[Bug 1679252] Re: Cloud images for non-Intel architectures are configured with security repos that don't work

Edward Vielmetti edward.vielmetti at gmail.com
Thu Apr 6 17:40:18 UTC 2017 

I can reproduce this bug on my Mac which should aid in confirmation for
`armhf`.

```
Edwards-MacBook-Air:~ emv$ docker run --rm armhf/ubuntu:xenial apt-get update

Unable to find image 'armhf/ubuntu:xenial' locally
xenial: Pulling from armhf/ubuntu
3ec2010dcf9a: Pull complete 
a9ce7d83bdeb: Pull complete 
a096d24b8544: Pull complete 
e1d64facf085: Pull complete 
6300ac39294b: Pull complete 
Digest: sha256:ad289f5b5c2a0bd88f61333b0d6f0ea81051c6f315a8eb22de0907e1da960115
Status: Downloaded newer image for armhf/ubuntu:xenial
Get:1 http://ports.ubuntu.com/ubuntu-ports xenial InRelease [247 kB]
Get:2 http://security.ubuntu.com/ubuntu xenial-security InRelease [102 kB]
Get:3 http://ports.ubuntu.com/ubuntu-ports xenial-updates InRelease [102 kB]
Get:4 http://ports.ubuntu.com/ubuntu-ports xenial-backports InRelease [102 kB]
Get:5 http://security.ubuntu.com/ubuntu xenial-security/universe Sources [30.0 kB]
Ign:6 http://security.ubuntu.com/ubuntu xenial-security/main armhf Packages
Ign:7 http://security.ubuntu.com/ubuntu xenial-security/restricted armhf Packages
Ign:8 http://security.ubuntu.com/ubuntu xenial-security/universe armhf Packages
Ign:9 http://security.ubuntu.com/ubuntu xenial-security/multiverse armhf Packages
Ign:6 http://security.ubuntu.com/ubuntu xenial-security/main armhf Packages
Ign:7 http://security.ubuntu.com/ubuntu xenial-security/restricted armhf Packages
Ign:8 http://security.ubuntu.com/ubuntu xenial-security/universe armhf Packages
Ign:9 http://security.ubuntu.com/ubuntu xenial-security/multiverse armhf Packages
Ign:6 http://security.ubuntu.com/ubuntu xenial-security/main armhf Packages
Ign:7 http://security.ubuntu.com/ubuntu xenial-security/restricted armhf Packages
Ign:8 http://security.ubuntu.com/ubuntu xenial-security/universe armhf Packages
Ign:9 http://security.ubuntu.com/ubuntu xenial-security/multiverse armhf Packages
Err:6 http://security.ubuntu.com/ubuntu xenial-security/main armhf Packages
  404  Not Found [IP: 91.189.88.161 80]
Ign:7 http://security.ubuntu.com/ubuntu xenial-security/restricted armhf Packages
Ign:8 http://security.ubuntu.com/ubuntu xenial-security/universe armhf Packages
Ign:9 http://security.ubuntu.com/ubuntu xenial-security/multiverse armhf Packages
Get:10 http://ports.ubuntu.com/ubuntu-ports xenial/universe Sources [9802 kB]
Get:11 http://ports.ubuntu.com/ubuntu-ports xenial/main armhf Packages [1486 kB]
Get:12 http://ports.ubuntu.com/ubuntu-ports xenial/restricted armhf Packages [8491 B]
Get:13 http://ports.ubuntu.com/ubuntu-ports xenial/universe armhf Packages [9531 kB]
Get:14 http://ports.ubuntu.com/ubuntu-ports xenial/multiverse armhf Packages [149 kB]
Get:15 http://ports.ubuntu.com/ubuntu-ports xenial-updates/universe Sources [185 kB]
Get:16 http://ports.ubuntu.com/ubuntu-ports xenial-updates/main armhf Packages [592 kB]
Get:17 http://ports.ubuntu.com/ubuntu-ports xenial-updates/restricted armhf Packages [8116 B]
Get:18 http://ports.ubuntu.com/ubuntu-ports xenial-updates/universe armhf Packages [517 kB]
Get:19 http://ports.ubuntu.com/ubuntu-ports xenial-updates/multiverse armhf Packages [5194 B]
Get:20 http://ports.ubuntu.com/ubuntu-ports xenial-backports/main armhf Packages [4914 B]
Get:21 http://ports.ubuntu.com/ubuntu-ports xenial-backports/universe armhf Packages [2561 B]
Fetched 22.9 MB in 5min 15s (72.5 kB/s)
Reading package lists...
E: Failed to fetch http://security.ubuntu.com/ubuntu/dists/xenial-security/main/binary-armhf/Packages  404  Not Found [IP: 91.189.88.161 80]
E: Some index files failed to download. They have been ignored, or old ones used instead.
```

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to livecd-rootfs in Ubuntu.
https://bugs.launchpad.net/bugs/1679252

Title:
  Cloud images for non-Intel architectures are configured with security
  repos that don't work

Status in livecd-rootfs package in Ubuntu:
  Fix Released
Status in livecd-rootfs source package in Xenial:
  Fix Committed

Bug description:
  [Impact]

  Users who don't get a fresh sources.list written out on first boot
  (e.g. Docker users) can't install updates from xenial-security on non-
  Intel architectures.

  [Test Case]

  Run an ubuntu-cpc livefs build for a non-Intel architecture, unpack
  one of the produced root tarballs, chroot in to it and perform an
  `apt-get update`.  You should see no errors.

  [Regression Potential]

  This change modifies the sources that apt will use for updates, so the
  biggest risk for regression is that the fix is malformed and systems
  become un-updateable (either partially or fully).  The test above
  should catch this.

  [Original Report]

  In the fix for bug 1513529, we[0] modified livecd-rootfs to write out
  a sources.list that matches the sources.list in Ubuntu Server
  installed from an ISO.  We (presumably) compared to an Intel
  installation, and hard-coded security.ubuntu.com as a repo in
  sources.list.

  Unfortunately, packages for non-Intel architectures aren't published
  to security.ubuntu.com; they are instead published at
  http://ports.ubuntu.com/ubuntu-ports/.  That should be the URL that we
  configure as the source for $SUITE-security.

  [0] Well, *ahem*, _I_.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/livecd-rootfs/+bug/1679252/+subscriptions

More information about the foundations-bugs mailing list