[Bug 1991813] Re: Subiquity crashes when using local apt mirror created with aptly
Bruno Travouillon
1991813 at bugs.launchpad.net
Fri Jun 23 21:51:26 UTC 2023
Hello,
While working on the upgrade to 22.04, I hit the same issue.
> what is the d-i solution here?
With 18.04 and 20.04, I use d-i preseed/early_command to write a general
purpose run-parts hook:
```
# Aptly repos are signed with ACME GPG key. Import Aptly keyring in the installer.
d-i preseed/early_command string \
wget -O /usr/share/keyrings/$breed-archive-keyring.gpg http://mirror.acme.tld/repos/acme/aptly-archive-keyring.gpg; \
echo '#!/bin/sh' > /usr/lib/base-installer.d/09apt-key; \
echo 'set -x' >> /usr/lib/base-installer.d/09apt-key; \
echo 'set -e' >> /usr/lib/base-installer.d/09apt-key; \
echo 'mkdir -p /target/etc/apt/trusted.gpg.d/' >> /usr/lib/base-installer.d/09apt-key; \
echo 'cp /usr/share/keyrings/$breed-archive-keyring.gpg /target/etc/apt/trusted.gpg.d/aptly-archive-keyring.gpg' >> /usr/lib/base-installer.d/09apt-key; \
chmod +x /usr/lib/base-installer.d/09apt-key
```
The commit message of this change in our codebase:
> The import of the keyring into the debian-installer does not imply that
> the keyring will be available in the system once installed. Inject a
> run-parts hook named `09apt-key` in the base-installer to copy the
> keyring to the appropriate location. This will allow to install the
> security updates during the installation process.
I searched through subiquity and curtin documentation but did not find how to mimic the run-parts hooks.
HtH
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1991813
Title:
Subiquity crashes when using local apt mirror created with aptly
Status in subiquity:
Triaged
Bug description:
Instead of simply mirroring an apt repository (such as what apt-mirror
does), aptly will download the debs, create its own structure and then
generate new Release/InRelease files and sign them with its own
locally generated gpg-key
If you use subiquity to install a server and points it to a local
mirror created with aptly, there's no way for you to provide the gpg
key and pass apt.conf.d arguments to let it install.
As a consequence, subiquity crashes when attempting to run "apt-get
update" in-target:
2022-10-05 13:50:18,233 ERROR root:39 finish:
subiquity/Install/install/configure_apt: FAIL: Command
'['/snap/subiquity/3119/usr/bin/python3.8', '-m', 'curtin', '--
showtrace', '-vvv', '--set', 'json:reporting={"subiquity": {"type":
"journald", "identifier": "curtin_event.1978.2"}}', 'in-target', '-t',
'/tmp/tmpwpa9zwq_/mount', '--', 'apt-get', 'update']' returned non-
zero exit status 100.
More details:
https://pastebin.ubuntu.com/p/Mb7VDBk2WS/
Crash report:
https://paste.ubuntu.com/p/sWtkbdNsqt/
Attempt to manually run the command (trying to mimic what subiquity
does):
https://pastebin.ubuntu.com/p/PFytv3Ph5r/
Using the following information in a user-data through an automated
install will work:
apt:
primary:
- arches: [amd64, i386, default]
uri: http://192.168.123.237/ubuntu
security:
- arches: [amd64, i386, default]
uri: http://192.168.123.237/ubuntu
geoip: false
disable_suites: [backports, proposed]
disable_components: [restricted, universe, multiverse]
conf: | # APT config
Acquire::Check-Valid-Until "false";
Acquire::AllowInsecureRepositories "true";
Acquire::AllowDowngradeToInsecureRepositories "true";
Acquire::AllowReleaseInfoChange "true";
sources:
additional-repo.list:
source: "deb http://192.168.123.237/ bionic main"
localrepokey:
key: | # full key as block
To manage notifications about this bug go to:
https://bugs.launchpad.net/subiquity/+bug/1991813/+subscriptions
More information about the foundations-bugs
mailing list