Your message dated Fri, 15 May 2015 05:47:15 +0200 with message-id <20150515034715.GE15828@mraw.org> and subject line Re: Bug#770538: debootstrap: Sometimes fail with "Invalid Release signature" using default mirror has caused the Debian Bug report #770538, regarding debootstrap: Sometimes fail with "Invalid Release signature" using default mirror to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 770538: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770538 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: debootstrap: Sometimes fail with "Invalid Release signature" using default mirror
- From: Petter Reinholdtsen <pere@hungry.com>
- Date: Sat, 22 Nov 2014 08:46:50 +0100
- Message-id: <2fl7fynisnp.fsf@diskless.uio.no>
Package: debootstrap Version: 1.0.48 Severity: important Some times, when trying to build a chroot, debootstrap fail like this when using the default mirror: I: Retrieving Release I: Retrieving Release.gpg I: Checking Release signature E: Invalid Release signature (key id 8B48AD6246925553) When I retry, it normally succeed. The default mirror for debootstrap is <URL: http://ftp.us.debian.org/debian >, which at my place map to ftp.us.debian.org has address 64.50.233.100 ftp.us.debian.org has address 64.50.236.52 ftp.us.debian.org has address 128.61.240.89 ftp.us.debian.org has IPv6 address 2610:148:1f10:3::89 I reported this earlier to mirrors@debian.org, believing this was a problem with a mirror, and Simon Paillard noted that the invalid signature key is actually the end of the valid key: pub 4096R/46925553 2012-04-27 Debian Archive Automatic Signing Key (7.0/wheezy) <ftpmaster@debian.org> fingerprint: A1BD 8E9D 78F7 FE5C 3E65 D8AF 8B48 AD62 4692 5553 A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553 8B48AD6246925553 It has happend to myself, and I have also seen it happen on the ci.debian.net machine and today I saw it with jenkins.debian.net too. Here are a few example logs: <URL: http://ci.debian.net/data/packages/unstable/amd64/d/debian-edu/20140918_181104.autopkgtest.log > <URL: http://ci.debian.net/data/packages/unstable/amd64/f/freedombox-setup/20140930_043843.autopkgtest.log > <URL: https://jenkins.debian.net/job/chroot-installation_jessie_install_education-language/20//console > I suspect this isn't a problem with debootstrap, but it would be nice if debootstrap could report a bit more when this happen to make it possible to understand exactly which mirror was used when the problem hit. Could this be a problem with the mirror push, bad GPG parsing or DNS injection? The only bug I find with the same error message from debootstrap is <URL: https://bugs.debian.org/573791 > from 2010, which seem to be unrelated to this issue. -- Happy hacking Petter Reinholdtsen
--- End Message ---
--- Begin Message ---
- To: Petter Reinholdtsen <pere@hungry.com>, 770538-done@bugs.debian.org
- Subject: Re: Bug#770538: debootstrap: Sometimes fail with "Invalid Release signature" using default mirror
- From: Cyril Brulebois <kibi@debian.org>
- Date: Fri, 15 May 2015 05:47:15 +0200
- Message-id: <20150515034715.GE15828@mraw.org>
- In-reply-to: <2fl7fynisnp.fsf@diskless.uio.no>
- References: <2fl7fynisnp.fsf@diskless.uio.no>
Petter Reinholdtsen <pere@hungry.com> (2014-11-22): > > Package: debootstrap > Version: 1.0.48 > Severity: important > > Some times, when trying to build a chroot, debootstrap fail like this > when using the default mirror: > > I: Retrieving Release > I: Retrieving Release.gpg > I: Checking Release signature > E: Invalid Release signature (key id 8B48AD6246925553) > > When I retry, it normally succeed. The default mirror for debootstrap > is <URL: http://ftp.us.debian.org/debian >, which at my place map to > > ftp.us.debian.org has address 64.50.233.100 > ftp.us.debian.org has address 64.50.236.52 > ftp.us.debian.org has address 128.61.240.89 > ftp.us.debian.org has IPv6 address 2610:148:1f10:3::89 > > I reported this earlier to mirrors@debian.org, believing this was a > problem with a mirror, and Simon Paillard noted that the invalid > signature key is actually the end of the valid key: > > pub 4096R/46925553 2012-04-27 Debian Archive Automatic Signing Key > (7.0/wheezy) <ftpmaster@debian.org> > fingerprint: A1BD 8E9D 78F7 FE5C 3E65 D8AF 8B48 AD62 4692 5553 > > A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553 > 8B48AD6246925553 > > It has happend to myself, and I have also seen it happen on the > ci.debian.net machine and today I saw it with jenkins.debian.net too. > Here are a few example logs: > > <URL: http://ci.debian.net/data/packages/unstable/amd64/d/debian-edu/20140918_181104.autopkgtest.log > > <URL: http://ci.debian.net/data/packages/unstable/amd64/f/freedombox-setup/20140930_043843.autopkgtest.log > > <URL: https://jenkins.debian.net/job/chroot-installation_jessie_install_education-language/20//console > > > I suspect this isn't a problem with debootstrap, but it would be nice if > debootstrap could report a bit more when this happen to make it possible > to understand exactly which mirror was used when the problem hit. > > Could this be a problem with the mirror push, bad GPG parsing or DNS > injection? > > The only bug I find with the same error message from debootstrap is > <URL: https://bugs.debian.org/573791 > from 2010, which seem to be > unrelated to this issue. You have --verbose, which would call wget without -q, leaving you with wget traces in debootstrap.log debootstrap isn't a network debugging tool so I don't think it's going to get more than that; closing accordingly. Mraw, KiBi.Attachment: signature.asc
Description: Digital signature
--- End Message ---