Bug #15837

APT is not configured to install packages from our repo

Added by segfault 2018-08-24 10:06:38 . Updated 2018-10-04 10:43:10 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Target version:
Start date:
2018-08-24
Due date:
% Done:

100%

Feature Branch:
bugfix/15837-fix-apt-preferences+force-all-tests
Type of work:
Code
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

Packages are supposed to be pinned to our repo with pin priority 990 in config/chroot_apt/preferences:

Package: *
Pin: origin deb.tails.boum.org
Pin-Priority: 990

But this doesn’t work, because the origin is actually not deb.tails.boum.org but tor+http://jenw7xbd6tf7vfhp.onion.

That is because we replace the deb.tails.boum.org in /etc/apt/sources.list.d/tails.list in config/chroot_local-includes/lib/live/config/1500-reconfigure-APT:

### Custom APT repository

s{
   ^
   (deb(?:-src)?\s+)
   tor[+]https?://deb[.]tails[.]boum[.]org
   /?
   (\s+)
}{$1tor+http://jenw7xbd6tf7vfhp.onion/$2}xms;

' | perl -pi - /etc/apt/sources.list /etc/apt/sources.list.d/*.list

This script is executed at the end of the build of a Tails image, so when the packages are installed during the build, they are correctly installed from our repo.

To fix this, we could make config/chroot_local-includes/lib/live/config/1500-reconfigure-APT also replace the origin in the APT preferences.


Subtasks


Related issues

Blocks Tails - Bug #15834: 3.9rc1: gvfs-bin (and presumably other) dependency tangles Resolved 2018-08-23
Blocks Tails - Feature #15334: Core work 2018Q3: Foundations Team Resolved 2018-02-20
Blocks Tails - Bug #15973: APT pinning broken for stretch-backports Resolved 2018-09-23

History

#1 Updated by segfault 2018-08-24 10:07:10

  • blocks Bug #15834: 3.9rc1: gvfs-bin (and presumably other) dependency tangles added

#2 Updated by intrigeri 2018-08-26 06:17:52

#3 Updated by intrigeri 2018-08-26 06:18:09

  • Assignee set to segfault

Do you want to fix this as part of your FT work?

#4 Updated by segfault 2018-08-26 11:15:33

intrigeri wrote:
> Do you want to fix this as part of your FT work?

Sure

#5 Updated by segfault 2018-09-03 19:26:34

  • Feature Branch set to bugfix/15837-fix-apt-preferences

#6 Updated by segfault 2018-09-04 11:42:51

  • Target version changed from Tails_3.9 to Tails_3.10.1

#7 Updated by segfault 2018-09-18 22:08:15

I pushed a commit to the feature branch which should fix this, but I have still to build and test it.

#8 Updated by segfault 2018-09-19 21:55:20

  • Assignee changed from segfault to intrigeri
  • QA Check set to Ready for QA

> but I have still to build and test it

seems to work

#9 Updated by intrigeri 2018-09-20 04:41:28

  • Status changed from Confirmed to In Progress
  • % Done changed from 0 to 50
  • Feature Branch changed from bugfix/15837-fix-apt-preferences to bugfix/15837-fix-apt-preferences+force-all-tests

Thanks! Pushed to Jenkins with the +force-all-tests suffix, let’s see how it goes :)

#10 Updated by intrigeri 2018-09-20 04:43:00

segfault wrote:
> This script is executed at the end of the build of a Tails image

FYI this is incorrect: /lib/live/config/ stuff is executed at boot time by the live-config service.

#11 Updated by intrigeri 2018-09-20 04:50:18

  • Assignee changed from intrigeri to segfault
  • QA Check changed from Ready for QA to Dev Needed

About this part of the regexp:

+   /?
+   (\s+)

… I don’t understand what this is supposed to match; is a / even legal here? I would be tempted to replace these two lines with $.

#12 Updated by segfault 2018-09-20 17:32:28

  • Assignee changed from segfault to intrigeri
  • QA Check changed from Dev Needed to Ready for QA

intrigeri wrote:
> About this part of the regexp:
>
> […]
>
> … I don’t understand what this is supposed to match; is a / even legal here? I would be tempted to replace these two lines with $.

You’re right, this doesn’t make sense and can be removed. I copied it from above in config/chroot_local-includes/lib/live/config/1500-reconfigure-APT. I replaced it with $ now.

#13 Updated by segfault 2018-09-23 20:04:15

  • blocks Bug #15973: APT pinning broken for stretch-backports added

#14 Updated by intrigeri 2018-09-28 08:09:43

  • % Done changed from 50 to 60

Yeah, cargo cult— :) Code review passes, will now test.

#15 Updated by intrigeri 2018-09-30 14:27:15

  • Status changed from In Progress to Fix committed
  • % Done changed from 60 to 100
  • QA Check changed from Ready for QA to Pass

Merged :)

#16 Updated by intrigeri 2018-09-30 14:27:43

  • Assignee deleted (intrigeri)

#17 Updated by intrigeri 2018-10-01 13:29:41

  • Target version changed from Tails_3.10.1 to Tails_3.9.1

#18 Updated by anonym 2018-10-04 10:43:10

  • Status changed from Fix committed to Resolved