2

I had to reinstall Ubuntu today and despite having configured proxy for Apt, when trying to add a new PPA, the step that communicates with keyserver.ubuntu.com fails:

$ sudo add-apt-repository ppa:webupd8team/sublime-text-3
 Sublime Text 3 Installer: the package in this PPA downloads and installs the latest Sublime Text 3 beta builds.

For more info, see: http://www.webupd8.org/2013/07/sublime-text-3-ubuntu-ppa-now-available.html
 More info: https://launchpad.net/~webupd8team/+archive/ubuntu/sublime-text-3
Press [ENTER] to continue or ctrl-c to cancel adding it

gpg: keyring `/tmp/tmp_wo9o6sl/secring.gpg' created
gpg: keyring `/tmp/tmp_wo9o6sl/pubring.gpg' created
gpg: requesting key EEA14886 from hkp server keyserver.ubuntu.com
?: keyserver.ubuntu.com: Host not found
gpgkeys: HTTP fetch error 7: couldn't connect: Success
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

I have no trouble installing package via Apt, so as far as I can tell, proxy is setup properly:

$ cat /etc/apt/apt.conf
Acquire::http::proxy "http://my-proxy:8080/";
Acquire::ftp::proxy "ftp://my-proxy:8080/";
Acquire::https::proxy "https://my-proxy:8080/";
Acquire::socks::proxy "socks://my-proxy:8080/";

$ env | grep proxy
http_proxy=http://my-proxy:8080/
ftp_proxy=ftp://my-proxy:8080/
https_proxy=http://my-proxy:8080/

I can communicate with the keyserver.ubuntu.com as well:

$ curl keyserver.ubuntu.com

<?xml version="1.0"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <title>SKS OpenPGP Public Key Server</title>
  </head>
  ...

I can't remember having done anything different in the past. I only had to configure http/s_proxy environment variable as well as configuring /etc/apt/apt.conf.

Any ideas what am I missing here?

Behrang Saeedzadeh
  • 502
  • This isn't necessarily a duplicate of that question. My environment was setup properly and in such a way that if it wasn't for the sudo regression bug, it had to work without adding env_keep entries to sudoers. – Behrang Saeedzadeh Feb 11 '15 at 09:05

1 Answers1

6

Duh! In order to verify the proxy settings are setup correctly for sudo, I entered the interactive mode:

$ sudo -i
$ env | grep proxy
https_proxy=http://my-proxy:8080

It turned out that only https_proxy was set for root. As I had set the proxy env vars in /etc/environment this was a bit strange as sudo should source /etc/environment.

Then I stumbled upon #1301557. 14.04.1 being an LTS version, it is a bit disappointing that this bug hasn't been fixed even though it was reported way back in 2014-04-02.

In order to fix this problem, both of the http_proxy and https_proxy should be added to env_keep in sudoers:

Defaults        env_keep +="http_proxy"
Defaults        env_keep +="https_proxy"

This fixed the problem.

Behrang Saeedzadeh
  • 502