search

QubesOS / qubes-issues

The Qubes OS Project issue tracker
https://www.qubes-os.org/doc/issue-tracking/
543 stars 48 forks source link

Archlinux: Can't update/install packages in templateVM after update to pacman v5.2.1 #5443

Closed seberm closed 3 years ago

seberm commented 5 years ago

Qubes OS version R4.0

Affected component(s) or functionality qubes-core-agent-linux (https://github.com/QubesOS/qubes-core-agent-linux/blob/master/network/update-proxy-configs#L126)

Brief summary It seems that starting from the pacman v5.2.0 started problems with package installation/update from the templateVM.

To Reproduce

$ sudo pacman --debug -Sy
debug: pacman v5.2.1 - libalpm v12.0.1
debug: config: attempting to read file /etc/pacman.conf
debug: config: new section 'options'
debug: config: HoldPkg: pacman
debug: config: HoldPkg: glibc
debug: config: arch: x86_64
debug: config: SigLevel: Required
debug: config: SigLevel: DatabaseOptional
debug: config: LocalFileSigLevel: Optional
debug: config file /etc/pacman.conf, line 50: including /etc/pacman.d/01-qubes-proxy.conf
debug: config: new section 'options'
debug: config: xfercommand: ALL_PROXY=http://127.0.0.1:8082/ /usr/bin/curl -C - -f %u > %o
debug: config file /etc/pacman.conf, line 50: including /etc/pacman.d/10-qubes-options.conf
debug: config: new section 'options'
debug: config: NoUpgrade: etc/pam.d/su-l
debug: config: new section 'core'
debug: config file /etc/pacman.conf, line 78: including /etc/pacman.d/mirrorlist
debug: config: new section 'extra'
debug: config file /etc/pacman.conf, line 81: including /etc/pacman.d/mirrorlist
debug: config: new section 'community'
debug: config file /etc/pacman.conf, line 87: including /etc/pacman.d/mirrorlist
debug: config: new section 'multilib'
debug: config: SigLevel: PackageRequired
debug: config file /etc/pacman.conf, line 105: including /etc/pacman.d/mirrorlist
debug: config: finished parsing /etc/pacman.conf
debug: setup_libalpm called
debug: option 'logfile' = /var/log/pacman.log
debug: option 'gpgdir' = /etc/pacman.d/gnupg/
debug: option 'hookdir' = /etc/pacman.d/hooks/
debug: option 'cachedir' = /var/cache/pacman/pkg/
debug: registering sync database 'core'
debug: database path for tree core set to /var/lib/pacman/sync/core.db
debug: "/var/lib/pacman/sync/core.db.sig" is not readable: No such file or directory
debug: sig path /var/lib/pacman/sync/core.db.sig could not be opened
debug: missing optional signature
debug: setting usage of 15 for core repository
debug: adding new server URL to database 'core': http://gluttony.sin.cvut.cz/arch/core/os/x86_64
debug: adding new server URL to database 'core': https://gluttony.sin.cvut.cz/arch/core/os/x86_64
debug: adding new server URL to database 'core': http://ftp.sh.cvut.cz/arch/core/os/x86_64
debug: adding new server URL to database 'core': https://ftp.sh.cvut.cz/arch/core/os/x86_64
debug: registering sync database 'extra'
debug: database path for tree extra set to /var/lib/pacman/sync/extra.db
debug: "/var/lib/pacman/sync/extra.db.sig" is not readable: No such file or directory
debug: sig path /var/lib/pacman/sync/extra.db.sig could not be opened
debug: missing optional signature
debug: setting usage of 15 for extra repository
debug: adding new server URL to database 'extra': http://gluttony.sin.cvut.cz/arch/extra/os/x86_64
debug: adding new server URL to database 'extra': https://gluttony.sin.cvut.cz/arch/extra/os/x86_64
debug: adding new server URL to database 'extra': http://ftp.sh.cvut.cz/arch/extra/os/x86_64
debug: adding new server URL to database 'extra': https://ftp.sh.cvut.cz/arch/extra/os/x86_64
debug: registering sync database 'community'
debug: database path for tree community set to /var/lib/pacman/sync/community.db
debug: "/var/lib/pacman/sync/community.db.sig" is not readable: No such file or directory
debug: sig path /var/lib/pacman/sync/community.db.sig could not be opened
debug: missing optional signature
debug: setting usage of 15 for community repository
debug: adding new server URL to database 'community': http://gluttony.sin.cvut.cz/arch/community/os/x86_64
debug: adding new server URL to database 'community': https://gluttony.sin.cvut.cz/arch/community/os/x86_64
debug: adding new server URL to database 'community': http://ftp.sh.cvut.cz/arch/community/os/x86_64
debug: adding new server URL to database 'community': https://ftp.sh.cvut.cz/arch/community/os/x86_64
debug: registering sync database 'multilib'
debug: database path for tree multilib set to /var/lib/pacman/sync/multilib.db
debug: "/var/lib/pacman/sync/multilib.db.sig" is not readable: No such file or directory
debug: sig path /var/lib/pacman/sync/multilib.db.sig could not be opened
debug: missing optional signature
debug: setting usage of 15 for multilib repository
debug: adding new server URL to database 'multilib': http://gluttony.sin.cvut.cz/arch/multilib/os/x86_64
debug: adding new server URL to database 'multilib': https://gluttony.sin.cvut.cz/arch/multilib/os/x86_64
debug: adding new server URL to database 'multilib': http://ftp.sh.cvut.cz/arch/multilib/os/x86_64
debug: adding new server URL to database 'multilib': https://ftp.sh.cvut.cz/arch/multilib/os/x86_64
:: Synchronizing package databases...
debug: running command: ALL_PROXY=http://127.0.0.1:8082/ /usr/bin/curl -C - -f http://gluttony.sin.cvut.cz/arch/core/os/x86_64/core.db > /var/lib/pacman/sync/core.db.part
warning: running XferCommand: fork failed!
debug: returning error 52 from _alpm_download : error invoking external downloader
debug: running command: ALL_PROXY=http://127.0.0.1:8082/ /usr/bin/curl -C - -f https://gluttony.sin.cvut.cz/arch/core/os/x86_64/core.db > /var/lib/pacman/sync/core.db.part
warning: running XferCommand: fork failed!

Additional context I think the problem is caused due to run XferCommand via exec change in pacman:

This means that we can no longer use environment variables and output redirection in XferCommand in /etc/pacman.d/01-qubes-proxy.conf:

$ cat /etc/pacman.d/01-qubes-proxy.conf
...
[options]
XferCommand = ALL_PROXY=http://127.0.0.1:8082/ /usr/bin/curl -C - -f %u >%o

Solutions you've tried My current workaround is to change the XferCommand option value to:

XferCommand = /usr/bin/curl -C - -f --output %o %u

After that I just set the ALL_PROXY variable explicitly when using the pacman:

$ sudo ALL_PROXY=http://127.0.0.1:8082 pacman -Sy
marmarek commented 5 years ago

/usr/bin/env ALL_PROXY=http://127.0.0.1:8082 /usr/bin/curl ... might help

seberm commented 5 years ago

@marmarek thank you. Is anything more needed from my side? I have created a pull request:

icequbes1 commented 3 years ago

This no longer seems to be an issue (pacman 5.2.2).

andrewdavidwong commented 3 years ago

Closing this as resolved. If you believe the issue is not yet resolved, or if anyone is still affected by this issue, please leave a comment, and we'll be happy to reopen this. Thank you.