Following the instructions (https://www.hipchat.com/downloads#linux-install) leads to a failure on Ubuntu 16.04 (Xenial, to be released on April 21st) when trying to update the repo data. The reasons seems to be an update of apt's security policy which now requires a SHA2 key to consider hashes secure. Currently, the HipChat repo only supports md5 sums and SHA1 hashes.
sudo apt-get update fails with the following message:
E: Failed to fetch https://atlassian.artifactoryonline.com/atlassian/hipchat-apt-client/dists/xenial/Release No Hash entry in Release file /var/lib/apt/lists/partial/atlassian.artifactoryonline.com_atlassian_hipchat-apt-client_dists_xenial_Release which is considered strong enough for security purposes
There are MD5 sums and SHA1 hashes given, SHA2 is missing (Dump of
/var/lib/apt/lists/partial/atlassian.artifactoryonline.com_atlassian_hipchat-apt-client_dists_xenial_Release):
Origin: Artifactory Label: Artifactory Suite: xenial Codename: xenial Date: Tue, 29 Mar 2016 19:01:35 UTC Component: main Architectures: amd64 i386 MD5Sum: dd3772098a8667377384e60378c02be7 3170 main/binary-amd64/Packages f1f74c92647239e2749f83f5f213bb2b 892 main/binary-amd64/Packages.bz2 e06cf7ceacbc63f92bbf183481cdc089 709 main/binary-amd64/Packages.gz d41d8cd98f00b204e9800998ecf8427e 0 main/binary-i386/Packages 4059d198768f9f8dc9372dc1c54bc3c3 14 main/binary-i386/Packages.bz2 3970e82605c7d109bb348fc94e9eecc0 20 main/binary-i386/Packages.gz SHA1: e47c8e208e97cb0720b6414fbd388f07a48f62d9 3170 main/binary-amd64/Packages 3576add76d8cefde17794f7f25549fad2e037838 892 main/binary-amd64/Packages.bz2 4f75b0e662b9eff505de8ed428d40c9543048121 709 main/binary-amd64/Packages.gz da39a3ee5e6b4b0d3255bfef95601890afd80709 0 main/binary-i386/Packages 64a543afbb5f4bf728636bdcbbe7a2ed0804adc2 14 main/binary-i386/Packages.bz2 e03849ea786b9f7b28a35c17949e85a93eb1cff1 20 main/binary-i386/Packages.gz
Best,
Fabian
SHA256 hashes have been appended on Mon, 16 May 2016 04:21:21 UTC and installation of hipchat4 works now. Thanks!
Hey William,
thanks for describing the alternative route! Mine is to just use https://web.hipchat.com for the moment.
While it might be a more complicated task to automate builds with included SHA256 hashes, it might be a quick fix to just call sha256sum for all files and manually add this data for the current build. At least the path of installing HipChat with a chance of possibly broken update options seems a better one than not installing HipChat at all.
Best,
Fabian
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
@Fabian Topfstedt
Nice additional information Fabian. I've never tried the sha256sum/adding for current build. Nifty.
-wc
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hey Fabian - nice catch. That sha1 deprecation is going to play hell with everyone.
such an awesome error message...
apt-get update E: Failed to fetch https://atlassian.artifactoryonline.com/atlassian/hipchat-apt-client/dists/xenial/Release No Hash entry in Release file /var/lib/apt/lists/partial/atlassian.artifactoryonline.com_atlassian_hipchat-apt-client_dists_xenial_Release which is considered strong enough for security purposes
Anyway, you can get around this problem with an (unsecure, know WTF you are doing workaround) by just downloading the deb file by hand and installing it using dpkg:
NOTE: before executing any of these command line statements you'll want to be sure your system is updated, has the dependencies installed, and that you know what you are doing.
Steps
ah, nevermind, looks like Atlassian has released a new client already
nope, nothing new available. the above works, however. Just make sure you get the right architecture for your desktop (32bit/64bit)
-wc
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
"Just make sure you get the right architecture for your desktop (32bit/64bit)"
How can I do get a 32bit version? Is there any i386 wersion of the link?
Thanks, Jan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.