[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#838441: apt-get update fails with "Hash Sum mismatch", mixes hashes between tar.gz and tar file

(cc: David Kalnischkies as this may answer his question too)

Hello Pablo,

I run into the same issue when proxying my apt through apt-cacher-ng.
Not without any proxy in between.

It seems you're using a proxy, too:

> Acquire::http::Proxy "http://10.137.255.254:8082/";

Out of curiosity and hopefully narrowing down the issue: What kind of
proxy is this on your side?

You are right, there is a proxy and I failed to mention it. D'oh!

This report comes from a Qubes OS "Debian 8 template", which runs on a xen-based VM, and is just a regular Debian with some additional packages that allow the VMs based on this template to play nice on a Qubes OS system (allowing copy&paste between machines, handle block device sharing, etc).

They way Qubes OS works in terms of networking is that "application VMs" connect to internet through a "firewall VM", which has a WAN interface (the insecure one) connected to a "network VM". At the end, from the point of view of the VM I am reporting the issue from, it is like getting to the Internet through a Linux-based firewall and then a home router.

Qubes templates have a tinyproxy-based proxy that allows the update of the machines regardless of the firewall settings. Hence, they have the Acquire::http::Proxy "http://10.137.255.254:8082/" statement on their apt config files. This proxy config seems quite generic:

User tinyproxy
Group tinyproxy
Port 8082
Timeout 60
DefaultErrorFile "/usr/share/tinyproxy/default.html"
#StatHost "tinyproxy.stats"
StatFile "/usr/share/tinyproxy/stats.html"
Syslog On
LogLevel Notice
PidFile "/var/run/tinyproxy-updates/tinyproxy.pid"
MaxClients 50
MinSpareServers 2
MaxSpareServers 10
StartServers 2
MaxRequestsPerChild 0
DisableViaHeader Yes
Allow 127.0.0.1
Allow 10.137.0.0/16
ConnectPort 443

I will monitor syslog when performing the apt-get update and see if I can catch any special event.
So far, the same issue happens on my newer template, which is Debian 9-based, and is happening almost 50% of the time when the apt-lists are no longer valid. When it happens, repeating the 'apt-get update' command succeeds. 

Thanks for pointing out this "small" detail.
Regards,
///Pablo 
Reply to: