I am not sure this was fixed, or maybe I just hardly misunderstand that. Under current Bionic (software-properties-common 0.96.24.32.3) I still can't retrieve keys via env-var defined `http_proxy`.
# echo $http_proxy http://1.2.3.4:3128 # echo $https_proxy http://1.2.3.4:3128 # apt-key adv --recv-keys AB1C1EF6EDB5746803FE13E00F6DD8135234BF2B Executing: /tmp/apt-key-gpghome.tj9ezR01dk/gpg.1.sh --recv-keys AB1C1EF6EDB5746803FE13E00F6DD8135234BF2B gpg: keyserver receive failed: Connection timed out What it does (when stracing it) is ``` ... stat("/tmp/apt-key-gpghome.xI4xFLcUnH/S.dirmngr", {st_mode=S_IFSOCK|0700, st_size=0, ...}) = 0 connect(3, {sa_family=AF_UNIX, sun_path="/tmp/apt-key-gpghome.xI4xFLcUnH/S.dirmngr"}, 43) = 0 read(3, "# ", 1002) = 2 read(3, "Home: /tmp/apt-key-gpghome.xI4xF"..., 1000) = 37 read(3, "\n", 963) = 1 read(3, "# ", 1002) = 2 read(3, "Config: [none]", 1000) = 14 read(3, "\n", 986) = 1 read(3, "OK ", 1002) = 3 read(3, "Dirmngr 2.2.4 at your service", 999) = 29 read(3, "\n", 970) = 1 write(3, "GETINFO version", 15) = 15 write(3, "\n", 1) = 1 read(3, "D 2.2.4\n", 1002) = 8 read(3, "OK", 1002) = 2 read(3, "\n", 1000) = 1 write(3, "KEYSERVER --clear http://keyserv";..., 49) = 49 write(3, "\n", 1) = 1 read(3, "OK", 1002) = 2 read(3, "\n", 1000) = 1 write(3, "KS_GET -- 0xAB1C1EF6EDB5746803FE"..., 52) = 52 write(3, "\n", 1) = 1 read(3, "ERR 167805060 Connection timed o"..., 1002) = 44 ``` dirmngr manpage makes me think that `http_proxy` env var is ignored by default and I need to explicitly add `honor-http-proxy` option to dirmngr, but the problem is that apt-key creates the homedir with a random name so I can't use any system-wide setting. I know I can work this around with `--keyserver-options http- proxy=http://1.2.3.4:3128/` but this is not what I should do, the system should take care itself. This is really a pain-in-the-ass issue for in-corporate-network automation developers; we just need to use standard tools for adding apt repositories, not working this around. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to software-properties in Ubuntu. https://bugs.launchpad.net/bugs/1433761 Title: apt-key and add-apt-repository don't honor Acquire::http::Proxy Status in software-properties package in Ubuntu: Fix Released Bug description: When setting the proxy server globally on the system for the APT package manager, add-apt-repository ignores the setting. This issue is present on all versions of Debian that I have tested. # cat /etc/apt/apt.conf.d/80proxy Acquire::http::proxy "http://w.x.y.z:nnnn/";; # apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5A9A06AEF9CB8DB0 Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --homedir /tmp/tmp.TIa517Kcw8 --no-auto-check-trustdb --trust-model always --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-squeeze-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-squeeze-stable.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-automatic.gpg --keyring /etc/apt/trusted.gpg.d/debian-archive-wheezy-stable.gpg --keyring /etc/apt/trusted.gpg.d/saltstack-salt.gpg --keyserver keyserver.ubuntu.com --recv-keys 5A9A06AEF9CB8DB0 gpg: requesting key F9CB8DB0 from hkp server keyserver.ubuntu.com gpg: keyserver timed out gpg: keyserver receive failed: keyserver error This has serious repercussions. Unattended installs such as juju, maas, etc are all affected for anyone who is working behind a proxy. This is the case for most enterprise environments where such maas and juju setups will be tested out, and as such has great repercussions for Canonical as a viable supplier of OpenStack environments: if your product fails to install, you're not going to get the business. Considering that: * The setting to use already exists in /etc/apt/apt.conf and that all other tools use this correctly * The serious impact of this issue for downstream projects and Debian usage in the enterprise * The long time this issue has been standing and has affected people I suggest that this either 1) be fixed, or 2) the apt-key and add-apt-repository programs are renamed so that it is made clear they are not part of the APT suite of programs and therefor cannot be trusted to behave as if they were part of APT. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1433761/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
