GNOME Software fails to install .deb packages that trigger debconf prompts

Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.

I believe the problem is that nothing ensures that the desktop components which select and install software have access to a GUI debconf frontend.

I think the proper solution is for each of the frontends to aptdaemon to depend/recommend a suitable debconf frontend component (libgtk2-perl, libqtgui4-perl/libqtcore4-perl).

For 17.04, this includes at least gnome-software and software-properties-gtk.

This bug was fixed in the package gnome-software - 3.22.7-0ubuntu3

---------------
gnome-software (3.22.7-0ubuntu3) zesty; urgency=medium

  * Make gnome-software Recommend: libgtk2-perl, without which debconf
    prompts from packages can never be shown. LP: #1679435.

 -- Steve Langasek <email address hidden> Mon, 10 Apr 2017 13:29:18 -0700

this is an incomplete fix; we also need to change the code to tell aptdaemon which debconf frontend to use.

commit fb4e6a91585b53eec9db304c41a7fb965f7813b8
Author: Robert Ancell <email address hidden>
Date: Thu Apr 20 16:46:36 2017 +1200

    apt: Support debconf

This bug was fixed in the package gnome-software - 3.22.7-0ubuntu4

---------------
gnome-software (3.22.7-0ubuntu4) artful; urgency=medium

  * debian/patches/0002-Add-an-APT-plugin.patch:
    - Support debconf prompts (LP: #1679435)
  * debian/patches/0015-dpkg-Mark-local-.debs-as-managed-by-APT.patch:
  * debian/patches/0016-Make-filename-passed-with-local-filename-absolute.patch:
    - Fix local .deb files not being installable: (LP: #1672424)

 -- Robert Ancell <email address hidden> Wed, 26 Apr 2017 15:47:47 +1200

Just asking, why did it recommend libgtk2-perl, and not libgtk3-perl? Does not debconf work with libgtk3-perl?

Both libgtk3-perl and libgtk2-perl are not in main. libgtk2-perl is in main in Zesty and later once gnome-software recommended it on 10 Apr 2017. However, it didn't get a MIR.

Hello Bobby, or anyone else affected,

Accepted gnome-software into zesty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gnome-software/3.22.7-0ubuntu3.17.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

@Amr, yes, unfortunately debconf only works with libgtk2-perl.

libgtk2-perl seems to be in main [1], or am I missing something?

[1] https://launchpad.net/ubuntu/+source/libgtk2-perl

@Robert, yes, libgtk2-perl is in main starting only from Zesty once gnome-software (3.22.7-0ubuntu3) recommended it on 10 April 2017. However, it didn't get an MIR. Then it was copied to main in Trusty, Xenial and Yakkety on 27 April 2017.

Amr, libgtk2-perl used to be in main (in precise) so a full MIR wasn't necessary.

Yes, porting debconf's GTK backend to GTK3 would be nice since very little of the default Debian GNOME and Ubuntu desktops actually use GTK2 now.

Confirmed I can install fake-noisy-driver in zesty and the debconf prompt is shown.

Hello Bobby, or anyone else affected,

Accepted gnome-software into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gnome-software/3.20.1+git20170427.0.3d09239-0ubuntu1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Hello Bobby, or anyone else affected,

Accepted gnome-software into xenial-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/gnome-software/3.20.1+git20170427.0.3d09239-0ubuntu1~xenial1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance!

Tested on Xenial.

gnome-software:
  Installed: 3.20.1+git20170427.0.3d09239-0ubuntu1~xenial1
  Candidate: 3.20.1+git20170427.0.3d09239-0ubuntu1~xenial1
  Version table:
 *** 3.20.1+git20170427.0.3d09239-0ubuntu1~xenial1 500
        500 http://gb.archive.ubuntu.com/ubuntu xenial-proposed/main amd64 Packages
        100 /var/lib/dpkg/status
     3.20.1+git20170208.0.a34b091-0ubuntu1~xenial1 500
        500 http://gb.archive.ubuntu.com/ubuntu xenial-updates/main amd64 Packages
     3.20.1+git20160420.1.ca63436.ubuntu-xenial-0ubuntu2 500
        500 http://gb.archive.ubuntu.com/ubuntu xenial/main amd64 Packages

And I can confirm that it worked as expected.

Confirmed fixed in Yakkety (3.20.1+git20170427.0.3d09239-0ubuntu1)

This change seems to be missing an error check, see bug 1689425

This bug was fixed in the package gnome-software - 3.20.1+git20170427.0.3d09239-0ubuntu1

---------------
gnome-software (3.20.1+git20170427.0.3d09239-0ubuntu1) yakkety; urgency=medium

  * New upstream snapshot from the wip/ubuntu-3-20 branch at
    git://git.gnome.org/gnome-software.
    - Support debconf prompts (LP: #1679435)
    - Fix local .deb files not being installable: (LP: #1672424)
  * debian/control:
    - Recommend debconf, libgtk2-perl

 -- Robert Ancell <email address hidden> Thu, 27 Apr 2017 10:44:19 +1200

The verification of the Stable Release Update for gnome-software has completed successfully and the package has now been released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug was fixed in the package gnome-software - 3.20.1+git20170427.0.3d09239-0ubuntu1~xenial1

---------------
gnome-software (3.20.1+git20170427.0.3d09239-0ubuntu1~xenial1) xenial; urgency=medium

  * New upstream snapshot from the wip/ubuntu-3-20 branch at
    git://git.gnome.org/gnome-software.
    - Support debconf prompts (LP: #1679435)
    - Fix local .deb files not being installable: (LP: #1672424)
  * debian/control:
    - Recommend debconf, libgtk2-perl
  * debian/README.source:
    - Update branch name (wip/ubuntu-xenial -> wip/ubuntu-3-20).

 -- Robert Ancell <email address hidden> Thu, 27 Apr 2017 10:44:19 +1200