Ubuntu
apt package

Ubuntu 12.04: apt-get can't parse repository url if username contains @ ('at' sign)

Bug #1558484 reported by Marcin Barczyński
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apt (Ubuntu)
Fix Released
Low
Unassigned

Bug Description

Reporting a bug as suggested in https://answers.launchpad.net/ubuntu/+question/288658
I attached Vagrantfile that reproduces the problem in which I try to add the following repositories to apt:

deb https://FOO@BAR:<email address hidden>/xyz precise non-free
deb https://FOO%40BAR:<email address hidden>/xyz precise non-free

---

For both URLs the error message on Ubuntu 12.04 is the same:

Failed to fetch https://domain.com/xyz/dists/precise/non-free/binary-amd64/Packages Couldn't resolve host 'BAR'

$ lsb_release -a
Distributor ID: Ubuntu
Description: Ubuntu 12.04.5 LTS
Release: 12.04
Codename: precise
$ apt-get --version
apt 0.8.16~exp12ubuntu10.26 for amd64 compiled on Aug 5 2015 19:06:57

---

On Ubuntu 14.04 the URL is parsed correctly as in both cases the following error message is printed:

Failed to fetch https://not-existing-domain.com/xyz/dists/precise/non-free/binary-i386/Packages Could not resolve host: not-existing-domain.com

$ lsb_release -a
Distributor ID: Ubuntu
Description: Ubuntu 14.04.4 LTS
Release: 14.04
Codename: trusty
$ apt-get --version
apt 1.0.1ubuntu2 for amd64 compiled on Jan 12 2016 20:13:58

For security reasons I prefer not to disclose the real repository URL, but it works on Ubuntu 14.04 and doesn't work on 12.04.

Revision history for this message
Marcin Barczyński (marcinb) wrote :
Revision history for this message
David Kalnischkies (donkult) wrote :

With a quick test I can't reproduce this with %40 as encoding, but I will try some more later.

I would highly recommend to NOT write your authentication information in sources.list through. Beside the parsing problem you seem to encounter, you can't reasonably change the permission of the file (it has to be world-readable to have apt-based tools in a functional state).

Instead, create the file /etc/apt/auth.conf and and use the netrc(5) format to specify the authentication tokens. You can change the access permissions to this file to your liking (600 for example) as a bonus.

Example: echo 'machine example.org\nlogin star\npassword hunter2' > /etc/apt/auth.conf

Brian Murray (brian-murray)
Changed in apt (Ubuntu):
importance: Undecided → Low
Revision history for this message
David Kalnischkies (donkult) wrote :

I realized that even the reporter say that in newer versions it works – so no wonder I couldn't reproduce it. I modified our basic-auth test to check for this issue specifically, so we aren't going to regress on this.

The history suggests this could be fixed by 436d7eab92bb8f9cc6498acfbf2055e717be6fd0 (from 2010, but that stayed in experimental for a long time – still, not sure, probably something better hidden). In either case, fixed by now, so changing status to fix released. I doubt this is valuable enough to be backported (the bug, not the commit).

Changed in apt (Ubuntu):
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.