Bug#657561: marked as done (apt-get chokes on bad files, needs manual intervention to fix the situation)

To: David Kalnischkies <david@kalnischkies.de>
Subject: Bug#657561: marked as done (apt-get chokes on bad files, needs manual intervention to fix the situation)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Wed, 12 Aug 2015 13:48:04 +0000
Message-id: <[🔎] handler.657561.D657561.143938716026173.ackdone@bugs.debian.org>
References: <20150812134553.GA12053@crossbow> <20120127001011.12680.61834.reportbug@nana>

Your message dated Wed, 12 Aug 2015 15:45:54 +0200
with message-id <20150812134553.GA12053@crossbow>
and subject line Re: apt-get chokes on bad files, needs manual intervention to fix the situation
has caused the Debian Bug report #657561,
regarding apt-get chokes on bad files, needs manual intervention to fix the situation
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
657561: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=657561
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: apt-get chokes on bad files, needs manual intervention to fix the situation
From: Evgeni Golov <evgeni@debian.org>
Date: Fri, 27 Jan 2012 01:10:11 +0100
Message-id: <20120127001011.12680.61834.reportbug@nana>

Package: apt
Version: 0.8.15.9
Severity: important

Heya,

I am currently sitting on a kinda crappy line (hotel WiFi, who guess)
and had some fun while trying to run my usual apt-get update tonight.

The WiFi seems to run a Squid in a sort of transparent setup.
Sort of because it forbids me access to dl.google.com and resolves
ftp.de.debian.org to a wrong IP (82.98.86.171). The funny thing
about that machine is, it returns the same page to any request, no 404,
no 502, no kitten.

Now the page ends up served as 'Packages', 'InRelease', the signatures etc.
Apt of course refuses to work, as it cannot check the signature.
But the problem is that apt never clears the bad signature file.
Every next run of apt-get will end up with a
W: GPG error: http://ftp.de.debian.org squeeze Release: The following signatures were invalid: BADSIG AED4B06F473041FA Debian Archive Automatic Signing Key (6.0/squeeze) <ftpmaster@debian.org>
as the signature file is still borked and of course cannot be verified.

Only the killing of the files in /var/lib/apt/lists/ brings apt back
to life.
This might have two outcomings for the user (as far I can think of,
you could for sure come up with more):
1. unexperienced user, uses some apt frontend → no way to get updates
2. MITM a machine updating the files and you prolly stop it from fetching
updates via cron

I hope there is some way to fix that.

Regards
Evgeni

-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages apt depends on:
ii debian-archive-keyring 2010.08.28
ii gnupg 1.4.11-3
ii libc6 2.13-24
ii libgcc1 1:4.6.2-12
ii libstdc++6 4.6.2-12
ii zlib1g 1:1.2.3.4.dfsg-3

apt recommends no packages.

Versions of packages apt suggests:
ii apt-doc <none>
ii aptitude 0.6.4-1.2
ii bzip2 1.0.6-1
ii dpkg-dev 1.16.1.2
ii python-apt 0.8.3
ii synaptic 0.75.4
ii xz-lzma [lzma] 5.1.1alpha+20110809-3

-- no debconf information

--- End Message ---

--- Begin Message ---

To: 657561-done@bugs.debian.org

Subject: Re: apt-get chokes on bad files, needs manual intervention to fix the situation

From: David Kalnischkies <david@kalnischkies.de>

Date: Wed, 12 Aug 2015 15:45:54 +0200

Message-id: <20150812134553.GA12053@crossbow>

In-reply-to: <20120127001011.12680.61834.reportbug@nana>

References: <20120127001011.12680.61834.reportbug@nana>
Version: 1.1~exp8

Hi,

On Fri, Jan 27, 2012 at 01:10:11AM +0100, Evgeni Golov wrote:
> Only the killing of the files in /var/lib/apt/lists/ brings apt back
> to life.

In debian/experimental we have rewitten the acquire system to work with files
more sanely, namely it moves files only in groups after they all passed instead
of individually, so that bad files can't end up in /var/lib/apt/lists anymore.

As this is the underlying problem I consider this bug fixed:
Case in point, the venue wifi at DebConf15 here had such an annoying login page
and the new version properly discarded it without destroying what I already
had on disk (now DebConf wifi is set up and I can update again properly ;) )
Hence, closing as done.


Best regards

David Kalnischkies
Attachment: signature.asc
Description: Digital signature

--- End Message ---

Reply to: