Default mirror broken?
hartwork opened this issue · 12 comments
Hi!
While installation through the Rackspace mirror seems to work fine
# ./arch-bootstrap.sh -a x86_64 -r http://mirror.rackspace.com/archlinux/ arch_root
the default mirror at mirrors.kernel.org does not lead to a successful installation as of today, tried twice:
# ./arch-bootstrap.sh -a x86_64 arch_root
[..]
--- configure DNS and pacman
--- install packages: acl archlinux-keyring attr bzip2 curl expat glibc gpgme libarchive libassuan libgpg-error libssh2 lzo openssl pacman pacman-mirrorlist xz zlib krb5 e2fsprogs keyutils libidn gcc-libs filesystem coreutils bash grep gawk file tar systemd
:: Synchronizing package databases...
error: failed retrieving file 'core.db' from mirrors.kernel.org : error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
error: failed to update core (download library error)
error: failed retrieving file 'extra.db' from mirrors.kernel.org : error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
error: failed to update extra (download library error)
error: failed retrieving file 'community.db' from mirrors.kernel.org : error setting certificate verify locations:
CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
error: failed to update community (download library error)
error: failed to synchronize any databases
error: failed to init transaction (download library error)
# ls -l /etc/ssl/certs/ca-certificates.crt
-rw-r--r-- 1 root root 273790 Apr 25 11:46 /etc/ssl/certs/ca-certificates.crt
Maybe Rackspace would make a better default mirror? It's listed as worldwide at the very top in etc/pacman.d/mirrorlist
.
Best, Sebastian
Can you try again? this repo at the moment works for me.
Same error again, Debian jessie below. What distro are you running the command from? Depending on what it is, I could try running it on the same as yours.
ArchLinux (tested from Spain and UK). What's the output of this? curl -v https://mirrors.kernel.org/archlinux/core/os/x86_64/curl-7.42.1-1-x86_64.pkg.tar.xz -o /dev/null
bash: curl: command not found
;)
# curl -v https://mirrors.kernel.org/archlinux/core/os/x86_64/curl-7.42.1-1-x86_64.pkg.tar.xz -o /dev/null
* Hostname was NOT found in DNS cache
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 198.145.20.143...
* Connected to mirrors.kernel.org (198.145.20.143) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Server hello (2):
{ [data not shown]
* SSLv3, TLS handshake, CERT (11):
{ [data not shown]
* SSLv3, TLS handshake, Server key exchange (12):
{ [data not shown]
* SSLv3, TLS handshake, Server finished (14):
{ [data not shown]
* SSLv3, TLS handshake, Client key exchange (16):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
} [data not shown]
* SSLv3, TLS handshake, Finished (20):
} [data not shown]
* SSLv3, TLS change cipher, Client hello (1):
{ [data not shown]
* SSLv3, TLS handshake, Finished (20):
{ [data not shown]
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:
* subject: description=r1nDw5BOnE1CIcyp; C=US; ST=California; L=San Francisco; O=The Linux Foundation; CN=mirrors.kernel.org; emailAddress=webmaster@kernel.org
* start date: 2014-04-09 08:26:12 GMT
* expire date: 2016-04-08 23:33:00 GMT
* subjectAltName: mirrors.kernel.org matched
* issuer: C=IL; O=StartCom Ltd.; OU=Secure Digital Certificate Signing; CN=StartCom Class 2 Primary Intermediate Server CA
* SSL certificate verify ok.
> GET /archlinux/core/os/x86_64/curl-7.42.1-1-x86_64.pkg.tar.xz HTTP/1.1
> User-Agent: curl/7.38.0
> Host: mirrors.kernel.org
> Accept: */*
>
< HTTP/1.1 200 OK
* Server nginx is not blacklisted
< Server: nginx
< Date: Sun, 31 May 2015 18:20:05 GMT
< Content-Type: application/octet-stream
< Content-Length: 747208
< Last-Modified: Thu, 30 Apr 2015 12:59:55 GMT
< ETag: "5542274b-b66c8"
< X-Frame-Options: DENY
< Accept-Ranges: bytes
<
{ [data not shown]
100 729k 100 729k 0 0 203k 0 0:00:03 0:00:03 --:--:-- 203k
* Connection #0 to host mirrors.kernel.org left intact
Ok, no idea :) Let's see if someone else has this problem, for now use the -r
option.
If you send an SSH pubkey to my mailbox, I can give you a shell on that Debian box, if you like.
I see, the problem is not the repo, but using https instead of http. I'll rollback to http until we see how to solve the problem with the https access. 0ea1af9
I'm getting this exact same error trying to install the arch chroot on an alpine 3.4 box. Using the -r http://mirror.rackspace.com/archlinux/ mirror also worked for me, although I did get some intermittent 404 errors when using the rackspace mirror.
Same error here on Debian 8.5 Digital Ocean VPS. :/ There is a mirror list you can use manually for now:
https://www.archlinux.org/mirrors/status/
Edit: I've found that this failure is off and on. What I did, is add a backup http location to my wrapper script:
https://github.com/ProfessorKaos64/LibreGeek-Packaging/blob/arch-linux/create-arch-chroot.sh
Indeed, the https
repo does not work for me either. Let's return to http
again. If anyone has a patch to make it work with https
, a PR is welcome.