Salt: Debian pkg.managed gpg/tty issue

Created on 26 Nov 2018  路  5Comments  路  Source: saltstack/salt

Description of Issue/Question

Since around a week or two, I'm getting error when I use pkgrepo.managed state, triggered on master, on Debian 9.5 and configure keyid / keyserver:

Failed to configure repo 'deb http://nginx.org/packages/debian/ stretch nginx': Error: key retrieval failed: Executing: /tmp/apt-key-gpghome.B6g2mSKBZb/gpg.1.sh --keyserver keyserver.ubuntu.com --logger-fd 1 --recv-keys ABF5BD827BD9BF62
              gpg: cannot open '/dev/tty': No such device or address

The error happens if i do sth. like salt * state.apply.
It does NOT happen when I login via SSH to the minion and execute salt-call state.apply - in that case it works as expected.

Setup

nginx-repo:
  pkgrepo.managed:
    - humanname: Official NginX repository
    - name: deb http://nginx.org/packages/debian/ {{ grains.lsb_distrib_codename }} nginx
    - file: /etc/apt/sources.list.d/nginx.list
    - keyid: ABF5BD827BD9BF62
    - keyserver: keyserver.ubuntu.com
    - refresh_db: False
    - watch_in:
       - cmd: apt-get-update

Produced logs:

2018-11-26 11:47:01,257 [salt.state       :1799][INFO    ][7246] Running state [deb http://nginx.org/packages/debian/ stretch nginx] at time 11:47:01.257911
2018-11-26 11:47:01,258 [salt.state       :1832][INFO    ][7246] Executing state pkgrepo.managed for [deb http://nginx.org/packages/debian/ stretch nginx]
2018-11-26 11:47:01,347 [salt.loaded.int.module.cmdmod:392 ][INFO    ][7246] Executing command [u'apt-key', u'export', u'ABF5BD827BD9BF62'] in directory '/root'
2018-11-26 11:47:01,426 [salt.loaded.int.module.cmdmod:392 ][INFO    ][7246] Executing command [u'apt-key', u'adv', u'--keyserver', u'keyserver.ubuntu.com', u'--logger-fd', u'1', u'--recv-keys', u'ABF5BD827BD9BF62'] in directory '/root'
2018-11-26 11:47:02,574 [salt.loaded.int.module.cmdmod:774 ][ERROR   ][7246] Command '[u'apt-key', u'adv', u'--keyserver', u'keyserver.ubuntu.com', u'--logger-fd', u'1', u'--recv-keys', u'ABF5BD827BD9BF62']' failed with return code: 2
2018-11-26 11:47:02,575 [salt.loaded.int.module.cmdmod:776 ][ERROR   ][7246] stdout: Executing: /tmp/apt-key-gpghome.mW0pqMMfqP/gpg.1.sh --keyserver keyserver.ubuntu.com --logger-fd 1 --recv-keys ABF5BD827BD9BF62
gpg: cannot open '/dev/tty': No such device or address
2018-11-26 11:47:02,575 [salt.loaded.int.module.cmdmod:778 ][ERROR   ][7246] stderr: Warning: apt-key output should not be parsed (stdout is not a terminal)
2018-11-26 11:47:02,575 [salt.loaded.int.module.cmdmod:780 ][ERROR   ][7246] retcode: 2
2018-11-26 11:47:02,576 [salt.state       :320 ][ERROR   ][7246] Failed to configure repo 'deb http://nginx.org/packages/debian/ stretch nginx': Error: key retrieval failed: Executing: /tmp/apt-key-gpghome.mW0pqMMfqP/gpg.1.sh --keyserver keyserver.ubuntu.com --logger-fd 1 --recv-keys ABF5BD827BD9BF62
gpg: cannot open '/dev/tty': No such device or address
2018-11-26 11:47:02,576 [salt.state       :1976][INFO    ][7246] Completed state [deb http://nginx.org/packages/debian/ stretch nginx] at time 11:47:02.576538 (duration_in_ms=1318.627)

Steps to Reproduce Issue

Apply the state above from master to any minion, by using salt <minion_id> <state_name>

Versions Report

Salt Version:
           Salt: 2018.3.2

Dependency Versions:
           cffi: Not Installed
       cherrypy: Not Installed
       dateutil: 2.5.3
      docker-py: Not Installed
          gitdb: 2.0.0
      gitpython: 2.1.1
          ioflo: Not Installed
         Jinja2: 2.9.4
        libgit2: Not Installed
        libnacl: Not Installed
       M2Crypto: Not Installed
           Mako: Not Installed
   msgpack-pure: Not Installed
 msgpack-python: 0.4.8
   mysql-python: Not Installed
      pycparser: Not Installed
       pycrypto: 2.6.1
   pycryptodome: Not Installed
         pygit2: Not Installed
         Python: 2.7.13 (default, Sep 26 2018, 18:42:22)
   python-gnupg: Not Installed
         PyYAML: 3.12
          PyZMQ: 16.0.2
           RAET: Not Installed
          smmap: 2.0.1
        timelib: Not Installed
        Tornado: 4.4.3
            ZMQ: 4.2.1

System Versions:
           dist: debian 9.5
         locale: UTF-8
        machine: x86_64
        release: 4.9.0-8-amd64
         system: Linux
        version: debian 9.5
Upstream Bug
Source
picture marek-obuchowicz

Most helpful comment

thanks looks like @pirogoeth pushed in a PR for this so I will close here. Thanks @pirogoeth !

picture Ch3LL on 17 Jan 2019
3 🎉1

All 5 comments

i'm guessing you might be running into this upstream issue? https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913614#27

Ch3LL picture Ch3LL on 26 Nov 2018

Yeah, possibly yes. The date of upstream bug +/- fits my observations about time when this error appeared first.

marek-obuchowicz picture marek-obuchowicz on 26 Nov 2018

So, based on the upstream bug, adding --batch and/or --no-tty to the apt-key adv calls here _should_ fix this issue?

Is this something we would want to fix downstream or do we wait for it to get fixed upstream in Debian?

pirogoeth picture pirogoeth on 22 Dec 2018

I can confirm that adding "--batch" to these lines resolved the exact same problem for me, on Debian:
https://github.com/saltstack/salt/blob/develop/salt/modules/aptpkg.py#L2252
https://github.com/saltstack/salt/blob/develop/salt/modules/aptpkg.py#L2255

MadsRC picture MadsRC on 10 Jan 2019

thanks looks like @pirogoeth pushed in a PR for this so I will close here. Thanks @pirogoeth !

Ch3LL picture Ch3LL on 17 Jan 2019
3 🎉1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

seanacais picture seanacais  路  3Comments
twangboy picture twangboy  路  3Comments
Arguros picture Arguros  路  3Comments
sagetherage picture sagetherage  路  3Comments
udf2457 picture udf2457  路  3Comments