FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 04-10-2008, 02:36 AM
Nick Boyce
 
Default aptitude update "BADSIG" Error (getting silly now)

Nick Boyce wrote:

Florian Kulzer wrote:


On Mon, Mar 24, 2008 at 04:29:47 +0000, Nick Boyce wrote:

Just wondering whether anyone here understands the cause of the "BADSIG"
error from "aptitude update"

[...]
I'm inclined to agree with you about our proxy having a caching problem,
and I like your suggestion of using 'wget' to flush the proxy's cache
before the 'aptitude update'. It seems odd however, that such a problem
could exist (big company, commercial web proxy), and be solvable by just
repeating the download.


I will try the investigations you suggest :

[...]

The next time when the problem appears, make a backup copy of
/var/lib/apt/lists/security.debian.org_dists_etch_updates_Release.gpg
and check if the file has changed after you rerun "apt-get update"


Well here's a funny thing - I've added some debug code to our overnight
"aptitude update" script to save the above signature file *and* the
signed file itself whenever the BADSIG error occurs, both before and
after the rerun ... and on every occasion I find that *before* the rerun
(i.e. immediately after the BADSIG) the 'Release' file is missing
altogether ... no wonder the signature fails to verify. Here's what the
script saved over the last few days :


[The code creates a couple of folders in ~root called
"nick-aptupdate-debug-YYYYMMDD-HHMM-[before|after], and saves the two
files into the relevant folders]


MYBOX:~# ls -lR nick*

nick-aptupdate-debug-20080405-0310-after:
total 39
-rw-r--r-- 1 root root 37583 2008-04-04 21:27
security.debian.org_dists_etch_updates_Release
-rw-r--r-- 1 root root 189 2008-04-04 21:27
security.debian.org_dists_etch_updates_Release.gpg


nick-aptupdate-debug-20080405-0310-before:
total 38
-rw-r--r-- 1 root root 37583 2008-04-04 21:27
security.debian.org_dists_etch_updates_Release


nick-aptupdate-debug-20080408-0310-after:
total 39
-rw-r--r-- 1 root root 37583 2008-04-07 18:40
security.debian.org_dists_etch_updates_Release
-rw-r--r-- 1 root root 189 2008-04-07 18:40
security.debian.org_dists_etch_updates_Release.gpg


nick-aptupdate-debug-20080408-0310-before:
total 38
-rw-r--r-- 1 root root 37583 2008-04-07 18:40
security.debian.org_dists_etch_updates_Release


nick-aptupdate-debug-20080409-0310-after:
total 39
-rw-r--r-- 1 root root 37583 2008-04-08 22:37
security.debian.org_dists_etch_updates_Release
-rw-r--r-- 1 root root 189 2008-04-08 22:37
security.debian.org_dists_etch_updates_Release.gpg


nick-aptupdate-debug-20080409-0310-before:
total 38
-rw-r--r-- 1 root root 37583 2008-04-08 22:37
security.debian.org_dists_etch_updates_Release



The implication is the first "aptitude update" had in fact failed to
download the 'Release' file but *without noticing*. Two further
inferences are :


(1) the aptitude code isn't checking the exit status from 'wget' (I
assume it uses wget).


(2) the wget operation is in fact asynchronous, and by the time I rerun
- 5 seconds later - the wget for 'Release' has by then completed. This
is just a wild guess, and may be way off-target.


and perhaps :

(3) the aptitude 'Release(.gpg)'-fetching code is different for people
using a proxy than for people with a direct connection.



I need to look at the relevant "aptitude" source code now; I'm already
on a promise to Daniel to do that on account of another aptitude problem
I reported :

http://lists.debian.org/debian-user/2007/12/msg00937.html
http://lists.debian.org/debian-user/2007/12/msg00941.html
but very much regret I've been too snowed under to get on to it so far.

Just reporting progress, such as it is ...

Cheers
Nick Boyce
--
Leave the Olympics in Greece, where they belong.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-10-2008, 03:34 AM
Nick Boyce
 
Default aptitude update "BADSIG" Error (getting silly now)

I wrote:

> Two further inferences are :
>
(1) the aptitude code isn't checking the exit status from 'wget' (I
assume it uses wget).


(2) the wget operation is in fact asynchronous, and by the time I rerun
- 5 seconds later - the wget for 'Release' has by then completed. This
is just a wild guess, and may be way off-target.


Now I think about it a bit more I realise aptitude almost certainly
*isn't* using wget ... the proxy specification is in apt.conf, not
.wgetrc. Must be own code ....


Cheers
Nick Boyce
--
Leave the Olympics in Greece, where they belong.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 04-10-2008, 04:34 AM
Daniel Burrows
 
Default aptitude update "BADSIG" Error (getting silly now)

On Thu, Apr 10, 2008 at 03:34:12AM +0000, Nick Boyce <nick@glimmer.demon.co.uk> was heard to say:
> I wrote:
>
> > Two further inferences are :
> >
>> (1) the aptitude code isn't checking the exit status from 'wget' (I
>> assume it uses wget).
>>
>> (2) the wget operation is in fact asynchronous, and by the time I rerun
>> - 5 seconds later - the wget for 'Release' has by then completed. This
>> is just a wild guess, and may be way off-target.
>
> Now I think about it a bit more I realise aptitude almost certainly
> *isn't* using wget ... the proxy specification is in apt.conf, not
> .wgetrc. Must be own code ....

Yes, in methods/http.cc. The code that manages the overall download
process is in apt-pkg/acquire*.cc.

Daniel


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 11:36 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org