Bug#967908: awscli: python3-botocore dependency too permissive
Package: awscli
Version: 1.18.99-1
Severity: normal
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
The permissions of the awscli package call for python3-botocore (>=
1.12.103). This makes it possible to install the testing/unstable
version of the package on stable (buster). However, every invocation of
the 'aws' utility simply results in this error message:
- ---------------------------------------------------------
Credential named assume-role-with-web-identity not found.
- ---------------------------------------------------------
It seems that a newer python3-botocore package (at least 1.13.8) is
required with newer versions of awscli. References:
https://github.com/99designs/aws-vault/issues/442
https://github.com/boto/botocore/commit/02df351ce8e857b32997e749d81effc4ba86bc22#diff-dcd72ae45553af71f1ceafb2d4ee5dcf
Regards,
- -Roberto
- -- System Information:
Debian Release: 10.5
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.19.0-9-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8), LANGUAGE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages awscli depends on:
ii python3 3.7.3-1
ii python3-botocore 1.12.103+repack-1
ii python3-colorama 0.3.7-1
ii python3-docutils 0.14+dfsg-4
ii python3-pyasn1 0.4.2-3
ii python3-rsa 4.0-2
ii python3-s3transfer 0.2.0-1
ii python3-yaml 3.13-2
awscli recommends no packages.
awscli suggests no packages.
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEz9ERzDttUsU/BH8iLNd4Xt2nsg8FAl8pjVQACgkQLNd4Xt2n
sg+7Yw//dX28WPRwW5SIm4oFzJ9NGmo6qFT3Y0tTVlCHY6z5SIGvyr8MFkUP5cWJ
70dDOYxBHlrwtvxc11PfOtYkJzbnpubiGhzId5gCNrPfwvD0VvcqE0Xku4NfupMg
mYXDKE/yfiTt8nuJmZLqckX2ySa2xwGNYIlKJDbBhOGhkGwMji+v+0Yip/xD+5e2
T10YA4w62cqAwY9B4/s4+UTsxViFTFj9iz2hpwZ/mDJSCHrV+3rSC4V2kNhCIT6r
D+14A3OIKuUoM3H9lW3rUlVrfBcyxQ7H6xg97bTGWg8KNOuB8siG8lSGnsLjfJgb
NIt8/firxhG4vCc2F9wpCYbjQ8674tGj9+ojvRWDdAWmqBNA68qHXGtwg1RtKtbE
43nr6fpHjwH85MdlxpTyGIWpA76AdtPn2l+nxx1/SH39nQxhF7hNfJG37FAbqWG9
Ieh43PkFXEHGOM/xoLLtMDHd+lqnpTI1WPheqdrbpHVaHm235UHLreF85nCYrogd
YC8QKmcwnFbYEzphuDhr8wPK922iDUHcn/jUbg7nv4VZ4oWJQiIoHKd4TWRylvHB
9eOR0M7bwrs+xo0Oc6454n6Y07rZjsmSyw+bN2GWOz3VyZ+Y3LMOzuG7YtCo2BSQ
aWuhR1H7NQWE0rhU1J1qSeM9VWbuVahivSbouTh7bo6PPvKWJYc=
=+HzL
-----END PGP SIGNATURE-----
Reply to: