I believe I've found a bug in the DVD ISO installer logic which affects
11.11 and earlier but in theory could affect 12.x as well.

Description:

A default installation of Debian 11.11 (Bullseye) from the official DVD ISO fails with the following error:

Installation step failed
An installation step failed. You can try to run the failing item again
from the menu, or skip it and choose something else. The failing step
is: Select and install software

This failure occurs during the "Select and install software" stage. The
root cause is an attempt to install security updates from the security
network repository *even when the user selects the default "No" to using a network mirror*.

Steps to Reproduce:

1. Boot the Debian 11.11 DVD ISO on an Internet-connected PC
2. Proceed through the installation process.
3. When prompted "Use a network mirror?", select the default "No".
4. Continue with the installation.
5. The installation will fail at the "Select and install software" step
with the aforementioned error.

Expected Behavior:

The installation should succeed whether the user uses the default "No" to
using a network mirror or manually sets a network mirror to use.

Observed Behavior:

When "No" is selected for the network mirror, the installer still attempts
to use the repository http://security.debian.org/debian-security bullseye-security/main. This leads to dependency issues because the DVD
media's package versions are older than those required by the security repository updates. The installer then fails because it cannot resolve
these dependencies.

Workaround:

The user must either:

1. Select "Yes" to the "Use a network mirror?" prompt and configure a
mirror.
2. Disconnect the machine from the network before starting the
installation.

These workarounds are not obvious to the user, even after encountering the "Installation step failed" error.

Impact:

This bug prevents users from performing a default offline installation of Debian 11.11 from the DVD ISO on a network-connected machine. It creates a confusing user experience and may lead users to believe the ISO is faulty.

Further Information:

This issue highlights a potential disconnect between the intent of the "No" option for network mirrors and the actual installer behavior. IMO,
the installer should do one of the following:

- Respect the user's choice and perform a purely offline installation
when "No" is selected on the network mirror page.
- If the user chooses not to use a mirror, check for an internet
connection and either:
- prompt the user to decide to install security updates, with a warning that this may fail without a mirror.
- prompt the user to set a network mirror to avoid potential installation failure.


Relevant installation syslog:

Jan 31 05:32:59 cdrom-detect: Devices: '/dev/sr0'
Jan 31 05:32:59 cdrom-detect: CD-ROM mount succeeded: device=/dev/sr0 fstype=iso9660
Jan 31 05:32:59 kernel: [ 7.306344] ISO 9660 Extensions: Microsoft
Joliet Level 3
Jan 31 05:32:59 kernel: [ 7.306752] ISO 9660 Extensions: RRIP_1991A
Jan 31 05:32:59 cdrom-detect: Detected CD 'Debian GNU/Linux 11.11.0
"Bullseye" - Official amd64 DVD Binary-1 20240831-14:01'

...


Jan 31 05:35:42 apt-setup: warning:
/usr/lib/apt-setup/generators/50mirror returned error code 1;
discarding output
Jan 31 05:35:42 apt-setup: dpkg-divert: warning: diverting file '/sbin/start-stop-daemon' from an Essential package with rename is
dangerous, use --no-rename
Jan 31 05:35:42 in-target: Get:1
http://security.debian.org/debian-security bullseye-security InRelease
[27.2 kB]
Jan 31 05:35:42 in-target: Get:2
http://security.debian.org/debian-security bullseye-security/main
amd64 Packages [340 kB]
Jan 31 05:35:42 in-target: Get:3
http://security.debian.org/debian-security bullseye-security/main Translation-en [221 kB]
Jan 31 05:35:43 in-target: Fetched 587 kB in 0s (1,432 kB/s)
Jan 31 05:35:43 in-target: Reading package lists...
Jan 31 05:35:43 in-target:
Jan 31 05:35:43 apt-setup: dpkg-divert: warning: diverting file '/sbin/start-stop-daemon' from an Essential package with rename is
dangerous, use --no-rename
Jan 31 05:35:43 in-target: Hit:1
http://security.debian.org/debian-security bullseye-security InRelease
Jan 31 05:35:43 in-target: Reading package lists...
Jan 31 05:35:43 in-target:
Jan 31 05:35:43 apt-setup: dpkg-divert: warning: diverting file '/sbin/start-stop-daemon' from an Essential package with rename is
dangerous, use --no-rename
Jan 31 05:35:43 in-target: Hit:1
http://security.debian.org/debian-security bullseye-security InRelease
Jan 31 05:35:43 in-target: Get:2
http://security.debian.org/debian-security bullseye-security/main
Sources [233 kB]
Jan 31 05:35:43 in-target: Fetched 233 kB in 0s (2,422 kB/s)
Jan 31 05:35:43 in-target: Reading package lists...

...


Jan 31 05:36:49 in-target: Some packages could not be installed. This
may mean that you have
Jan 31 05:36:49 in-target: requested an impossible situation or if you
are using the unstable
Jan 31 05:36:49 in-target: distribution that some required packages
have not yet been created
Jan 31 05:36:49 in-target: or been moved out of Incoming.
Jan 31 05:36:49 in-target: The following information may help to
resolve the situation:
Jan 31 05:36:49 in-target:
Jan 31 05:36:49 in-target: The following packages have unmet dependencies:
Jan 31 05:36:49 in-target: gnome-core : Depends: gnome-control-center

= 1:3.38) but it is not installable

Jan 31 05:36:49 in-target: Depends: gnome-user-docs (>=
3.38) but it is not installable
Jan 31 05:36:49 in-target: Depends: gnome-sushi (>=
3.34) but it is not installable
Jan 31 05:36:49 in-target: Depends: yelp (>= 3.38) but
it is not installable
Jan 31 05:36:49 in-target: Depends: zenity (>= 3.32) but
it is not installable
Jan 31 05:36:49 in-target: gnome-online-accounts : Depends: libgoa-backend-1.0-1 (= 3.38.0-3) but it is not installable
Jan 31 05:36:49 in-target: Depends: libwebkit2gtk-4.0-37 (>= 2.26) but it is not installable
Jan 31 05:36:49 in-target: Recommends: gnome-control-center (>= 3.6.1) but it is not installable
Jan 31 05:36:49 in-target: libedataserverui-1.2-2 : Depends: libwebkit2gtk-4.0-37 (>= 2.25.1) but it is not installable
Jan 31 05:36:49 in-target: libproxy1-plugin-webkit : Depends: libjavascriptcoregtk-4.0-18 but it is not installable
Jan 31 05:36:49 in-target: E: Unable to correct problems, you have
held broken packages.
Jan 31 05:36:49 in-target: tasksel: apt-get failed (100)

<div dir="ltr"><p>I believe I&#39;ve found a bug in the DVD ISO installer logic which affects 11.11 and earlier but in theory could affect 12.x as well.</p><p>Description:</p><p>A default installation of Debian 11.11 (Bullseye) from the official DVD ISO
fails with the following error:</p><span class="gmail-"><span class="gmail-ng-tns-c2096949768-23 gmail-ng-star-inserted"><div class="gmail-code-block gmail-ng-tns-c2096949768-23 gmail-ng-trigger gmail-ng-trigger-codeBlockRevealAnimation"><div class="
gmail-formatted-code-block-internal-container gmail-ng-tns-c2096949768-23"><div class="gmail-animated-opacity gmail-ng-tns-c2096949768-23"><pre class="gmail-ng-tns-c2096949768-23"><code role="text" class="gmail-code-container gmail-formatted gmail-ng-tns-
c2096949768-23 gmail-no-decoration-radius">Installation step failed
An installation step failed. You can try to run the failing item again from the menu, or skip it and choose something else. The failing step is: Select and install software
</code></pre></div></div></div></span></span><p>This failure occurs during the &quot;Select and install software&quot; stage. The root cause is an attempt to install security updates from the security network repository <em>even when the user selects
the default &quot;No&quot; to using a network mirror</em>.</p><p>Steps to Reproduce:</p><ol>
<li>Boot the Debian 11.11 DVD ISO on an Internet-connected PC</li>
<li>Proceed through the installation process.</li>
<li>When prompted &quot;Use a network mirror?&quot;, select the default &quot;No&quot;.</li>
<li>Continue with the installation.</li>
<li>The installation will fail at the &quot;Select and install software&quot; step with the aforementioned error.</li>
</ol><p>Expected Behavior:</p><p>The installation should succeed whether the user uses the default &quot;No&quot; to using a network mirror or manually sets a network mirror to use.</p><p>Observed Behavior:</p><p>When &quot;No&quot; is selected for the
network mirror, the installer still attempts to use the repository <code><a href="http://security.debian.org/debian-security">http://security.debian.org/debian-security</a> bullseye-security/main</code>. This leads to dependency issues because the DVD
media&#39;s package versions are older than those required by the security repository updates. The installer then fails because it cannot resolve these dependencies.</p><p>Workaround:</p><p>The user must either:</p><ol>
<li>Select &quot;Yes&quot; to the &quot;Use a network mirror?&quot; prompt and configure a mirror.</li>
<li>Disconnect the machine from the network before starting the installation.</li>
</ol><p>These workarounds are not obvious to the user, even after encountering the &quot;Installation step failed&quot; error.</p><p>Impact:</p><p>This bug prevents users from performing a default offline installation of Debian 11.11 from the DVD ISO on
a network-connected machine. It creates a confusing user experience and may lead users to believe the ISO is faulty.</p><p>Further Information:</p><p>This issue highlights a potential disconnect between the intent of the &quot;No&quot; option for network
mirrors and the actual installer behavior. IMO, the installer should do one of the following:<br><br>    - Respect the user&#39;s choice and perform a purely offline installation when &quot;No&quot; is selected on the network mirror page.<br>    -
If the user chooses not to use a mirror, check for an internet connection and either:<br>           - prompt the user to decide to install security updates, with a warning that this may fail without a mirror.<br>           - prompt the user
to set a network mirror to avoid potential installation failure.</p><p><br>Relevant installation syslog:<br><br></p><pre class="gmail-a-b-r-La" style="font-family:&quot;Courier New&quot;,Courier,monospace,arial,sans-serif;margin-top:0px;margin-bottom:0px;
color:rgb(0,0,0);font-size:14px">Jan 31 05:32:59 cdrom-detect: Devices: &#39;/dev/sr0&#39;
Jan 31 05:32:59 cdrom-detect: CD-ROM mount succeeded: device=/dev/sr0 fstype=iso9660
Jan 31 05:32:59 kernel: [ 7.306344] ISO 9660 Extensions: Microsoft Joliet Level 3
Jan 31 05:32:59 kernel: [ 7.306752] ISO 9660 Extensions: RRIP_1991A
Jan 31 05:32:59 cdrom-detect: Detected CD &#39;Debian GNU/Linux 11.11.0 &quot;Bullseye&quot; - Official amd64 DVD Binary-1 20240831-14:01&#39;</pre><pre class="gmail-a-b-r-La" style="font-family:&quot;Courier New&quot;,Courier,monospace,arial,sans-serif;
margin-top:0px;margin-bottom:0px;color:rgb(0,0,0);font-size:14px">...</pre><pre class="gmail-a-b-r-La" style="font-family:&quot;Courier New&quot;,Courier,monospace,arial,sans-serif;margin-top:0px;margin-bottom:0px;color:rgb(0,0,0);font-size:14px"><br></

<pre class="gmail-a-b-r-La" style="font-family:&quot;Courier New&quot;,Courier,monospace,arial,sans-serif;margin-top:0px;margin-bottom:0px;color:rgb(0,0,0);font-size:14px"><pre class="gmail-a-b-r-La" style="font-family:&quot;Courier New&quot;,Courier,

monospace,arial,sans-serif;margin-top:0px;margin-bottom:0px">Jan 31 05:35:42 apt-setup: warning: /usr/lib/apt-setup/generators/50mirror returned error code 1; discarding output
Jan 31 05:35:42 apt-setup: dpkg-divert: warning: diverting file &#39;/sbin/start-stop-daemon&#39; from an Essential package with rename is dangerous, use --no-rename
Jan 31 05:35:42 in-target: Get:1 <a href="http://security.debian.org/debian-security">http://security.debian.org/debian-security</a> bullseye-security InRelease [27.2 kB]
Jan 31 05:35:42 in-target: Get:2 <a href="http://security.debian.org/debian-security">http://security.debian.org/debian-security</a> bullseye-security/main amd64 Packages [340 kB]
Jan 31 05:35:42 in-target: Get:3 <a href="http://security.debian.org/debian-security">http://security.debian.org/debian-security</a> bullseye-security/main Translation-en [221 kB]
Jan 31 05:35:43 in-target: Fetched 587 kB in 0s (1,432 kB/s)
Jan 31 05:35:43 in-target: Reading package lists...
Jan 31 05:35:43 in-target:
Jan 31 05:35:43 apt-setup: dpkg-divert: warning: diverting file &#39;/sbin/start-stop-daemon&#39; from an Essential package with rename is dangerous, use --no-rename
Jan 31 05:35:43 in-target: Hit:1 <a href="http://security.debian.org/debian-security">http://security.debian.org/debian-security</a> bullseye-security InRelease
Jan 31 05:35:43 in-target: Reading package lists...
Jan 31 05:35:43 in-target:
Jan 31 05:35:43 apt-setup: dpkg-divert: warning: diverting file &#39;/sbin/start-stop-daemon&#39; from an Essential package with rename is dangerous, use --no-rename
Jan 31 05:35:43 in-target: Hit:1 <a href="http://security.debian.org/debian-security">http://security.debian.org/debian-security</a> bullseye-security InRelease
Jan 31 05:35:43 in-target: Get:2 <a href="http://security.debian.org/debian-security">http://security.debian.org/debian-security</a> bullseye-security/main Sources [233 kB]
Jan 31 05:35:43 in-target: Fetched 233 kB in 0s (2,422 kB/s)
Jan 31 05:35:43 in-target: Reading package lists...</pre><pre class="gmail-a-b-r-La" style="font-family:&quot;Courier New&quot;,Courier,monospace,arial,sans-serif;margin-top:0px;margin-bottom:0px">...</pre><pre class="gmail-a-b-r-La" style="font-family:&
quot;Courier New&quot;,Courier,monospace,arial,sans-serif;margin-top:0px;margin-bottom:0px"><br></pre><pre class="gmail-a-b-r-La" style="font-family:&quot;Courier New&quot;,Courier,monospace,arial,sans-serif;margin-top:0px;margin-bottom:0px">Jan 31 05:36:
49 in-target: Some packages could not be installed. This may mean that you have Jan 31 05:36:49 in-target: requested an impossible situation or if you are using the unstable
Jan 31 05:36:49 in-target: distribution that some required packages have not yet been created
Jan 31 05:36:49 in-target: or been moved out of Incoming.
Jan 31 05:36:49 in-target: The following information may help to resolve the situation:
Jan 31 05:36:49 in-target:
Jan 31 05:36:49 in-target: The following packages have unmet dependencies:
Jan 31 05:36:49 in-target: gnome-core : Depends: gnome-control-center (&gt;= 1:3.38) but it is not installable
Jan 31 05:36:49 in-target: Depends: gnome-user-docs (&gt;= 3.38) but it is not installable
Jan 31 05:36:49 in-target: Depends: gnome-sushi (&gt;= 3.34) but it is not installable
Jan 31 05:36:49 in-target: Depends: yelp (&gt;= 3.38) but it is not installable
Jan 31 05:36:49 in-target: Depends: zenity (&gt;= 3.32) but it is not installable
Jan 31 05:36:49 in-target: gnome-online-accounts : Depends: libgoa-backend-1.0-1 (= 3.38.0-3) but it is not installable
Jan 31 05:36:49 in-target: Depends: libwebkit2gtk-4.0-37 (&gt;= 2.26) but it is not installable
Jan 31 05:36:49 in-target: Recommends: gnome-control-center (&gt;= 3.6.1) but it is not installable
Jan 31 05:36:49 in-target: libedataserverui-1.2-2 : Depends: libwebkit2gtk-4.0-37 (&gt;= 2.25.1) but it is not installable
Jan 31 05:36:49 in-target: libproxy1-plugin-webkit : Depends: libjavascriptcoregtk-4.0-18 but it is not installable
Jan 31 05:36:49 in-target: E: Unable to correct problems, you have held broken packages.
Jan 31 05:36:49 in-target: tasksel: apt-get failed (100)</pre></pre></div>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri 31 Jan 2025 at 14:55:56 (+0900), Mailing List wrote:

I believe I've found a bug in the DVD ISO installer logic which affects
11.11 and earlier but in theory could affect 12.x as well.

Description:

A default installation of Debian 11.11 (Bullseye) from the official DVD ISO fails with the following error:

Installation step failed
An installation step failed. You can try to run the failing item again
from the menu, or skip it and choose something else. The failing step
is: Select and install software

This failure occurs during the "Select and install software" stage. The
root cause is an attempt to install security updates from the security network repository *even when the user selects the default "No" to using a network mirror*.

Steps to Reproduce:

1. Boot the Debian 11.11 DVD ISO on an Internet-connected PC
2. Proceed through the installation process.
3. When prompted "Use a network mirror?", select the default "No".
4. Continue with the installation.
5. The installation will fail at the "Select and install software" step
with the aforementioned error.

Expected Behavior:

The installation should succeed whether the user uses the default "No" to using a network mirror or manually sets a network mirror to use.

Observed Behavior:

When "No" is selected for the network mirror, the installer still attempts
to use the repository http://security.debian.org/debian-security bullseye-security/main. This leads to dependency issues because the DVD media's package versions are older than those required by the security repository updates. The installer then fails because it cannot resolve
these dependencies.

I couldn't replicate this problem on bookworm netinst 12.9 expert
install, with the network configured. (My bullseye installers have
all been discarded.)

The only suggestion I have in the mainline process is to try unsetting
the options below, assuming they have been left set (the default).


┌──────────────────┤ [?] Configure the package manager ├──────────────────┐
│ │
│ Debian has two services that provide updates to releases: security │
│ and release updates. │
│ │
│ [ … … … … … … … … … … … … … … … … … … … … … … ] │
│ │
│ Services to use: │
│ │
│ [*] security updates (from security.debian.org) │
│ [*] release updates │
│ [ ] backported software │
│ │
│ <Go Back> <Continue> │
│ │
└─────────────────────────────────────────────────────────────────────────┘

Workaround:

The user must either:

1. Select "Yes" to the "Use a network mirror?" prompt and configure a
mirror.
2. Disconnect the machine from the network before starting the
installation.

For 2, can you leave the network unconfigured rather than
disconnecting it (which might be difficult where the network
is wireless).

Another workaround, under the bonnet as it were, might be to keep
tabs on the sources list. At some point, the installer comments the
DVD line, and uncomments, or writes, the http: lines. (I'm not sure
precisely when this occurs.) Undo any changes as they are made.

There may be two locations to watch, /etc/apt/sources.list and
/target/etc/…, the first being in-memory, the second being in the
future root partition.

This workaround would depend for success on there being at least one
prompt between the installer's changing the sources.list and updating
APT's lists.

Can you replicate the problem with the bookworm installer, and
is the netinst vs DVD difference a significant factor?

Cheers,
David.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, Jan 31, 2025 at 02:55:56PM +0900, Mailing List wrote:

I believe I've found a bug in the DVD ISO installer logic which affects
11.11 and earlier but in theory could affect 12.x as well.

Description:

A default installation of Debian 11.11 (Bullseye) from the official DVD ISO fails with the following error:

Installation step failed
An installation step failed. You can try to run the failing item again
from the menu, or skip it and choose something else. The failing step
is: Select and install software

This failure occurs during the "Select and install software" stage. The
root cause is an attempt to install security updates from the security network repository *even when the user selects the default "No" to using a network mirror*.

Steps to Reproduce:

1. Boot the Debian 11.11 DVD ISO on an Internet-connected PC
2. Proceed through the installation process.
3. When prompted "Use a network mirror?", select the default "No".
4. Continue with the installation.
5. The installation will fail at the "Select and install software" step
with the aforementioned error.

Expected Behavior:

The installation should succeed whether the user uses the default "No" to using a network mirror or manually sets a network mirror to use.

This is also the case in Bookworm - Debian 12.
This is potentially intended logic`, though probably not for the reasons you think. If you want to perform an entirely offline installation as suggested further down - you _need_ to start the installation with no Wifi network connection attempted / no network cable connected.

Network connection will fail and you won't then be asked about a network
mirror after that point. [You might be able to achieve the same effect
if a cable is connected by selecting manual configuration and then
selecting the option for the network as Do not configure at this time].

If you don't have a network configured then the entire installation will proceed from the install medium and the /etc/apt/sources.list file
will reflect this.

You might want to connect to security updates at some point in the future
when you have network connectivity so the option to select those and auto-updates for security is still presented.

This is from performing installs with no network as we do when testing
point releaases / main releases of Debian in the install media team.

Hope this helps - with every good wish, as ever,

Andrew Cater
(amacater@debian.org)

Observed Behavior:

When "No" is selected for the network mirror, the installer still attempts
to use the repository http://security.debian.org/debian-security bullseye-security/main. This leads to dependency issues because the DVD media's package versions are older than those required by the security repository updates. The installer then fails because it cannot resolve
these dependencies.

Workaround:

The user must either:

1. Select "Yes" to the "Use a network mirror?" prompt and configure a
mirror.
2. Disconnect the machine from the network before starting the
installation.

These workarounds are not obvious to the user, even after encountering the "Installation step failed" error.

Impact:

This bug prevents users from performing a default offline installation of Debian 11.11 from the DVD ISO on a network-connected machine. It creates a confusing user experience and may lead users to believe the ISO is faulty.

Further Information:

This issue highlights a potential disconnect between the intent of the "No" option for network mirrors and the actual installer behavior. IMO,
the installer should do one of the following:

- Respect the user's choice and perform a purely offline installation when "No" is selected on the network mirror page.
- If the user chooses not to use a mirror, check for an internet connection and either:
- prompt the user to decide to install security updates, with a warning that this may fail without a mirror.
- prompt the user to set a network mirror to avoid potential installation failure.

Relevant installation syslog:

Jan 31 05:32:59 cdrom-detect: Devices: '/dev/sr0'
Jan 31 05:32:59 cdrom-detect: CD-ROM mount succeeded: device=/dev/sr0 fstype=iso9660
Jan 31 05:32:59 kernel: [ 7.306344] ISO 9660 Extensions: Microsoft
Joliet Level 3
Jan 31 05:32:59 kernel: [ 7.306752] ISO 9660 Extensions: RRIP_1991A
Jan 31 05:32:59 cdrom-detect: Detected CD 'Debian GNU/Linux 11.11.0 "Bullseye" - Official amd64 DVD Binary-1 20240831-14:01'

...

Jan 31 05:35:42 apt-setup: warning:
/usr/lib/apt-setup/generators/50mirror returned error code 1;
discarding output
Jan 31 05:35:42 apt-setup: dpkg-divert: warning: diverting file '/sbin/start-stop-daemon' from an Essential package with rename is
dangerous, use --no-rename
Jan 31 05:35:42 in-target: Get:1
http://security.debian.org/debian-security bullseye-security InRelease
[27.2 kB]
Jan 31 05:35:42 in-target: Get:2
http://security.debian.org/debian-security bullseye-security/main
amd64 Packages [340 kB]
Jan 31 05:35:42 in-target: Get:3
http://security.debian.org/debian-security bullseye-security/main Translation-en [221 kB]
Jan 31 05:35:43 in-target: Fetched 587 kB in 0s (1,432 kB/s)
Jan 31 05:35:43 in-target: Reading package lists...
Jan 31 05:35:43 in-target:
Jan 31 05:35:43 apt-setup: dpkg-divert: warning: diverting file '/sbin/start-stop-daemon' from an Essential package with rename is
dangerous, use --no-rename
Jan 31 05:35:43 in-target: Hit:1
http://security.debian.org/debian-security bullseye-security InRelease
Jan 31 05:35:43 in-target: Reading package lists...
Jan 31 05:35:43 in-target:
Jan 31 05:35:43 apt-setup: dpkg-divert: warning: diverting file '/sbin/start-stop-daemon' from an Essential package with rename is
dangerous, use --no-rename
Jan 31 05:35:43 in-target: Hit:1
http://security.debian.org/debian-security bullseye-security InRelease
Jan 31 05:35:43 in-target: Get:2
http://security.debian.org/debian-security bullseye-security/main
Sources [233 kB]
Jan 31 05:35:43 in-target: Fetched 233 kB in 0s (2,422 kB/s)
Jan 31 05:35:43 in-target: Reading package lists...

...

Jan 31 05:36:49 in-target: Some packages could not be installed. This
may mean that you have
Jan 31 05:36:49 in-target: requested an impossible situation or if you
are using the unstable
Jan 31 05:36:49 in-target: distribution that some required packages
have not yet been created
Jan 31 05:36:49 in-target: or been moved out of Incoming.
Jan 31 05:36:49 in-target: The following information may help to
resolve the situation:
Jan 31 05:36:49 in-target:
Jan 31 05:36:49 in-target: The following packages have unmet dependencies: Jan 31 05:36:49 in-target: gnome-core : Depends: gnome-control-center

= 1:3.38) but it is not installable

Jan 31 05:36:49 in-target: Depends: gnome-user-docs (>=
3.38) but it is not installable
Jan 31 05:36:49 in-target: Depends: gnome-sushi (>=
3.34) but it is not installable
Jan 31 05:36:49 in-target: Depends: yelp (>= 3.38) but
it is not installable
Jan 31 05:36:49 in-target: Depends: zenity (>= 3.32) but
it is not installable
Jan 31 05:36:49 in-target: gnome-online-accounts : Depends: libgoa-backend-1.0-1 (= 3.38.0-3) but it is not installable
Jan 31 05:36:49 in-target: Depends: libwebkit2gtk-4.0-37 (>= 2.26) but it is not installable
Jan 31 05:36:49 in-target: Recommends: gnome-control-center (>= 3.6.1) but it is not installable
Jan 31 05:36:49 in-target: libedataserverui-1.2-2 : Depends: libwebkit2gtk-4.0-37 (>= 2.25.1) but it is not installable
Jan 31 05:36:49 in-target: libproxy1-plugin-webkit : Depends: libjavascriptcoregtk-4.0-18 but it is not installable
Jan 31 05:36:49 in-target: E: Unable to correct problems, you have
held broken packages.
Jan 31 05:36:49 in-target: tasksel: apt-get failed (100)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri 31 Jan 2025 at 23:30:52 (+0000), Andrew M.A. Cater wrote:

On Fri, Jan 31, 2025 at 02:55:56PM +0900, Mailing List wrote:

I believe I've found a bug in the DVD ISO installer logic which affects 11.11 and earlier but in theory could affect 12.x as well.

Description:

A default installation of Debian 11.11 (Bullseye) from the official DVD ISO fails with the following error:

Installation step failed
An installation step failed. You can try to run the failing item again
from the menu, or skip it and choose something else. The failing step
is: Select and install software

This failure occurs during the "Select and install software" stage. The root cause is an attempt to install security updates from the security network repository *even when the user selects the default "No" to using a network mirror*.

Steps to Reproduce:

1. Boot the Debian 11.11 DVD ISO on an Internet-connected PC
2. Proceed through the installation process.
3. When prompted "Use a network mirror?", select the default "No".
4. Continue with the installation.
5. The installation will fail at the "Select and install software" step
with the aforementioned error.

Expected Behavior:

The installation should succeed whether the user uses the default "No" to using a network mirror or manually sets a network mirror to use.

This is also the case in Bookworm - Debian 12.
This is potentially intended logic`, though probably not for the reasons you think. If you want to perform an entirely offline installation as suggested further down - you _need_ to start the installation with no Wifi network connection attempted / no network cable connected.

I wonder why I couldn't reproduce this with the 12.9 netinst then. You
would think that there's far more reason to insist on preferring http:
over cdrom: when so little is available on the installation medium,
compared with a 12.9 DVD.

I configured the network, used it to configure the clock, installed
the base system, configured the package manager with no mirror,
included the security/release updates, accepted standard system
utilities, and all the packages (far fewer than normal, of course)
were then installed from cdrom:—nothing from http:. I aborted at
the Grub question.

So can you explain the intended logic here, particularly as you say
we're not expected to be able to reason it out.

Jan 31 05:35:42 in-target: Get:1
http://security.debian.org/debian-security bullseye-security InRelease [27.2 kB]

This is what I can't replicate when "Use a network mirror? No" is selected.

Cheers,
David.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Fri, Jan 31, 2025 at 11:00:25PM -0600, David Wright wrote:

On Fri 31 Jan 2025 at 23:30:52 (+0000), Andrew M.A. Cater wrote:

On Fri, Jan 31, 2025 at 02:55:56PM +0900, Mailing List wrote:

This failure occurs during the "Select and install software" stage. The root cause is an attempt to install security updates from the security network repository *even when the user selects the default "No" to using a
network mirror*.

Steps to Reproduce:

1. Boot the Debian 11.11 DVD ISO on an Internet-connected PC
2. Proceed through the installation process.
3. When prompted "Use a network mirror?", select the default "No".
4. Continue with the installation.
5. The installation will fail at the "Select and install software" step
with the aforementioned error.

Expected Behavior:

The installation should succeed whether the user uses the default "No" to using a network mirror or manually sets a network mirror to use.

Hi list,

Right: I've just run through three installs of Debian 11.11.0 from DVD1:

The medium was retrieved from cdimage.debian.org/archive at http://cdimage.debian.org/cdimage/archive/11.11.0/amd64/iso-dvd/ as http://cdimage.debian.org/cdimage/archive/11.11.0/amd64/iso-dvd/debian-11.11.0-amd64-DVD-1.iso

I made three attempts to install, as follows:

1. One text mode install, network connected

2. One text mode expert install, network connected

3. One text mode install, network disconnected.

All of these were done in kvm/qemu with virt-manager.

(That shouldn't make a difference: it's how we test point releases and it
is a known quantity for me.)

In each case, the install was done without selecting a network mirror.

I can reproduce the problem when the network is connected.

The expert install shows a little more detail - I can see the install
running through installing the base install then through tasksel where
I leave GNOME selected and then it fails as software is installed.

On 3 - no network - it works perfectly, so my supposition that if there is
no network connection then the install proceeds entirely from the DVD is and runs to completion is probably correct.

After the successful install is finished, then the /etc/apt/sources.list
file is as follows:

# deb cdrom:[Debian GNU/Linux 11.11.0 _Bullseye_ - Official amd64 DVD Binary-1 20240831-14:01]/ bullseye contrib main

deb cdrom:[Debian GNU/Linux 11.11.0 _Bullseye_ - Official amd64 DVD Binary-1 20240831-14:01]/ bullseye contrib main

# Line commented out by installer because it failed to verify:
#deb http://security.debian.org/debian-security bullseye-security main contrib # Line commented out by installer because it failed to verify:
#deb-src http://security.debian.org/debian-security bullseye-security main contrib

# bullseye-updates, to get updates before a point release is made;
# see https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports
# A network mirror was not selected during install. The following entries
# are provided as examples, but you should amend them as appropriate
# for your mirror of choice.
#
# deb http://deb.debian.org/debian/ bullseye-updates main contrib
# deb-src http://deb.debian.org/debian/ bullseye-updates main contrib

So the only source that remains uncommented is the DVD and the other entries are there and commented out, ready for use if the hash signs are deleted.

I'm not sure this is a bug per se: if what you want is a fully offline
install, then you have to make sure that the machine is fully offline.

If you want a networked install, then the assumptions made in the
installer are probably that you will want to install using the available network for all appropriate updates.

The pathological case is where you want some network updates but not others.

The Debian installer
The Debian installer code has grown up over many years and is fairly convoluted: I haven't looked at the underlying code at all.

Since bookworm is now the subject of LTS from Freexian, maybe address any request for changes to them. It's almost certain that the bug won't be
fixed by addressing any fault in the medium - the debian-cd crew wouldn't address this for a release that's now out of main Debian security support.

I'll now go and see if I can reproduce this in Bookworm. If I can, then I'll suggest it as a problem for a possible fix in the next point release though
I can't promise anything.

This is also the case in Bookworm - Debian 12.
This is potentially intended logic`, though probably not for the reasons you
think. If you want to perform an entirely offline installation as suggested further down - you _need_ to start the installation with no Wifi network connection attempted / no network cable connected.

I wonder why I couldn't reproduce this with the 12.9 netinst then. You
would think that there's far more reason to insist on preferring http:
over cdrom: when so little is available on the installation medium,
compared with a 12.9 DVD.

I configured the network, used it to configure the clock, installed
the base system, configured the package manager with no mirror,
included the security/release updates, accepted standard system
utilities, and all the packages (far fewer than normal, of course)
were then installed from cdrom:—nothing from http:. I aborted at
the Grub question.

So can you explain the intended logic here, particularly as you say
we're not expected to be able to reason it out.

David.

Hope this helps, all the very best as ever,

Andrew Cater
(amacater@debian.org)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, Feb 01, 2025 at 10:31:02PM -0600, David Wright wrote:

On Sat 01 Feb 2025 at 15:29:13 (+0000), Andrew M.A. Cater wrote:

On Fri, Jan 31, 2025 at 11:00:25PM -0600, David Wright wrote:

On Fri 31 Jan 2025 at 23:30:52 (+0000), Andrew M.A. Cater wrote:

Right: I've just run through three installs of Debian 11.11.0 from DVD1:

The medium was retrieved from cdimage.debian.org/archive at http://cdimage.debian.org/cdimage/archive/11.11.0/amd64/iso-dvd/ as http://cdimage.debian.org/cdimage/archive/11.11.0/amd64/iso-dvd/debian-11.11.0-amd64-DVD-1.iso

I made three attempts to install, as follows:

1. One text mode install, network connected

This fails with the error previously described that an installation step
has failed and a red screen background.

2. One text mode expert install, network connected

This fails with the error previously described that an installation step
has failed. It does allow selection of additional security repo and
unattended updates.

3. One text mode install, network disconnected.

This succeeds and runs to completion.

In each case, the install was done without selecting a network mirror.

I can reproduce the problem when the network is connected.

The expert install shows a little more detail - I can see the install running through installing the base install then through tasksel where
I leave GNOME selected and then it fails as software is installed.

On 3 - no network - it works perfectly, so my supposition that if there is no network connection then the install proceeds entirely from the DVD and runs to completion is probably correct.

(Presumably you mean attempt 3.)

This is attempt 3. No network connected, no network configuration in place.

# deb cdrom:[Debian GNU/Linux 11.11.0 _Bullseye_ - Official amd64 DVD Binary-1 20240831-14:01]/ bullseye contrib main

deb cdrom:[Debian GNU/Linux 11.11.0 _Bullseye_ - Official amd64 DVD Binary-1 20240831-14:01]/ bullseye contrib main

# Line commented out by installer because it failed to verify:
#deb http://security.debian.org/debian-security bullseye-security main contrib
# Line commented out by installer because it failed to verify:
#deb-src http://security.debian.org/debian-security bullseye-security main contrib

# bullseye-updates, to get updates before a point release is made;
# see https://www.debian.org/doc/manuals/debian-reference/ch02.en.html#_updates_and_backports
# A network mirror was not selected during install. The following entries # are provided as examples, but you should amend them as appropriate
# for your mirror of choice.
#
# deb http://deb.debian.org/debian/ bullseye-updates main contrib
# deb-src http://deb.debian.org/debian/ bullseye-updates main contrib

So the only source that remains uncommented is the DVD and the other entries
are there and commented out, ready for use if the hash signs are deleted.

I'm not sure this is a bug per se: if what you want is a fully offline install, then you have to make sure that the machine is fully offline.

What interests me is what the sources list was after run 2, particularly
this line:
#deb http://security.debian.org/debian-security bullseye-security main contrib
If commented out, how did the installer manage (in the OP) to log:
Jan 31 05:35:42 in-target: Get:1 http://security.debian.org/debian-security bullseye-security InRelease [27.2 kB]
If not commented, then I would call that a bug: it allows the
installer to use a mirror when told not to.

At that point, you're network connected: it may be a connectivity check
The default is for debian-security to be enabled - the general assumption
is that you want security updates to be generally available quickly.

If you want a networked install, then the assumptions made in the
installer are probably that you will want to install using the available network for all appropriate updates.

If you're connected to a network, but you tell a program not to use
it, then going ahead and using it is as bad as other programs that
"call home" without permission. And we all condemn that.

There's a difference here between using a specific network (country) mirror -
ftp.uk.debian.org - which is your local mirror having the whole of Debian, say, and the general security updates available to the world from a central place.

"Don't use a network mirror" == I don't want/don't have a mirror available
to pull the rest of the software from.

Security updates coming from security.d.o are enabled by default. There are
two different use cases.

As I said, I can't replicate the problem on bookworm, but I've only
tested the netinst. I'll leave the DVD for you. :)

There's a distinct difference between the DVD and the netinst. The netinst
is predicated on there being a network. If you install using only the DVD
on Bookworm, then the sole entries you get reference the DVD (see below).

Since bookworm is now the subject of LTS from Freexian, maybe address any

↑↑↑↑↑↑↑↑ bullseye.

Bullseye - 11.11.0 is now LTS - you're correct, thanks for picking this up.

request for changes to them. It's almost certain that the bug won't be fixed by addressing any fault in the medium - the debian-cd crew wouldn't address this for a release that's now out of main Debian security support.

I'll now go and see if I can reproduce this in Bookworm. If I can, then I'll
suggest it as a problem for a possible fix in the next point release though I can't promise anything.

/etc/apt/sources.list:

deb cdrom:[Debian GNU/Linux 12.9.0 _Bookworm_ - Official amd64 DVD Binary-1 with firmware - 20250111 - 1055]/ bookworm main contrib non-free-firmware

And that's the case whether you install with a network connected or without.

Cheers,
David.

All the very best, as ever,

Andrew Cater
(amacater@debian.org)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)