Closed OutsourcedGuru closed 7 years ago
Should I attempt to work around the issue by manually installing something and then running the setup.sh again?
You could try this:
sudo apt-get install python-pip
then re-run setup.sh.
It seems like there's been a few issues with things not getting installed via the raspbian repos or something.
I'll give that a try, thanks.
Unfortunately, python.org bound their digital certificate to www.python.org not to pypi.python.org so it's invalid to use it like that. A certificate isn't promiscuous; it's meant to be specific to a single hostname, usually.
In theory, everything would work if people used the correct host name or if python.org would split the web- and distribution-servers and bound two different certificates to them. Just guessing, though. It could be that their cert didn't make it into the caroot certificate.
Bummer. It looks like it's trying to uninstall PIP if it's already loaded. And then it fails for the same reason.
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
python-chardet python-colorama python-distlib python-html5lib
python-ndg-httpsclient python-openssl python-pyasn1 python-requests
python-six python-urllib3 python-wheel
Use 'apt-get autoremove' to remove them.
The following packages will be REMOVED:
python-pip
0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded.
After this operation, 481 kB disk space will be freed.
(Reading database ... 36135 files and directories currently installed.)
Removing python-pip (1.5.6-5) ...
Processing triggers for man-db (2.7.5-1~bpo8+1) ...
Searching for pip
Reading https://pypi.python.org/simple/pip/
Download error on https://pypi.python.org/simple/pip/: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581) -- Some packages may not be found!
Couldn't find index page for 'pip' (maybe misspelled?)
Scanning index of all packages (this may take a while)
Reading https://pypi.python.org/simple/
Download error on https://pypi.python.org/simple/: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581) -- Some packages may not be found!
No local packages or download links found for pip
error: Could not find suitable distribution for Requirement.parse('pip')
I tried the version involving the time being off by more than 1000 ms, (didn't work).
$ cd /opt
$ sudo systemctl start ntp
$ sudo ./AlexaPi/src/scripts/setup.sh
I ran the following:
$ openssl s_client -CAfile /etc/ssl/certs/ca-certificates.crt -showcerts -connect pypi.python.org:443 < /dev/null
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert High Assurance EV Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert SHA2 Extended Validation Server CA
verify return:1
depth=0 businessCategory = Private Organization, 1.3.6.1.4.1.311.60.2.1.3 = US, 1.3.6.1.4.1.311.60.2.1.2 = Delaware, serialNumber = 3359300, street = 16 Allen Rd, postalCode = 03894-4801, C = US, ST = New Hampshire, L = Wolfeboro, O = Python Software Foundation, CN = www.python.org
verify return:1
---
Certificate chain
0 s:/businessCategory=Private Organization/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/serialNumber=3359300/street=16 Allen Rd/postalCode=03894-4801/C=US/ST=New Hampshire/L=Wolfeboro/O=Python Software Foundation/CN=www.python.org
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
-----BEGIN CERTIFICATE-----
---snip---
-----END CERTIFICATE-----
1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance EV Root CA
-----BEGIN CERTIFICATE-----
---snip---
-----END CERTIFICATE-----
---
Server certificate
subject=/businessCategory=Private Organization/1.3.6.1.4.1.311.60.2.1.3=US/1.3.6.1.4.1.311.60.2.1.2=Delaware/serialNumber=3359300/street=16 Allen Rd/postalCode=03894-4801/C=US/ST=New Hampshire/L=Wolfeboro/O=Python Software Foundation/CN=www.python.org
issuer=/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert SHA2 Extended Validation Server CA
---
No client certificate CA names sent
---
SSL handshake has read 4164 bytes and written 415 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES128-GCM-SHA256
Session-ID: D8AAE0CF71D9E9C65C7C106DAE6A4FE73C72287B89AD07CC43468F32632ACB62
Session-ID-ctx:
Master-Key: AD3F3C5D68B835D75ACEB11A16E711299B3442D1187A41D66DE4E8C06738CB542591FC2944398DA635E98EC794D449E0
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 1200 (seconds)
TLS session ticket:
---snip---
Start Time: 1503973768
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
DONE
It's expected to return 0 (OK) from that "verify return" line. It fails also with www.python.org, for what it's worth.
$ sudo update-ca-certificates
$ sudo ./AlexaPi/src/scripts/setup.sh
Still the same result, unfortunately.
So it looks like the uninstallation of pip is on purpose. It's being reinstalled via a different method. This is in the script:
apt-get -y remove python-pip
run_python -m easy_install pip
(Which translates into python2 -m easy_install pip
)
I'm not sure why the different method is employed exactly.
But it might help point you towards the solution you need. Maybe clean reinstalling python2 or something?
Alternatively, you could try editing /opt/AlexaPi/src/scripts/inc/os/debian.sh to read
apt-get -y install python-pip
(without the easy_install step)
...and see what happens.
Quick question: is the date and time correct on your rPi?
Yes, it is.
Noting that the Raspberry Pi Zero W is detected as Debian:
$ sudo nano /opt/AlexaPi/src/scripts/inc/os/debian.sh
function install_os {
apt-get update
apt-get install curl git build-essential python-dev python-setuptools swig $
#apt-get -y remove python-pip
#run_python -m easy_install pip
}
# Commented out both the remove/reinstall lines for pip
$ sudo ./AlexaPi/src/scripts/setup.sh
...
pip 1.5.6 from /usr/lib/python2.7/dist-packages (python 2.7)
Downloading/unpacking requests>=2.13.0 (from -r ./requirements.txt (line 1))
Cleaning up...
Exception:
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/pip/basecommand.py", line 122, in main
status = self.run(options, args)
File "/usr/lib/python2.7/dist-packages/pip/commands/install.py", line 290, in run
requirement_set.prepare_files(finder, force_root_egg_info=self.bundle, bundle=self.bundle)
File "/usr/lib/python2.7/dist-packages/pip/req.py", line 1178, in prepare_files
url = finder.find_requirement(req_to_install, upgrade=self.upgrade)
File "/usr/lib/python2.7/dist-packages/pip/index.py", line 194, in find_requirement
page = self._get_page(main_index_url, req)
File "/usr/lib/python2.7/dist-packages/pip/index.py", line 568, in _get_page
session=self.session,
File "/usr/lib/python2.7/dist-packages/pip/index.py", line 694, in get_page
req, link, "connection error: %s" % exc, url,
TypeError: __str__ returned non-string (type Error)
Storing debug log for failure in /root/.pip/pip.log
$ sudo python -m easy_install pip
Searching for pip
Best match: pip 1.5.6
Adding pip 1.5.6 to easy-install.pth file
Installing pip script to /usr/local/bin
Installing pip2.7 script to /usr/local/bin
Installing pip2 script to /usr/local/bin
Using /usr/lib/python2.7/dist-packages
Processing dependencies for pip
Finished processing dependencies for pip
$ sudo ./AlexaPi/src/scripts/setup.sh
pip 1.5.6 from /usr/lib/python2.7/dist-packages (python 2.7)
Downloading/unpacking requests>=2.13.0 (from -r ./requirements.txt (line 1))
Cleaning up...
Exception:
Traceback (most recent call last):
File "/usr/lib/python2.7/dist-packages/pip/basecommand.py", line 122, in main
status = self.run(options, args)
File "/usr/lib/python2.7/dist-packages/pip/commands/install.py", line 290, in run
requirement_set.prepare_files(finder, force_root_egg_info=self.bundle, bundle=self.bundle)
File "/usr/lib/python2.7/dist-packages/pip/req.py", line 1178, in prepare_files
url = finder.find_requirement(req_to_install, upgrade=self.upgrade)
File "/usr/lib/python2.7/dist-packages/pip/index.py", line 194, in find_requirement
page = self._get_page(main_index_url, req)
File "/usr/lib/python2.7/dist-packages/pip/index.py", line 568, in _get_page
session=self.session,
File "/usr/lib/python2.7/dist-packages/pip/index.py", line 694, in get_page
req, link, "connection error: %s" % exc, url,
TypeError: __str__ returned non-string (type Error)
Storing debug log for failure in /root/.pip/pip.log
^ So it's failing on the requirements.txt file's first line for v2.13.0 of requests. Sounds like pip isn't happy so this attempt at manually installing it outside of the system isn't working.
We'll, that's probably why it's been changed.
Meanwhile, why isn't easy_install working? I'm sorry to say that I don't know.
Easy_install doesn't seem to be happy under the control of setup.sh, somehow. I've reverted the debian.sh and am running it again.
Removing python-pip (1.5.6-5) ... Processing triggers for man-db (2.7.5-1~bpo8+1) ... Searching for pip Reading https://pypi.python.org/simple/pip/ Download error on https://pypi.python.org/simple/pip/: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581) -- Some packages may not be found! Couldn't find index page for 'pip' (maybe misspelled?) Scanning index of all packages (this may take a while) Reading https://pypi.python.org/simple/ Download error on https://pypi.python.org/simple/: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581) -- Some packages may not be found! No local packages or download links found for pip error: Could not find suitable distribution for Requirement.parse('pip')
$ sudo nano /usr/lib/python2.7/dist-packages/setuptools/ssl_support.py add "ssl = None" after the try section near the top to override ssl completely Per https://stackoverflow.com/questions/32894267/how-to-get-easy-install-to-ignore-certifcate
... and it appears to be installing now. We'll see...
Fantastic! I was about to suggest manually pointing at one of the tar.gz files at https://pypi.python.org/simple, but I think this is a better workaround.
Setup.sh is chugging right along.
Sounds like a workable solution to me. You can always toggle it back on after the install.
I'm guessing that the author of this issue was seeing something similar but he worked around the problem (in theory) by manually installing Python or one of the Python-related pieces like pip.
Following the Installation instructions today so the code should be the latest
In order to help troubleshooting, be sure to include the following information:
Your OS (including version) where you are running AlexaPi:
Your hardware platform and model you are running on:
Python release (
python2 --version
):Description of problem:
Expected:
Problem-relevant
config.yaml
entries:Steps to reproduce:
Traceback (if applicable):
Additional info: