Applying package profile on Xenial doesn't work
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
landscape-client (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
Undecided
|
Simon Poirier |
Bug Description
[Impact]
* Users trying to apply a landscape package profile with a recent version of python-apt on xenial will get a stuck activity and an incomplete sources.list.d entry.
* The change adds a [trusted=yes] option to temporary local sources created by landscape. Global sources and apt options
[Test Case]
* install landscape-client and register it.
* create and associate a package profile.
* the packages are installed and /var/log/
[Regression Potential]
* This is a backport of fixes already released since yakkety. The change has been released for a long time.
* Change is agnostic of whether the issue is present or not and should work no matter the apt configuration.
* The affected code path is limited to profiles, but is also used a lot in unit tests fixtures, thus making it reasonably exercised.
[Other Info]
* This change was not previously required on xenial, as it was not required. Acquire:
* We fix landcape-client instead of raising the python-apt regression because the new behaviour is consistent with later releases, which we already handle. Also, it decouples landscape from requiring specific configuration.
[Original Description]
* install landscape-
* Create a package profile "minimum packages" and add basic packages (byobu, vim, ubuntu-
* create a xenial container or machine and install/configure landscape-client
Note that the apply package profile gets stuck and doesn't progress. On the container that was created, running apt update shows:
sudo apt update
Get:1 file:/var/
Ign:1 file:/var/
Get:2 file:/var/
Err:2 file:/var/
File not found - /var/lib/
Get:3 http://
Hit:4 http://
Hit:5 http://
Hit:6 http://
Reading package lists... Done
E: The repository 'file:/
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details.
apt-cache policy landscape-client
landscape-client:
Installed: 16.03-0ubuntu2.
Candidate: 16.03-0ubuntu2.
Version table:
*** 16.03-0ubuntu2.
500 http://
100 /var/lib/
16.03-0ubuntu2 500
500 http://
This can be easily worked around by:
* Remove the file /etc/apt/
* add-apt-repository ppa:landscape/19.01
* apt install landscape-client
apt-cache policy landscape-client
landscape-client:
Installed: 18.03~1070~
Candidate: 18.03~1070~
Version table:
*** 18.03~1070~
500 http://
100 /var/lib/
16.
500 http://
16.03-0ubuntu2 500
500 http://
Related branches
- git-ubuntu developers: Pending requested
-
Diff: 773 lines (+740/-0)4 files modifieddebian/changelog (+7/-0)
debian/landscape-client.postinst (+8/-0)
debian/patches/1886491-trusted-local.patch (+724/-0)
debian/patches/series (+1/-0)
description: | updated |
description: | updated |
Changed in landscape-client (Ubuntu Xenial): | |
assignee: | nobody → Simon Poirier (simpoir) |
status: | Confirmed → In Progress |
It looks like python-apt (1.1.0~ beta1ubuntu0. 16.04.7) created a regression and elects to ignore :AllowInsecureR epositories in favor of APT::Get: :AllowUnauthent icated.
Acquire:
The simpler approach would likely be to backport the [trusted=true] fix we've got working with later releases, instead of trying anything related to the global apt config.