Join Log in
Score:0
avatar Ubuntu

Is it common practice for an apt-get repository to take down files (giving 404 for them) for old versions of packages?

in flag
Pedro A

Today I ran apt-get update on a slightly old system but it failed due to a 404 error. Surely it worked in the past. It looks like one of the URLs that apt-get tried to fetch was taken down from the repository. Is this common?

For comparison, I am pretty sure npm and PyPI never remove old versions from their registries, no matter how old.

Although I really intend for this to be a broad question, the exact situation that happened to me is actually very easy to reproduce with Docker: just do docker run --rm -it postgres:10 bash and then apt-get update. This is the 404 URL. If you're wondering, postgres:10 is Debian 9. I've put the full apt-get output in pastebin, here.



Get:1 http://security.debian.org/debian-security stretch/updates InRelease [59.1 kB]
Ign:2 http://deb.debian.org/debian stretch InRelease                           
Ign:3 http://apt.postgresql.org/pub/repos/apt stretch-pgdg InRelease            
Get:4 http://deb.debian.org/debian stretch-updates InRelease [93.6 kB]
Ign:5 http://apt.postgresql.org/pub/repos/apt stretch-pgdg Release             
Ign:6 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/10 all Packages
Get:7 http://security.debian.org/debian-security stretch/updates/main amd64 Packages [782 kB]
Get:8 http://deb.debian.org/debian stretch Release [118 kB]                  
Ign:9 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/main amd64 Packages        
Ign:10 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/10 amd64 Packages
Ign:11 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/main all Packages
Get:12 http://deb.debian.org/debian stretch Release.gpg [3,177 B]
Ign:6 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/10 all Packages
Ign:9 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/main amd64 Packages
Ign:10 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/10 amd64 Packages
Ign:11 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/main all Packages
Ign:6 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/10 all Packages
Ign:9 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/main amd64 Packages
Ign:10 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/10 amd64 Packages
Get:13 http://deb.debian.org/debian stretch/main amd64 Packages [7,080 kB]
Ign:11 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/main all Packages
Ign:6 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/10 all Packages
Ign:9 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/main amd64 Packages
Ign:10 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/10 amd64 Packages
Ign:11 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/main all Packages
Ign:6 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/10 all Packages
Ign:9 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/main amd64 Packages
Ign:10 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/10 amd64 Packages
Ign:11 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/main all Packages                           
Ign:6 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/10 all Packages                              
Err:9 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/main amd64 Packages                          
  404  Not Found [IP: 87.238.57.227 80]
Ign:10 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/10 amd64 Packages                           
Ign:11 http://apt.postgresql.org/pub/repos/apt stretch-pgdg/main all Packages                           
Fetched 8,135 kB in 7s (1,092 kB/s)                                                                     
Reading package lists... Done
W: The repository 'http://apt.postgresql.org/pub/repos/apt stretch-pgdg Release' does not have a Release file.
N: Data from such a repository can't be authenticated and is therefore potentially dangerous to use.
N: See apt-secure(8) manpage for repository creation and user configuration details.
E: Failed to fetch http://apt.postgresql.org/pub/repos/apt/dists/stretch-pgdg/main/binary-amd64/Packages  404  Not Found [IP: 87.238.57.227 80]
E: Some index files failed to download. They have been ignored, or old ones used instead.
429
1 + 4
apt
guiverc avatar
cn flag
guiverc
Yes it is very common after a release goes EOL, or even EOSS. The team or manager of the repository can set their own rules, though the site they're using can include some too (*and some are rather lax on when they get around to this chore, so it can be days/weeks/months even years after the EOL*). You've provided no OS/release details, only mentioning off-topic & EOL Debian 9 (see https://wiki.debian.org/LTS) nor provided any specifics, so we can't really provide more.
0
Reply
in flag
Pedro A
@guiverc Thanks, that makes sense. Actually I did specify the exact steps to reproduce, but regardless you don't need to provide much more. I was wondering if it is common and you said yes. Thanks!
0
Reply
guiverc avatar
cn flag
guiverc
FYI: Often the *trigger* on when a repository gets dropped is the first *bug ticket* on an EOL/EOSS resource they no longer support (*email reminding them they haven't done it*); esp. if the *drop* is believed to reduce more *tickets* on something they no longer support. Each team is unique though. *and FYI: I ignored the off-topic EOL-Debian reference*
0
Reply
muru avatar
us flag
muru
Voting to close as it seems the actual problem is about a third-party repo. One common tool used for managing repos, `reprepro`, only gained support for keeping multiple versions of a package [very recently](https://askubuntu.com/a/1449183/158442), so many third party repos could only support one version at a time for a long while.
1
Reply
Score:2
guiverc avatar Ubuntu
cn flag
guiverc

Yes it is very common after a release goes EOL, or even EOSS. The team or manager of the repository can set their own rules, though the site they're using can include some too (and some are rather lax on when they get around to this chore, so it can be days/weeks/months even years after the EOL).

FYI: Often the trigger on when a repository gets dropped is the first bug ticket on an EOL/EOSS resource they no longer support (email reminding them they haven't done it); esp. if the drop is believed to reduce more tickets on something they no longer support. Each team is unique though.

You gave no on-topic Ubuntu specific details (only reference to resources was for an EOL Debian release), but each team can do decide what standards they decide to follow, even create their own.

+ 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.