Ubuntu
apt package

1.3~pre2ubuntu2 regression: trusted.gpg.d not read any more from apt root

Bug #1607283 reported by Martin Pitt
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apt (Ubuntu)
Fix Released
Medium
Julian Andres Klode

Bug Description

The proposed apt is currently stuck (http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html#apt) as it causes a regression in apport: This causes several failures like

ERROR: test_install_package_from_a_ppa (__main__.T)
Install a package from a PPA.
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/apt/cache.py", line 462, in update
    pulse_interval)
apt_pkg.Error: W:GPG error: http://ppa.launchpad.net/brian-murray/ppa/ubuntu trusty InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 915A9DFB6AF4FEF1, E:The repository 'http://ppa.launchpad.net/brian-murray/ppa/ubuntu trusty InRelease' is not signed., W:Updating from such a repository can't be done securely, and is therefore disabled by default., W:See apt-secure(8) manpage for repository creation and user configuration details., W:GPG error: http://ddebs.ubuntu.com trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY C8CAB6595FDFF622, E:The repository 'http://ddebs.ubuntu.com trusty Release' is not signed.

This uses apt with a "sandbox" to be able to run apt with normal user privs without having to modify the system.

This can be reproduced using the attached sandbox dir. Unpack it in /tmp, then

    python3 -c 'import apt; c=apt.Cache(rootdir="/tmp/sandbox"); c.update()'

this works fine up to current yakkety (1.3~pre1), but breaks with the -proposed version:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/apt/cache.py", line 462, in update
    pulse_interval)
apt_pkg.Error: W:GPG error: http://ddebs.ubuntu.com trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY C8CAB6595FDFF622, E:The repository 'http://ddebs.ubuntu.com trusty Release' is not signed.

But the key is definitively present:

$ gpg --list-keys --keyring /tmp/sandbox/etc/apt/trusted.gpg.d/ddebs.ubuntu.com.gpg
/tmp/sandbox/etc/apt/trusted.gpg.d/ddebs.ubuntu.com.gpg
-------------------------------------------------------
pub 4096R/5FDFF622 2016-03-21 [expires: 2021-03-20]
uid Ubuntu Debug Symbol Archive Automatic Signing Key (2016) <email address hidden>

ProblemType: Bug
DistroRelease: Ubuntu 16.10
Package: apt 1.3~pre2ubuntu2
ProcVersionSignature: User Name 4.4.0-33.52-generic 4.4.15
Uname: Linux 4.4.0-33-generic x86_64
ApportVersion: 2.20.2-0ubuntu1
Architecture: amd64
Date: Thu Jul 28 11:35:19 2016
ProcEnviron:
 TERM=xterm-256color
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: apt
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Martin Pitt (pitti) wrote :
Revision history for this message
Martin Pitt (pitti) wrote :

FTR, some test cases (like test_install_old_packages) were my fault, and fixed in http://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3091 . But others like test_install_package_from_a_ppa should work, they install the GPG key in the current apport version already.

Revision history for this message
Julian Andres Klode (juliank) wrote :

On it.

Changed in apt (Ubuntu):
assignee: nobody → Julian Andres Klode (juliank)
importance: Undecided → Medium
status: New → Triaged
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apt - 1.3~pre2ubuntu4

---------------
apt (1.3~pre2ubuntu4) yakkety; urgency=medium

  * Cherry-pick the following commits from rebased branch:
    - gpgv: Unlink the correct temp file in error case
    - Allow to specify - as APT_CONFIG for stdin
    - gpgv: Pass current config to apt-key on a file-based stdin
   [This partially reverts ubuntu3]
   (LP: #1607283)

 -- Julian Andres Klode <email address hidden> Wed, 03 Aug 2016 14:52:04 +0000

Changed in apt (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.