cloud-init

  1. Bug #1794982
  2. Comment #4

Comment 4 for bug 1794982

Revision history for this message
Julian Andres Klode (juliank) wrote :

I don't have a broken mirror or proxy. We have tests in apt >= 1.2 (or 1.1) that check pipeline fixup. The test case we use there is packages a, b, c, d. Then we map the responses like this:

GET a responds with d
GET b responds with c
GET c responds with b
GET d responds with a

There's also 0, which succeeds.

What APT then does is the following: It transparently detects which response belongs to which request using the hashes it has calculated. The output gets weird though, as we abort the pipeline after the first failure, close the connection, and disable pipelining for it.

So, in trusty, you get:

root@t:~# apt-get download pkg0 pkga pkgb pkgc pkgd
Get:1 http://10.33.102.1:8080/ stable/main pkg0 all 1.0 [20.7 kB]
Get:2 http://10.33.102.1:8080/ stable/main pkga all 1.0 [20.7 kB]
Get:3 http://10.33.102.1:8080/ stable/main pkgb all 1.0 [20.7 kB]
Get:4 http://10.33.102.1:8080/ stable/main pkgc all 1.0 [20.7 kB]
Get:5 http://10.33.102.1:8080/ stable/main pkgd all 1.0 [20.7 kB]
Fetched 103 kB in 0s (2050 kB/s)
E: Failed to fetch http://10.33.102.1:8080/pool/pkga_1.0_all.deb Hash Sum mismatch
E: Failed to fetch http://10.33.102.1:8080/pool/pkgb_1.0_all.deb Hash Sum mismatch
E: Failed to fetch http://10.33.102.1:8080/pool/pkgc_1.0_all.deb Hash Sum mismatch
E: Failed to fetch http://10.33.102.1:8080/pool/pkgd_1.0_all.deb Hash Sum mismatch

But in xenial:
# apt-get download pkg0 pkga pkgb pkgc pkgd
Get:1 http://10.33.102.1:8080 stable/main all pkg0 all 1.0 [20.7 kB]
Get:2 http://10.33.102.1:8080 stable/main all pkga all 1.0 [20.7 kB]
Get:2 http://10.33.102.1:8080 stable/main all pkga all 1.0 [20.7 kB]
Get:2 http://10.33.102.1:8080 stable/main all pkga all 1.0 [20.7 kB]
Get:2 http://10.33.102.1:8080 stable/main all pkga all 1.0 [20.7 kB]
Fetched 103 kB in 0s (0 B/s)
W: Can't drop privileges for downloading as file '/root/pkg0_1.0_all.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)
W: http://10.33.102.1:8080/pool/pkga_1.0_all.deb: Automatically disabled Acquire::http::Pipeline-Depth due to incorrect response from server/proxy. (man 5 apt.conf)

Arguably the output is confusing, it looks like it downloaded pkga 4 times, but it actually downloaded all packages correctly.

If someone has a mirror on EC2 to test with, I'd be happy to do some more testing w/ trusty vs. xenial.

Failing that, I think a good start would be dropping the file in cosmic only and see how it goes.