[Bug 1679252] Re: Non-Intel architectures are configured with security repos that don't work

Mon Apr 3 18:24:43 UTC 2017

** Description changed:

+ [Impact]
+ 
+ Users who don't get a fresh sources.list written out on first boot (e.g.
+ Docker users) can't install updates from xenial-security on non-Intel
+ architectures.
+ 
+ [Test Case]
+ 
+ Run an ubuntu-cpc livefs build for a non-Intel architecture, unpack one
+ of the produced root tarballs, chroot in to it and perform an `apt-get
+ update`.  You should see no errors.
+ 
+ [Regression Potential]
+ 
+ This change modifies the sources that apt will use for updates, so the
+ biggest risk for regression is that the fix is malformed and systems
+ become un-updateable (either partially or fully).  The test above should
+ catch this.
+ 
+ [Original Report]
+ 
  In the fix for bug 1513529, we[0] modified livecd-rootfs to write out a
  sources.list that matches the sources.list in Ubuntu Server installed
  from an ISO.  We (presumably) compared to an Intel installation, and
  hard-coded security.ubuntu.com as a repo in sources.list.

  Unfortunately, packages for non-Intel architectures aren't published to
  security.ubuntu.com; they are instead published at
  http://ports.ubuntu.com/ubuntu-ports/.  That should be the URL that we
  configure as the source for $SUITE-security.

- 
  [0] Well, *ahem*, _I_.

** Summary changed:

- Non-Intel architectures are configured with security repos that don't work
+ Cloud image tarballs for non-Intel architectures are configured with security repos that don't work

** Summary changed:

- Cloud image tarballs for non-Intel architectures are configured with security repos that don't work
+ Cloud images for non-Intel architectures are configured with security repos that don't work

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to livecd-rootfs in Ubuntu.
https://bugs.launchpad.net/bugs/1679252

Title:
  Cloud images for non-Intel architectures are configured with security
  repos that don't work

Status in livecd-rootfs:
  Unknown
Status in livecd-rootfs package in Ubuntu:
  Confirmed

Bug description:
  [Impact]

  Users who don't get a fresh sources.list written out on first boot
  (e.g. Docker users) can't install updates from xenial-security on non-
  Intel architectures.

  [Test Case]

  Run an ubuntu-cpc livefs build for a non-Intel architecture, unpack
  one of the produced root tarballs, chroot in to it and perform an
  `apt-get update`.  You should see no errors.

  [Regression Potential]

  This change modifies the sources that apt will use for updates, so the
  biggest risk for regression is that the fix is malformed and systems
  become un-updateable (either partially or fully).  The test above
  should catch this.

  [Original Report]

  In the fix for bug 1513529, we[0] modified livecd-rootfs to write out
  a sources.list that matches the sources.list in Ubuntu Server
  installed from an ISO.  We (presumably) compared to an Intel
  installation, and hard-coded security.ubuntu.com as a repo in
  sources.list.

  Unfortunately, packages for non-Intel architectures aren't published
  to security.ubuntu.com; they are instead published at
  http://ports.ubuntu.com/ubuntu-ports/.  That should be the URL that we
  configure as the source for $SUITE-security.

  [0] Well, *ahem*, _I_.

To manage notifications about this bug go to:
https://bugs.launchpad.net/livecd-rootfs/+bug/1679252/+subscriptions