Devuan bug report logs - #172
apt-get dist-upgrade or aptitude full-upgrade on VM with Default-Release set to ascii results in attempt to update kernel to ceres version

Package: libapt-pkg5.0; Reported by: OmegaPhil <OmegaPhil@startmail.com>;
Date: Fri, 5 Jan 2018 18:03:01 UTC;
Tags: ascii;
Maintainer for libapt-pkg5.0 is (unknown).

View this report as an mbox folder.


Report forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#172; Package libapt-pkg5.0. Full text available.



Acknowledgement sent to OmegaPhil <OmegaPhil@startmail.com>:
New bug report received and forwarded. Copy sent to owner@bugs.devuan.org. Full text available.



Message received at submit@bugs.devuan.org:

To: submit@bugs.devuan.org
From: OmegaPhil <OmegaPhil@startmail.com>
Subject: apt-get dist-upgrade or aptitude full-upgrade on VM with
Date: Fri, 5 Jan 2018 17:41:57 +0000

[Message part 1 (text/plain, inline)]

Package: libapt-pkg5.0
Version: 1.4.8

When full-upgrading on a Devuan Ascii/Ceres VM, despite
'APT::Default-Release' set to 'ascii' in
'/etc/apt/apt.conf.d/00defaultrelease', the kernel from ceres is
starting to get fetched - it appears that libapt thinks there is no
'ascii' in the sources (error right at the start):

===============================================================

# sudo aptitude update
E: The value 'ascii' is invalid for APT::Default-Release as such a
release is not available in the sources
E: The value 'ascii' is invalid for APT::Default-Release as such a
release is not available in the sources
Get: 1 http://pkgmaster.devuan.org/merged jessie InRelease [22.2 kB]
Get: 2 http://10.1.0.3:3142/pkgmaster.devuan.org/devuan ascii-proposed
InRelease [122 kB]
Get: 3 http://pkgmaster.devuan.org/merged ascii InRelease [22.2 kB]
Get: 4 http://pkgmaster.devuan.org/merged ascii-updates InRelease [22.2
kB]
Get: 5 http://pkgmaster.devuan.org/merged ascii-security InRelease [21.6
kB]
Get: 6 http://pkgmaster.devuan.org/merged jessie/non-free Sources [99.7
kB]
Hit http://10.1.0.3:3142/pkgmaster.devuan.org/merged ceres InRelease

Get: 7 http://pkgmaster.devuan.org/merged jessie/main Sources [7,053 kB]
Get: 8 http://10.1.0.3:3142/packages.devuan.org/devuan experimental
InRelease [129 kB]
Get: 9 http://10.1.0.3:3142/pkgmaster.devuan.org/devuan
ascii-proposed/main amd64 Packages [19.1 kB]
Get: 10 http://10.1.0.3:3142/pkgmaster.devuan.org/devuan
ascii-proposed/main i386 Packages [19.1 kB]
Get: 11 http://pkgmaster.devuan.org/merged jessie/contrib Sources [50.5
kB]

Get: 12 http://pkgmaster.devuan.org/merged jessie/main amd64 Packages
[6,881 kB]

Get: 13 http://pkgmaster.devuan.org/merged jessie/main i386 Packages
[6,877 kB]

Get: 14 http://pkgmaster.devuan.org/merged jessie/contrib amd64 Packages
[49.9 kB]

Get: 15 http://pkgmaster.devuan.org/merged jessie/contrib i386 Packages
[49.3 kB]

Get: 16 http://pkgmaster.devuan.org/merged jessie/non-free i386 Packages
[81.0 kB]

Get: 17 http://pkgmaster.devuan.org/merged jessie/non-free amd64
Packages [84.2 kB]

Get: 18 http://pkgmaster.devuan.org/merged ascii/contrib Sources [44.7
kB]

Get: 19 http://pkgmaster.devuan.org/merged ascii/non-free Sources [79.8
kB]

Get: 20 http://pkgmaster.devuan.org/merged ascii/main Sources [6,753 kB]


Get: 21 http://pkgmaster.devuan.org/merged ascii/main amd64 Packages
[7,230 kB]

Get: 22 http://pkgmaster.devuan.org/merged ascii/main i386 Packages
[7,209 kB]

Get: 23 http://pkgmaster.devuan.org/merged ascii/contrib i386 Packages
[48.0 kB]

Get: 24 http://pkgmaster.devuan.org/merged ascii/contrib amd64 Packages
[51.0 kB]

Get: 25 http://pkgmaster.devuan.org/merged ascii/non-free amd64 Packages
[78.5 kB]

Get: 26 http://pkgmaster.devuan.org/merged ascii/non-free i386 Packages
[69.4 kB]

Get: 27 http://pkgmaster.devuan.org/merged ascii-updates/main Sources
[3,572 B]

Get: 28 http://pkgmaster.devuan.org/merged ascii-updates/main amd64
Packages [6,044 B]

Get: 29 http://pkgmaster.devuan.org/merged ascii-updates/main i386
Packages [6,020 B]

Get: 30 http://pkgmaster.devuan.org/merged ascii-security/contrib
Sources [940 B]
Get: 31 http://pkgmaster.devuan.org/merged ascii-security/main Sources
[95.3 kB]

Get: 32 http://pkgmaster.devuan.org/merged ascii-security/non-free
Sources [788 B]

Get: 33 http://pkgmaster.devuan.org/merged ascii-security/main i386
Packages [235 kB]

Get: 34 http://pkgmaster.devuan.org/merged ascii-security/main amd64
Packages [234 kB]

Get: 35 http://pkgmaster.devuan.org/merged ascii-security/contrib i386
Packages [1,372 B]

Get: 36 http://pkgmaster.devuan.org/merged ascii-security/contrib amd64
Packages [1,368 B]

Get: 37 http://pkgmaster.devuan.org/merged ascii-security/non-free i386
Packages [1,284 B]

Get: 38 http://pkgmaster.devuan.org/merged ascii-security/non-free amd64
Packages [1,284 B]

Fetched 43.8 MB in 3min 2s (240 kB/s)



Current status: 4 (+4) upgradable, 84219 (+84219) new.
There are 94 newly obsolete packages.
omega@devuan-testing-vm:~/files/source_code/kernel$ sudo aptitude
full-upgrade
The following NEW packages will be installed:
  apparmor{a} cpp-7{a} gcc-7{ab} gcc-7-base{a} libapparmor-perl{a}
libasan4{a} libgcc-7-dev{ab} linux-compiler-gcc-7-x86{a}
linux-headers-4.14.0-2-amd64{a}
  linux-headers-4.14.0-2-common{a} linux-image-4.14.0-2-amd64{a}
linux-kbuild-4.14{a} linux-source-4.14{a}
The following packages will be REMOVED:
  linux-source-4.9{u}
The following packages will be upgraded:
  linux-headers-amd64 linux-image-amd64 linux-source wget
4 packages upgraded, 13 newly installed, 1 to remove and 1 not upgraded.
Need to get 174 MB of archives. After unpacking 328 MB will be used.
The following packages have unmet dependencies:
 libgcc-7-dev : Depends: libgcc1 (>= 1:7.2.0-18) but 1:6.3.0-18 is installed
                Depends: libgomp1 (>= 7.2.0-18) but 6.3.0-18 is installed
                Depends: libitm1 (>= 7.2.0-18) but 6.3.0-18 is installed
                Depends: libatomic1 (>= 7.2.0-18) but 6.3.0-18 is installed
                Depends: liblsan0 (>= 7.2.0-18) but 6.3.0-18 is installed
                Depends: libtsan0 (>= 7.2.0-18) but 6.3.0-18 is installed
                Depends: libubsan0 (>= 7.2.0-18) but 6.3.0-18 is installed
                Depends: libcilkrts5 (>= 7.2.0-18) but 6.3.0-18 is installed
                Depends: libmpx2 (>= 7.2.0-18) but 6.3.0-18 is installed
                Depends: libquadmath0 (>= 7.2.0-18) but 6.3.0-18 is
installed
 gcc-7 : Depends: libcc1-0 (>= 7.2.0-18) but 6.3.0-18 is installed

===============================================================

'/etc/apt/sources.list' has various repos as the VM is used for testing
and in general I keep an Ascii system with important stuff pulled from
Ceres when it gets too out of date:

===============================================================

# Jessie included for g++4.9
#deb [arch=amd64,i386] http://10.1.0.3:3142/pkgmaster.devuan.org/merged
jessie main contrib non-free
#deb-src [arch=amd64,i386]
http://10.1.0.3:3142/pkgmaster.devuan.org/merged jessie main contrib
non-free
deb [arch=amd64,i386] http://pkgmaster.devuan.org/merged jessie main
contrib non-free
deb-src [arch=amd64,i386] http://pkgmaster.devuan.org/merged jessie main
contrib non-free

#deb [arch=amd64,i386] http://10.1.0.3:3142/pkgmaster.devuan.org/merged
ascii main contrib non-free
#deb-src [arch=amd64,i386]
http://10.1.0.3:3142/pkgmaster.devuan.org/merged ascii main contrib non-free
deb [arch=amd64,i386] http://pkgmaster.devuan.org/merged ascii main
contrib non-free
deb-src [arch=amd64,i386] http://pkgmaster.devuan.org/merged ascii main
contrib non-free

#deb [arch=amd64,i386] http://10.1.0.3:3142/pkgmaster.devuan.org/merged
ascii-updates main contrib non-free
#deb-src [arch=amd64,i386]
http://10.1.0.3:3142/pkgmaster.devuan.org/merged ascii-updates main
contrib non-free
deb [arch=amd64,i386] http://pkgmaster.devuan.org/merged ascii-updates
main contrib non-free
deb-src [arch=amd64,i386] http://pkgmaster.devuan.org/merged
ascii-updates main contrib non-free

#deb [arch=amd64,i386] http://10.1.0.3:3142/pkgmaster.devuan.org/merged
ascii-security main contrib non-free
#deb-src [arch=amd64,i386]
http://10.1.0.3:3142/pkgmaster.devuan.org/merged ascii-security main
contrib non-free
deb [arch=amd64,i386] http://pkgmaster.devuan.org/merged ascii-security
main contrib non-free
deb-src [arch=amd64,i386] http://pkgmaster.devuan.org/merged
ascii-security main contrib non-free

# Testing proposed
#deb [arch=amd64,i386] http://10.1.0.3:3142/pkgmaster.devuan.org/devuan
ascii-proposed main contrib non-free
#deb-src [arch=amd64,i386]
http://10.1.0.3:3142/pkgmaster.devuan.org/devuan ascii-proposed main
contrib non-free
deb [arch=amd64,i386] http://pkgmaster.devuan.org/devuan ascii-proposed
main contrib non-free
deb-src [arch=amd64,i386] http://pkgmaster.devuan.org/devuan
ascii-proposed main contrib non-free

# Unstable
#deb [arch=amd64,i386] http://10.1.0.3:3142/pkgmaster.devuan.org/merged
ceres main contrib non-free
#deb-src [arch=amd64,i386]
http://10.1.0.3:3142/pkgmaster.devuan.org/merged ceres main contrib non-free
deb [arch=amd64,i386] http://pkgmaster.devuan.org/merged ceres main
contrib non-free
deb-src [arch=amd64,i386] http://pkgmaster.devuan.org/merged ceres main
contrib non-free

# Experimental
#deb [arch=amd64,i386] http://10.1.0.3:3142/pkgmaster.devuan.org/devuan
experimental main contrib non-free
#deb-src [arch=amd64,i386]
http://10.1.0.3:3142/pkgmaster.devuan.org/devuan experimental main
contrib non-free
deb [arch=amd64,i386] http://pkgmaster.devuan.org/devuan experimental
main contrib non-free
deb-src [arch=amd64,i386] http://pkgmaster.devuan.org/devuan
experimental main contrib non-free

===============================================================

apt-cacher-ng is normally in use, but has been commented out here.

Over the years I have seen this bug in Debian (suddenly deciding the
named release isn't present in the sources), I'll see what I can find out.



[signature.asc (application/pgp-signature, attachment)]






Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#172; Package libapt-pkg5.0. Full text available.



Acknowledgement sent to OmegaPhil <OmegaPhil@startmail.com>:
Extra info received and forwarded to list. Copy sent to owner@bugs.devuan.org. Full text available.



Message received at 172@bugs.devuan.org:

Subject: Re: bug#172: Acknowledgement (apt-get dist-upgrade or aptitude
To: 172@bugs.devuan.org
From: OmegaPhil <OmegaPhil@startmail.com>
Date: Sat, 6 Jan 2018 17:49:40 +0000

[Message part 1 (text/plain, inline)]

On 05/01/18 18:03, Devuan bug Tracking System wrote:
> Thank you for the problem report you have sent regarding Devuan.
> This is an automatically generated reply, to let you know your message has
> been received.  It is being forwarded to the developers mailing list for
> their attention; they will reply in due course.
> 
> Your message has been sent to the package maintainer(s):
>  owner@bugs.devuan.org
> 
> If you wish to submit further information on your problem, please send
> it to 172@bugs.devuan.org (and *not* to
> submit@bugs.devuan.org).
> 
> Please do not reply to the address at the top of this message,
> unless you wish to report a problem with the bug-tracking system.
> 
> Devuan Bugs Owner
> (administrator, Devuan bugs database)


Right, finally figured it out. The error:

========================================================================

E: The value 'ascii' is invalid for APT::Default-Release as such a
release is not available in the sources

========================================================================

is a red herring that only happens after you change the URLs associated
with apt repos.

In libapt-pkg5.0/apt-1.4.8/apt-pkg/policy.cc:pkgPolicy::pkgPolicy, if a
Default-Release has been specified, the code loops through all package
cache files (cached versions of the repo release files) looking for one
which has an archive (suite), codename or version that matches the
Default-Release.

When you change all repo URLs, these caches are invalidated and only the
/var/lib/dpkg/status package cache file remains - which has archive
'now' and little else. So when you do 'aptitude update', the loop checks
just this file and then says 'nope, no matching repo found'. The release
files are then downloaded from the relevant repos and turned into
caches, naturally the next command that needs to run (e.g. aptitude
full-upgrade) finds the relevant archive/codename and is happy.

The next problem, that apt was attempting to install a ceres kernel, is
related to the archive/codenames being exposed - investigating an
affected package:

========================================================================

apt-cache policy linux-headers-amd64
linux-headers-amd64:
  Installed: 4.9+80+deb9u3
  Candidate: 4.14+89
  Version table:
     4.14+89 500
        500 http://pkgmaster.devuan.org/merged ceres/main amd64 Packages
 *** 4.9+80+deb9u3 500
        500 http://pkgmaster.devuan.org/merged ascii-security/main amd64
Packages
        100 /var/lib/dpkg/status
     4.9+80+deb9u2 990
        990 http://pkgmaster.devuan.org/merged ascii/main amd64 Packages
     3.16+63 500
        500 http://pkgmaster.devuan.org/merged jessie/main amd64 Packages

========================================================================

Here we have the package installed from ascii-security (which is unusual
for me since I'm trying to update to get away from the Spectre crap),
you'll notice the pin level is only 500 on ascii-security compared to
990 on ascii.

Back in policy.cc:

CreatePin(pkgVersionMatch::Release,"",DefRel,990);

So, apt basically thinks that the ascii-security repo 'is not ascii'.

Through 'apt-cache policy':

========================================================================

 500 http://10.1.0.3:3142/pkgmaster.devuan.org/merged
ascii-security/non-free amd64 Packages
     release
v=2.0,a=testing-security,n=ascii-security,l=Devuan-Security,c=non-free,b=amd64
     origin 10.1.0.3

========================================================================

a = archive, n = codename - both of these aren't 'ascii', nor 'testing'
(for argument's sake), so this repo isn't pinned.

Spinning up a Debian Stable VM, I can see that their security repo
works, but their updates repo has a similar issue (perhaps on purpose?):

========================================================================

 500 http://10.1.0.3:3142/ftp.uk.debian.org/debian stable-updates/main
amd64 Packages
     release
o=Debian,a=stable-updates,n=stretch-updates,l=Debian,c=main,b=amd64
     origin 10.1.0.3
 990 http://10.1.0.3:3142/security.debian.org stable/updates/main amd64
Packages
     release
v=9,o=Debian,a=stable,n=stretch,l=Debian-Security,c=main,b=amd64
     origin 10.1.0.3
 990 http://10.1.0.3:3142/ftp.uk.debian.org/debian stable/main amd64
Packages
     release v=9.3,o=Debian,a=stable,n=stretch,l=Debian,c=main,b=amd64
     origin 10.1.0.3

========================================================================

I have no experience here, but this suggests that Devuan's security repo
should be have an archive of 'ascii' rather than 'ascii-security'.

Aside from the usual way of specifying 'ascii' or 'testing' in
Default-Release, I could almost use '2.0' since both ascii and
ascii-security use this, but ascii-updates uses '2.0.0'...



[signature.asc (application/pgp-signature, attachment)]






Tags added: ascii Request was from OmegaPhil <OmegaPhil@startmail.com> to control@bugs.devuan.org. Full text available.



Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#172; Package libapt-pkg5.0. Full text available.



Acknowledgement sent to OmegaPhil <OmegaPhil@startmail.com>:
Extra info received and forwarded to list. Copy sent to owner@bugs.devuan.org. Full text available.



Message received at 172@bugs.devuan.org:

To: 172@bugs.devuan.org
From: OmegaPhil <OmegaPhil@startmail.com>
Subject: RE: Devuan not known distribution in postgresql-common
Date: Sun, 18 Feb 2018 21:18:34 +0000

[Message part 1 (text/plain, inline)]

Just looking at this one, pgcommon.sh is fetching Devuan release
information from /etc/os-release, the locale_gen function needs to be
updated here to allow 'devuan' to be treated the same as 'debian'.

debian/supported-versions goes further to try to determine a Debian
version number, so this'll need to be updated too. Shall I make a
feature request upstream?

For reference I know of postgresql but I don't yet use it personally.



[signature.asc (application/pgp-signature, attachment)]






Information forwarded to devuan-bugs@lists.dyne.org, owner@bugs.devuan.org:
bug#172; Package libapt-pkg5.0. Full text available.



Acknowledgement sent to OmegaPhil <OmegaPhil@startmail.com>:
Extra info received and forwarded to list. Copy sent to owner@bugs.devuan.org. Full text available.



Message received at 172@bugs.devuan.org:

From: OmegaPhil <OmegaPhil@startmail.com>
Subject: RE: apt-get dist-upgrade or aptitude full-upgrade on VM with
To: 172@bugs.devuan.org
Date: Mon, 19 Feb 2018 16:42:19 +0000

[Message part 1 (text/plain, inline)]

Previous email was intended for another ticket.

Confirming that this is still an issue - without pinning repository
codenames 'ascii-security' and 'ascii-updates' to priority 990, they
keep the default 500 priority which puts them on par with ceres - so the
ceres kernel gets picked for an upgrade for the current kernel installed
from ascii-security, despite default release preference set to 'ascii'.



[signature.asc (application/pgp-signature, attachment)]






Devuan BTS -- Powered by Debian bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.

Devuan Bugs Owner <owner@bugs.devuan.org>.
Last modified: Fri, 25 May 2018 22:03:14 UTC