On Saturday 28 June 2008, Joey Hess wrote: > If a Release file fails to verify because it is out of sync with the > Release.gpg on one mirror, debootstrap will cache the file, and reuse > it if it's run a second time, with a different mirror. Result is that > the second mirror also appears to fail. > > debootstrap should delete cached files if they fail to verify. This > may apply to downloaded debs, too.
What about something like the attached (untested) patch? It ensures that both the Release and Release.gpg files are always downloaded. AFAICT anything that is downloaded later gets checked using MD5SUMS or similar and old versions get deleted automatically if that is invalid. Cheers, FJP
Index: functions
===================================================================
--- functions (revision 53808)
+++ functions (working copy)
@@ -248,6 +248,7 @@
get () {
# args: from dest [md5sum size] [alt {md5sum size type}]
+ # args: from dest nocache
local displayname
if [ "${2%.deb}" != "$2" ]; then
displayname="$(echo "$2" | sed 's,^.*/,,;s,_.*$,,')"
@@ -258,12 +259,15 @@
if [ -e "$2" ]; then
if [ "$3" = "" ]; then
return 0
- fi
- info VALIDATING "Validating %s" "$displayname"
- if check_md5 "$2" "$3" "$4"; then
- return 0
+ elif [ "$3" = nocache ]; then
+ rm -f "$2"
else
- rm -f "$2"
+ info VALIDATING "Validating %s" "$displayname"
+ if check_md5 "$2" "$3" "$4"; then
+ return 0
+ else
+ rm -f "$2"
+ fi
fi
fi
if [ "$#" -gt 5 ]; then
@@ -441,7 +445,7 @@
if [ -n "$KEYRING" ]; then
progress 0 100 DOWNRELSIG "Downloading Release file signature"
progress_next 50
- get "$m1/dists/$SUITE/Release.gpg" "$relsigdest" ||
+ get "$m1/dists/$SUITE/Release.gpg" "$relsigdest" nocache ||
error 1 NOGETRELSIG "Failed getting release signature file %s" \
"$m1/dists/$SUITE/Release.gpg"
progress 50 100 DOWNRELSIG "Downloading Release file signature"
@@ -460,7 +464,7 @@
local reldest="$TARGET/$($DLDEST rel "$SUITE" "$m1" "dists/$SUITE/Release")"
progress 0 100 DOWNREL "Downloading Release file"
progress_next 100
- get "$m1/dists/$SUITE/Release" "$reldest" ||
+ get "$m1/dists/$SUITE/Release" "$reldest" nocache ||
error 1 NOGETREL "Failed getting release file %s" "$m1/dists/$SUITE/Release"
TMPCOMPONENTS="$(sed -n 's/Components: *//p' "$reldest")"
signature.asc
Description: This is a digitally signed message part.
