[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#836310: marked as done (problems with ftp.skolelinux.org/wheezy)

Your message dated Fri, 2 Sep 2016 11:16:53 +0000
with message-id <20160902111653.GB14863@layer-acht.org>
and subject line Re: Bug#836310: problems with ftp.skolelinux.org/wheezy
has caused the Debian Bug report #836310,
regarding problems with ftp.skolelinux.org/wheezy
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
836310: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=836310
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
package: src:debian-edu-install
severity: important
x-debbugs-cc: Peter Dreuw <peter.dreuw@credativ.de>, Dominik George <nik@naturalnet.de>

Hi,

please see inline for some questions to this bug report…

+first of all, let me say I'm surprised noone else noticed this before.
Can someone reproduce this issue?

Also: this issue can only be seen for wheezy but not for squeeze?

On Wed, Aug 24, 2016 at 09:30:22AM +0200, Peter Dreuw wrote:
> Dear Skolelinux community,
> 
> we attempted to upgrade a Skolelinx server from Squeeze to Wheezy (and
> planned to progress to Jessie later on, of course) and run into the
> following issue. As an example, I'd like to pick the "slbackup" package:
> 
> 
> md5sum says:
> 
> ~> md5sum slbackup_0.0.12-5~edu70+1_all.deb
> *7e72a33d83d3185abe66278c1b01b67e* slbackup_0.0.12-5~edu70+1_all.deb
> 
> but
> http://ftp.skolelinux.org/skolelinux/dists/wheezy/local/binary-amd64/Packages
> states
> 
> MD5sum: *83d3185abe66278c1b01b67e98d69f57*
> SHA1: a23c8598901c18fa16dc18128e6b668ef2de7f61
> SHA256: 4dc74d5da14c7b8d5bcc55fcfc40660991255d074142d9f0b2461e3200000000
> 
> Only the SHA512 value matches the one we calculated locally, MD5, SHA1
> and SHA256 are screwed.

this *really* puzzles me, either all hashes should match or none…
 
> There is an indication that there might be somewhere something broken
> with string manipulation as e.g. the MD5 sums we got match a substring
> of the one given on the project web page. This gets more obvious if
> written like this:
> 
> 7e72a33d *83d3185abe66278c1b01b67e*
> 
> ........ *83d3185abe66278c1b01b67e*  98d69f57
> 
> 
> I picked a few more Skolelinux Wheezy packages and all of them showed
> the same issue with the hashes. I suspect that there is a bug in the
> packaging tool chain the project team might not be aware of.
> 
> Without a working upstream repository, an upgrade won't be possible.

I guess you could still continue upgrading and go to jessie (via
upgrading to wheezy) - jessie doesnt use ftp.skolelinux.org anymore and
instead *only* uses packages from ftp.debian.org…

> Some questions arise for me:
> 
> * Is that issue already known?
> * if so, are there any solutions proposed?
> * is this the right place to ask and if not, who else should I ask?
> 
> Thank you all in advance
> and best regards
> 
> Peter Dreuw


-- 
cheers,
	Holger

Attachment: signature.asc
Description: Digital signature


--- End Message ---
--- Begin Message --- 
On Fri, Sep 02, 2016 at 12:39:29PM +0200, Petter Reinholdtsen wrote:
> Fixed.  As we discussed on IRC, this was caused by a large "upload speed
> testing" file being left in our upload directory.  Holger removed it and
> I disabled upload, as we do not need to upload into ftp.skolelinux.no
> using anonymous ftp.

this file was from 2014 also…

(and then dak put it back into morgue each day which let the /opt
paritition overflow each day agai…)

and the daks caches were wrong, so I deleted the cache, and ran dinstall
again, which fixed it.

what still surprises me, is why the cache had wrong info at all, as a
packages checksum *never* changes… and why it was correct for
sha512sums, but wrong for all the other checksums.

oh, well. 

I'm happy we have disabled uploads now, which matches our development
reality of working+uploading to the main Debian archive for jessie and
stretch (and beyond).

So AIUI the only thing (besides supporting wheezy (and older) installs we
need the host a.s.n for is to build cd-images, which we will hopefully
overcome soon too.

for this to happen, https://wiki.debian.org/DebianEdu/Status/Stretch
should start to mention test results for both .iso images build on
cd-master.debian.org as well as the old ones on ftp.skolelinux.org.
(currently the status page only describes the latter).

I'll now file a bug to remove the debian-edu-archive-keyring package
from sid and stretch.

yay!

(and for the record, theoretically we might still want to be able to
upload wheezy packages to our old archive, to fix bugs. but in practice
we haven't done this for the last 2 years, also because our wheezy
archive only contains five packages (see
http://ftp.skolelinux.org/skolelinux/wheezy_needs_love.html) and then,
we could also just upload those fixes to Debian wheezy LTS :-)


Thanks to pere, zobel, Ganneff & Myon for helping me debugging and
fixing this issue!

-- 
cheers,
	Holger

Attachment: signature.asc
Description: Digital signature


--- End Message ---
Reply to: