add-apt-repository exits with 0 even when adding key failed

Bug #1532855 reported by Michał Sawicz on 2016-01-11
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
software-properties (Ubuntu)
High
Unassigned
Xenial
Medium
Unassigned
Yakkety
Medium
Unassigned

Bug Description

add-apt-repository exits happily even if it failed adding the key:

$ sudo env LANGUAGE=en add-apt-repository ppa:launchpad/buildd-staging -k hkp://bad-server/
 Buildd staging packages for Launchpad. New packages are staged here for testing on the staging PPA buildds.
 More info: https://launchpad.net/~launchpad/+archive/ubuntu/buildd-staging
Press [ENTER] to continue or ctrl-c to cancel adding it

gpg: keyring `/tmp/tmp3246v7n8/secring.gpg' created
gpg: keyring `/tmp/tmp3246v7n8/pubring.gpg' created
gpg: requesting key 0A5174AF from hkp server bad-server
?: bad-server: Host not found
gpgkeys: HTTP fetch error 7: couldn't connect: Success
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
gpg: keyserver communications error: keyserver unreachable
gpg: keyserver communications error: public key not found
gpg: keyserver receive failed: public key not found

$ echo $?
0

ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: software-properties-common 0.96.17
ProcVersionSignature: Ubuntu 4.3.0-5.16-generic 4.3.3
Uname: Linux 4.3.0-5-generic x86_64
ApportVersion: 2.19.3-0ubuntu2
Architecture: amd64
CurrentDesktop: Unity
Date: Mon Jan 11 17:17:56 2016
PackageArchitecture: all
SourcePackage: software-properties
UpgradeStatus: Upgraded to xenial on 2015-10-28 (74 days ago)

Related bugs:
 * bug 1671566 when gpg key add fails, entry is still added to sources.list

Related branches

Michał Sawicz (saviq) wrote :
Scott Moser (smoser) wrote :

This failure breaks automated installation and such, even when re-trying because the caller that might retry does not know that this failed.

Our curtin vmtest hit this at https://jenkins.ubuntu.com/server/view/Curtin/job/curtin-vmtest-devel-amd64/781/consoleFull .

Changed in software-properties (Ubuntu):
status: New → Confirmed
importance: Undecided → High
Changed in software-properties (Ubuntu):
status: Confirmed → Fix Committed
Scott Moser (smoser) on 2017-03-01
Changed in software-properties (Ubuntu Xenial):
status: New → Confirmed
Changed in software-properties (Ubuntu Yakkety):
status: New → Confirmed
Changed in software-properties (Ubuntu Xenial):
importance: Undecided → Medium
Changed in software-properties (Ubuntu Yakkety):
importance: Undecided → Medium
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package software-properties - 0.96.24.11

---------------
software-properties (0.96.24.11) zesty; urgency=medium

  [Scott Moser]
  * debian/tests/run-tests: use gpg rather than gpg1, and show errors
    (LP: #1670399)
  * debian/tests/control: add gnupg to list of dependencies.

  [Iain Lane]
  * softwareproperties/shortcuts.py: Make add_key() return True. Since r988,
    the return value of add_key() is now used to raise an exception.
    ShortcutHandler.add_key() always succeeds, so should return True. This
    (LP: #1670399)

 -- Scott Moser <email address hidden> Mon, 06 Mar 2017 12:22:03 -0500

Changed in software-properties (Ubuntu):
status: Fix Committed → Fix Released

Hello Michał, or anyone else affected,

Accepted software-properties into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/software-properties/0.96.20.6 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Changed in software-properties (Ubuntu Xenial):
status: Confirmed → Fix Committed
tags: added: verification-needed
Changed in software-properties (Ubuntu Yakkety):
status: Confirmed → Fix Committed
Chris J Arges (arges) wrote :

Hello Michał, or anyone else affected,

Accepted software-properties into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/software-properties/0.96.24.7.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Scott Moser (smoser) wrote :

## set up a container with software-properties installed from -proposed
$ rel=xenial
$ name=xenial-1
$ lxc launch ubuntu-daily:$rel $name
$ lxc exec $name -- sh -c 'while ! [ -e /run/cloud-init/result.json ]; do echo .; sleep 1; done' </dev/null
$ lxc exec $name -- sh -e <<"EOF"
rel=$(lsb_release -sc)
line=$(awk '$1 == "deb" && $2 ~ /ubuntu.com/ {
  printf("%s %s %s-proposed main universe\n", $1, $2, rel); exit(0) };
  ' "rel=$rel" /etc/apt/sources.list)
echo "$line" | sudo tee /etc/apt/sources.list.d/proposed.list
apt-get update -qq
apt-get install -qy software-properties-common </dev/null
EOF
...

$ lxc exec $name -- dpkg-query --show software-properties-common </dev/null
software-properties-common 0.96.20.6

$ lxc exec $name -- sh <<"EOF"
add-apt-repository ppa:launchpad/buildd-staging -k hkp://127.0.0.1/
echo exited with $?
EOF
 Buildd staging packages for Launchpad. New packages are staged here for testing on the staging PPA buildds.
 More info: https://launchpad.net/~launchpad/+archive/ubuntu/buildd-staging
gpg: keyring `/tmp/tmph5tjzyms/secring.gpg' created
gpg: keyring `/tmp/tmph5tjzyms/pubring.gpg' created
gpg: requesting key 0A5174AF from hkp server 127.0.0.1
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
gpg: keyserver communications error: keyserver unreachable
gpg: keyserver communications error: public key not found
gpg: keyserver receive failed: public key not found
?: 127.0.0.1: Connection refused
gpgkeys: HTTP fetch error 7: couldn't connect: Connection refused
Failed to add key.
exited with 1

Scott Moser (smoser) wrote :

## set up a container with software-properties installed from -proposed
$ rel=yakkety
$ name=yakkety-1
$ lxc launch ubuntu-daily:$rel $name
$ lxc exec $name -- sh -c 'while ! [ -e /run/cloud-init/result.json ]; do echo .; sleep 1; done' </dev/null
$ lxc exec $name -- sh -e <<"EOF"
rel=$(lsb_release -sc)
line=$(awk '$1 == "deb" && $2 ~ /ubuntu.com/ {
  printf("%s %s %s-proposed main universe\n", $1, $2, rel); exit(0) };
  ' "rel=$rel" /etc/apt/sources.list)
echo "$line" | sudo tee /etc/apt/sources.list.d/proposed.list
apt-get update -qq
apt-get install -qy software-properties-common </dev/null
EOF

$ lxc exec $name -- dpkg-query --show software-properties-common </dev/null
software-properties-common 0.96.24.7.1

$ lxc exec $name -- sh <<"EOF"
> add-apt-repository ppa:launchpad/buildd-staging -k hkp://bad-server
> echo exited with $?
> EOF
 Buildd staging packages for Launchpad. New packages are staged here for testing on the staging PPA buildds.
 More info: https://launchpad.net/~launchpad/+archive/ubuntu/buildd-staging
gpg: keybox '/tmp/tmpx3nk68ee/pubring.gpg' created
gpg: keyserver receive failed: No keyserver available
Failed to add key.
exited with 1

tags: added: verification-done-xenial verification-done-yakkety
removed: verification-needed
Scott Moser (smoser) wrote :

I opened bug 1671566 for a issue I found when testing this.
The fix is still valid, and we're in a strictly better scenario now than
we were before, but still a bug to fix.

description: updated
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package software-properties - 0.96.24.7.1

---------------
software-properties (0.96.24.7.1) yakkety-proposed; urgency=medium

  * Add knowledge of OpenStack releases Ocata, Pike and Queens. (LP: #1670385)

  [ Scott Moser & Dimitri John Ledkov ]
  * When failing to retrieve a GPG key, raise an exception such that
    e.g. add-apt-repository can fail when it did not manage to retrieve a
    GPG key for the shortcut repository. LP: #1532855

 -- Scott Moser <email address hidden> Mon, 06 Mar 2017 17:15:20 -0500

Changed in software-properties (Ubuntu Yakkety):
status: Fix Committed → Fix Released

The verification of the Stable Release Update for software-properties has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

Robie Basak (racb) wrote :

I see dep8 failures in software-properties 0.96.20.6. But a recent test against 0.96.20.5 succeeded, which suggests to me that it is a regression caused by 0.96.20.6. I don't see anything obvious in the diff that could cause this, but I think it warrants further investigation. Please could you take a look?

See http://autopkgtest.ubuntu.com/packages/s/software-properties/xenial/i386 and http://autopkgtest.ubuntu.com/packages/s/software-properties/xenial/amd64

Launchpad Janitor (janitor) wrote :

This bug was fixed in the package software-properties - 0.96.20.6

---------------
software-properties (0.96.20.6) xenial; urgency=medium

  * Add knowledge of OpenStack releases Pike and Queens. (LP: #1670385)

  [ Scott Moser & Dimitri John Ledkov ]
  * When failing to retrieve a GPG key, raise an exception such that
    e.g. add-apt-repository can fail when it did not manage to retrieve a
    GPG key for the shortcut repository. LP: #1532855

 -- Scott Moser <email address hidden> Mon, 06 Mar 2017 16:56:40 -0500

Changed in software-properties (Ubuntu Xenial):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers