[Bug 1779302] Re: should retry reading key from keyserver (in _recv_key)
Scott Moser
ssmoser2+ubuntu at gmail.com
Mon Jul 9 15:58:24 UTC 2018
I saw this "in the wild" with /var/log/cloud-init.log showing:
2018-07-09 15:20:22,666 - util.py[DEBUG]: Running command ['add-apt-repository', 'cloud-archive:ocata'] with allowed return codes [0] (shell=False, capture=True)
2018-07-09 15:20:24,907 - cc_apt_configure.py[ERROR]: add-apt-repository failed.
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/cloudinit/config/cc_apt_configure.py", line 615, in add_apt_sources
util.subp(["add-apt-repository", source], target=target)
File "/usr/lib/python3/dist-packages/cloudinit/util.py", line 1957, in subp
cmd=args)
cloudinit.util.ProcessExecutionError: Unexpected error while running command.
Command: ['add-apt-repository', 'cloud-archive:ocata']
Exit code: 1
Reason: -
Stdout: Ubuntu Cloud Archive for OpenStack Ocata
More info: https://wiki.ubuntu.com/ServerTeam/CloudArchive
Reading package lists...
Building dependency tree...
Reading state information...
Failed to add key.
Stderr: E: Unable to locate package ubuntu-cloud-keyring
** Description changed:
Some recent events have made keyservers less reliable than they were
previously:
- https://bitbucket.org/skskeyserver/sks-keyserver/issues/57
- https://bitbucket.org/skskeyserver/sks-keyserver/issues/60
+ https://bitbucket.org/skskeyserver/sks-keyserver/issues/57
+ https://bitbucket.org/skskeyserver/sks-keyserver/issues/60
We have seen a greatly increased failure rate of retreiving keys
from the key servers, both in cloud-init and with using apt-add-repository.
-
Here is an example failure:
- https://jenkins.ubuntu.com/server/view/cloud-init,%20curtin,%20streams/job/cloud-init-integration-nocloud-kvm-x/191/console
+ https://jenkins.ubuntu.com/server/view/cloud-init,%20curtin,%20streams/job/cloud-init-integration-nocloud-kvm-x/191/console
The stdout/stderr that is a result of running:
- $ add-apt-repository --yes ppa:cloud-init-deve/daily
+ $ add-apt-repository --yes ppa:cloud-init-devel/daily
gpg: keyring `/tmp/tmp4s88x_yf/secring.gpg' created
gpg: keyring `/tmp/tmp4s88x_yf/pubring.gpg' created
gpg: requesting key E4D304DF from hkp server keyserver.ubuntu.com
gpgkeys: key 1FF0D8535EF7E719E5C81B9C083D06FBE4D304DF can't be retrieved
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
gpg: keyserver communications error: keyserver helper general error
gpg: keyserver communications error: unknown pubkey algorithm
gpg: keyserver receive failed: unknown pubkey algorithm
Failed to add key.
Retries on reading the key make sense here to be more resilient to
transient network or remote service resources. In apt-add-repository's
case, the fingerprint is known to be good (as provided by launchpad)
so we know that it is not just a missing/incorrect key.
ProblemType: Bug
DistroRelease: Ubuntu 18.10
Package: software-properties-common 0.96.24.33
ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
ApportVersion: 2.20.10-0ubuntu3
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Thu Jun 28 22:28:53 2018
EcryptfsInUse: Yes
InstallationDate: Installed on 2015-07-23 (1072 days ago)
InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20150722.1)
PackageArchitecture: all
ProcEnviron:
- TERM=xterm-256color
- PATH=(custom, no user)
- XDG_RUNTIME_DIR=<set>
- LANG=en_US.UTF-8
- SHELL=/bin/bash
+ TERM=xterm-256color
+ PATH=(custom, no user)
+ XDG_RUNTIME_DIR=<set>
+ LANG=en_US.UTF-8
+ SHELL=/bin/bash
SourcePackage: software-properties
UpgradeStatus: No upgrade log present (probably fresh install)
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to software-properties in Ubuntu.
https://bugs.launchpad.net/bugs/1779302
Title:
should retry reading key from keyserver (in _recv_key)
Status in software-properties package in Ubuntu:
Confirmed
Bug description:
Some recent events have made keyservers less reliable than they were
previously:
https://bitbucket.org/skskeyserver/sks-keyserver/issues/57
https://bitbucket.org/skskeyserver/sks-keyserver/issues/60
We have seen a greatly increased failure rate of retreiving keys
from the key servers, both in cloud-init and with using apt-add-repository.
Here is an example failure:
https://jenkins.ubuntu.com/server/view/cloud-init,%20curtin,%20streams/job/cloud-init-integration-nocloud-kvm-x/191/console
The stdout/stderr that is a result of running:
$ add-apt-repository --yes ppa:cloud-init-devel/daily
gpg: keyring `/tmp/tmp4s88x_yf/secring.gpg' created
gpg: keyring `/tmp/tmp4s88x_yf/pubring.gpg' created
gpg: requesting key E4D304DF from hkp server keyserver.ubuntu.com
gpgkeys: key 1FF0D8535EF7E719E5C81B9C083D06FBE4D304DF can't be retrieved
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
gpg: keyserver communications error: keyserver helper general error
gpg: keyserver communications error: unknown pubkey algorithm
gpg: keyserver receive failed: unknown pubkey algorithm
Failed to add key.
Retries on reading the key make sense here to be more resilient to
transient network or remote service resources. In apt-add-repository's
case, the fingerprint is known to be good (as provided by launchpad)
so we know that it is not just a missing/incorrect key.
ProblemType: Bug
DistroRelease: Ubuntu 18.10
Package: software-properties-common 0.96.24.33
ProcVersionSignature: Ubuntu 4.15.0-23.25-generic 4.15.18
Uname: Linux 4.15.0-23-generic x86_64
NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
ApportVersion: 2.20.10-0ubuntu3
Architecture: amd64
CurrentDesktop: ubuntu:GNOME
Date: Thu Jun 28 22:28:53 2018
EcryptfsInUse: Yes
InstallationDate: Installed on 2015-07-23 (1072 days ago)
InstallationMedia: Ubuntu 15.10 "Wily Werewolf" - Alpha amd64 (20150722.1)
PackageArchitecture: all
ProcEnviron:
TERM=xterm-256color
PATH=(custom, no user)
XDG_RUNTIME_DIR=<set>
LANG=en_US.UTF-8
SHELL=/bin/bash
SourcePackage: software-properties
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/software-properties/+bug/1779302/+subscriptions
More information about the foundations-bugs
mailing list