Fixes: #2534.
- Otherwise, if python standard library is updated, needs-restart will determine
that the freedombox-privileged.service needs to be restarted. The service may
have triggered the 'apt-get install' operation that triggered needs-restart in
the first place. That causes the install operation to fail.
Tests:
- Installing Calibre app which also brings in python standard library update
succeeds and freedombox-privileged.service is not restarted during 'apt-get
install' operation.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Joseph Nuthalapati <njoseph@riseup.net>
Closes: #2512.
- Newer versions of packages such as tzdata are uploaded to
bookworm-updates (first?). However, unattended-upgrades is not configured to get
package updates from bookworm-updates even though it is configured in
/etc/apt/sources.list. So, manually installation will work but not
unattended-upgrades. Fix this by explicitly allowing bookworm-updates in
FreedomBox configuration modifications for unattended-upgrades.
Tests:
- Start a bookworm VM. tzdata package is at version 2025a-0+deb12u1. Latest
version available in bookworm-updates is 2025b-0+deb12u1. Running
'unattended-upgrades -d' on command line does not upgrade the package with that
patches.
- Apply patches, run 'sudo make build install' and rerun unattended-upgrades.
tzdata package upgrades to latest version.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #1447
Find and rerun setup for apps after a dpkg operation is completed.
This is needed in a couple of situations:
1) Some Debian packages don't manage the database used by the package. When
these packages are updated, their database schema is left at an older version
and service might become unavailable. FreedomBox can perform the database schema
upgrade. However, FreedomBox needs to know when a package has been updated so
that database schema can be upgraded.
2) A package is installed but FreedomBox has not modified its configuration.
Newer version of package becomes available with a new configuration file. Since
the original configuration file has not changed at all, the new configuration
file overwrites the old one and unattended-upgrades deals with this case. Now,
say, the configuration file modifies some defaults that FreedomBox expects
things might break. In this case, FreedomBox can apply the require configuration
changes but it needs to notified as soon as the package has been updated.
When apt runs dpkg, after the operation is completed it triggers commands listed
under the configuration 'Dpkg::Post-Invoke'. This in turn calls this class via a
DBus notification. Here, we iterate through all the apps. If an app is currently
installed and interested in rerunning setup after dpkg operations, then its
setup is rerun. Interest is expressed using the 'rerun_setup_on_upgrade' flag on
the Package() component. If all packages of the app have not be upgraded since
the last check, we skip the operation.
Tests:
- When an app is installed from FreedomBox, the trigger is not run.
- When a package is installed from command line with apt, the trigger is run. It
does nothing.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- We have a hook that triggers when 'apt update' is successfully run. This hook
handles the force upgrading mechanism. It's intended purpose is to handle
packages with configuration file prompts that unattended-upgrades does not
touch. 'apt update' is run on behalf of unattended-upgrades every day on a
schedule. This is the primary time the hook is intended to run. However, the
hook also run every time FreedomBox runs 'apt update' before installing an app.
Also no operations are performed, there is a race to see of apt is available for
the operation.
- Avoid these unnecessary runs by setting an environmental variable and by
checking it before running the trigger.
- There is one place where we want to genuinely run the trigger. That is after a
distribution upgrade. Handle this case.
Tests:
- When apt update is run on the command line, the hook is triggered.
- When installing an app, however, the hook is not triggered.
- During a dist-upgrade, the hook is triggered at the end.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
In the Debian bookworm-backports repository, the Suite has changed to
"stable-backports". The Codename is the more specific "bookworm-backports".
Tests:
- Build a freedombox package for bookworm-backports with a smaller version
number than the package in bookworm-backports. Install it in bookworm vagrant
box.
- Run a manual update. freedombox is upgraded to the version in
bookworm-backports.
Closes: #2368.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Tests:
- Config files are all symlinks in /etc/
- Running 'apt update' sends a DBus signal to freedombox service
- unattended-upgrade works
- Many service were restart when unattended-upgrade was run
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- This will leave /etc/{plinth,freedombox} empty by default making service more
robust to run across various environments and situations. See systemd's
explanation for more details.
- Use Debian maintainer scripts remove all the existing files in
/etc/plinth/modules-enabled.
- Read from /usr/share/freedombox/modules-enabled then from
/etc/plinth/modules-enabled and finally from /etc/freedombox/modules-enabled.
Later read ones override previously read files. Any file pointing to /dev/null
will mean the module must be ignored.
Tests:
- Clean up /etc/plinth, /etc/freedombox and
/usr/share/freedombox/modules-enabled. Run service and notice that files are
getting loaded from development folder using a debug message.
- Run setup.py and notice that files get installed in
/usr/share/freedombox/modules-enabled/ and in the next run they get loaded from
there.
- Create a override file in /etc/plinth/modules-enabled/transmission and notice
that overriden file gets priority over the one in
/usr/share/freedombox/modules-enabled.
- Link the file /etc/plinth/modules-enabled/transmission to /dev/null and notice
that is not loaded.
- Create another file in /etc/freedombox/modules-enabled/transmission and notice
that it overrides the previous two files.
- All affected modules are loaded.
- Build a new Debian package and ensure that upgrading 23.8 to new version
removes are all configuration files.
- Build developer documentation and test that Tutorial -> Full Code and Tutorial
-> Skeleton sections have been updated with references to
-.../modules-enabled/... paths.
- Install quassel and notice that certificates were copied to /var/lib/quassel
directory. Change domain to another domain and notice that certificates were
copied again to that directory.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Helps #214.
Tests:
- Augeas lens tests passed using augparse.
Signed-off-by: James Valleroy <jvalleroy@mailbox.org>
[sunil: Fix issue with not being able write back with lens]
[sunil: Parse single/multi field values based on man page]
[sunil: Allow creating multi field values by adding \n at the end of the value]
[sunil: Add documentation and make ready for upstream submission]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
This is now the preferred location in Debian. See:
https://lintian.debian.org/tags/systemd-service-in-odd-locationhttps://bugs.debian.org/992465https://bugs.debian.org/987989d70caa69c6https://lists.debian.org/debian-devel/2021/08/msg00275.html
Tests:
- Lintian no longer shows errors:
E: freedombox: systemd-service-in-odd-location lib/.../calibre-server-freedombox.service
- Comparing the old .deb and newly generated .deb with these changes. All the
systemd files show that they are moved from /lib to /usr/lib/systemd.
- After upgrading the deb from older version to a version these changes,
services installed by the package are available (tested after restart with
wordpress and claibre). Services tweaked by the package have the changed
configuration reflected as shown by systemctl show
{service-name}.service (tested after restart with quassel).
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
