SHA256 checksum for ovf in xenial-server-cloudimg-amd64.ova has incorrect path

Bug #1627931 reported by Jesse Schalken on 2016-09-27
20
This bug affects 3 people
Affects Status Importance Assigned to Milestone
cloud-images
High
Chris Glass
livecd-rootfs (Ubuntu)
High
Unassigned
Trusty
High
Unassigned
Xenial
High
Unassigned
Yakkety
High
Unassigned

Bug Description

[Impact]

 * Users will be unable to import OVA disk images with tools that check the manifest to verify file checksums

[Test Case]

$ apt-get install virtualbox

$ wget http://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64.ova

## Requires version newer than 5.0.32_Ubuntur112930 in zesty)
$ vboxmanage -version
5.1.18_Ubuntur114002

$ vboxmanage import xenial-server-cloudimg-amd64.ova
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...
Progress state: VBOX_E_FILE_ERROR
VBoxManage: error: Appliance import failed
VBoxManage: error: Digest mismatch (VERR_NOT_EQUAL): 'ubuntu-xenial-16.04-cloudimg.ovf.ovf' not found in the 2nd manifest
VBoxManage: error: Details: code VBOX_E_FILE_ERROR (0x80bb0004), component ApplianceWrap, interface IAppliance
VBoxManage: error: Context: "RTEXITCODE handleImportAppliance(HandlerArg*)" at line 886 of file VBoxManageAppliance.cpp

## Expecting import success
"Successfully imported the appliance."

[Regression Potential]

 * Very low: If a tool is checking the manifest and has been modified to strip a duplicate ".ovf" from the name to allow the current image to work but also removed handing for valid files it would fail (but we know this is not true as there exists in the manifest a file that is already specified with the correct filename).

[Original Description]

Opening the current "xenial-server-cloudimg-amd64.ova" file from cloud-images.ubuntu.com in VirtualBox produces this error:

    Failed to import appliance C:/Users/Jesse/Downloads/xenial-server-cloudimg-amd64.ova.

    Digest mismatch (VERR_NOT_EQUAL): 'ubuntu-xenial-16.04-cloudimg.ovf.ovf' not found in the 2nd manifest.

    Result Code: VBOX_E_FILE_ERROR (0x80BB0004)
    Component: ApplianceWrap
    Interface: IAppliance {8398f026-4add-4474-5bc3-2f9f2140b23e}

The ubuntu-xenial-16.04-cloudimg.mf inside the .ova has this contents:

    SHA256(ubuntu-xenial-16.04-cloudimg.vmdk)= 1a9d4ebadf89aa3a12a20f9933b5f88e3b0edcb00fa286c653356bc2ff9d4a29
    SHA256(ubuntu-xenial-16.04-cloudimg.ovf.ovf)= eaca73e5217e0d12f1b5bfbbec039f445c89b807d0c5aba11f842639abb40d35

After changing ".ovf.ovf" to ".ovf" and saving the file inside the .ova, importing the .ova works.

Related branches

Liangchen Zheng (lchzheng) wrote :

Hi,
I hit the same issue. Can you share me the steps you used to modify the .ova?

Thanks.

Jeremy Bicha (jbicha) on 2016-12-30
Changed in cloud-images:
status: New → Confirmed
Chris Glass (tribaal) on 2017-01-13
Changed in cloud-images:
assignee: nobody → Chris Glass (tribaal)
Chris Glass (tribaal) on 2017-01-13
Changed in cloud-images:
status: Confirmed → In Progress
importance: Undecided → High
Chris Glass (tribaal) wrote :

The attached branches should fix the problem once they land (and once new images are uploaded).

Chris Glass (tribaal) wrote :

Turns out my branches were targeting read-only branches, so only the remaining MP is actually the right thing to do.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package livecd-rootfs - 2.439

---------------
livecd-rootfs (2.439) zesty; urgency=medium

  * Fix the manifest generation in OVA files so that ovf files don't have
    double extensions. Thanks to Chris Glass. (LP: #1627931)

 -- Brian Murray <email address hidden> Fri, 03 Feb 2017 13:32:59 -0800

Changed in livecd-rootfs (Ubuntu):
status: New → Fix Released
Gabe Friedmann (gfriedmann) wrote :

I'm new to the ubuntu project. This has been sitting for a bit. Maybe you can help me find the code that is responsible for this so I can help prepare the fix for the mainline cloud images (e.g. https://cloud-images.ubuntu.com/releases/16.04/)

On 03/17/2017 12:40 PM, Gabe Friedmann wrote:
> I'm new to the ubuntu project. This has been sitting for a bit. Maybe
> you can help me find the code that is responsible for this so I can help
> prepare the fix for the mainline cloud images (e.g. https://cloud-
> images.ubuntu.com/releases/16.04/)

I have opened MP #320249 and MP #320250 to bring this and a fix for bug
#1656293
back to yakkety and xenial. After testing is complete I will
mark the MPs as 'ready for review'. Once merged they changes will
appear in the images within a few days.

Robert C Jennings (rcj) on 2017-03-21
description: updated
description: updated

Hello Jesse, or anyone else affected,

Accepted livecd-rootfs into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/livecd-rootfs/2.435.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in livecd-rootfs (Ubuntu Yakkety):
status: New → Fix Committed
tags: added: verification-needed
Brian Murray (brian-murray) wrote :

Hello Jesse, or anyone else affected,

Accepted livecd-rootfs into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/livecd-rootfs/2.408.9 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in livecd-rootfs (Ubuntu Xenial):
status: New → Fix Committed
Changed in livecd-rootfs (Ubuntu):
importance: Undecided → High
Changed in livecd-rootfs (Ubuntu Xenial):
importance: Undecided → High
Changed in livecd-rootfs (Ubuntu Yakkety):
importance: Undecided → High
Robert C Jennings (rcj) wrote :

Marking verification complete after checking that image import works now that the manifest has the correct filename.

tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package livecd-rootfs - 2.408.9

---------------
livecd-rootfs (2.408.9) xenial; urgency=medium

  [ Daniel Watkins ]
  * Don't overwrite the default sources.list in cloud images.
  * Replace sources.list generated using COMPONENTS with the sources.list from
    an Ubuntu Server installation (i.e. with all components enabled, and all
    deb-src lines commented). LP: #1513529.

  [ Chris Glass ]
  * Fix the manifest generation in OVA files so that ovf files don't have
    double extensions. (LP: #1627931)
  * Fix the OVF's metadata to include Ubuntu specific identifiers and
    descriptions instead of the generic Linux ones. (LP: #1656293)

  [ Daniel Watkins ]
  * Add replace_grub_root_with_label function thereby consolidating multiple
    uses of the same calls to sed.

  [ Robert C Jennings ]
  * ubuntu-cpc: Remove redundant copy of grub files. (LP: #1637290)

 -- Robert C Jennings <email address hidden> Thu, 23 Mar 2017 14:40:59 -0400

Changed in livecd-rootfs (Ubuntu Xenial):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for livecd-rootfs has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package livecd-rootfs - 2.435.2

---------------
livecd-rootfs (2.435.2) yakkety; urgency=medium

  [ Chris Glass ]
  * Fix the manifest generation in OVA files so that ovf files don't have
    double extensions. (LP: #1627931)
  * Fix the OVF's metadata to include Ubuntu specific identifiers and
    descriptions instead of the generic Linux ones. (LP: #1656293)
  [ Daniel Watkins ]
  * Add replace_grub_root_with_label function thereby consolidating multiple
    uses of the same calls to sed.

 -- Robert C Jennings <email address hidden> Fri, 17 Mar 2017 13:46:47 -0500

Changed in livecd-rootfs (Ubuntu Yakkety):
status: Fix Committed → Fix Released
tags: added: id-587c9d1faefa1389c5543492
tags: added: id-5878b7f940cb3d1226960cd7
Chris Glass (tribaal) on 2018-01-08
Changed in cloud-images:
status: In Progress → Fix Released
Mathew Hodson (mathew-hodson) wrote :

Fixed in Trusty
---

livecd-rootfs (2.208.14) trusty; urgency=medium

  [ Robert C. Jennings ]
  * Add ubuntu-cpc project (LP: #1693018)

[...]

    [ Chris Glass ]
    * Fix the manifest generation in OVA files so that ovf files don't have
      double extensions.
    * Fix the OVF's metadata to include Ubuntu specific identifiers and
      descriptions instead of the generic Linux ones.

Changed in livecd-rootfs (Ubuntu Trusty):
importance: Undecided → High
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers