UBports Infrastructure

OTA Updates are not working

Bug #1687639 reported by Dalton Durst on 2017-05-02

This bug affects 5 people

Affects		Status	Importance	Assigned to	Milestone
	UBports Infrastructure	Fix Released	Critical	Marius Gripsgard 

Bug Description

While an issue between the CI server and our system image server has been fixed (so images are moving to the system-image-server correctly), OTA updates have not resumed on client devices.

Here is the relevant part of /var/log/system-image/client.log . The rest is attached.

[systemimage] May 02 09:09:39 2017 (3238) check_for_update failed
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/systemimage/api.py", line 111, in check_for_update
    self._state.run_until('download_files')
  File "/usr/lib/python3/dist-packages/systemimage/state.py", line 179, in run_until
    step()
  File "/usr/lib/python3/dist-packages/systemimage/state.py", line 298, in _get_channel
    ctx.validate(asc_path, channels_path)
  File "/usr/lib/python3/dist-packages/systemimage/gpg.py", line 221, in validate
    self.keyring_paths, self.blacklist_path)
systemimage.gpg.SignatureError:
    sig path : 86170a4d86146667cb1a43ea90346e18
               /tmp/system-image-l_ecf9st/channels.json.asc
    data path: 541c9497550ed6471a82d429030d8667
               /tmp/system-image-l_ecf9st/channels.json
    keyrings : ['42ca3e8c7ad611cbc2c021de1a96f44d']
               ['/var/lib/system-image/keyrings/image-signing.tar.xz']
    blacklist: no blacklist

Revision history for this message

Dalton Durst (universalsuperbox) wrote on 2017-05-02:

client.log taken from a live device Edit (2.9 KiB, application/octet-stream)

Marius Gripsgard  (mariogrip) on 2017-05-04

Changed in ubports-infra:
assignee:	nobody → Marius Gripsgard  (mariogrip)

Revision history for this message

Marius Gripsgard  (mariogrip) wrote on 2017-05-04:

Steps to fix:

1. Add old image-signing key to the blacklist key
2. Backup old image-signing key
3. Create new image-signing key
4. Create new keyrings
5. Publish new keyrings
6. Update all files to use the new key (using re-sign-indexes.py)

Changed in ubports-infra:
status:	Confirmed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

client.log taken from a live device Edit

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.