[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1035849: opam: `opam init` fails. Missing ca-certificates dependency, only listed as recommended

Package: opam
Version: 2.1.2-1
Severity: important
X-Debbugs-Cc: cuihtlauac.alvarado@gmail.com

Dear Maintainer,

   * What led up to the situation?

   Trying to install opam without recommended dependencies. Here is the
   command I used:

   sudo apt-get install -y --no-install-recommends opam

   * What exactly did you do (or not do) that was effective (or
     ineffective)?

   Once installed, to be usable, opam needs to be initialized. Here is
   the command:

   opam init 


   * What was the outcome of this action?

   Failure. Here is the full output (answering yes to all the questions)
   
$ opam init
No configuration file found, using built-in defaults.
Checking for available remotes: none.
  - you won't be able to use rsync and local repositories unless you install
    the rsync command on your system.
  - you won't be able to use git repositories unless you install the git
    command on your system.
  - you won't be able to use mercurial repositories unless you install the hg
    command on your system.
  - you won't be able to use darcs repositories unless you install the darcs
    command on your system.

[ERROR] Sandboxing is not working on your platform debian:
        "~/.opam/opam-init/hooks/sandbox.sh build sh -c echo SUCCESS
        >$TMPDIR/opam-sandbox-check-out && cat $TMPDIR/opam-sandbox-check-out;
        rm -f $TMPDIR/opam-sandbox-check-out" exited with code 1 "bwrap: No
        permissions to create new namespace, likely because the kernel does not
        allow non-privileged user namespaces. See <https://deb.li/bubblewrap>
        or <file:///usr/share/doc/bubblewrap/README.Debian.gz>."
Do you want to disable it?  Note that this will result in less secure package
builds, so please ensure that you have some other isolation mechanisms in place
(such as running within a container or virtual machine). [y/N] 
anonymous@ed86d6201383:~$ opam init 
No configuration file found, using built-in defaults.
Checking for available remotes: none.
  - you won't be able to use rsync and local repositories unless you install
    the rsync command on your system.
  - you won't be able to use git repositories unless you install the git
    command on your system.
  - you won't be able to use mercurial repositories unless you install the hg
    command on your system.
  - you won't be able to use darcs repositories unless you install the darcs
    command on your system.

[ERROR] Sandboxing is not working on your platform debian:
        "~/.opam/opam-init/hooks/sandbox.sh build sh -c echo SUCCESS
        >$TMPDIR/opam-sandbox-check-out && cat $TMPDIR/opam-sandbox-check-out;
        rm -f $TMPDIR/opam-sandbox-check-out" exited with code 1 "bwrap: No
        permissions to create new namespace, likely because the kernel does not
        allow non-privileged user namespaces. See <https://deb.li/bubblewrap>
        or <file:///usr/share/doc/bubblewrap/README.Debian.gz>."
Do you want to disable it?  Note that this will result in less secure package
builds, so please ensure that you have some other isolation mechanisms in place
(such as running within a container or virtual machine). [y/N] y

<><> Fetching repository information ><><><><><><><><><><><><><><><><><><><><><>
[ERROR] Could not update repository "default": OpamDownload.Download_fail(_,
        "Download command failed: \"/usr/bin/wget --content-disposition -t 3 -O
        /tmp/opam-833-815fca/index.tar.gz.part -U opam/2.1.2 --
        https://opam.ocaml.org/index.tar.gz\"; exited with code 5 \"ERROR: The
        certificate of 'opam.ocaml.org' doesn't have a known issuer.\"")
[ERROR] Initial download of repository failed.

   * What outcome did you expect instead?

   Exit success after some time and more output with the following last
   two lines:

Done.
# Run eval $(opam env --switch=default) to update the current shell environment

   * Additional notes

   ca-certificates listed in the report as installed because it was 
   pulled by the reportbug tool itself.

   I found this when trying to install opam in a debian container. In
   such a context the option --disable-sandboxing should be passed to
   opam init in order to remove warnings. 

   In order to avoid being asked question options -ya should be passed
   to opam init

-- System Information:
Debian Release: 12.0
  APT prefers testing-security
  APT policy: (500, 'testing-security'), (500, 'testing')
Architecture: amd64 (x86_64)

Kernel: Linux 5.19.0-41-generic (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_USER, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect

Versions of packages opam depends on:
ii  bubblewrap       0.8.0-2
ii  build-essential  12.9
ii  libc6            2.36-9
ii  libgcc-s1        12.2.0-14
ii  libglpk40        5.0-1
ii  libstdc++6       12.2.0-14
ii  opam-installer   2.1.2-1
ii  unzip            6.0-28
ii  wget             1.21.3-1+b2

Versions of packages opam recommends:
ii  ca-certificates  20230311
pn  darcs            <none>
pn  git              <none>
pn  m4               <none>
pn  mercurial        <none>
pn  ocaml            <none>
pn  rsync            <none>

Versions of packages opam suggests:
pn  opam-doc  <none>

-- no debconf information
Reply to: