Kali rolling template can't find source to update.
lo...@threatmodel.io
Sven Semmler
Hash: SHA512
On Wed, Apr 29, 2020 at 05:00:24PM +0000, lo...@threatmodel.io wrote:
> I followed the instructions for building a debian-based rolling Kali template found at:
> https://www.qubes-os.org/doc/pentesting/kali/#templatevm-from-debian4_0
>
> My qube was running well for a few months when suddenly I got the following error when updating with apt-get:
>
> E: Can't find a source to download version '4.0.51-1+deb11u1' of 'qubes-core-agent-passwordless-root:amd64'
Debian 10 (buster) and Kali has now moved on to Debian 11 (bullseye).
Also note that the above linked website contains a hint:
For installation based on Debian 10 stable, please note that the security repository of Debian testing has recently been renamed from <current testing>/update to <current-testing>-security. To account for that change, execute the following command.
[user@kali ~]$ sudo sed -i 's/bullseye\/updates/bullseye-security/g' /etc/apt/sources.list
In any case I am pretty confident your issue is that the files in your
/etc/apt/sources.list point to buster instead of bullseye or to the
/update insead -security repo.
> I can't seem to find any similar issues online. Any advice is appreciated.
/Sven
- --
public key: https://www.svensemmler.org/0x8F541FB6.asc
fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE18ry22WNibwI1qeq2m4We49UH7YFAl6rIQcACgkQ2m4We49U
H7bxCRAA1SA65Vixf5qDMV0etYs3pEpPk6NIswaM9+2HuRCVGVovgRxEy8KIF/zW
4VDtK+JKkzDWs9QHZVq68fF5gJyNRnzxNYnE7onZ6vDYmP2MhyGNQDAvWXII+PDn
6pZAmrHIma77dXIfMQ8Kgx9gILfr7cx3lbLYKJxuSt8zbFFOr5HvYb0vSF96sZ+l
8N15Zm8pxlLjZhZHus1a/545N2vpI6/CG7TGKpKybzGgXAcr63wLkoJZ/6hOBS13
3LkchPQNxx/2BbVxR3618znmmEcOC6c6WmYRCxmhczkp2C67iH2elNq1zqG4LeK6
eHA5K1X4vQpg6Y5tKbvi09/FoPfEBio3iV7wsjxH8uwEc0jxGrGrMdgujhNjEcdu
qN0CMe9DPBgbeLw/r/KBshczajNyIpgILtBGUE0zDWT4PBAWvVBreFTm/oRopOVc
3qep0NxRkfM/fEmH6lfG4Nm4Begx0VJZPqIQTM8Nvh9Q4jprFFH7/8mu4ngeKZ5C
iWnAcUuq4sEf76H0rbzPdzMbVwAVymJR5iUbrdt8yaSUfyVQ2Yd5M4hxqFwyzn0w
rOF2IN8Z9wLg2HZ43MQPLIdM8Wajo7rlC3Rn+TmmnHc48WtvF5LMHawPkgqY9EsA
PBimKnaEvNoA+p0lJ59GzSnGvHk9733rSC7SwL0LwI9/GsoW/K0=
=+4gG
-----END PGP SIGNATURE-----
Logan
Thanks for your help. My sources.list was already bullseye, though. I am still struggling to find the answer to the issue. I'll offer my sources files and selected output of apt update i'm receiving:
/etc/apt/sources.list:deb http://deb.debian.org/debian/ bullseye testing main contrib
non-free
deb http://deb.debian.org/debian/ bullseye testing-updates main
contrib non-free
deb http://deb.debian.org/debian-security bullseye
testing-security main
/etc/apt/sources.list.d/qubes-r4.list:
# Main qubes updates repository
deb [arch=amd64] https://deb.qubes-os.org/r4.0/vm bullseye main
#deb-src https://deb.qubes-os.org/r4.0/vm bullseye main
# Qubes updates candidates repository
deb [arch=amd64] https://deb.qubes-os.org/r4.0/vm bullseye-testing
main
deb-src https://deb.qubes-os.org/r4.0/vm bullseye-testing main
# Qubes security updates testing repository
deb [arch=amd64] https://deb.qubes-os.org/r4.0/vm
bullseye-securitytesting main
deb-src https://deb.qubes-os.org/r4.0/vm bullseye-securitytesting
main
Output of "sudo apt update"
Hit:1 http://deb.debian.org/debian bullseye
InRelease
Hit:3 https://deb.qubes-os.org/r4.0/vm bullseye
InRelease
Hit:2 http://ftp.halifax.rwth-aachen.de/kali kali-rolling
InRelease
Hit:4 https://deb.qubes-os.org/r4.0/vm bullseye-testing
InRelease
Ign:5 http://deb.debian.org/debian-security bullseye InRelease
Hit:6 https://deb.qubes-os.org/r4.0/vm bullseye-securitytesting
InRelease
Err:7 http://deb.debian.org/debian-security bullseye Release
404 Not Found [IP: 127.0.0.1 8082]
Reading package lists... Done
Then...
W: Skipping acquire of configured file
'testing-updates/i18n/Translation-en_US' as repository
'http://deb.debian.org/debian bullseye InRelease' doesn't have the
component 'testing-updates' (component misspelt in sources.list?)
E: The repository 'http://deb.debian.org/debian-security bullseye
Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is
therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user
configuration details.
W: Target Packages (main/binary-amd64/Packages) is configured
multiple times in /etc/apt/sources.list:2 and
/etc/apt/sources.list:4
W: Target Packages (main/binary-all/Packages) is configured
multiple times in /etc/apt/sources.list:2 and
/etc/apt/sources.list:4
Any hints would be much appreciated.
Logan
unman
Screeds and screeds of horrible HTML- any chance you can just send
plain text?
> Hit:6 <a class="moz-txt-link-freetext" href="https://deb.qubes-os.org/r4.0/vm">https://deb.qubes-os.org/r4.0/vm</a> bullseye-securitytesting
> InRelease<br>
> Err:7 <a class="moz-txt-link-freetext" href="http://deb.debian.org/debian-security">http://deb.debian.org/debian-security</a> bullseye Release<br>
> <i>?? 404?? Not Found [IP: 127.0.0.1 8082]</i><br>
404 tells you page not found - so you should be inspecting the sources
list to see what's wrong.
The Debian announcement of this change (referred to IN THE MESSAGE YOU
QUOTED) said -
<quote>
over the last years we had people getting confused over <suite>-updates
(recommended updates) and <suite>/updates (security updates). Starting
with Debian 11 "bullseye" we have therefore renamed the suite including
the security updates to <suite>-security.
An entry in sources.list should look like
deb http://security.debian.org/debian-security bullseye-security main
</quote>
That isn't what you have - but I'm guessing you blindly applied a sed
command without trying to understand what it was doing, or what effect
it had.