Certbot-auto broken in debian-based systems?

I have an issue where certbot-auto is not able to install required Python packages.
This last worked 2 days ago without any problems.

I’m running this on server running:

lsb_release -a

No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 9.6 (stretch)
Release: 9.6
Codename: stretch

To obtain certbot-auto, I have been using this:
wget https://dl.eff.org/certbot-auto -O /root/certbot-auto

and now also this:
git clone https://github.com/letsencrypt/letsencrypt

And both of them are resulting same exception while installing python packages.

I ran this:
:~/letsencrypt# ./certbot-auto -v certonly

and It produced this output: (stripped down due too many links in post)
Bootstrapping dependencies for Debian-based OSes… (you can skip this with --no-bootstrap)
------8<------
Reading package lists… Done
Reading package lists… Done
Building dependency tree
Reading state information… Done
augeas-lenses is already the newest version (1.8.0-1+deb9u1).
libaugeas0 is already the newest version (1.8.0-1+deb9u1).
ca-certificates is already the newest version (20161130+nmu1+deb9u1).
gcc is already the newest version (4:6.3.0-4).
libffi-dev is already the newest version (3.2.1-6).
python is already the newest version (2.7.13-2).
python-dev is already the newest version (2.7.13-2).
python-virtualenv is already the newest version (15.1.0+ds-1).
virtualenv is already the newest version (15.1.0+ds-1).
libssl-dev is already the newest version (1.1.0j-1~deb9u1).
openssl is already the newest version (1.1.0j-1~deb9u1).
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Creating virtual environment…
Running virtualenv with interpreter /usr/bin/python2.7
New python executable in /opt/eff.org/certbot/venv/bin/python2.7
Also creating executable in /opt/eff.org/certbot/venv/bin/python
Installing setuptools, pkg_resources, pip, wheel…done.
Installing Python packages…
DEPRECATION: Python 2.7 will reach the end of its life on January 1st, 2020. Please upgrade your Python as Python 2.7 won’t be maintained after that date. A future version of pip will drop support for Python 2.7.
Collecting argparse==1.4.0 (from -r /tmp/tmp.QgFvU09IIy/letsencrypt-auto-requirements.txt (line 11))
Downloading
------8<-----
Collecting certbot-nginx==0.30.0 (from -r /tmp/tmp.QgFvU09IIy/letsencrypt-auto-requirements.txt (line 218))
Downloading https://files.pythonhosted.org/packages/ad/15/7f42f31ba068f837816647135a0704a8c89aad685df160407e92870c0277/certbot_nginx-0.30.0-py2.py3-none-any.whl (90kB)
100% |################################| 92kB 1.4MB/s
Requirement already satisfied: setuptools>=1.0 in /opt/eff.org/certbot/venv/lib/python2.7/site-packages (from josepy==1.1.0->-r /tmp/tmp.QgFvU09IIy/letsencrypt-auto-requirements.txt (line 95)) (40.6.3)
Exception:
Traceback (most recent call last):
_** File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/pip/internal/cli/base_command.py", line 176, in main**
** status = self.run(options, args)**
_** File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/pip/internal/commands/install.py", line 346, in run**
** session=session, autobuilding=True**
_** File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/pip/internal/wheel.py", line 848, in build**
** assert building_is_possible**
AssertionError
Had a problem while installing Python packages.

So I can’t get the certbot-auto working at all.
I have done this hundreds of times, but this is the first time i’m having thkis kind of problems. Any help would be greatly appreciated.

WBR,

Sami

There's an issue with a recent version of one of Certbot's dependencies. See this post:

Yeah, just found it also.
So solution to this is to edit certbot-auto lines 1001 and 1003 and insert --no-download options there.
Thanks!

1 Like

Yes, is the solution:
cambia las líneas 1001 y 1003 así:

  if [ "$VERBOSE" = 1 ]; then
    virtualenv --no-site-packages --no-download --python "$LE_PYTHON" "$VENV_PATH"
  else
    virtualenv --no-site-packages --no-download --python "$LE_PYTHON" "$VENV_PATH" > /dev/null
  fi
1 Like

So just to check, having carried out the change as above and renewed the certificates, will there be any changes required in order for certbot to continue updating in the future (was this a transient issue) or will it simply update (on request) to a version that either does not have this issue or to a version where the issue is not present due to fixes elsewhere?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.