mercurial-keyring is broken
I installed mercurial-keyring with:
sudo apt-get install mercurial-keyring
When I try to use it I get:
$ hg pull
pulling from *******
keyring: keyring backend doesn't seem to work, password can not be restored. Falling back to prompts. Error details: cannot import name 'backend' from 'cryptography.
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: mercurial-keyring 1.3.0-1
ProcVersionSign
Uname: Linux 5.4.0-40-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.11-0ubuntu27.4
Architecture: amd64
CasperMD5CheckR
CurrentDesktop: X-Cinnamon
Date: Sun Jul 19 20:15:08 2020
InstallationDate: Installed on 2013-10-11 (2473 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
PackageArchitec
SourcePackage: mercurial-keyring
UpgradeStatus: Upgraded to focal on 2020-07-12 (6 days ago)
Question information
- Language:
- English Edit question
- Status:
- Answered
- Assignee:
- No assignee Edit question
- Last query:
- Last reply:
Revision history for this message
|
#1 |
/usr/local/
Thank you for taking the time to report this bug and trying to help make Ubuntu better. However, it seems that you are not using a software package provided by the official Ubuntu repositories. Because of this the Ubuntu project can not support or fix your particular bug. Please report this bug to the provider of the software package. Thanks!
If you are interested in learning more about software repositories and Ubuntu, check https:/
Revision history for this message
|
#2 |
mercurial (5.3.1-1ubuntu1 on Ubuntu 20.04 [1]) uses explictly python2. How you ended to use python3.8?
[1] https:/
Revision history for this message
|
#3 |
I was reporting a bug, not asking a question.
If I'm not supposed to report it here, then why does the command "ubuntu-bug mercurial-keyring" generate a bug report on launchpad?
Revision history for this message
|
#4 |
> How you ended to use python3.8?
I installed it with "sudo apt-get install python3" and changed the symlink /use/something/
I needed python 3 for TortoiseHg to work.
Revision history for this message
|
#5 |
> I installed it with "sudo apt-get install python3" and changed the symlink /use/something/
That does not work. Python2 and python3 are different thinks. On Ubuntu 20.04 mercurial seems python2 only ( though mercurial-keyring package seems contain python3 module).
there is already bug report about mercurial python transition:
mercurial should depend on Python 3 as in Debian experimental https:/
Revision history for this message
|
#6 |
Additional remark:
The Ubuntu-provided package provides and uses
/usr/lib/
and not
/usr/local/
This proves that you are using foreign software.
Revision history for this message
|
#7 |
And how can I fix that?
I had previously installed it with pip, and it didn't work either.
So I have tried to reinstall everything using ubuntu packages
I did:
sudo apt-get install --reinstall python3-keyring
sudo apt-get install --reinstall python3-
sudo apt-get install --reinstall python3-openssl
sudo apt-get install --reinstall python3-
And now just in case I just re-did: sudo apt-get install --reinstall mercurial-keyring
Is there anything else I need to reinstall or remove?
Revision history for this message
|
#8 |
> I had previously installed it with pip, and it didn't work either.
"sudo pip install: A bad idea"
https:/
https:/
https:/
> And how can I fix that?
maybe cleanup files from /usr/local/
Revision history for this message
|
#9 |
> I installed it with "sudo apt-get install python3" and changed the symlink /use/something/
And reverting this?
Revision history for this message
|
#10 |
What is output of commands:
which python python2 python3
ls -la /usr/bin/python /usr/bin/python2 /usr/bin/python3
Revision history for this message
|
#11 |
Just note. You still has some old unofficial packages installed:
libicu65 65.1-1+
libpcre3 2:8.44-
libssl1.1 1.1.1g-
libxml2 2.9.10+
Revision history for this message
|
#12 |
>> I installed it with "sudo apt-get install python3" and
>> changed the symlink /use/something/
> And reverting this?
I guess you mean reverting the symbolic link.
Then I get an exception and mercurial stops working completely (as opposed to gracefully failing to retrieve the password from the keyring and prompting me to insert it manually):
=======
$ hg pull
pulling from *****************
** Unknown exception encountered with possibly-broken third-party extension mercurial_keyring
** which supports versions unknown of Mercurial.
** Please disable mercurial_keyring and try your action again.
** If that fixes the bug please report it to https:/
** Python 2.7.18rc1 (default, Apr 7 2020, 12:05:55) [GCC 9.3.0]
** Mercurial Distributed SCM (version 5.3.1)
** Extensions loaded: mercurial_keyring
Traceback (most recent call last):
File "/usr/local/
dispatch.run()
File "/usr/lib/
status = dispatch(req)
File "/usr/lib/
ret = _runcatch(req) or 0
File "/usr/lib/
return _callcatch(ui, _runcatchfunc)
File "/usr/lib/
return scmutil.
File "/usr/lib/
return func()
File "/usr/lib/
return _dispatch(req)
File "/usr/lib/
lui, repo, cmd, fullargs, ui, options, d, cmdpats, cmdoptions
File "/usr/lib/
ret = _runcommand(ui, options, cmd, d)
File "/usr/lib/
return cmdfunc()
File "/usr/lib/
d = lambda: util.checksigna
File "/usr/lib/
return func(*args, **kwargs)
File "/usr/lib/
other = hg.peer(repo, opts, source)
File "/usr/lib/
rui, path, create, intents=intents, createopts=
File "/usr/lib/
ui, path, create, intents=intents, createopts=
File "/usr/lib/
inst = makepeer(ui, path)
File "/usr/lib/
respurl, info = performhandshak
File "/usr/lib/
resp = sendrequest(ui, opener, req)
File "/usr/lib/
res = opener.open(req)
File "/usr/lib/
response = meth(req, response)
File "/usr/lib/
'http', request, response, code, msg, hdrs)
File "/usr/lib/
result = self._call_
File "/usr/lib/
result = func(*args)
File "/usr/lib/
url, req, headers)
File "/usr/lib/
self, auth_header, host, req, headers
File "/usr/lib/
return basic_http_
File "/usr/lib/
return self.retry_
File "/usr/lib/
realm, urllibcompat.
File "/usr/lib/
return self._pwd_
File "/usr/lib/
pwmgr, realm, authuri, skip_caches=
File "/usr/lib/
parsed_url, url_user, url_passwd = self.unpack_
File "/usr/lib/
authuri = meu.pycompat.
AttributeError: 'module' object has no attribute 'pycompat'
=======
Also, tortoiseHg (which works fine with python3) fails miserably:
=======
$ ./thg
Traceback (most recent call last):
File "./thg", line 54, in <module>
build_
File "/home/
self._wrapuic()
File "/home/
uic = cls._impuic()
File "/home/
from tortoisehg.
File "/home/
from PyQt5.QtCore import *
ImportError: No module named PyQt5.QtCore
=======
which is the same error I got when I first installed it (after the upgrade to 20.04 removed it) from source (since no package for Ubuntu 20.04 was available), and is the reason why I embarked into installing python3 in the first place.
Revision history for this message
|
#13 |
> File "/usr/local/
> dispatch.run()
> File "/usr/lib/
You have hg command installed to /usr/local/bin - from sources? and it tries to use mercurial python module installed from Ubuntu mercurial package?
Revision history for this message
|
#14 |
Some ideas:
- If you really need that thg. Remove mercurial Ubuntu packages. And install mercurial, needed mercurial plugins (?) and thg from sources - as you already tried to do.
- or If you really need that thg. on groovy-proposed there is python3 enabled mercurial packages - test them
- or If you don't really need thg. Use Ubuntu provided mercurial packages and cleanup all source installs
Revision history for this message
|
#15 |
Turns out, I forgot (it's a long story) I did at some point install hg from sources.
So, now I'm trying to do this:
> Remove mercurial Ubuntu packages. And install mercurial, needed mercurial plugins (?) and thg from sources -
> as you already tried to do.
I already apt-get remove'd mercurial and its dependant packages.
Now, I get this error:
cannot import name 'backend' from 'cryptography.
so I thought I would remove ubuntu's cryptography and install it with "pip install --user cryptography"
However, if I try to apt-get remove cryptography, the list of dependant packages that will be removed is huge, and inclused among other things, "apport" and (!!!!!!) "ubuntu-desktop"
Revision history for this message
|
#16 |
> I already apt-get remove'd mercurial and its dependant packages.
You probably should not remove anything else than mercurial.* packages.
> cannot import name 'backend' from 'cryptography.
And now we hit this. That file is provided by python3-
What is output of command:
python3 -c "from cryptography.
Revision history for this message
|
#17 |
libssl1.1 1.1.1g-
https:/
https:/
Revision history for this message
|
#18 |
For diagnostic purposes, what is the output of
dpkg -l | grep sury
And a general remark:
You should either try installing the packages from the standard Ubuntu sources in the Ubuntu-provided versions as far as possible (no pip, no PPAs, etc.),
or install from whatever source you like. In that case, however, Ubuntu-support cannot help.
Revision history for this message
|
#19 |
> Can you get better backtrace?
I'd love to but I don't know how to.
I even tried temporarily modifying the code of mercurial_keyring to remove the try-catch, but that didn't help: the exception would not be caught, but the error message was still that same one-line.
Actually I wonder: how is it possible that it not only gives a backtrace, but doesn't even point to the line number where the error is?
Revision history for this message
|
#20 |
> https:/
> https:/
Interesting!
So now I ran "sudo ppa-purge ondrej/php". I forgot to save the output but it did say something about libssl1.
I still get the same error in cryptography.
$ python3 -c "from cryptography.
OpenSSL 1.1.1g 21 Apr 2020
$ sudo apt list --installed |grep libssl
WARNING: apt does not have a stable CLI interface. Use with caution in scripts.
libssl1.0-dev/now 1.0.2n-1ubuntu5.3 amd64 [installed,local]
libssl1.0.0/now 1.0.2n-1ubuntu5.3 amd64 [installed,local]
libssl1.0.0/now 1.0.2n-1ubuntu5.3 i386 [installed,local]
libssl1.1/focal,now 1.1.1f-1ubuntu2 amd64 [installed]
$ dpkg -l | grep sury
rc apache2 2.4.43-
rc libapache2-
ii libjbig0:amd64 2.1-3.1+
ii libjbig0:i386 2.1-3.1+
rc php-pear 1:1.10.
rc php7.0-cli 7.0.33-
rc php7.2-cli 7.2.32-
rc php7.2-common 7.2.32-
rc php7.2-curl 7.2.32-
rc php7.2-gd 7.2.32-
rc php7.2-mbstring 7.2.32-
rc php7.2-mysql 7.2.32-
rc php7.2-xml 7.2.32-
rc php7.2-zip 7.2.32-
rc php7.3-common 7.3.19-
rc php7.3-mbstring 7.3.19-
rc php7.3-xml 7.3.19-
rc php7.4-common 7.4.7-1+
rc php7.4-mbstring 7.4.7-1+
rc php7.4-xml 7.4.7-1+
Revision history for this message
|
#21 |
My assumtion is that you now have various different installations of the involved packages on your system, and that in some cases the wrong ones are used.
What output do you receive for the commands
sudo updatedb
locate mercurial-keyring
locate backend.py | grep hazmat
(if the first command reports that the program is not installed, then issue the command
sudo apt install mlocate
and try again)
Revision history for this message
|
#22 |
libssl1.0.0 1.0.2n-1ubuntu5.3 is for Ubuntu bionic, but you are running focal.
Another wrong package version.
Revision history for this message
|
#23 |
> cannot import name 'backend' from 'cryptography.
I managed reproduce this with mixed focal+groovy ubuntu packages, when using keyring.
Revision history for this message
|
#24 |
> What backend do you use?
I have no idea, I never chose one.
$ keyring --list-backends
keyring.
keyring.
keyring.
keyring.
Not sure if this answers your question.
> I managed reproduce this with mixed focal+groovy ubuntu packages
What mix of focal+groovy packages?
Revision history for this message
|
#25 |
> What mix of focal+groovy packages?
focal with mercurial, mercurial-common (5.4.1-2ubuntu1) and mercurial-keyring (1.3.0-3) from groovy. (and real groovy seems not affected)
Revision history for this message
|
#26 |
this should work:
PYTHON_
and if you have python3-
PYTHON_
Revision history for this message
|
#27 |
and workaround is disable hgdemandimport with environment variable:
HGDEMANDIMPORT=
and then keyring.
Revision history for this message
|
#28 |
Amazing! This works:
HGDEMANDIMPORT=
Can anybody explain what's going on?
I also tried this:
PYTHON_
That gets rid of the error, but prompts me for the password. Not sure if that's expected, but it completely defeats the purpose of using mercurial_keyring in the first place.
Revision history for this message
|
#29 |
(cos I have nothing else to do)
> (real groovy seems not affected)
groovy is affected. (but I tested only with locked keyring)
> Can anybody explain what's going on?
> I even tried temporarily modifying the code of mercurial_keyring to remove the try-catch
wrong try-catch? and without --traceback? anyway, relevant parts:
File "/home/
keyring.
File "/usr/lib/
_keyring_
File "/usr/lib/
collection.
File "/usr/lib/
_secret = format_
File "/usr/lib/
encryptor = Cipher(aes, modes.CBC(aes_iv), default_
File "/usr/lib/
from cryptography.
File "/usr/lib/
self.
File "/usr/lib/
from cryptography.
ImportError: cannot import name 'backend' from 'cryptography.
Revision history for this message
|
#30 |
@teo, @Kai:
What output do you receive for the command
python3 -c 'from cryptography.
and
python -c 'from ...
or
python2 -c 'from ...
or
python2.7 -c 'from ...
(depending on your python 2 set-up)
Revision history for this message
|
#31 |
works:
python3 -c "import hgdemandimport; hgdemandimport.
python3 -c "import hgdemandimport; hgdemandimport.
fails:
python3 -c "import hgdemandimport; hgdemandimport.
Traceback (most recent call last):
File "<string>", line 1, in <module>
File "/usr/lib/
from cryptography.
File "/usr/lib/
self.
File "/usr/lib/
from cryptography.
ImportError: cannot import name 'backend' from 'cryptography.
Revision history for this message
|
#32 |
I guess that mercurial_
https:/
https:/
Revision history for this message
|
#33 |
works:
python3 -c '
import hgdemandimport; hgdemandimport.
with hgdemandimport.
import cryptography.
(and what mercurial_
python3 -c '
import hgdemandimport; hgdemandimport.
hgdemandimport.
import cryptography.
there is already two open bug reports:
https:/
https:/
teo1978: 'cos you already reported that to upstream, can you update your report?
Can you help with this problem?
Provide an answer of your own, or ask teo1978 for more information if necessary.