[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-cvs] [479] More information
|
From: |
bob |
|
Subject: |
[Savannah-cvs] [479] More information |
|
Date: |
Mon, 11 Jul 2022 14:46:17 -0400 (EDT) |
Revision: 479
http://svn.savannah.gnu.org/viewvc/?view=rev&root=administration&revision=479
Author: rwp
Date: 2022-07-11 14:46:16 -0400 (Mon, 11 Jul 2022)
Log Message:
-----------
More information
Alternate upgrade instructions.
When things don't go perfectly.
Deprecated sshd options.
Modified Paths:
--------------
trunk/sviki/BobsGuideToSystemUpgrades.mdwn
Modified: trunk/sviki/BobsGuideToSystemUpgrades.mdwn
===================================================================
--- trunk/sviki/BobsGuideToSystemUpgrades.mdwn 2022-07-11 18:35:04 UTC (rev
478)
+++ trunk/sviki/BobsGuideToSystemUpgrades.mdwn 2022-07-11 18:46:16 UTC (rev
479)
@@ -854,6 +854,14 @@
any specific upgrade needs. Most often needed for udev and kernel
related upgrades.
+At this point it is possible to run Ubuntu's `do-release-upgrade`
+command and perform an interactive upgrade. That is what the upstream
+documentation will recommend at this point. If you want to do an
+interactive upgrade then this is an okay thing to do. However I don't
+do this myself because it will run for unpredictable length of time
+grinding through the upgrade and then will stop at unpredictable times
+to ask an interactive question. This cycle will repeat many times.
+
I prefer to upgrade as non-interactively as possible. Batchmode.
Then react to things needing interactive action afterward. These are
the commands. I will repeat the env variables again to reinforce
@@ -896,6 +904,46 @@
to review and confirm the action. But honestly in my own scripts I
keep the -y yes option there and barge forward.
+When Things Don't Go Perfectly
+------------------------------
+
+Unfortunately sometimes there are errors. These are always package
+bugs. But they happen just the same. In the upgrade from Trisqual 9
+to 10 I experienced an abort. Usually the best thing is to get as
+much of the collection configured as possible. Which simply means
+restarting the configuration step.
+
+ export DEBIAN_FRONTEND=noninteractive DEBCONF_ADMIN_EMAIL=""
UCF_FORCE_CONFFNEW=1 UCF_FORCE_CONFFMISS=1
+ dpkg --force-confnew --force-confmiss --configure -a
+
+If an error in a postinst script causes dpkg to abort the installation
+then this command will restart dpkg configuring all unconfigured
+packages, with the same options as before to select the package
+maintainer's version of conffiles and install missing conffiles. Very
+often the bug that aborted the upgrade won't be seen on a retry. This
+is often due to a missing dependencies where a package depends upon
+another package, does not state it, and the dependency does not happen
+to be ready when it is needed. In the next retry it might be
+available due to having unpacked and configured more packages before
+getting to it again. Seeing an error on cryptsetup I restarted and
+did not see that error again therefore it was one of those types.
+
+Example. I have seen fail2ban have problems during the upgrade. It
+is possible that it will take "forever" to perform some command. I am
+sure that if there were visibility into what it is doing that it would
+make sense that it is doing some exponential time something. But that
+is not an uncommon package that will get stuck, will need to be
+interrupted, will need to be forcibly dragged kicking and screaming
+through the upgrade. Perhaps by removing it (not purging, keep the
+config files), completing the upgrade without it, then installing it
+again.
+
+Also the `/var/lib/fail2ban/fail2ban.sqlite3` file has been a problem.
+It has become gigabytes in size with seemingly nothing reducing the
+size of it. Purging fail2ban, removing that file, re-installing
+fail2ban, verifying the new configuration, is sometimes needed at
+major OS upgrade.
+
Post Upgrade Clean-Up
---------------------
@@ -929,6 +977,17 @@
so critical now as it was for at least one release. In any case there
likely will be other configuration needed to be merged.
+Examine the syslog for sshd messages. Over time this command has
+changed supported options. Here is an example where after an upgrade
+the old version of the file contained now deprecated options. The
+merge required removing these from the file.
+
+ Jun 24 17:06:10 frontend1 sshd[32160]: rexec line 16: Deprecated option
UsePrivilegeSeparation
+ Jun 24 17:06:10 frontend1 sshd[32160]: rexec line 19: Deprecated option
KeyRegenerationInterval
+ Jun 24 17:06:10 frontend1 sshd[32160]: rexec line 20: Deprecated option
ServerKeyBits
+ Jun 24 17:06:10 frontend1 sshd[32160]: rexec line 31: Deprecated option
RSAAuthentication
+ Jun 24 17:06:10 frontend1 sshd[32160]: rexec line 38: Deprecated option
RhostsRSAAuthentication
+
A specific item that is needed for the FSF VMs for an upgrade from
Trisquel 9 to Trisquel 10 is this package cryptsetup-initramfs which
needs to be installed.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Savannah-cvs] [479] More information,
bob <=