Bug#1032952: apt-add-repository silently ignores deb822 .sources files

Tue, 14 Mar 2023 08:33:16 -0700 

Package: software-properties-common
Version: 0.99.30-4
Severity: normal
File: /usr/bin/apt-add-repository

On systems whose sources are stored in deb822 format, apt-add-repository
commands that act on existing sources (such as `apt-add-repository
--component contrib`) fail silently: They don't update the entries, but
don't report an error either.

I didn't go though a full fresh install to show its reproducibility, but
it can be shown easily using Docker images:

$ podman run --rm -it --network=host docker.io/debian:sid
# apt-get update && apt-get -y install --no-install-recommends 
software-properties-common
# cp -a /etc/apt/sources.list.d/ /tmp/
# apt-add-repository  --component contrib
[Enter]
# echo $?
0
# diff -r /tmp/sources.list.d/ /etc/apt/sources.list.d/
[no differences]

This is probably not trivial to fix given that software-properties deals
in more than just this single tool. As a stop-gap measure against silent
failure, operations on all repositories could start to fail once any
`*.sources` file is present.

-- System Information:
Debian Release: 12.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 6.1.0-6-amd64 (SMP w/8 CPU threads; PREEMPT)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), 
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
LSM: AppArmor: enabled

Versions of packages software-properties-common depends on:
ii  ca-certificates              20211016
ii  gir1.2-glib-2.0              1.74.0-3
ii  gir1.2-packagekitglib-1.0    1.2.6-3
ii  packagekit                   1.2.6-3
ii  python-apt-common            2.5.3
ii  python3                      3.11.2-1
ii  python3-dbus                 1.3.2-4+b1
ii  python3-gi                   3.42.2-3+b1
ii  python3-software-properties  0.99.30-4

software-properties-common recommends no packages.

software-properties-common suggests no packages.

-- no debconf information

-- 
To use raw power is to make yourself infinitely vulnerable to greater powers.
  -- Bene Gesserit axiom

Attachment: signature.asc
Description: PGP signature

Reply via email to