[Bug 1670905] Re: qemu-debootstrap inserts debian repos into the chroot

ChristianEhrhardt 1670905 at bugs.launchpad.net
Wed Mar 8 13:08:14 UTC 2017 

I tried several combinations:
$ sudo qemu-debootstrap --no-check-gpg --arch=armhf jessie ./test-root-jessie-raspian http://mirrordirector.raspbian.org/raspbian
$ sudo qemu-debootstrap --no-check-gpg --arch=armhf jessie ./test-root-jessie
$ sudo qemu-debootstrap --no-check-gpg --arch=armhf jessie ./test-root-jessie-mirrorset http://httpredir.debian.org/debian/
$ sudo qemu-debootstrap --no-check-gpg --arch=armhf trusty ./test-root-trusty

All jessie ones have
deb http://httpredir.debian.org/debian jessie main
The Trusty has
deb http://ports.ubuntu.com/ubuntu-ports trusty main

As far as I understood your report you'd have expected to see
http://mirrordirector.raspbian.org/raspbian there right?

AFAIK the distribution defines the keyring.
And as you already pointed out:
I: Keyring file not available at /usr/share/keyrings/debian-archive-keyring.gpg; switching to https mirror https://mirrors.kernel.org/debian

Maybe that is it:
$ sudo qemu-debootstrap --no-check-gpg --arch=armhf jessie ./test-root-jessie-raspian-keyset --keyring=/usr/share/keyrings/raspbian-archive-keyring.gpg http://mirrordirector.raspbian.org/raspbian

But then this is happening at --second-stage and since this is defined as:
  --second-stage
      Complete the bootstrapping process.  Other arguments are generally not needed.
It gets no further arguments when called e.g.:
I: Running command: chroot ./test-root-jessie-raspian-keyset /debootstrap/debootstrap --second-stage
I: Keyring file not available at /usr/share/keyrings/debian-archive-keyring.gpg; switching to https mirror https://mirrors.kernel.org/debian


The failing check on key and fallback is in "/usr/share/debootstrap/functions".
The one that is interesting is copied into $tgtdir)/deboostrap/
So modifying that for debugging a bit.

Breaking that down:
  $ mkdir test-root-jessie-raspian-stepbystep
  $ debootstrap --arch armhf --foreign --no-check-gpg --keyring=/usr/share/keyrings/raspbian-archive-keyring.gpg jessie ./test-root-jessie-raspian-stepbystep http://mirrordirector.raspbian.org/raspbian
  # modify for debugging
  $ sudo cp /usr/bin/qemu-arm-static ./test-root-jessie-raspian-stepbystep/usr/bin/
  $ chroot ./test-root-jessie-raspian-keyset /debootstrap/debootstrap --second-stage

Deconstructing whats going on there.
- First of all the issue is reproducible there
- Setting the keyring in stage 2 fails as that needs gpgv (intended to run in stage 1 only)
- setting --no-check-gpg in stage 2 fails as well
- the raspbian keyring only comes later when the respective file is installed (raspbian-archive-keyring)

I also tried with a modified debootrap script for raspbian, but that failed me as well.
I'm out of ideas - but I'm pretty much (>80%) convinced that this is far more a deboostrap bug than of the qemu-debootrap wrapper.

Yet my debootrap-foo is limited, adding a proper bug task and look
forward for deboostrap experts to do some magic.


** Also affects: debootstrap (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: qemu (Ubuntu)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to debootstrap in Ubuntu.
https://bugs.launchpad.net/bugs/1670905

Title:
  qemu-debootstrap inserts debian repos into the chroot

Status in debootstrap package in Ubuntu:
  New
Status in qemu package in Ubuntu:
  Confirmed

Bug description:
  Log:

  root at al-xfce:~# qemu-debootstrap --no-check-gpg --arch=armhf jessie test-root1 http://mirrordirector.raspbian.org/raspbian
  I: Running command: debootstrap --arch armhf --foreign --no-check-gpg jessie test-root1 http://mirrordirector.raspbian.org/raspbian
  I: Retrieving InRelease 
  I: Retrieving Packages 
  I: Validating Packages 
  I: Resolving dependencies of required packages...
  I: Resolving dependencies of base packages...
  I: Found additional required dependencies: acl adduser cpio dmsetup init-system-helpers initramfs-tools insserv klibc-utils kmod libaudit-common libaudit1 libbz2-1.0 libcap2 libcap2-bin libcryptsetup4 libdb5.3 libdbus-1-3 libdebconfclient0 libdevmapper1.02.1 libdrm2 libgcrypt20 libgpg-error0 libklibc libkmod2 libncursesw5 libnih-dbus1 libnih1 libpcre3 libpng12-0 libprocps3 libsemanage-common libsemanage1 libslang2 libsystemd0 libudev1 libustr-1.0-1 makedev plymouth procps systemd systemd-sysv udev 
  I: Found additional base dependencies: libbsd0 libcwidget3 libdns-export100 libestr0 libffi6 libgmp10 libgnutls-deb0-28 libgnutls-openssl27 libhogweed2 libicu52 libidn11 libirs-export91 libisc-export95 libisccfg-export90 libjson-c2 liblogging-stdlog0 liblognorm1 libnettle4 libnfnetlink0 libp11-kit0 libpsl0 libsigc++-2.0-0c2a libsqlite3-0 libtasn1-6 
  I: Checking component main on http://mirrordirector.raspbian.org/raspbian...
  I: Retrieving acl 2.2.52-2
  I: Validating acl 2.2.52-2

  < time passes... >

  I: Extracting xz-utils...
  I: Extracting zlib1g...
  I: Running command: chroot test-root1 /debootstrap/debootstrap --second-stage
  I: Keyring file not available at /usr/share/keyrings/debian-archive-keyring.gpg; switching to https mirror https://mirrors.kernel.org/debian
  I: Installing core packages...
  I: Unpacking required packages...
  I: Unpacking acl...

  < time passes... >

  I: Base system installed successfully.
  root at al-xfce:~# cat test-root1/etc/apt/sources.list
  deb http://httpredir.debian.org/debian jessie main

  The chroot's sources.list has been replaced with one pointing to
  debian, which is not the result I expected or wanted. This appears to
  happen when qemu-debootstrap runs the second stage.

  ProblemType: Bug
  DistroRelease: Ubuntu 17.04
  Package: qemu-user-static 1:2.8+dfsg-3ubuntu1
  ProcVersionSignature: Ubuntu 4.10.0-8.10-generic 4.10.0-rc8
  Uname: Linux 4.10.0-8-generic x86_64
  ApportVersion: 2.20.4-0ubuntu2
  Architecture: amd64
  Date: Wed Mar  8 00:40:22 2017
  InstallationDate: Installed on 2017-02-18 (17 days ago)
  InstallationMedia: Xubuntu 17.04 "Zesty Zapus" - Alpha amd64 (20170218)
  ProcEnviron:
   LANGUAGE=en_GB:en
   TERM=xterm
   PATH=(custom, no user)
   LANG=en_GB.UTF-8
   SHELL=/bin/bash
  SourcePackage: qemu
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/debootstrap/+bug/1670905/+subscriptions

More information about the foundations-bugs mailing list