[tex-live] TeXLive-2018 fails to update across firewall

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Wed Jun 20 06:24:08 CEST 2018


> On Jun 19, 2018, at 20:36, George N. White III <gnwiii at gmail.com> wrote:
> 
> On Tue, 19 Jun 2018 at 19:27, Blumenthal, Uri - 0553 - MITLL <uri at ll.mit.edu <mailto:uri at ll.mit.edu>> wrote:
> I’m afraid this did not work either: 
> 
> 
> $ sudo -E /Library/TeX/texbin/tlmgr --machine-readable --repository http://tug.ctan.org/tex-archive/system/texlive/tlnet <http://tug.ctan.org/tex-archive/system/texlive/tlnet> update --list --all
> 
> Enter PIN for 'Certificate For PIV Authentication (Uri the Great)': 
> 
> /Library/TeX/texbin/tlmgr: open tlpdb(http://tug.ctan.org/tex-archive/system/texlive/tlnet/tlpkg/texlive.tlpdb <http://tug.ctan.org/tex-archive/system/texlive/tlnet/tlpkg/texlive.tlpdb>) failed:  at /usr/local/texlive/2018/tlpkg/TeXLive/TLPDB.pm line 362.
> 
> $
> 
> Are there any logs that you may want me to pull for you?
> 
> 
> Looks like "sudo -E" runs into problems with your  Personal Identity Verification (PIV) system.   

With all due respect, I don’t think so.  Also, I can do the same by starting root shell (aka “sudo bash”), set any env variable to whatever you think it should be set to, and repeat the test.

Also, since the error message seems to talk about “texlive.tlpdb” file - I tried to download it via both texlive wget, and macports wget. It failed in both cases - is it normal?

$ /usr/local/texlive/2018/tlpkg/installer/wget/wget.x86_64-darwin http://tug.ctan.org/tex-archive/system/texlive/tlnet/tlpkg/texlive.tlpdb
--2018-06-20 00:15:38--  http://tug.ctan.org/tex-archive/system/texlive/tlnet/tlpkg/texlive.tlpdb
Resolving llproxy.llan.ll.mit.edu... 
Connecting to llproxy.llan.ll.mit.edu|... connected.
Proxy request sent, awaiting response... 404 Not Found
2018-06-20 00:15:38 ERROR 404: Not Found.

$ wget http://tug.ctan.org/tex-archive/system/texlive/tlnet/tlpkg/texlive.tlpdb
--2018-06-20 00:15:52--  http://tug.ctan.org/tex-archive/system/texlive/tlnet/tlpkg/texlive.tlpdb
Resolving llproxy.llan.ll.mit.edu (llproxy.llan.ll.mit.edu)... 
Connecting to llproxy.llan.ll.mit.edu (llproxy.llan.ll.mit.edu)|... connected.
Proxy request sent, awaiting response... 404 Not Found
2018-06-20 00:15:52 ERROR 404: Not Found.

$


> You should check with your IT people -- your issues are somewhat outside the scope of TeX Live and MacTeX and may
> have an "official" solution. 

Observe:

$ sudo date
Enter PIN for 'Certificate For PIV Authentication (Uri the Great)': 
Tue Jun 19 23:53:54 EDT 2018
$

I’ve built the PIV support on my computers, and tested the tokens for production. If you think it’s necessary, I can disable PIV and enable password auth for the test.

> There are more fine-grained ways to pass environment variables to a sudo session; look for "env_keep" in the sudo documentation.

I checked, thanks!

But why would you think we need more than “-E”? Is there any evidence that an env var that’s needed does not get passed across “sudo”, or that something that shouldn’t be passed, gets across and contaminates the environment?

 -E, --preserve-env
                   Indicates to the security policy that the user wishes to preserve their
                   existing environment variables.  The security policy may return an
                   error if the user does not have permission to preserve the environment.


$ sudo printenv PATH
Enter PIN for 'Certificate For PIV Authentication (Uri the Great)': 
/Library/TeX/texbin:/opt/local/bin:/opt/local/sbin:/Users/ur20980/.local/bin:/Users/ur20980/Library/Haskell/bin:/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin:/Applications/VMware Fusion.app/Contents/Public/:/Library/TeX/texbin:/usr/local/MacGPG2/bin:/usr/local/share/dotnet:/opt/X11/bin:/Library/Frameworks/Mono.framework/Versions/Current/Commands:/Applications/Wireshark.app/Contents/MacOS:/Applications/Xamarin Workbooks.app/Contents/SharedSupport/path-bin:~/Library/Haskell/bin:/opt/local/Library/Frameworks/Python.framework/Versions/3.6/bin:/Users/ur20980/bin
$ sudo -E printenv HTTPS_PROXY
http://llproxy.llan.ll.mit.edu:8080
$ 


Thanks!

> From: "George N. White III" <gnwiii at gmail.com <mailto:gnwiii at gmail.com>>
> Date: Tuesday, June 19, 2018 at 18:22
> To: Uri Blumenthal <uri at ll.mit.edu <mailto:uri at ll.mit.edu>>
> Cc: TeX Live 2008 <texlive at tug.org <mailto:texlive at tug.org>>
> Subject: Re: [tex-live] TeXLive-2018 fails to update across firewall
> 
>  
> 
>  
> 
> On Tue, 19 Jun 2018 at 17:27, Blumenthal, Uri - 0553 - MITLL <uri at ll.mit.edu <mailto:uri at ll.mit.edu>> wrote:
> 
> My machines run MacOS High Sierra 10.13.5. I’ve just upgraded from TeXLive-2017 to TeXLive-2018, and I lost the ability to pull updates.
> 
>  
> 
> Some of my machines reside behind a corporate firewall, with Internet accessible only via web proxy (defined in HTTP_PROXY and HTTPS_PROXY environment variables).
> 
>  
> 
> wget on all of my machines is located in /opt/local/bin directory (installed by Macports).
> 
>  
> 
> The error log I’m getting from TeX Live Utility.app seems to indicate that it is unable now to locate wget executable (which is /opt/local/bin/wget and on the PATH).
> 
>  
> 
> 2018-06-19 19:09:41 +0000 Notice +[TLMEnvironment _handleLocationOperationFinished:][24805]  Finished setting command line server location:
> 
>      location = http://tug.ctan.org/tex-archive/systems/texlive/tlnet <http://tug.ctan.org/tex-archive/systems/texlive/tlnet>
> 2018-06-19 19:09:58 +0000 Notice -[TLMLogWindowController awakeFromNib][24805]     Loaded log window controller
> 
> 2018-06-19 19:11:36 +0000 Notice -[TLMOperation main][24805]     Successfully executed `/Applications/TeX/TeX Live Utility.app/Contents/MacOS/agent_installer.py --install --plist /var/folders/c6/lnc_0m093ys8w16md_fm1mnxhtfnj8/T/TLMLaunchAgentController/com.googlecode.mactlmgr.update_check.plist --script /Applications/TeX/TeX Live Utility.app/Contents/Resources/update_check.py`
> 
> 2018-06-19 19:11:36 +0000 Notice -[TLMOperation main][24805]     agent_installer.py: nothing to unload
> 
> 2018-06-19 19:11:36 +0000 Notice -[TLMMainWindowController _handleLaunchAgentInstallFinishedNotification:][24805] Finished running launchd agent installer script
> 
> 2018-06-19 19:12:16 +0000 Notice -[TLMMainWindowController _refreshUpdatedPackageListFromLocation:][24805]  Refreshing list of updated packages…
> 
> 2018-06-19 19:12:17 +0000 Notice -[TLMOperation main][24805]     Failed executing `/Library/TeX/texbin/tlmgr --machine-readable --repository http://tug.ctan.org/tex-archive/systems/texlive/tlnet <http://tug.ctan.org/tex-archive/systems/texlive/tlnet> update --list --all` (error 1)
> 
> 2018-06-19 19:12:17 +0000 Notice -[TLMOperation main][24805]     /Library/TeX/texbin/tlmgr: Initialization failed (in setup_unix_one):
> 
> /Library/TeX/texbin/tlmgr: could not find a usable wget.
> 
> /Library/TeX/texbin/tlmgr: Please install wget and try again.
> 
> tlmgr: Couldn't set up the necessary programs.
> 
> Installation of packages is not supported.
> 
> Please report to texlive at tug.org <mailto:texlive at tug.org>.
> 
> Use of uninitialized value $r in split at /usr/local/texlive/2018/tlpkg/TeXLive/TLUtils.pm line 4167.
> 
> tlmgr: Cannot find main repository, you have to tag one as main!
> 
>  
> 
> Attempt to manually invoke the above command results in:
> 
>  
> 
> $ sudo /Library/TeX/texbin/tlmgr --machine-readable --repository http://tug.ctan.org/tex-archive/system/texlive/tlnet <http://tug.ctan.org/tex-archive/system/texlive/tlnet> update --list --all
> 
> /Library/TeX/texbin/tlmgr: open tlpdb(http://tug.ctan.org/tex-archive/system/texlive/tlnet/tlpkg/texlive.tlpdb <http://tug.ctan.org/tex-archive/system/texlive/tlnet/tlpkg/texlive.tlpdb>) failed: Operation timed out at /usr/local/texlive/2018/tlpkg/TeXLive/TLPDB.pm line 362.
> 
> $
> 
>  
> 
> Please help!
> 
>  
> 
>  
> 
> As a start to sorting this out, it could be useful to know if "sudo -E   /Library/TeX/texbin/tlmgr --machine-readable --repository
> 
>  http://tug.ctan.org/tex-archive/system/texlive/tlnet <http://tug.ctan.org/tex-archive/system/texlive/tlnet> update --list --all" works.  
> 
> 
> 
> 
> The "-E" option tells sudo to pass user's environment (e.g., to get the _PROXY variables and a PATH that mentions /opt/local/bin).  
> 
>  
> 
> -- 
> 
> George N. White III
> 
> 
> 
> -- 
> George N. White III

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tug.org/pipermail/tex-live/attachments/20180620/b839f165/attachment-0001.html>


More information about the tex-live mailing list