211

I'm using a docker image as a base for my own development that adds the jessie backports repository in its Dockerfile and uses that to install a dependency. This image uses the following command to add the repository:

echo "deb http://ftp.debian.org/debian jessie-backports main" >> /etc/apt/sources.list

The problem is that fetching packages from the backports repository now fails with the following error (this used to work previously):

W: Failed to fetch
http://ftp.debian.org/debian/dists/jessie-backports/main/binary-amd64/Packages
404  Not Found

W: Failed to fetch
http://deb.debian.org/debian/dists/jessie-updates/main/binary-amd64/Packages
 404  Not Found

I looked on that server, and those paths are indeed not present there.

I tried to figure out on the Debian backports site whether this particular repository should still be available, and I didn't find any indication that this was deprecated or something like that.

Is this a temporary issue with the repository, or is the jessie-backports repository not available anymore? And if this is not a temporary issue, what options do I have to use this or an equivalent repository without upgrading to the newer Debian stable version?

GAD3R
  • 66,769
user12345
  • 2,053

5 Answers5

252

Wheezy and Jessie were recently removed from the mirror network, so if you want to continue fetching Jessie backports, you need to use archive.debian.org instead:

deb [check-valid-until=no] http://archive.debian.org/debian jessie-backports main

(Validity checks need to be disabled since the repository is no longer being updated. Jessie’s apt doesn’t support the check-valid-until flag, see inostia’s answer for details, and the configuration summary further down in this answer.)

The jessie-updates repository has been removed: all the updates have been merged with the main repository, and there will be no further non-security updates. So any references to jessie-updates in sources.list or sources.list.d files need to be removed. Security updates will continue to be provided, on LTS-supported architectures, in the security repository, until June 30, 2020.

Since you’re building a container image, I highly recommend basing it on Debian 9 (Stretch) instead. To stay on Debian 8 (Jessie), your repositories should end up looking like

deb http://cdn-fastly.deb.debian.org/debian/ jessie main
deb-src http://cdn-fastly.deb.debian.org/debian/ jessie main

deb http://security.debian.org/ jessie/updates main
deb-src http://security.debian.org/ jessie/updates main

deb http://archive.debian.org/debian jessie-backports main
deb-src http://archive.debian.org/debian jessie-backports main

(without the jessie-updates repository).

You’ll also need to disable validity checks in /etc/apt/apt.conf (which will apply to all repositories):

Acquire::Check-Valid-Until "false";
Stephen Kitt
  • 434,908
  • Thanks, I'll try that. Upgrading Debian is certainly something I will do in the future, it's just not as simple as my dependency has another dependency that is the actual base image that determines the Debian version. Upgrading that needs a a bit more testing. – user12345 Mar 26 '19 at 12:54
  • Oh I understand it’s not straightforward ;-). I felt it would be dishonest of me not to recommend it though (despite your mention in your question that it wasn’t an option). – Stephen Kitt Mar 26 '19 at 12:57
  • I am still getting error even after updating /etc/apt/sources.list as following :

    root@2664d9755cee:/# cat /etc/apt/sources.list deb http://archive.debian.org/debian jessie main deb http://archive.debian.org/debian jessie-updates main deb http://archive.debian.org/debian-security jessie/updates main

     – Rafael Mar 26 '19 at 15:03
  • Got these errors:

    W: Failed to fetch http://archive.debian.org/debian/dists/jessie-updates/main/binary-amd64/Packages 404 Not Found

    W: Failed to fetch http://archive.debian.org/debian-security/dists/jessie/updates/main/binary-amd64/Packages 404 Not Found

     – Rafael Mar 26 '19 at 15:07
  • 1
    Sorry, my answer was perhaps not all that clear; the line I gave was only for backports. jessie-updates doesn’t exist any more, so you should delete that altogether, and the Jessie security updates are still on security.debian.org. – Stephen Kitt Mar 26 '19 at 15:15
  • Why are updates and backports now archived for LTS architectures of jessie such as amd64? They claim to still offer support until June 2020. Archiving those repos means they won't be publishing new security patches! The announcement linked says 'for all non-LTS architectures,' and this clearly seems incorrect. – Erin Schoonover Mar 26 '19 at 15:41
  • 2
    @Ian no, security updates are provided on security.debian.org, not through backports or updates. There won’t be any more non-LTS stable updates, so jessie-updates is no longer useful on the main mirror network, and there won’t be any more backports either, so the same goes for jessie-backports. – Stephen Kitt Mar 26 '19 at 15:57
  • 5
    Not working for me: 
    E: Release file for http://archive.debian.org/debian/dists/jessie-backports/InRelease is expired (invalid since 34d 20h 7min 12s). Updates for this repository will not be applied.
    – Avi Kivity Mar 26 '19 at 16:34
  • @Avi indeed, thanks, see the updated answer (which works fine for me). – Stephen Kitt Mar 26 '19 at 17:02
  • 2
    Have found that subsequent apt commands also seem to require -o Acquire::Check-Valid-Until=false (per https://unix.stackexchange.com/a/45973/186565) in order to avoid the expiration error. – sumitsu Mar 26 '19 at 21:01
  • 2
    @sumitsu thanks, setting that in apt.conf should work too (see my update). – Stephen Kitt Mar 26 '19 at 22:39
  • @StephenKitt thanks for this we were having a hard time finding out why the packages seemed to have disappeared. I think such a move would warrant a notice to a slightly larger audience than debian-devel-announce (such as https://www.debian.org/News/) – Jean Mar 27 '19 at 08:33
  • Thank you so much @StephenKitt. It worked fine using this way:

    # cat /etc/apt/sources.list deb http://archive.debian.org/debian jessie main deb http://security.debian.org/debian-security jessie/updates main

     – Rafael Mar 27 '19 at 20:27
  • @Rafael didn’t it work with deb http://deb.debian.org/debian jessie main instead of http://archive.debian.org/debian? The repository is still there, it should work fine from the main mirrors... – Stephen Kitt Mar 27 '19 at 20:41
  • Hi @StephenKitt, sorry by my late reply on this. Actually it worked with both. – Rafael Apr 09 '19 at 14:33
  • The solution is does not work for now:

    E: Release file for http://archive.debian.org/debian/dists/jessie-backports/InRelease is expired (invalid since 51d 14h 37min 55s). Updates for this repository will not be applied.

     – Atombit Apr 12 '19 at 11:03
  • 1
    @Atombit you need to read the answer all the way to the end: you’re missing Acquire::Check-Valid-Until "false";. – Stephen Kitt Apr 12 '19 at 11:08
  • "without the jessie-updates repository, and you’ll need to disable validity checks" makes it seem like you don't need to disable the validity check if you leave jessie-updates in the list of sources – Tim Tisdall Apr 16 '19 at 13:20
  • Thanks @Tim, I’ve split things up to make that part clearer. – Stephen Kitt Apr 16 '19 at 13:33
  • More on it here. – x-yuri Jun 16 '19 at 23:20
  • I ran into this problem, updated the sources.list but it was still using the ftp.(...) url. After pulling a couple hairs out, I figured out there was a backports.list in the sources.list.d directory, which defined the ftp.-version. Just check if that file is there, and edit it there, or remove it and add the backports url to the sources.list file. Just leaving this here in case somebody else runs into this issue and isn't that familiar with the system yet. – Jelmer Mar 29 '20 at 12:27
55

After trying solutions suggested by @inostia and @Stephen Kitt I was still getting the following error:

W: Failed to fetch http://deb.debian.org/debian/dists/jessie-updates/main/binary-amd64/Packages  404  Not Found

E: Some index files failed to download. They have been ignored, or old ones used instead.

I figured out that it can be solved by removing the line deb http://deb.debian.org/debian jessie-updates main from /etc/apt/sources.list.

I ended up with the following snippet in my Dockerfile:

RUN echo "deb [check-valid-until=no] http://cdn-fastly.deb.debian.org/debian jessie main" > /etc/apt/sources.list.d/jessie.list
RUN echo "deb [check-valid-until=no] http://archive.debian.org/debian jessie-backports main" > /etc/apt/sources.list.d/jessie-backports.list
RUN sed -i '/deb http:\/\/deb.debian.org\/debian jessie-updates main/d' /etc/apt/sources.list
RUN apt-get -o Acquire::Check-Valid-Until=false update
Andrez
  • 3
henadzit
  • 651
  • 4
  • 3
  • 1
    I had to teak sed part as In my case docker image (postgres) was using httpredir.debian.org instead of deb.debian.org. – harrybvp Mar 27 '19 at 22:19
  • 7
    Here is an updated version of your sed command that did the trick for me: sed -i '/deb http:\/\/\(deb\|httpredir\).debian.org\/debian jessie.* main/d' /etc/apt/sources.list – speedplane Mar 29 '19 at 00:26
  • Is there any no-spike solution? If repository is deprecated what is the new repository where to get necessary extensions? – zhartaunik Mar 30 '19 at 05:29
  • here is the final wersion which works for me: RUN echo "deb [check-valid-until=no] http://cdn-fastly.deb.debian.org/debian jessie main" > /etc/apt/sources.list.d/jessie.list RUN echo "deb [check-valid-until=no] http://archive.debian.org/debian jessie-backports main" > /etc/apt/sources.list.d/jessie-backports.list RUN sed -i '/deb http://(deb|httpredir).debian.org/debian jessie.* main/d' /etc/apt/sources.list RUN apt-get -o Acquire::Check-Valid-Until=false update RUN echo 'Acquire::Check-Valid-Until "false";' > /etc/apt/apt.conf – Yehor Apr 12 '19 at 14:04
  • this worked for me and any subsequent apt-get update should have the -o Acquire::Check-Valid-Until=false option. In my case i was installing couchbase using RUN dpkg -i couchbase-release-1.0-4-amd64.deb and then RUN apt-get -o Acquire::Check-Valid-Until=false update &&
    apt-get -y install libcouchbase-dev &&
    rm -rf /var/lib/apt/lists/*     – Raveen Beemsingh Apr 19 '19 at 08:18
5

For those using NodeJS with older docker image foundations. I had some frozen images that had these older sources for the compilation of extra libs.

Context: if you wanted to install python during a docker build you ran into this issue during a build of the image (within the last 24 hours) as it failed to source dependencies during a docker build.

I tried the archive path recommendations in this post but couldn't get past the 404's. (also coming from the archive.debian.org location as of today)

Solution: I ended up switching to the latest container version of node (which has python libs already pre-installed) that, and updating some libs in the package json (which now also include binary libs that used to want pythyon) made the issue obsolete.

In the end, updating the foundation image for the container stack (node:latest) seemed to be the most straight-forward path to resolution.

Be wary of stale image stacks with binary dependencies included, they'll probably take a while to update the core OS layer.

Glen C.
  • 51
  • 2
  • Hi Glen, thanks for posting. I think I'm running into same issue in dockerfile as I have "RUN apt-get update -y && apt-get install supervisor python python-dev curl -y --force-yes". I'm using FROM node:6.11.2, what must I do to get past this? – Aaron Apr 02 '19 at 09:07
  • 2
    For Docker Node images, an alternative is to use the -stretch images: node:<version>-stretch – lukeaus Apr 09 '19 at 05:15
2
cat > /etc/apt/sources.list << EOF
deb http://archive.debian.org/debian/ jessie-backports main
deb-src http://archive.debian.org/debian/ jessie-backports main

deb http://archive.debian.org/debian/ jessie main contrib non-free
deb-src http://archive.debian.org/debian/ jessie main contrib non-free
EOF

apt-get update
apt-get install -y --force-yes xxx

works for me

张馆长
  • 131
1

If nothing works anymore, with a panel of those errors:

Unable to correct missing packages.
WARNING: The following packages cannot be authenticated!
W: GPG error
W: An error occurred during the signature verification.
Updates for this repository will not be applied.
E: Failed to fetch
E: Aborting install

Consider a full distribution upgrade and a source list clean up to save your machine. It will takes only minutes with those notes, but it's worst it.

First visit /etc/apt/sources.list.d/, and remove everything. (Do backups).

Edit /etc/apt/sources.list, leave only this line:

deb http://ftp.us.debian.org/debian stable main contrib

Then, as root, run:

aptitude update
aptitude full-upgrade

Confirm the various messages. Then try: 

sudo apt update

Should raise no errors, just confirming:

Reading package lists... Done

Some various packages can raise some conflicts, on those cases, to be used one time, this will resolve the various conflicts:

sudo aptitude -y install packagename otherpackagename

Possible other error: 

W: There is no public key available for the following key IDs:
*648ACFXXXXX2FAB138*

To solve, import the public keys as specified:

sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 648ACFXXXXX2FAB138

You might hit a very rare message!

A reboot is required to replace the running dbus-daemon.
Please reboot the system when convenient.

You might hit an issue with olds kernels and libc:

Kernel must be upgraded

This version of the GNU libc requires kernel version 3.2 or later.  Please upgrade your kernel

Do not apply those notes for public servers. Always go for the last LTS.

https://www.debian.org/doc/manuals/debian-faq/ch-uptodate.en.html

https://askubuntu.com/questions/364404/e-unable-to-fetch-some-archives-maybe-run-apt-get-update-or-try-with-fix-mis

https://askubuntu.com/questions/766883/there-is-no-public-key-available-for-the-following-key-ids-1397bc53640db551

NVRM
  • 398