Have installed Trisquel 9 and am having trouble running Software Updater, installing using Add/Remove Applications and Synaptic Package Manager. Synaptic for instance is showing Could not download all repository indexes.
The repository trisquel etiona release no longer has a release file.
By default Trisquel 9 is configured to access the package repositories over HTTPS. Its repositories use Let's Encrypt certificates, but the root certificates package in the ISO image is too old, so it fails to establish a secure connection to the repository and aborts. You can edit the /etc/apt/sources.list file and replace https instances with http in it. Then you can install packages. Run sudo apt update and sudo apt upgrade to get the latest updates. Following that, the certificates package will be upgraded and you can restore https in /etc/apt/sources.list.
For the record, here is the sources file which I dealt with:
# Trisquel repositories for supported software and updates
deb https://archive.trisquel.info/trisquel/ etiona main
deb-src https://archive.trisquel.info/trisquel/ etiona main
deb https://archive.trisquel.info/trisquel/ etiona-security main
deb-src https://archive.trisquel.info/trisquel/ etiona-security main
deb https://archive.trisquel.info/trisquel/ etiona-updates main
deb-src https://archive.trisquel.info/trisquel/ etiona-updates main
#deb https://archive.trisquel.info/trisquel/ etiona-backports main
#deb-src https://archive.trisquel.info/trisquel/ etiona-backports main
Here is how I tweaked it temporarily to run the upgrade:
# Trisquel repositories for supported software and updates
deb http://archive.trisquel.info/trisquel/ etiona main
deb-src https://archive.trisquel.info/trisquel/ etiona main
deb http://archive.trisquel.info/trisquel/ etiona-security main
deb-src https://archive.trisquel.info/trisquel/ etiona-security main
deb http://archive.trisquel.info/trisquel/ etiona-updates main
deb-src https://archive.trisquel.info/trisquel/ etiona-updates main
#deb https://archive.trisquel.info/trisquel/ etiona-backports main
#deb-src https://archive.trisquel.info/trisquel/ etiona-backports main
This allowed me to upgrade the ca-certificates package among other things, which I suspect to be the culprit.
It is usually considered secure enough to access the repositories over HTTP becuase apt verifies the signatures on the packages. But it is still more secure to use a TLS repository.
For reference, here is the full error message that I received when running "Add/Remove Applications" for the first time and agreeing to its prompt to update the repositories:
Could not download all repository indexes
The repository may no longer be available or could not be contacted because of network problems. If available an older version of the failed index will be used. Otherwise the repository will be ignored. Check your network connection and ensure the repository address in the preferences is correct.
The repository 'https://archive.trisquel.info/trisquel etiona Release' no longer has a Release file.Updating from such a repository can't be done securely, and is therefore disabled by default.See apt-secure(8) manpage for repository creation and user configuration details.The repository 'https://archive.trisquel.info/trisquel etiona-security Release' no longer has a Release file.Updating from such a repository can't be done securely, and is therefore disabled by default.See apt-secure(8) manpage for repository creation and user configuration details.The repository 'https://archive.trisquel.info/trisquel etiona-updates Release' no longer has a Release file.
This was not helpful at all. But when I tried to install GNOME Robots with "Add/Remove Applications" just to investigate what the issue with installing software is, I've got the following error, which gave me a clue:
W: Failed to fetch https://archive.trisquel.info/trisquel/pool/main/g/gnome-robots/gnome-robots_3.22.3-1_amd64.deb
Certificate verification failed: The certificate is NOT trusted. The certificate chain uses expired certificate. Could not handshake: Error in the certificate verification. [IP: 209.51.188.51 443]
I still was able to open the repository URL with Abrowser where I learned that the repository uses a Let's Encrypt certificate. It opened without an issue, but I know that Firefox has its own means to mitigate issues with certificates which can easily mask a problem.
repository no longer has a release file, or check out if Trisquel forum might have the answer? – Peregrino69 Oct 03 '21 at 10:18