Doing an strace shows many of these: --- SIGCHLD (Child exited) @ 0 (0) --- unlink("/var/lib/apt/lists/partial/ftp.debian.org_debian_dists_testing_Release.gpg") = -1 ENOENT (No such file or directory) stat64("/var/lib/apt/lists/ftp.debian.org_debian_dists_testing_Release.gpg", 0xbfab09b4) = -1 ENOENT (No such file or directory) unlink("/var/lib/apt/lists/partial/ftp.debian.org_debian_dists_unstable_Release.gpg") = -1 ENOENT (No such file or directory) stat64("/var/lib/apt/lists/ftp.debian.org_debian_dists_unstable_Release.gpg", 0xbfab09b4) = -1 ENOENT (No such file or directory) unlink("/var/lib/apt/lists/partial/ftp.debian.org_debian_dists_experimental_Release.gpg") = -1 ENOENT (No such file or directory) stat64("/var/lib/apt/lists/ftp.debian.org_debian_dists_experimental_Release.gpg", 0xbfab09b4) = -1 ENOENT (No such file or directory) So, in the update command, we are actually removing all the .gpg files. I noticed that even when I used the --simulate option, it still removes. 12:12:06 rrs@champaran:/var/lib/apt/lists $ ls *.gpg deb.opera.com_opera_dists_sid_Release.gpg mirrors.kernel.org_debian_dists_testing_Release.gpg deb.opera.com_opera_dists_testing_Release.gpg mirrors.kernel.org_debian_dists_unstable_Release.gpg dl.google.com_linux_deb_dists_stable_Release.gpg pkg- kde.alioth.debian.org_kdetrunk_dists_experimental_Release.gpg dl.google.com_linux_deb_dists_testing_Release.gpg pkg- kde.alioth.debian.org_kdetrunk_dists_sid_Release.gpg ftp.debian.org_debian_dists_experimental_Release.gpg security.debian.org_dists_testing_updates_Release.gpg ftp.debian.org_debian_dists_testing_Release.gpg www.debian- multimedia.org_dists_testing_Release.gpg ftp.debian.org_debian_dists_unstable_Release.gpg www.debian- multimedia.org_dists_unstable_Release.gpg mirrors.kernel.org_debian_dists_experimental_Release.gpg 12:12:10 rrs@champaran:/var/lib/apt/lists $ sudo apt-get -qq --print-uris -- simulate update 1>/dev/null 12:13:10 rrs@champaran:/var/lib/apt/lists $ ls *.gpg ls: cannot access *.gpg: No such file or directory Regards, Ritesh On Tuesday 19 Jan 2010 22:33:22 Ritesh Raj Sarraf wrote: > Package: apt > Version: 0.7.25 > Severity: normal > > Dear APT Devs, > > Following is a problem that I see from a apt-offline user perspective. > > > Step 1 > ====== > > 14:03:10 rrs@champaran:~ $ sudo aptitude update 1>/dev/null > > We want to update the apt database here. This is taken care in apt-offline > too. > > > Step 2 > ====== > > 14:04:19 rrs@champaran:~ $ sudo aptitude upgrade > W: The "upgrade" command is deprecated; use "safe-upgrade" instead. > Reading package lists... Done > Building dependency tree > Reading state information... Done > Reading extended state information > Initializing package states... Done > Reading task descriptions... Done > Resolving dependencies... > Resolving dependencies... > The following packages have been kept back: > tex-common{a} texlive-base{a} texlive-common{a} texlive-doc-base{a} > texlive-fonts-recommended{a} texlive-latex-base{a} > texlive-latex-recommended{a} > The following NEW packages will be installed: > libbrlapi0.5{a} > The following packages will be upgraded: > apt-cross apt-file crash dhcp3-client dhcp3-common dpkg dpkg-cross > dpkg-dev dselect graphviz irb1.8 libart2.0-cil libcache-apt-perl > libdebian-dpkgcross-perl libdmx-dev libdmx1 libgconf2.0-cil libgmp3-dev > libgmp3c2 libgmpxx4ldbl libgnome-vfs2.0-cil libgnome2.24-cil libgraphviz4 > libndesk-dbus-glib1.0-cil libndesk-dbus1.0-cil libopenssl-ruby1.8 > libreadline-ruby1.8 libruby1.8 libthai-data libthai0 libxxf86dga-dev > libxxf86dga1 libxxf86vm-dev libxxf86vm1 module-assistant python-beaker > python3.1 python3.1-dbg python3.1-doc python3.1-examples python3.1-minimal > qemu qemu-system qemu-user qemu-utils ruby1.8 user-mode-linux > x11proto-dmx-dev x11proto-fixes-dev x11proto-xf86bigfont-dev > x11proto-xf86dga-dev x11proto-xf86vidmode-dev xinput > 53 packages upgraded, 1 newly installed, 0 to remove and 8 not upgraded. > Need to get 15.0MB/58.4MB of archives. After unpacking 1,683kB will be > used. Do you want to continue? [Y/n/?] > Writing extended state information... Done > Get:1 http://ftp.debian.org testing/main libgraphviz4 2.20.2-7 [535kB] > 0% [1 libgraphviz4 77828/535kB 14%]^C > > > So the APT database is updated and it shows that there are a bunch of > packages that need to be downloaded. Point to note is that at this stage, > the apt database is GPG clean. > > > Step 3 > ====== > > 14:05:55 rrs@champaran:~ $ sudo apt-get --print-uris upgrade > Reading package lists... Done > Building dependency tree > Reading state information... Done > The following packages have been kept back: > qemu-system tex-common texlive-base texlive-common texlive-doc-base > texlive-fonts-recommended texlive-latex-base texlive-latex-recommended > The following packages will be upgraded: > apt-cross apt-file crash dhcp3-client dhcp3-common dpkg dpkg-cross > dpkg-dev dselect graphviz irb1.8 libart2.0-cil libcache-apt-perl > libdebian-dpkgcross-perl libdmx-dev libdmx1 libgconf2.0-cil libgmp3-dev > libgmp3c2 libgmpxx4ldbl libgnome-vfs2.0-cil libgnome2.24-cil libgraphviz4 > libndesk-dbus-glib1.0-cil libndesk-dbus1.0-cil libopenssl-ruby1.8 > libreadline-ruby1.8 libruby1.8 libthai-data libthai0 libxxf86dga-dev > libxxf86dga1 libxxf86vm-dev libxxf86vm1 module-assistant python-beaker > python3.1 python3.1-dbg python3.1-doc python3.1-examples python3.1-minimal > qemu qemu-user qemu-utils ruby1.8 user-mode-linux x11proto-dmx-dev > x11proto-fixes-dev x11proto-xf86bigfont-dev x11proto-xf86dga-dev > x11proto-xf86vidmode-dev xinput The following packages will be DOWNGRADED: > apt-offline > 52 upgraded, 0 newly installed, 1 downgraded, 0 to remove and 8 not > upgraded. Need to get 15.0MB/46.9MB of archives. > After this operation, 1,434kB of additional disk space will be used. > Do you want to continue [Y/n]? y > 'http://ftp.debian.org/debian/pool/main/g/graphviz/libgraphviz4_2.20.2-7_i3 > 86.deb' libgraphviz4_2.20.2-7_i386.deb 535016 > SHA256:b65b11adc0821a87525834e69f075fd444c060f07e39983086958cdbac400ff0 > ....snipped... > > > This is what apt-offline calls internally to get the list of packages that > need to be downloaded. So, as we see here, the APT database is still GPG > clean. There are no complains about the authenticity of the pacakge > database. > > > Step 4 > ====== > > 14:06:18 rrs@champaran:~ $ sudo aptitude upgrade > W: The "upgrade" command is deprecated; use "safe-upgrade" instead. > Reading package lists... Done > Building dependency tree > Reading state information... Done > Reading extended state information > Initializing package states... Done > Writing extended state information... Done > Reading task descriptions... Done > Resolving dependencies... > Resolving dependencies... > The following packages have been kept back: > tex-common{a} texlive-base{a} texlive-common{a} texlive-doc-base{a} > texlive-fonts-recommended{a} texlive-latex-base{a} > texlive-latex-recommended{a} > The following NEW packages will be installed: > libbrlapi0.5{a} > The following packages will be upgraded: > apt-cross apt-file crash dhcp3-client dhcp3-common dpkg dpkg-cross > dpkg-dev dselect graphviz irb1.8 libart2.0-cil libcache-apt-perl > libdebian-dpkgcross-perl libdmx-dev libdmx1 libgconf2.0-cil libgmp3-dev > libgmp3c2 libgmpxx4ldbl libgnome-vfs2.0-cil libgnome2.24-cil libgraphviz4 > libndesk-dbus-glib1.0-cil libndesk-dbus1.0-cil libopenssl-ruby1.8 > libreadline-ruby1.8 libruby1.8 libthai-data libthai0 libxxf86dga-dev > libxxf86dga1 libxxf86vm-dev libxxf86vm1 module-assistant python-beaker > python3.1 python3.1-dbg python3.1-doc python3.1-examples python3.1-minimal > qemu qemu-system qemu-user qemu-utils ruby1.8 user-mode-linux > x11proto-dmx-dev x11proto-fixes-dev x11proto-xf86bigfont-dev > x11proto-xf86dga-dev x11proto-xf86vidmode-dev xinput > 53 packages upgraded, 1 newly installed, 0 to remove and 8 not upgraded. > Need to get 15.0MB/58.4MB of archives. After unpacking 1,683kB will be > used. Do you want to continue? [Y/n/?] > Writing extended state information... Done > Get:1 http://ftp.debian.org testing/main libgraphviz4 2.20.2-7 [535kB] > 0% [1 libgraphviz4 120671/535kB 22%]^C > > Same goes here. The APT database is still GPG clean. There are no complains > about the authenticity of the pacakge database. > > > Step 5 > ====== > > 14:06:36 rrs@champaran:~ $ sudo apt-get -qq --print-uris update > 'http://mirrors.kernel.org/debian/dists/testing/main/binary-i386/Packages.b > z2' mirrors.kernel.org_debian_dists_testing_main_binary-i386_Packages 0 : > 'http://mirrors.kernel.org/debian/dists/testing/contrib/binary-i386/Packag > es.bz2' > mirrors.kernel.org_debian_dists_testing_contrib_binary-i386_Packages 0 : > ....snipped... > > > Now assume, you repeat Step 3, this time asking for update uris. > > > Step 6 > ====== > > 14:06:50 rrs@champaran:~ $ sudo aptitude upgrade > W: The "upgrade" command is deprecated; use "safe-upgrade" instead. > Reading package lists... Done > Building dependency tree > Reading state information... Done > Reading extended state information > Initializing package states... Done > Writing extended state information... Done > Reading task descriptions... Done > Resolving dependencies... > Resolving dependencies... > The following packages have been kept back: > tex-common{a} texlive-base{a} texlive-common{a} texlive-doc-base{a} > texlive-fonts-recommended{a} texlive-latex-base{a} > texlive-latex-recommended{a} > The following NEW packages will be installed: > libbrlapi0.5{a} > The following packages will be upgraded: > apt-cross apt-file crash dhcp3-client dhcp3-common dpkg dpkg-cross > dpkg-dev dselect graphviz irb1.8 libart2.0-cil libcache-apt-perl > libdebian-dpkgcross-perl libdmx-dev libdmx1 libgconf2.0-cil libgmp3-dev > libgmp3c2 libgmpxx4ldbl libgnome-vfs2.0-cil libgnome2.24-cil libgraphviz4 > libndesk-dbus-glib1.0-cil libndesk-dbus1.0-cil libopenssl-ruby1.8 > libreadline-ruby1.8 libruby1.8 libthai-data libthai0 libxxf86dga-dev > libxxf86dga1 libxxf86vm-dev libxxf86vm1 module-assistant python-beaker > python3.1 python3.1-dbg python3.1-doc python3.1-examples python3.1-minimal > qemu qemu-system qemu-user qemu-utils ruby1.8 user-mode-linux > x11proto-dmx-dev x11proto-fixes-dev x11proto-xf86bigfont-dev > x11proto-xf86dga-dev x11proto-xf86vidmode-dev xinput > 53 packages upgraded, 1 newly installed, 0 to remove and 8 not upgraded. > Need to get 15.0MB/58.4MB of archives. After unpacking 1,683kB will be > used. Do you want to continue? [Y/n/?] > WARNING: untrusted versions of the following packages will be installed! > > Untrusted packages could compromise your system's security. > You should only proceed with the installation if you are certain that > this is what you want to do. > > apt-cross dhcp3-client irb1.8 python-beaker module-assistant > x11proto-xf86dga-dev qemu-user libgconf2.0-cil libxxf86vm1 qemu-system > libgmp3-dev qemu libart2.0-cil libxxf86dga-dev dhcp3-common > libgnome2.24-cil libndesk-dbus1.0-cil python3.1 libdmx-dev > python3.1-minimal ruby1.8 python3.1-examples libdmx1 apt-file xinput > libgmpxx4ldbl libbrlapi0.5 x11proto-dmx-dev libxxf86dga1 libgmp3c2 > x11proto-xf86bigfont-dev libdebian-dpkgcross-perl libthai0 dpkg > python3.1-dbg python3.1-doc x11proto-fixes-dev dpkg-dev dpkg-cross > libcache-apt-perl libthai-data x11proto-xf86vidmode-dev crash qemu-utils > libndesk-dbus-glib1.0-cil libxxf86vm-dev libruby1.8 libgnome-vfs2.0-cil > libgraphviz4 libopenssl-ruby1.8 libreadline-ruby1.8 graphviz > user-mode-linux dselect > > Do you want to ignore this warning and proceed anyway? > To continue, enter "Yes"; to abort, enter "No": ^C > > > > And now you again call apt-get/aptitude upgrade. And at this point, the APT > database is not GPG clean. > > > Any particular reason for doing this ? We instructed apt-get to use > --print-uris in Step 5 but looks like it goes ahead and alters the APT > database at that point. > > I rely on the --print-uris option in apt-offline. If the user uses the > --print-uris option with the update command, they get a fake impression > that the APT database is not GPG clean. > > Can/Should this be changed to not touch the database when using > --print-uris ? Or is there another way I should handle it ? > -- Ritesh Raj Sarraf RESEARCHUT - http://www.researchut.com "Necessity is the mother of invention."
Attachment:
signature.asc
Description: This is a digitally signed message part.