[Touch-packages] [Bug 2063003] Re: package manager could not make changes to the installed system

[David Kalnischkies]

As the requirement for reproducing is "being offline" it could be that
this remove command wants to download packages, which fails.

Yes, remove can install packages – specifically the problem resolver can
try to fix a broken dependency by installing another provider/or-group
member. Controlled by `pkgProblemResolver::FixByInstall` which is
enabled by default. Once in a while I wonder if that should have been
disabled for remove commands. Or if it was a mistake to resolve an
upgrade problem 14y ago with this. Hard to tell if it does more good
than bad as that highly depends on the situation.

The other "obvious" possibility is that a maintainer script is trying to
access the network. Perhaps its intended only on install, but not
correctly guarded for the removal case.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/2063003

Title:
  package manager could not make changes to the installed system

Status in apt package in Ubuntu:
  New

Bug description:
  This is the cause of Ubuntu Unity failing to install. Test case
  requires system to be offline.

  The full error message is:
  The package manager could not make changes to the installed system. The 
command apt-get --purge -q -y remove ^live-* 
calamares-settings-ubuntu-unity calamares zram-config cifs-utils returned 
error code 100.

  There are no logs in /var/log/installer or /var/crash

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/2063003/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2061834] Re: apt build-dep . fails to parse build dependencies

[David Kalnischkies]

https://salsa.debian.org/apt-
team/apt/-/commit/633f6d67a28b375cf1f225f14d3c926e618d46af

** Changed in: apt (Ubuntu)
   Status: New => Fix Committed

** Changed in: apt (Ubuntu)
 Assignee: (unassigned) => David Kalnischkies (donkult)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/2061834

Title:
  apt build-dep . fails to parse build dependencies

Status in apt package in Ubuntu:
  Fix Committed

Bug description:
  seen in trantor 1.5.12+ds-1ubuntu3:

  Build-Depends: cmake, debhelper-compat (=13), dh-cmake, dh-cmake-
  compat (=1)

  replacing (=1) with (= 1) lets the parsing succeed.

  $ sudo apt build-dep .
  Note, using directory '.' to get the build dependencies
  Reading package lists... Done
  E: Problem parsing dependency: Build-Depends
  E: Unable to get build-dependency information for .

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/2061834/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1988819] Re: When apt keeps back packages due to phased updates, it should list them separately

[David Kalnischkies]

Not sure who all the upstream(s) involved might be, but from my personal
PoV at least you can add all the options you like… the topic gets harder
if we talk defaults & changing (e.g.) the lists completely (like that
tabular verbose-explosion thingy from apk or whatever it was). At some
point it might make sense to extended apt-patterns so that current (and
future) lists can be expressed in them and then add some more options to
format those lists/tables/… at which point we could have different
templates and so options/choices galore. I think aptitude has formatting
to some extend of its lists. One of my first apt patches that was never
merged was actually about reordering/coloring the lists… that failed, so
I am very positive that a much bigger yak will be shaved more easily and
faster many years later. ;)

Precedence of the initial ask is 'can be autoremoved' btw, which is not
displayed, displays a full list, an even fuller list in version mode or
displays a single line with how many packages could be autoremoved
depending on config.

P.S.: On a multi-arch system nearly every Depends is a choice even
without or-groups: given that you e.g. pick banana:amd64 or banana:i386
for an M-A:foreign banana. And the t64 transition added a quadrillion of
real vs. virtual bananas at least until everyone depends on bananat64.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1988819

Title:
  When apt keeps back packages due to phased updates, it should list
  them separately

Status in apt package in Ubuntu:
  Fix Released

Bug description:
  After phased updates have been introduced, it may happen that apt
  upgrade shows packages as upgradable but ends up not upgrading them.
  In this case the packages are indicated as being "kept back".

  Unfortunately, the feedback provided about this to the user is not
  very informative. The user sees the packages being kept back and
  thinks something is going wrong on the system.

  When packages are kept back because of phased updates, apt should say
  so e.g., it should say that the upgrade is delayed.

  Incidentally note that aptitude does not respect phased updates.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: apt 2.4.7
  ProcVersionSignature: Ubuntu 5.15.0-47.51-generic 5.15.46
  Uname: Linux 5.15.0-47-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82.1
  Architecture: amd64
  CasperMD5CheckResult: unknown
  CurrentDesktop: KDE
  Date: Tue Sep  6 10:05:14 2022
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2020-02-16 (933 days ago)
  InstallationMedia: Kubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017)
  SourcePackage: apt
  UpgradeStatus: Upgraded to jammy on 2022-06-03 (94 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1988819/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2035644] Re: apt status not updated ubuntu 20 LTS

[David Kalnischkies]

Looks like third-party packages are involved, so details on where to
find them would be good.

I presume the formatting of the data is different in dpkg/status vs. the
Packages file in the repo as libapt does string comparisons rather than
very costly fully parsed, transformed & cleaned comparisons and whatever
tool is used to create the Packages file might or might not do the same
transformations dpkg does. apt-ftparchive for example mostly doesn't.

dpkg e.g. has the tendency to remove 0-epochs from version numbers which
might be included in a dependency. Wild guess only – we would need the
actual data to know.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/2035644

Title:
  apt status not updated ubuntu 20 LTS

Status in apt package in Ubuntu:
  New

Bug description:
  Hi,

  is this a cache bug? The packages are installed, but "apt list
  --upgradable" say's no, the are not installed.

  root@minion:~# apt list --upgradable
  Listing... Done
  uls-client/luxux-standard-ubuntu20-x-amd64-dp-tserver 3.15-7ubuntu20 amd64 
[upgradable from: 3.15-7ubuntu20]
  venv-salt-minion/ubuntu20-x-amd64-res-suma-dp-tserver 3006.0-2.35.1 amd64 
[upgradable from: 3006.0-2.35.1]

  root@minion:~# apt install uls-client
  Reading package lists... Done
  Building dependency tree
  Reading state information... Done
  The following packages were automatically installed and are no longer 
required:
linux-headers-5.4.0-153 linux-headers-5.4.0-153-generic 
linux-image-5.4.0-153-generic linux-modules-5.4.0-153-generic 
linux-modules-extra-5.4.0-153-generic
  Use 'apt autoremove' to remove them.
  Recommended packages:
libncursesw5
  The following packages will be upgraded:
uls-client
  1 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
  Need to get 0 B/194 kB of archives.
  After this operation, 0 B of additional disk space will be used.
  (Reading database ... 177475 files and directories currently installed.)
  Preparing to unpack .../uls-client_3.15-7ubuntu20_amd64.deb ...
  redirecting to systemd
  Unpacking uls-client (3.15-7ubuntu20) over (3.15-7ubuntu20) ...
  Setting up uls-client (3.15-7ubuntu20) ...
  Processing triggers for man-db (2.9.1-1) ...
  Processing triggers for systemd (245.4-4ubuntu3.22) ...

  root@minion:~# apt list --upgradable
  Listing... Done
  uls-client/luxux-standard-ubuntu20-x-amd64-dp-tserver 3.15-7ubuntu20 amd64 
[upgradable from: 3.15-7ubuntu20]
  venv-salt-minion/ubuntu20-x-amd64-res-suma-dp-tserver 3006.0-2.35.1 amd64 
[upgradable from: 3006.0-2.35.1]

  root@minion:~# apt update
  Hit:12 https://SuMa:443/rhn/manager/download ubuntu20-x-amd64-dp-tserver/ 
Release
  Hit:13 https://SuMa:443/rhn/manager/download 
ubuntu20-x-amd64-main-dp-tserver/ Release
  Hit:14 https://SuMa:443/rhn/manager/download 
ubuntu20-x-amd64-res-suma-dp-tserver/ Release
  Hit:15 https://SuMa:443/rhn/manager/download 
luxux-puppet-ubuntu20-x-amd64-dp-tserver/ Release
  Hit:16 https://SuMa:443/rhn/manager/download 
tvm-standard-ubuntu20-x-amd64-dp-tserver/ Release
  Hit:17 https://SuMa:443/rhn/manager/download 
ubuntu20-x-amd64-main-updates-dp-tserver/ Release
  Hit:18 https://SuMa:443/rhn/manager/download 
ubuntu20-x-amd64-main-security-dp-tserver/ Release
  Hit:19 https://SuMa:443/rhn/manager/download 
ubuntu20-x-amd64-main-universe-dp-tserver/ Release
  Hit:20 https://SuMa:443/rhn/manager/download 
luxux-standard-ubuntu20-x-amd64-dp-tserver/ Release
  Hit:21 https://SuMa:443/rhn/manager/download 
ubuntu20-x-amd64-main-updates-universe-dp-tserver/ Release
  Hit:22 https://SuMa:443/rhn/manager/download 
ubuntu20-x-amd64-main-security-universe-dp-tserver/ Release

  Reading package lists... Done
  Building dependency tree
  Reading state information... Done
  2 packages can be upgraded. Run 'apt list --upgradable' to see them.

  root@minion:~# apt list --upgradable
  Listing... Done
  uls-client/luxux-standard-ubuntu20-x-amd64-dp-tserver 3.15-7ubuntu20 amd64 
[upgradable from: 3.15-7ubuntu20]
  venv-salt-minion/ubuntu20-x-amd64-res-suma-dp-tserver 3006.0-2.35.1 amd64 
[upgradable from: 3006.0-2.35.1]

  root@minion:~# apt upgrade
  Reading package lists... Done
  Building dependency tree
  Reading state information... Done
  Calculating upgrade... Done
  The following packages were automatically installed and are no longer 
required:
linux-headers-5.4.0-153 linux-headers-5.4.0-153-generic 
linux-image-5.4.0-153-generic linux-modules-5.4.0-153-generic 
linux-modules-extra-5.4.0-153-generic
  Use 'apt autoremove' to remove them.
  The following packages will be upgraded:
uls-client venv-salt-minion
  2 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
  Need to get 22.7 MB/22.9 MB of archives.
  After this operation, 0 B of additional disk space will be used.
  Do you want to continue? [Y/n] Y
  Get:1 https://SuMa:443/rhn/manager/download 

[Touch-packages] [Bug 2028124] Re: apt dist-upgrade does not restart package qemu-guest-agent

[David Kalnischkies]

APT itself is not involved with (re)starting services. The individual
packages do this in their maintainer scripts, so reassigning to qemu
(which contains qemu-guest-agent).

** Package changed: apt (Ubuntu) => qemu (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/2028124

Title:
  apt dist-upgrade does not restart package qemu-guest-agent

Status in qemu package in Ubuntu:
  Confirmed

Bug description:
  When my system Ubuntu 22.04.2 LTS performs apt dist-upgrade (manually or from 
unattended upgrades) and there is an upadte on package qemu-guest-agent, the 
agent gets stopped, updated, but is not started.
  I observed this behaviour on two machines with same result.

  After I run the apt I see this in syslog, no errors:
  Jul 19 07:04:02 micro systemd[1]: Stopping QEMU Guest Agent...
  Jul 19 07:04:02 micro systemd[1]: qemu-guest-agent.service: Deactivated 
successfully.
  Jul 19 07:04:02 micro systemd[1]: Stopped QEMU Guest Agent.
  Jul 19 07:04:02 micro systemd[1]: qemu-guest-agent.service: Consumed 31min 
49.962s CPU time.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/2028124/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 2003785] Re: apt source exact-source-package doesn't download the requested source package

[David Kalnischkies]

The idea is that a user will want to request the sources for a given
binary package – after all, that is the promise of GPL and co that you
can easily get the source for the binary you have installed. So for me
at least this binary-to-source mapping is very intuitive and I would be
very confused about your intuitive non-mapping.

Any way of handling can result in confusion every time a source and
binary package have the same name, but produce/include packages with
other names. A prime example used to be 'automake', but nowadays at
least that mess was cleaned up.

I don't think changing defaults would help here, especially not after ~25 years 
of operating in this way. I guess it might be more helpful to detect these 
collisions and have apt-get print/apt ask the user about it rather than 
assuming that one way or the other and an option to change it is intuitive for 
all users at all times.
Or, well, teach package maintainers that these collisions are a horrible idea. 
Preferably both. (Personally not going to work on either through in the 
foreseeable future.)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/2003785

Title:
  apt source exact-source-package doesn't download the requested source
  package

Status in apt package in Ubuntu:
  New

Bug description:
  apt source exact-source-package doesn't download the right source
  package

  
  when specifying source package, i expect the exact source package to be 
downloaded.

  
  example:

  $ apt source linux-lowlatency => incorrectly downloads linux-meta-lowlatency
  $ apt source --only-source linux-lowlatency => is very counter intuitive but 
downloads linux-lowlatency source package

  Please default to downloading exact source package by default first,
  and offer binary->source resolution separately.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/2003785/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1974456] Re: regression: apt.postint fails if never previously configured

[David Kalnischkies]

jftr: I removed this if in git commit
938889b20268ec92be1bff67750f7adf03f52c1b, which was shipped with 2.1.12
– that might explain why it isn't effecting releases with later versions
and why it was missed.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1974456

Title:
  regression: apt.postint fails if never previously configured

Status in apt package in Ubuntu:
  New
Status in apt source package in Bionic:
  New
Status in apt source package in Focal:
  New

Bug description:
  #1968154 removed `/etc/kernel/postinst.d/apt-auto-removal` in this patch:
  
https://git.launchpad.net/ubuntu/+source/apt/commit/?id=f9d2d993687c0d5223c241956ef6a0aabcf15bf0

  ...but `apt.postinst` still tries to run it:

  # create kernel autoremoval blacklist on update
  if dpkg --compare-versions "$2" lt 0.9.9.3; then
  /etc/kernel/postinst.d/apt-auto-removal
  fi

  If I understand correctly, "$2" is the most-recently-configured-
  version, and if it's empty `dpkg --compare-versions lt` will evaluate
  to true.

  This fails when I'm building a focal (20.04) userspace from scratch:

  $ dpkg --configure -a
  [...]
  Setting up apt (2.0.8) ...
  /var/lib/dpkg/info/apt.postinst: 65: 
/etc/kernel/postinst.d/apt-auto-removal: not found
  dpkg: error processing package apt (--configure):
   installed apt package post-installation script subprocess returned error 
exit status 127

  It works with apt 2.0.6.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1974456/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1970110] Re: downloaded packages are removed just after installation

[David Kalnischkies]

apt 1.2~exp1 came with the follow NEWS entry:
  [ Automatic removal of debs after install ]
  After packages are successfully installed by apt(8),
  the corresponding .deb package files will be
  removed from the /var/cache/apt/archives cache directory.

  This can be changed by setting the apt configuration option
"Binary::apt::APT::Keep-Downloaded-Packages" to "true". E.g:

  # echo 'Binary::apt::APT::Keep-Downloaded-Packages "true";' \
  > /etc/apt/apt.conf.d/01keep-debs

  Please note that the behavior of apt-get is unchanged. The
  downloaded debs will be kept in the cache directory after they
  are installed. To enable the behavior for other tools, you can set
  "APT::Keep-Downloaded-Packages" to false.

If you have disabled this feature you can do manual maintenance with the
`autoclean` and `clean` commands. More automatic maintenance can be
achieved with our cronjob, see `/usr/lib/apt/apt.systemd.daily`for
details, which can e.g. be configured to remove files after a few days
as you seem to prefer here.

As this default behavior is a deliberate choice and there are various
options to change this I am closing this report as not a bug.

** Changed in: apt (Ubuntu)
   Status: New => Opinion

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1970110

Title:
  downloaded packages are removed just after installation

Status in apt package in Ubuntu:
  Opinion

Bug description:
  When installing a package with 'apt install [package name]', I see the deb 
files which appear in /var/cache/apt/archives.
  However, just after installation, the deb file are deleted from this 
directory.
  I would prefer a deletion after a few days. Sometimes, we install/uninstall 
and reinstall.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: apt 2.4.5
  ProcVersionSignature: Ubuntu 5.15.0-25.25-generic 5.15.30
  Uname: Linux 5.15.0-25-generic x86_64
  ApportVersion: 2.20.11-0ubuntu82
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: XFCE
  Date: Sun Apr 24 16:10:48 2022
  InstallationDate: Installed on 2022-04-24 (0 days ago)
  InstallationMedia: Xubuntu 22.04 LTS "Jammy Jellyfish" - Release amd64 
(20220419)
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1970110/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1965960] Re: apt installs snap packages

[David Kalnischkies]

fwiw it is "invalid" here as apt has nothing to do with it, as it did
what it is supposed to do, upgrade a package: It has no business in the
contents, similar to a parcel deliverer. It is probably more productive
you figure out what exactly is not working in foo.deb vs. foo.snap and
report this to foo (or snap) so it can be worked on and perhaps fixed.
Currently, you are angrily complaining to your old parcel deliverer that
they brought you a letter informing you that the next letter will come
with a different parcel deliverer.

(Disclaimer: Not an Ubuntu dev, not even a user, but one of the devs of
apt itself reading "downstream" bug reports)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1965960

Title:
  apt installs snap packages

Status in apt package in Ubuntu:
  Invalid

Bug description:
  $ lsb_release -rd
  Description:  Ubuntu Jammy Jellyfish (development branch)
  Release:  22.04

  $ apt-cache policy apt
  apt:
Installed: 2.4.1
Candidate: 2.4.1
Version table:
   *** 2.4.1 500
  500 http://de.archive.ubuntu.com/ubuntu jammy/main amd64 Packages
  100 /var/lib/dpkg/status

  
  3) I expected to dist-upgrade my system, running apt-get dist-upgrade

  4) apt tried to install firefox from snap. I naturally aborted the upgrade, 
if I want a snap package I install it with snap, I use apt to install 
debian/apt packages.
  Aborting the install essentially broke my system. Trying to repair it, and 
installing firefox using apt again, hence getting force-fed the snap of 
firefox, broke my install, too, as the snap cannot access my firefox 
configuration files (for good reasons).
  It took me half a day to repair the system and switch to a PPA to keep the 
system (and Ubuntu with its intended processes - apt for deb, snap for snap, 
probably flatpaks and whatever for other stuff  - for that matter) running.

  In summary: We know you love snap. We use snap for certain purposes, and apt 
for others. Please don't force your love for snap on us, snaps constantly break 
long-running systems and require careful introduction.
   
  The proper solution could have been to stop supporting firefox from apt, so 
we have to consciously deal with the situation - without getting our systems 
broken.

  Thanks ❤️

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: apt 2.4.1
  ProcVersionSignature: Ubuntu 5.15.0-22.22-generic 5.15.19
  Uname: Linux 5.15.0-22-generic x86_64
  ApportVersion: 2.20.11-0ubuntu79
  Architecture: amd64
  CasperMD5CheckResult: pass
  CurrentDesktop: MATE
  Date: Tue Mar 22 16:26:47 2022
  InstallationDate: Installed on 2022-03-07 (15 days ago)
  InstallationMedia: Ubuntu 22.04 LTS "Jammy Jellyfish" - Alpha amd64 (20220228)
  RebootRequiredPkgs: Error: path contained symlinks.
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1965960/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1960727] Re: When apt holds back updates, it fails to inform the user of the reason

[David Kalnischkies]

Can you provide a complete (preferably real) example of what output you
would expect?

Honestly, I don't see this working as in the general case the reason is
not simple – its at least my experience from staring at debug output for
hours to figure such things out in the development branches of a
distribution. That is because a package is seldomly held back because it
is itself "misconstructed" (and never because its "corrupt, or otherwise
junk"), it is usually the state of the universe at large (so to speak)
who is at 'fault'.

Happy to be proven wrong through. Ideally with a tool who can deduce
these things which could be used in apt & elsewhere.

Also, but that comes down to user attitude I guess, is that as a user I
am trusting the tools I am using. So it justifying all its decisions in
detail for me to review feels way too micro-managing to me.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1960727

Title:
  When apt holds back updates, it fails to inform the user of the reason

Status in apt package in Ubuntu:
  New

Bug description:
  In the case where apt refuses to install and holds back certain
  packages, only the following output is produced:

  root@system:/home/admin# apt upgrade
  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  Calculating upgrade... Done
  The following packages have been kept back:
[ List of packages ]
  0 upgraded, 0 newly installed, 0 to remove and 24 not upgraded.

  
  Missing is any explanation about which package is responsible for apt 
refusing to perform its job, or even what is the reason for that package being 
uninstallable.

  This bug leads users to believe that official Ubuntu packages are
  routinely misconstructed, corrupt, or otherwise junk.

  Fix: Instead of apt simply responding "No Dave, I'm Afraid I Can't Do
  that", correct the output to include the specific package that has a
  missing or unresolved dependency, so the user a) has confidence that
  the process works correctly and b) can proceed with fixing the
  problem.

  
  This bug is longstanding, so I don't think version details are required, but 
they follow anyway:

  1) Distributor ID: Ubuntu
  Description:Ubuntu 20.04.3 LTS
  Release:20.04
  Codename:   focal

  2) # apt --version
  apt 2.0.6 (amd64)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1960727/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1957781] Re: when i upgrade my package ask me yes or no ?

[David Kalnischkies]

+

Yes, "1" is a valid expression to say "yes", as is "+" – at least in my
(german) locale, and perhaps in yours, too. You can check with `locale
yesexpr` – the output is a regex expression. For me it prints
"^[+1jJyY]" (without the quotes), so anything starting (^) with either
of the characters in between the square brackets counts as a yes. In any
application honoring this setting, apt isn't alone in this! And it is
sort of important to respect such settings as in some locals 'N' means
something different (I think e.g. in Norway it means yes).

1/0 make sense for technical persons to use btw as they will be familiar
to the concept of on/off, yes/no, … being encoded as 1/0. For less
technical people that can be a bit alien and showing all options would
probably confuse the heck out of people not familiar with regex syntax,
hence apts choice to display only two common options ("Y/n").

So, this is not a bug, but intended behavior and as such I am closing
this bugreport.

** Changed in: apt (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1957781

Title:
  when i  upgrade my package ask me yes or no ?

Status in apt package in Ubuntu:
  Invalid

Bug description:
  ubuntu 21.10

  use  sudo apt  upgrade
  toshiba@toshiba-Satellite-C850-B908:~$ sudo apt upgrade
  Reading package lists... Done
  Building dependency tree... Done
  Reading state information... Done
  Calculating upgrade... Done
  The following NEW packages will be installed:
linux-headers-5.13.0-25 linux-headers-5.13.0-25-generic
linux-image-5.13.0-25-generic linux-modules-5.13.0-25-generic
linux-modules-extra-5.13.0-25-generic
  The following packages will be upgraded:
ghostscript ghostscript-x gir1.2-javascriptcoregtk-4.0 gir1.2-webkit2-4.0
libexiv2-27 libfprint-2-2 libgs9 libgs9-common libjavascriptcoregtk-4.0-18
libnss-systemd libpam-systemd libqt5core5a libqt5dbus5 libqt5gui5
libqt5network5 libqt5widgets5 libsystemd0 libudev1 libwebkit2gtk-4.0-37
linux-generic-hwe-20.04 linux-headers-generic-hwe-20.04
linux-image-generic-hwe-20.04 linux-libc-dev openssh-client
qt5-gtk-platformtheme systemd systemd-sysv systemd-timesyncd udev
  29 upgraded, 5 newly installed, 0 to remove and 0 not upgraded.
  27 standard security updates
  Need to get 148 MB of archives.
  After this operation, 504 MB of additional disk space will be used.
  Do you want to continue? [Y/n] 1
  Get:1 http://sy.archive.ubuntu.com/ubuntu impish-updates/main amd64 
systemd-timesyncd amd64 248.3-1ubuntu8.2 [30.8 kB]


  --
  so i click 1 not y or yes ? and the upgrading begin?
  is that normal ?
  i mean using 1 as yes?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1957781/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1952720] Re: apt uses proxy in order to access local resources

[David Kalnischkies]

apt contacts the squid proxy (which is on your local machine) hence the ipv6 
from your machine. The "Forbidden" is the reply from the proxy for the request. 
squid-deb-proxy hardcodes an allowlist for mirrors and sources to contact and 
ips that can contact the proxy. I would presume that either (or both) does not 
match with your reality (anymore) and hence denies the request. You actually 
confirmed this already by disabling the checks in the config which resulted in 
it working (again).
As apt works as it should be here, reassign to the suqid-proxy package.

** Package changed: apt (Ubuntu) => squid-deb-proxy (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1952720

Title:
  apt uses proxy in order to access local resources

Status in squid-deb-proxy package in Ubuntu:
  New

Bug description:
  apt uses proxy in order to access local resources. This leads to
  errors when the proxy is configured to allow only access to the
  resources that apt is actually expected to be trying to reach.

  Steps to reproduce:

  - In VirtualBox install Ubuntu 21.10, Minimal installation.
  - In Terminal run:
sudo apt install squid-deb-proxy squid-deb-proxy-client
sudo apt update

  After the last step, apt is trying to use the installed squid-deb-
  proxy, but it fails, because the proxy is configured to allow access
  only to the mirrors, but apt is trying to use it also to access the
  locally available keys.

  As a workaround, the proxy configuration can be changed to accept any 
connection:
  in /etc/squid-deb-proxy/squid-deb-proxy.conf replace the line:
  'http_access deny !to_archive_mirrors'
  with
  'http_access allow all'
  run 'sudo systemctl restart squid-deb-proxy'
  Now, 'sudo apt update' will succeed.

  While what I managed to "correct" the issue by amending squid-deb-
  proxy configuration, I believe that it is a bug in apt that uses the
  proxy when not appropriate.

  The output of the failing sudo apt update (with IP addresses "anonymized"; 
the address 2a03:687:4ea:4900:fe9f:937c:3487:4cd3 is supposed to be the IP 
assigned to the machine where the apt client is running):
  Err:1 http://lu.archive.ubuntu.com/ubuntu impish InRelease
403  Forbidden [IP: 2a03:687:4ea:4900:fe9f:937c:3487:4cd3 8000]
  Err:2 http://lu.archive.ubuntu.com/ubuntu impish-updates InRelease
403  Forbidden [IP: 2a03:687:4ea:4900:fe9f:937c:3487:4cd3 8000]
  Err:3 http://lu.archive.ubuntu.com/ubuntu impish-backports InRelease
403  Forbidden [IP: 2a03:687:4ea:4900:fe9f:937c:3487:4cd3 8000]
  Ign:4 http://security.ubuntu.com/ubuntu impish-security InRelease
  Ign:4 http://security.ubuntu.com/ubuntu impish-security InRelease
  Ign:4 http://security.ubuntu.com/ubuntu impish-security InRelease
  Err:4 http://security.ubuntu.com/ubuntu impish-security InRelease
Connection failed [IP: 127.0.0.1 8000]
  Reading package lists... Done
  N: See apt-secure(8) manpage for repository creation and user configuration 
details.
  N: Updating from such a repository can't be done securely, and is therefore 
disabled by default.
  E: The repository 'http://lu.archive.ubuntu.com/ubuntu impish InRelease' is 
no longer signed.
  E: Failed to fetch http://lu.archive.ubuntu.com/ubuntu/dists/impish/InRelease 
 403  Forbidden [IP: 2a03:687:4ea:4900:fe9f:937c:3487:4cd3 8000]
  E: Failed to fetch 
http://lu.archive.ubuntu.com/ubuntu/dists/impish-updates/InRelease  403  
Forbidden [IP: 2a03:687:4ea:4900:fe9f:937c:3487:4cd3 8000]
  E: The repository 'http://lu.archive.ubuntu.com/ubuntu impish-updates 
InRelease' is no longer signed.
  N: Updating from such a repository can't be done securely, and is therefore 
disabled by default.
  N: See apt-secure(8) manpage for repository creation and user configuration 
details.
  E: Failed to fetch 
http://lu.archive.ubuntu.com/ubuntu/dists/impish-backports/InRelease  403  
Forbidden [IP: 2a03:687:4ea:4900:fe9f:937c:3487:4cd3 8000]
  E: The repository 'http://lu.archive.ubuntu.com/ubuntu impish-backports 
InRelease' is no longer signed.
  N: Updating from such a repository can't be done securely, and is therefore 
disabled by default.
  N: See apt-secure(8) manpage for repository creation and user configuration 
details.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/squid-deb-proxy/+bug/1952720/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1950095] Re: [github] 20.04: Apt fails to download URLs with non-encoded querystrings

[David Kalnischkies]

"minimal potential for causing regressions" is a big claim given I had
to fix regressions in later commits like
149b23c2b9697bc262c0af1934c7a3f6114d903f and
2b0369a5d1673d9e40f2af4db7677b040a26ee58. There might be more, that is
just what I remember directly. It is certainly not the most complicated
code in the world, but it's quite a bit of it as I was not trying for
minimal, but instead maximized for forward and backward compat.

(Disclaimer: I am the upstream author of the patch set in question. Not
involved enough with Ubuntu to know and/or predict if this qualifies or
not for backport, so not commenting on that part. Pretty sure Debian
would refuse if we tried including that in a stable update through).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1950095

Title:
  [github] 20.04: Apt fails to download URLs with non-encoded
  querystrings

Status in apt package in Ubuntu:
  Confirmed

Bug description:
  I've just helped a group of Ubuntu 20.04 users with Microsoft Surface
  devices. They rely upon a github repository releases pocket as the apt
  archive. Those users recently hit a bug "Ubuntu: Apt update fails with
  Error 401 Unauthorized" [1]

  The initial simple Github URL gets a Location: redirect to a complex
  URL with un-escaped query-string. The resulting complex URL causes apt
  to fail to fetch the resource.

  $ sudo apt upgrade -y
  Err:1 https://pkg.surfacelinux.com/debian release/main amd64 libwacom-surface 
amd64 1.12-2
401  Unauthorized [IP: 185.199.110.133 443]

  The URL can be manually corrected. One of the Surface users provided
  this example:

  bad:  https://objects.githubusercontent.com/github-production-release-
  asset-2e65be/139604852/86019e52-7bfa-4bc6-8cc1-52147027aee6?X-Amz-
  Algorithm=AWS4-HMAC-SHA256
  Credential=AKIAIWNJYAX4CSVEH53A/20211105/us-
  east-1/s3/aws4_request=20211105T161053Z
  Expires=300
  
Signature=2bc0c28946db539ada250b1030c37249dae909d73a68c90b5e7bfe7fecd5d347
  SignedHeaders=host_id=0_id=0_id=139604852
  content-disposition=attachment; filename=libwacom-
  surface_1.12-2_amd64.deb=application/octet-
  stream

  good: https://objects.githubusercontent.com/github-production-release-
  asset-2e65be/139604852/86019e52-7bfa-4bc6-8cc1-52147027aee6?X-Amz-
  Algorithm=AWS4-HMAC-SHA256
  Credential=AKIAIWNJYAX4CSVEH53A%2F20211105%2Fus-
  east-1%2Fs3%2Faws4_request=20211105T160935Z
  Expires=300
  
Signature=44d9307e66dfb5b3672ee0082b8801ad2532ac4b6be61c3442fb265ffce72852
  SignedHeaders=host_id=0_id=0_id=139604852
  content-disposition=attachment%3B%20filename%3Dlibwacom-
  surface_1.12-2_amd64.deb=application%2Foctet-
  stream

  I found this also affects a github repository I recently added for
  Zotero on 20.04.

  The problem is fixed in later versions of apt upstream, in Debian and
  Ubuntu releases. I cherry-picked the 4 commits [3] and provided a
  package for Focal in my PPA [2] which multiple users have reported (in
  [1]) solves the issue.

  It would be really good to get those patches included in 20.04 as an
  SRU.

  As the code is in later versions of apt and is focused on the URL
  encoding only it has minimal potential for causing regressions.

  [1] https://github.com/linux-surface/linux-surface/issues/625

  [2] https://launchpad.net/~tj/+archive/ubuntu/bugfixes

  [3] https://salsa.debian.org/apt-
  team/apt/-/commit/06ec0067057e0578f3bc515f6a97d6a9d70824f6

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1950095/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1945093] Re: apt update command output gives gapes in row numbering

[David Kalnischkies]

> Ign:3 https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4
InRelease

triggers the fallback to download the files Release & Release.gpg, but
as the Release file (5) is a Hit apt skips the attempt to acquire
Release.gpg (8) and continues on with the reverify step which doesn't
emit a message.

If we like really wanted to fix that we probably could special case this
situation and trick the progress reporting into showing a hit for
Release.gpg, too, but you are the first person to notice in … a lot of
years and the proper fix is for this repository to have an InRelease
file.

I would have set it to "wont-fix", but I am apparently not allowed to do
that on launchpad, so "opinion" it is, which feels wrong as I agree its
unfortunate, I just don't think it is worth it to invest precious
resources to fix it at this point. In an ideal world we would instead
drop the fallback which would also fix that issue… (but also break that
repository).

** Changed in: apt (Ubuntu)
   Status: New => Opinion

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1945093

Title:
  apt update command output gives gapes in row numbering

Status in apt package in Ubuntu:
  Opinion

Bug description:
  I'm checking the output of `sudo apt update`

  ```sh
  Hit:1 http://dl.google.com/linux/chrome/deb stable InRelease
  Hit:2 http://packages.microsoft.com/repos/code stable InRelease   
  
  Ign:3 https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 InRelease 
  
  Hit:4 https://repo.skype.com/deb stable InRelease 
 
  Hit:5 https://repo.mongodb.org/apt/ubuntu focal/mongodb-org/4.4 Release   
 
  Hit:6 http://archive.ubuntu.com/ubuntu focal InRelease
  Get:7 http://archive.ubuntu.com/ubuntu focal-updates InRelease [114 kB]
  Get:9 http://archive.ubuntu.com/ubuntu focal-backports InRelease [101 kB]
  Get:10 http://archive.ubuntu.com/ubuntu focal-security InRelease [114 kB]
  Get:11 http://archive.ubuntu.com/ubuntu focal-updates/main amd64 DEP-11 
Metadata [283 kB]
  Get:12 http://archive.ubuntu.com/ubuntu focal-updates/universe amd64 DEP-11 
Metadata [355 kB]
  Get:13 http://archive.ubuntu.com/ubuntu focal-updates/multiverse amd64 DEP-11 
Metadata [944 B]
  Get:14 http://archive.ubuntu.com/ubuntu focal-backports/universe amd64 DEP-11 
Metadata [10,4 kB]
  Get:15 http://archive.ubuntu.com/ubuntu focal-security/main amd64 DEP-11 
Metadata [27,6 kB]
  Get:16 http://archive.ubuntu.com/ubuntu focal-security/universe amd64 DEP-11 
Metadata [61,0 kB]
  Get:17 http://archive.ubuntu.com/ubuntu focal-security/multiverse amd64 
DEP-11 Metadata [2.468 B]
  Fetched 1.068 kB in 2s (507 kB/s) 
  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  ```

  Why there is a gap at Row 8?

  (Ubuntu 20.04.3. Version of apt is `apt/focal-updates,now 2.0.6
  amd64`)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1945093/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1936273] Re: apt not respecting Ignore-Files-Silently directive

[David Kalnischkies]

This is documented behavior due to in which order the various
configuration places are evaluated: man apt.conf has the details at the
top.

In other words, you have to set Dir::Ignore-Files-Silently in a config
file specified with the APT_CONFIG environment variable for it to take
effect for configuration files.

** Changed in: apt (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1936273

Title:
  apt not respecting Ignore-Files-Silently directive

Status in apt package in Ubuntu:
  Invalid

Bug description:
  I have a configuration management system that stores a backup copy of
  files that it updates with a suffix based upon the date that the file
  is updated (.-MM-DD)

  In Ubuntu 20.04, I have added a file 00ignore to the /etc/apt/apt.conf
  directory.

  The contents of the file are one line:
  Dir::Ignore-Files-Silently:: "\.[12][0-9][0-9][0-9]-[01][0-9]-[0-3][0-9]$";

  The system appears to read the file, but doesn't seem to process it,
  as apt and related programs still spit out warnings.

  # apt-config dump |grep Ignore
  Dir::Ignore-Files-Silently "";
  Dir::Ignore-Files-Silently:: "~$";
  Dir::Ignore-Files-Silently:: "\.disabled$";
  Dir::Ignore-Files-Silently:: "\.bak$";
  Dir::Ignore-Files-Silently:: "\.dpkg-[a-z]+$";
  Dir::Ignore-Files-Silently:: "\.ucf-[a-z]+$";
  Dir::Ignore-Files-Silently:: "\.save$";
  Dir::Ignore-Files-Silently:: "\.orig$";
  Dir::Ignore-Files-Silently:: "\.distUpgrade$";
  Dir::Ignore-Files-Silently:: "\.[12][0-9][0-9][0-9]-[01][0-9]-[0-3][0-9]$";
  N: Ignoring file '99unclet-override.2021-06-15' in directory 
'/etc/apt/apt.conf.d/' as it has an invalid filename extension
  N: Ignoring file '00unclet.2021-06-18' in directory '/etc/apt/apt.conf.d/' as 
it has an invalid filename extension

  Note: aptitude does not display this warning, although many other apt-
  related programs do (e.g. apt, apt-get, apt-config).

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1936273/+subscriptions


-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1921626] Re: apt install - File has unexpected size - http pipeline

[David Kalnischkies]

> I've attached an example log, where the error pops up for multiple
packages, and they all appear to be compared to one size (86464 bytes).

just for the record: This is a misunderstanding. If apt does pipelining
it searches in the requests it made for the file this response is for.
If no request matches the size the error shows the last tried size (aka
of the last file in the queue).

I wonder a bit why Filesize isn't included in the message as internally
it is implemented as a (very weak) hash, but that might be due to the
apt version… I am not remembering ATM how it worked back then.

I am also a bit worried about the screenshot in the referred bugreport
as that shows two different servers replying (Apache vs some python via
a proxy).

And last not least: The sizes given in the HTTP request logs for
python3-zmq (which failed in that example) shown in
/var/log/httpd/foreman_access.log and /var/log/messages do not match
(254232 vs 254454).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1921626

Title:
  apt install - File has unexpected size - http pipeline

Status in apt package in Ubuntu:
  Incomplete

Bug description:
  1) Ubuntu 18.04.5 LTS

  2) apt 1.6.12ubuntu0.2

  3) What you expected to happen

  I set a custom set of repositories in /etc/apt/sources.list and then I
  run "apt install ". I expect the command to download
  and install the packages.

  4) What happened instead

  "apt install ..." fails during the download phase with "File has
  unexpected size "

  
  5) What I've established trying to debug the issue:

  - Disabling http pipelining resolves the issue: "apt 
-oAcquire::http::Pipeline-Depth=0 install ..."
  - All the packages, and repo metadata in the referenced repositories is 
correct
  - The issue is easily reproducible in my setup with different repositories
  - tcpdump shows that requests and responses are in the correct order, and 
contain the correct data

  More details about the issue:
  https://projects.theforeman.org/issues/32178

  With all the above in mind, it appears that this must be a bug in apt's http 
pipeline handling.
  It seem that apt is trying to match a request to do wrong response, and size 
doesn't match. 

  I've attached an example log, where the error pops up for multiple
  packages, and they all appear to be compared to one size (86464
  bytes). That size is correct for one of the package being downloaded,
  but somehow apt is trying to match to multiple other packages.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1921626/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1713219] Re: 'apt-mark showauto' and 'apt show' is slow

[David Kalnischkies]

No such version exists as it would be a bug. An Auto-Installed field !=
1 is still possible if the section includes another field the current
apt version doesn't know about and hence can't reason about. apt itself
does not currently generate such stanzas, but a future version might. Or
other clients might.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1713219

Title:
  'apt-mark showauto' and 'apt show' is slow

Status in apt package in Ubuntu:
  Triaged

Bug description:
  $ time apt-mark showauto >/dev/null

  real  0m0.587s
  user  0m0.552s
  sys   0m0.016s

  When I run the command first time, it is even much slower.

  I could do the job in fraction of a time using awk in POSIX shell
  script:

  auto_file='/var/lib/apt/extended_states'
  eval $(apt-config shell auto_file Dir::State::extended_states/f)
  awk '/^Package:/ {
pkg=$2
getline; arch=$2
getline
if($2==1) print pkg ":" arch
  }' "$auto_file" | CL_ALL=C sort -u

  real  0m0.019s
  user  0m0.008s
  sys   0m0.000s

  That prints architecture for every package and shows entries in
  slightly different order, though. And the file could be out of date
  showing packages that are not installed?!?

  Similarly

  apt show 

  is slow. (It also shows whether a package is manually or automatically
  installed.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: apt 1.0.1ubuntu2.17
  ProcVersionSignature: Ubuntu 4.4.0-92.115~14.04.1-generic 4.4.76
  Uname: Linux 4.4.0-92-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.25
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Sat Aug 26 12:59:00 2017
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2014-09-21 (1070 days ago)
  InstallationMedia: Ubuntu-Studio 14.04.1 LTS "Trusty Tahr" - Release amd64 
(20140722.1)
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.cron.daily.apt: [modified]
  modified.conffile..etc.kernel.postinst.d.apt.auto.removal: [modified]
  mtime.conffile..etc.cron.daily.apt: 2017-05-03T10:27:27.617839
  mtime.conffile..etc.kernel.postinst.d.apt.auto.removal: 
2017-06-01T14:39:39.236080

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1713219/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1713219] Re: 'apt-mark showauto' and 'apt show' is slow

[David Kalnischkies]

Mechanical train signals used to signal if the next section is clear vs.
blocked by another train used to have the arm raised if it was clear and
down if not. That was so that if the mechanic would fail in some way the
arm would fall down and rest in the "blocked" state rather than in a
"clear" state potentially causing huge problems.

I like to think that it is the same here. If the data gets lost,
corrupted or whatever we fall back to a safe state: protected from
autoremove as manual installed rather than causing havoc. In reality the
original implementer might not have thought that far, but he isn't
around anymore to ask him… and it isn't really important, is it?

Your precived "slowness" might be an out of dated cache. Have you
recently run an apt command with root rights? If it is not run as root
apt will build the cache in memory only. That cache can also easily be
many megabytes big, which can take a while to shuffle into disk cache on
a slow spinning disk.

Your script might be very fast, but it is also wrong (Auto-Installed is
not the only field which can be set there even if for apt its the only
one used. Other clients could use other fields and in that case apt
would of course also keep the manual entries…) and doesn't even begin to
support what apt-mark does. If you want to constructively work on
speeding apt in these cases is to look at where the time is lost and
optimize those codepaths. Showing off your script-foo is not helping and
borderline trolling… after all, I can easily point at a lot of traveling
salesperson (well, perhaps not in corona times), but that seems like a
very hard problem for computers somehow.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1713219

Title:
  'apt-mark showauto' and 'apt show' is slow

Status in apt package in Ubuntu:
  Triaged

Bug description:
  $ time apt-mark showauto >/dev/null

  real  0m0.587s
  user  0m0.552s
  sys   0m0.016s

  When I run the command first time, it is even much slower.

  I could do the job in fraction of a time using awk in POSIX shell
  script:

  auto_file='/var/lib/apt/extended_states'
  eval $(apt-config shell auto_file Dir::State::extended_states/f)
  awk '/^Package:/ {
pkg=$2
getline; arch=$2
getline
if($2==1) print pkg ":" arch
  }' "$auto_file" | CL_ALL=C sort -u

  real  0m0.019s
  user  0m0.008s
  sys   0m0.000s

  That prints architecture for every package and shows entries in
  slightly different order, though. And the file could be out of date
  showing packages that are not installed?!?

  Similarly

  apt show 

  is slow. (It also shows whether a package is manually or automatically
  installed.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: apt 1.0.1ubuntu2.17
  ProcVersionSignature: Ubuntu 4.4.0-92.115~14.04.1-generic 4.4.76
  Uname: Linux 4.4.0-92-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.25
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Sat Aug 26 12:59:00 2017
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2014-09-21 (1070 days ago)
  InstallationMedia: Ubuntu-Studio 14.04.1 LTS "Trusty Tahr" - Release amd64 
(20140722.1)
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.cron.daily.apt: [modified]
  modified.conffile..etc.kernel.postinst.d.apt.auto.removal: [modified]
  mtime.conffile..etc.cron.daily.apt: 2017-05-03T10:27:27.617839
  mtime.conffile..etc.kernel.postinst.d.apt.auto.removal: 
2017-06-01T14:39:39.236080

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1713219/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1919314] Re: debconf: delaying package configuration, since apt-utils is not installed

[David Kalnischkies]

The message can not be shown only if the package is going to ask
questions as debconf would need to extract the questions beforehand (and
find none) for that to work – but it can't do that without apt-utils. :)

Not sure about the stderr vs. stdout, I guess the rational is that its
more important than the "normal" output. In any case, this is something
you will have to bring up with debconf… reassigning there (and resetting
status).

** Package changed: apt (Ubuntu) => debconf (Ubuntu)

** Changed in: debconf (Ubuntu)
   Status: Opinion => New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to debconf in Ubuntu.
https://bugs.launchpad.net/bugs/1919314

Title:
  debconf: delaying package configuration, since apt-utils is not
  installed

Status in debconf package in Ubuntu:
  New

Bug description:
  The warning appears when installing apt-utils, with no way to silence
  the message. If apt-utils is required in the base image, it should be
  added there and not be a standalone package. This is a transcript from
  Ubuntu 20.04.1:

  $ LANG=C sudo apt install apt-utils 
  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  The following NEW packages will be installed:
apt-utils
  0 upgraded, 1 newly installed, 0 to remove and 159 not upgraded.
  Need to get 0 B/213 kB of archives.
  After this operation, 852 kB of additional disk space will be used.
  debconf: delaying package configuration, since apt-utils is not installed
  Selecting previously unselected package apt-utils.
  (Reading database ... 688084 files and directories currently installed.)
  Preparing to unpack .../apt-utils_2.0.4_amd64.deb ...
  Unpacking apt-utils (2.0.4) ...
  Setting up apt-utils (2.0.4) ...
  Processing triggers for man-db (2.9.1-1) ...

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: apt-utils 2.0.4
  ProcVersionSignature: Ubuntu 5.4.0-65.73-generic 5.4.78
  Uname: Linux 5.4.0-65-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset 
nvidia
  ApportVersion: 2.20.11-0ubuntu27.16
  Architecture: amd64
  CasperMD5CheckResult: skip
  CurrentDesktop: KDE
  Date: Tue Mar 16 11:30:26 2021
  EcryptfsInUse: Yes
  SourcePackage: apt
  UpgradeStatus: Upgraded to focal on 2020-05-04 (315 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/debconf/+bug/1919314/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1919314] Re: debconf: delaying package configuration, since apt-utils is not installed

[David Kalnischkies]

apt-utils is not required & this is not a warning (in the sense of an
unimportant error), but an information why debconf isn't asking
questions to configure all packages upfront at the start of the run, but
will ask questions (if any) while the packages are actually installed as
needed potentially interrupting the process multiple times waiting for
user input who might have decided to take a walk while this lengthy
installation process runs to return to a machine having stopped half-way
through with a configuration question (not installed) vs. a machine who
asked the questions upfront and is now done (installed). The end result
doesn't change regardless of apt-utils being installed or not – its just
a matter of which way is taken to get there.

(In an ideal world, in reality there are still packages who have to ask
questions in the middle of it as those only come up in certain
configurations and/or situations and can't be asked upfront).

** Changed in: apt (Ubuntu)
   Status: New => Opinion

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1919314

Title:
  debconf: delaying package configuration, since apt-utils is not
  installed

Status in apt package in Ubuntu:
  Opinion

Bug description:
  The warning appears when installing apt-utils, with no way to silence
  the message. If apt-utils is required in the base image, it should be
  added there and not be a standalone package. This is a transcript from
  Ubuntu 20.04.1:

  $ LANG=C sudo apt install apt-utils 
  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  The following NEW packages will be installed:
apt-utils
  0 upgraded, 1 newly installed, 0 to remove and 159 not upgraded.
  Need to get 0 B/213 kB of archives.
  After this operation, 852 kB of additional disk space will be used.
  debconf: delaying package configuration, since apt-utils is not installed
  Selecting previously unselected package apt-utils.
  (Reading database ... 688084 files and directories currently installed.)
  Preparing to unpack .../apt-utils_2.0.4_amd64.deb ...
  Unpacking apt-utils (2.0.4) ...
  Setting up apt-utils (2.0.4) ...
  Processing triggers for man-db (2.9.1-1) ...

  ProblemType: Bug
  DistroRelease: Ubuntu 20.04
  Package: apt-utils 2.0.4
  ProcVersionSignature: Ubuntu 5.4.0-65.73-generic 5.4.78
  Uname: Linux 5.4.0-65-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair nvidia_modeset 
nvidia
  ApportVersion: 2.20.11-0ubuntu27.16
  Architecture: amd64
  CasperMD5CheckResult: skip
  CurrentDesktop: KDE
  Date: Tue Mar 16 11:30:26 2021
  EcryptfsInUse: Yes
  SourcePackage: apt
  UpgradeStatus: Upgraded to focal on 2020-05-04 (315 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1919314/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1918930] Re: Unexpected file size of one package interrupts update process for all packages and leaves system vulnerable

[David Kalnischkies]

APT can't know how "critical" the other packages are compared to the
packages which failed to download (which really shouldn't happen to
begin with). I mean, if you don't (normally) use an SSH server, but
hard-depend on a sublime text-editor experience…

Have you tried the --fix-missing option the error message points to? It
will make it so that apt still shows the errors, but it will continue on
and install all packages it could successfully acquire. That is still a
failure for the whole process though (if that would be silent it would
be too easy for an attacker to fail these downloads and make you believe
you are up-to-date while nothing was installed – especially in
unattended processes).

Perhaps we should make that an interactive question in "apt" to have it
more easily discoverable for an interactive user?

(not commenting on the LP things, you may want to talk to them directly
about this rather than venting in an unrelated bugreport)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1918930

Title:
  Unexpected file size of one package interrupts update process for all
  packages and leaves system vulnerable

Status in apt package in Ubuntu:
  New

Bug description:
  An unexpected file size error of *one* package interrupts the whole
  update process for *all* packages and this can leave the system in a
  vulnerable state - this is not a constructed situation, but very real
  right now, look at the following console output - sublime has some
  problems with its package size, but then important ssh updates are not
  executed. Bad.

  The following packages will be upgraded:
brave-browser git git-man libpython2.7-minimal libpython2.7-stdlib 
linux-firmware openssh-client openssh-server openssh-sftp-server python2.7 
python2.7-minimal python3-pil sublime-merge
  13 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
  Need to get 4.548 kB/199 MB of archives.
  After this operation, 1.744 kB of additional disk space will be used.
  Do you want to continue? [Y/n]
  Get:1 https://download.sublimetext.com apt/stable/ sublime-merge 2049 [4.548 
kB]
  Err:1 https://download.sublimetext.com apt/stable/ sublime-merge 2049
File has unexpected size (4542548 != 4548032). Mirror sync in progress? 
[IP: 104.236.0.104 443]
Hashes of expected file:
 - 
SHA512:f65ce3ca80ff0877da48826a0151036cd8e0bdf28b03d225a03f202262ca1278accdac8e7eb46a22904203750ccf06e3abe496a44f7a4b0c3363076501f72369
 - SHA256:e71fcf37e9d934a60b5112a7b79c819f03f55d331371ec0e9b02378c6234478c
 - SHA1:7fe54a9f7ea5383dbdfc0aae39310e2902c6d7f5 [weak]
 - MD5Sum:fd78a3b986bd7da8b2ebd1f659f5938c [weak]
 - Filesize:4548032 [weak]
  E: Failed to fetch 
https://download.sublimetext.com/files/sublime-merge_build-2049_amd64.deb  File 
has unexpected size (4542548 != 4548032). Mirror sync in progress? [IP: 
104.236.0.104 443]
 Hashes of expected file:
  - 
SHA512:f65ce3ca80ff0877da48826a0151036cd8e0bdf28b03d225a03f202262ca1278accdac8e7eb46a22904203750ccf06e3abe496a44f7a4b0c3363076501f72369
  - SHA256:e71fcf37e9d934a60b5112a7b79c819f03f55d331371ec0e9b02378c6234478c
  - SHA1:7fe54a9f7ea5383dbdfc0aae39310e2902c6d7f5 [weak]
  - MD5Sum:fd78a3b986bd7da8b2ebd1f659f5938c [weak]
  - Filesize:4548032 [weak]
  E: Unable to fetch some archives, maybe run apt-get update or try with 
--fix-missing?

  Note: This issue is not about the package size error in a third party
  repo - I do not blame Ubuntu for problems with that. This is about
  breaking the whole process of updating the system because one single
  sub-task fails.

  Why not make the basic tools really robust and reliable?

  BTW - here are s many free pixels on this screen - why not add two
  or three small sentences about text formatting syntax available in
  this extremely primitive text input box? Is there any text formatting
  at all? Why not put just a little bit of love to the user perspective
  and experience? Just two little senteces about formatting would make
  it so much more user friendly to type here. It feels so quick-and-
  dirty, it hurts. Very sad.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1918930/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1869107] Re: Error when installing scanner deb on 20.04

[David Kalnischkies]

Without looking at the deb file, this is likely a regression of 2.0
which was fixed in the recently released 2.0.1 in Debian. Pretty sure
that will eventually flow into Ubuntu as well. See the commit in
question for details if you are interested: https://salsa.debian.org
/apt-team/apt/-/commit/bf46e09f0e4b52b3c71ac20bb11e7511fc16179f

That the scanner doesn't seem to work for you is orthogonal to this
issue. You might want to contact a support channel of Ubuntu about this
with more details – bugreports tend not be a good place for getting
hardware to behave with drivers in third-party packages. Thanks for
reporting your issue none the less!

** Changed in: apt (Ubuntu)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1869107

Title:
  Error when installing scanner deb on 20.04

Status in apt package in Ubuntu:
  Fix Committed

Bug description:
  Trying to install .deb for Brother ADS-2200 scanner. Worked previously
  in 18.04, 18.10, 19.04 and 19.10.

  If I double click on the .deb, Gnome Software attempts to install and
  fails with the following error:

  Failed to install file: not supported

  If I use apt to install the file manually I get the following error:

  sudo apt install ./brscanads2200ads2700w-0.1.15-1.amd64.deb
  Reading package lists... Error!
  E: Problem parsing Provides line of brscanads2200ads2700w:amd64=0.1.15-1
  E: Error occurred while processing brscanads2200ads2700w (NewVersion2)
  E: Problem with MergeList 
/home/caleb/Downloads/brscanads2200ads2700w-0.1.15-1.amd64.deb
  E: The package lists or status file could not be parsed or opened.

  I installed using dpkg without any errors.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1869107/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1668944] Re: The _apt user ignores group membership.

[David Kalnischkies]

Nowadays our HTTPS implementation works a few layers deeper than what I
talked about three years ago, so we could similar to our auth.conf work
now open all certificate (others also?) files as root before dropping
rights. As that would be best implemented by someone who actually uses
these features in practice for easier testing: Any takers?

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1668944

Title:
  The _apt user ignores group membership.

Status in apt package in Ubuntu:
  Invalid

Bug description:
  Actually I had the same problem described in 
http://askubuntu.com/questions/773955/apt-get-ssl-client-certificate-not-working-on-16-04-error-while-reading-file
  I want to use client certificates with apt. But I don't want to make them 
world readable in order to make apt working. So I created a group 'ssl-cert' 
and changed the group ownership of the ssl cert files to match this group. I 
also added the _apt user to the ssl-cert group.

  Then I tried to open these files as user '_apt' in bash (su -s
  /bin/bash _apt) which works well.

  But if I run: "apt-get -o "Debug::Acquire::https=true" update" I still get 
the following error:
  * error reading ca cert file /etc/certs/mycert/ca.pem (Error while reading 
file.)
  * Closing connection 26

  So my guess is that apt somehow ignores the ssl-cert membership.

  Possible workarounds:
  - make ssl client cert world readable
  - change owner ssl client cert to _apt
  - change main group of _apt user from 'nogroup' to 'ssl-cert'
  - set APT::Sandbox::User "root"; in apt.conf.d

  Neither of them is pretty. 
  Maybe this is a wanted behavior, then just suggest how to fix the issue in 
nice way.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1668944/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1864623] Re: apt-get attempts to download Packages.xz which is not InRelease and does not exist

[David Kalnischkies]

The cake is a lie.

--print-uris does *NOT* print the URIs an "apt update" is bound to use.
It can't because it doesn't download any file and it would need to
download at least the (current) InRelease file to answer that. So what
it does is print the URIs it would download IF everything would exist
and be advertised in the (In)Release file.

The option is from a time the answer was a lot easier to answer (a long
time ago), but nowadays apt supports too many optional features which
are handled at runtime to make accurate predictions (especially) about
the future.

So, your problem is elsewhere. Please check what "update" says. What a
following install command says and verify that the deb file it wants to
download actually exists. "~Ubuntu" in the version seems kinda strange…
usually its lowercase. Either is fine, but consistency is key: apt as
most tools in Linux is case-sensitive. Anyway, with the current set of
information we can only make very wild guesses.

** Changed in: apt (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1864623

Title:
  apt-get attempts to download Packages.xz which is not InRelease and
  does not exist

Status in apt package in Ubuntu:
  Invalid

Bug description:
  When trying to install the latest virtualbox-6.0 from virtualbox.org,
  we got a failure:

  Err:1 http://download.virtualbox.org/virtualbox/debian xenial/contrib amd64 
virtualbox-6.0 amd64 6.0.16-135674~Ubuntu~xenial
404  Not Found
  E: Failed to fetch 
http://download.virtualbox.org/virtualbox/debian/pool/contrib/v/virtualbox-6.0/virtualbox-6.0_6.0.16-135674~Ubuntu~xenial_amd64.deb
  404  Not Found

  
  We expected that this was a case of `apt-get update` not having been run 
before `apt-get install`, but turns out it's a bit more interesting:

  apt-get update fetched the following files:

  
  ubuntu@ubuntu:~$ apt-get --print-uris update |grep virtualbox
  'http://download.virtualbox.org/virtualbox/debian/dists/xenial/InRelease' 
download.virtualbox.org_virtualbox_debian_dists_xenial_InRelease 0 
  
'http://download.virtualbox.org/virtualbox/debian/dists/xenial/contrib/binary-amd64/Packages.xz'
 
download.virtualbox.org_virtualbox_debian_dists_xenial_contrib_binary-amd64_Packages
 0 
  
'http://download.virtualbox.org/virtualbox/debian/dists/xenial/contrib/binary-all/Packages.xz'
 
download.virtualbox.org_virtualbox_debian_dists_xenial_contrib_binary-all_Packages
 0 
  
'http://download.virtualbox.org/virtualbox/debian/dists/xenial/contrib/i18n/Translation-en.xz'
 
download.virtualbox.org_virtualbox_debian_dists_xenial_contrib_i18n_Translation-en
 0 

  http://download.virtualbox.org/virtualbox/debian/dists/xenial/InRelease
  returns 200 and lists a bunch of Packages lists. However, it does
  *not* list contrib/binary-amd64/Packages.xz, only:

  - contrib/binary-amd64/Packages
  - contrib/binary-amd64/Packages.gz
  - contrib/binary-amd64/Packages.bz2

  For some reason, apt still attempts to download the .xz files, and
  does not even report an error for them!

  Trying to download the file locally, I get a 404, but with an HTML
  error page as the content:

  $ curl -v 
'http://download.virtualbox.org/virtualbox/debian/dists/xenial/contrib/binary-amd64/Packages.xz'
 | head -n 20
% Total% Received % Xferd  Average Speed   TimeTime Time  
Current
   Dload  Upload   Total   SpentLeft  Speed
0 00 00 0  0  0 --:--:-- --:--:-- --:--:-- 
0*   Trying 2.22.40.42...
  * TCP_NODELAY set
  * Connected to download.virtualbox.org (2.22.40.42) port 80 (#0)
  > GET /virtualbox/debian/dists/xenial/contrib/binary-amd64/Packages.xz 
HTTP/1.1
  > Host: download.virtualbox.org
  > User-Agent: curl/7.58.0
  > Accept: */*
  > 
0 00 00 0  0  0 --:--:--  0:00:02 --:--:-- 
0< HTTP/1.1 404 Not Found
  < Accept-Ranges: bytes
  < Content-Type: text/html
  < ETag: "477d9862374177c810b0b7d73b4f1e53:1531792454.541174"
  < Last-Modified: Wed, 31 Aug 2011 20:28:54 GMT
  < Server: AkamaiNetStorage
  < Content-Length: 7073
  < Date: Tue, 25 Feb 2020 09:08:16 GMT
  < Connection: keep-alive
  < 
  { [7073 bytes data]
  100  7
  
  Error Page 404
  http://download.oracle.com/index.html; />
  
  
  


  I think it's a bug that:
  a) apt tries to download Packages files not listed in InRelease
  b) apt does not report errors on 404 it gets when downloading them

  It is of course possible that apt get a *different* InRelease and a
  *different* response when trying to download the .xz files, but that
  seems unlikely. If you want to, I can try to confirm the actual
  network traffic.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1864623/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to   

[Touch-packages] [Bug 1857018] Re: apt-get: Can not downgrade dependencies or anything with -t

[David Kalnischkies]

"apt install foo/bar" will try to satisfy dependencies of foo from
release bar if the current candidates do not satisfy the requirements.
That is more a feature for going to a PPA (or backports) than leaving it
and has some issues, but it exists (e.g. your downgrade has probably all
dependencies satisfied by the already installed [newer] versions from
the PPA).

Note that downgrades are still unsupported and can break your system, so
that is really not a painless action. Nobody said activating PPAs left
and right is something you can or should do – or that it is easy to
change your might.

You probably want something like "pick all packages from PPA foo and
install from bar". I think you can express something like that with the
newish patterns, but note that apt doesn't really know if a package was
installed from PPA foo. It guesses that if the current version is the
same as the version in the PPA it was installed from there, but that
isn't the same thing…

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1857018

Title:
   apt-get: Can not downgrade dependencies or anything with -t

Status in apt package in Ubuntu:
  Invalid

Bug description:
  Only the latter command downgrades the mythtv-frontend package (after
  removing the PPA from /etc/apt/sources.list.d/ and running 'apt
  update'):

  $ sudo apt-get install mythtv-frontend -s -V -t bionic
  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  mythtv-frontend is already the newest version 
(2:30.0+fixes.201912012038.a27754a~ubuntu18.04.1).
  0 upgraded, 0 newly installed, 0 to remove and 8 not upgraded.

  $ sudo apt-get install mythtv-frontend/bionic -s -V
  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  Selected version '2:29.1+fixes.20180414.329c235-0ubuntu3' 
(Ubuntu:18.04/bionic [amd64]) for 'mythtv-frontend'
  Suggested packages:
 mythtv-backend (2:29.1+fixes.20180414.329c235-0ubuntu3)
 mythmusic (2:29.1+fixes.20180414.329c235-0ubuntu3)
 mythweather (2:29.1+fixes.20180414.329c235-0ubuntu3)
 mythgallery (2:29.1+fixes.20180414.329c235-0ubuntu3)
 mythgame (2:29.1+fixes.20180414.329c235-0ubuntu3)
  The following packages will be REMOVED:
 mythtv-dbg (2:30.0+fixes.201912012038.a27754a~ubuntu18.04.1)
  The following packages will be DOWNGRADED:
 mythtv-frontend (2:30.0+fixes.201912012038.a27754a~ubuntu18.04.1 => 
2:29.1+fixes.20180414.329c235-0ubuntu3)
  0 upgraded, 0 newly installed, 1 downgraded, 1 to remove and 4 not upgraded.
  Remv mythtv-dbg [2:30.0+fixes.201912012038.a27754a~ubuntu18.04.1]
  Inst mythtv-frontend [2:30.0+fixes.201912012038.a27754a~ubuntu18.04.1] 
(2:29.1+fixes.20180414.329c235-0ubuntu3 Ubuntu:18.04/bionic [amd64])
  Conf mythtv-frontend (2:29.1+fixes.20180414.329c235-0ubuntu3 
Ubuntu:18.04/bionic [amd64])

  I do not know, if there is a reason for the different behavior.
  Anyway, I want to be able to easily downgrade the depending packages, too, 
retaining their auto/manual status.

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: apt 1.6.12
  ProcVersionSignature: Ubuntu 5.0.0-37.40~18.04.1-generic 5.0.21
  Uname: Linux 5.0.0-37-generic x86_64
  NonfreeKernelModules: nvidia
  ApportVersion: 2.20.9-0ubuntu7.9
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Thu Dec 19 16:25:51 2019
  InstallationDate: Installed on 2019-05-08 (224 days ago)
  InstallationMedia: Xubuntu 18.04.2 LTS "Bionic Beaver" - Release amd64 
(20190210)
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1857018/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1825021] Re: apt's dpkgpm.cc WriteApportReport function should gather more data

[David Kalnischkies]

No idea about Ubuntu specifically, but it should be in upstream since apt 
1.8.0~alpha3 release on Tue, 18 Dec 2018 15:02:11 +0100.
See also: https://salsa.debian.org/apt-team/apt/merge_requests/38

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1825021

Title:
  apt's dpkgpm.cc WriteApportReport function should gather more data

Status in apt package in Ubuntu:
  New

Bug description:
  While fixing bug 1813464 it occurred to me that it is not obvious that
  the dist-upgrader tarball includes its own copy of invoke-rc.d and
  that this has been complicated to debug more than once. The apport
  information in that report was gathered by apt's dpkgpm.cc code and I
  think we should extend that to gather additional information from the
  environment at the time that the package installation failed. For
  example the dist-upgrader sets the following:

  os.environ["PATH"] = "%s:%s" % (os.getcwd()+"/imported",
  os.environ["PATH"])

  Gathering path from the environment would have made diagnosing bug
  1813464 a lot easier. I tested modifying dpkgpm.cc with the following:

 if(const char* env_p = std::getenv("PATH"))
fprintf(report, "EnvPATH: %s\n", env_p);

  I then installed the crash-in-postinst package from the daisy-plucker-
  seeds PPA and received a crash report with the EnvPATH key and value.
  Its worth noting that when apport gathers environment information only
  a white listed set of keys is gathered to prevent disclosing
  potentially sensitive information. So we should look at what
  environment variables the dist-upgrader sets and gather those at a
  minimum.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1825021/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1809174] Re: apt doesn't detect file corruption in /var/lib/apt/lists

[David Kalnischkies]

Note that the file we have in lists/ is not what we downloaded as we
have downloaded a highly compressed version of the content (e.g. xz),
but store it either uncompressed (for which we have a checksum) or
lightly compressed (e.g. lz4 for which we have no checksum and can not
as different versions of a compressor could produce different files). So
such a check is not exactly free as we need to potentially uncompress
the content we want to check – we can't even do a size check in the
general case "for free". It might be worth it paying the price in
"update", but there are a bunch of people who believe we shouldn't,
reporting bugs to the effect that a no-change update should finish
instantly.

That said, files of size 0 could be made always invalid: We don't
download such files nowadays (as an empty file compressed has a [small]
size), so files in lists/ should have at least some content and if they
don't something is absolutely fishy.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1809174

Title:
  apt doesn't detect file corruption in /var/lib/apt/lists

Status in apt package in Ubuntu:
  Triaged

Bug description:
  The Problem
  ==

  /var/lib/apt/lists contains the repository index caches or similar;
  I'm not sure what the correct  apt-terminology is.

  I've installed Chrome on my laptop, so I have:

  smacdonald@L247:/var/lib/apt/lists$ dir *goog*
  -rw-r--r-- 1 root root  943 Dec 19 14:02 
dl.google.com_linux_chrome_deb_dists_stable_Release
  -rw-r--r-- 1 root root  819 Dec 19 14:02 
dl.google.com_linux_chrome_deb_dists_stable_Release.gpg
  -rw-r--r-- 1 root root 4457 Dec 19 14:02 
dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages

  for example.

  
  dl.google.com_linux_chrome_deb_dists_stable_Release contains checksums for 
the dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages file:

  smacdonald@L247:/var/lib/apt/lists$ cat 
dl.google.com_linux_chrome_deb_dists_stable_Release
  Origin: Google LLC
  Label: Google
  Suite: stable
  Codename: stable
  Version: 1.0
  Date: Wed, 19 Dec 2018 18:51:54 UTC
  Architectures: amd64
  Components: main
  Description: Google chrome-linux software repository
  MD5Sum:
   9e0d0ad6a4f5ccf8e3971c32e9bb22d3 4457 main/binary-amd64/Packages
   a17f6de0ef487b82af58ccd91df52d04 1109 main/binary-amd64/Packages.gz
   156e5ea7a0c6bed5973a68a45e546dc9 151 main/binary-amd64/Release
  SHA1:
   4c2cde4f71476d7881262d9a07e33cf4506232a7 4457 main/binary-amd64/Packages
   e002924c9ddfe41ee2033594ec768ed9e4545909 1109 main/binary-amd64/Packages.gz
   0f4348c2d4d7cc1f8e59b5934d87f1ca872f6e34 151 main/binary-amd64/Release
  SHA256:
   fb0e586c2b5ec5afa17965d0bbc6bd46c2071336f75e2b0f0c7f3e7b090a7844 4457 
main/binary-amd64/Packages
   2462cff732765679a56373a7ca9a5b8b029fdb445e707b1aba10d01fbdb853b3 1109 
main/binary-amd64/Packages.gz
   c1e3c9318381862306adcdc4fd4fe2d85be8aa4c4f3dcbb40fce80413f588286 151 
main/binary-amd64/Release

  
  If the dl.google.com_linux_chrome_deb_dists_stable_main_binary-amd64_Packages 
file has become corrupt in the specific manner of being 0 bytes in length, apt 
does not detect this, and the repository is effectively unreachable until one 
of two things occurs: a) the repository has an update causing apt to re-fetch 
the repository information and accidentally fix-by-over-writing the corrupt 0 
byte file, or, b) the user removes the corrupt 0-byte file and does an apt 
update to refetch the repository information.

  
  The Context
  ==

  Our IoT devices run Ubuntu 16.04, and their main storage is eMMC.
  Sometimes there are catastrophic power cuts, and, despite other
  precautions, files are occasionally corrupted in the manner of
  becoming 0 bytes in length. We're not sure exactly why or how.

  Today a deployed device suffered the above scenario. We maintain a
  debian package repository for updating our devices in the field, and
  we suddenly couldn't install packages from it. A bit of investigation
  turned up the 0 byte *_Packages file for our repo, and we worked
  around the problem.

  Part of the situation is our debian repository doesn't have updates
  very often, so 'sudo apt-get update' was giving a Hit: instead of a
  Get: result all the time, and everything from the "normal user command
  line" side of things looked okay. There were no logs in
  /var/log/syslog either. We just could not see our packages from our
  repo, despite 'apt-get update' looking good.

  
  What I Expected to Happen
  ==

  Given that the the *_Release file contains checksums for the *_Package
  file, I would expect that apt verifies the checksum, and if it fails,
  refetches the repository information 

[Touch-packages] [Bug 1787460] Re: Unattended upgrades removed linux-image-generic

[David Kalnischkies]

They both sound awfully "generic" (pun intended), but I can't really
come up with an example for a bad match, so lets just try it I guess.

That said, isn't the "deeper" problem that these metapackages can be
removed easily even through they are important to keep the kernel up-to-
date (and hence secure). Perhaps some should be "Important:yes"…

For the record: apts behavior is different depending on if you
explicitly remove a metapackage vs. its removed as part of problem
resolution like in a dist-upgrade or if you remove some dependee. Only
in the later cases the manual bit is applied to the (other) dependencies
of the metapackage.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1787460

Title:
  Unattended upgrades removed linux-image-generic

Status in apt package in Ubuntu:
  Triaged
Status in linux-meta package in Ubuntu:
  Triaged
Status in linux-meta-hwe package in Ubuntu:
  Triaged

Bug description:
  On a fairly fresh install of 18.04 with no modifications whatsoever to
  the unattended-upgrades configuration, it decided to remove linux-
  image-generic which also removed linux-modules-extra which caused
  sound drivers to disappear, etc.

  The relative snippet from /var/log/unattended-upgrades/unattended-
  upgrades.log is:

  2018-08-15 06:18:00,048 INFO Starting unattended upgrades script
  2018-08-15 06:18:00,048 INFO Allowed origins are: o=Ubuntu,a=bionic, 
o=Ubuntu,a=bionic-security, o=UbuntuESM,a=bionic
  2018-08-15 06:18:01,552 INFO Removing unused kernel packages: 
linux-headers-generic linux-image-generic linux-headers-4.15.0-32-generic 
linux-headers-4.15.0-32
  2018-08-15 06:18:01,588 WARNING Keeping auto-removable linux-headers-generic 
package(s) because it would also remove the following packages which should be 
kept in this step: libxml2 linux-image-4.15.0-32-generic 
linux-modules-4.15.0-32-generic linux-modules-extra-4.15.0-32-generic
  2018-08-15 06:18:09,476 INFO Packages that were successfully auto-removed: 
linux-headers-4.15.0-32 linux-headers-4.15.0-32-generic linux-headers-generic 
linux-image-generic
  2018-08-15 06:18:09,477 INFO Packages that are kept back: 
linux-headers-generic
  2018-08-15 06:18:10,300 INFO Packages that will be upgraded: libxml2 
linux-image-generic
  2018-08-15 06:18:10,300 INFO Writing dpkg log to 
/var/log/unattended-upgrades/unattended-upgrades-dpkg.log
  2018-08-15 06:18:39,238 INFO All upgrades installed
  2018-08-15 06:18:42,818 INFO Packages that were successfully auto-removed: 
linux-image-generic linux-modules-extra-4.15.0-32-generic
  2018-08-15 06:18:42,818 INFO Packages that are kept back:

  ProblemType: Bug
  DistroRelease: Ubuntu 18.04
  Package: unattended-upgrades 1.1ubuntu1.18.04.5
  ProcVersionSignature: Ubuntu 4.15.0-32.35-generic 4.15.18
  Uname: Linux 4.15.0-32-generic x86_64
  NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
  ApportVersion: 2.20.9-0ubuntu7.3
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  Date: Thu Aug 16 13:17:30 2018
  InstallationDate: Installed on 2018-07-24 (23 days ago)
  InstallationMedia: Ubuntu 18.04.1 LTS "Bionic Beaver" - Release amd64 
(20180724)
  PackageArchitecture: all
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: unattended-upgrades
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1787460/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1718453] Re: apt does not download dep11 files for foreign architectures and appstream cannot find applications for these archs.

[David Kalnischkies]

apt does what it is told – appstream configures apt to download only the
files for the native architecture, so there is no sensible action to be
taken by apt and hence this task invalid.

If "$(NATIVE_ARCHITECTURE)" in the apt.conf file shipped by appstream is
changed to "$(ARCHITECTURE)" apt will download the files for all
configured architectures – if that is really desired is what appstream
developers have to figure out. I will add that it might be also a good
idea to add support for Components-all first to avoid at least a bit of
duplication (yes, apt supports downloading those files, too, it just
wont by default – but that default can be switched via Release file
metadata).

** Changed in: apt (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1718453

Title:
  apt does not download dep11 files for foreign architectures and
  appstream cannot find applications for these archs.

Status in appstream package in Ubuntu:
  Confirmed
Status in apt package in Ubuntu:
  Invalid

Bug description:
  I noticed the following community member had a problem installing
  steam. I reproduced it on 16.04.3 clean install i386 and amd64.

  https://www.youtube.com/watch?v=24NH3Ry22Dg

  Install 16.04 amd64 or i386
  Install all updates via software updater
  Open Ubuntu Software
  Search for steam.

  No results for Steam found.
  Yet steam is in the repository as an i386 deb - but it doesn't show up in 
Ubuntu Software on either amd64 or i386 installs.

  
  Also discussed at 
https://ubuntu.labix.org/t/ubuntu-software-deb-install-issues/81

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: gnome-software 3.20.5-0ubuntu0.16.04.5
  ProcVersionSignature: Ubuntu 4.10.0-35.39~16.04.1-generic 4.10.17
  Uname: Linux 4.10.0-35-generic i686
  ApportVersion: 2.20.1-0ubuntu2.10
  Architecture: i386
  CurrentDesktop: Unity
  Date: Wed Sep 20 15:46:02 2017
  InstallationDate: Installed on 2017-09-20 (0 days ago)
  InstallationMedia: Ubuntu 16.04.3 LTS "Xenial Xerus" - Release i386 (20170801)
  SourcePackage: gnome-software
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/appstream/+bug/1718453/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1725861] Re: APT::AutoRemove::SuggestsImportant "false" should be the default

[David Kalnischkies]

While that sounds reasonable at first in simple situations, if I follow
that argument, I can find no reason why we are doing complex metapackage
handling, keeping many providers and a lot of other things, so we should
get right of all those, too, should we?

In reality we have to deal with many many users who only very casually
check the output of apt and generally trust it to do the right thing™.
And that is kinda reasonable if we don't want to teach every user
packaging practices. Most users will just not make the connection
between having run autoremove a couple of days ago and suddenly not
being able to push audio files from their favorite player
directly to their phones causing users (and supporters alike) to be
frustrated. Having "too many" packages installed rarely causes that
level of frustration in comparison.

autoremove is just not an "undo". It is supposed to remove things which
are clearly no longer needed by anything. Like old kernels, old
libraries and co. In fact, ideally we should end up in a situation in
which autoremove can be called automatically so that old kernels are
really gone, the system is cleaner after an upgrades and such… (but for
various reasons that isn't really possible/advisable at the moment).

Perhaps we should implement an "undo" – just named differently as that
is too confusing as we can't really perform an undo, but we have the
history.log from which we can extract which packages were newly
installed in an "apt install A" and offer to remove them as well (maybe
with a question ala: those other packages make use of B initially
installed with A, should we keep it?).

(And, while we are at it also a way for a repository to say: I don't
support package A anymore with options among a) you can safely remove it
as something else takes care of it now, b) here are potential
alternatives [we tend to have a list in RM requests, but nothing a user
can look at easily] c) it is dead and nothing compares d) look elsewhere
for it e) … – which should deal with a lot of packages which autoremove
should be removing, but is too scared ATM as it has not enough
information to make a safe call)

[No, I haven't implemented either. I haven't even really thought about
them. It just sounds for me like those could be potential ways to
resolve the situation]

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1725861

Title:
  APT::AutoRemove::SuggestsImportant "false" should be the default

Status in apt package in Ubuntu:
  New

Bug description:
  After an upgrade to 17.10, I took a look at how much cruft I had
  accumulated on my system, and started marking various packages 'auto'
  which I know I don't care about keeping installed.

  apt autoremove didn't remove nearly as much stuff as I expected, and
  as I dug down into some of them I found that a number of them were
  being kept because other packages on the system have Suggests:
  referencing them.

  This is asymmetric and wrong.  If Suggested packages are not
  automatically installed by default, then a Suggests should also not
  prevent a package from being automatically removed.

  After a web search led me to 'https://askubuntu.com/questions/351085
  /how-to-remove-recommended-and-suggested-dependencies-of-uninstalled-
  packages', I set 'APT::AutoRemove::SuggestsImportant "false"' in my
  apt config; apt autoremove now wants to remove 365MiB of packages from
  my system.  That is a LOT of cruft that has accumulated over the years
  of upgrades, none of which I have ever asked to be installed and all
  of which were universe or no-longer-available packages.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1725861/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1701852] Re: (xenial+) apt-cache fails to run if a single sources.list.d entry is not readable

[David Kalnischkies]

Regarding the bug itself: I wouldn't exactly call it a regression, but
it wasn't a super-intended change either. If I see it right I "broke" it
in 2015 by fixing a compiler warning, which indicated that a check which
should have been since ever never applied. So, that it worked before was
just as well a bug… long story short I guess we can make that a warning.

Why an error/warning? Having a different view on what packages are
available depending on if you are root or not is a cause for confusion
by users and tools alike as you confirm the non-root view, but the root
view is applied, which might include additional packages, different
versions or even (additional) unauthenticated packages you haven't
approved… (but the tools think you have). Similar things happen for non-
root preferences/configs and are hence discouraged.


For netrc/auth.conf documentation we have e.g. Debian bug #811181 tracking it. 
It is just that nobody has written documentation yet. I assume it is waiting 
for someone who actually wants that feature to write a few sentences about it.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1701852

Title:
  (xenial+) apt-cache fails to run if a single sources.list.d entry is
  not readable

Status in apt package in Ubuntu:
  Triaged

Bug description:
  When evaluating:

  https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-
  tools/+bug/1700611

  On 16.04 and greater, apt-cache fails to run if a single
  sources.list.d is not readable (by the current user).  On Trusty, the
  behavior was a bit more friendly in that it would run and just not
  show results from the file that cannot be read.

  My expectation is that when run it would warn if any .list file could
  not be read, but show results for everything it can see.

  This terminal interaction shows the problem (trusty and precise behave
  the same here):

  ubuntu@precise-esm:~$ ll 
/etc/apt/sources.list.d/staging-ubuntu-esm-precise.list
  -rw--- 1 root root 200 Jun 7 18:35 
/etc/apt/sources.list.d/staging-ubuntu-esm-precise.list

  ubuntu@precise-esm:~$ apt-cache policy landscape-client
  landscape-client:
Installed: (none)
Candidate: 14.12-0ubuntu0.12.04
Version table:
   14.12-0ubuntu0.12.04 0
  500 http://br.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 
Packages
  100 /var/lib/dpkg/status
   12.04.3-0ubuntu1 0
  500 http://br.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages

  ubuntu@precise-esm:~$ sudo apt-cache policy landscape-client
  landscape-client:
Installed: (none)
Candidate: 14.12-0ubuntu5.12.04
Version table:
   14.12-0ubuntu5.12.04 0
  500 https://extended.security.staging.ubuntu.com/ubuntu/ precise/main 
amd64 Packages
   14.12-0ubuntu0.12.04 0
  500 http://br.archive.ubuntu.com/ubuntu/ precise-updates/main amd64 
Packages
  100 /var/lib/dpkg/status
   12.04.3-0ubuntu1 0
  500 http://br.archive.ubuntu.com/ubuntu/ precise/main amd64 Packages

  ubuntu@xenial-test:~$ apt-cache search juju
  E: Opening /etc/apt/sources.list.d/juju-ubuntu-stable-xenial.list - 
ifstream::ifstream (13: Permission denied)
  E: The list of sources could not be read.
  ubuntu@xenial-test:~$

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1701852/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1694989] Re: apt-mark overwrites existing held package info

[David Kalnischkies]

Is it really /any/ which I can't confirm at the moment as holding e.g.
apt & dpkg works just fine…

The underlying question is: Are the packages you are trying to hold
installed? If not, dpkg will accept the hold at first and record it (so
apt will report it on showhold again), but as soon as the dpkg/status
file is modified again (e.g. with another hold), the record for the
uninstalled package is cleaned up removing the hold.

That is intended behavior by dpkg upstream according to earlier talks
(and in there since ever, but I think the situations in which cleanup
happens increased over time). We were thinking of having some way of
having dpkg store such info even for not installed packages, but then
life (& freeze) happened I guess, so there is nothing to show off apart
from "yeah, we should be doing something, maybe".

Perhaps we should just change apt to not accept holds for non-installed
packages until that is resolved in some way.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1694989

Title:
  apt-mark overwrites existing held package info

Status in apt package in Ubuntu:
  Triaged

Bug description:
  Running apt-mark hold commands overwrites / nullifies any existing
  held package data. Not sure if this is by design, but I assume it's
  meant to be cumulative.

  Ubuntu version: 16.04.2 LTS
  Package version: apt 1.2.19 amd64

  Expected behaviour:

  apt-mark hold 3dchess
  apt-mark hold 0ad
  apt-mark showhold

  3dchess
  0ad

  Actual behaviour:

  apt-mark hold 3dchess
  apt-mark hold 0ad
  apt-mark showhold

  0ad

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1694989/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1687666] Re: apt-cache doesn't read keys from trusted.gpg.d when rootdir is used

[David Kalnischkies]

"apt-cache" (the commandline binary packaged in apt) never reads keys
because it has no business with keys… from the "reproducer" I guess you
are trying to report a problem with the python bindings? You have also
omitted any other useful information like which version you are using…
If you want it to stay as an apt bug perhaps try to reproduce it with
"apt-get update -o Rootdir=/path/".

The mentioning of "trusty" in the tarball indicates a rather old
version. We had a bunch of these strange characters/spaces in path
issues in recent times; perhaps some/all weren't backported to trusty –
I don't follow Julians effort on that front all too closely.

btw: Rootdir is usually not the option you want. Dir tends to have the
same effect for "less" surprises – depends a bit on what you actually do
through.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1687666

Title:
  apt-cache doesn't read keys from trusted.gpg.d when rootdir is used

Status in apt package in Ubuntu:
  New

Bug description:
  Or so it would seem.

  Will try to attach a reproducer.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1687666/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1680261] Re: apt-secure ignoring allow-unauthenticated during apt-update

[David Kalnischkies]

> The allow-unauthenticated did not downgrade all errors relating to signing to 
> warnings.
> If it had, the apt-get update would have included the new packages and it 
> would find
> the packages during an install command, but may not allow installation 
> without explicit
> confirmation. The error resulting from the […]

It is actually the point of --allow-unauthenticated to skip the explicit
confirmation for unauthenticated packages and nothing else since all of
its existence… (because the 'complains' from "update" are new)

I was misreading "--allow-unauthenticated" for "--allow-insecure-
repositories" – but for the record the documentation for the earlier one
explicitly mentions the trusted option (at least in 1.4, not check
earlier).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1680261

Title:
  apt-secure ignoring allow-unauthenticated during apt-update

Status in apt package in Ubuntu:
  Invalid

Bug description:
  It appears apt-get update is completely ignoring the allow-
  unauthenticated switch. This initially provided a significant
  roadblock to getting the system to recognize a trusted local
  repository as most literature and posts refer to use of this switch. I
  was able to discover a workaround though the time invested was steep.
  The [trusted=yes] option in sources.list(5) functions correctly and
  will bypass this authentication check. It would be helpful at a
  minimum if the apt --allow-unauthenticated description in the apt-get
  documentation referred to sources.list(5) option trusted=yes with an
  example if this switch is being deprecated.

  Steps for Reproduction.

  Bootup 16.10 LiveCD

  Add to APT Sources
  deb file:/tmp/local/ ./

  Run the command, "apt-get --allow-unauthenticated update"

  Output as follows with no internet connection:

  https://pastebin.com/6h8tiHbN

  *Initial apt-get --allow-unauthenticated update failed due to missing release 
file.
  Generated generic release file to obtain the above output.

  
  "apt install" for packages included cannot find desired package.

  Local repo was set up via these instructions:
  http://askubuntu.com/questions/170348/how-to-create-a-local-apt-repository

  
  Packages.gz was generated using the below command.
  dpkg-scanpackages ./ | gzip -9c > Packages.gz

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1680261/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1680261] Re: apt-secure ignoring allow-unauthenticated during apt-update

[David Kalnischkies]

Have you read apt-secure(8) manpage as the explanatory notice (N:)
attached to the *warning* message says?

It explains why you see the *warnings*, that it is the propose of the
switch to downgrade the *errors* to a *warning* (so that worked as
intended) and it mentions how to configure that in sources.list – also
hinting at "trusted".

** Changed in: apt (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1680261

Title:
  apt-secure ignoring allow-unauthenticated during apt-update

Status in apt package in Ubuntu:
  Invalid

Bug description:
  It appears apt-get update is completely ignoring the allow-
  unauthenticated switch. This initially provided a significant
  roadblock to getting the system to recognize a trusted local
  repository as most literature and posts refer to use of this switch. I
  was able to discover a workaround though the time invested was steep.
  The [trusted=yes] option in sources.list(5) functions correctly and
  will bypass this authentication check. It would be helpful at a
  minimum if the apt --allow-unauthenticated description in the apt-get
  documentation referred to sources.list(5) option trusted=yes with an
  example if this switch is being deprecated.

  Steps for Reproduction.

  Bootup 16.10 LiveCD

  Add to APT Sources
  deb file:/tmp/local/ ./

  Run the command, "apt-get --allow-unauthenticated update"

  Output as follows with no internet connection:

  https://pastebin.com/6h8tiHbN

  *Initial apt-get --allow-unauthenticated update failed due to missing release 
file.
  Generated generic release file to obtain the above output.

  
  "apt install" for packages included cannot find desired package.

  Local repo was set up via these instructions:
  http://askubuntu.com/questions/170348/how-to-create-a-local-apt-repository

  
  Packages.gz was generated using the below command.
  dpkg-scanpackages ./ | gzip -9c > Packages.gz

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1680261/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1668944] Re: The _apt user ignores group membership.

[David Kalnischkies]

The recommended way is "chown _apt:root FILE && chmod 400 FILE" at the moment. 
Ideally we wouldn't need the chown (or have it root:root), but that isn't very 
realistic to be implementable without rolling our own TLS stack in the process 
at the moment, so we have to make due with that for now.
Disabling the feature or making the file world readable does work as well, but 
totally defeats the point of course…

I don't see what the point of trying to us groups here is. Are you
trying to share the same certificate for multiple things? If so that's a
bad idea. You should have a certificate for each and every usecase (=
client), not a single one shared between multiple clients on the same
machine.

** Changed in: apt (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1668944

Title:
  The _apt user ignores group membership.

Status in apt package in Ubuntu:
  Invalid

Bug description:
  Actually I had the same problem described in 
http://askubuntu.com/questions/773955/apt-get-ssl-client-certificate-not-working-on-16-04-error-while-reading-file
  I want to use client certificates with apt. But I don't want to make them 
world readable in order to make apt working. So I created a group 'ssl-cert' 
and changed the group ownership of the ssl cert files to match this group. I 
also added the _apt user to the ssl-cert group.

  Then I tried to open these files as user '_apt' in bash (su -s
  /bin/bash _apt) which works well.

  But if I run: "apt-get -o "Debug::Acquire::https=true" update" I still get 
the following error:
  * error reading ca cert file /etc/certs/mycert/ca.pem (Error while reading 
file.)
  * Closing connection 26

  So my guess is that apt somehow ignores the ssl-cert membership.

  Possible workarounds:
  - make ssl client cert world readable
  - change owner ssl client cert to _apt
  - change main group of _apt user from 'nogroup' to 'ssl-cert'
  - set APT::Sandbox::User "root"; in apt.conf.d

  Neither of them is pretty. 
  Maybe this is a wanted behavior, then just suggest how to fix the issue in 
nice way.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1668944/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1649086] Re: W: Invalid 'Date' entry in Release file /var/lib/apt/lists/developer.download.nvidia.com_compute_cuda_repos_ubuntu1604_x86%5f64_Release

[David Kalnischkies]

The solution is to tell the owners of the respective repositories to fix
their Release file(s). The Date (and Valid-Until) field MUST be in UTC
(aka GMT, Z, +). Earlier apt versions accepted other timezones
silently, but parsed it as UTC anyhow which could cause all kinds of
fun. Now a /warning/ is generated – a user can work with the repository
as before. As the content of that field is only of use for applications
and apt isn't a fullblown calendar-application we decided to not
implement all the craziness which is time.

All hints for creating repositories which apt (and other clients and
servers) can work with: https://wiki.debian.org/RepositoryFormat

So, as this isn't a bug: Closing as invalid.

** Changed in: apt (Ubuntu)
   Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1649086

Title:
  W: Invalid 'Date' entry in Release file
  
/var/lib/apt/lists/developer.download.nvidia.com_compute_cuda_repos_ubuntu1604_x86%5f64_Release

Status in apt package in Ubuntu:
  Invalid

Bug description:
  root@ubuntu:/var/lib/apt/lists# apt-get update
  Hit:1 http://ppa.launchpad.net/stefansundin/truecrypt/ubuntu yakkety InRelease
  Hit:3 http://ppa.launchpad.net/unit193/encryption/ubuntu yakkety InRelease
  
  Hit:4 http://es.archive.ubuntu.com/ubuntu yakkety InRelease   
  
  Hit:5 http://repository.spotify.com stable InRelease  
  
  Hit:6 http://ppa.launchpad.net/wine/wine-builds/ubuntu yakkety InRelease  
  
  Get:7 http://es.archive.ubuntu.com/ubuntu yakkety-updates InRelease [102 kB]  
 
  Get:8 http://security.ubuntu.com/ubuntu yakkety-security InRelease [102 kB]   
 
  Get:9 http://es.archive.ubuntu.com/ubuntu yakkety-backports InRelease [102 
kB]
  Hit:2 http://screenshots.getdeb.net yakkety-getdeb InRelease  

  Ign:10 
http://developer.download.nvidia.com/compute/cuda/repos/ubuntu1604/x86_64  
InRelease   
  Hit:11 
http://developer.download.nvidia.com/compute/cuda/repos/ubuntu1604/x86_64  
Release
  Fetched 306 kB in 1s (242 kB/s)
  Reading package lists... Done
  W: Invalid 'Date' entry in Release file 
/var/lib/apt/lists/developer.download.nvidia.com_compute_cuda_repos_ubuntu1604_x86%5f64_Release
  root@ubuntu:/var/lib/apt/lists# 

  
  The file is as 
'developer.download.nvidia.com_compute_cuda_repos_ubuntu1604_x86%5f64_Release' 
follows:

  Origin: NVIDIA
  Label: NVIDIA CUDA
  Architecture: x86_64
  Date: Fri, 23 Sep 2016 18:52:52 -0700
  MD5Sum:
   3213a453e90b070bc10f329d2fe7f1a384080 Packages
   c1660fe24223ec9b07b04de1dfb3777122493 Packages.gz
  SHA1:
   60f8bd97333efb0bce147702712aab654ba3469b84080 Packages
   04e6ceaf9bcbcd3b36a9cc390b58110da138b7cd22493 Packages.gz
  SHA256:
   44a4473829b9403e7e2d36c43757b4d4ce8334b5804d90d920bd92edaf346241
84080 Packages
   f179e19b7c5b47d5c7247b5d6f37eb2ab2fba168ac70531dd02a0a1cda756038
22493 Packages.gz

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1649086/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1657440] Re: apt won't redownload Release.gpg

[David Kalnischkies]

That sounds like what this commit describes: 
https://anonscm.debian.org/cgit/apt/apt.git/commit/?id=84eec207be35b8c117c430296d4c212b079c00c1
Hence tagged as such as its available in the 1.4 series. Not sure if this 
should be backported to 1.2 or not.

** Changed in: apt (Ubuntu)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1657440

Title:
  apt won't redownload Release.gpg

Status in apt package in Ubuntu:
  Fix Committed

Bug description:
  # apt --version
  apt 1.2.18 (amd64)

  xenial

  
  I got myself into a situation where a repository has a Release and a 
Release.gpg file, but apt is just ignoring the gpg one and won't download it 
via apt update for some reason:

  The repository in question is http://ubuntu-
  cloud.archive.canonical.com/ubuntu/dists/xenial-updates/newton/. See
  how locally I have just the Release file:

  root@juju-cb14ed-0-lxd-3:/var/lib/apt/lists# l *Release*
  -rw-r--r-- 1 root root 100K Jan 15 18:03 
archive.ubuntu.com_ubuntu_dists_xenial-backports_InRelease
  -rw-r--r-- 1 root root 242K Apr 21  2016 
archive.ubuntu.com_ubuntu_dists_xenial_InRelease
  -rw-r--r-- 1 root root 100K Jan 18 11:42 
archive.ubuntu.com_ubuntu_dists_xenial-updates_InRelease
  -rw-r--r-- 1 root root 100K Jan 18 11:42 
security.ubuntu.com_ubuntu_dists_xenial-security_InRelease
  -rw-r--r-- 1 root root 7.7K Jan 18 11:45 
ubuntu-cloud.archive.canonical.com_ubuntu_dists_xenial-updates_newton_Release

  
  Now I try an update. See how the Release.gpg file gets a "Hit:" instead of a 
"Get:":
  root@juju-cb14ed-0-lxd-3:/var/lib/apt/lists# apt update
  Get:1 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
  Hit:2 http://archive.ubuntu.com/ubuntu xenial InRelease   
 
  Ign:3 http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/newton 
InRelease
  Get:4 http://archive.ubuntu.com/ubuntu xenial-updates InRelease [102 kB]
  Hit:5 http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/newton 
Release
  Get:6 http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/newton 
Release.gpg [543 B]
  Hit:7 http://archive.ubuntu.com/ubuntu xenial-backports InRelease
  Fetched 205 kB in 0s (395 kB/s)   
  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  8 packages can be upgraded. Run 'apt list --upgradable' to see them.

  
  And I can't install packages:
  root@juju-cb14ed-0-lxd-3:/var/lib/apt/lists# apt dist-upgrade
  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  Calculating upgrade... Done
  The following NEW packages will be installed:
python3-setuptools
  The following packages will be upgraded:
dh-python dnsmasq-base python-pkg-resources python-setuptools 
python3-cryptography python3-pkg-resources python3-requests python3-urllib3
  8 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
  Need to get 1,193 kB of archives.
  After this operation, 808 kB of additional disk space will be used.
  Do you want to continue? [Y/n] 
  WARNING: The following packages cannot be authenticated!
dh-python dnsmasq-base python-setuptools python-pkg-resources 
python3-pkg-resources python3-setuptools python3-cryptography python3-requests 
python3-urllib3
  Install these packages without verification? [y/N] n
  E: Some packages could not be authenticated
  root@juju-cb14ed-0-lxd-3:/var/lib/apt/lists# 

  Somehow apt is thinking it has the Release.gpg file, but it doesn't?

  
  This server is behind a squid proxy.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1657440/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1551464] Re: apt-get sources should support TLS SNI (server name)

[David Kalnischkies]

So, how is this option named in firefox and how do you set it? ………
exactly. You don't have it as an option as servername != hostname is
something you only need for experiments which is the main purpose of
s_client. Firefox doesn't need that option as it is using SNI (in
reality it uses a library which does, but details). apt doesn't need the
option as it is using libcurl-gnutls which is using SNI (see the apt-
helper command above as proof). That this isn't working in your case on
your system is a bug "somewhere", possibly libcurl-gnutls or the things
it uses like libgnutls, but not a reason to request a servername option
in apt which given that you want to set it with servername == hostname
would be a NOP anyhow…

P.S.: Fire up wireshark and realize that HTTPS itself fails your blank
"everything should be encrypted" statement. The irony is that SNI is
actually one of those unencrypted but highly informational pieces. The
rest is a bit of traffic analyze away as you have perfect knowledge of
the entirely static data sent over the encrypted wire, so from the
transfer size alone you can already make reasonable guesses about what
you do and with a bit more work you can be sure. Better than nothing of
course and one of the reasons I subsumed under "you might want" but its
still mostly a feeling of security/privacy you get here as apt just
isn't your typical dynamically created website with cookies and
passwords and stuff resulting in unique data streams where HTTPS makes a
lot more sense. IF you and repository owners were really into privacy,
you would be using TOR and repositories on onion services (for the
record, apt supports it via apt-transport-tor and some repositories are
available as onion service).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1551464

Title:
  apt-get sources should support TLS SNI (server name)

Status in apt package in Ubuntu:
  Invalid

Bug description:
  There needs to be an option in apt source.list entries to specify the
  server name to be used by TLS for the Server Name Indication (SNI).

  The openSSL equivalent is '-servername'.

  Currently, when accessing sources over https when multiple names are
  used on the same IP address, there is no way to specify which server
  name should be used and so the default name is always used.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: apt 1.0.1ubuntu2.11
  ProcVersionSignature: Ubuntu 4.2.0-30.35~14.04.1-generic 4.2.8-ckt3
  Uname: Linux 4.2.0-30-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.19
  Architecture: amd64
  Date: Mon Feb 29 17:25:22 2016
  InstallationDate: Installed on 2016-02-26 (3 days ago)
  InstallationMedia: Xubuntu 14.04.4 LTS "Trusty Tahr" - Release amd64 
(20160217.1)
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1551464/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1551464] Re: apt-get sources should support TLS SNI (server name)

[David Kalnischkies]

That would be horrible… If you contact a server foo.example.org it
should respond with the cert for it, not with a cert for
bar.example.com. That is what SNI is all about after all (as your client
connects to an IP and SNI is telling the server which hostname it wanted
to connect to, so the server can respond with the right cert).

I somehow doubt a highlevel interface like libcurl even exposes such a
detail. The bugreport you reference is speculating about all sorts of
things, so one of them might be it. I would personally consider a bug in
libcurl-gnutls most likely (note that this is not always the library
behind curl. It seems to be in newer releases, older releases use
libcurl (the openssl variant)).

As an additional datapoint: On Debian stretch the command "/usr/lib/apt
/apt-helper download-file
'https://deb.nodesource.com/gpgkey/nodesource.gpg.key' 'nodesource.gpg'"
works just fine, so in newer versions that seems resolved.

Anyway, this report is a mixture between a feature request we will not
be implement and a bug we don't have – as such marked as invalid in apt
as you are better of finding the real culprit and report a new bug
against that.

P.S.: apt doesn't need https for integrity. Given the sorry state of CAs
(compare e.g. StartSSL/WoSign) that wouldn't really be secure… There are
other reasons you might want https even in case of apt, but blank
statements aren't making anyone more secure – they just make them feel
secure.

** Changed in: apt (Ubuntu)
   Status: Confirmed => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1551464

Title:
  apt-get sources should support TLS SNI (server name)

Status in apt package in Ubuntu:
  Invalid

Bug description:
  There needs to be an option in apt source.list entries to specify the
  server name to be used by TLS for the Server Name Indication (SNI).

  The openSSL equivalent is '-servername'.

  Currently, when accessing sources over https when multiple names are
  used on the same IP address, there is no way to specify which server
  name should be used and so the default name is always used.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: apt 1.0.1ubuntu2.11
  ProcVersionSignature: Ubuntu 4.2.0-30.35~14.04.1-generic 4.2.8-ckt3
  Uname: Linux 4.2.0-30-generic x86_64
  ApportVersion: 2.14.1-0ubuntu3.19
  Architecture: amd64
  Date: Mon Feb 29 17:25:22 2016
  InstallationDate: Installed on 2016-02-26 (3 days ago)
  InstallationMedia: Xubuntu 14.04.4 LTS "Trusty Tahr" - Release amd64 
(20160217.1)
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1551464/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1522988] Re: stdout and stderr are not synced on lines

[David Kalnischkies]

And which are the "broken error messages" then, I don't see any… ?

(the messages are on the longer side, which makes it look "funny" if
wrapped like it is in launchpad, but I don't see what is broken about
it…)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1522988

Title:
  stdout and stderr are not synced on lines

Status in apt package in Ubuntu:
  New

Bug description:
  I'm using Ubuntu 16.04 dev with apt 1.1.3 and I'm noticing that for
  example if on executing "apt-get update" error messages are shown they
  are often broken. They are missing sometimes characters which seem to
  be splitted across multiple lines. It looks that apt doesn't ensure
  writing complete lines if stdout and stderr are used.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1522988/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1522988] Re: stdout and stderr are not synced on lines

[David Kalnischkies]

Without an example nobody will ever know what you might mean.

You might be meaning accidentally debug output – I that happened
sometime ago, could be 1.1 and should be fixed in newer versions. Or
perhaps you mean that you enabled debug output and expect it to be all
orderly – not going to happen: Multiple processes are running here which
would need to be synced by an additional output layer all so that debug
output looks nicer…). Or you mean sometimes else which might or might
not be a bug (still). Without additional details it is at least not an
actionable bugreport hence set to 'incomplete'.

** Changed in: apt (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1522988

Title:
  stdout and stderr are not synced on lines

Status in apt package in Ubuntu:
  Incomplete

Bug description:
  I'm using Ubuntu 16.04 dev with apt 1.1.3 and I'm noticing that for
  example if on executing "apt-get update" error messages are shown they
  are often broken. They are missing sometimes characters which seem to
  be splitted across multiple lines. It looks that apt doesn't ensure
  writing complete lines if stdout and stderr are used.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1522988/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1634234] Re: apt-key leaves files in /dev open after exit

[David Kalnischkies]

That isn't directly the fault of apt-key. It uses gpg which in its >=
2.0 versions has split its operations into a multitude of daemons for
security reasons. The daemons should be terminating themselves a few
seconds after the directory they operate in disappears. That is at least
the case for gpg-agent, but "a few seconds" is obviously too slow if you
are in a hurry, so apt-key tries to kill it via gpgconf --kill gpg-agent
(which isn't supported in all gpg version, but at least in the one in
ubuntu I hope). The manpage tells me that this isn't supported for
dirmngr through, which is the daemon left in your case, so solving that
from the apt-key side isn't exactly easy (short of implementing a sub-
subprocess supervisor in shell script…) so I would feel tempted to
declare that the problem of gpg and invalid for apt-key.

That said, your apt-key command is bad and should be replaced. Getting
keys from a keyserver is hopelessly insecure (it is better with recent
gpg versions) but still: Your use of a short-keyid screams security
problem due to easy collisions and hkp is a cleartext protocol so just
asking for MITM (and at least older gpg versions do no checks at all on
the received key(s)).

I guess the simplest & best solution is to ship the key in your preseed
script and drop it with an appropriate name (ending in .gpg) in
/etc/apt/trusted.gpg.d/  – as a bonus, your system will not need gnupg
installed (at least in terms of apt), gpgv will be enough.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1634234

Title:
  apt-key leaves files in /dev open after exit

Status in apt package in Ubuntu:
  New

Bug description:
  In Ubuntu 16.10, but not in 16.04, apt-key leaves /dev/null and
  /dev/urandom open after exiting. Here's a procedure to replicate the
  problem:

  1. Install Ubuntu 16.10. (I used MAAS for this task.)
  2. Install the "lsof" package (which is not installed by default).
  3. Type "lsof | grep dev" to see open files.
  4. Type "sudo apt-key adv --recv-keys --keyserver 
hkp://keyserver.ubuntu.com:80 1FEADE10;"
  5. Type "lsof | grep dev" again.
  6. Compare the output of the two "lsof" commands.

  I'm attaching two files, before.txt and after.txt, that show the
  before and after results from "lsof | grep dev" in this scenario. Note
  that the /dev/null and /dev/urandom files are both open after apt-key
  is run, but not before. This problem does NOT occur with Ubuntu 16.04.

  This problem is preventing us (the server certification team) from
  importing keys in a custom MAAS preseed script; after installing
  successfully, umounting the installed image fails because of the open
  files on /dev.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1634234/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1577926] Re: apt-key works fine, yet apt fails with "Could not execute 'apt-key'"

[David Kalnischkies]

1. Removing the _apt user is really not needed nor a good idea. Its enough to 
have this in a config file:
APT::Sandbox::User "root"; // remove file again after testing!
2. Symlinking /usr/bin/gpgv to /bin/true will never work as verifying 
signatures is more involved then just checking the exit code… there are ways to 
have a similar effect, but as that would be an enormous security hole I am not 
going to describe it here for fear of someone blindly copying it. Obviously NOT 
a good idea at all.

Now that we have that out of the way two "common" problems:
1. Check that /tmp has reasonable permissions. It should have 1777 and be owned 
by root:root.
2. ls -ld /etc/apt/trusted.gpg /etc/apt/trusted.gpg.d /etc/apt/trusted.gpg.d/*
Everything shown should be owned by root:root and everything world-readable (= 
the last of the three r's).

(the first is hard to detect, the second has a proper warning in newer
apt versions)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1577926

Title:
  apt-key works fine, yet apt fails with "Could not execute 'apt-key'"

Status in apt package in Ubuntu:
  Confirmed

Bug description:
  Apt can fail to verify a Release file which verifies just fine when
  calling apt-key directly.

  Please advise how i can supply further debug information to help fix
  the underlying bug.

  Expected:
  apt-get should only report that a repository is not signed when no such 
signature was found.
  If a signature was in fact successfully acquired but not verified, apt-get 
should report failure to verify instead.
  apt-get should have a meaningful error message when calling apt-key fails.

  Bonus:
  Calling apt-key should not fail when the same thing works fine on command 
line.
  A reference to "Debug::Acquire::gpgv" should be in apt-secure(8) 
documentation.

  Observed:

  # uname -a
  Linux hostname 4.4.0-21-generic #37-Ubuntu SMP Mon Apr 18 18:34:49 UTC 2016 
i686 i686 i686 GNU/Linux
  # chroot reproducable
  $ uname -a
  Linux hostname 4.4.0-21-generic #37-Ubuntu SMP Mon Apr 18 18:34:49 UTC 2016 
armv7l armv7l armv7l GNU/Linux

  $ lsb_release -a 2>/dev/null
  Distributor ID:   Ubuntu
  Description:  Ubuntu 16.04 LTS
  Release:  16.04
  Codename: xenial

  $ apt-get -o "Debug::Acquire::gpgv=true" update
  Get:1 http://ports.ubuntu.com xenial-security InRelease [92.2 kB]
  0% [1 InRelease gpgv 92.2 kB]igners 
  Preparing to exec:  /usr/bin/apt-key --quiet --readonly verify --status-fd 3 
/tmp/apt.sig.jYGUCG /tmp/apt.data.uTkX1c
  gpgv exited with status 111
  Summary:
Good: 
Bad: 
Worthless: 
SoonWorthless: 
NoPubKey: 
  Ign:1 http://ports.ubuntu.com xenial-security InRelease
  Fetched 92.2 kB in 1s (79.5 kB/s)
  Reading package lists... Done
  W: GPG error: http://ports.ubuntu.com xenial-security InRelease: Could not 
execute 'apt-key' to verify signature (is gnupg installed?)
  W: The repository 'http://ports.ubuntu.com xenial-security InRelease' is not 
signed.
  N: Data from such a repository can't be authenticated and is therefore 
potentially dangerous to use.
  N: See apt-secure(8) manpage for repository creation and user configuration 
details.

  $ /usr/bin/apt-key --quiet --readonly verify --status-fd /dev/stderr 
/tmp/apt.sig.jYGUCG /tmp/apt.data.uTkX1c
  gpgv: Signature made Tue May  3 19:02:17 2016 UTC using DSA key ID 437D05B5
  [GNUPG:] SIG_ID e53PXRjA/EMb7CuZJtAicvvUm60 2016-05-03 1462302137
  [GNUPG:] GOODSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key 

  gpgv: Good signature from "Ubuntu Archive Automatic Signing Key 
"
  [GNUPG:] VALIDSIG 630239CC130E1A7FD81A27B140976EAF437D05B5 2016-05-03 
1462302137 0 4 0 17 10 01 630239CC130E1A7FD81A27B140976EAF437D05B5
  gpgv: Signature made Tue May  3 19:02:17 2016 UTC using RSA key ID C0B21F32
  [GNUPG:] SIG_ID kCsrLo9VUm7YcYhhqQUw2fbWoY4 2016-05-03 1462302137
  [GNUPG:] GOODSIG 3B4FE6ACC0B21F32 Ubuntu Archive Automatic Signing Key (2012) 

  gpgv: Good signature from "Ubuntu Archive Automatic Signing Key (2012) 
"
  [GNUPG:] VALIDSIG 790BC7277767219C42C86F933B4FE6ACC0B21F32 2016-05-03 
1462302137 0 4 0 1 10 01 790BC7277767219C42C86F933B4FE6ACC0B21F32

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1577926/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1616909] Re: Installing multiple dbgsym packages fails

[David Kalnischkies]

APT is using dpkg's --recursive option with a temporary directory since
recently if it has to touch >5 packages to avoid producing too long
commandlines for the kernel (yes, that is a thing… although unlikely it
does happen in big upgrades). Seems like this interface in dpkg does
support only *.deb files. Debian had decided to stick with .deb for
their automatic debug packages to avoid changing all tools dealing with
deb files to also deal with ddeb (or whatever).

Anyway, as that used to work with apt and is a valid althrough uncommon
thing to have packages without .deb as extension I have just commited a
patch upstream:
https://anonscm.debian.org/cgit/apt/apt.git/commit/?id=4f242a2

As a workaround you can set the option "dpkg::install::recursive" to
false and "dpkg::install::recursive::force" to true OR set
"dpkg::install::recursive::minimum" to e.g. 100 (assuming you can accept
not installing a 100 ddebs at once for the time being). Both workarounds
effect all dpkg calls through, so please only use if needed until the
patch reaches Ubuntu – don't set it "forever" or you will eventually run
into the problems this is designed to void in the first place…

** Changed in: apt (Ubuntu)
   Status: New => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1616909

Title:
  Installing multiple dbgsym packages fails

Status in apt package in Ubuntu:
  Fix Committed

Bug description:
  On Yakkety, installing a single -dbgsym package using apt works fine.
  However, if I specify multiple on a command line, I get this:

  $ sudo apt install metacity-dbgsym gnome-flashback-dbgsym
  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  The following NEW packages will be installed:
gnome-flashback-dbgsym metacity-dbgsym
  0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
  Need to get 0 B/1168 kB of archives.
  After this operation, 4972 kB of additional disk space will be used.
  dpkg: error: searched, but found no packages (files matching *.deb)
  E: Sub-process /usr/bin/dpkg returned an error code (2)

  The *.deb wildcard is wrong because the packages actually have a .ddeb
  extension, i.e. /var/cache/apt/archives/gnome-flashback-
  dbgsym_3.20.2-1ubuntu1_amd64.ddeb.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.10
  Package: apt 1.3~rc2ubuntu2
  ProcVersionSignature: Ubuntu 4.4.0-9134.53-generic 4.4.15
  Uname: Linux 4.4.0-9134-generic x86_64
  ApportVersion: 2.20.3-0ubuntu7
  Architecture: amd64
  CurrentDesktop: GNOME-Flashback:Unity
  Date: Thu Aug 25 15:44:22 2016
  InstallationDate: Installed on 2014-08-23 (732 days ago)
  InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Alpha amd64 (20140823)
  SourcePackage: apt
  UpgradeStatus: Upgraded to yakkety on 2016-04-28 (119 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1616909/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1611010] Re: yakkety desktop - non-english installation crashes with /plugininstall.py: ValueError: invalid literal for int() with base 10: ''

[David Kalnischkies]

https://anonscm.debian.org/git/apt/apt.git/commit/?id=0919f1df552ddf022ce4508cbf40e04eae5ef896

** Changed in: apt (Ubuntu)
   Status: Confirmed => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1611010

Title:
  yakkety desktop - non-english installation crashes with
  /plugininstall.py: ValueError: invalid literal for int() with base 10:
  ''

Status in apt package in Ubuntu:
  Fix Committed
Status in ubiquity package in Ubuntu:
  Fix Committed

Bug description:
  Enviroment: Ubuntu 16.10.5 Yakkety Yak http://cdimage.ubuntu.com
  /daily-live/current/

  HW: Toshiba portege Z30-A12T | Intel i5+intel graphics | SSD hd

  Preconditions: W10+Xenial xerus installed, internet connection, 3rd
  party sw and updates selected

  Steps to reproduce:

  1º Click something else on Installation type screen>select /dev/sdaX where 
Xenial is installed, use it to mount / and leave some space to create the /home 
partition(ext4)
  2º Then click back and select erase ubuntu 16.04.1 and install Yakkety
  3º Installation starts

  Current result: After a little time installing it crashes and a window
  shows up to let the user know that some info is being gathered to send
  it to developers, and finally firefox opens on the bug report web on
  ubiquity package

  Expected result: No crashes during installation

  ProblemType: Bug
  DistroRelease: Ubuntu 16.10
  Package: ubiquity 16.10.5
  ProcVersionSignature: Ubuntu 4.4.0-33.52-generic 4.4.15
  Uname: Linux 4.4.0-33-generic x86_64
  ApportVersion: 2.20.3-0ubuntu5
  Architecture: amd64
  CasperVersion: 1.376
  Date: Mon Aug  8 15:50:56 2016
  InstallCmdLine: file=/cdrom/preseed/ubuntu.seed boot=casper 
initrd=/casper/initrd.lz quiet splash --- maybe-ubiquity
  LiveMediaBuild: Ubuntu 16.10 "Yakkety Yak" - Alpha amd64 (20160808)
  ProcEnviron:
   LANGUAGE=es_ES.UTF-8
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=
   LANG=es_ES.UTF-8
  SourcePackage: ubiquity
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1611010/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1613193] Re: apt-get does't work with http_proxy

[David Kalnischkies]

What type of proxy is that? Given you were using it before I presume its
an HTTP proxy. Does the URI you specify has "http://; in front? Is that
perhaps a public proxy? We have a test covering HTTP proxies and I have
just run an upgrade myself with a SOCKS proxy so that more likely
something specific to your setup than a general "everything broken"
case…

Please run apt with some debug options enabled: -o
Debug::Acquire::http=1 -o Debug::pkgAcquire::Worker=1

Beware: That generates a lot of output, so you might want to add also
somthing like: 2>&1 | tee apt-update.log

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1613193

Title:
  apt-get does't work with http_proxy

Status in apt package in Ubuntu:
  New

Bug description:
  I use lubuntu 16.04.
  $ uname -a
  Linux ubuntu 4.4.0-22-generic #40-Ubuntu SMP Thu May 12 22:03:46 UTC 2016 
x86_64 x86_64 x86_64 GNU/Linux

  $ dpkg -l |grep apt
  ii  apt  1.2.10ubuntu1
amd64commandline package manager

  When I set "http_proxy" environment var and run "apt-get update", I get many 
"connection failed"
  Err:16 http://archive.ubuntu.com/ubuntu xenial/main Sources
Connection failed
  Err:17 http://archive.ubuntu.com/ubuntu xenial/restricted Sources
Connection failed
  Err:18 http://archive.ubuntu.com/ubuntu xenial/universe Sources
Connection failed
  Err:19 http://archive.ubuntu.com/ubuntu xenial/multiverse Sources
Connection failed
  Err:20 http://archive.ubuntu.com/ubuntu xenial/main amd64 Packages
Connection failed
  Err:21 http://archive.ubuntu.com/ubuntu xenial/main i386 Packages
Connection failed

  But I can use curl and wget to fetch website homepage.
  And in centos7, yum can work with 'http_proxy', I can update my centos7.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1613193/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1607845] Re: List of versioned kernels is not right for Ubuntu

[David Kalnischkies]

btw: "apt-cache pkgnames" should have better/quicker result than
searching.

Don't know what that goldfish is nor am I particular interested in
cloud, but I guess they could be added if there is need/interest. Its
not like there is any real cost attached to it and false positives are
pretty unlikely with the kernel versions attached… in the case of
goldfish it seems to be unneeded through as they have "normally" named
images/headers packages, too, which depend on the strange ones, so the
autoremover wouldn't kick in anyhow for those.

kfreebsd, gnumach (= hurd) do not share the same version, they do share
the kernel postinst scripts which apt is using here through, so even
through they use entirely different version schemes, its still a version
we can work with. Excluding specific items depending on the architecture
we built apt for would be possible, but not really worth the
implementation effort I presume.

And yes, -modules/-kernel is for out-of-tree modules as created by
module-assistant (from -source packages), but I think dkms can built
packages, too, and its the naming scheme which tends to be used for
packages for modules which happen to be distributable as binary builds…
(not that there would be many).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1607845

Title:
  List of versioned kernels is not right for Ubuntu

Status in apt package in Ubuntu:
  In Progress

Bug description:
  The following command outputs the list:
  $ apt-config dump --no-empty --format '%v%n' 'APT::VersionedKernelPackages'
  linux-image
  linux-headers
  linux-image-extra
  linux-signed-image
  kfreebsd-image
  kfreebsd-headers
  gnumach-image
  .*-modules
  .*-kernel
  linux-backports-modules-.*
  linux-tools

  but the list does not 'contain linux-.*-tools' and 'linux-goldfish-
  headers', which are versioned kernel packages as well, if I have
  understood correctly.

  On the other hand are these values appropriate for Ubuntu?
  kfreebsd-image
  kfreebsd-headers
  gnumach-image
  .*-modules
  .*-kernel

  Same thing for Ubuntu 14.04.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: apt 1.2.12~ubuntu16.04.1
  ProcVersionSignature: Ubuntu 4.4.0-31.50-generic 4.4.13
  Uname: Linux 4.4.0-31-generic x86_64
  NonfreeKernelModules: nvidia_uvm nvidia
  ApportVersion: 2.20.1-0ubuntu2.1
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Fri Jul 29 18:55:50 2016
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2015-11-21 (250 days ago)
  InstallationMedia: Xubuntu 15.10 "Wily Werewolf" - Release amd64 (20151021)
  SourcePackage: apt
  UpgradeStatus: Upgraded to xenial on 2016-06-24 (35 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1607845/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1589204] Re: apt-get dist-upgrade and apt full-upgrade not reporting held back package

[David Kalnischkies]

That is a regression of sorts caused by a sleight of hand used to avoid
another bug. The commit in question would be
https://anonscm.debian.org/cgit/apt/apt.git/commit/?id=446551c8ffd2c9cb9dcd707c94590e73009f7dd9
although the involved code changed in the mean time the general idea
remains the same: We change the candidate (which we also do in another
case: M-A:same version screws) which means later parts do not realize
that there ever was a chance to upgrade the package.

In other words: Not that easy to fix…

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1589204

Title:
  apt-get dist-upgrade and apt full-upgrade not reporting held back
  package

Status in apt package in Ubuntu:
  Confirmed
Status in apt source package in Trusty:
  New
Status in apt source package in Xenial:
  New

Bug description:
  I have the situation where a package cannot be upgraded because of missing 
dependencies.  However
  sudo apt-get dist-upgrade
  and
  sudo apt full-upgrade
  and
  sudo apt upgrade
  all show
  0 to upgrade, 0 to newly install, 0 to remove and 0 not to upgrade.

  Only
  sudo apt-get upgrade
  shows
  0 to upgrade, 0 to newly install, 0 to remove and 1 not to upgrade.

  I believe all of the above commands should show that 1 cannot be
  upgraded.

  This bug is not about the particular package I am trying to install, but 
about the way apt reports the problem.
  The details, for reference, are that I am trying to upgrade mosquitto from 
the mosquitto ppa.  After apt-get update I see
  $ apt-cache policy mosquitto
  mosquitto:
    Installed: 1.4.8-1build1
    Candidate: 1.4.9-0mosquitto1
    Version table:
   1.4.9-0mosquitto1 500
  500 http://ppa.launchpad.net/mosquitto-dev/mosquitto-ppa/ubuntu 
xenial/main amd64 Packages
   *** 1.4.8-1build1 500
  500 http://gb.archive.ubuntu.com/ubuntu xenial/universe amd64 Packages
  100 /var/lib/dpkg/status

  but if I try to manually install mosquitto I get

  The following packages have unmet dependencies.
   mosquitto : Depends: libwebsockets3 (>= 1.2) but it is not installable

  and

  $ apt-cache policy libwebsockets3
  libwebsockets3:
    Installed: (none)
    Candidate: (none)
  Due to the fact that libwebsockets3 is not available for Xenial.
  As I said this bug is not about the problem with this particular package but 
about the fact that apt does not report that there is a package to be upgraded, 
but it cannot be done.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: apt 1.2.12~ubuntu16.04.1
  ProcVersionSignature: Ubuntu 4.4.0-22.40-generic 4.4.8
  Uname: Linux 4.4.0-22-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2.1
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Sun Jun  5 08:45:33 2016
  InstallationDate: Installed on 2014-10-21 (592 days ago)
  InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Alpha amd64 (20141017)
  SourcePackage: apt
  UpgradeStatus: Upgraded to xenial on 2016-03-06 (90 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1589204/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1605160] Re: kernel autoremove not working

[David Kalnischkies]

So apt would autoremove them if it could, like it already did with the
linux-image-extra packages – so I guess as before: kernel module package
depending on the images perhaps via indirection (provides), probably on
of the "NonfreeKernelModules: zfs zunicode zcommon znvpair zavl" (or
another, I am not sure this really list all modules). In that case it
works as "intended".

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1605160

Title:
  kernel autoremove not working

Status in apt package in Ubuntu:
  New

Bug description:
  On one 16.04 machine I have 5 4.4.0-kernels in /boot now (on another
  machine even 6):

  -rw--- 1 root root  7013968 Apr 19 00:21 vmlinuz-4.4.0-21-generic
  -rw--- 1 root root  7015440 Mai 13 01:55 vmlinuz-4.4.0-22-generic
  -rw--- 1 root root  7020176 Jun  8 23:39 vmlinuz-4.4.0-24-generic
  -rw--- 1 root root  7026864 Jun 24 14:03 vmlinuz-4.4.0-28-generic
  -rw--- 1 root root  7047504 Jul 13 03:59 vmlinuz-4.4.0-31-generic

  
  Should not hapen that way. apt-get autoremove should clean that, but doesn't. 

  regards

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: apt 1.2.12~ubuntu16.04.1
  ProcVersionSignature: Ubuntu 4.4.0-31.50-generic 4.4.13
  Uname: Linux 4.4.0-31-generic x86_64
  NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
  ApportVersion: 2.20.1-0ubuntu2.1
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Thu Jul 21 11:41:43 2016
  InstallationDate: Installed on 2016-04-22 (89 days ago)
  InstallationMedia: Lubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420)
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1605160/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1605160] Re: kernel autoremove not working

[David Kalnischkies]

Are you sure you haven't marked these kernels as manually installed
somehow? Perhaps there is also something depending on them still like
some installed out-of-tree kernel modules.

The output of the following three commands can be helpful to figure out
if apt would consider autoremoving them if nothing else would block
them:

apt-mark showauto ^linux-image-.*
apt-mark showmanual ^linux-image-.*
cat /etc/apt/apt.conf.d/01autoremove-kernels

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1605160

Title:
  kernel autoremove not working

Status in apt package in Ubuntu:
  New

Bug description:
  On one 16.04 machine I have 5 4.4.0-kernels in /boot now (on another
  machine even 6):

  -rw--- 1 root root  7013968 Apr 19 00:21 vmlinuz-4.4.0-21-generic
  -rw--- 1 root root  7015440 Mai 13 01:55 vmlinuz-4.4.0-22-generic
  -rw--- 1 root root  7020176 Jun  8 23:39 vmlinuz-4.4.0-24-generic
  -rw--- 1 root root  7026864 Jun 24 14:03 vmlinuz-4.4.0-28-generic
  -rw--- 1 root root  7047504 Jul 13 03:59 vmlinuz-4.4.0-31-generic

  
  Should not hapen that way. apt-get autoremove should clean that, but doesn't. 

  regards

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: apt 1.2.12~ubuntu16.04.1
  ProcVersionSignature: Ubuntu 4.4.0-31.50-generic 4.4.13
  Uname: Linux 4.4.0-31-generic x86_64
  NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
  ApportVersion: 2.20.1-0ubuntu2.1
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Thu Jul 21 11:41:43 2016
  InstallationDate: Installed on 2016-04-22 (89 days ago)
  InstallationMedia: Lubuntu 16.04 LTS "Xenial Xerus" - Release amd64 (20160420)
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1605160/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1216426] Re: package libisofs6 1.2.4-0ubuntu1 failed to install/upgrade: el subproceso instalado el script post-installation devolvió el código de salida de error 2

[David Kalnischkies]

well, reassigning 3 years old bugs isn't really helping anyone…
especially if there are no details. Even worse if you pull a "I had a
complete unrelated issue I haven't reported a couple days ago, so that
years old issue here must be a bug in apt". After all, in your
reasoning, if it would be a general bug in apt, wouldn't apt be chest
deep in such bugreports? We are chest deep in all sorts of bugreports
for sure, but that can at least be partially attributed to being
considered a good dumping ground for bugs package maintainers don't want
to work on themselves. A strong hint for that is apologizing in advanced
btw… :(

Failing postinst are usually bugs in the package itself as it is using
things which aren't (fully) installed it isn't allowed to use by policy,
but does anyway. A huge pointer in that direction tends to be that just
re-running apt/dpkg solves the issue. That doesn't need to generate a
huge load of bugreports as there is a good chance that the maintainer is
lucky enough to get the mistake hidden in 99% of all cases anyhow.
Classic example is using python.

In your case, back in that version the package didn't seem to have a
manual postinst script (something which you could have checked…), just
an autogenerated by debhelper calling ldconfig (essential in libc-bin).
That failing indicates more hardware issues. No opportunity for an apt
bug here in any case.

Anyhow, I see nothing actionable in this report for us, so closing as
incomplete…

** Changed in: apt (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1216426

Title:
  package libisofs6 1.2.4-0ubuntu1 failed to install/upgrade: el
  subproceso instalado el script post-installation devolvió el código de
  salida de error 2

Status in apt package in Ubuntu:
  Incomplete

Bug description:
  When i was updating my system from 12.04 to 12.10 this happened.
  How can I resolve this.

  ProblemType: Package
  DistroRelease: Ubuntu 12.10
  Package: libisofs6 1.2.4-0ubuntu1
  ProcVersionSignature: Ubuntu 3.5.0-39.60-generic 3.5.7.17
  Uname: Linux 3.5.0-39-generic x86_64
  NonfreeKernelModules: nvidia
  ApportVersion: 2.6.1-0ubuntu12
  Architecture: amd64
  Date: Sat Aug 24 18:24:15 2013
  DuplicateSignature: package:libisofs6:1.2.4-0ubuntu1:el subproceso instalado 
el script post-installation devolvió el código de salida de error 2
  ErrorMessage: el subproceso instalado el script post-installation devolvió el 
código de salida de error 2
  InstallationDate: Installed on 2013-08-24 (0 days ago)
  InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 
(20120823.1)
  MarkForUpload: True
  SourcePackage: libisofs
  Title: package libisofs6 1.2.4-0ubuntu1 failed to install/upgrade: el 
subproceso instalado el script post-installation devolvió el código de salida 
de error 2
  UpgradeStatus: Upgraded to quantal on 2013-08-24 (0 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1216426/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1598810] Re: `apt-get install python3.4` on xenial exits 0 despite python3.4 not being available

[David Kalnischkies]

(for the record: I am not defending the name->glob->regex fallback/guess
as a wonderful interface… it isn't… I am defending it on the grounds
that it is an interface for nearly two decades now, so changing it for
apt-get would be a horrible mess breaking usercases left and right and
apt-users tend to not like that at all even if its for their own good
[compare recent security enforcement]. Implementing options for changing
it varying by release and even distribution is actually even more
frighting than the present interface through as that one is at least
reasonably consistently bad… That is why I mentioned patterns [see
aptitude for examples] as a future way out - together with 'apt' on the
user side, but that bug is about automation, so that will always be
'apt-get')

@Dan: Indeed, I got kinda confused by you mentioning that they got
python3.5 and /not/ mentioning regex while comparing it to a non-regex
in behavior. Sorry.

With no xenial box in close reach ATM I tried it (with apt 1.2 as well
as 1.3 series) on my Debian machine but that has both packages available
[only] in stable. Causing libpython3.4-minimal to be installed via a
regex is producing the usual install behavior (it does want to remove
findutils through as that breaks these. Removing essentials is fun,
wouldn't be surprised if it turns out to be related to that).

Lets try the usual solver-debug-combo first: -o
Debug::pkgDepCache::Marker=1 -o Debug::pkgDepCache::AutoInstall=1 -o
Debug::pkgProblemResolver=1

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1598810

Title:
  `apt-get install python3.4` on xenial exits 0 despite python3.4 not
  being available

Status in apt package in Ubuntu:
  New

Bug description:
  As per [0], `apt-get install python3.4` won't raise an error (despite
  the package not existing in xenial, and no installation happening),
  but `apt-get install not-a-real-package` will.  I would expect the
  behaviour to be the same in both cases.

  This may cause issues for users upgrading from trusty to xenial.  If
  someone is running a Python application that relies on Python 3.4,
  their automation may run "apt-get install python3.4" to ensure that
  Python 3.4 is available, expecting it to raise an error if python3.4
  does not end up installed.  It won't, and they will then unexpectedly
  be running 3.5.

  [0] http://paste.ubuntu.com/18443198/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1598810/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1598810] Re: `apt-get install python3.4` on xenial exits 0 despite python3.4 not being available

[David Kalnischkies]

(srly, bugreports referring to pastebin?)

Well, apts output says what is going on: As a package with that name
doesn't exist and the string looks like a regex (thanks to the '.') it
will search for packages matching the regex and it does find one. That
is perfectly fine and established behavior which is impossible to change
without breaking existing users.

Note that the package python3.4 doesn't exist at all in the view of apt,
which triggers this. If ANY package would give it as much as a passing
hint that it ever existed (by having any sort of dependency on it) apt
would actually error out in a way you would like it to (saying that
python3.4 isn't available for install, but is referenced by other
packages – pointing to the potential of being replaced by something else
or distributed in another repository). That is also perfectly fine and
established behavior which is impossible to change by now.

Anyway, a workaround for your setup might be using '^python3\.4$'.

So, as there is no bug to be found, closing as opinion. We could treat
it as a wish for controlling how the string is interpreted, but that
will actually be a tiny by-product of patterns – and is in no way
helping apt versions without patterns as a feature, which is the subtext
of this bugreport.

P.S.: The automation to make stuff available for an application is
called packaging, not running apt commands automatically as this has
failure modes like this, makes changes so much harder for the python
side as well as the application side, destroys automatic removal and and
and which is why package management was invented decades ago in the
first place.

** Changed in: apt (Ubuntu)
   Status: New => Opinion

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1598810

Title:
  `apt-get install python3.4` on xenial exits 0 despite python3.4 not
  being available

Status in apt package in Ubuntu:
  Opinion

Bug description:
  As per [0], `apt-get install python3.4` won't raise an error (despite
  the package not existing in xenial, and no installation happening),
  but `apt-get install not-a-real-package` will.  I would expect the
  behaviour to be the same in both cases.

  This may cause issues for users upgrading from trusty to xenial.  If
  someone is running a Python application that relies on Python 3.4,
  their automation may run "apt-get install python3.4" to ensure that
  Python 3.4 is available, expecting it to raise an error if python3.4
  does not end up installed.  It won't, and they will then unexpectedly
  be running 3.5.

  [0] http://paste.ubuntu.com/18443198/

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1598810/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1571370] Re: Missing option in the manpage

[David Kalnischkies]

This is intended. The intro text of the OPTIONS section mentions that
for boolean options every option has a --no- option negating the effect
(which happens to be right above --no-install-recommends). As --install-
recommends is the default, it feels more useful to document the negation
as its the option which a user might happen to use. Its even more
obvious with the --no-download option. Documenting --download would just
be more text to write, read & translate for no obvious benefit – hence
marking as wontfix/opinion.

** Changed in: apt (Ubuntu)
   Status: New => Opinion

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1571370

Title:
  Missing option in the manpage

Status in apt package in Ubuntu:
  Opinion

Bug description:
  I'm using Ubuntu 16.04 with apt 1.2.10ubuntu1 and I'm noticing that in
  the manpage of apt-get the option --no-install-recommends is
  documented but not --install-recommends. Possibly this does also apply
  to similar options like --install-suggests.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1571370/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1593583] Re: Invalid 'Date' entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_yakkety-proposed_InRelease

[David Kalnischkies]

@dino99: Are you sure you haven't (partially) upgraded just the 'apt'
package? In that case this would be expected as the "fix" is in libapt-
pkg5.0 build by the apt source package – the ubuntu repository was most-
recently updated in a 2-digit hour, while both PPAs were last updated in
single-digit hours…

Anyway, I wrote a patch upstream avoiding the use of std::get_time by
doing the parsing of the timestamps more manually for the "time" being
which accepts days/hours even if they are single-digit…

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1593583

Title:
  Invalid 'Date' entry in Release file
  /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_yakkety-
  proposed_InRelease

Status in apt package in Ubuntu:
  Confirmed

Bug description:
  Continuously get that warning when using synaptic to reload the
  sources. This happen with apt 1.3-exp2 only.

  This seems a regression as per that old report:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809329

  ProblemType: Bug
  DistroRelease: Ubuntu 16.10
  Package: apt 1.3~exp2
  ProcVersionSignature: Ubuntu 4.6.0-7.8-generic 4.6.0
  Uname: Linux 4.6.0-7-generic x86_64
  NonfreeKernelModules: nvidia_uvm nvidia_modeset nvidia
  ApportVersion: 2.20.1-0ubuntu4
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Fri Jun 17 08:19:22 2016
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1593583/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1593583] Re: Invalid 'Date' entry in Release file /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_yakkety-proposed_InRelease

[David Kalnischkies]

This is caused by the usage of relatively new c++11 features, namely
std::get_time, as described in this libstdc++6 upstream bug:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71556

The Release for yakkety-proposed currently reads: "Date: Fri, 17 Jun
2016  6:30:29 UTC". Note the "6" as hour.

Reverting commit 9febc2b238e1e322dce1f94ecbed46d595893b52, which
introduced the usage of std::get_time has the disadvantage of opening
the 'problem' it is supposed to fix again and the 'bonus' the commit
mentions is removed, too, which seems small, but is a surprising gotcha
in unsuspecting applications (which are either not fiddling with locale
at all or are multithreaded).

** Bug watch added: GCC Bugzilla #71556
   https://gcc.gnu.org/bugzilla/show_bug.cgi?id=71556

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1593583

Title:
  Invalid 'Date' entry in Release file
  /var/lib/apt/lists/partial/archive.ubuntu.com_ubuntu_dists_yakkety-
  proposed_InRelease

Status in apt package in Ubuntu:
  New

Bug description:
  Continuously get that warning when using synaptic to reload the
  sources. This happen with apt 1.3-exp2 only.

  This seems a regression as per that old report:
  https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809329

  ProblemType: Bug
  DistroRelease: Ubuntu 16.10
  Package: apt 1.3~exp2
  ProcVersionSignature: Ubuntu 4.6.0-7.8-generic 4.6.0
  Uname: Linux 4.6.0-7-generic x86_64
  NonfreeKernelModules: nvidia_uvm nvidia_modeset nvidia
  ApportVersion: 2.20.1-0ubuntu4
  Architecture: amd64
  CurrentDesktop: GNOME
  Date: Fri Jun 17 08:19:22 2016
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1593583/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1583591] Re: Removing a meta package shouldn't mark any of it's deps/recommends for autoremove

[David Kalnischkies]

This is an explicit feature – apt will mark the packages as manual if
the metapackage is removed as a consequence of another package (e.g. you
remove the browser the metapackage depends on, the office-suite will be
marked as manual to prevent it to be removed automatically just because
you don't like the browser).

If you request the removal of the metapackage explicitly through, the
dependencies will not be marked. You can do that manually as you see
fit. This is done so that people who install a suite of packages via a
metapackage can get right of this suite in (roughly) the same way they
installed it.

** Changed in: apt (Ubuntu)
   Status: New => Opinion

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1583591

Title:
  Removing a meta package shouldn't mark any of it's deps/recommends for
  autoremove

Status in apt package in Ubuntu:
  Opinion
Status in ubuntu-meta package in Ubuntu:
  New

Bug description:
  Ex.
  ~$ sudo apt autoremove
  [sudo] password for doug:
  Reading package lists... Done
  Building dependency tree
  Reading state information... Done
  0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.

  doug@doug-HP-Pavilion-Notebook:~$ sudo apt remove ubuntu-desktop
  Reading package lists... Done
  Building dependency tree
  Reading state information... Done
  The following packages were automatically installed and are no longer 
required:
    apturl apturl-common cheese gir1.2-rb-3.0 gir1.2-secret-1 
gnome-video-effects gstreamer1.0-alsa
    gstreamer1.0-plugins-base-apps libdmapsharing-3.0-2 libexiv2-14 libgexiv2-2 
libgpod-common libgpod4 libraw15
    librhythmbox-core9 libsgutils2-2 media-player-info nautilus-share 
python3-mako rhythmbox rhythmbox-data
    rhythmbox-plugin-zeitgeist rhythmbox-plugins shotwell shotwell-common snapd 
squashfs-tools ubuntu-core-launcher
  Use 'sudo apt autoremove' to remove them.
  The following packages will be REMOVED:
    ubuntu-desktop
  0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded.
  After this operation, 46.1 kB disk space will be freed.
  Do you want to continue? [Y/n] n
  Abort.

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: apt 1.2.10ubuntu1
  ProcVersionSignature: Ubuntu 4.4.0-22.40-generic 4.4.8
  Uname: Linux 4.4.0-22-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Thu May 19 08:35:52 2016
  InstallationDate: Installed on 2016-04-26 (22 days ago)
  InstallationMedia: Ubuntu 16.04 LTS "Xenial Xerus" - Release amd64 
(20160420.1)
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1583591/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1538438] Re: apt-helper crashed with SIGABRT in __gnu_cxx::__verbose_terminate_handler()

[David Kalnischkies]

Could be: 
https://anonscm.debian.org/cgit/apt/apt.git/commit/?id=84ac6edfabe1c92d67e8d441e04216ad33c89165
Which is a problem with the redirection handling, which would also explain why 
its not happening for everyone as these download servers might be doing (no) 
redirections based on the region of the requester.

At least that break fits in the timeframe, is in mentioned method
(RunMessages) and happens [only] with apt-helper (see added test), but I
use none of those downloader packages and don't feel like starting to,
so that is just an educated guess.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1538438

Title:
  apt-helper crashed with SIGABRT in
  __gnu_cxx::__verbose_terminate_handler()

Status in apt package in Ubuntu:
  Triaged

Bug description:
  Errors Bucket
  -
  
https://errors.ubuntu.com/bucket/?id=/usr/lib/apt/apt-helper%3A6%3A__gnu_cxx%3A%3A__verbose_terminate_handler%3A__cxxabiv1%3A%3A__terminate%3Astd%3A%3Aterminate%3A__cxxabiv1%3A%3A__cxa_throw%3Astd%3A%3A__throw_out_of_range_fmt

  Original Description
  
  After installing flashplugin-installer I get a prompt noting:
  [START]
  Failure to download extra data files

  The following packages requested additional data downloads after
  package installation, but the data could not be downloaded or could
  not be processed.

  flashplugin-installer

  The download will be attempted again later, or you can try the download again 
now.  Running this command requires an active Internet connection.
  [END]

  Clicking the button Run this action now causes this crash
  consistently.

  Unfortunately, this has the negative outcome of disallowing folks who
  use Firefox from being able to update, or install Flash.

  There are a fair number of these events logged in errors.ubuntu.com.

  ProblemType: CrashDistroRelease: Ubuntu 16.04
  Package: apt 1.1.10
  ProcVersionSignature: Ubuntu 4.3.0-7.18-generic 4.3.3
  Uname: Linux 4.3.0-7-generic x86_64
  ApportVersion: 2.19.4-0ubuntu1
  Architecture: amd64
  Date: Wed Jan 27 01:36:34 2016
  ExecutablePath: /usr/lib/apt/apt-helper
  InstallationDate: Installed on 2015-04-25 (276 days ago)
  InstallationMedia: Ubuntu 15.04 "Vivid Vervet" - Release amd64 (20150422)
  ProcCmdline: /usr/lib/apt/apt-helper download-file 
http://archive.canonical.com/pool/partner/a/adobe-flashplugin/adobe-flashplugin_20151228.1.orig.tar.gz
 
/var/lib/update-notifier/package-data-downloads/partial/adobe-flashplugin_20151228.1.orig.tar.gz
 SHA256:d322547d4542eeed2f57469cc0d3c10e9a55af6632c05be9fe8b6c6a0dbcffdb
  ProcEnviron:
   SHELL=/bin/bash
   LANG=en_US.UTF-8
   LANGUAGE=en_US
   TERM=xterm-256color
   PATH=(custom, no user)
  Signal: 6SourcePackage: apt
  StacktraceTop:
   __gnu_cxx::__verbose_terminate_handler() () from 
/usr/lib/x86_64-linux-gnu/libstdc++.so.6
   ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
   std::terminate() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
   __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
   std::__throw_out_of_range_fmt(char const*, ...) () from 
/usr/lib/x86_64-linux-gnu/libstdc++.so.6
  Title: apt-helper crashed with SIGABRT in 
__gnu_cxx::__verbose_terminate_handler()
  UpgradeStatus: Upgraded to xenial on 2016-01-27 (0 days ago)
  UserGroups:

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1538438/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1576960] Re: apt-mark prints ambiguous package name

[David Kalnischkies]

I presume that works (I would be using nativearch="$(dpkg --print-
architecture)" through – and poking directly into info/ is discouraged.
Checking exitcode of commands like 'dpkg-query -s "$1"' might be
better), but note that with a "foo:all" you aren't talking about a
package as packages can't have this special architecture. It is a
specific version of a package "foo:native" which was built such that it
works independently of the underlying native architecture – so the
display of fully arch-qualified package names would still be "wrong" as
apt-mark talks about packages, not about versions.

This distinction comes into play e.g. if the source package changes from
any to all (or vice versa) as this resembles a 'normal' upgrade (which
carries over data like the autobit), while there is no upgrade path in
the crossgrading foo:i386 to foo:amd64 case.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1576960

Title:
  apt-mark prints ambiguous package name

Status in apt package in Ubuntu:
  Opinion

Bug description:
  Example in shell:

  $ dpkg-query -W -f='${binary:Package} ${Status}\n' libfontconfig1
  libfontconfig1:amd64 install ok installed
  libfontconfig1:i386 install ok installed

  $ apt-mark showauto libfontconfig1
  $ apt-mark showauto libfontconfig1:i386
  libfontconfig1:i386
  $ apt-mark showmanual libfontconfig1:i386
  $ apt-mark showauto libfontconfig1:amd64
  $ apt-mark showmanual libfontconfig1
  libfontconfig1  < should be libfontconfig1:amd64
  $ apt-mark showmanual libfontconfig1:amd64
  libfontconfig1  < should be libfontconfig1:amd64

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: apt 1.0.1ubuntu2.13
  ProcVersionSignature: Ubuntu 3.13.0-85.129-lowlatency 3.13.11-ckt36
  Uname: Linux 3.13.0-85-lowlatency x86_64
  ApportVersion: 2.14.1-0ubuntu3.19
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Sat Apr 30 12:50:48 2016
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2014-09-21 (587 days ago)
  InstallationMedia: Ubuntu-Studio 14.04.1 LTS "Trusty Tahr" - Release amd64 
(20140722.1)
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.kernel.postinst.d.apt.auto.removal: [modified]
  mtime.conffile..etc.kernel.postinst.d.apt.auto.removal: 
2016-02-03T01:46:24.317010

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1576960/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1576960] Re: apt-mark prints ambiguous package name

[David Kalnischkies]

The names aren't ambiguous – if apt prints no architecture it is ALWAYS
the native architecture. This is this way for compatibility reasons as
apt hadn't previously printed any architecture – because they were all
native – so old tools, scripts, processes, … sticking to the common case
of single-architecture systems do not need to be touched/fixed.

It just happens to be a different convention than dpkg is using – which
prints the architecture only if it could be ambiguous, like for all
packages marked as M-A:same (Since recently it also shows the
architecture for M-A:foreign packages of a non-native architecture, too)
and in exchange requires an architecture to be given (for M-A:same) even
if it isn't ambiguous [which broke pre-multiarch tools, but most tools
interacting with dpkg do this via apt which shielded them].

APT can't operate with this convention as basically every package is
available in all architectures, so a package name is always ambiguous
and hence all package names would need to be fully arch-qualified all
the time. That would be a lot of noise…

** Changed in: apt (Ubuntu)
   Status: New => Opinion

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1576960

Title:
  apt-mark prints ambiguous package name

Status in apt package in Ubuntu:
  Opinion

Bug description:
  Example in shell:

  $ dpkg-query -W -f='${binary:Package} ${Status}\n' libfontconfig1
  libfontconfig1:amd64 install ok installed
  libfontconfig1:i386 install ok installed

  $ apt-mark showauto libfontconfig1
  $ apt-mark showauto libfontconfig1:i386
  libfontconfig1:i386
  $ apt-mark showmanual libfontconfig1:i386
  $ apt-mark showauto libfontconfig1:amd64
  $ apt-mark showmanual libfontconfig1
  libfontconfig1  < should be libfontconfig1:amd64
  $ apt-mark showmanual libfontconfig1:amd64
  libfontconfig1  < should be libfontconfig1:amd64

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: apt 1.0.1ubuntu2.13
  ProcVersionSignature: Ubuntu 3.13.0-85.129-lowlatency 3.13.11-ckt36
  Uname: Linux 3.13.0-85-lowlatency x86_64
  ApportVersion: 2.14.1-0ubuntu3.19
  Architecture: amd64
  CurrentDesktop: XFCE
  Date: Sat Apr 30 12:50:48 2016
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2014-09-21 (587 days ago)
  InstallationMedia: Ubuntu-Studio 14.04.1 LTS "Trusty Tahr" - Release amd64 
(20140722.1)
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)
  modified.conffile..etc.kernel.postinst.d.apt.auto.removal: [modified]
  mtime.conffile..etc.kernel.postinst.d.apt.auto.removal: 
2016-02-03T01:46:24.317010

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1576960/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1560797] Re: package systemd-sysv 225-1ubuntu9.1 failed to install/upgrade: libgcrypt20 was unconfigured during 15.10 to 16.04 upgrade

[David Kalnischkies]

Attached is a trivial patch [in retrospective] I just committed upstream
which should fix this issue – I have only verified it by logchecking
with the two status files from the buglog (again: thanks!) through, I
haven't actually run it on a real system so testers welcome!

That should be easily backportable into 2011 (= the time this regression
was introduced) even if the surrounding code changed a bit over time.
Could potentially also be worked around with strategic duplication of
Pre-Depends in Depends. So, what going on? apt doesn't check if Pre-
Depends are satisfied before configuring but that is actually hard to
trigger as apt does check them for unpack and the window between unpack
and configure is usually very small as apt is actively trying to have it
very small (compare immediate configuration) so all my attempts at
constructing a testcase for it failed so far…

** Patch added: "0001-recheck-Pre-Depends-satisfaction-in-SmartConfigure.patch"
   
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1560797/+attachment/4636054/+files/0001-recheck-Pre-Depends-satisfaction-in-SmartConfigure.patch

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1560797

Title:
  package systemd-sysv 225-1ubuntu9.1 failed to install/upgrade:
  libgcrypt20 was unconfigured during 15.10 to 16.04 upgrade

Status in apt package in Ubuntu:
  Confirmed
Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  Happened during upgrade to 16.04, don't know any more details.

  ProblemType: Package
  DistroRelease: Ubuntu 16.04
  Package: systemd-sysv 225-1ubuntu9.1
  Uname: Linux 4.4.5-040405-generic x86_64
  ApportVersion: 2.20-0ubuntu3
  Architecture: amd64
  Date: Tue Mar 22 22:56:03 2016
  ErrorMessage: pre-dependency problem - not installing systemd-sysv
  InstallationDate: Installed on 2013-04-24 (1064 days ago)
  InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130423.1)
  RelatedPackageVersions:
   dpkg 1.18.4ubuntu1
   apt  1.2.7
  SourcePackage: systemd
  Title: package systemd-sysv 225-1ubuntu9.1 failed to install/upgrade: 
pre-dependency problem - not installing systemd-sysv
  UpgradeStatus: Upgraded to xenial on 2016-03-23 (0 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1560797/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1560797] Re: package systemd-sysv 225-1ubuntu9.1 failed to install/upgrade: libgcrypt20 was unconfigured

[David Kalnischkies]

Thank you both for the files! A quick test suggests that both expose the
problem by unpacking but not configuring libgcrypt before touching
systemd.  The actual produced order is quiet different through (and both
systems are obviously far away from a minbase chroot – which happily
does the right thing™). I might have some free time later this week to
look at this closer if nobody else beats me to it… (no promise through).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1560797

Title:
  package systemd-sysv 225-1ubuntu9.1 failed to install/upgrade:
  libgcrypt20 was unconfigured

Status in apt package in Ubuntu:
  Confirmed
Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  Happened during upgrade to 16.04, don't know any more details.

  ProblemType: Package
  DistroRelease: Ubuntu 16.04
  Package: systemd-sysv 225-1ubuntu9.1
  Uname: Linux 4.4.5-040405-generic x86_64
  ApportVersion: 2.20-0ubuntu3
  Architecture: amd64
  Date: Tue Mar 22 22:56:03 2016
  ErrorMessage: pre-dependency problem - not installing systemd-sysv
  InstallationDate: Installed on 2013-04-24 (1064 days ago)
  InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130423.1)
  RelatedPackageVersions:
   dpkg 1.18.4ubuntu1
   apt  1.2.7
  SourcePackage: systemd
  Title: package systemd-sysv 225-1ubuntu9.1 failed to install/upgrade: 
pre-dependency problem - not installing systemd-sysv
  UpgradeStatus: Upgraded to xenial on 2016-03-23 (0 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1560797/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1560797] Re: package systemd-sysv 225-1ubuntu9.1 failed to install/upgrade: libgcrypt20 was unconfigured

[David Kalnischkies]

As pitti can't reproduce it with a clean system there is a good chance
an "unrelated" package from a PPA or cruft from an earlier upgrade
confuses apt (as far as I remember PPAs are disabled on upgrade in
Ubuntu, so it can't be new "unrelated" packages at least). These bugs
are everyone’s favorite and log-staring usually doesn't work that well,
so being able to reproduce this would be very nice…

What we can try is testing with the /var/lib/dpkg/status file from
BEFORE the upgrade. Backups of this file can be found in /var/backups:
The file "dpkg.status.X.gz" (where X is a number and .gz optional if X
is 0) modified last before the upgrade would be good to have. Note
before uploading: This file includes information about ALL packages you
have (or in that case had) installed and in which version (which you
might or might not consider private/personal information, but that
applies already to most log files, too).

Assuming we would have such a file we could try on a THROWAWAY system: -o 
dir::state::status=/path/to/file -o Debug::pkgAcqArchive::NoQueue=1 -o 
Debug::pkgDpkgPM=1
(theoretically its possible to run this on a system you wanna keep, but 
theoretically there is also no problem with juggling a bunch of running 
chainsaws… until something goes wrong in practice)
The output will likely be a mile long including the exact commands apt would 
have used to call dpkg. If that exposes the wrong order we are "good".

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1560797

Title:
  package systemd-sysv 225-1ubuntu9.1 failed to install/upgrade:
  libgcrypt20 was unconfigured

Status in apt package in Ubuntu:
  Confirmed
Status in systemd package in Ubuntu:
  Confirmed

Bug description:
  Happened during upgrade to 16.04, don't know any more details.

  ProblemType: Package
  DistroRelease: Ubuntu 16.04
  Package: systemd-sysv 225-1ubuntu9.1
  Uname: Linux 4.4.5-040405-generic x86_64
  ApportVersion: 2.20-0ubuntu3
  Architecture: amd64
  Date: Tue Mar 22 22:56:03 2016
  ErrorMessage: pre-dependency problem - not installing systemd-sysv
  InstallationDate: Installed on 2013-04-24 (1064 days ago)
  InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130423.1)
  RelatedPackageVersions:
   dpkg 1.18.4ubuntu1
   apt  1.2.7
  SourcePackage: systemd
  Title: package systemd-sysv 225-1ubuntu9.1 failed to install/upgrade: 
pre-dependency problem - not installing systemd-sysv
  UpgradeStatus: Upgraded to xenial on 2016-03-23 (0 days ago)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1560797/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1566657] Re: [apt] implement --yes

[David Kalnischkies]

The apt(8) manpage doesn't list any options (okay, it mentions a selected few, 
but it has no long list like the other manpages).
It lists only subcommands like 'install' or 'show' and refers the reader to the 
manpage of apt-get or apt-cache or whatever for details because repeating the 
very same options would not only be a big duplication, but also a freaking long 
manpage nobody will ever read AND it will also be confusing because the 
hundreds of options in such a manpage would apply each only to a selected few 
of the subcommands.

So, yeah, the user will have to read the manpages of the underlying
applications he or she is pointed to be the apt manpages – but given the
potential alternative of lumping all manpages into a single big one,
that feels like a feature.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1566657

Title:
  [apt] implement --yes

Status in apt package in Ubuntu:
  Incomplete

Bug description:
  Please implement the option '--yes' (known from apt-get) in apt
  itself.

  It is not available in Ubuntu 16.04 Beta.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1566657/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1566657] Re: [apt] implement --yes

[David Kalnischkies]

well, apt 1.2.10 is in xenial and in that version my example works, so I
fear you will need to provide a few more details like the entire output
and commandline of the command you try.

(it works also in earlier versions and I am relatively sure it works
since the dawn of the apt-binary as its used in our testcases, but I
have just tried with my local build)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1566657

Title:
  [apt] implement --yes

Status in apt package in Ubuntu:
  Incomplete

Bug description:
  Please implement the option '--yes' (known from apt-get) in apt
  itself.

  It is not available in Ubuntu 16.04 Beta.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1566657/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1565782] Re: APT doesn't respect pin-priority when using APT::Default-Release option

[David Kalnischkies]

All settings involving pinning are of the first-come-first-serve level.
Adding an exception for the default-release setting to have an effect on
all packages from this release "maybe" is just complicating a feature in
usage, documentation and code which is already very complicated – and
what makes default-release be so special, why not for all of them…
(which can't be done because behavior changes are a no-no in general).

Or in other words: You are arguing that default-release should not
override pinnings of packages but that doesn't happen. It overrides the
pinning of releases. If it wouldn't be doing that, what would be the
point…

The usecase for this is your very own usecase – or how do you overrule
your preferences setting in case you occasionally don't want the PPA to
take the lead?

You can use globs and regexes in preferences btw.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1565782

Title:
  APT doesn't respect pin-priority when using APT::Default-Release
  option

Status in apt package in Ubuntu:
  Invalid

Bug description:
  I'm trying to pin packages from the proprietary graphics drivers PPA,
  and I want APT to use this PPA even if a newer version is available in
  a target release, so I put it at a pin-priority of 999

  --- /etc/apt/preferences.d/graphics-drivers-ppa-pin-999
  Package: *
  Pin: release o=LP-PPA-graphics-drivers
  Pin-Priority: 999
  ---

  If I test this with 'apt-cache policy', the priorities seems to be
  correct.

  ---
  $ apt-cache policy nvidia-346
  nvidia-346:
Installerad: 346.96-0ubuntu0~gpu14.04.2
Kandidat:346.96-0ubuntu0~gpu14.04.2
Versionstabell:
   352.63-0ubuntu0.14.04.1 0
  500 http://se.archive.ubuntu.com/ubuntu/ trusty-updates/restricted 
amd64 Packages
  500 http://security.ubuntu.com/ubuntu/ trusty-security/restricted 
amd64 Packages
   *** 346.96-0ubuntu0~gpu14.04.2 0
  999 http://ppa.launchpad.net/graphics-drivers/ppa/ubuntu/ trusty/main 
amd64 Packages
  100 /var/lib/dpkg/status
  ---

  But if I use the 'APT::Default-Release' configuration option, the
  priority gets lowered to 990, resulting in the wrong candidate.

  ---
  $ apt-cache -o 'APT::Default-Release=trusty' policy nvidia-346
  nvidia-346:
Installerad: 346.96-0ubuntu0~gpu14.04.2
Kandidat:352.63-0ubuntu0.14.04.1
Versionstabell:
   352.63-0ubuntu0.14.04.1 0
  990 http://se.archive.ubuntu.com/ubuntu/ trusty-updates/restricted 
amd64 Packages
  990 http://security.ubuntu.com/ubuntu/ trusty-security/restricted 
amd64 Packages
   *** 346.96-0ubuntu0~gpu14.04.2 0
  990 http://ppa.launchpad.net/graphics-drivers/ppa/ubuntu/ trusty/main 
amd64 Packages
  100 /var/lib/dpkg/status
  ---

  The same thing happens when using apt-get/aptitude's '-t' flag, i.e.
  the wrong version gets marked for installation. It seems the policy
  engine sets the priority to 990 if the package matches the target
  release, regardless of the previous (higher) value. I think this
  behavior is a bug and should be fixed so that a certain package's
  priority doesn't get lowered for belonging to the target release.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: apt 1.0.1ubuntu2.11
  ProcVersionSignature: Ubuntu 3.13.0-83.127-generic 3.13.11-ckt35
  Uname: Linux 3.13.0-83-generic x86_64
  NonfreeKernelModules: nvidia
  ApportVersion: 2.14.1-0ubuntu3.19
  Architecture: amd64
  Date: Mon Apr  4 14:11:26 2016
  InstallationDate: Installed on 2014-08-08 (605 days ago)
  InstallationMedia: Ubuntu 14.04.1 LTS "Trusty Tahr" - Release amd64 
(20140722.2)
  ProcEnviron:
   TERM=xterm-256color
   SHELL=/bin/bash
   PATH=(custom, user)
   LANG=sv_SE.UTF-8
   XDG_RUNTIME_DIR=
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1565782/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1566657] Re: [apt] implement --yes

[David Kalnischkies]

Please mention the exact command you are trying as --yes is implemented
in apt… e.g. "apt install sauerbraten --yes".

** Changed in: apt (Ubuntu)
   Status: New => Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1566657

Title:
  [apt] implement --yes

Status in apt package in Ubuntu:
  Incomplete

Bug description:
  Please implement the option '--yes' (known from apt-get) in apt
  itself.

  It is not available in Ubuntu 16.04 Beta.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1566657/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1565782] Re: APT doesn't respect pin-priority when using APT::Default-Release option

[David Kalnischkies]

This is a feature, so you can pin a release (like backports) to a low
value, but raise it easily if you need to. It is also explicitly
documented in the apt_preferences manpage, which also mentions a
"workaround": Note that this [= the target release setting] has
precedence over any general priority you set in the /etc/apt/preferences
file described later, but not over specifically pinned packages.

Closing as not-a-bug hence.

** Changed in: apt (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1565782

Title:
  APT doesn't respect pin-priority when using APT::Default-Release
  option

Status in apt package in Ubuntu:
  Invalid

Bug description:
  I'm trying to pin packages from the proprietary graphics drivers PPA,
  and I want APT to use this PPA even if a newer version is available in
  a target release, so I put it at a pin-priority of 999

  --- /etc/apt/preferences.d/graphics-drivers-ppa-pin-999
  Package: *
  Pin: release o=LP-PPA-graphics-drivers
  Pin-Priority: 999
  ---

  If I test this with 'apt-cache policy', the priorities seems to be
  correct.

  ---
  $ apt-cache policy nvidia-346
  nvidia-346:
Installerad: 346.96-0ubuntu0~gpu14.04.2
Kandidat:346.96-0ubuntu0~gpu14.04.2
Versionstabell:
   352.63-0ubuntu0.14.04.1 0
  500 http://se.archive.ubuntu.com/ubuntu/ trusty-updates/restricted 
amd64 Packages
  500 http://security.ubuntu.com/ubuntu/ trusty-security/restricted 
amd64 Packages
   *** 346.96-0ubuntu0~gpu14.04.2 0
  999 http://ppa.launchpad.net/graphics-drivers/ppa/ubuntu/ trusty/main 
amd64 Packages
  100 /var/lib/dpkg/status
  ---

  But if I use the 'APT::Default-Release' configuration option, the
  priority gets lowered to 990, resulting in the wrong candidate.

  ---
  $ apt-cache -o 'APT::Default-Release=trusty' policy nvidia-346
  nvidia-346:
Installerad: 346.96-0ubuntu0~gpu14.04.2
Kandidat:352.63-0ubuntu0.14.04.1
Versionstabell:
   352.63-0ubuntu0.14.04.1 0
  990 http://se.archive.ubuntu.com/ubuntu/ trusty-updates/restricted 
amd64 Packages
  990 http://security.ubuntu.com/ubuntu/ trusty-security/restricted 
amd64 Packages
   *** 346.96-0ubuntu0~gpu14.04.2 0
  990 http://ppa.launchpad.net/graphics-drivers/ppa/ubuntu/ trusty/main 
amd64 Packages
  100 /var/lib/dpkg/status
  ---

  The same thing happens when using apt-get/aptitude's '-t' flag, i.e.
  the wrong version gets marked for installation. It seems the policy
  engine sets the priority to 990 if the package matches the target
  release, regardless of the previous (higher) value. I think this
  behavior is a bug and should be fixed so that a certain package's
  priority doesn't get lowered for belonging to the target release.

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: apt 1.0.1ubuntu2.11
  ProcVersionSignature: Ubuntu 3.13.0-83.127-generic 3.13.11-ckt35
  Uname: Linux 3.13.0-83-generic x86_64
  NonfreeKernelModules: nvidia
  ApportVersion: 2.14.1-0ubuntu3.19
  Architecture: amd64
  Date: Mon Apr  4 14:11:26 2016
  InstallationDate: Installed on 2014-08-08 (605 days ago)
  InstallationMedia: Ubuntu 14.04.1 LTS "Trusty Tahr" - Release amd64 
(20140722.2)
  ProcEnviron:
   TERM=xterm-256color
   SHELL=/bin/bash
   PATH=(custom, user)
   LANG=sv_SE.UTF-8
   XDG_RUNTIME_DIR=
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1565782/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1558331] Re: message "The repository is insufficiently signed by key (weak digest)" is poorly worded

[David Kalnischkies]

We had the intention (#818639) but forgot it then so only zh_CN was
fixed in 1.2.8 … I commited the comma-drop now [I would like to claim
that this comma makes perfect sense in German but even there it is a bit
strange].

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1558331

Title:
  message "The repository is insufficiently signed by key  (weak
  digest)" is poorly worded

Status in apt package in Ubuntu:
  Confirmed

Bug description:
  The title pretty much says it all.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1558331/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1558484] Re: Ubuntu 12.04: apt-get can't parse repository url if username contains @ ('at' sign)

[David Kalnischkies]

I realized that even the reporter say that in newer versions it works –
so no wonder I couldn't reproduce it. I modified our basic-auth test to
check for this issue specifically, so we aren't going to regress on
this.

The history suggests this could be fixed by
436d7eab92bb8f9cc6498acfbf2055e717be6fd0 (from 2010, but that stayed in
experimental for a long time – still, not sure, probably something
better hidden). In either case, fixed by now, so changing status to fix
released. I doubt this is valuable enough to be backported (the bug, not
the commit).

** Changed in: apt (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1558484

Title:
  Ubuntu 12.04: apt-get can't parse repository url if username contains
  @ ('at' sign)

Status in apt package in Ubuntu:
  Fix Released

Bug description:
  Reporting a bug as suggested in 
https://answers.launchpad.net/ubuntu/+question/288658
  I attached Vagrantfile that reproduces the problem in which I try to add the 
following repositories to apt:

  deb https://FOO@BAR:p...@not-existing-domain.com/xyz precise non-free
  deb https://FOO%40BAR:p...@not-existing-domain.com/xyz precise non-free

  ---

  For both URLs the error message on Ubuntu 12.04 is the same:

  Failed to fetch https://domain.com/xyz/dists/precise/non-free/binary-
  amd64/Packages  Couldn't resolve host 'BAR'

  $ lsb_release -a
  Distributor ID:   Ubuntu
  Description:  Ubuntu 12.04.5 LTS
  Release:  12.04
  Codename: precise
  $ apt-get --version
  apt 0.8.16~exp12ubuntu10.26 for amd64 compiled on Aug  5 2015 19:06:57

  ---

  On Ubuntu 14.04 the URL is parsed correctly as in both cases the
  following error message is printed:

  Failed to fetch https://not-existing-domain.com/xyz/dists/precise/non-
  free/binary-i386/Packages  Could not resolve host: not-existing-
  domain.com

  $ lsb_release -a
  Distributor ID:   Ubuntu
  Description:  Ubuntu 14.04.4 LTS
  Release:  14.04
  Codename: trusty
  $ apt-get --version
  apt 1.0.1ubuntu2 for amd64 compiled on Jan 12 2016 20:13:58

  For security reasons I prefer not to disclose the real repository URL,
  but it works on Ubuntu 14.04 and doesn't work on 12.04.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1558484/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1279776] Re: Encountered a section with no Package: header

[David Kalnischkies]

Raring is out-of-support for 2 years now (and was already unsupported at
the time of the bugreport) and the report misses all sorts of details to
be actionable.

I guess this was a "web-portal confusing apt" issue back then, which is
long fixed by now, hence opportunistically closing – if that is
reproducible in any recent version feel free to reopen.

** Changed in: apt (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1279776

Title:
  Encountered a section with no Package: header

Status in apt package in Ubuntu:
  Invalid

Bug description:
  chisang2013@chisang2013-HP-ProBook-4430s:/var/www/bart2$ sudo apt-get update
  [sudo] password for chisang2013: 
  Sorry, try again.
  [sudo] password for chisang2013: 
  Get:1 http://security.ubuntu.com raring-security Release.gpg [933 B]  
   
  Get:2 http://extras.ubuntu.com raring Release.gpg [72 B]  
  
  Get:3 http://mw.archive.ubuntu.com raring Release.gpg [933 B]
  Get:4 http://security.ubuntu.com raring-security Release [40.8 kB]
   
  Get:5 http://mw.archive.ubuntu.com raring-updates Release.gpg [933 B] 
 
  Get:6 http://extras.ubuntu.com raring Release [9,756 B]   
   
  Get:7 http://mw.archive.ubuntu.com raring-backports Release.gpg [933 B]   
   
  Get:8 http://mw.archive.ubuntu.com raring Release [40.8 kB]   
   
  Get:9 http://security.ubuntu.com raring-security/main Sources [58.3 kB]   
   
  Get:10 http://extras.ubuntu.com raring/main Sources [14 B]
   
  Get:11 http://extras.ubuntu.com raring/main i386 Packages [14 B]  
   
  Get:12 http://security.ubuntu.com raring-security/restricted Sources [14 B]   
   
  Get:13 http://security.ubuntu.com raring-security/universe Sources [14.3 kB]  
   
  Get:14 http://mw.archive.ubuntu.com raring-updates Release [40.8 kB]  
 
  Get:15 http://extras.ubuntu.com raring/main Translation-en_US 
   
  Get:16 http://security.ubuntu.com raring-security/multiverse Sources [2,262 
B]   
  Get:17 http://security.ubuntu.com raring-security/main i386 Packages [154 kB] 
   
  Get:18 http://mw.archive.ubuntu.com raring-backports Release [40.8 kB]
   
  Get:19 http://mw.archive.ubuntu.com raring/main Sources [963 kB]  
   
  Get:20 http://mw.archive.ubuntu.com raring/restricted Sources [5,987 B]   
   
  Get:21 http://mw.archive.ubuntu.com raring/universe Sources [5,838 kB]
   
  Get:22 http://security.ubuntu.com raring-security/main i386 Packages [154 kB] 
   
  Get:23 http://security.ubuntu.com raring-security/main i386 Packages [154 kB] 
   
  Get:24 http://security.ubuntu.com raring-security/main i386 Packages [154 kB] 
   
  Get:25 http://security.ubuntu.com raring-security/main i386 Packages [154 kB] 
   
  Get:26 http://mw.archive.ubuntu.com raring/universe Sources [5,838 kB]
  Get:27 http://mw.archive.ubuntu.com raring/multiverse Sources [171 kB]
   
  Get:28 http://mw.archive.ubuntu.com raring/main i386 Packages [1,168 kB]  
   
  Get:29 http://security.ubuntu.com raring-security/main i386 Packages [154 kB] 
   
  Get:30 http://mw.archive.ubuntu.com raring/restricted i386 Packages [9,623 B] 
   
  Get:31 http://mw.archive.ubuntu.com raring/universe i386 Packages [5,405 kB]  
   
  Get:32 http://security.ubuntu.com raring-security/main i386 Packages [154 kB] 
   
  Get:33 http://security.ubuntu.com raring-security/main i386 Packages [154 kB] 
   
  Get:34 http://security.ubuntu.com raring-security/main i386 Packages [154 kB]
  Get:35 http://security.ubuntu.com raring-security/restricted i386 Packages 
[14 B]
  Get:36 http://security.ubuntu.com raring-security/universe i386 Packages 
[53.7 kB]   
  Get:37 http://security.ubuntu.com raring-security/multiverse i386 Packages 
[3,858 B] 
  Get:38 http://security.ubuntu.com raring-security/main Translation-en [79.9 
kB]  
  Get:39 http://security.ubuntu.com raring-security/multiverse Translation-en 
[1,826 B]
  Get:40 http://security.ubuntu.com raring-security/restricted Translation-en 
[14 B]   
  Get:41 http://security.ubuntu.com raring-security/universe Translation-en 
[32.1 kB]  
  Get:42 http://security.ubuntu.com raring-security/main Translation-en_US  
   
  Get:43 http://mw.archive.ubuntu.com raring/multiverse i386 Packages [131 kB]  
   
  Get:44 http://mw.archive.ubuntu.com raring/main Translation-en [673 kB]   
   
  Get:45 http://mw.archive.ubuntu.com raring/multiverse Translation-en [98.4 
kB]   
  Get:46 

[Touch-packages] [Bug 1559860] Re: [feature-request] Add clean option for apt command

[David Kalnischkies]

That is the case since at least version 1.1~exp15, so closing as done.

Note that 'apt' isn't supposed to replace 'apt-get'. They can happily
co-exist and should be used as needed.

** Changed in: apt (Ubuntu)
   Status: New => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1559860

Title:
  [feature-request] Add clean option for apt command

Status in apt package in Ubuntu:
  Fix Released

Bug description:
  If it has the clean option, it will be great, so we can fully replace
  apt-get with it.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1559860/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1558484] Re: Ubuntu 12.04: apt-get can't parse repository url if username contains @ ('at' sign)

[David Kalnischkies]

With a quick test I can't reproduce this with %40 as encoding, but I
will try some more later.

I would highly recommend to NOT write your authentication information in
sources.list through. Beside the parsing problem you seem to encounter,
you can't reasonably change the permission of the file (it has to be
world-readable to have apt-based tools in a functional state).

Instead, create the file /etc/apt/auth.conf and and use the netrc(5)
format to specify the authentication tokens. You can change the access
permissions to this file to your liking (600 for example) as a bonus.

Example: echo 'machine example.org\nlogin star\npassword hunter2' >
/etc/apt/auth.conf

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1558484

Title:
  Ubuntu 12.04: apt-get can't parse repository url if username contains
  @ ('at' sign)

Status in apt package in Ubuntu:
  New

Bug description:
  Reporting a bug as suggested in 
https://answers.launchpad.net/ubuntu/+question/288658
  I attached Vagrantfile that reproduces the problem in which I try to add the 
following repositories to apt:

  deb https://FOO@BAR:p...@not-existing-domain.com/xyz precise non-free
  deb https://FOO%40BAR:p...@not-existing-domain.com/xyz precise non-free

  ---

  For both URLs the error message on Ubuntu 12.04 is the same:

  Failed to fetch https://domain.com/xyz/dists/precise/non-free/binary-
  amd64/Packages  Couldn't resolve host 'BAR'

  $ lsb_release -a
  Distributor ID:   Ubuntu
  Description:  Ubuntu 12.04.5 LTS
  Release:  12.04
  Codename: precise
  $ apt-get --version
  apt 0.8.16~exp12ubuntu10.26 for amd64 compiled on Aug  5 2015 19:06:57

  ---

  On Ubuntu 14.04 the URL is parsed correctly as in both cases the
  following error message is printed:

  Failed to fetch https://not-existing-domain.com/xyz/dists/precise/non-
  free/binary-i386/Packages  Could not resolve host: not-existing-
  domain.com

  $ lsb_release -a
  Distributor ID:   Ubuntu
  Description:  Ubuntu 14.04.4 LTS
  Release:  14.04
  Codename: trusty
  $ apt-get --version
  apt 1.0.1ubuntu2 for amd64 compiled on Jan 12 2016 20:13:58

  For security reasons I prefer not to disclose the real repository URL,
  but it works on Ubuntu 14.04 and doesn't work on 12.04.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1558484/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 589941] Re: Incorrect status of downloaded bytes while upgrading

[David Kalnischkies]

See 
https://anonscm.debian.org/cgit/apt/apt.git/commit/?id=9127d7aecf01f2999a2589e4b0503288518b2927
 and
https://anonscm.debian.org/cgit/apt/apt.git/commit/?id=27925d82dd0cbae74d48040363fe6f6c2bae5215
 among others.

Backporting of these changes itself might not be sensible, but we
"backported" these changes to jessie (which at that time early last year
was frozen) in and around 1.0.9.8. Later versions have that natively of
course.

** Changed in: apt (Ubuntu)
   Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/589941

Title:
  Incorrect status of downloaded bytes while upgrading

Status in Aptdaemon:
  Fix Released
Status in apt package in Ubuntu:
  Fix Released

Bug description:
  Distribution
  
  OS Description: Ubuntu maverick (development branch)
  Release: 10.10-alpha1-amd64
  System Architecture: amd64

  Package
  ==
  aptdaemon
  Version: 0.31+bzr412-0ubuntu1

  Bug Description
  
  When the update manager starts to "update", i.e. starts to download packages, 
it shows incorrect status. 

  Once a particular package (lets say of size N kB) has been downloaded,
  the progress bar corresponding to it reflects the status correctly
  showing 100%. However, the textfield beside the proogressbar shows
  "Downloaded 0B of N kB" which is evidently incorrect. This is
  conspicuous in the attached screenshot.

To manage notifications about this bug go to:
https://bugs.launchpad.net/aptdaemon/+bug/589941/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1550741] Re: Upgrade failed - unauthenticated package (module-init-tools)

[David Kalnischkies]

(as I was asked to have a look – only reviewing based on comments and
code in this bug through)

I guess setting the state explicit here is okay, I wonder why the
package hasn't any state through – isn't that kinda normal for a package
not touched at all? I also think it is wrong that .get_changes() returns
packages in "non-interesting" states as those are clearly not changes.

Basic sanity checking might be in order here to catch such issues in the
future as e.g. a package from archive "now" (which is the designation
for a package in the dpkg/status file) can realistically only be
removed.

APT has the test-bug-735967-lib32-to-i386-unavailable testcase which
produces such a situation, the heisenstate doesn't seem to interest apt
through and can't be easily observed. Maybe the tests should be extended
to be able to call python – the ability could be handy as a CI test in
general.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1550741

Title:
  Upgrade failed - unauthenticated package (module-init-tools)

Status in apt package in Ubuntu:
  Confirmed
Status in module-init-tools package in Ubuntu:
  Confirmed
Status in ubuntu-release-upgrader package in Ubuntu:
  Confirmed

Bug description:
  Upgrading an updated (+ hwe) 14.04 to 16.04 fails on module-init-tools
  being unauthentiated

  ProblemType: Bug
  DistroRelease: Ubuntu 14.04
  Package: ubuntu-release-upgrader-core 1:0.220.8
  ProcVersionSignature: Ubuntu 4.2.0-30.36~14.04.1-generic 4.2.8-ckt3
  Uname: Linux 4.2.0-30-generic i686
  ApportVersion: 2.14.1-0ubuntu3.19
  Architecture: i386
  CrashDB: ubuntu
  CurrentDesktop: XFCE
  Date: Sat Feb 27 15:46:12 2016
  InstallationDate: Installed on 2016-02-27 (0 days ago)
  InstallationMedia: Xubuntu 14.04 LTS "Trusty Tahr" - Release i386 (20140416.2)
  PackageArchitecture: all
  SourcePackage: ubuntu-release-upgrader
  Symptom: ubuntu-release-upgrader
  UpgradeStatus: Upgraded to trusty on 2016-02-27 (0 days ago)
  VarLogDistupgradeTermlog:

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1550741/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1481871] Re: apt-key del silently fails to delete keys due to limited understanding of GPG key ID formats

[David Kalnischkies]

> Does this issue have a CVE assigned yet? Does it have a Debian
bugreport yet?

It has neither and it needs neither in my humble opinion.

The longid issue had its own bugreport in Debian (#754436) which used the 
included patch (more or less) for Jessie while the 1.1 series (at that time 
already) had apt-key rewritten fixing this among other things. The unblock 
request back then mentions explicitly the inability of apt/jessie to work with 
fingerprints at the benefit of not introducing untested changes late in the 
release process.
As already mentioned 1.1 in Debian (and Ubuntu) supports fingerprints just 
fine, so there isn't anything left to be done for Debian.

In the end, "apt-key del" is supposed to be used only to get away from using 
apt-key as what you are supposed to be doing is ship your own -keyring package 
which contains a /etc/apt/trusted.gpg.d/ fragment file instead of using 
"apt-key add /path/to/file" to add your key to a central file (from which you 
have to delete it again on remove with "apt-key del"). I doubt the chances to 
have collision even with shortids among archive keyrings in the wild is high. 
With longids its even less likely. And what exactly is to be gained by such a 
collision given that all you get is to take another key (you collision with) 
with you at the time your maintainerscript (run with root rights I have to add) 
removes it…
[That "apt-key del" isn't failing and can't be changed to do it if it hasn't 
removed a key is btw based on the problem that its mostly called by 
maintainerscript, which don't ignore failures]

If on the other hand you happen to think you could revert a "apt-key
adv" command like "--recv-key" with a "apt-key del" you are wrong as it
isn't safe to fetch a key directly into an always trusted keyring to
begin with (mainly as you can't be sure that gpg is actually inserting
the key you wanted it to and no amount of fingerprint is helping here).
See this subthread (and followups) for the written affirmation of
Debians gnupg maintainer(s) that you can't:
https://lists.alioth.debian.org/pipermail/pkg-gnupg-
maint/2015-August/002802.html  [just so you don't have to "just trust
me" on this].

So, in summary, I believe that the chance that you have a security bug
on your(!) side based on the idea that you need a fingerprint in this
scenario to interact with apt-key is a lot higher than the chance to
encounter a collision even on short keyids in this scenario.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1481871

Title:
  apt-key del silently fails to delete keys due to limited understanding
  of GPG key ID formats

Status in apt package in Ubuntu:
  Confirmed

Bug description:
  Description:  Ubuntu 14.04.3 LTS
  Release:  14.04

  apt:
    Installed: 1.0.1ubuntu2.10

  apt-key adv --recv-keys --keyserver hkp://keyserver.ubuntu.com:80
  7A82B743B9B8E46F12C733FA4759FA960E27C0A6

  apt-key export 7A82B743B9B8E46F12C733FA4759FA960E27C0A6 # key is here

  apt-key del  7A82B743B9B8E46F12C733FA4759FA960E27C0A6 # delete key

  apt-key export 7A82B743B9B8E46F12C733FA4759FA960E27C0A6 # key is still
  here

  # Works fine with IDs

  apt-key del  0E27C0A6

  apt-key export 7A82B743B9B8E46F12C733FA4759FA960E27C0A6 # nothing
  exported

  # Works fine with fingerprint on Precise

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1481871/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1528765] Re: packages deb filename is not consistant

[David Kalnischkies]

And I don't want epochs to exist. And I want all filesystems to support
":" in filenames. And I want a million dollars and world peace – but the
world doesn't work that way.

apt needs to save the file with an epoch to know the difference between
version 1 and version 1:1. And it has to store it encoded to support
filesystems which can't deal with ":" in filenames. We are not breaking
apt to make you not have to look at epochs, sorry pal.

Oh, and reinstalls can be done with "apt install --reinstall $pkg".

** Changed in: apt (Ubuntu)
   Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1528765

Title:
  packages deb filename is not consistant

Status in apt package in Ubuntu:
  Invalid

Bug description:
  there are hundreds of packages where the local filename and remote filenames 
do not match
  here are 2 examples

  REMOTE
  # apt-cache show acpid | grep "Filename"
  Filename: pool/main/a/acpid/acpid_2.0.23-1ubuntu2_amd64.deb

  LOCAL
  # ls -al /var/cache/apt/archives/acpid*
  -rw-r--r-- 1 root root 36266 Dec  3 07:05 
/var/cache/apt/archives/acpid_1%3a2.0.23-1ubuntu2_amd64.deb

  REMOTE
  # apt-cache show compiz | grep "Filename"
  Filename: pool/main/c/compiz/compiz_0.9.12.2+16.04.20151026-0ubuntu1_all.deb

  LOCAL
  # ls -al /var/cache/apt/archives/compiz*
  -rw-r--r-- 1 root root3864 Nov  3 04:39 
/var/cache/apt/archives/compiz_1%3a0.9.12.2+16.04.20151026-0ubuntu1_all.deb

  I think after these 2 examples you start to get the idea

  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: apt 1.1.5
  ProcVersionSignature: Ubuntu 4.3.0-2.11-generic 4.3.0
  Uname: Linux 4.3.0-2-generic x86_64
  NonfreeKernelModules: nvidia
  ApportVersion: 2.19.3-0ubuntu2
  Architecture: amd64
  CurrentDesktop: MATE
  Date: Tue Dec 22 08:04:09 2015
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1528765/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1497534] Re: apt-get crashed with SIGSEGV in strlen()

[David Kalnischkies]

I haven't seen a crash myself, just "garbage" results (mostly apt trying
to use Translation-rowf%&$ files), but in all likelihood this is the
result of gcc5 changing to a c++11-compatible std::string implementation
– which the previous copy-on-write implementation isn't. apt was
depending on this behavior to store for which language the Translation
is aka the result of a X.c_str() call in a char* where X runs out of
scope shortly after – but X was just a copy of a globally stored
std::string (in that case in the deeps of _config). strlen on such a
wild pointer has at least a chance of segfaulting…

See also #1486061.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1497534

Title:
  apt-get crashed with SIGSEGV in strlen()

Status in apt package in Ubuntu:
  Incomplete
Status in apt source package in Wily:
  Incomplete

Bug description:
  ubuntu 15.10 new upgrade

  ProblemType: Crash
  DistroRelease: Ubuntu 15.10
  Package: apt 1.0.9.10ubuntu6
  ProcVersionSignature: Ubuntu 4.2.0-10.11-generic 4.2.0
  Uname: Linux 4.2.0-10-generic x86_64
  ApportVersion: 2.18.1-0ubuntu1
  Architecture: amd64
  Date: Sat Sep 19 12:26:47 2015
  ExecutablePath: /usr/bin/apt-get
  InstallationDate: Installed on 2014-12-30 (262 days ago)
  InstallationMedia: Ubuntu 14.10 "Utopic Unicorn" - Release amd64 (20141022.1)
  ProcCmdline: apt-get --yes autoremove
  ProcEnviron:
   PATH=(custom, no user)
   LANG=it_IT.UTF-8
   LANGUAGE=it_IT
   SHELL=/bin/bash
   TERM=unknown
  SegvAnalysis:
   Segfault happened at: 0x7f73ded537fa :   movdqa (%rax),%xmm8
   PC (0x7f73ded537fa) ok
   source "(%rax)" (0x5622126b7000) not located in a known VMA region (needed 
readable region)!
   destination "%xmm8" ok
  SegvReason: reading unknown VMA
  Signal: 11
  SourcePackage: apt
  StacktraceTop:
   strlen () at ../sysdeps/x86_64/strlen.S:214
   debTranslationsIndex::IndexURI[abi:cxx11](char const*) const () from 
/usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16
   debTranslationsIndex::Exists() const () from 
/usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16
   ?? () from /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16
   pkgCacheGenerator::MakeStatusCache(pkgSourceList&, OpProgress*, MMap**, 
bool) () from /usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.16
  Title: apt-get crashed with SIGSEGV in strlen()
  UpgradeStatus: Upgraded to wily on 2015-09-19 (0 days ago)
  UserGroups:

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1497534/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1486061] Re: Long descriptions missing from apt cache - affects software-center etc

[David Kalnischkies]

The patchset applied in ubuntu for the gcc5 transition wasn't complete;
I thought that it would have been synced back by now, but it seems not…
– I had added a few more changes on top of Michaels changes (including
the one Kiwinote referred to) to make it not only build, but also build
something passing our testcases (as the only partly working
Translation-* trashes our testcases). That is also the cause for other
recent bugreport like #1497534 here I would guess.

It is probably not the worst idea to think about applying 8965b2f8 (the
one mentioned above) – even if it is technically an abibreak, in
practice only libapt itself is using (and is actually able to use) the
symbol which is why in newer libapt versions the symbol isn't even
exported anymore. 130f34b7 should be applied as well for entirely
different reasons (even through it isn't a security fix in any way, it
should be dealt with as one). No idea where Ubuntu is in the release
cycle frankly as I have other things to worry about at the moment, but
instead of cherry-picking these it might be better to use the entire
release. They are well tested by now and bugfix only…

Feel free to ask me for more details if need be, but expect delays as I
read mail between two grape presses at the Most (pun intended, even
through mostly a my-region-only pun).

And a, btw mc3man: I wouldn't advice to install the Debian version
directly on Ubuntu – it depends on the wrong archive-keyring for
example. At the very least, you should recompile it, then the
buildsystem will take care of setting the right things.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1486061

Title:
  Long descriptions missing from apt cache - affects software-center etc

Status in apt package in Ubuntu:
  Confirmed

Bug description:
  apt 1.0.9.10ubuntu6 and 1.0.9.10ubuntu7 - ubuntu wily

  It appears that on wily the long package descriptions are missing from
  the apt-cache. As a result of this bug full package descriptions are
  missing (amongst others) in software-center, update-manager, synaptic
  etc.

  The files like /var/lib/apt/lists/archive.ubuntu
  .com_ubuntu_dists_wily_universe_i18n_Translation-en do exist with a
  recent timestamp, so it looks the downloading of the translations has
  taken place.

  Using the python bindings cache['gimp'].candidate.description returns
  an empty string.

  Apt-cache also seems to be missing the 'Description-en' key:

  $ apt-cache show gimp
  Package: gimp
  Priority: optional
  Section: graphics
  Installed-Size: 15538
  Maintainer: Ubuntu Developers 
  Original-Maintainer: Ari Pollak 
  Architecture: amd64
  Version: 2.8.14-1ubuntu2
  Replaces: gimp-plugin-registry (<< 4.20120506)
  Provides: gimp-python
  Depends: libgimp2.0 (>= 2.8.14), libgimp2.0 (<= 2.8.14-z), gimp-data (>= 
2.8.14), gimp-data (<= 2.8.14-z), python-gtk2 (>= 2.8.0), libgdk-pixbuf2.0-0 
(>= 2.24.1), libaa1 (>= 1.4p5), libbabl-0.1-0 (>= 0.1.10), libbz2-1.0, libc6 
(>= 2.15), libcairo2 (>= 1.10.2), libdbus-1-3 (>= 1.0.2), libdbus-glib-1-2 (>= 
0.88), libexif12 (>= 0.6.21-1~), libfontconfig1 (>= 2.9.0), libfreetype6 (>= 
2.2.1), libgegl-0.3-0 (>= 0.3.0), libglib2.0-0 (>= 2.41.1), libgs9 (>= 
8.61.dfsg.1), libgtk2.0-0 (>= 2.24.10), libgudev-1.0-0 (>= 146), libjasper1, 
libjpeg8 (>= 8c), liblcms2-2 (>= 2.2+git20110628), libmng2 (>= 1.0.10), 
libpango-1.0-0 (>= 1.29.4), libpangocairo-1.0-0 (>= 1.29.4), libpangoft2-1.0-0 
(>= 1.29.4), libpng12-0 (>= 1.2.13-4), libpoppler-glib8 (>= 0.18.0), librsvg2-2 
(>= 2.14.4), libtiff5 (>= 4.0.3), libwmf0.2-7 (>= 0.2.8.4), libx11-6, 
libxcursor1 (>> 1.1.2), libxext6, libxfixes3, libxmu6, libxpm4, zlib1g (>= 
1:1.1.4), python:any (>= 2.6.6-7~), python2.7
  Recommends: ghostscript
  Suggests: gimp-help-en | gimp-help, gimp-data-extras, gvfs-backends, 
libasound2
  Breaks: gimp-plugin-registry (<< 4.20120506)
  Filename: pool/main/g/gimp/gimp_2.8.14-1ubuntu2_amd64.deb
  Size: 3476280
  MD5sum: d33d0d48362d03767f486185fa3e21cf
  SHA1: 8f65b842f5ec4a07b8ebf71c13ed9f97ed886474
  SHA256: 92eebf090c4f7f7e7ec5d9a06f3fe34f35221c44602d290201b05aa73b2ff2e1
  Description: The GNU Image Manipulation Program
  Description-md5: ad6dd18a09fb86ea4529ac53f33168b9
  Homepage: http://www.gimp.org/
  Bugs: https://bugs.launchpad.net/ubuntu/+filebug
  Origin: Ubuntu
  Supported: 9m
  Task: ubuntu-usb, edubuntu-desktop-gnome, edubuntu-usb, 
ubuntustudio-publishing, ubuntustudio-photography, ubuntustudio-graphics

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1486061/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1479207] Re: Never-MarkAuto-Sections not working correctly

[David Kalnischkies]

Without verifying if these Ubuntu versions actually have my bad patch
(deprecate the Section member from package struct - fixing the problem
of a package changing sections basically being randomly in one of these
sections) I would presume this is debbug #793360 aka: Never-Mark-Auto
doesn't apply on the dependencies of packages with the given sections,
but on the packages with the given section itself. Much more details
there.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1479207

Title:
  Never-MarkAuto-Sections not working correctly

Status in apt package in Ubuntu:
  New
Status in apt source package in Trusty:
  New
Status in apt source package in Vivid:
  New

Bug description:
  In current trusty, vivid, and wily, when you install ubuntu-minimal
  (from the metapackages section) in a clean chroot, some 75ish
  packages are installed.  If you then apt-get --purge autoremove
  ubuntu-minimal, some large portion (between 20 and 40, depending on
  the target release) of those dependencies are removed again.

  If this test is repeated putting the release pocket version of
  apt/libapt on hold, the purge/autoremove only removes the metapackage,
  but none of its dependencies, so this is likely a regression brought
  on from the previous autoremoval fix.

  This bug is release-critical for the 14.04.3 point release, as we
  install using metapackages instead of tasks in point releases, thus
  meaning that anyone removing ubuntu-desktop for any reason will end up
  with dozens (potentially hundreds) of packages on the autoremoval
  list.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1479207/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1477299] Re: please fix building apt using gcc-snapshot

[David Kalnischkies]

or the fix which is in the experimental branch for this issue for 2+ months 
now… ;)
353c135e45d3b76dbecc1ba1b2bd9266601181ee

I don't think the virtual package handling CacheSetHelperAPTGet provides
is really needed (nor even wanted) for download or changelog, so we can
just use the default helper – as before without a crazy non-sense
std::ostream to bool conversion.


The auto_ptr think keeps being a warning for now, right? I am happily using 
c++11 features in (currently unreleased) patches, but I have my doubts if I 
should really force c++11 upon the reverse dependencies just now (as the 
auto_ptr gcc is warning about here is in a public header). Even through 
std=c++11 is the new default, right? Well, we will see after the gcc5 
transition is done.


There are some more issues with apt build with gcc5 and running with the new 
libstdc++6, namely that some code pieces assume std::string to have 
copy-on-write behavior, which it doesn't have in c++11 mode anymore which can 
be observed by the integration tests – not run at buildtime, but by 
autopkgtest. Patches for that are in the experimental branch, too, for a while 
as they break the abi, but the step to gcc5 does break abi anyhow so who cares. 
;)

mvo said he isn't around for a while, so I will try to polish up the
sid-gcc5 branch he created and follow up at debbug#790979 then I am done
hopefully later this weekend.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1477299

Title:
  please fix building apt using gcc-snapshot

Status in apt package in Ubuntu:
  Confirmed

Bug description:
  please fix building apt using gcc-snapshot. I'd like to check the
  possible wrong-code issue with the GCC trunk version. The build fails
  with:

  In file included from ../build/include/apt-pkg/algorithms.h:35:0,
   from 
/scratch/doko/tmp/apt-1.0.9.10ubuntu4/cmdline/apt-get.cc:31:
  ../build/include/apt-pkg/depcache.h: In member function 'bool 
pkgDepCache::MarkAndSweep()':
  ../build/include/apt-pkg/depcache.h:406:11: warning: 'templateclass class 
std::auto_ptr' is deprecated [-Wd
  eprecated-declarations]
std::auto_ptrInRootSetFunc f(GetRootSetFunc());
 ^
  In file included from /usr/lib/gcc-snapshot/include/c++/6.0.0/memory:81:0,
   from ../build/include/apt-pkg/depcache.h:48,
   from ../build/include/apt-pkg/algorithms.h:35,
   from 
/scratch/doko/tmp/apt-1.0.9.10ubuntu4/cmdline/apt-get.cc:31:
  /usr/lib/gcc-snapshot/include/c++/6.0.0/bits/unique_ptr.h:49:28: note: 
declared here
 templatetypename class auto_ptr;
  ^
  /scratch/doko/tmp/apt-1.0.9.10ubuntu4/cmdline/apt-get.cc: In function 'bool 
DoDownload(CommandLine)':
  /scratch/doko/tmp/apt-1.0.9.10ubuntu4/cmdline/apt-get.cc:633:36: error: no 
matching function for call to 
'APT::CacheSetHelper::CacheSetHelper(std::ostream)'
  APT::CacheSetHelper helper(c0out);
  ^
  In file included from 
/scratch/doko/tmp/apt-1.0.9.10ubuntu4/cmdline/apt-get.cc:34:0:
  ../build/include/apt-pkg/cacheset.h:49:2: note: candidate: 
APT::CacheSetHelper::CacheSetHelper(bool, GlobalError::MsgType)
CacheSetHelper(bool const ShowError = true,
^
  ../build/include/apt-pkg/cacheset.h:49:2: note:   no known conversion for 
argument 1 from 'std::ostream {aka std::basic_ostreamchar}' to 'bool'
  ../build/include/apt-pkg/cacheset.h:39:7: note: candidate: constexpr 
APT::CacheSetHelper::CacheSetHelper(const APT::CacheSetHelper)
   class CacheSetHelper {   /*{{{*/
 ^

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1477299/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1464950] Re: output flushing error causing ugly output for autoremove

[David Kalnischkies]

Yeah, relatively recent in its very visible form, but a relatively old problem 
in its cause.
Fixed in upstream git for a while, but thanks to diverting branches 
(abi-breakfree unstable and abi-breaking experimental) it hasn't reached a 
(non-experimental) release yet:
http://anonscm.debian.org/cgit/apt/apt.git/commit/?id=2a884c612b10b27f4be2cc6dd689bfe448d9361a

It is written as an abi break, but could be rewritten to not require one
with some care (at least binary compatible, technically source
compatibility breaks and theoretically its still a behavior change). I
just decided against it at the time it was clear we would have to keep
the diversion a little longer than originally planed and backported just
the absolutely needed stuff. We could do it now, but I guess the time
is better spent in stopping to semi-maintain two branches. Hence setting
fix commited in anticipation of fix released soon [all while
realizing that I might very well be the biggest blocker in this process
with my perfectionism]

** Changed in: apt (Ubuntu)
   Status: New = Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1464950

Title:
  output flushing error causing ugly output for autoremove

Status in apt package in Ubuntu:
  Fix Committed

Bug description:
  When I do a dist-upgrade, I get the following output:

  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  Calculating upgrade... The following packages were automatically installed 
and are no longer required:
libboost-thread1.55.0 librados2 librbd1 linux-headers-3.19.0-18 
linux-headers-3.19.0-18-generic
linux-image-3.19.0-18-generic linux-image-extra-3.19.0-18-generic
linux-signed-image-3.19.0-18-generic
  Use 'apt-get autoremove' to remove them.
  Done
  The following packages will be upgraded:
  [...]

  I assume it should look like this:

  Reading package lists... Done
  Building dependency tree   
  Reading state information... Done
  Calculating upgrade... Done
  The following packages were automatically installed and are no longer 
required:
libboost-thread1.55.0 librados2 librbd1 linux-headers-3.19.0-18 
linux-headers-3.19.0-18-generic
linux-image-3.19.0-18-generic linux-image-extra-3.19.0-18-generic
linux-signed-image-3.19.0-18-generic
  Use 'apt-get autoremove' to remove them.
  The following packages will be upgraded:
  [...]

  This is a fairly recent regression, I think, though I haven't tested
  vivid to see if I'm right, I don't recall it overflowing that line
  before.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1464950/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1456479] Re: PPA info with trailing quote in /etc/apt/sources.list

[David Kalnischkies]

Thanks for the report! Unfortunately reporting it against apt is
incorrect as apt itself contains no program which automatically adds
PPAs or similar such. It just takes the sources.list content and
interprets it. So it was either you adding this PPA by hand in which
case its a user error (copypaste maybe?) OR it was a tool (potentially
in the apt-* namespace, but not maintained by the apt team) which has
this bug.

Its a bit unlikely perhaps, but as far as apt is concerned main could
be a valid component (also, because it is hardly defined which
characters could be) and the error messages it prints tell you that it
tried to get data for the main component as it was configured to do,
but wasn't able to.

** Changed in: apt (Ubuntu)
   Status: New = Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1456479

Title:
  PPA info with trailing quote in /etc/apt/sources.list

Status in apt package in Ubuntu:
  Invalid

Bug description:
  I tried to install and test a PPA, which has been working in several
  previous versions. But now there was an error, and I think I have
  tracked it down to a trailing double quote () after the corresponding
  entry in /etc/apt/sources.list.

  Anyway after removing the trailing quote, it worked, so

  from

  tail /etc/apt/sources.list
  deb-src http://security.ubuntu.com/ubuntu wily-security multiverse

  ## Uncomment the following two lines to add software from Canonical's
  ## 'partner' repository.
  ## This software is not part of Ubuntu, but is offered by Canonical and the
  ## respective vendors as a service to Ubuntu users.
  # deb http://archive.canonical.com/ubuntu wily partner
  # deb-src http://archive.canonical.com/ubuntu wily partner
  deb http://ppa.launchpad.net/mkusb/unstable/ubuntu wily main
  deb-src http://ppa.launchpad.net/mkusb/unstable/ubuntu wily main

  to

  tail /etc/apt/sources.list
  deb-src http://security.ubuntu.com/ubuntu wily-security multiverse

  ## Uncomment the following two lines to add software from Canonical's
  ## 'partner' repository.
  ## This software is not part of Ubuntu, but is offered by Canonical and the
  ## respective vendors as a service to Ubuntu users.
  # deb http://archive.canonical.com/ubuntu wily partner
  # deb-src http://archive.canonical.com/ubuntu wily partner
  deb http://ppa.launchpad.net/mkusb/unstable/ubuntu wily main
  deb-src http://ppa.launchpad.net/mkusb/unstable/ubuntu wily main

  ProblemType: Bug
  DistroRelease: Ubuntu 15.10
  Package: apt 1.0.9.9ubuntu1
  ProcVersionSignature: Ubuntu 3.19.0-16.16-generic 3.19.3
  Uname: Linux 3.19.0-16-generic i686
  ApportVersion: 2.17.2-0ubuntu1
  Architecture: i386
  Date: Tue May 19 09:17:51 2015
  InstallationDate: Installed on 2015-05-19 (0 days ago)
  InstallationMedia: Lubuntu 15.10 Wily Werewolf - Alpha i386 (20150512)
  ProcEnviron:
   LANGUAGE=sv
   TERM=xterm
   PATH=(custom, no user)
   LANG=sv_SE.UTF-8
   SHELL=/bin/bash
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1456479/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1456275] Re: Feature request for APT

[David Kalnischkies]

While this sounds like a good idea at first and many users actually do
it this way (= unchecked import of keys), apt can't do it for security
reasons and adding it (anyway) as an option would just mean we encourage
this behavior further.

The signing keys of a repository ensure that the data apt downloads is
actually what is provided by the repository and not tampered with by an
attacker. That means through that the key needs to be acquired in a way
which is secure from tampering. Importing a key from a keyserver is NOT
SECURE. Not even if you use a TLS enabled protocol (which gpg doesn't by
default). You can make it secure if you can verify that the key you
got from the keyserver is what you expected to get. Signatures are a
good thing for this, but now you need to know that the signatures are
good… aka: You need a trust path from the key to you. APT can't create
nor validate such a trustpath. As much as we all love automation, adding
a key to apts trusted keyring is a very serious action which needs
careful attention and in the end manual work to establish a trust path.
If you don't do it, your system is not secure anymore as an attacker who
can trick you into trusting the wrong key can subsequently trick apt
into installing whatever he wants including keyloggers, bots and trojans
as root, with full disk, (local) network and internet access (aka: The
holy grail). This isn't too common yet in the internet at large as the
linux marketshare is low, but e.g. daily practice in the Tor network and
various leaked documents hint in which direction we are heading as
everything a governments can do, can also be done by (non-government)
criminals sooner or later.

** Changed in: apt (Ubuntu)
   Status: New = Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1456275

Title:
  Feature request for APT

Status in apt package in Ubuntu:
  Invalid

Bug description:
  I would like to ask for the feature that APT automatically imports the
  needed keys for all repositories from the sources.list while executing
  the apt-get update command. This would make the repositories
  management much easier (mostly for not very advanced users)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1456275/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1448917] Re: apt-get -o quiet=1 dist-upgrade isn't quiet anymore

[David Kalnischkies]

Sorry if my previous comment came across as rude, it wasn't intended as
such. It was just meant as a quick reply (I was in a hurry) to clear up
what is the topic of this bug as incomplete reports aren't actionable.

(An incomplete bug isn't necessarily the fault of the bugreporter as
someone can hardly think of everything and/or an important fact to know
for upstream isn't obvious to someone who isn't deeply involved with the
package in question. So, no critic meant either.)

So, with my apt upstream hat, I am reassigning to dpkg even through I
know that this is caused by a change in apt, but the problem is that
dpkg has a non-overrideable check for terminal output or not (and
because as mentioned apt quiet option never influenced dpkg. Otherwise
quiet=2 wouldn't have output at all, but what it does is in fact reduce
the output to mostly just dpkg output).

The apt change in question is that dpkg is properly called in (most) cases in a 
pseudo-terminal, so it's looking always like dpkg is running in a terminal. We 
need this in apt to be able to log the output (term.log) as well as show the 
output of dpkg (and subsequently programs called by it like debconf) correctly. 
See e.g. debbug #765687. The 1.0.9.x versions contain various fixes (and fixes 
of fixes) in this regard.
You can tell apt to not use a pseudo-terminal for dpkg with -o Dpkg::Use-Pty=0 
, but that carries all the disadvantages I mentioned earlier and more and is 
therefore not advised.

** Package changed: apt (Ubuntu) = dpkg (Ubuntu)

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1448917

Title:
  apt-get -o quiet=1 dist-upgrade isn't quiet anymore

Status in dpkg package in Ubuntu:
  New

Bug description:
  Description:  Ubuntu 15.04
  Release:  15.04

  apt:
Installed: 1.0.9.7ubuntu4
Candidate: 1.0.9.7ubuntu4
Version table:
   *** 1.0.9.7ubuntu4 0
  500 http://de.archive.ubuntu.com/ubuntu/ vivid/main amd64 Packages
  100 /var/lib/dpkg/status

  Current:

  Until updating from Utopic to Vivid apt-get with command line
  parameter -o quiet 1 did not output the progress as formatted text.
  Since the update the progress is written to stdout as formatted text.
  This breaks a lot of scripts, e.g. the cron-apt package with mail send
  enabled. The attached text is no longer text only and will be encoded
  as binary, so the mail is unreadable.

  Expected:

  Same behaviour as with version from Utopic, no progress output

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/1448917/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1448917] Re: apt-get -o quiet=1 dist-upgrade isn't quiet anymore

[David Kalnischkies]

About what progress reporting are we talking here? (apt has a gazillion
steps which have independent progress reporting, so progress report is
a tat too unspecific).

If we are talking about the (Reading database in the output you
attached, this isn't even coming from apt – this is coming from dpkg
[and apt never controlled the (non-)quietness of dpkg], so in that case
you want to talk to them instead.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1448917

Title:
  apt-get -o quiet=1 dist-upgrade isn't quiet anymore

Status in apt package in Ubuntu:
  New

Bug description:
  Description:  Ubuntu 15.04
  Release:  15.04

  apt:
Installed: 1.0.9.7ubuntu4
Candidate: 1.0.9.7ubuntu4
Version table:
   *** 1.0.9.7ubuntu4 0
  500 http://de.archive.ubuntu.com/ubuntu/ vivid/main amd64 Packages
  100 /var/lib/dpkg/status

  Current:

  Until updating from Utopic to Vivid apt-get with command line
  parameter -o quiet 1 did not output the progress as formatted text.
  Since the update the progress is written to stdout as formatted text.
  This breaks a lot of scripts, e.g. the cron-apt package with mail send
  enabled. The attached text is no longer text only and will be encoded
  as binary, so the mail is unreadable.

  Expected:

  Same behaviour as with version from Utopic, no progress output

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1448917/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1436626] Re: aptd crashed with SIGSEGV in _IO_vfprintf_internal()

[David Kalnischkies]

The funpart to observe here is that apt is crashing while writing an
apport report for an observed failure… so figure out what error it is
that apt wants to report here is probably bringing you guys a lot closer
to figure out what goes on… (looking at the stacktrace in the bugreport
alone as I don't have the clearance to look at anything else). Maybe the
new crashreport is partly written before it crashes as multiple
fprintf's are involved in its creation… (I don't see an obvious badboy.
Maybe something about the sourcename lookup. I had to do some bad stuff
to preserve ABI in there lately (to fix md5-only source), maybe
something of that is incorrect. [even through I would presume these
calls would fail, rather than fprintf…]).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1436626

Title:
  aptd crashed with SIGSEGV in _IO_vfprintf_internal()

Status in apt package in Ubuntu:
  Confirmed

Bug description:
  Errors Bucket
  -
  https://errors.ubuntu.com/problem/4d8c3bd9e5dfe8ccfe2783d6d12c7c5cb88b8cd9

  sudo apt-get upgrade -y

  ProblemType: CrashDistroRelease: Ubuntu 15.04
  Package: aptdaemon 1.1.1+bzr981-0ubuntu2
  ProcVersionSignature: Ubuntu 3.19.0-9.9-generic 3.19.1
  Uname: Linux 3.19.0-9-generic x86_64
  ApportVersion: 2.16.2-0ubuntu4
  Architecture: amd64
  Date: Thu Mar 26 02:04:25 2015
  ExecutablePath: /usr/sbin/aptd
  InstallationDate: Installed on 2015-02-27 (26 days ago)
  InstallationMedia: Ubuntu 14.04.1 LTS Trusty Tahr - Release amd64 
(20140722.2)
  InterpreterPath: /usr/bin/python3.4
  PackageArchitecture: all
  ProcCmdline: /usr/bin/python3 /usr/sbin/aptd
  ProcEnviron: LANG=C.UTF-8
  SegvAnalysis:
   Segfault happened at: 0x7fba78fec4b2 _IO_vfprintf_internal+18578:  repnz 
scas %es:(%rdi),%al
   PC (0x7fba78fec4b2) ok
   source %es:(%rdi) (0x0006) not located in a known VMA region (needed 
readable region)!
   destination %al ok
  SegvReason: reading NULL VMA
  Signal: 11SourcePackage: aptdaemon
  StacktraceTop:
   _IO_vfprintf_internal (s=s@entry=0x217fbd0, format=optimized out, 
ap=ap@entry=0x7ffc20027548) at vfprintf.c:1642
   ___fprintf_chk (fp=0x217fbd0, flag=1, format=optimized out) at 
fprintf_chk.c:35
   pkgDPkgPM::WriteApportReport(char const*, char const*) () from 
/usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.12
   pkgDPkgPM::ProcessDpkgStatusLine(char*) () from 
/usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.12
   pkgDPkgPM::DoDpkgStatusFd(int) () from 
/usr/lib/x86_64-linux-gnu/libapt-pkg.so.4.12
  Title: aptd crashed with SIGSEGV in _IO_vfprintf_internal()
  UpgradeStatus: Upgraded to vivid on 2015-03-07 (18 days ago)
  UserGroups:

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1436626/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1429285] Re: feature request: apt-get update --if-necessary

[David Kalnischkies]

ähm, did you realize that Expires is the exact time of your request
(compare Date) in your example? (See also the HTTP1.1 spec which will
tell you that 'Expires' doesn't really mean what you think it does, so
that the value it has is actually 'okay').

APT is using If-Modified-Since in its requests so (if a server supports
it… not all do, but at least most) a server can respond with just a 304
Not Modified, so at least there isn't much traffic wasted even if you
happen to request updates every few minutes (less effective for load
itself of course, apt is trying to be nice here as well by e.g. being a
proper keep-alive HTTP1.1 client, pipelining and not opening multiple
connections to the same server). A hypothetical average website loaded
by a average browser seems to be much worse from a load and traffic
point of view…

Regarding the snippets:
The puppet one just runs update if the sources.list changed. That isn't your 
usecase as I haven't changed my sources.list for months…
The ansible one, well, its a hack. A hack which in the worst case opts you out 
of security updates for 12 hours. That can be a long time, so I really don't 
want to define an arbitrary value for not necessary which is (a lot) larger 
than zero. And I am not very keen on suggesting by providing an option for it 
that there is a good value for it which I just don't want to figure out myself.

The problem is basically that you don't know at which point an update
makes sense. Your last update can be 10 seconds ago, but even if that is
close, it could still be outdated data as the repository was updated in
the meantime. What we would need is a 'soft' valid-until which specifies
the time after which the next update is/was deployed. Just that this is
pretty hard to predict (its easy to specify when the the update will
start on the master [expect for times you want to do an emergency
rollout], not so much the point it is finished and don't even try to
speculate about when this will reach your mirror…).

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1429285

Title:
  feature request: apt-get update --if-necessary

Status in apt package in Ubuntu:
  New

Bug description:
  In many cases (juju, lxc containers .. ) we find ourselves in the
  position of not knowing if the apt-cache has been udpated recently.
  So, you either risk not doing it, or do it and it takes some time and
  generates load.

  so long story short, you always run 'apt-get update' which is quite often
  unnecessary.

  Would it be possible to add (or is there now) something like
  '--if-necessary' or '--if-necessary=5m'.  I could imagine that that would
  look at /var/lib/apt/lists and check timestamps on files for each url that
  /etc/apt/sources.list[.d/*] would hit.  If nothing was needed and
  reasonably recent, then it would not do the update.

  There exist other solutions to this like:

https://coderwall.com/p/0xtstw/doing-an-apt-get-update-in-ansible-only-if-a-condition-is-met

https://blog.kumina.nl/2010/11/puppet-tipstricks-running-apt-get-update-only-when-needed/

  
  It'd be nice if we had a sane way to say:
update if you need to, otherwise don't waste time and resources

  ProblemType: Bug
  DistroRelease: Ubuntu 15.04
  Package: apt 1.0.9.3ubuntu1
  ProcVersionSignature: Ubuntu 3.19.0-7.7-generic 3.19.0
  Uname: Linux 3.19.0-7-generic x86_64
  ApportVersion: 2.16.2-0ubuntu1
  Architecture: amd64
  CurrentDesktop: Unity
  Date: Fri Mar  6 17:06:22 2015
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2015-01-02 (63 days ago)
  InstallationMedia: Ubuntu 15.04 Vivid Vervet - Alpha amd64 (20150101)
  SourcePackage: apt
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1429285/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1425662] Re: apt-get download fails if /var/cache/apt/archives/partial is not accessible

[David Kalnischkies]

apt 1.1~exp4 fixes this issue (see also debbug #762898) in git commit
43acd01979039b248cb7f033b82e36d778d0ebec, so try that version then it
appears in Ubuntu. Using of the root cache (if available) is at least
supposed to happen in that version as well (but also in the version you
have… I will give it a spin later… can't be hard,right? ;) )

** Changed in: apt (Ubuntu)
   Status: New = Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1425662

Title:
  apt-get download fails if /var/cache/apt/archives/partial is not
  accessible

Status in apt package in Ubuntu:
  Fix Committed

Bug description:
  I'm using Ubuntu 15.04 dev with apt 1.0.9.3ubuntu1 and if
  /var/cache/apt/archives/partial is not accessible apt-get download
  doesn't download the requested package. Here are 2 examples (missing
  directory and insufficient permissions because the user permissions
  (which are restrictive in this case) got inherited with sudo):

  sworddragon@ubuntu:~$ sudo rm -fr /var/cache/apt
  sworddragon@ubuntu:~$ apt-get download nvidia-settings
  E: Archives directory /var/cache/apt/archives/partial is missing. - Acquire 
(2: No such file or directory)
  sworddragon@ubuntu:~$ sudo apt-get download nvidia-settings
  Get:1 http://archive.ubuntu.com/ubuntu/ vivid/main nvidia-settings amd64 
346.35-0ubuntu1 [936 kB]
  Fetched 936 kB in 2s (392 kB/s)  
  sworddragon@ubuntu:~$ apt-get download nvidia-settings
  E: Archives directory /var/cache/apt/archives/partial is missing. - Acquire 
(13: Permission denied)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1425662/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1399037] Re: apt-get can not simulate

[David Kalnischkies]

That's a fun one… You see, back in 2013 I remodeled the commandline
parsing. The point was that an option (like -s) is only accepted if the
command (e.g. dselect-upgrade) supports this option. Previously e.g.
apt-get would accept any option even if it only has an effect for
certain commands. Very dangerous as that made user believe they would
actually have an effect…

Now, what happen back then is that I typoed dselect as deselect,
which made it not accept any option… Well, I was never using it, many
others neither, so that went unnoticed for months, until someone
reported that and (still in 2013) we fixed that. Over the years other
similar things appeared (usually forgotten options or options which
really had no effect) like the one mentioned here with apt-offline.
Anyway, all nice and good right?

Well, expect that while the commit message back then indicates that
Michael replaced ALL instances of 'deselect', he just fixed one
instance. Another one was still in there, guarding some options:
(drumroll) -s and friends. Quite telling how unused dselect is nowadays
that this could hide itself for another (nearly) two years…

Will be fixed soon (= fixed in my branch, but that is unlikely to hit
any release soon). Until then you can use -o APT::Get::Simulate=1
instead of -s (or the others like --dry-run). Or, well, don't simulate.
;)

Oh, and feel free to give me a compelling example of how to use it for
good. Its totally underrepresented in our testcases, so if you want to
prevent breakage of your usecase in the future…

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1399037

Title:
  apt-get can not simulate

Status in apt package in Ubuntu:
  Confirmed

Bug description:
  Hi,

  I just noticed that apt can not simulate in Ubuntu 14.04.1.

  
  Updated:

  sudo apt-get -s dselect-upgrade
  E: Command line option 's' [from -s] is not known.

  sudo apt-get --dry-run dselect-upgrade
  E: Command line option --dry-run is not understood

  sudo apt-get --recon dselect-upgrade
  E: Command line option --recon is not understood

  sudo apt-get --no-act dselect-upgrade
  E: Command line option --no-act is not understood

  sudo apt-get --simulate dselect-upgrade
  E: Command line option --simulate is not understood

  sudo apt-get --just-print dselect-upgrade
  E: Command line option --just-print is not understood

  The issue occures with at least the following versions of apt: 
1.0.1ubuntu2.4.1, 1.0.1ubuntu2.5, 1.0.1ubuntu2.6
  and 1.3.1 version of apt-offline.

  It works fine on Ubuntu 12.04 with:  apt 0.8.16~exp12ubuntu10.22 and
  without apt-offline.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1399037/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 1369259] Re: /var/lib/apt/extended_states registers packages with the architecture all as the system architecture

[David Kalnischkies]

Not a bug. Being architecture all or architecture any is a property of
the version as a package can change from any to all (and back) between
versions. The stanzas in the extended file refer to all versions
instead, which means that arch:all is the same as arch:native, so this
is correct.

Also, where is the bug? The extended file is an internal state file, so
as long as we parse it correctly, everything is fine. If you need the
info included in that file, ask e.g. apt-mark for it. Nobody knows if
the next version of apt would be renaming the file, be binary or use a
mysql database to store that info instead (okay, the later is unlikely…
as in: Over my dead body!)

** Changed in: apt (Ubuntu)
   Status: New = Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1369259

Title:
  /var/lib/apt/extended_states registers packages with the architecture
  all as the system architecture

Status in “apt” package in Ubuntu:
  Invalid

Bug description:
  I'm using Ubuntu 14.10 dev with apt 1.0.8ubuntu1 and I have noticed
  that all packages that have the architecture all will be registered
  with the system architecture in /var/lib/apt/extended_states. Here is
  an example of this file:

  Package: java-common
  Architecture: amd64
  Auto-Installed: 1

  
  apt-cache show java-common shows:

  Package: java-common
  Priority: optional
  Section: misc
  Installed-Size: 292
  Maintainer: Ubuntu Developers ubuntu-devel-disc...@lists.ubuntu.com
  Original-Maintainer: Debian Java Mailing List debian-j...@lists.debian.org
  Architecture: all
  Version: 0.52
  Suggests: default-jre, equivs
  Filename: pool/main/j/java-common/java-common_0.52_all.deb
  Size: 130676
  MD5sum: 71ed19353475adb7350966a535a78dd7
  SHA1: b8f21a8e9e00c52f1a4b414a411074e8afbd583d
  SHA256: 2aed458d49667e63a8ef20dd840ba294771cb3393ccee8a05a1eeae393d2f0ae
  Description-de: Grundlage aller Java-Pakete
   Wenn eine Java-Umgebung gewünscht wird, muss dieses Paket auf dem Rechner 
installiert werden. Es umfasst nützliche Informationen für Java-Anwender unter 
Debian GNU/Linux, inklusive:
* Das Java-Richtlinien-Dokument (Policy), das beschreibt, wie die
  Java-Unterstützung in Debian aufgebaut ist wie sich Java-Pakete verhalten
  sollten.
* Das Dokument mit den häufigsten Fragen und Antworten (Debian Java-FAQ),
  das Informationen zum Entwicklungsstand der Java-Unterstützung in Debian,
  zu verfügbaren Compilern, virtuellen Maschinen, Java-Anwendungen und
  -Bibliotheken sowie zu rechtlichen Fragen liefert.
* Informationen darüber, wie man Meta-Pakete erstellt, um die Anforderungen
  von »java2« zu erfüllen.
  Description-md5: 96d3cc2a3d292493a37a344e5f38de0a
  Multi-Arch: foreign
  Homepage: https://wiki.debian.org/Java/
  Bugs: https://bugs.launchpad.net/ubuntu/+filebug
  Origin: Ubuntu
  Supported: 9m
  Task: ubuntu-usb, tomcat-server, kubuntu-desktop, kubuntu-full, 
kubuntu-active-desktop, kubuntu-active-full, edubuntu-usb

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1369259/+subscriptions

-- 
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help   : https://help.launchpad.net/ListHelp

[Touch-packages] [Bug 940825] Re: apt-get update reporting not acceptable

[David Kalnischkies]

Well, expect that 406 and Range have nothing to do with each other. 416
is an out-of-range request, while 406 tells us that we requested a file
in a specific encoding which the server did not have.

The 416 Range thing should be handled for a while now, we at least have a 
testcase covering it so I would be interested in how to reproduce it still in 
apt versions = 0.9.12 (disclaimer: I wrote both, the patch and the test).
[well, expect that as mentioned in #20 we would try to range a bz2 with an 
incomplete xz, but that could change with other reorganisations soon and more 
importantly, is pretty unlikely to have practical effect as compression formats 
do not appear and disappear at random from mirrors…]. A proper server shouldn't 
sent us a 416 here anyway, as we sent an If-Range btw as detailed in the HTTP 
RFC, but if we get it anyhow, we drop the partial file we have and do the 
request again without a range.

Regarding 406: We send an Accept header only if we request an
uncompressed file (to prevent servers from content negotiating us a
compressed file we do not support…), which is the last one we would try
and usually doesn't exist (expect on your own localnet mirrors), so a
failure is expected and the problem is more that your mirror doesn't
have the compressed files we asked for before…

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/940825

Title:
  apt-get update reporting not acceptable

Status in “apt” package in Ubuntu:
  Confirmed

Bug description:
  # apt-get update
  Ign http://de.archive.ubuntu.com precise InRelease
  Ign http://archive.canonical.com precise InRelease
 
  Ign http://de.archive.ubuntu.com precise-updates InRelease
 
  Ign http://ppa.launchpad.net oneiric InRelease
 
  Ign http://ppa.launchpad.net oneiric InRelease
 
  Ign http://ppa.launchpad.net oneiric InRelease
 
  Ign http://us.archive.ubuntu.com precise InRelease
 
  Ign http://us.archive.ubuntu.com precise-updates InRelease
 
  Ign http://us.archive.ubuntu.com precise-backports InRelease  
  
  Ign http://de.archive.ubuntu.com precise-backports InRelease  
  
  Hit http://archive.canonical.com precise Release.gpg  
  
  Ign http://ppa.launchpad.net precise InRelease
  
  Hit http://ppa.launchpad.net oneiric Release.gpg  
  
  Ign http://de.archive.ubuntu.com precise-security InRelease   
 
  Ign http://us.archive.ubuntu.com precise-security InRelease   
 
  Hit http://us.archive.ubuntu.com precise Release.gpg  
 
  Hit http://de.archive.ubuntu.com precise Release.gpg  
 
  Hit http://archive.canonical.com precise Release  
 
  Hit http://ppa.launchpad.net oneiric Release.gpg  
 
  Get:1 http://ppa.launchpad.net oneiric Release.gpg [316 B]
 
  Hit http://us.archive.ubuntu.com precise-updates Release.gpg  
 
  Hit http://us.archive.ubuntu.com precise-backports Release.gpg

  Hit http://de.archive.ubuntu.com precise-updates Release.gpg  

  Hit http://packages.medibuntu.org oneiric InRelease   

  Hit http://ppa.launchpad.net precise Release.gpg  
  
  Hit http://us.archive.ubuntu.com precise-security Release.gpg 
  
  Hit http://de.archive.ubuntu.com precise-backports Release.gpg
  
  Hit http://archive.canonical.com precise/partner amd64 Packages   
  
  Hit