Ubuntu

add-apt-repository doesn't work behind a proxy

Reported by Fabio Isgrò on 2010-02-02
390
This bug affects 78 people
Affects Status Importance Assigned to Milestone
software-properties (Ubuntu)
Undecided
Unassigned

Bug Description

The software is unusable behind a proxy.

Alan Pope ㋛ (popey) wrote :

alan@hactar:~$ sudo add-apt-repository ppa:python-snippets-drivers/python-snipts-daily
Error reading https://launchpad.net/api/beta/~python-snippets-drivers/+archive/python-snippets-daily: <urlopen error [Errno 110] Connection timed out>

Changed in software-properties (Ubuntu):
status: New → Confirmed
Alan Pope ㋛ (popey) wrote :

root@hactar:~# env | grep proxy
root@hactar:~# export http_proxy=http://www.example.com:8000/
root@hactar:~# add-apt-repository ppa:python-snippets-drivers/python-snippets-daily
Error reading https://launchpad.net/api/beta/~python-snippets-drivers/+archive/python-snippets-daily: <urlopen error [Errno 110] Connection timed out>
root@hactar:~# export https_proxy=http://www.example.com:8000/
root@hactar:~# add-apt-repository ppa:python-snippets-drivers/python-snippets-daily
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv 4DF656F99017C017086BD3018B70F76B105E3B33
gpg: requesting key 105E3B33 from hkp server keyserver.ubuntu.com
gpg: key 105E3B33: "Launchpad python-snippets-daily" not changed
gpg: Total number processed: 1
gpg: unchanged: 1

However, if you set proxy in gnome settings you get
https_proxy=https://www.example.com:8000/

Whereas add-apt-repository only works with:-
https_proxy=http://www.example.com:8000/

Uli Tillich (utillich) wrote :

so if I understood you correctly a workaround is to set the proxy variable by:

$export http_proxy=http://www.example.com:8000/

instead of using the network proxy gui?

Does having "http" instead of "https" cause problems with other apps?

vedavata (vedavrata) wrote :

'sudo add-apt-repository ppa:qutim/qutim.svn',
'sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com',
and etc
do not work via proxy at my Ubuntu 10.04 as well...

# sudo add-apt-repository ppa:qutim/qutim.svn
Error reading https://launchpad.net/api/1.0/~qutim/+archive/qutim.svn: <urlopen error [Errno -2] Name or service not known>

# sudo apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 3B31F979B2CDAA1B
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --recv-keys --keyserver keyserver.ubuntu.com 3B31F979B2CDAA1B
gpg: requesting key B2CDAA1B from hkp server keyserver.ubuntu.com
gpgkeys: HTTP fetch error 6: Couldn't resolve host 'keyserver.ubuntu.com'
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

prithvisekhar (prithvisekhar) wrote :

recently installed 10.04 and after installing some packages to player/stage on run ' sudo apt-get update ' i get the following
W: GPG error: [url]http://ppa.launchpad.net[/url] lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 5A9A06AEF9CB8DB0

and
on $ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5A9A06AEF9CB8DB0
Executing: gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv-keys 5A9A06AEF9CB8DB0
gpg: requesting key F9CB8DB0 from hkp server keyserver.ubuntu.com
gpgkeys: HTTP fetch error 6: Couldn't resolve host 'keyserver.ubuntu.com'
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

and when i go to keyserver.ubuntu.com it say its ok
the internet connection is in my lab and through a proxy and i have added in /etc/apt.conf
Acquire::http:: Proxy "http://username: pass@10.20.0.21:3128";
Acquire::http:: Proxy "ftp://username: pass@10.20.0.21:3128";

please help

Korny Sietsma (korny) wrote :

Just a note - if you change "https_proxy" and then run "sudo whatever" - the changed environment variable won't be inherited by the sudo command.
So to get anywhere with this I had to do this as root:
  $ sudo bash
  # export https_proxy=http://www.example.com:8000/
  # add-apt-repository ppa:<whatever>
(just a note in case anyone else got messed up by this - this workaround still doesn't fetch gpg keys, but at least it updates your apt sources)

Uli Tillich (utillich) wrote :

@Korny
the bug you mentioned is #556293.

It has a simple workaround:
   $sudo visudo
then add the following line
   Defaults env_keep="http_proxy"
Exit with crtl+X and save the changes

However as you said it will sill not get keys when behind a proxy. Unfortunately all proxy bugs are not given much attention...

Snahrck (hansenclever) wrote :

Ubuntu keyserver now accepts connections in port 80. See: https://answers.launchpad.net/ubuntu-website/+question/79193
Behind a firewall that blocks port 11371 the following step fails:

gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver keyserver.ubuntu.com --recv B305FC46C55F531512AFA579D6B6DB186A68F637
gpg: requisitando chave 6A68F637 de servidor hkp - keyserver.ubuntu.com
gpgkeys: HTTP fetch error 7: couldn't connect to host
gpg: nenhum dado OpenPGP válido encontrado.
gpg: Número total processado: 0

Changing the keyserver to "hkp://keyserver.ubuntu.com:80" does the trick:
gpg --ignore-time-conflict --no-options --no-default-keyring --secret-keyring /etc/apt/secring.gpg --trustdb-name /etc/apt/trustdb.gpg --keyring /etc/apt/trusted.gpg --primary-keyring /etc/apt/trusted.gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys B305FC46C55F531512AFA579D6B6DB186A68F637
gpg: requisitando chave 6A68F637 de servidor hkp - keyserver.ubuntu.com
gpg: chave 6A68F637: chave pública "Launchpad JDownloader PPA" importada
gpg: Número total processado: 1
gpg: importados: 1 (RSA: 1)

add-apt-repository should be aware of that and try the port 80 if 11371 fails (or simply use 80 by default). Alternatively, it could add an option to switch the keyserverport in command line.

ChaiTan3 (chaitukca) wrote :

To make add-apt-repository use port 80 by default, the /usr/share/pyshared/softwareproperties/ppa.py file used by add-apt-repository can be modified to use port 80.
Edit the file /usr/share/pyshared/softwareproperties/ppa.py
Search for "keyserver.ubuntu.com"
Replace it by "hkp://keyserver.ubuntu.com:80" and save the file
add-apt-repository should work behind a proxy now.

Uli Tillich (utillich) wrote :

@ChaiTan

Thank you for the tip. However i could not get this to work.

I changed the line as described, saved and then tried:
"sudo apt-add-repository ppa:docky-core/ppa"
HoweverI got the following error:
"Error reading https://launchpad.net/api/1.0/~docky-core/+archive/ppa: <urlopen error [Errno 110] Connection timed out>"

ChaiTan3 (chaitukca) wrote :

@Uli
Check if https_proxy variable is set to your proxy, also add https_proxy to env_keep in /etc/sudoers

Uli Tillich (utillich) wrote :

@ChaiTan3
Thank you very much, you rock.
Your suggestion fixed it for me, I previously only had http in the sudoers file, but not https.

Girish L C (girish-lc) wrote :

Yes, It worked for me, After the second from the above step still I was getting an error.
But as per Korny suggestion; it worked for me!!!! Thank you Korny.

  $ sudo bash
  # export https_proxy=http://www.example.com:8000/
  # add-apt-repository ppa:<whatever>

#7 did the trick for me! Thx Uli

Vadim (vadikgo) wrote :

all comands:
$ sudo -i
# export https_proxy="http://192.168.1.7:3128"
# export http_proxy="http://192.168.1.7:3128"
# sed -i 's/"keyserver.ubuntu.com"/"hkp:\/\/keyserver.ubuntu.com:80"/' /usr/share/pyshared/softwareproperties/ppa.py
# LANG=C add-apt-repository ppa:libreoffice/ppa

tags: added: apt proxy
Brian Murray (brian-murray) wrote :

Natty now has hkp://keyserver.ubuntu.com:80 in softwareproperties/ppa.py so I believe this is resolved. If not please reopen the bug report. Thanks in advance.

Changed in software-properties (Ubuntu):
status: Confirmed → Fix Released
papukaija (papukaija) on 2011-03-14
tags: added: maverick
removed: apt proxy
Mobman02 (mobman02) wrote :

Have the same issue with Natty,

I had to add http_proxy and https_proxy to my bashrc,
and doing the #7 trick (adding https_proxy to the list).

Andrea Amoroso (heiko81) wrote :

I'm using Natty..to resolve my proxy problem I had to do the #7 and #13 tricks..
so I did like this..

$sudo visudo
then add the following lines
   Defaults env_keep="http_proxy"
   Defaults env_keep="https_proxy"

then:

  $ sudo bash
  # export https_proxy=http://[username:password@]www.proxy.com:8000/
  # add-apt-repository ppa:<whatever>

p.s. I used the ip of my proxy instead of its dns name..

Andrea Amoroso (heiko81) wrote :

the last trick (#18) was to solve the error for the command apt-add-repository..

to solve the apt-get update error, I did this..

sudo gedit /etc/apt/apt.conf

and there I fixed the proxy lines like this..

Acquire::http::proxy "http://username:password@proxy-ip:port/";
Acquire::ftp::proxy "ftp://username:password@proxy-ip:port/";
Acquire::https::proxy "https://username:password@proxy-ip:port/";

now everything works..and I can add repositories and update the way I like it..

don't know if this bug should be reopened, at least for Natty..

Taylor Braun-Jones (nocnokneo) wrote :

Setting https_proxy worked for me. It sounds like the real source of confusion surrounding this issue is that the default /etc/sudoers configuration does not pass through http_proxy, https_proxy, ftp_proxy, all_proxy, etc (see bug #556293).

CEMI (cemiquejasweb) wrote :

I got it to work, doing the following:

In "/ etc / bash.bashrc" I have:

export http_proxy = http://proxy.aytomalaga.intranet:3128/
export https_proxy = http://proxy.aytomalaga.intranet:3128/

With "sudo visudo"

Defaults env_keep = "http_proxy https_proxy"

Unlike the proposed "Andrea Amoroso (heiko81)", "env_keep" must be a single line.

David Pérez (sanete) wrote :

I have added this with sudo visudo, in order to avoid future problems:

Defaults env_keep="http_proxy"
Defaults env_keep="https_proxy"
Defaults env_keep="all_proxy"
Defaults env_keep="ftp_proxy"
Defaults env_keep="no_proxy"
Defaults env_keep="socks_proxy"

It would be interesting that these entries could be added by default in a fresh Ubuntu installation.

papukaija (papukaija) wrote :

Unduplicating as a fixed bug can't be a duplicate of an unfixed bug.

Eduard Gotwig (gotwig) wrote :

NOT fixed for Ubuntu 12.04

papukaija (papukaija) wrote :

@Eduard: You are probably reproducing bug 443404. If not, please open a new bug for your issue. Thanks in advance.

security vulnerability: no → yes
papukaija (papukaija) wrote :

@Sandeep: This bug is fixed and has never been a security vulnerability. Please open a new bug if you still have issues with apt. Thanks.

security vulnerability: yes → no
Nithin C (nithin-aneesh) wrote :

This bug is fixed and apt-add-repository is working behind a proxy.

Max Chu (chu-shekwai) wrote :

I have this bug too, how do i fix it?

Ian Wells (ijw-ubuntu) wrote :

My issue with this is that I think apt-add-repository should respect the http proxy settings in /etc/apt/apt.conf (or should have its own proxy settings if that's preferable), rather than explicitly requiring the proxy to be supplied in the environment.

Also, for those that have issues with the way that 'sudo' deliberately doesn't pass environment variables:

sudo env http_proxy=http://my-proxy:8080/ https_proxy=http://my-proxy:8080/ apt-add-repository ...

Confirming; this would work and is fixed at least in Quantal:

- Sudo keeps the http_proxy, https_proxy, all_proxy, etc. environment variables.
- https_proxy is required by add-apt-repository to access Launchpad.
- http_proxy is required by add-apt-repository/apt-key/gpg to retrieve the PPA signing keys.

You'll have to make sure to set both http_proxy and https_proxy to be able to use add-apt-repository.

kenorb (kenorb) wrote :

Doesn't work for me, because I've @ sign in my username.

sudo env http_proxy="http://<email address hidden>@165.222.x.x/ https_proxy="https://<email address hidden>@165.222.x.x/ add-apt-repository ppa:ubuntu-wine/ppa

Traceback (most recent call last):
  File "/usr/bin/add-apt-repository", line 125, in <module>
    ppa_info = get_ppa_info_from_lp(user, ppa_name)
  File "/usr/lib/python2.7/dist-packages/softwareproperties/ppa.py", line 80, in get_ppa_info_from_lp
    curl.perform()
pycurl.error: (5, "Couldn't resolve proxy 'domain.com'")

Brian Murray (brian-murray) wrote :

kenorb - could you please open a new bug report for your issue? Thanks in advance.

larov kh (nafes-m) wrote :

asd-apt-repository ppa:swift-core/ppa
Cannot access PPA (https://launchpad.net/api/1.0/~swift-core/+archive/ppa) to get PPA information, please check your internet connection

Guys! can anyone tell me what im doing wrong here

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers