19

I have an old test machine on Debian Wheezy that I can't really update right now.

Debian Wheezy repositories were archived in February. So I want ahead, and updated my /etc/apt/sources.list from

deb http://ftp.fr.debian.org/debian wheezy main
deb http://security.debian.org/ wheezy/updates main
deb http://ftp.fr.debian.org/debian wheezy-updates main

to

deb http://archive.debian.org/debian wheezy main
deb http://security.debian.org/ wheezy/updates main
deb http://archive.debian.org/debian wheezy-updates main

But, when running apt-get update, I'm getting this error:

# apt-get update
<snip>
Err http://archive.debian.org wheezy-updates/main i386 Packages
  404  Not Found [IP : 193.62.202.28 80]

Other repositories are being updated without issues.

Am I missing something?

Zoddo
  • 194
  • 1
  • 1
  • 8
  • wheezy is EOL, please _seriously_ consider upgrading to a supported release. – gxx Apr 01 '19 at 16:02
  • 1
    There isn't such a repository in the archive. It's years past time to upgrade. – Michael Hampton Apr 01 '19 at 16:27
  • Thanks for the remember! It's a test machine which live on my PC (it's a VM) which is not accessible from the Internet (not even from my LAN). I'll probably rebuild it from scratch in the near future with an up-to-date Debian. Of course, if it was a production machine, it would have already been upgraded. – Zoddo Apr 01 '19 at 16:45

3 Answers3

15

Using the Debian archive you shouldn't have an apt source line referring to wheezy-updates. This particular (sub-)distribution is not existing in the archives.

If you just remove the lines:

deb http://security.debian.org/ wheezy/updates main
deb http://ftp.fr.debian.org/debian wheezy-updates main

you should be able to run your apt-get commands again.

The whole story

The wheezy-updates repository contained packages that were provided to update the main repository, i.e. wheezy, between minor releases. Over time, when Wheezy got updated to 7.1, 7.2 and eventually to 7.11, the packages contained in wheezy-updates were moved into the main Wheezy repository. When Wheezy got EOLed, in May 2018, no packages were being kept in wheezy-updates, so there was no point in moving wheezy-updates to the Debian archive.

You can see the list of all Debian distributions supported by the archive repository at: http://archive.debian.org/debian/dists/ Also check the README files at http://archive.debian.org/README and http://archive.debian.org/debian/README to have an even fuller list of the archive content.

With regards to the security.debian.org repository, it is archived as well at http://archive.debian.org/debian-security/ If you want to fetch the very last updates, dating from May 2018, that were published for Wheezy, you can also add this line to your apt sources:

deb http://archive.debian.org/debian-security/ wheezy/updates main

Caution

Like said in the comments to your question, be careful when running a machine using the Debian archive as those packages are not updated and so not secure anymore (even when using debian-security from the archive). It probably is OK if your machine is not directly connected to a network, but otherwise, I would highly recommend upgrading as soon as possible.

Læti
  • 2,075
  • 21
  • 33
  • “The same goes for the security.debian.org repository, as Wheezy is EOL, you'll get no packages from there.” AFAICT this is not true. The security repo in http://archive.debian.org/debian-security contains Perl 5.14.2-21+deb7u6, but the main repo in http://archive.debian.org/debian only contains 5.14.2-21+deb7u3. – Christian Schmidt Apr 29 '19 at 13:36
  • True, thanks for your comment. I amended my answer to better reflect that. But those _security_ packages are now out of date as well, thus bring little value. – Læti Apr 29 '19 at 18:44
9

Add the security updates:

deb http://archive.debian.org/debian wheezy main
deb http://archive.debian.org/debian-security wheezy/updates main
Christian Schmidt
  • 103
  • 1
user518310
  • 91
  • 1
4

If like me you are dealing with an embedded wheezy system and just need to make something work, here are the complete steps that worked for me.

The original sources no longer exist which causes the 404 error (not found), so we need to modify the source list. Remove the original line add the two archive lines.

vi /etc/apt/sources.list
    deb http://archive.debian.org/debian wheezy main
    deb http://archive.debian.org/debian-security wheezy/updates main

Change the date back to before the security certificate expired.

 date +%Y%m%d -s "20180101"

Update list.

apt-get update -o Acquire::Check-Valid-Until=false;

Install stuff.

apt-get install nano inotify-tools msmtp   -o Acquire::Check-Valid-Until=false;

No guarantee how long this will work for, but it worked for me in May 2020. Use at your own risk.

Roy H
  • 41
  • 2
  • 1
    Could you explain how changing the system date fixes an HTTP 404 error? – womble Mar 10 '20 at 02:00
  • You need to remove the original sources in /etc/apt/sources.list as they no longer exist. The two previous answers covered this. Changing the date tricks apt-get into accepting the expired source list. – Roy H Mar 11 '20 at 03:44
  • Worked perfectly for me, too. Thanks. – bretter Mar 14 '20 at 19:22
  • Works for me too. Can you explain what the side-effects of date +%Y%m%d -s "20180101" are? – tersmitten Apr 18 '20 at 20:44
  • @tersmitten It depends on how paranoid you are about security. There's a certificate that the program you are running (apt-get in this case) uses to verify that the server it's talking to is who it says it is. Those certificates expire and have to renewed regularly. – Roy H Apr 19 '20 at 21:19
  • Since this library has been archived, no one is going to bother updating the certificate. Which means that any devices pulling software from there cannot properly verify that the server is who it says it is. If a bad actor somehow hijacks the server and the certificate, you might end up with malicious software on your device. Use are your own risk. Make sure you change the date back after you are done. – Roy H Apr 19 '20 at 21:30
  • Still working in 2021. Thanks alot!! – Hugo H Oct 06 '21 at 07:52