Ubuntu
apt package

/etc/cron.daily/apt incorrectly overrides apt.conf proxy settings with GNOME proxy settings, losing proxy exclusion list, and causes updates to fail

Bug #277493 reported by Sree
8
Affects Status Importance Assigned to Milestone
apt (Ubuntu)
Expired
Undecided
Unassigned

Bug Description

/etc/cron.daily/apt will set a http_proxy variable whose contents are copied from GNOME Proxy settings. This does not allow the setting of an exclusion list (Acquire::http::proxy::site "DIRECT";), and therefore causes APT updates to fail when:

1) Network uses a proxy for Internet access
2) Network has a local mirror of Ubuntu that does not use proxy

apt.conf can handle this, but those proxy settings are overridden by this incorrect setting of http_proxy.

Attached is patch (against Hardy) which:

1) checks if apt.conf contains a proxy setting
2) if such a setting exists, no http_proxy variable is set otherwise current behaviour is maintained.

No attempt is made to set no_proxy.

Since apt-key net-update doesn't seem to obey apt.conf's proxy settings, the patch also sets http_proxy for apt-key net-update only based on apt.conf (when present).

The issue does not affect Debian, but does seem to affect Intrepid. Please fix since this is blocking our deployment of a local mirror.

Revision history for this message
Sree (sree314) wrote :
Revision history for this message
Josef Wolf (jw-raven) wrote :

An additional annoyance of this bug is that you get error mails from /etc/cron.daily/apt every day if the admin don't use gnome and the .gconf directory does not exist. If you run lots of servers, it gets very annoying.

Please, can somebody apply the patch that Sree attached?

Revision history for this message
Johan Hattne (hattne) wrote :

Could this line be added just before apt-config is used to get the proxy settings from the apt configuration?

  apt_conf_proxy=$(test -r /etc/environment && . /etc/environment ; echo "${http_proxy}")

This should fall back on proxy settings from the environment, unless overridden by the apt configuration.

Revision history for this message
Torsten Spindler (tspindler) wrote :

This issue seems to have been fixed, on Ubuntu 10.04 I don't see a trace of http_proxy in /etc/cron.daily/apt. Is the original patch for Ubuntu 8.04 still needed?

Changed in apt (Ubuntu):
status: New → Incomplete
Revision history for this message
Sree (sree314) wrote :

Caveat: I no longer use Ubuntu.

Yes, the new apt cron script seems to be mostly from upstream (Debian) without the http_proxy variable reference, so that part seems okay. So atleast 10.04 onwards the issue may have been fixed -- I'll leave it to somebody to test it, I'm sorry I don't have 10.04 machines around.

However, the Ubuntu version has the following diff (against Lenny):

+ # check for a new archive signing key (against the master keyring)
+ if eval apt-key net-update $XSTDERR; then
+ debug_echo "apt-key net-update (success)"
+ else
+ debug_echo "apt-key net-update (failure)"
+ fi

So I'm not sure how this will work unless apt-key has been changed to pick up http_proxy settings from apt.conf (see lp:226780).

Revision history for this message
Torsten Spindler (tspindler) wrote : Re: [Bug 277493] Re: /etc/cron.daily/apt incorrectly overrides apt.conf proxy settings with GNOME proxy settings, losing proxy exclusion list, and causes updates to fail

Thanks for your reply, even though you no longer use Ubuntu! Good
pointer on apt-key, I will investigate further.

Revision history for this message
Launchpad Janitor (janitor) wrote :

[Expired for apt (Ubuntu) because there has been no activity for 60 days.]

Changed in apt (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.