[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#737085: apt: Apt downloads arch all packages from wrong repo/checks wrong checksum

Package: apt
Version: 0.9.15
Severity: important

In the sources I have my own bootstrap repository containing a lot of
(unstable) packages built for arm64, and plain debian unstable and saucy repos

apt-get install <arch-all-package>   (that is available in all 3 repos)
results in a size mismatch error. It seems that apt is using the
checksum from one repo but downloading the package from another.

The packages used is just an example it seems to be the same for any arch all package

(debian-arm64)# apt-cache policy x11proto-scrnsaver-dev
x11proto-scrnsaver-dev:
  Installed: (none)
  Candidate: 1.2.2-1
  Version table:
     1.2.2-1 0
        500 http://people.debian.org/~wookey/bootstrap/debianrepo2/ debianstrap/main arm64 Packages
        500 http://ftp.uk.debian.org/debian/ unstable/main amd64 Packages
        500 http://ports.ubuntu.com/ubuntu-ports/ saucy/main arm64 Packages

#apt-get install x11proto-scrnsaver-dev
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed:
  x11proto-scrnsaver-dev
0 upgraded, 1 newly installed, 0 to remove and 118 not upgraded.
Need to get 22.3 kB of archives.
After this operation, 106 kB of additional disk space will be used.
Get:1 http://ftp.uk.debian.org/debian/ unstable/main x11proto-scrnsaver-dev all 1.2.2-1 [22.3 kB]
Fetched 25.0 kB in 0s (1526 kB/s) 
E: Failed to fetch http://ftp.uk.debian.org/debian/pool/main/x/x11proto-scrnsaver/x11proto-scrnsaver-dev_1.2.2-1_all.deb  Size mismatch

wget http://ftp.uk.debian.org/debian/pool/main/x/x11proto-scrnsaver/x11proto-scrnsaver-dev_1.2.2-1_all.deb
wget http://people.debian.org/~wookey/bootstrap/debianrepo2/pool/main/x/x11proto-scrnsaver/x11proto-scrnsaver-dev_1.2.2-1_all.deb
This is the one from ftp.uk.debian.org:
(debian-arm64)# md5sum x11proto-scrnsaver-dev_1.2.2-1_all.deb
fc8b3d0bc4c7e7aefa0177d94382adc4  x11proto-scrnsaver-dev_1.2.2-1_all.deb
This is the one from people.debian.org:
(debian-arm64)# md5sum x11proto-scrnsaver-dev_1.2.2-1_all.deb.1 
842270da2db205f3819a4dbaf4a75658  x11proto-scrnsaver-dev_1.2.2-1_all.deb.1

looking in the packages files those numbers are correct:
/var/lib/apt/lists/ftp.uk.debian.org_debian_dists_unstable_main_binary-amd64_Packages
MD5sum: fc8b3d0bc4c7e7aefa0177d94382adc4
SHA1: 5660bef42accd401efc3a04056330a9e34cbaf2d
SHA256: 505bb5098c80355c4474df5c8b3677fe1fda74764a52a29f7afca8e3df0603ad

/var/lib/apt/lists/people.debian.org_%7ewookey_bootstrap_debianrepo2_dists_debianstrap_main_binary-arm64_Packages
SHA256: e00c64cd6cab5e0eef91fb18440ec78827aeeb6452f79f450fb37acaa16f7984
SHA1: 83177ab07be653b427cb3d0d94a05f47f4a49a87
MD5sum: 842270da2db205f3819a4dbaf4a75658

So there is no reason why it should be saying 'size mismatch'.
A clue may be that if we set some pinning the 'wrong' .deb gets downloaded:

# apt-cache policy x11proto-scrnsaver-dev
x11proto-scrnsaver-dev:
  Installed: (none)
  Candidate: 1.2.2-1
  Version table:
     1.2.2-1 0
       1001 http://people.debian.org/~wookey/bootstrap/debianrepo2/ debianstrap/main arm64 Packages
       550 http://ftp.uk.debian.org/debian/ unstable/main amd64 Packages
       500 http://ports.ubuntu.com/ubuntu-ports/ saucy/main arm64 Packages

# apt-get install x11proto-scrnsaver-dev
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed:
  x11proto-scrnsaver-dev
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 22.3 kB of archives.
After this operation, 106 kB of additional disk space will be used.
Get:1 http://ftp.uk.debian.org/debian/ unstable/main x11proto-scrnsaver-dev all 1.2.2-1 [22.3 kB]
Fetched 25.0 kB in 0s (0 B/s)
E: Failed to fetch http://ftp.uk.debian.org/debian/pool/main/x/x11proto-scrnsaver/x11proto-scrnsaver-dev_1.2.2-1_all.deb  Size mismatch

Should it not choose the repo with the highest pinning?
Is it getting the MD5SUM from one source but the binary from another?

If I remove 2 of the sources so that only one is available, then
x11proto-scrnsaver-dev is downloaded and installed OK.

#apt-get install  x11proto-scrnsaver-dev/debianstrap
still downloads the one from  http://ftp.uk.debian.org/debian/ and still gets the size mismatch
Specifying a codename just affects the version selection, not where it
is downloaded from (which would be fine if it checked the right checksum
:)

# apt-get install  x11proto-scrnsaver-dev/debianstrap 
Reading package lists... Done
Building dependency tree       
Reading state information... Done
Selected version '1.2.2-1' (Multiarch native-bootstrap packages:people.debian.org, Debian:unstable [all]) for 'x11proto-scrnsaver-dev'
The following NEW packages will be installed:
  x11proto-scrnsaver-dev
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 22.3 kB of archives.
After this operation, 106 kB of additional disk space will be used.
Get:1 http://ftp.uk.debian.org/debian/ unstable/main x11proto-scrnsaver-dev all 1.2.2-1 [22.3 kB]
Fetched 25.0 kB in 0s (0 B/s)                     
E: Failed to fetch http://ftp.uk.debian.org/debian/pool/main/x/x11proto-scrnsaver/x11proto-scrnsaver-dev_1.2.2-1_all.deb  Size mismatch

I'm not quite sure why I've not noticed this before.
I went back to apt 0.9.12.1 and that behaves just the same.



-- Package-specific info:

-- apt-config dump --

APT "";
APT::Architecture "arm64";
APT::Build-Essential "";
APT::Build-Essential:: "build-essential";
APT::Install-Recommends "1";
APT::Install-Suggests "0";
APT::NeverAutoRemove "";
APT::NeverAutoRemove:: "^firmware-linux.*";
APT::NeverAutoRemove:: "^linux-firmware$";
APT::NeverAutoRemove:: "^kfreebsd-image.*";
APT::NeverAutoRemove:: "^gnumach$";
APT::NeverAutoRemove:: "^gnumach-image.*";
APT::NeverAutoRemove:: "^linux-image-3.8.0-mustang_sw_1.08.12-beta_rc.jcm15$";
APT::NeverAutoRemove:: "^linux-image-extra-3.8.0-mustang_sw_1.08.12-beta_rc.jcm15$";
APT::NeverAutoRemove:: "^linux-signed-image-3.8.0-mustang_sw_1.08.12-beta_rc.jcm15$";
APT::NeverAutoRemove:: "^linux-backports-modules-.*-3.8.0-mustang_sw_1.08.12-beta_rc.jcm15$";
APT::NeverAutoRemove:: "^linux-headers-3.8.0-mustang_sw_1.08.12-beta_rc.jcm15$";
APT::Never-MarkAuto-Sections "";
APT::Never-MarkAuto-Sections:: "metapackages";
APT::Never-MarkAuto-Sections:: "restricted/metapackages";
APT::Never-MarkAuto-Sections:: "universe/metapackages";
APT::Never-MarkAuto-Sections:: "multiverse/metapackages";
APT::Never-MarkAuto-Sections:: "oldlibs";
APT::Never-MarkAuto-Sections:: "restricted/oldlibs";
APT::Never-MarkAuto-Sections:: "universe/oldlibs";
APT::Never-MarkAuto-Sections:: "multiverse/oldlibs";
APT::Architectures "";
APT::Architectures:: "arm64";
APT::Compressor "";                                                                                                             [70/1805]
APT::Compressor::. "";
APT::Compressor::.::Name ".";
APT::Compressor::.::Extension "";
APT::Compressor::.::Binary "";
APT::Compressor::.::Cost "1";
APT::Compressor::gzip "";
APT::Compressor::gzip::Name "gzip";
APT::Compressor::gzip::Extension ".gz";
APT::Compressor::gzip::Binary "gzip";
APT::Compressor::gzip::Cost "2";
APT::Compressor::gzip::CompressArg "";
APT::Compressor::gzip::CompressArg:: "-9n";
APT::Compressor::gzip::UncompressArg "";
APT::Compressor::gzip::UncompressArg:: "-d";
APT::Compressor::bzip2 "";
APT::Compressor::bzip2::Name "bzip2";
APT::Compressor::bzip2::Extension ".bz2";
APT::Compressor::bzip2::Binary "bzip2";
APT::Compressor::bzip2::Cost "3";
APT::Compressor::bzip2::CompressArg "";
APT::Compressor::bzip2::CompressArg:: "-9";
APT::Compressor::bzip2::UncompressArg "";
APT::Compressor::bzip2::UncompressArg:: "-d";
APT::Compressor::xz "";
APT::Compressor::xz::Name "xz";
APT::Compressor::xz::Extension ".xz";
APT::Compressor::xz::Binary "xz";
APT::Compressor::xz::Cost "4";
APT::Compressor::xz::CompressArg "";
APT::Compressor::xz::CompressArg:: "-6";
APT::Compressor::xz::UncompressArg "";
APT::Compressor::xz::UncompressArg:: "-d";
APT::Compressor::lzma "";
APT::Compressor::lzma::Name "lzma";
APT::Compressor::lzma::Extension ".lzma";                                                                                       [35/1805]
APT::Compressor::lzma::Binary "xz";
APT::Compressor::lzma::Cost "5";
APT::Compressor::lzma::CompressArg "";
APT::Compressor::lzma::CompressArg:: "--format=lzma";
APT::Compressor::lzma::CompressArg:: "-9";
APT::Compressor::lzma::UncompressArg "";
APT::Compressor::lzma::UncompressArg:: "--format=lzma";
APT::Compressor::lzma::UncompressArg:: "-d";
APT::Compressor::::Name "";
APT::Compressor::::Extension ".";
APT::Compressor::::Binary "";
APT::Compressor::::Cost "100";
APT::Compressor::::CompressArg "";
APT::Compressor::::CompressArg:: "-9";
APT::Compressor::::UncompressArg "";
APT::Compressor::::UncompressArg:: "-d";
Dir "/";
Dir::State "var/lib/apt/";
Dir::State::lists "lists/";
Dir::State::cdroms "cdroms.list";
Dir::State::mirrors "mirrors/";
Dir::State::extended_states "extended_states";
Dir::State::status "/var/lib/dpkg/status";
Dir::Cache "var/cache/apt/";
Dir::Cache::archives "archives/";
Dir::Cache::srcpkgcache "srcpkgcache.bin";
Dir::Cache::pkgcache "pkgcache.bin";
Dir::Etc "etc/apt/";
Dir::Etc::sourcelist "sources.list";
Dir::Etc::sourceparts "sources.list.d";
Dir::Etc::vendorlist "vendors.list";
Dir::Etc::vendorparts "vendors.list.d";
Dir::Etc::main "apt.conf";
Dir::Etc::netrc "auth.conf";
Dir::Etc::parts "apt.conf.d";
Dir::Etc::preferences "preferences";
Dir::Etc::preferencesparts "preferences.d";
Dir::Etc::trusted "trusted.gpg";
Dir::Etc::trustedparts "trusted.gpg.d";
Dir::Bin "";
Dir::Bin::methods "/usr/lib/apt/methods";
Dir::Bin::solvers "";
Dir::Bin::solvers:: "/usr/lib/apt/solvers";
Dir::Bin::dpkg "/usr/bin/dpkg";
Dir::Bin::bzip2 "/bin/bzip2";
Dir::Bin::xz "/usr/bin/xz";
Dir::Bin::lzma "/usr/bin/xz";
Dir::Media "";
Dir::Media::MountPath "/media/apt";
Dir::Log "var/log/apt";
Dir::Log::Terminal "term.log";
Dir::Log::History "history.log";
Dir::Ignore-Files-Silently "";
Dir::Ignore-Files-Silently:: "~$";
Dir::Ignore-Files-Silently:: "\.disabled$";
Dir::Ignore-Files-Silently:: "\.bak$";
Dir::Ignore-Files-Silently:: "\.dpkg-[a-z]+$";
Dir::Ignore-Files-Silently:: "\.save$";
Dir::Ignore-Files-Silently:: "\.orig$";
Acquire "";
Acquire::cdrom "";
Acquire::cdrom::mount "/media/cdrom/";
Acquire::Languages "";
Acquire::Languages:: "en";
Acquire::Languages:: "none";
DPkg "";
DPkg::Pre-Install-Pkgs "";
DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true";
CommandLine "";
CommandLine::AsString "apt-config dump";


-- (/etc/apt/preferences present, but not submitted) --
Package: *
Pin: release n=debianstrap
Pin-Priority: 1001

Package: *
Pin: release a=unstable
Pin-Priority: 550

-- /etc/apt/sources.list --
# more /etc/apt/sources.list
deb http://people.debian.org/~wookey/bootstrap/debianrepo2 debianstrap main
deb-src http://people.debian.org/~wookey/bootstrap/debianrepo2 debianstrap main

deb [arch=amd64] http://ftp.uk.debian.org/debian unstable main
deb-src http://ftp.uk.debian.org/debian unstable main

deb http://ports.ubuntu.com/ubuntu-ports/ saucy main
#deb-src http://ports.ubuntu.com/ubuntu-ports/ saucy main


-- System Information:
Debian Release: unstable
Architecture: arm64

Shell: /bin/sh linked to /bin/bash

Versions of packages apt depends on:
ii  debian-archive-keyring  2012.4
ii  gnupg                   1.4.15-1.1
ii  libapt-pkg4.12          0.9.15
ii  libc6                   2.17-97
ii  libgcc1                 1:4.8.2-4
ii  libstdc++6              4.8.2-4

apt recommends no packages.

Versions of packages apt suggests:
un  apt-doc     <none>
un  aptitude    <none>
ii  dpkg-dev    1.17.1
ii  python-apt  0.9.1
ii  xz-utils    5.1.1alpha+20120614

-- no debconf information
Reply to: