do-release-upgrade no longer works from lucid to precise

Status changed to 'Confirmed' because the bug affects multiple users.

I spent quite some time debugging this yesterday adding extra information on the logs and I finally found that it's a transient error due to the state of the remote mirror. Using archive.ubuntu.com makes no difference (I guess because it's not the mirror master).

Thus, after trying many times, do-release-upgrade eventually accepted all packages as trusted. Tried a couple of times more and it worked fine each time. A few minutes later it failed again. All this without any changes in the code, so the problem is that something is happening in the remote end that lucid doesn't like.

I also found that the workaround didn't work (I'm not sure why) so this is what I did:

 1. run do-release-upgrade and wait until it fails
 2. cd $(ls -trd /tmp/tmp* | tail -1)
 3. edit DistUpgradeCache.py and find the comment "check if the user overwrote the unauthenticated warning"
 4. add a new line below with "return True" that will avoid aborting and save the file
 5. run ./precise

Bug 1538299 is about packages being downgraded being disguised as unauthenticated ones. However, if I recall Louis's bug correctly nearly every package was unauthenticated which would be a surprising number of packages in L > P.

Note that the workaround given in the bug description works only for network upgrades: Attempting to use the `sudo sh /cdrom/cdromupgrade` route (using an alternate install dvd) will still fail.

I have the same issue. No release upgrade possible

Instead of modifying the code as described earlier you can also create a config file /etc/update-manager/release-upgrades.d/unauth.cfg with the following contents:

[Distro]
AllowUnauthenticated=true

@bjd The "AllowUnauthenticated=true" work-around did not work in my case, thus I had to patch the code as explained above.

With the risk of stating the obvious, allowing unauthenticated packages is not really an acceptable workaround.

It appears the public key for the precies-security and precise-updates package isn't available during the update. Adding it manually with

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv 40976EAF437D05B5

worked for all but one package, java-package, which I simply removed.

Confirmed comment #3 fixed my issue of upgrading from 10.04 to 12.04. I did have a number of 404 errors in the output, but the update manager seemed to have retrieved all that was necessary to do the upgrade. I had added the AllowUnauthenticated=true statement to /etc/update-manager/release-upgrades because there was no file in release-upgrades.d/ but doing so on its own, or before making the manual changes in post #3, would not work by itself. It seems that #3 would be sufficient without adding the AllowUna.. to any file anyways.

Yes #3 worked for me too.

The Precise Pangolin has reached end of life, so this bug will not be fixed for that release