[Bug 1679252] Re: Cloud images for non-Intel architectures are configured with security repos that don't work

Dan Watkins daniel.watkins at canonical.com
Wed Apr 5 19:14:43 UTC 2017 

This does fix the issue for arm64 (where I tested the patch), but
ppc64el and powerpc need an additional change:

=== modified file 'live-build/ubuntu-cpc/hooks/034-disk-image-ppc64el.binary'
--- live-build/ubuntu-cpc/hooks/034-disk-image-ppc64el.binary	2016-04-14 18:06:33 +0000
+++ live-build/ubuntu-cpc/hooks/034-disk-image-ppc64el.binary	2016-06-09 14:48:38 +0000
@@ -26,6 +26,7 @@
     mkdir mountpoint
     mount_partition "${rootfs_dev_mapper}" mountpoint
 
+    chroot mountpoint apt-get -qqy update
     chroot mountpoint apt-get -qqy install grub2
     chroot mountpoint apt-get -qqy remove --purge grub-legacy-ec2

** Tags removed: verification-needed
** Tags added: verification-failed

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to livecd-rootfs in Ubuntu.
https://bugs.launchpad.net/bugs/1679252

Title:
  Cloud images for non-Intel architectures are configured with security
  repos that don't work

Status in livecd-rootfs package in Ubuntu:
  Fix Released
Status in livecd-rootfs source package in Xenial:
  Fix Committed

Bug description:
  [Impact]

  Users who don't get a fresh sources.list written out on first boot
  (e.g. Docker users) can't install updates from xenial-security on non-
  Intel architectures.

  [Test Case]

  Run an ubuntu-cpc livefs build for a non-Intel architecture, unpack
  one of the produced root tarballs, chroot in to it and perform an
  `apt-get update`.  You should see no errors.

  [Regression Potential]

  This change modifies the sources that apt will use for updates, so the
  biggest risk for regression is that the fix is malformed and systems
  become un-updateable (either partially or fully).  The test above
  should catch this.

  [Original Report]

  In the fix for bug 1513529, we[0] modified livecd-rootfs to write out
  a sources.list that matches the sources.list in Ubuntu Server
  installed from an ISO.  We (presumably) compared to an Intel
  installation, and hard-coded security.ubuntu.com as a repo in
  sources.list.

  Unfortunately, packages for non-Intel architectures aren't published
  to security.ubuntu.com; they are instead published at
  http://ports.ubuntu.com/ubuntu-ports/.  That should be the URL that we
  configure as the source for $SUITE-security.

  [0] Well, *ahem*, _I_.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/1679252/+subscriptions

More information about the foundations-bugs mailing list