Hello,
Since many years i see people asking why their update fails, and the answer always has been the mirror was faulty and they could wait or change their sources.list to an other mirror. So i continously have been playing around and used a lot of different tricks. E.g. in the beginning the siduction repos were delivered as FTP-Links and we changed the protocol for the ftp-servers to http. Shortly after this episode the redirector method of http.debian.net became popular. The redirector checks its mirrors every three minutes and so greatly enhances the quality of updates. I happily used it through the year 2013.
But after haveing only very occasionally an issue in 2013 the service remarkably increased the number of failures in december 2013 and i began to jump back and forward between two mirrors again. Another successful strategy was waiting: Sometimes the bug just vanishes over night. Eventually i noticed that after changing my sources a download of the whole package lists from the new mirror occured. So i suspected the Pdiffs to be faulty and i worked out things like this in the beginning of 2014:
LANG=C apt-get update || LANG=C apt-get -o Acquire::Pdiffs=false update && LANG=C apt-get -dy dist-upgrade
|| is the lazy evaluating boolean OR in bash: so only if the first "apt-get update" fails it is repeated by omitting the pdiffs and thus downloading the whole lists.
Later I was told that apt-get would not always give correct return values und so i wrote this little check in bash to match the word "Failed" or "failed" and then try again.
RegEx='*[Ff]ailed*' ; if output=$(LANG=C apt-get update 2>&1) && [[ $output == $RegEx ]] ; then apt-get -o "Acquire::Pdiffs=false" update ; else echo -e "$output" ; fi
Even the opposite was true: avoiding pdiffs and downloading the complete lists wouldn't safe you from the bug. But then you could switch to using Pdiffs and your update would succeed. WTF is going on here?
[solved]
This recent bug report
apt-get corrupts ..on running unxz has a predecessor
Hash Sum mismatch. I like it how the bug report starts with
" Could you please fix this soon. " because it has been opened three years ago on 2011/04/26. Apparently it was never solved but rather hijacked in january 2014 and used for tracking the xz bug.
Suggested workarounds have been in two similar forms:
LANG=C apt-get -o 'Acquire::CompressionTypes::Order::="gz"' update
LANG=C apt-get -o 'Acquire::CompressionTypes::Order::={"gz";}' update
If -o doesn't help, then you still can try to add this line to /etc/apt/apt.conf:
Acquire::CompressionTypes::Order:: "gz"
While testing theese workarounds you might want to increase the verbosity by addding this debug option:
-o 'Debug::Acquire::http=true'
Apparently the bug was finally fixed with apt version 1.0 on 2014/04/01 (no fool's joke).
And so I would like to conclude with a citation from the #debian-next irc channel on irc.oftc.net:
<SynrG> i had commented earlier "i don't know if long-term this does anything but move the problem around" or something to that effect.
In other words: All workarounds just tend to push the real issue behind the
event horizon.
greetings
musca
P.S. I have seen several hash sum mismatches this week. The bug may live long and prosper!