Bug #878901 ""Google, Inc” cannot be used as a trusted origin” : Bugs : unattended-upgrades package : Ubuntu

Jorge Castro (jorge) on 2011-10-20

Changed in unattended-upgrades (Ubuntu):
status:	New → Confirmed

Revision history for this message

Bruno Pereira (brunopereira81) wrote on 2011-10-20:

#1

Download full text (3.7 KiB)

sudo unattended-upgrades --dry-run --debug:

<--------------------------------------------------------------------------------------->
Using (as described in the source code readme file):

Unattended-Upgrade::Allowed-Origins {
"${distro_id} ${distro_codename}-security";
// "${distro_id} ${distro_codename}-updates";
// "${distro_id} ${distro_codename}-proposed";
// "${distro_id} ${distro_codename}-backports";
"origin=Google\, Inc.,suite=stable";
};

Output:

$sudo unattended-upgrade --dry-run --debug
Initial blacklisted packages:
Starting unattended upgrades script
Allowed origins are: ['o=Ubuntu,a=oneiric-security', 'o=origin=Google\\,,a=Inc.,suite=aArchive']
Checking: alsa-utils (["<Origin component:'main' archive:'oneiric-updates' origin:'Ubuntu' label:'Ubuntu' site:'nl.archive.ubuntu.com' isTrusted:True>"])
Traceback (most recent call last):
  File "/usr/bin/unattended-upgrade", line 770, in <module>
    main(options)
  File "/usr/bin/unattended-upgrade", line 577, in main
    is_allowed_origin(pkg,allowed_origins)):
  File "/usr/bin/unattended-upgrade", line 263, in is_allowed_origin
    if match_whitelist_string(allowed, origin):
  File "/usr/bin/unattended-upgrade", line 164, in match_whitelist_string
    for s in token.split("=")]
ValueError: too many values to unpack
<--------------------------------------------------------------------------------------->

<--------------------------------------------------------------------------------------->
Using previous reported configuration line:

Unattended-Upgrade::Allowed-Origins {
"${distro_id} ${distro_codename}-security";
// "${distro_id} ${distro_codename}-updates";
// "${distro_id} ${distro_codename}-proposed";
// "${distro_id} ${distro_codename}-backports";
"Google, Inc.:stable";
};

Output:

$sudo unattended-upgrade --dry-run --debug
Initial blacklisted packages:
Starting unattended upgrades script
Allowed origins are: ['o=Ubuntu,a=oneiric-security', 'o=Google, Inc.,a=stable']
Checking: alsa-utils (["<Origin component:'main' archive:'oneiric-updates' origin:'Ubuntu' label:'Ubuntu' site:'nl.archive.ubuntu.com' isTrusted:True>"])
Traceback (most recent call last):
  File "/usr/bin/unattended-upgrade", line 770, in <module>
    main(options)
  File "/usr/bin/unattended-upgrade", line 577, in main
    is_allowed_origin(pkg,allowed_origins)):
  File "/usr/bin/unattended-upgrade", line 263, in is_allowed_origin
    if match_whitelist_string(allowed, origin):
  File "/usr/bin/unattended-upgrade", line 164, in match_whitelist_string
    for s in token.split("=")]
ValueError: need more than 1 value to unpack

These are tested on 11.10 with updates pending after running apt-get update.

After running apt-get upgrade and getting them all installed this is the output:

Using readme file method:

$sudo unattended-upgrade --dry-run --debug
Initial blacklisted packages:
Starting unattended upgrades script
Allowed origins are: ['o=Ubuntu,a=oneiric-security', 'o=origin=Google\\,,a=Inc.,suite=stable']
pkgs that look like they should be upgraded:
Fetched 0 B in 0s (0 B/s)
blacklist:...

sudo unattended-upgrades --dry-run --debug:

<--------------------------------------------------------------------------------------->
Using (as described in the source code readme file):

Unattended-Upgrade::Allowed-Origins {
        "${distro_id} ${distro_codename}-security";
//      "${distro_id} ${distro_codename}-updates";
//      "${distro_id} ${distro_codename}-proposed";
//      "${distro_id} ${distro_codename}-backports";
        "origin=Google\, Inc.,suite=stable";
};

Output:

$sudo unattended-upgrade --dry-run --debug
Initial blacklisted packages: 
Starting unattended upgrades script
Allowed origins are: ['o=Ubuntu,a=oneiric-security', 'o=origin=Google\\,,a=Inc.,suite=aArchive']
Checking: alsa-utils (["<Origin component:'main' archive:'oneiric-updates' origin:'Ubuntu' label:'Ubuntu' site:'nl.archive.ubuntu.com' isTrusted:True>"])
Traceback (most recent call last):
  File "/usr/bin/unattended-upgrade", line 770, in <module>
    main(options)
  File "/usr/bin/unattended-upgrade", line 577, in main
    is_allowed_origin(pkg,allowed_origins)):
  File "/usr/bin/unattended-upgrade", line 263, in is_allowed_origin
    if match_whitelist_string(allowed, origin):
  File "/usr/bin/unattended-upgrade", line 164, in match_whitelist_string
    for s in token.split("=")]
ValueError: too many values to unpack
<--------------------------------------------------------------------------------------->

<--------------------------------------------------------------------------------------->
Using previous reported configuration line:

Unattended-Upgrade::Allowed-Origins {
        "${distro_id} ${distro_codename}-security";
//      "${distro_id} ${distro_codename}-updates";
//      "${distro_id} ${distro_codename}-proposed";
//      "${distro_id} ${distro_codename}-backports";
        "Google, Inc.:stable";
};

Output:

$sudo unattended-upgrade --dry-run --debug
Initial blacklisted packages: 
Starting unattended upgrades script
Allowed origins are: ['o=Ubuntu,a=oneiric-security', 'o=Google, Inc.,a=stable']
Checking: alsa-utils (["<Origin component:'main' archive:'oneiric-updates' origin:'Ubuntu' label:'Ubuntu' site:'nl.archive.ubuntu.com' isTrusted:True>"])
Traceback (most recent call last):
  File "/usr/bin/unattended-upgrade", line 770, in <module>
    main(options)
  File "/usr/bin/unattended-upgrade", line 577, in main
    is_allowed_origin(pkg,allowed_origins)):
  File "/usr/bin/unattended-upgrade", line 263, in is_allowed_origin
    if match_whitelist_string(allowed, origin):
  File "/usr/bin/unattended-upgrade", line 164, in match_whitelist_string
    for s in token.split("=")]
ValueError: need more than 1 value to unpack

These are tested on 11.10 with updates pending after running apt-get update.

After running apt-get upgrade and getting them all installed this is the output:

Using readme file method:

$sudo unattended-upgrade --dry-run --debug
Initial blacklisted packages: 
Starting unattended upgrades script
Allowed origins are: ['o=Ubuntu,a=oneiric-security', 'o=origin=Google\\,,a=Inc.,suite=stable']
pkgs that look like they should be upgraded: 
Fetched 0 B in 0s (0 B/s)                                                      
blacklist: []
InstCount=0 DelCount=0 BrokenCout=0
No packages found that can be upgraded unattended

Using "Google, Inc.:stable"; instead:
$sudo unattended-upgrade --dry-run --debug
Initial blacklisted packages: 
Starting unattended upgrades script
Allowed origins are: ['o=Ubuntu,a=oneiric-security', 'o=Google, Inc.,a=stable']
pkgs that look like they should be upgraded: 
Fetched 0 B in 0s (0 B/s)                                                      
blacklist: []
InstCount=0 DelCount=0 BrokenCout=0
No packages found that can be upgraded unattended

No faults, still doesn't work as predicted.

Michael Vogt (mvo) on 2011-11-21

Changed in unattended-upgrades (Ubuntu):
importance:	Undecided → High
status:	Confirmed → In Progress
assignee:	nobody → Michael Vogt (mvo)

Revision history for this message

Michael Vogt (mvo) wrote on 2011-11-21:

#2

A workaround should be the origins pattern, but let me work on code to fixup the compat mode:

Unattended-Upgrade::Origins-Pattern {
"o=Google\, Inc.,suite=stable";
};

Revision history for this message

Michael Vogt (mvo) wrote on 2011-11-21:

#3

I created a testcase for this now, for me the following code works:

// Automatically upgrade packages from these (origin:archive) pairs
Unattended-Upgrade::Allowed-Origins {
"Google\, Inc.:stable";
"${distro_id}:${distro_codename}-security";
};

if it does not work for you, please wait until a new google-chrome-stable becomes availalbe, then please run:
$ apt-cache policy google-chrome-stable
and
$ sudo unattended-upgrades --debug --dry-run
and attach the output.

Thanks,
Michael

Changed in unattended-upgrades (Ubuntu):
status:	In Progress → Incomplete

Revision history for this message

Bruno Pereira (brunopereira81) wrote on 2011-11-22:

#4

Initial blacklisted packages:
Starting unattended upgrades script
Allowed origins are: ['o=Ubuntu,a=oneiric-security', 'o=partner,a=oneiric', 'o=Google\\, Inc.,a=stable']

The output looks different with this format but it runs successfully, now its just a mater of waiting and checking for an update I guess... Any way of installing an old version of chrome so it needs updating??? ;)

Revision history for this message

Wouter van Vliet (me-woutervanvliet) wrote on 2011-12-10:

#5

I can confirm that this fix works, thanks!

Revision history for this message

Bruno Pereira (brunopereira81) wrote on 2011-12-10:

#6

Have you actually had Chrome updated automatically by it or are you just saying that the output of an unattended dry run now works with a clean output?

Revision history for this message

Bruno Pereira (brunopereira81) wrote on 2011-12-14:

#7

Can confirm that this is the solution for the issue, the --dry-run runs, downloads the package, exists without faults.

The --debug run downloads the package and installs it.

Thanks, you can close this, its solved using that format.

Jorge Castro (jorge) on 2011-12-14

Changed in unattended-upgrades (Ubuntu):
status:	Incomplete → Fix Released

Ubuntu
unattended-upgrades package

"Google, Inc" cannot be used as a trusted origin

Bug Description

Other bug subscribers

Remote bug watches

Ubuntuunattended-upgrades package

"Google, Inc" cannot be used as a trusted origin

Bug Description

Other bug subscribers

Remote bug watches

Ubuntu
unattended-upgrades package