We've managed to track this down on IRC to the fact that both the public system-image.ubuntu.com and the PES-internal system-image instance are publishing the same Ubuntu tarballs, but signed by different keys (which is by design). The result is that if you use the same system to flash images from both servers that use the same Ubuntu rootfs, you get cache corruption: the previously-downloaded .asc signature file will be transferred to the device for use in flashing, but it will not be trusted by the keyring from the other server, resulting in a failure to flash the image.
I see two ways to address this in udf: 1) verify the signature of the tarball against the to-be-used keyring before flashing, and if it doesn't verify, discard the signature (and if it was cached, re-download). 2) always exclude signatures from the cache (they're cheap to re-download anyway). Option 1 allows other classes of signature failures to be caught early before the time-consuming copy to the device, but involves a significant amount of code duplication. Option 2 should be trivial to implement. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1455605 Title: ubuntu-device-flash should verify signature in cache matches current keyring before flashing To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/goget-ubuntu-touch/+bug/1455605/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
