Public bug reported:
In every currently supported Ubuntu version of wget, the wget-udeb
installs its binary executable to /usr/bin/wget.gnu.
This is presumably done in order to not break any setups that depend on
busybox's wget implementation.
However, since the primary reason wget-udeb exists in Ubuntu (wget-udeb
is not built in Debian afaik) is because of the lack of SSL support in
d-i and busybox-wget, it seems logical (to me) that it should overwrite
the busybox wget symlink. You're choosing to opt-in to GNU wget, so
you're already rebuilding d-i/debian-cd and therefore know you're
somewhat on your own.
Unless there is a common use case I'm not considering where you want SSL
support for something else, but somehow depend on the busybox
implementation of wget for all things apt.
What I expect to happen:
1) modify d-i source to include wget-udeb
2) rebuild d-i and point my sources to HTTPS repositories
3) install Ubuntu without fear of the traffic being snooped in transit
What happens instead:
1) modify d-i source to include wget-udeb
2) rebuild d-i and point sources to HTTPS repositories
3) install fails because d-i calls /usr/bin/wget which points to busybox (which
has no SSL support)
Thanks for your time!
Please note: this suggestion is not intended to securely authenticate
the repository; that's absolutely another issue. This is simply to
address potential snooping of traffic in transit.
** Affects: wget (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1172101
Title:
wget-udeb should install to /usr/bin/wget instead of /usr/bin/wget.gnu
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/wget/+bug/1172101/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
