/usr/bin/curl -v -C - -f [url]http://ftp.ntua.gr/pub/linux/archlinux/core/os/x86_64/core.db[/url] > /dev/null
* Uses proxy env variable no_proxy == 'localhost,127.0.0.0/8,::1'
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:14 --:--:-- 0* Trying 147.102.222.211...
* TCP_NODELAY set
0 0 0 0 0 0 0 0 --:--:-- 0:00:15 --:--:-- 0* Connected to [url=ftp://ftp.ntua.gr]ftp.ntua.gr[/url] (147.102.222.211) port 80 (#0)
> GET /pub/linux/archlinux/core/os/x86_64/core.db HTTP/1.1
> Host: [url=ftp://ftp.ntua.gr]ftp.ntua.gr[/url]
> User-Agent: curl/7.63.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Date: Thu, 03 Jan 2019 21:56:39 GMT
< Server: Apache/2.2
< Last-Modified: Wed, 02 Jan 2019 23:08:26 GMT
< ETag: "58347d-21973-57e81b92a6e80"
< Accept-Ranges: bytes
< Content-Length: 137587
< Connection: close
< Content-Type: text/plain; charset=UTF-8
<
{ [1135 bytes data]
100 134k 100 134k 0 0 8817 0 0:00:15 0:00:15 --:--:-- 30520
* Closing connection 0
So what's up ? I have to connect to my phone to install something, it's annoying lol
]]>$ /usr/bin/curl -v -C - -f http://ftp.ntua.gr/pub/linux/archlinux/core/os/x86_64/core.db > /dev/null
]]>What is the output of the following
/usr/bin/curl -v -C - -f http://mirror.united-gameserver.de/archlinux/core/os/x86_64/core.db > /dev/null
$ /usr/bin/curl -v -C - -f http://mirror.united-gameserver.de/archlinux/core/os/x86_64/core.db > /dev/null
* Uses proxy env variable no_proxy == 'localhost,127.0.0.0/8,::1'
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- 0:00:14 --:--:-- 0* Trying 213.202.193.253...
* TCP_NODELAY set
* Connected to mirror.united-gameserver.de (213.202.193.253) port 80 (#0)
0 0 0 0 0 0 0 0 --:--:-- 0:00:16 --:--:-- 0> GET /archlinux/core/os/x86_64/core.db HTTP/1.1
> Host: mirror.united-gameserver.de
> User-Agent: curl/7.63.0
> Accept: */*
>
< HTTP/1.1 200 OK
< Server: nginx/1.10.3
< Date: Thu, 27 Dec 2018 14:27:38 GMT
< Content-Type: application/octet-stream
< Content-Length: 136750
< Last-Modified: Wed, 26 Dec 2018 02:35:25 GMT
< Connection: keep-alive
< ETag: "5c22e8ed-2162e"
< Accept-Ranges: bytes
<
{ [1141 bytes data]
100 133k 100 133k 0 0 8270 0 0:00:16 0:00:16 --:--:-- 29605
* Connection #0 to host mirror.united-gameserver.de left intact
$ sudo pacman -Suy
:: Synchronizing package databases...
error: failed retrieving file 'core.db' from ftp.ntua.gr : Resolving timed out after 10000 milliseconds
What's the prescription, doctor ?
Thank you for the explanations Slithery
]]>And I have also a small question aside my issue, why the mirror protocols are not using ssl ? I guess it's a leak because a man-and-the-middle could modify the db file and make a link pointing on another content (locally or from internet, I guess there are further securities to prevent it, but still it's something incertain), do you have any explanations about the http ?
Some mirrors do use https...
https://www.archlinux.org/mirrorlist/all/https/
It's not of big as a risk as you're making out. All of the packages in the official repositories are signed so it would be impossible for an attacker to get you to install an untrusted package. The worst they could do is to modify core.db so you didn't get any updates for specific packages hoping to keep you on a vunerable version of a piece of software.
]]>/usr/bin/curl -v -C - -f http://mirror.united-gameserver.de/archlinux/core/os/x86_64/core.db > /dev/null
$ wget http://mirror.united-gameserver.de/archlinux/multilib/os/x86_64
--2018-12-23 16:16:53-- http://mirror.united-gameserver.de/archlinux/multilib/os/x86_64
Resolving mirror.united-gameserver.de (mirror.united-gameserver.de)... 213.202.193.253
Connecting to mirror.united-gameserver.de (mirror.united-gameserver.de)|213.202.193.253|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: http://mirror.united-gameserver.de/archlinux/multilib/os/x86_64/ [following]
--2018-12-23 16:17:24-- http://mirror.united-gameserver.de/archlinux/multilib/os/x86_64/
Reusing existing connection to mirror.united-gameserver.de:80.
HTTP request sent, awaiting response... 200 OK
Length: 119975 (117K) [application/xhtml+xml]
Saving to: ‘x86_64.1’
x86_64.1 100%[========================================================================================>] 117.16K 27.6KB/s in 4.2s
2018-12-23 16:17:28 (27.6 KB/s) - ‘x86_64.1’ saved [119975/119975]
The last router I used worked well, I guess it means that my router doesn't support ipv6 ? It's the first time that I get this issue, most of the routers support ipv6, right ?
Then how to fix it ?
And I have also a small question aside my issue, why the mirror protocols are not using ssl ? I guess it's a leak because a man-and-the-middle could modify the db file and make a link pointing on another content (locally or from internet, I guess there are further securities to prevent it, but still it's something incertain), do you have any explanations about the http ?
]]>Lone_Wolf wrote:There's one thing that strikes me as odd : all replies are ipv4 .
Do you have ipv6 disabled ?Can you tell me exactly how to know if it's enabled or not ? It seems ok according to this command:
$ ip -6 addr show wlp1s0 2: wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000 inet6 fe80::e28b:980a:3cd7:270c/64 scope link noprefixroute valid_lft forever preferred_lft forever
By the way, I don't have a file like /etc/sysctl.d/40-ipv6.conf
$ ls /etc/sysctl.d 40-max-user-watches.conf
IPv6 addresses starting with fe80 are a special case, see https://en.wikipedia.org/wiki/Link-local_address .
Ping uses ipv6 by default and ipv4 as fallback or when ping is specifcally told to use ipv4 (like pinging 8.8.8.8 )
The kernel by default supports ipv6 , but your networkcard hasn't gotten an ipv6 dhcp address .
That means you disabled it OR your router / isp don't support ipv6.
problems with ipv6 might have to do with the timeouts.
]]>pacman -Sup
Will print (-p) the file locations for all packages that are in the current full system update (-u).
For packages available in the cache, this will be file:///var/cache/pacman/pkg urls, for packages that still need to be downloaded, this will be http urls that you can use to download. You can also use a package you definitely don't have installed, in order to retrieve the correct url. The core.db will just be swapping out the last component, but I assume any file from the mirror would have the same error.
For the current version of pacman, you can now use
$ pacman-conf --repo core Server
https://mex.mirror.pkgbuild.com/core/os/x86_64
http://arch.mirror.square-r00t.net/core/os/x86_64
http://mirrors.rit.edu/archlinux/core/os/x86_64
http://mirror.epiphyte.network/archlinux/core/os/x86_64
http://mirror.f4st.host/archlinux/core/os/x86_64
http://mirror.metalgamer.eu/archlinux/core/os/x86_64
To get the right base url for a repo, and then append "/core.db"
]]>There's one thing that strikes me as odd : all replies are ipv4 .
Do you have ipv6 disabled ?
Can you tell me exactly how to know if it's enabled or not ? It seems ok according to this command:
$ ip -6 addr show wlp1s0
2: wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 state UP qlen 1000
inet6 fe80::e28b:980a:3cd7:270c/64 scope link noprefixroute
valid_lft forever preferred_lft forever
By the way, I don't have a file like /etc/sysctl.d/40-ipv6.conf
$ ls /etc/sysctl.d
40-max-user-watches.conf
What happens if you try to download the core.db file manually, for example with wget?
How can I find the link to try ? I've tried $ wget archlinux.mirrors.uk2.net/core.db but I guess it's a wrong address
]]>