Am Wed, Apr 16, 2025 at 11:23:03AM +0200, schrieb Laurent Bigonville:

On Tue, 13 Aug 2024 19:57:58 +0200 Sven Bartscher <kritzefitz@debian.org> wrote:

for a while I've been having the problem with `apt update` that it
pretends to complete successfully, but it didn't actually pull updated index data. I run it like this:

$ sudo apt-get update
[sudo] Passwort für sven:
OK:1 https://deb.debian.org/debian testing InRelease
OK:2 https://deb.debian.org/debian unstable InRelease
OK:3 https://deb.debian.org/debian experimental InRelease
OK:4 https://deb.debian.org/debian-debug testing-debug InRelease
OK:5 https://deb.debian.org/debian-debug unstable-debug InRelease
OK:6 https://deb.debian.org/debian-debug experimental-debug InRelease Paketlisten werden gelesen… Fertig

I do have the same issue

You have what issue?

Some people have that "same issue" by incorrectly copying/restoring the
lists/ directory. Is that your issue?

On the surface, and with the output you present/quoted this is perfectly
normal and expected. apt will ask for a InRelease file first and if that
didn't change there is no point in asking for the other files: In the
best case the server will just say the files didn't change.
Alternatively, the server replies with newer/older files we have no
checksums for and would need to refuse anyhow.

I enabled debugging in apt (Debug::Acquire::http=true) and I see the following:

GET /debian/dists/unstable/InRelease HTTP/1.1

[…]

If-Modified-Since: Wed, 16 Apr 2025 08:18:27 GMT

Answer for: http://ftp.be.debian.org/debian/dists/unstable/InRelease HTTP/1.1 304 Not Modified
Date: Wed, 16 Apr 2025 09:07:23 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Wed, 16 Apr 2025 08:18:27 GMT

[…]

-rw-r--r-- 1 root root   302323 15 avr 04:01 ftp.be.debian.org_debian_dists_unstable_contrib_binary-amd64_Packages

So this contrib is listed in https://snapshot.debian.org/file/6c3f5892d4c6363f4b4f6ed076fcc8fd7cd120cd/Release
which is dated Tue, 15 Apr 2025 02:19:53 UTC.

Some of the other index files are dated later than that Release file
through, so probably more like this one: https://snapshot.debian.org/file/c95522b0bfabf1e1f2277d36f12b3861ae9c1b0c/Release
which is dated Tue, 15 Apr 2025 14:13:09 UTC and also lists that file
unchanged (which btw also causes apt to not download that index
"again" if you update from the first to the second Release file).

The Release file you currently have could be https://snapshot.debian.org/file/d47c8fc56da7f58c6ab18309c26b8337b76bfc4c/Release
dated Wed, 16 Apr 2025 08:17:02 UTC, that has a different size for that
file – the moment that Release file got downloaded apt should have also downloaded the new version of that contrib file and "installed" them
together.

I picked that file at semi-random as contrib changes less often than
main stuff & I can look for the size as your config happens to have that
file being uncompressed. You also have Contents files, which are useless
in this lookup as they are lz4 compressed – good for usage, but that compression only exists in storage, not in the Release file (which also explains why apt can't just "recover" from this problem by checking
hashsums of the files it has in storage as in general it doesn't have
the hashes and just has to assume that what it has in storage is what
is listed in the old Release file it has in storage, too).


The interesting thing to discover now is what happened in these 24 hours
on your system that lists/ got a new Release file (or, well InRelease),
but not new indexes… unsurprisingly that shouldn't happen, but so far
nobody has provided any leads as people notice only after the fact and
at that point any debugging is pointless.


The only scenario I know of is disabling APT::Get::List-Cleanup and
running apt with a (slightly) different sources.list – like without
contrib. I am not quite sure how we could solve that scenario given
in some way its what the user requested; but not what they wanted.
I know some front ends might use that option. I suppose some users
could produce with interesting read permissions on configuration
combined with those front ends such a case by "accident".
In any case, I doubt that is what is happening here for "most" people
with the "same" issue, so I haven't thought about that too much yet.


Now, given you are in that situation, apt will at some point "recover"
from it, given that eventually InRelease will be updated and the files
it contains will eventually change, too. You 'only' forced that by
removing the InRelease file. You also could have removed the index…
(apt would have noticed that the file isn't there and downloads it
even if you got a hit on the Release given we have to deal with config
changes, like you adding another architecture since the last update
but before the next mirror change).

severity 1078608 serious

Not that it makes any practical difference in the apt team if you tag
it wishlist or critical, but I am curious: Which section in the Debian
policy is apt violating here? Or have I just missed you joining the
apt team and/or Debian Release team?
(See https://www.debian.org/Bugs/Developer#severities)
Some maintainers can get really angry if you use the wrong severities,
so ideally, next time, you should give a justification at least.


Best regards

David Kalnischkies

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE5sn+Q4uCja/tn0GrMRvlz3HQeIMFAmgBa6EACgkQMRvlz3HQ eIMP3Q/9G3xT0TWCQ0JnK99Gw1s6hucgZzuWltM6C/tACElQZG8qR8rUPQ8MaAb0 hmqxe9BMLbW8paFHthjYRzR+1d6kbMXgLAzrvEOlP/aPGlb6QqlHe66RNohUbksr VdViXmTBmEfD5/qw88cwSMocSybOw+cSC+9E6xp6l51h6tURohOaVabaW9Ufi5lh euDHD3k2wXzGg0lDasVkj/x2F0mODZS3OnVWRPrICjo4pupHTSVuBAgc5Fe+YRxs j9x2v2Kg7WlxDhkyn32rofnCXhEPBamrFRHEzCBDrnWElhtXtdKLR9AWlFbJ2+6G 5VtHNY93ecBDoN4Ovtg/nNb/Kb5fD8Tq/XsM8zzqd+mtYSvDRDpdcQwzRohJGLJG JNxzosDvZQj73oWoYcqxkIQacyjMFSmDk7r1EOXZIjjaU3o5L6iRV5H8m1psteHN +6xGdfo0HfGw24bqkxfgGdje6VoYqOViUq5bpZvcIJQisdYiuggy1YQtSPjbYiN4 kfSDB0pJ3F1U22iqDSZZ02QDWSc6dnVqyvPsnL/sv2JblnqaWkC9aqCWv9HyC7cJ 3X8yjTPSMBXyqdLOdBpF2+o1DWXB98jF3LJgLmInI6pQGaEj/dujZfLq+BlpgKdh mXIOJ5LktbA2MRZceiirg83KRHoKNcYGuQR7DzkuAN3FIXGfHdM=
=hwBD
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On April 16, 2025 11:23:03 AM GMT+02:00, Laurent Bigonville <bigon@debian.org> wrote:

severity 1078608 serious
thanks

On Tue, 13 Aug 2024 19:57:58 +0200 Sven Bartscher <kritzefitz@debian.org> wrote:

Package: apt
Version: 2.9.7
Severity: normal

Hi,

for a while I've been having the problem with `apt update` that it
pretends to complete successfully, but it didn't actually pull updated
index data. I run it like this:

$ sudo apt-get update
[sudo] Passwort für sven:
OK:1 https://deb.debian.org/debian testing InRelease
OK:2 https://deb.debian.org/debian unstable InRelease
OK:3 https://deb.debian.org/debian experimental InRelease
OK:4 https://deb.debian.org/debian-debug testing-debug InRelease
OK:5 https://deb.debian.org/debian-debug unstable-debug InRelease
OK:6 https://deb.debian.org/debian-debug experimental-debug InRelease
Paketlisten werden gelesen… Fertig

I do have the same issue

I enabled debugging in apt (Debug::Acquire::http=true) and I see the following:

GET /debian/dists/unstable/InRelease HTTP/1.1
Host: ftp.be.debian.org
Cache-Control: max-age=0
Accept: text/*
If-Modified-Since: Wed, 16 Apr 2025 08:18:27 GMT
User-Agent: Debian APT-HTTP/1.3 (3.0.0)

Answer for: http://ftp.be.debian.org/debian/dists/unstable/InRelease
HTTP/1.1 304 Not Modified
Date: Wed, 16 Apr 2025 09:07:23 GMT
Server: Apache/2.4.62 (Debian)
Last-Modified: Wed, 16 Apr 2025 08:18:27 GMT
ETag: "32185-632e0ee051d8b"
Accept-Ranges: bytes

In /var/lib/apt/lists I see

-rw-r--r-- 1 root root   302323 15 avr 04:01 ftp.be.debian.org_debian_dists_unstable_contrib_binary-amd64_Packages
-rw-r--r-- 1 root root   865256 13 avr 04:10 ftp.be.debian.org_debian_dists_unstable_contrib_Contents-all.lz4
-rw-r--r-- 1 root root   342240  6 avr 21:59 ftp.be.debian.org_debian_dists_unstable_contrib_Contents-amd64.lz4
-rw-r--r-- 1 root root    46332 13 avr 22:16 ftp.be.debian.org_debian_dists_unstable_contrib_dep11_Components-amd64.yml.gz
-rw-r--r-- 1 root root    63450  8 avr 16:18 ftp.be.debian.org_debian_dists_unstable_contrib_dep11_icons-48x48.tar.gz
-rw-r--r-- 1 root root   137064  8 avr 16:18 ftp.be.debian.org_debian_dists_unstable_contrib_dep11_icons-64x64.tar.gz
-rw-r--r-- 1 root root   230711 13 avr 04:09 ftp.be.debian.org_debian_dists_unstable_contrib_i18n_Translation-en
-rw-r--r-- 1 root root   277653 15 avr 04:01 ftp.be.debian.org_debian_dists_unstable_contrib_source_Sources
-rw-r--r-- 1 root root   205189 16 avr 10:18 ftp.be.debian.org_debian_dists_unstable_InRelease
-rw-r--r-- 1 root root 59849824 15 avr 09:59 ftp.be.debian.org_debian_dists_unstable_main_binary-amd64_Packages
-rw-r--r-- 1 root root 71261008 15 avr 04:05 ftp.be.debian.org_debian_dists_unstable_main_Contents-all.lz4
-rw-r--r-- 1 root root 24680232 15 avr 10:00 ftp.be.debian.org_debian_dists_unstable_main_Contents-amd64.lz4
-rw-r--r-- 1 root root  8078991 15 avr 04:10 ftp.be.debian.org_debian_dists_unstable_main_dep11_Components-amd64.yml.gz
-rw-r--r-- 1 root root  3759152 15 avr 04:13 ftp.be.debian.org_debian_dists_unstable_main_dep11_icons-48x48.tar.gz
-rw-r--r-- 1 root root  7713726 15 avr 04:13 ftp.be.debian.org_debian_dists_unstable_main_dep11_icons-64x64.tar.gz
-rw-r--r-- 1 root root 36755629 15 avr 09:58 ftp.be.debian.org_debian_dists_unstable_main_i18n_Translation-en
-rw-r--r-- 1 root root 15793455 15 avr 04:55 ftp.be.debian.org_debian_dists_unstable_main_i18n_Translation-fr
-rw-r--r-- 1 root root 62377703 15 avr 09:59 ftp.be.debian.org_debian_dists_unstable_main_source_Sources
-rw-r--r-- 1 root root   868454 12 avr 22:04 ftp.be.debian.org_debian_dists_unstable_non-free_binary-amd64_Packages
-rw-r--r-- 1 root root  1546853  6 avr 21:59 ftp.be.debian.org_debian_dists_unstable_non-free_Contents-all.lz4
-rw-r--r-- 1 root root   195881 12 avr 04:03 ftp.be.debian.org_debian_dists_unstable_non-free_Contents-amd64.lz4
-rw-r--r-- 1 root root     5554 13 avr 04:19 ftp.be.debian.org_debian_dists_unstable_non-free_dep11_Components-amd64.yml.gz
-rw-r--r-- 1 root root     1372 14 mar 03:19 ftp.be.debian.org_debian_dists_unstable_non-free_dep11_icons-48x48.tar.gz
-rw-r--r-- 1 root root    28090 14 mar 03:19 ftp.be.debian.org_debian_dists_unstable_non-free_dep11_icons-64x64.tar.gz
-rw-r--r-- 1 root root    32203 14 avr 22:07 ftp.be.debian.org_debian_dists_unstable_non-free-firmware_binary-amd64_Packages
-rw-r--r-- 1 root root    46620 14 avr 22:08 ftp.be.debian.org_debian_dists_unstable_non-free-firmware_Contents-all.lz4
-rw-r--r-- 1 root root     1983 24 mar 09:04 ftp.be.debian.org_debian_dists_unstable_non-free-firmware_Contents-amd64.lz4
-rw-r--r-- 1 root root    38125 15 avr 04:17 ftp.be.debian.org_debian_dists_unstable_non-free-firmware_dep11_Components-amd64.yml.gz
-rw-r--r-- 1 root root       29  8 jan  2023 ftp.be.debian.org_debian_dists_unstable_non-free-firmware_dep11_icons-48x48.tar.gz
-rw-r--r-- 1 root root       29  8 jan  2023 ftp.be.debian.org_debian_dists_unstable_non-free-firmware_dep11_icons-64x64.tar.gz
-rw-r--r-- 1 root root    15272 14 avr 22:07 ftp.be.debian.org_debian_dists_unstable_non-free-firmware_i18n_Translation-en
-rw-r--r-- 1 root root    37646 14 avr 22:07 ftp.be.debian.org_debian_dists_unstable_non-free-firmware_source_Sources
-rw-r--r-- 1 root root   697879 12 avr 04:02 ftp.be.debian.org_debian_dists_unstable_non-free_i18n_Translation-en
-rw-r--r-- 1 root root   441330 12 avr 22:04 ftp.be.debian.org_debian_dists_unstable_non-free_source_Sources

So it seems that the InRelease file was downloaded, but not the rest

If I delete the InRelease file, the other files are being downloaded

What is the Date field in the InRelease file?


--
sent from my phone, excuse the brevity, if any

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Le 18/04/25 à 09:43, Julian Andres Klode a écrit :

On April 16, 2025 11:23:03 AM GMT+02:00, Laurent Bigonville <bigon@debian.org> wrote:

[...]

So it seems that the InRelease file was downloaded, but not the rest

If I delete the InRelease file, the other files are being downloaded

What is the Date field in the InRelease file?

I didn't write it down, next time I'm facing the issue I'll write that down

Kind regards,

Laurent Bigonville

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Am Fri, Apr 18, 2025 at 11:30:12AM +0200, schrieb Laurent Bigonville:

The interesting thing to discover now is what happened in these 24 hours
on your system that lists/ got a new Release file (or, well InRelease),
but not new indexes… unsurprisingly that shouldn't happen, but so far nobody has provided any leads as people notice only after the fact and
at that point any debugging is pointless.

It's a laptop with a desktop environment and PackageKit is installed, not sure whether PK could impact this. Also the laptop has been probably restarted in between so that means that PK has restarted and probably tried to update the indexes.

Well, while all front ends do share code and logic via libapt, there is
always the possibility of the front end holding it wrong. And there is
never an easy tell which config they are using. (At least I don't know…)

Anecdotal evidence suggests its some front end as I don't use any and
don't have that problem, while initial reporter here claim they have it
only on one system – while all likely have apt installed, so a general problem would appear in general… of course, that is a rather weak
approach especially as this is both usually a silent issue and
a self-healing one, but its all we have so far…
Or if you will: +moreinfo +unreproducible.

severity 1078608 serious

Not that it makes any practical difference in the apt team if you tag
it wishlist or critical, but I am curious: Which section in the Debian policy is apt violating here? Or have I just missed you joining the
apt team and/or Debian Release team? (Seehttps://www.debian.org/Bugs/Developer#severities)
Some maintainers can get really angry if you use the wrong severities,
so ideally, next time, you should give a justification at least.

Serious severity is:

is a severe violation of Debian policy (roughly, it violates a
"must" or "required" directive), or, in the package maintainer's
or release manager's opinion, makes the package unsuitable for
release.

In my opinion, having trouble to update a system makes apt "unsuitable for release". And marking it "serious" makes this visible to the release manager team.

If I tagged every bug serious I thought makes something unsuitable for
release or that I want other people to look at… but as you quoted
my own opinion is irrelevant for the label 'serious' by design and
it shouldn't be misused as "summoning magic" either…

Tag it 'grave' if that is your reasoning (and it makes you feel better),
but as already said at least here it doesn't really matter as we have
a 1000+ open bugs against apt at least someone believes is serious in
their opinion. Does it change anything? Nope.

All it really does is that testers upgrading from stable will be scared
by apt-listbugs in a sense having probably more negative impact on the
release than this bug seems to be able to. In exchange, no magic army of
coders appears that fixes bugs nor does anyone provide any meaningful
details based on severity.
For all we know, as we know nothing, apt/oldstable has that problem, too, (assuming of course its an apt problem to begin with) making that even
more ironic.

But it makes you feel better and I don't really care, so its fine.
I was indeed just giving you a hint for next time on another package
to include a justification rather than treat it as "obviously so".


Best regards

David Kalnischkies

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEE5sn+Q4uCja/tn0GrMRvlz3HQeIMFAmgCNmsACgkQMRvlz3HQ eINY7g/+IDNDCQ490YFVrptU7dsUygOd/g7zY1dQqCgcxppiKRjcEfxvrLtqd80J 1ikF8zsYBx70JHlslKZOJhh+rcWEpO1Vcg5dt2QsrVGoHT7CEeXXybd/iWUv7hF+ Nh8l4quzC6pxyzjDrYjT+vJOpD/MWwMBQdIDpICV25AYdIKwGqYuN9aEghZg6bvc wXQNHpbfNqmqR9tfUAgNLNvvyEGQykuglPkhzeAeRG3Xn8kX0oP1UDG4MdT0aU7a 5axkoXMbZfGiCwnNeFfHjarQ5ZoCwGwIRtkJe9mN6moHs2TB1X1Bhez7VA3hgAmC PUEEbwTbD69z4gJKRfFh9375mTfsol8DjtReFYYG0un+c3cOZxVwQ7Qr9tMysnLY 3JlJK1cYzxH+dV0Pz+rm3dn5e3aPPIz0J35smMD1GV+AeaMobw7c00zwlYs3qtVE rpAVlP5Bqd9/Ab+Z9moVYKMhv4zBiS+pfdI2Qk169hNLOkoR2B8SeqNgeD15CSUS 2WRAMoO5hx52OWjuSzVHSUxAN8kTp1TzKdPdfWncOWnGLQ1N7XukM3kMEd5rCfTd lu5iT/gBdeVhQze61exthTBlDsSxc4ZIOHgm0R0VZtDXwhWgc8sUEzHUCKAO/bHY KqzE4DCsISsvmwvKQ3epRkHqjVf+1TCvogk3ws+hQp3mUnO6DTk=
=PXPo
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

--=-ab6kc/C/p/D+Ukv0CDcd
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

On Sun, 2025-04-27 at 16:18 +0200, Ben Hutchings wrote:
[...]

- If I mask packagekit.service before booting (using a rescue shell), 
then none of the files are updated automatically. Running 'apt
update' updates them all as expected.

So it seems like this problem may be specific to PackageKit.

Sven and Laurent, do your affected systems have PackageKit installed?

OK, so I think this is confirmed as somehow PackageKit-related.

I had a look through the code for "apt update" and the PackageKit APT
back-end to see what might be different. I think this has something to
do with the different pkgAcquireStatus subclasses they use, but I
couldn't identify a specific bug in PackageKit.

I experimented with writing a test program that implements its own pkgAcquireStatus, and I I'm attaching the source for that. It needs to
be run on a system where a local InRelease file is out of date. If you
answer "no" to the Pulse() after the *second* time the InRelease file is reported done, that should reproduce the broken state.

(The default answers are set for my VM snapshot which now has very
outdated InRelease files, so I know that the Pulse() after a ReleaseInfoChanges() is the place to stop.)

Ben.

--
Ben Hutchings
If at first you don't succeed, you're doing about average.

--=-ab6kc/C/p/D+Ukv0CDcd
Content-Disposition: attachment; filename="apt-bug-1078608.cpp" Content-Transfer-Encoding: base64
Content-Type: text/x-c++src; name="apt-bug-1078608.cpp"; charset="UTF-8"

I2luY2x1ZGUgPGlvc3RyZWFtPgojaW5jbHVkZSA8dXRpbGl0eT4KCiNpbmNsdWRlIDxhcHQtcGtn L2FjcXVpcmUuaD4KI2luY2x1ZGUgPGFwdC1wa2cvY2FjaGVmaWxlLmg+CiNpbmNsdWRlIDxhcHQt cGtnL2luaXQuaD4KI2luY2x1ZGUgPGFwdC1wa2cvbWFjcm9zLmg+CiNpbmNsdWRlIDxhcHQtcGtn L3BrZ3N5c3RlbS5oPgojaW5jbHVkZSA8YXB0LXBrZy9zb3VyY2VsaXN0Lmg+CiNpbmNsdWRlIDxh cHQtcGtnL3VwZGF0ZS5oPgoKYm9vbCBhc2tfY29udGludWUoYm9vbCBhbnN3ZXIpCnsKICAgIGNo YXIgY2ggPSAwOwoKICAgIHN0ZDo6Y291dCA8PCAiY29udGludWU/ICIKCSAgICAgIDw8IChhbnN3 ZXIgPyAiW3llc10vbm8iIDogInllcy9bbm9dIikKCSAgICAgIDw8ICJcbiI7CgogICAgd2hpbGUg KHN0ZDo6Y2luLmdldChjaCkgJiYgY2ggIT0gJ1xuJykgewoJaWYgKGNoID09ICd5JyB8fCBjaCA9 PSAnWScpCgkgICAgYW5zd2VyID0gdHJ1ZTsKCWlmIChjaCA9PSAnbicgfHwgY2ggPT0gJ04nKQoJ ICAgIGFuc3dlciA9IGZhbHNlOwogICAgfQoKIC

Control: tag -1 confirmed

On 18 May 2025 00:37:44 CEST, Ben Hutchings <ben@decadent.org.uk> wrote:

On Sun, 2025-04-27 at 16:18 +0200, Ben Hutchings wrote:
[...]

- If I mask packagekit.service before booting (using a rescue shell), 
then none of the files are updated automatically. Running 'apt
update' updates them all as expected.

So it seems like this problem may be specific to PackageKit.

Sven and Laurent, do your affected systems have PackageKit installed?

OK, so I think this is confirmed as somehow PackageKit-related.

I had a look through the code for "apt update" and the PackageKit APT >back-end to see what might be different. I think this has something to
do with the different pkgAcquireStatus subclasses they use, but I
couldn't identify a specific bug in PackageKit.

I experimented with writing a test program that implements its own >pkgAcquireStatus, and I I'm attaching the source for that. It needs to
be run on a system where a local InRelease file is out of date. If you >answer "no" to the Pulse() after the *second* time the InRelease file is >reported done, that should reproduce the broken state.

Thanks, yes. I had a quick look at the code on Salsa from my phone:

So when the fetcher stops (Pulse()=false cancels the update run), it runs the Finished method on each item.

When the Finished() method of an InRelease file is called, it commits the transaction if it has started and there were no errors;
that is, it does not check the transaction was actually complete.

--
sent from my phone, excuse the brevity, if any

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)