juju bootstrap fail behind a proxy when a gpg key must be imported

Bug #1089389 reported by Pierre Amadio on 2012-12-12
54
This bug affects 11 people
Affects Status Importance Assigned to Milestone
software-properties (Ubuntu)
Critical
abhishek
Nominated for Precise by Alberto Salvia Novella

Bug Description

This is related to a Maas environment hosted behind a proxy.

I'm trying to use
juju 0.6.0.1+bzr603-0juju1~precise1

ubuntu@maas:~$ cat .juju/environments.yaml
environments:
  mymaas:
    type: maas
    maas-server: 'http://192.168.124.2:80/MAAS'
    maas-oauth: 'UP5Qay8Nsku8K98fqn:LjhnStY2HjfCeKfvmg:BxA586DWVNPKrT9ASNj9QasMvSPdgavt'
    admin-secret: 'nothing'
    default-series: precise
    juju-origin: ppa

When juju boostrap, things do not behave as expected on the zookeeper node.

Excerpt from the cloud-init-output.log:

W: GPG error: http://ppa.launchpad.net precise Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 376A290EC8068B11

On the zookeeper node, if i try to apt-add-repository , the needed gpg key is not injected, but the scrpit does not return any error code:

ubuntu@zookeeper:/var/log$ sudo mv /etc/apt/sources.list.d/juju-pkgs-precise.list /tmp/
ubuntu@zookeeper:/var/log$ sudo ls /etc/apt/sources.list.d/
ubuntu@zookeeper:/var/log$ sudo apt-add-repository ppa:juju/pkgs --yes
gpg: keyring `/tmp/tmpmlP7VA/secring.gpg' created
gpg: keyring `/tmp/tmpmlP7VA/pubring.gpg' created
gpg: requesting key C8068B11 from hkp server keyserver.ubuntu.com
gpgkeys: key A2EB2DEC0BD7519B7B38BE38376A290EC8068B11 not found on keyserver
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
recv failed
ubuntu@zookeeper:/var/log$ echo $?
0

Trying to inject key while setting the http_proxy environment variable works better:
ubuntu@zookeeper:/var/log$ sudo http_proxy=http://91.189.90.174:3128/ apt-add-repository ppa:juju/pkgs --yes
gpg: keyring `/tmp/tmp1pAd6X/secring.gpg' created
gpg: keyring `/tmp/tmp1pAd6X/pubring.gpg' created
gpg: requesting key C8068B11 from hkp server keyserver.ubuntu.com
gpg: /tmp/tmp1pAd6X/trustdb.gpg: trustdb created
gpg: key C8068B11: public key "Launchpad Ensemble PPA" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
OK
ubuntu@zookeeper:/var/log$ echo $?
0

On the zookeeper node, python-software-properties is version 0.82.7.3

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: python-software-properties 0.82.7.3
ProcVersionSignature: Ubuntu 3.2.0-34.53-generic 3.2.33
Uname: Linux 3.2.0-34-generic x86_64
ApportVersion: 2.0.1-0ubuntu15
Architecture: amd64
Date: Wed Dec 12 14:40:21 2012
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012)
MarkForUpload: True
PackageArchitecture: all
SourcePackage: software-properties
UpgradeStatus: Upgraded to precise on 2012-05-14 (212 days ago)

Pierre Amadio (pierre-amadio) wrote :
Scott Moser (smoser) wrote :

The key point above is that:
 sudo apt-add-repository ppa:juju/pkgs --yes
failed to import keys to apt, but
a.) exited success (0) meaning its caller did not even log error
b.) left /etc/apt/sources.list.d/<ppa>.list in place, meaning subsequent 'apt-get update' was guaranteed to fail.

Pierre Amadio (pierre-amadio) wrote :

same behaviour with raring:

ubuntu@rqring:~$ sudo ls /etc/apt/sources.list.d/
ubuntu@rqring:~$ sudo apt-add-repository ppa:juju/pkgs --yes
gpg: keyring `/tmp/tmp9kk_ey/secring.gpg' created
gpg: keyring `/tmp/tmp9kk_ey/pubring.gpg' created
gpg: requesting key C8068B11 from hkp server keyserver.ubuntu.com
gpgkeys: key A2EB2DEC0BD7519B7B38BE38376A290EC8068B11 not found on keyserver
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
ubuntu@rqring:~$ echo $?
0

ubuntu@rqring:~$ dpkg-query --show software-properties-common
software-properties-common 0.92.13

Scott Moser (smoser) on 2012-12-12
Changed in software-properties (Ubuntu):
status: New → Confirmed
importance: Undecided → Medium
Andres Rodriguez (andreserl) wrote :

So we just hit this same issue. add-apt-repository cannot import a PPA behind a proxy. It seems it doesn't respect the fact that apt.conf has the proxy configured.

Changed in software-properties (Ubuntu):
importance: Medium → Critical
heri atmuji (heriatmuji) on 2013-03-27
Changed in software-properties (Ubuntu):
status: Confirmed → New
tags: added: cloud
Changed in software-properties (Ubuntu):
status: New → Fix Committed
fill (brak29) on 2013-05-25
Changed in software-properties (Ubuntu):
assignee: nobody → fill (brak29)
status: Fix Committed → New
status: New → Confirmed
Jonathan Davies (jpds) on 2013-06-30
Changed in software-properties (Ubuntu):
assignee: fill (brak29) → nobody
Changed in software-properties (Ubuntu):
status: Confirmed → Triaged
Maarten (mthibaut-f) wrote :

Hi,

Please add trusty and utopic as tags.

Thanks!
maarten

Changed in software-properties (Ubuntu):
assignee: nobody → abhishek (abhishekgc1992)
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers