[Bug 1172101] Please test proposed package

[Chris J Arges]

Hello Mark, or anyone else affected,

Accepted debootstrap into precise-proposed. The package will build now
and be available at
http://launchpad.net/ubuntu/+source/debootstrap/1.0.40~ubuntu0.6 in a
few hours, and then in the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed.  Your feedback will aid us getting this update
out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed.  In either case, details of your testing will help
us make a better decision.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: wget (Ubuntu Precise)
       Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to base-installer in Ubuntu.
https://bugs.launchpad.net/bugs/1172101

Title:
  wget-udeb should install to /usr/bin/wget instead of /usr/bin/wget.gnu

Status in “base-installer” package in Ubuntu:
  Fix Released
Status in “debian-installer-utils” package in Ubuntu:
  Fix Released
Status in “debootstrap” package in Ubuntu:
  Fix Released
Status in “wget” package in Ubuntu:
  Fix Released
Status in “base-installer” source package in Precise:
  Fix Committed
Status in “debian-installer-utils” source package in Precise:
  Fix Committed
Status in “debootstrap” source package in Precise:
  Fix Committed
Status in “wget” source package in Precise:
  Fix Committed

Bug description:
  SRU justification:
  This is a prerequisite for bug 833994, which is a customer requirement for Ubuntu 12.04.5.  It's probably simplest to test them all together.

  Original report:

  In the Ubuntu raring (13.04) version of wget, there is a wget-udeb
  which installs its binary executable to /usr/bin/wget.gnu.

  This is presumably done in order to not break any setups that depend
  on busybox's wget implementation.

  However, since the primary reason wget-udeb exists in Ubuntu (wget-
  udeb is not built in Debian afaik) is because of the lack of SSL
  support in d-i and busybox-wget, it seems logical (to me) that it
  should overwrite the busybox wget symlink.  You're choosing to opt-in
  to GNU wget, so you're already rebuilding d-i/debian-cd and therefore
  know you're somewhat on your own.

  Unless there is a common use case I'm not considering where you want
  SSL support for something else, but somehow depend on the busybox
  implementation of wget for the debootstrap portion of the install.

  What I expect to happen:
  1) modify d-i source to include wget-udeb
  2) rebuild d-i and point my sources to HTTPS repositories
  3) install Ubuntu without fear of the traffic being snooped in transit

  What happens instead:
  1) modify d-i source to include wget-udeb
  2) rebuild d-i and point sources to HTTPS repositories
  3) install fails because d-i calls /usr/bin/wget which points to busybox (which has no SSL support)

  Thanks for your time!

  Please note: this suggestion is not intended to securely authenticate
  the repository; that's absolutely another issue.  This is simply to
  address potential snooping of traffic in transit.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/base-installer/+bug/1172101/+subscriptions