Checking security repository in Updates adds deb line to Third-Party Software

This also affects Hardy (see my duplicate bug report).

Yep, some annoying think. Is there a way to fix it?

Confirming too on hardy heron 8.04 amd64 64-bit
I'll edit the bug report appropriately

assigning to desktop bugs (?)

$ cat /etc/apt/sources.list
deb http://security.ubuntu.com/ubuntu/ hardy-security universe main multiverse restricted
deb http://archive.ubuntu.com/ubuntu/ hardy-updates universe main multiverse restricted
deb http://archive.ubuntu.com/ubuntu/ hardy-proposed universe main multiverse restricted
deb http://archive.ubuntu.com/ubuntu/ hardy main universe restricted multiverse

Attaching:
1) Debug info without removing the sources.list file: software-properties-gtk -d
File 1.txt
2) Debug info after removing the sources.list file (and checking each repository): rm /etc/apt/sources.list; software-properties-gtk -m
File 2.txt

I couldn't reproduce it on a virtual machine (ubuntu hardy heron 8.04 i386).
I'll try later as amd64 live cd and post back with the results

I have Ubuntu 8.04 NOT .1 32-bit i386 X86 AMD K8 Processor and same problem. what in the world is going on? Did somebody hack into the ubuntu servers and mess it up?

I chose like 3 different servers that weren't even official ubuntu servers and here is the junk I got. Attachment please download! I used software-properties-gtk -m
File 2.txt PLEASE HELP!

I can confirm this bug on Hardy 8.04.1 32-bit since recent updates.

All three of my Ubuntu installs are demonstrating the same problem - I go to System>Administration>Software Sources>Updates tab, and I am unable to check the tick-box for "Important security updates (hardy-security)".

I've detected the problems:
1) the checkbox for its status (checked/unchecked) looks for "http://archive.ubuntu.com" instead of "http://security.ubuntu.com"
2) if again you uncheck and check the hardy-security after switching back to "archive.ubuntu.com", it will add the hardy-security with "http://security.ubuntu.com", which will show as non-canonical third-party software repository

Execute in terminal: gksu /etc/apt/sources.list

Change any occurence security.ubuntu.com to archive.ubuntu.com

For example, I changed:
deb http://security.ubuntu.com/ubuntu/ hardy-security universe main multiverse restricted
deb-src http://security.ubuntu.com/ubuntu/ hardy-security universe main multiverse restricted

..to:
deb http://archive.ubuntu.com/ubuntu/ hardy-security universe main multiverse restricted
deb-src http://archive.ubuntu.com/ubuntu/ hardy-security universe main multiverse restricted

..things will be back to normal:

Don't uncheck and check the checkbox in Software Sources > Updates again, it will cause the same problem

sorry:
* Execute in terminal: gksu gedit /etc/apt/sources.list

:)

Thank you for reporting this, everybody. I am marking this bug as Triaged and setting Importance to High (has a moderate impact on a large portion of Ubuntu users). Hopefully a developer can start working on this very soon.

Well... I have a hunch that it has something to do with python-apt package
specifically the newest BaseURI vs. BaseURI-architecture implementation

I changed the file /usr/share/python-apt/templates/Ubuntu.info and modified the following section as listed below:

Suite: hardy-security
ParentSuite: hardy
RepositoryType: deb
BaseURI-amd64: http://security.ubuntu.com/ubuntu
MatchURI-amd64: archive.ubuntu.com/ubuntu|security.ubuntu.com
BaseURI-powerpc: http://ports.ubuntu.com/
MatchURI-powerpc: ports.ubuntu.com/ubuntu
Description: Important security updates

Basically, I changed BaseURI to BaseURI-amd64 (my Ubuntu architecture), now it works.
Looks like BaseURI-arch is working better than BaseURI :)

I've added a regular expression check the value if it contains "security.ubuntu.com"
re.search('security\.ubuntu\.com',value)

It could be marked as messy, but I tried it and it works, attached a debdiff.

Otherwise, to fix this you must change BaseURI and MatchURI as mentioned in the previous comment

( it's my first patch attempt :) )

the problematic package seems to be python-apt

fixed the /tmp/ path in debdiff and re-attached

Assigning this to mvo, who should have some background in this bit of code. :)

Adding debdiff option no.2:
Replaced MatchURI with arch-specific MatchURI-i386 and MatchURI-amd64 for security repositories, bypasses the "MatchURI: archive.ubuntu.com/ubuntu" of the ParentSuite

I gave two options/debdiffs for fixing the bug above.

For the common people, here's a temporary, but quick and painless way to fix it:
1) Close Software Sources
2) Download the file attached here (Ubuntu.info)
3) Replace the file in: /usr/share/python-apt/templates/Ubuntu.info
4) Open Software Sources now

The fix you sugest does not work for me.
When i try to copy paste the Ubuntu.info text in the Ubuntu.info folder in /usr/share/python-apt/templates/Ubuntu.info it say that i don't have permission to do that. I have full access on the computer.

HA! It worked when i changed the http://security.ubuntu.com/ubuntu/ to http://archive.ubuntu.com/ubuntu/ in gksu gedit /etc/apt/sources.list
Now things look normal.

> HA! It worked when i changed the http://security.ubuntu.com/ubuntu/ to http://archive.ubuntu.com/ubuntu/ in gksu gedit /etc/apt/sources.list
They look normal, but if you uncheck the -security in software sources
> updates and check it again, you're back to square 1!

$ ls -l /usr/share/python-apt/templates/Ubuntu.info
-rw-r--r-- 1 root root 10684 2008-07-11 09:53
/usr/share/python-apt/templates/Ubuntu.info
$ lsattr /usr/share/python-apt/templates/Ubuntu.info
------------------ /usr/share/python-apt/templates/Ubuntu.info

I don't know what's wrong with your file or folder structure, mine is
copied fine, but do try this:
sudo chattr -uia /usr/share/python-apt/templates/Ubuntu.info
sudo chown root:root /usr/share/python-apt/templates/Ubuntu.info
sudo chmod +rw /usr/share/python-apt/templates/Ubuntu.info

Now you should be able to replate it:
sudo wget http://launchpadlibrarian.net/15945141/Ubuntu.info -O
/usr/share/python-apt/templates/Ubuntu.info
ls -l /usr/share/python-apt/templates/Ubuntu.info

Make sure the file permissions are the same as: -rw-r--r--

Had the same error. Changed the http://security.ubuntu.com/ubuntu/ to http://archive.ubuntu.com/ubuntu/. Closed and restarted software sources and the problem was corrected.

>I don't know what's wrong with your file or folder structure, mine is
copied fine, but do try this:
sudo chattr -uia /usr/share/python-apt/templates/Ubuntu.info
sudo chown root:root /usr/share/python-apt/templates/Ubuntu.info
sudo chmod +rw /usr/share/python-apt/templates/Ubuntu.info

Now you should be able to replate it:
sudo wget http://launchpadlibrarian.net/15945141/Ubuntu.info -O
/usr/share/python-apt/templates/Ubuntu.info
ls -l /usr/share/python-apt/templates/Ubuntu.info

It does not help:

kim@kim-desktop:~$ sudo chattr -uia /usr/share/python-apt/templates/Ubuntu.info
[sudo] password for kim:
kim@kim-desktop:~$ sudo wget http://launchpadlibrarian.net/15945141/Ubuntu.info -O
wget: option requires an argument -- O
Brug: wget [FLAG]... [URL]...

Prøv 'wget --help' for flere flag.
kim@kim-desktop:~$ /usr/share/python-apt/templates/Ubuntu.info
bash: /usr/share/python-apt/templates/Ubuntu.info: Permission denied
kim@kim-desktop:~$ ls -l /usr/share/python-apt/templates/Ubuntu.info

But is it necesary to do all this? Whon't there be an update anytime soon that will fix all this?
I can't check the hardy-security box in updates, but the security boxes are marked in Third-party software, so i must get the security updates anyway?

True, no need for that, but security updates in third party software
can be a bit confusing.
It'll be fixed eventually :)

I desided to use my 32bit computer and i unticked hardy-proposed and everything is normal.

So is everything fixed now?

Behavior stills appears here.

It looks like this is breakage from the fix in hardy-proposed for https://bugs.edge.launchpad.net/ubuntu/hardy/+source/python-apt/+bug/220890

I upload a new intrepid version of python-apt that should fix the issue.

This bug was fixed in the package python-apt - 0.7.7ubuntu2

---------------
python-apt (0.7.7ubuntu2) intrepid; urgency=low

  * data/templates/Debian.info.in:
    - add 'lenny' template info
  * aptsources/distinfo.py:
    - fix template matching for arch specific code (LP: #244093)

 -- Michael Vogt <email address hidden> Fri, 25 Jul 2008 18:34:28 +0200

> I upload a new intrepid version of python-apt that should fix the issue.

It affects Ubuntu hardy heron 8.04 too.. shouldn't it be updated in
hardy as well?

Yes, it needs to be fixed for hardy as well. Fortunately it does "only" affect hardy-proposed, so only a subset of the hardy users.

The fix is merged and got uploaded to hardy-proposed.

I was able to reproduce this error in the version of python-apt that had been uploaded to hardy-proposed, 0.7.4ubuntu7.1, and can confirm that the current version of python-apt in hardy-proposed, 0.7.4ubuntu7.3, does indeed correct this issue. I did some limited testing of software-properties-gtk and noticed no regressions.

Thanks!

Second confirmation. Security updates no longer show up in Third party software tab.

I was getting pretty much the same warning saying this...

Reading package lists... Done
W: Duplicate sources.list entry http://security.ubuntu.com hardy-security/restricted Packages (/var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_hardy-security_restricted_binary-amd64_Packages)
W: Duplicate sources.list entry http://security.ubuntu.com hardy-security/main Packages (/var/lib/apt/lists/security.ubuntu.com_ubuntu_dists_hardy-security_main_binary-amd64_Packages)
W: You may want to run apt-get update to correct these problems

I was having the same issue on my work network. I noticed the protocol being used is http and we have a web proxy/caching device (Blue Coat) on the network. I added security.ubuntu.com to a bypass of my cache and this fixed my issue. I wonder if any other users having the issue might be behind a web proxy/cache (maybe even squid). Just tossing that out there.

python-apt hardy-proposed copied to hardy-updates.

No I don't have a proxy.