Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error certbot-auto renew Ubuntu Xenial #4776

Closed
elav opened this issue Jun 4, 2017 · 12 comments

Comments

@elav
Copy link

commented Jun 4, 2017

My operating system is (include version):

Ubuntu Xenial

I installed Certbot with (certbot-auto, OS package manager, pip, etc):

certbot-auto

I ran this command and it produced this output:

./certbot-auto renew

Traceback (most recent call last):
  File "/root/.local/share/letsencrypt/bin/letsencrypt", line 7, in <module>
    from certbot.main import main
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/certbot/main.py", line 13, in <module>
    from acme import jose
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/jose/__init__.py", line 37, in <module>
    from acme.jose.interfaces import JSONDeSerializable
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/jose/interfaces.py", line 9, in <module>
    from acme.jose import util
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/jose/util.py", line 4, in <module>
    from cryptography.hazmat.primitives.asymmetric import rsa
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/cryptography/hazmat/primitives/asymmetric/rsa.py", line 14, in <module>
    from cryptography.hazmat.backends.interfaces import RSABackend
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/cryptography/hazmat/backends/__init__.py", line 7, in <module>
    import pkg_resources
  File "/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/pkg_resources/__init__.py", line 36, in <module>
    import plistlib
  File "/usr/lib/python2.7/plistlib.py", line 62, in <module>
    import datetime
ImportError: No module named datetime
@SwartzCr

This comment has been minimized.

Copy link
Contributor

commented Jun 6, 2017

This is bizarre - datetime is in the Python Standard Library, so if you have python you should have datetime.
@bmw or @yan12125 any idea how this could happen?

@yan12125

This comment has been minimized.

Copy link
Collaborator

commented Jun 7, 2017

datetime is provided as a dynamic module in CPython -

$ python2 -c 'import datetime; print(datetime)'
<module 'datetime' from '/usr/lib/python2.7/lib-dynload/datetime.so'>

It's possible that virtualenv messes up sys.path so that /usr/lib/python2.7/ is in sys.path but /usr/lib/python2.7/lib-dynload/ not.

@yan12125

This comment has been minimized.

Copy link
Collaborator

commented Jun 7, 2017

Hmm just tried on a Xenial docker image. datetime is a built-in module on Ubuntu. @elav Have you installed Python from somewhere else?

@elav

This comment has been minimized.

Copy link
Author

commented Jun 7, 2017

@yan12125 Not that I remember. The only thing I did recently was upgrade from Trusty to Xenial, using Canonical's update tool.

@elav

This comment has been minimized.

Copy link
Author

commented Jun 7, 2017

Hmmm. It's curious, inside the root directory I now have these folders, which include python files.

bin
certbot-auto
include
lib
local
path
pip-selfcheck.json
share
venv

@yan12125

This comment has been minimized.

Copy link
Collaborator

commented Jun 7, 2017

Maybe ubuntu's upgrading mechanism does not handle everything well. Let's investigate things deeper. Could you run the following commands as root and paste the output?

source /root/.local/share/letsencrypt/bin/activate
python2 -c 'import sys; print(sys.path)'
deactivate
python2 -c 'import datetime; print(datetime)'

The content of /root/.local/share/letsencrypt/lib/python2.7/site.py may help debugging as well. Could you paste it, too?

@elav

This comment has been minimized.

Copy link
Author

commented Jun 8, 2017

Output:

root@systeminside:# source /root/.local/share/letsencrypt/bin/activate
(letsencrypt)root@systeminside:
# python2 -c 'import sys; print(sys.path)'
['', '/root/.local/share/letsencrypt/lib/python2.7', '/root/.local/share/letsencrypt/lib/python2.7/plat-x86_64-linux-gnu', '/root/.local/share/letsencrypt/lib/python2.7/lib-tk', '/root/.local/share/letsencrypt/lib/python2.7/lib-old', '/root/.local/share/letsencrypt/lib/python2.7/lib-dynload', '/usr/lib/python2.7', '/usr/lib/python2.7/plat-x86_64-linux-gnu', '/usr/lib/python2.7/lib-tk', '/root/.local/share/letsencrypt/local/lib/python2.7/site-packages', '/root/.local/share/letsencrypt/lib/python2.7/site-packages']
(letsencrypt)root@systeminside:# deactivate
root@systeminside:
# python2 -c 'import datetime; print(datetime)'
<module 'datetime' (built-in)>
root@systeminside:~#

and the output of site.py is here: https://pastebin.com/3F3jBiQ0

@elav

This comment has been minimized.

Copy link
Author

commented Jun 8, 2017

Hey guys, I solved the problem. What I did was move the

/root/.local/share/letsencrypt

folder to another directory as a backup. I ran the command again

./certbot-auto renew
and recreated a virtual environment, and renewed the domain without any problem. So, is resolved for me. Thanks

@SwartzCr

This comment has been minimized.

Copy link
Contributor

commented Jun 8, 2017

awesome - glad you got it working. I'm going to close this ticket. Feel free to open new issues if you run into more problems

@Ardakilic

This comment has been minimized.

Copy link

commented Feb 12, 2018

For recent versions, I had to delete|rename the /opt/eff.org/ folder. Using the git version of certbot.

@MrCsabaToth

This comment has been minimized.

Copy link

commented May 11, 2018

Python virtual environment sometimes can mess up when OS package updates upgrade Python. Happened to me multiple times. Last time this was because of a dist upgrade which is completely understandable. I wonder if a command line switch could be developed which would let the runner clear the /opt/eff.org/ and retry automatically if the error output points towards a messed up virtual environment, like the No module named datatime nonsense. This would allow truly fire and forget operation, which is the ultimate goal, while right now I have to baby sit it still if it has any problems.

@bmw

This comment has been minimized.

Copy link
Member

commented May 21, 2018

I'm not sure I want us trying to automatically detect this and recreate the virtual environment when an error occurs, but I'd be OK with a flag that asks certbot-auto to recreate the environment.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
6 participants
You can’t perform that action at this time.