Trusty: apt does not try next mirror if index file download fails with mirror:// source

Bug #1625667 reported by Louis Bouchard on 2016-09-20
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apt (Ubuntu)
Louis Bouchard

Bug Description

[SRU justification]
This fix is needed to allow correct archive mirroring functionality.

Without this fix, apt-get update and other apt commands requiring Package file access may fail when there are remote transient errors due to archive availability.

Use std::npos instead of 0 to test presence of "Translation" in ShortDesc.

[Test Case]

1) Setup three containers (archive1, archive2, archive3) with a reprepro configuration mirroring the ubuntu restricted archive (to save on space and time to replicate).
2) Add an apache webserver serving the reprepro archive over http on each container
3) Add the following mirrors.txt file to one of the webserver (archive1):
$ cat /var/www/html/mirrors.txt
4) Add a client container. Add the IP adresses of the archive[1-3] containers to /etc/hosts. Alias the archive1 address to similar to the following :
$ cat /etc/hosts localhost archive1 archive2 archive3
5) Add the following line to the /etc/apt/sources.list, commenting all other entries :
$ cat /etc/apt/sources.list
#deb trusty main
#deb trusty-updates main
#deb trusty universe
#deb trusty-updates universe

deb mirror:// trusty restricted
6) Run
$ apt-get -oDebug::Acquire::mirror=true update

The log should display for the Packages file :

Failure to get
Err trusty/restricted amd64 Packages

With the fix you will see :

Failure to get

None expected. Worse that can happen is a retry when none was done previously.

[Original description of the problem]
When using the mirror:// functionality on Trusty, if the download of the index file fails, apt will not retry on another archive listed in mirrors.txt and will fail.

Running the following on Trusty leads to the following result :

sudo apt-get update -qq
W: Failed to fetch mirror:// 404 Not Found [Mirror:]
W: Failed to fetch mirror:// 404 Not Found [Mirror:]
W: Failed to fetch mirror:// 404 Not Found [Mirror:]
W: Failed to fetch mirror:// 404 Not Found [Mirror:]
W: Failed to fetch mirror:// 404 Not Found [Mirror:]
W: Failed to fetch mirror:// 404 Not Found [Mirror:]
W: Failed to fetch mirror:// 404 Not Found [Mirror:]
W: Failed to fetch mirror:// 404 Not Found [Mirror:]
W: Failed to fetch mirror:// 404 Not Found [Mirror:]
W: Failed to fetch mirror:// 404 Not Found [Mirror:]
E: Some index files failed to download. They have been ignored, or old ones used instead.

The same configuration works correctly on Xenial

Louis Bouchard (louis) wrote :

Marking dev + xenial as Invalid since it works from Xenial onward

Changed in apt (Ubuntu):
status: New → Invalid
Changed in apt (Ubuntu Trusty):
status: New → Invalid
Changed in apt (Ubuntu Xenial):
status: New → In Progress
importance: Undecided → Medium
assignee: nobody → Louis Bouchard (louis-bouchard)
Julian Andres Klode (juliank) wrote :

"Marking dev + xenial as Invalid since it works from Xenial onward"

You marked trusty and dev as invalid, and kept xenial open? Unfortunately, there have been huge changes in the acquire system in 1.1, so there is likely no way to fix this in trusty.

Julian Andres Klode (juliank) wrote :

Notably, there has been no related change of the mirror method since the trusty release. So if it started working later, than that is related to the reworked acquire system.

As such, I'd like this bug to be closed as invalid, as it's not worth it. The pre 1.1 acquire system cannot really deal with failures gracefully.

You could of course try wily, if it works there, you're lucky, and can backport the fix.

Louis Bouchard (louis) wrote :
Download full text (4.3 KiB)


first of all, you are right, I did mix up the series, I'll fix that.

Now, Michael Vogt (mvo), Debian's APT main developer is currently reviewing the one line fix that solves this issue.

I have a reproducer and was able to identify the root cause and prepare a fix.

The source of the problem is the following :

    string msg = "\nIndex-File: true";
    // FIXME: this really should use "IndexTarget::IsOptional()" but that
    // seems to be difficult without breaking ABI
    if (ShortDesc().find("Translation") != 0)

As outlined in the FIXME, IndexTarget::IsOptional() should be used, and that is what started to happen with Wily. The code now reads :

      msg += "\nFail-Ignore: true";

Here is the complete explanation as provided to MVO :

"When the Queue responsible for fetching the Package file runs, it builds the
Custom600 header with the following method :

> // AcqIndex::Custom600Headers - Insert custom request headers /*{{{*/
> // ---------------------------------------------------------------------
> /* The only header we use is the last-modified header. */
> string pkgAcqIndex::Custom600Headers()
> {
> string Final = _config->FindDir("Dir::State::lists");
> Final += URItoFileName(RealURI);
> if (_config->FindB("Acquire::GzipIndexes",false))
> Final += ".gz";
> string msg = "\nIndex-File: true";
> // FIXME: this really should use "IndexTarget::IsOptional()" but that
> // seems to be difficult without breaking ABI
> if (ShortDesc().find("Translation") != 0)
> msg += "\nFail-Ignore: true";
> struct stat Buf;
> if (stat(Final.c_str(),&Buf) == 0)
> msg += "\nLast-Modified: " + TimeRFC1123(Buf.st_mtime);
> return msg; ...


Changed in apt (Ubuntu Trusty):
status: Invalid → In Progress
Changed in apt (Ubuntu Xenial):
status: In Progress → Invalid
Changed in apt (Ubuntu Trusty):
importance: Undecided → Medium
Changed in apt (Ubuntu Xenial):
importance: Medium → Undecided
Changed in apt (Ubuntu Trusty):
assignee: nobody → Louis Bouchard (louis-bouchard)
Changed in apt (Ubuntu Xenial):
assignee: Louis Bouchard (louis-bouchard) → nobody
Louis Bouchard (louis) on 2016-09-23
description: updated

Hello Louis, or anyone else affected,

Accepted apt into trusty-proposed. The package will build now and be available at in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at . Thank you in advance!

Changed in apt (Ubuntu Trusty):
status: In Progress → Fix Committed
tags: added: verification-needed
no longer affects: apt (Ubuntu Xenial)
Changed in apt (Ubuntu):
status: Invalid → Fix Released
importance: Undecided → Medium
Anders Jansson (ervanja) wrote :

Patch verified through this sequence:

Add "deb trusty-proposed multiverse restricted main universe" to /etc/apt/sources.list

apt-get update
apt-get install apt=1.0.1ubuntu2.15
apt-get upgrade <- Accept all from maintainer

After that sequence, the apt-get update works without failure, even when one of the mirrors is partly broken.

Louis Bouchard (louis) on 2016-10-12
tags: added: verification-done
removed: verification-needed

The verification of the Stable Release Update for apt has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 1.0.1ubuntu2.15

apt (1.0.1ubuntu2.15) trusty; urgency=medium

  * Fixes failure to download the Package index file when using
    mirror:// URL in sources.list and the archive fails to profile
    a file. APT would try the next archive in the list for .deb
    packages but did not retry when the index file failed to download.
    (LP: #1625667)

 -- Louis Bouchard <email address hidden> Tue, 20 Sep 2016 17:02:03 +0200

Changed in apt (Ubuntu Trusty):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers