Join Log in
Score:1
avatar Ubuntu

Does add-apt-repository not support globs in source list?

at flag
oligofren

I usually add a repository like this:

add-apt-repository --no-update --yes "deb [arch=amd64] https://download.docker.com/linux/ubuntu jammy stable"

This works fine and when setting up Ubuntu machines, I run a setup script that loops through a list of repos and adds them using that command.

The problem is that it fails when encountering a repo source on this format:

deb [signed-by=/etc/apt/trusted.gpg.d/repo.charm.sh.gpg] https://repo.charm.sh/apt/ * *

It will then just fail with Unable to handle repository shortcut 'deb [signed-by=/etc/apt/trusted.gpg.d/repo.charm.sh.gpg] https://repo.charm.sh/apt/ * *'.

I can, of course, just work around this special case and do as the docs say and just paste the contents into a file, but I should not have to if Stuff Just Works as it should. So is there something about the format I am not handling correctly when using the utility command or does it simply fail to recognize it due to missing functionality in the internal parsing bits? If not, what do I do to have it not fail?

473
2 + 2
apt
user535733 avatar
cn flag
user535733
It's hard for me to think of a use case for globbing third party deb sources that doesn't end in disaster for the user. For stuff to "*Just Work as it should*," Ubuntu already offers two easy routes: The software could be distributed through the Ubuntu repositories or distributed as a Snap. Diligence checking a new source, in the Debian ecosystem, is a human admin responsibility (not an apt function).
1
Reply
at flag
oligofren
I have no idea how this applies to this question. The glob thingie is not something I came up with, it is just referenced from the installation docs: https://github.com/charmbracelet/glow#package-manager. In any case, it is supported by the file format, so should be handled by the tooling creating the files as well.
0
Reply
Score:5
muru avatar Ubuntu
us flag
muru

The * is not actually a glob, but just a *.

However, that's not the problem here. A Python library that add-apt-repository uses, python-apt (maintained by the developers of apt), doesn't support anything except arch and trusted options for source lines.

From the source code of the v2.5.0 release:

if pieces[1].strip()[0] == "[":
    options = pieces.pop(1).strip("[]").split()
    for option in options:
        try:
            key, value = option.split("=", 1)
        except Exception:
            self.invalid = True
        else:
            if key == "arch":
                self.architectures = value.split(",")
            elif key == "trusted":
                self.trusted = apt_pkg.string_to_bool(value)
            else:
                self.invalid = True

In this case you could just write to a file yourself:

printf "%s\n" 'deb [signed-by=/etc/apt/trusted.gpg.d/repo.charm.sh.gpg] https://repo.charm.sh/apt/ * *' | sudo tee /etc/apt/sources.list.d/charm.list
+ 3
at flag
oligofren
Yeah, that's the solution I wrote about above (paste into file) that I ended up using: https://github.com/fatso83/dotfiles/commit/571e954ad5f5556652facf7a69e161cb0720ebdb#diff-2618323c72aa0cdb8530a40e4ab153ea538218717fa59259e26c45d6140eb2c3R42-R47 Too bad the project is not on Github: makes the threshold for supplying a stray PR that much higher :/ Thanks for the deep dive anyhow :)
0
Reply
muru avatar
us flag
muru
@oligofren in a sense, a stray PR is easier here. [Debian's bug reporting interface](https://bugs.debian.org) does not require an account (and can be operated entirely via email), so you could open a bug there and attach a patch with your proposed fix by email. It's just a different workflow than you're used to.
0
Reply
at flag
oligofren
Thanks for the tip and for providing some common sense. My experience so far when encountering issues in some Ubuntu or Debian package (like a bad translation in `ls`) is that I never figure out the right upstream or downstream place to provide the patch, so the attempt at providing a fix always just fizzles out, unlike when I can find some GH issue tracker with pull requests and a discussion interface. I _might_ give this one another go :)
0
Reply
Score:0
radistao avatar Ubuntu
ua flag
radistao

Unfortunately, this is a known bug at debian, see add-apt-repository should use signed-by

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.