you to a site looking like debian.org, 
but containing another set of GPG keys and pointing to specially crafted 
download links.


APT is secure even for HTTP, but it needs proper GPG keys. APT might be 
insecure even for HTTPS if the user adds a malicious repository and GPG 
keys for it (or if the user disables GPG signatures checks).

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Andrew M.A. Cater]

On Fri, Jan 19, 2024 at 03:22:52PM +, Albretch Mueller wrote:
> On 1/19/24, Max Nikulin  wrote:
> > Precise steps
> > depend on degree of your paranoia.
> 
>  ... and mine is of the totally irrevocable, even joyful kind; so,
> where are the steps?
> 
>  I have always believe that Debian’s basic assumptions about using the
> Internet as a relatively secure, “private” venue are definitely more
> worryingly irrational than my paranoia.
> 
>  I think at some point I will have to learn more about Debian’s apt
> utility. Any documentation you would suggest explaining it all from
> the protocoled structure of deb packages to the various installation
> procedures depending on degree of paranoia? When I learn something I
> like to learn all of it.
> 

What aspect? apt sits on top of package dependencies, package signing,
package validation ...

And apt succeeds / parallels aptitude and apt-get. Apt-get succeeded dselect
which superseded dpkg commands. The base is still dpkg and keeping track
of package dependencies in some sense.

All the very best,

Andy
(amaca...@debian.org)
Where do you _actually_ want to start

>  I tend to only mind what I am working on. I would just use an
> unexposed computer and/or do things by hand/on paper if possible, but
> you can’t do algorithmic simulations and tests by hand.
> 
>  lbrtchx
> 
> On 1/19/24, Max Nikulin  wrote:
> > On 18/01/2024 12:45, Albretch Mueller wrote:
> >> On 1/14/24, Max Nikulin wrote:
> >>> Generally just pay attention that GPG keys for repositories are obtained
> >>> through trusted channels.
> >>
> >>   How do you functionally (that is, give me the step-by-step command
> >> line statements, ... in order to) do that?
> >
> > Verify installation (or live) image to have initial keyring
> >
> > https://lists.debian.org/msgid-search/uobl6l$i21$1...@ciao.gmane.io
> > Re: Correction to last message for Debian 11 and Debian 12. Thu, 18 Jan
> > 2024 23:55:48 +0700.
> >
> > Optionally install necessary keyring packages.
> >
> > When adding a third-party repository, evaluate that GPG key you are
> > going to add really belongs to repository maintainers. Precise steps
> > depend on degree of your paranoia.
> 

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Albretch Mueller]

On 1/19/24, Max Nikulin  wrote:
> Precise steps
> depend on degree of your paranoia.

 ... and mine is of the totally irrevocable, even joyful kind; so,
where are the steps?

 I have always believe that Debian’s basic assumptions about using the
Internet as a relatively secure, “private” venue are definitely more
worryingly irrational than my paranoia.

 I think at some point I will have to learn more about Debian’s apt
utility. Any documentation you would suggest explaining it all from
the protocoled structure of deb packages to the various installation
procedures depending on degree of paranoia? When I learn something I
like to learn all of it.

 I tend to only mind what I am working on. I would just use an
unexposed computer and/or do things by hand/on paper if possible, but
you can’t do algorithmic simulations and tests by hand.

 lbrtchx

On 1/19/24, Max Nikulin  wrote:
> On 18/01/2024 12:45, Albretch Mueller wrote:
>> On 1/14/24, Max Nikulin wrote:
>>> Generally just pay attention that GPG keys for repositories are obtained
>>> through trusted channels.
>>
>>   How do you functionally (that is, give me the step-by-step command
>> line statements, ... in order to) do that?
>
> Verify installation (or live) image to have initial keyring
>
> https://lists.debian.org/msgid-search/uobl6l$i21$1...@ciao.gmane.io
> Re: Correction to last message for Debian 11 and Debian 12. Thu, 18 Jan
> 2024 23:55:48 +0700.
>
> Optionally install necessary keyring packages.
>
> When adding a third-party repository, evaluate that GPG key you are
> going to add really belongs to repository maintainers. Precise steps
> depend on degree of your paranoia.

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Max Nikulin]

On 18/01/2024 12:45, Albretch Mueller wrote:

On 1/14/24, Max Nikulin wrote:

Generally just pay attention that GPG keys for repositories are obtained
through trusted channels.


  How do you functionally (that is, give me the step-by-step command
line statements, ... in order to) do that?


Verify installation (or live) image to have initial keyring

https://lists.debian.org/msgid-search/uobl6l$i21$1...@ciao.gmane.io
Re: Correction to last message for Debian 11 and Debian 12. Thu, 18 Jan 
2024 23:55:48 +0700.


Optionally install necessary keyring packages.

When adding a third-party repository, evaluate that GPG key you are 
going to add really belongs to repository maintainers. Precise steps 
depend on degree of your paranoia.

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Albretch Mueller]

On 1/14/24, Max Nikulin  wrote:
> On 14/01/2024 04:43, Jeffrey Walton wrote:
>>
>> And use of HTTP in other fetches is dangerous, and HTTPS should be
>> used. See
>> .
>
> https://security-tracker.debian.org/tracker/CVE-2019-3462
> states that this particular vulnerability has been fixed. Do you have
> any evidence that APT is still affected by another one related namely to
> HTTP?
>
> Serious vulnerabilities have been found in OpenSSL and other libraries.
> Do you think, it is a reason to stop using TLS?
>
> In the case of APT, unless you disabled it, content is verified using
> GPG keys and signatures, see apt-secure(8) and
> https://wiki.debian.org/SecureApt
>
> HTTP clear text communication allows to use caching proxies, so to
> decrease load of repository servers and communication channels.
>
> HTTPS may be a mitigation till a specific fix is installed.

$ date; sudo apt -o Acquire::http::AllowRedirect=false  update
Thu Jan 18 12:38:19 AM UTC 2024
Get:1 file:/run/live/medium bookworm InRelease
Ign:1 file:/run/live/medium bookworm InRelease
Get:2 file:/run/live/medium bookworm Release [4,535 B]
Get:2 file:/run/live/medium bookworm Release [4,535 B]
Get:3 file:/run/live/medium bookworm Release.gpg
Ign:3 file:/run/live/medium bookworm Release.gpg
Get:4 file:/run/live/medium bookworm/main amd64 Packages [48.2 kB]
Get:5 file:/run/live/medium bookworm/non-free-firmware amd64 Packages [30.4 kB]
Err:6 http://deb.debian.org/debian bookworm InRelease
  302  Found [IP: 151.101.162.132 80]
Reading package lists... Done
E: Failed to fetch
http://deb.debian.org/debian/dists/bookworm/InRelease  302  Found [IP:
151.101.162.132 80]
E: The repository 'http://deb.debian.org/debian bookworm InRelease' is
no longer signed.
N: Updating from such a repository can't be done securely, and is
therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user
configuration details.
$

> Generally just pay attention that GPG keys for repositories are obtained
> through trusted channels.

 How do you functionally (that is, give me the step-by-step command
line statements, ... in order to) do that?

 lbrtchx

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Max Nikulin]

On 14/01/2024 04:43, Jeffrey Walton wrote:


And use of HTTP in other fetches is dangerous, and HTTPS should be
used. See 
.


https://security-tracker.debian.org/tracker/CVE-2019-3462
states that this particular vulnerability has been fixed. Do you have 
any evidence that APT is still affected by another one related namely to 
HTTP?


Serious vulnerabilities have been found in OpenSSL and other libraries. 
Do you think, it is a reason to stop using TLS?


In the case of APT, unless you disabled it, content is verified using 
GPG keys and signatures, see apt-secure(8) and 
https://wiki.debian.org/SecureApt


HTTP clear text communication allows to use caching proxies, so to 
decrease load of repository servers and communication channels.


HTTPS may be a mitigation till a specific fix is installed.

Generally just pay attention that GPG keys for repositories are obtained 
through trusted channels.

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Jeffrey Walton]

On Sat, Jan 13, 2024 at 9:06 AM Michael Kjörling <2695bd53d...@ewoof.net> wrote:
>
> On 13 Jan 2024 13:44 +, from lbrt...@gmail.com (Albretch Mueller):
> > E: Failed to fetch
> > https://myattwg.att.com/olam/jsp/login/uverse/VS/UverseAccount.html
> > File has unexpected size (7009 != 20884). Mirror sync in progress?
> > [IP: 184.31.10.246 443]
> >Hashes of expected file:
> > - 
> > SHA256:eac7c87ae7118d29d55d497c8a3873dd1c0c062dd3df06ca74a4710ddcb950d9
> > - MD5Sum:40029a8ea9aa7a6c9ddf3aa60404c17a [weak]
> > - Filesize:20884 [weak]
>
> That URL doesn't look right. You wouldn't by any chance be behind a
> captive portal or something like that which is asking for
> reauthentication?

184.31.10.246 belongs to AKAMAI. It could be one of those CAPTCHAs, too.

And use of HTTP in other fetches is dangerous, and HTTPS should be
used. See 
.

Jeff

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Greg Wooledge]

On Sat, Jan 13, 2024 at 06:19:06PM +, Albretch Mueller wrote:
>  My access to the Internet seems to be fine. I tested various urls:
> 
> url="https://www.wired.co.uk/article/facebook-energy-heating-homes;

That doesn't prove anything.  Just *look* at the URL that you got from
the error:

> >> >> E: Failed to fetch
> >> >> https://myattwg.att.com/olam/jsp/login/uverse/VS/UverseAccount.html

It's *obviously* a portal login.  Go to it.  Click whatever the hell it
wants you to click.  Better still, open a real web browser (one with
Javascript enabled) and go *anywhere*.

Once you get your IP "logged in" to the portal, apt-get might start
working again.  Until the next time it wants you to re-authenticate
anyway.

Don't think "But these 11 URLs worked, why does the 12th one not work?"
Nobody knows.  Don't try to figure it out.  Just submit, or get a real
Internet connection.

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[tomas]

On Sat, Jan 13, 2024 at 06:19:06PM +, Albretch Mueller wrote:
>  My access to the Internet seems to be fine. I tested various urls:

In that case, I'm out.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Albretch Mueller]

 My access to the Internet seems to be fine. I tested various urls:

url="https://www.wired.co.uk/article/facebook-energy-heating-homes;
###
curlvers=$(curl --version | head -n 1 | awk '{print $2}')

bn=$(basename "${url}")
dt=$(date --utc +%Y%m%d%H%M%S.%N)
ofl="${bn}_${dt}.html"
errs="${bn}_${dt}_curl_${curlvers}_errors.log"

time(
 curl --silent --verbose --output "${ofl}" "${url}" 2> "${errs}";
 _CURLX=$?
 echo "// __ \$_CURLX: |${_CURLX}|" >> "${errs}"
) >> "${errs}"

ls -l "${errs}"; wc -l "${errs}";
ls -l "${ofl}"; wc -l "${ofl}";

On 1/13/24, to...@tuxteam.de  wrote:
> On Sat, Jan 13, 2024 at 04:36:14PM +, Albretch Mueller wrote:
>> On 1/13/24, Michael Kjörling <2695bd53d...@ewoof.net> wrote:
>> > On 13 Jan 2024 13:44 +, from lbrt...@gmail.com (Albretch Mueller):
>> >> E: Failed to fetch
>> >> https://myattwg.att.com/olam/jsp/login/uverse/VS/UverseAccount.html
>> >> File has unexpected size (7009 != 20884). Mirror sync in progress?
>> >> [IP: 184.31.10.246 443]
>> >>Hashes of expected file:
>> >> -
>> >> SHA256:eac7c87ae7118d29d55d497c8a3873dd1c0c062dd3df06ca74a4710ddcb950d9
>> >> - MD5Sum:40029a8ea9aa7a6c9ddf3aa60404c17a [weak]
>> >> - Filesize:20884 [weak]
>> >
>> > That URL doesn't look right. You wouldn't by any chance be behind a
>> > captive portal or something like that which is asking for
>> > reauthentication?
>>
>>  Assuming I am indeed "behind a captive portal or something like that
>> which is asking for reauthentication" why is it that it only reacts
>> when I visit certain sites, like the profiled ones I need to access
>> right after I boot up?
>
> We can't know. But you can: just point your browser (or curl, or wget)
> at that URL and see what it says. This is the bunch of HTML your package
> manager is trying to digest as a package.
>
> Lucky that it barfs early, I'd say.
>
> Cheers
> --
> t
>

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[tomas]

On Sat, Jan 13, 2024 at 04:36:14PM +, Albretch Mueller wrote:
> On 1/13/24, Michael Kjörling <2695bd53d...@ewoof.net> wrote:
> > On 13 Jan 2024 13:44 +, from lbrt...@gmail.com (Albretch Mueller):
> >> E: Failed to fetch
> >> https://myattwg.att.com/olam/jsp/login/uverse/VS/UverseAccount.html
> >> File has unexpected size (7009 != 20884). Mirror sync in progress?
> >> [IP: 184.31.10.246 443]
> >>Hashes of expected file:
> >> -
> >> SHA256:eac7c87ae7118d29d55d497c8a3873dd1c0c062dd3df06ca74a4710ddcb950d9
> >> - MD5Sum:40029a8ea9aa7a6c9ddf3aa60404c17a [weak]
> >> - Filesize:20884 [weak]
> >
> > That URL doesn't look right. You wouldn't by any chance be behind a
> > captive portal or something like that which is asking for
> > reauthentication?
> 
>  Assuming I am indeed "behind a captive portal or something like that
> which is asking for reauthentication" why is it that it only reacts
> when I visit certain sites, like the profiled ones I need to access
> right after I boot up?

We can't know. But you can: just point your browser (or curl, or wget)
at that URL and see what it says. This is the bunch of HTML your package
manager is trying to digest as a package.

Lucky that it barfs early, I'd say.

Cheers
-- 
t


signature.asc
Description: PGP signature

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Albretch Mueller]

On 1/13/24, Michael Kjörling <2695bd53d...@ewoof.net> wrote:
> On 13 Jan 2024 13:44 +, from lbrt...@gmail.com (Albretch Mueller):
>> E: Failed to fetch
>> https://myattwg.att.com/olam/jsp/login/uverse/VS/UverseAccount.html
>> File has unexpected size (7009 != 20884). Mirror sync in progress?
>> [IP: 184.31.10.246 443]
>>Hashes of expected file:
>> -
>> SHA256:eac7c87ae7118d29d55d497c8a3873dd1c0c062dd3df06ca74a4710ddcb950d9
>> - MD5Sum:40029a8ea9aa7a6c9ddf3aa60404c17a [weak]
>> - Filesize:20884 [weak]
>
> That URL doesn't look right. You wouldn't by any chance be behind a
> captive portal or something like that which is asking for
> reauthentication?

 Assuming I am indeed "behind a captive portal or something like that
which is asking for reauthentication" why is it that it only reacts
when I visit certain sites, like the profiled ones I need to access
right after I boot up?

 lbrtchx

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Andy Smith]

Hello,

On Sat, Jan 13, 2024 at 02:06:22PM +, Michael Kjörling wrote:
> On 13 Jan 2024 13:44 +, from lbrt...@gmail.com (Albretch Mueller):
> > E: Failed to fetch
> > https://myattwg.att.com/olam/jsp/login/uverse/VS/UverseAccount.html
> > File has unexpected size (7009 != 20884). Mirror sync in progress?
> > [IP: 184.31.10.246 443]
> >Hashes of expected file:
> > - 
> > SHA256:eac7c87ae7118d29d55d497c8a3873dd1c0c062dd3df06ca74a4710ddcb950d9
> > - MD5Sum:40029a8ea9aa7a6c9ddf3aa60404c17a [weak]
> > - Filesize:20884 [weak]
> 
> That URL doesn't look right. You wouldn't by any chance be behind a
> captive portal or something like that which is asking for
> reauthentication?

Also the file size of the erroneous file is the same for everything
fetched (7009) so yes I surmise the same as you: behind captive
portal that is redirecting every request to a bit of HTML of size
7009.

Thanks,
Andy

-- 
https://bitfolk.com/ -- No-nonsense VPS hosting

Re: File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Michael Kjörling]

On 13 Jan 2024 13:44 +, from lbrt...@gmail.com (Albretch Mueller):
> E: Failed to fetch
> https://myattwg.att.com/olam/jsp/login/uverse/VS/UverseAccount.html
> File has unexpected size (7009 != 20884). Mirror sync in progress?
> [IP: 184.31.10.246 443]
>Hashes of expected file:
> - SHA256:eac7c87ae7118d29d55d497c8a3873dd1c0c062dd3df06ca74a4710ddcb950d9
> - MD5Sum:40029a8ea9aa7a6c9ddf3aa60404c17a [weak]
> - Filesize:20884 [weak]

That URL doesn't look right. You wouldn't by any chance be behind a
captive portal or something like that which is asking for
reauthentication?

-- 
Michael Kjörling  https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”

File has unexpected size (x != y). Mirror sync in progress? [IP: ...] ...

[Albretch Mueller]

 I read off stackoverflow that I should just wait for a couple of
hours. I have waited more than 12.

$ which ffmpeg
$

$ sudo apt-get install ffmpeg
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  libavdevice59 libcdio-cdda2 libcdio-paranoia2
Suggested packages:
  ffmpeg-doc
The following NEW packages will be installed:
  ffmpeg libavdevice59 libcdio-cdda2 libcdio-paranoia2
0 upgraded, 4 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,964 kB of archives.
After this operation, 2,841 kB of additional disk space will be used.
Do you want to continue? [Y/n]
Get:1 http://deb.debian.org/debian bookworm/main amd64 libcdio-cdda2
amd64 10.2+2.0.1-1 [20.9 kB]
Get:2 http://deb.debian.org/debian bookworm/main amd64
libcdio-paranoia2 amd64 10.2+2.0.1-1 [20.4 kB]
Get:3 http://deb.debian.org/debian bookworm/main amd64 libavdevice59
amd64 7:5.1.4-0+deb12u1 [111 kB]
Get:4 http://deb.debian.org/debian bookworm/main amd64 ffmpeg amd64
7:5.1.4-0+deb12u1 [1,811 kB]
Err:1 http://deb.debian.org/debian bookworm/main amd64 libcdio-cdda2
amd64 10.2+2.0.1-1
  File has unexpected size (7009 != 20884). Mirror sync in progress?
[IP: 184.31.10.246 443]
  Hashes of expected file:
   - SHA256:eac7c87ae7118d29d55d497c8a3873dd1c0c062dd3df06ca74a4710ddcb950d9
   - MD5Sum:40029a8ea9aa7a6c9ddf3aa60404c17a [weak]
   - Filesize:20884 [weak]
Err:2 http://deb.debian.org/debian bookworm/main amd64
libcdio-paranoia2 amd64 10.2+2.0.1-1
  File has unexpected size (7009 != 20884). Mirror sync in progress?
[IP: 184.31.10.246 443]
  Hashes of expected file:
   - SHA256:ef0610a344c1548c386868d7480bb4a7fc69b5bfb459e99df4c8f96c658c0088
   - MD5Sum:a568135bfb8fa5370fda17b8852edfdc [weak]
   - Filesize:20380 [weak]
Err:3 http://deb.debian.org/debian bookworm/main amd64 libavdevice59
amd64 7:5.1.4-0+deb12u1
  File has unexpected size (7009 != 20884). Mirror sync in progress?
[IP: 184.31.10.246 443]
  Hashes of expected file:
   - SHA256:479cdac9422e291a83eecaabb222369d4191710ddecbf7ac538dcfcc41df7a95
   - MD5Sum:a1042dd7161976d81355a8da1c728f4d [weak]
   - Filesize:60 [weak]
Err:4 http://deb.debian.org/debian bookworm/main amd64 ffmpeg amd64
7:5.1.4-0+deb12u1
  File has unexpected size (7009 != 20884). Mirror sync in progress?
[IP: 184.31.10.246 443]
  Hashes of expected file:
   - SHA256:078295a64b9f719f7beaea1aeec9d1d0376afee605ff078c542792916798123a
   - MD5Sum:ba928f239b23fc112343be32059fb47a [weak]
   - Filesize:1811108 [weak]
E: Failed to fetch
https://myattwg.att.com/olam/jsp/login/uverse/VS/UverseAccount.html
File has unexpected size (7009 != 20884). Mirror sync in progress?
[IP: 184.31.10.246 443]
   Hashes of expected file:
- SHA256:eac7c87ae7118d29d55d497c8a3873dd1c0c062dd3df06ca74a4710ddcb950d9
- MD5Sum:40029a8ea9aa7a6c9ddf3aa60404c17a [weak]
- Filesize:20884 [weak]
E: Failed to fetch
https://myattwg.att.com/olam/jsp/login/uverse/VS/UverseAccount.html
File has unexpected size (7009 != 20884). Mirror sync in progress?
[IP: 184.31.10.246 443]
   Hashes of expected file:
- SHA256:ef0610a344c1548c386868d7480bb4a7fc69b5bfb459e99df4c8f96c658c0088
- MD5Sum:a568135bfb8fa5370fda17b8852edfdc [weak]
- Filesize:20380 [weak]
E: Failed to fetch
https://myattwg.att.com/olam/jsp/login/uverse/VS/UverseAccount.html
File has unexpected size (7009 != 20884). Mirror sync in progress?
[IP: 184.31.10.246 443]
   Hashes of expected file:
- SHA256:479cdac9422e291a83eecaabb222369d4191710ddecbf7ac538dcfcc41df7a95
- MD5Sum:a1042dd7161976d81355a8da1c728f4d [weak]
- Filesize:60 [weak]
E: Failed to fetch
https://myattwg.att.com/olam/jsp/login/uverse/VS/UverseAccount.html
File has unexpected size (7009 != 20884). Mirror sync in progress?
[IP: 184.31.10.246 443]
   Hashes of expected file:
- SHA256:078295a64b9f719f7beaea1aeec9d1d0376afee605ff078c542792916798123a
- MD5Sum:ba928f239b23fc112343be32059fb47a [weak]
- Filesize:1811108 [weak]
E: Unable to fetch some archives, maybe run apt-get update or try with
--fix-missing?

$ date; sudo apt-get update
Sat Jan 13 08:27:12 AM UTC 2024
Get:1 file:/run/live/medium bookworm InRelease
Ign:1 file:/run/live/medium bookworm InRelease
Get:2 file:/run/live/medium bookworm Release [4,535 B]
Get:2 file:/run/live/medium bookworm Release [4,535 B]
Get:3 file:/run/live/medium bookworm Release.gpg
Ign:3 file:/run/live/medium bookworm Release.gpg
Hit:4 http://deb.debian.org/debian bookworm InRelease
Reading package lists... Done

$ sudo apt-get install --fix-missing
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

$ date; sudo apt-get install ffmpeg
Sat Jan 13 08:33:59 AM UTC 2024
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
  libavdevice59 libcdio-cdda2