Checking security repository in Updates adds deb line to Third-Party Software

Bug #244093 reported by Maiku on 2008-06-30
80
Affects Status Importance Assigned to Milestone
Software Properties
Invalid
Undecided
Unassigned
python-apt (Ubuntu)
High
Michael Vogt
Declined for Intrepid by Michael Vogt
Hardy
Medium
Michael Vogt
software-properties (Ubuntu)
High
Unassigned
Declined for Intrepid by Michael Vogt
Hardy
Undecided
Unassigned

Bug Description

Binary package hint: software-properties-gtk

Confirmed on:
1) Ubuntu Intrepid Ibex (development branch) 8.10
software-properties-gtk:
  Installed: 0.63ubuntu1
  Candidate: 0.63ubuntu1
  Version table:
 *** 0.63ubuntu1 0
        500 http://archive.ubuntu.com intrepid/main Packages
        100 /var/lib/dpkg/status

2) Ubuntu Hardy Heron 8.04.1
software-properties-gtk:
  Installed: 0.63ubuntu1
  Candidate: 0.63ubuntu1
  Version table:
 *** 0.63ubuntu1 0
        500 http://archive.ubuntu.com hardy/main Packages
        100 /var/lib/dpkg/status

Remarks:
- Clicking the intrepid-security / hardy-security checkbox in the "Updates" tab adds the intrepid-security deb line to the list of Third-Party Software
- The above action doesn't actually show a check mark in the checkbox.
- Unchecking/checking the checkbox in Updates tab does not have an effect on /etc/apt/sources.list file (i.e. it doesn't remove the hardy-security line)
- It appears to add the source just fine, it's just displayed in the "Third-Party Software" tab instead of checking the checkbox.

Detected problem:
1) The checkbox of Updates > hardy-security sets its status searching for "archive.ubuntu.com"
2) Checking/unchecking looks for and adds/removes "security.ubuntu.com", and the program thinks it's third-party software

Temporary fix:
1) sudo sed -e 's/security\.ubuntu\.com/archive\.ubuntu\.com/g' /etc/apt/sources.list > /etc/apt/sources.list.tmp
sudo mv /etc/apt/sources.list.tmp /etc/apt/sources.list
sudo apt-get update

2) Don't uncheck/check the hardy-security in Software Sources until it's fixed.

Kiwinote (kiwinote) on 2008-07-01
Changed in software-properties:
status: New → Confirmed
Revision history for this message
Sebastian Bengtsson (5ebastian) wrote :

This also affects Hardy (see my duplicate bug report).

Revision history for this message
goodhabit (goodhabit) wrote :

Yep, some annoying think. Is there a way to fix it?

Revision history for this message
Savvas Radevic (medigeek) wrote :

Confirming too on hardy heron 8.04 amd64 64-bit
I'll edit the bug report appropriately

Revision history for this message
Savvas Radevic (medigeek) wrote :

assigning to desktop bugs (?)

Changed in software-properties:
assignee: nobody → desktop-bugs
description: updated
Revision history for this message
Savvas Radevic (medigeek) wrote :

$ cat /etc/apt/sources.list
deb http://security.ubuntu.com/ubuntu/ hardy-security universe main multiverse restricted
deb http://archive.ubuntu.com/ubuntu/ hardy-updates universe main multiverse restricted
deb http://archive.ubuntu.com/ubuntu/ hardy-proposed universe main multiverse restricted
deb http://archive.ubuntu.com/ubuntu/ hardy main universe restricted multiverse

Attaching:
1) Debug info without removing the sources.list file: software-properties-gtk -d
File 1.txt
2) Debug info after removing the sources.list file (and checking each repository): rm /etc/apt/sources.list; software-properties-gtk -m
File 2.txt

Revision history for this message
Savvas Radevic (medigeek) wrote :

I couldn't reproduce it on a virtual machine (ubuntu hardy heron 8.04 i386).
I'll try later as amd64 live cd and post back with the results

description: updated
Revision history for this message
Linux Is Pure Pwnage (nospam5555) wrote :

I have Ubuntu 8.04 NOT .1 32-bit i386 X86 AMD K8 Processor and same problem. what in the world is going on? Did somebody hack into the ubuntu servers and mess it up?

Revision history for this message
Linux Is Pure Pwnage (nospam5555) wrote :

I chose like 3 different servers that weren't even official ubuntu servers and here is the junk I got. Attachment please download! I used software-properties-gtk -m
File 2.txt PLEASE HELP!

Revision history for this message
itsjustarumour (itsjustarumour-gmail-deactivatedaccount-deactivatedaccount) wrote :

I can confirm this bug on Hardy 8.04.1 32-bit since recent updates.

All three of my Ubuntu installs are demonstrating the same problem - I go to System>Administration>Software Sources>Updates tab, and I am unable to check the tick-box for "Important security updates (hardy-security)".

Revision history for this message
Savvas Radevic (medigeek) wrote :

I've detected the problems:
1) the checkbox for its status (checked/unchecked) looks for "http://archive.ubuntu.com" instead of "http://security.ubuntu.com"
2) if again you uncheck and check the hardy-security after switching back to "archive.ubuntu.com", it will add the hardy-security with "http://security.ubuntu.com", which will show as non-canonical third-party software repository

Execute in terminal: gksu /etc/apt/sources.list

Change any occurence security.ubuntu.com to archive.ubuntu.com

For example, I changed:
deb http://security.ubuntu.com/ubuntu/ hardy-security universe main multiverse restricted
deb-src http://security.ubuntu.com/ubuntu/ hardy-security universe main multiverse restricted

..to:
deb http://archive.ubuntu.com/ubuntu/ hardy-security universe main multiverse restricted
deb-src http://archive.ubuntu.com/ubuntu/ hardy-security universe main multiverse restricted

..things will be back to normal:

Don't uncheck and check the checkbox in Software Sources > Updates again, it will cause the same problem

Revision history for this message
Savvas Radevic (medigeek) wrote :

sorry:
* Execute in terminal: gksu gedit /etc/apt/sources.list

:)

description: updated
description: updated
Revision history for this message
Connor Imes (ckimes) wrote :

Thank you for reporting this, everybody. I am marking this bug as Triaged and setting Importance to High (has a moderate impact on a large portion of Ubuntu users). Hopefully a developer can start working on this very soon.

Changed in software-properties:
importance: Undecided → High
status: Confirmed → Triaged
Revision history for this message
Savvas Radevic (medigeek) wrote :

Well... I have a hunch that it has something to do with python-apt package
specifically the newest BaseURI vs. BaseURI-architecture implementation

I changed the file /usr/share/python-apt/templates/Ubuntu.info and modified the following section as listed below:

Suite: hardy-security
ParentSuite: hardy
RepositoryType: deb
BaseURI-amd64: http://security.ubuntu.com/ubuntu
MatchURI-amd64: archive.ubuntu.com/ubuntu|security.ubuntu.com
BaseURI-powerpc: http://ports.ubuntu.com/
MatchURI-powerpc: ports.ubuntu.com/ubuntu
Description: Important security updates

Basically, I changed BaseURI to BaseURI-amd64 (my Ubuntu architecture), now it works.
Looks like BaseURI-arch is working better than BaseURI :)

Revision history for this message
Savvas Radevic (medigeek) wrote :

I've added a regular expression check the value if it contains "security.ubuntu.com"
re.search('security\.ubuntu\.com',value)

It could be marked as messy, but I tried it and it works, attached a debdiff.

Otherwise, to fix this you must change BaseURI and MatchURI as mentioned in the previous comment

Revision history for this message
Savvas Radevic (medigeek) wrote :

( it's my first patch attempt :) )

Revision history for this message
Savvas Radevic (medigeek) wrote :

the problematic package seems to be python-apt

Changed in software-properties:
status: New → Invalid
assignee: desktop-bugs → nobody
status: Triaged → Invalid
Revision history for this message
Savvas Radevic (medigeek) wrote :

fixed the /tmp/ path in debdiff and re-attached

Changed in python-apt:
status: New → In Progress
Revision history for this message
Kees Cook (kees) wrote :

Assigning this to mvo, who should have some background in this bit of code. :)

Changed in python-apt:
assignee: nobody → mvo
Revision history for this message
Savvas Radevic (medigeek) wrote :

Adding debdiff option no.2:
Replaced MatchURI with arch-specific MatchURI-i386 and MatchURI-amd64 for security repositories, bypasses the "MatchURI: archive.ubuntu.com/ubuntu" of the ParentSuite

Revision history for this message
Savvas Radevic (medigeek) wrote :

I gave two options/debdiffs for fixing the bug above.

For the common people, here's a temporary, but quick and painless way to fix it:
1) Close Software Sources
2) Download the file attached here (Ubuntu.info)
3) Replace the file in: /usr/share/python-apt/templates/Ubuntu.info
4) Open Software Sources now

Revision history for this message
Kim Jensen (planet-reptile-gmail) wrote :

The fix you sugest does not work for me.
When i try to copy paste the Ubuntu.info text in the Ubuntu.info folder in /usr/share/python-apt/templates/Ubuntu.info it say that i don't have permission to do that. I have full access on the computer.

Revision history for this message
Kim Jensen (planet-reptile-gmail) wrote :

HA! It worked when i changed the http://security.ubuntu.com/ubuntu/ to http://archive.ubuntu.com/ubuntu/ in gksu gedit /etc/apt/sources.list
Now things look normal.

Revision history for this message
Savvas Radevic (medigeek) wrote : Re: [Bug 244093] Re: Checking security repository in Updates adds deb line to Third-Party Software

> HA! It worked when i changed the http://security.ubuntu.com/ubuntu/ to http://archive.ubuntu.com/ubuntu/ in gksu gedit /etc/apt/sources.list
They look normal, but if you uncheck the -security in software sources
> updates and check it again, you're back to square 1!

$ ls -l /usr/share/python-apt/templates/Ubuntu.info
-rw-r--r-- 1 root root 10684 2008-07-11 09:53
/usr/share/python-apt/templates/Ubuntu.info
$ lsattr /usr/share/python-apt/templates/Ubuntu.info
------------------ /usr/share/python-apt/templates/Ubuntu.info

I don't know what's wrong with your file or folder structure, mine is
copied fine, but do try this:
sudo chattr -uia /usr/share/python-apt/templates/Ubuntu.info
sudo chown root:root /usr/share/python-apt/templates/Ubuntu.info
sudo chmod +rw /usr/share/python-apt/templates/Ubuntu.info

Now you should be able to replate it:
sudo wget http://launchpadlibrarian.net/15945141/Ubuntu.info -O
/usr/share/python-apt/templates/Ubuntu.info
ls -l /usr/share/python-apt/templates/Ubuntu.info

Make sure the file permissions are the same as: -rw-r--r--

Revision history for this message
alienexplorers (dfsjr47) wrote :

Had the same error. Changed the http://security.ubuntu.com/ubuntu/ to http://archive.ubuntu.com/ubuntu/. Closed and restarted software sources and the problem was corrected.

Revision history for this message
Kim Jensen (planet-reptile-gmail) wrote :

>I don't know what's wrong with your file or folder structure, mine is
copied fine, but do try this:
sudo chattr -uia /usr/share/python-apt/templates/Ubuntu.info
sudo chown root:root /usr/share/python-apt/templates/Ubuntu.info
sudo chmod +rw /usr/share/python-apt/templates/Ubuntu.info

Now you should be able to replate it:
sudo wget http://launchpadlibrarian.net/15945141/Ubuntu.info -O
/usr/share/python-apt/templates/Ubuntu.info
ls -l /usr/share/python-apt/templates/Ubuntu.info

It does not help:

kim@kim-desktop:~$ sudo chattr -uia /usr/share/python-apt/templates/Ubuntu.info
[sudo] password for kim:
kim@kim-desktop:~$ sudo wget http://launchpadlibrarian.net/15945141/Ubuntu.info -O
wget: option requires an argument -- O
Brug: wget [FLAG]... [URL]...

Prøv 'wget --help' for flere flag.
kim@kim-desktop:~$ /usr/share/python-apt/templates/Ubuntu.info
bash: /usr/share/python-apt/templates/Ubuntu.info: Permission denied
kim@kim-desktop:~$ ls -l /usr/share/python-apt/templates/Ubuntu.info

Revision history for this message
Kim Jensen (planet-reptile-gmail) wrote :

But is it necesary to do all this? Whon't there be an update anytime soon that will fix all this?
I can't check the hardy-security box in updates, but the security boxes are marked in Third-party software, so i must get the security updates anyway?

Revision history for this message
Savvas Radevic (medigeek) wrote :

True, no need for that, but security updates in third party software
can be a bit confusing.
It'll be fixed eventually :)

Revision history for this message
Kim Jensen (planet-reptile-gmail) wrote :

I desided to use my 32bit computer and i unticked hardy-proposed and everything is normal.

Revision history for this message
Kim Jensen (planet-reptile-gmail) wrote :

So is everything fixed now?

Revision history for this message
Pichu0102 (pichu0102-deactivatedaccount) wrote :

Behavior stills appears here.

Michael Vogt (mvo) on 2008-07-24
Changed in python-apt:
importance: Undecided → High
Revision history for this message
Michael Vogt (mvo) wrote :
Revision history for this message
Michael Vogt (mvo) wrote :

It looks like this is breakage from the fix in hardy-proposed for https://bugs.edge.launchpad.net/ubuntu/hardy/+source/python-apt/+bug/220890

I upload a new intrepid version of python-apt that should fix the issue.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package python-apt - 0.7.7ubuntu2

---------------
python-apt (0.7.7ubuntu2) intrepid; urgency=low

  * data/templates/Debian.info.in:
    - add 'lenny' template info
  * aptsources/distinfo.py:
    - fix template matching for arch specific code (LP: #244093)

 -- Michael Vogt <email address hidden> Fri, 25 Jul 2008 18:34:28 +0200

Changed in python-apt:
status: In Progress → Fix Released
Revision history for this message
Savvas Radevic (medigeek) wrote :

> I upload a new intrepid version of python-apt that should fix the issue.

It affects Ubuntu hardy heron 8.04 too.. shouldn't it be updated in
hardy as well?

Revision history for this message
Michael Vogt (mvo) wrote :

Yes, it needs to be fixed for hardy as well. Fortunately it does "only" affect hardy-proposed, so only a subset of the hardy users.

Changed in python-apt:
assignee: nobody → mvo
importance: Undecided → Medium
status: New → In Progress
Changed in software-properties:
status: New → Invalid
Revision history for this message
Michael Vogt (mvo) wrote :

The fix is merged and got uploaded to hardy-proposed.

Revision history for this message
Steve Beattie (sbeattie) wrote :

I was able to reproduce this error in the version of python-apt that had been uploaded to hardy-proposed, 0.7.4ubuntu7.1, and can confirm that the current version of python-apt in hardy-proposed, 0.7.4ubuntu7.3, does indeed correct this issue. I did some limited testing of software-properties-gtk and noticed no regressions.

Thanks!

Revision history for this message
Matt Neilson (ichthyoboy) wrote :

Second confirmation. Security updates no longer show up in Third party software tab.

Revision history for this message
Eric McWilliams (stunder-gmail) wrote :

I was getting pretty much the same warning saying this...

Reading package lists... Done
W: Duplicate sources.list entry http://security.ubuntu.com hardy-security/restricted Packages (/var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_hardy-security_restricted_binary-amd64_Packages)
W: Duplicate sources.list entry http://security.ubuntu.com hardy-security/main Packages (/var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_hardy-security_main_binary-amd64_Packages)
W: You may want to run apt-get update to correct these problems

I was having the same issue on my work network. I noticed the protocol being used is http and we have a web proxy/caching device (Blue Coat) on the network. I added security.ubuntu.com to a bypass of my cache and this fixed my issue. I wonder if any other users having the issue might be behind a web proxy/cache (maybe even squid). Just tossing that out there.

Revision history for this message
Martin Pitt (pitti) wrote :

python-apt hardy-proposed copied to hardy-updates.

Changed in python-apt:
status: In Progress → Fix Released
Revision history for this message
Sebastian Bengtsson (5ebastian) wrote :

No I don't have a proxy.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers