Closes: #2512.
- Newer versions of packages such as tzdata are uploaded to
bookworm-updates (first?). However, unattended-upgrades is not configured to get
package updates from bookworm-updates even though it is configured in
/etc/apt/sources.list. So, manually installation will work but not
unattended-upgrades. Fix this by explicitly allowing bookworm-updates in
FreedomBox configuration modifications for unattended-upgrades.
Tests:
- Start a bookworm VM. tzdata package is at version 2025a-0+deb12u1. Latest
version available in bookworm-updates is 2025b-0+deb12u1. Running
'unattended-upgrades -d' on command line does not upgrade the package with that
patches.
- Apply patches, run 'sudo make build install' and rerun unattended-upgrades.
tzdata package upgrades to latest version.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Fixes an issue where confirming user deletion is not submitting the user
edit form.
Also fixes an issue where the user edit submit button is disabled after user
deletion confirmation is cancelled.
Fixes#2513.
Tests performed:
- Deleting a user works.
- All the users module tests pass.
- After cancelling the user deletion confirmation dialog, the user edit
submit button is clickable.
- On the app pages, submit buttons are disabled when app enabling or disabling
is in progress.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Zoph package depends on libapache2-mod-php. This installed and enables mod-php.
Also the process model for apache is switched to prefork. In FreedomBox, we want
mod-event and php-fpm. So, immediately after installing the package, re-run
apache setup to ensure that PHP related changes are undone.
Tests:
- On Bookworm and Trixie, install zoph. Ensure that 'a2query -m php-8.{2,4}'
show that mod-php is disabled. Also 'a2query -m mpm_event' shows it is enabled
and prefork is disabled. Apache is restarted during installation.
- On Bookworm install without patch and notice that mod-php is installed. Apply
patches and notice that mod-php and mpm_prefork are disabled while mpm_event is
enabled.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Fixes: https://discuss.freedombox.org/t/solved-zoph-uninstall-failure/3431
There is a debconf question being asked about remove the uploaded files while
uninstalling the package. If it is not answered, removal fails. So, answer the
question during installation.
Re-run setup so that answer is set.
Tests:
- In Bookworm and Trixie, install the app, upload an image and uninstall it.
Uninstall is successful and directory /var/lib/zoph does not exist.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2511.
- By adding bind9 to the list of packages to be held during distribution
upgrade.
Tests:
- Install bind app on Bookworm. Check that /etc/bind/named.conf.options has been
updated. Run distribution upgrade to Trixie. Notice that the configuration file
is unchanged. A new .dpkg-dist file is available with the new version of the
configuration. Journal messages show that bind was held during distupgrade and
force upgrade was later run on it.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2509
If the user has changed a configuration file of a package outside of FreedomBox,
the distribution upgrade process could face a configuration file prompt and fail
midway. When using unattended-upgrades, these packages are not a problem as they
would left untouched at an old version and the rest of the system would be
upgraded. In case of distribution upgrade, these packages could cause the
distribution upgrade to fail and leave the system in an unusable state. Rather
than halt distribution upgrade midway due to a configuration file prompt, it is
better to overwrite with the new configuration. Backup copy of the old
configuration will be available to the user to later merge with the new
configuration.
For packages managed by FreedomBox, packages with configuration file prompt will
be held back during upgrade and later carefully upgraded with merge. These
package are not subject to --force-confnew option.
Tests:
- Install GNOME and edit the configuration file
/etc/fwupd/remotes.d/lvfs-testing.conf. Upgrade to Trixie. Distribution upgrade
was successful. Notice that the configuration file was force upgraded. Log shows
that new configuration file was installed as requested. Running 'apt -f install'
shows that there are not apt fixes pending.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2507.
In Bookworm, /usr/lib/GNUStep/SOGo/WebServerResources is a symlink to
/usr/share/GNUStep/SOGo/WebServerResources. On Trixie, the directory
/usr/lib/GNUStep does not exist. In both cases,
/usr/share/GNUStep/SOGo/WebServerResources is where the actual resources are.
Update apache configuration to use /usr/share instead of /usr/lib/.
Tests:
- On Bookworm and Trixie, install sogo and ensure that the web UI is working.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Benedek Nagy <contact@nbenedek.me>
Closes: #2505
Tests:
- Install app on Bookworm. Web interface works. 'Special pages' page shows
'rename user' page. That page loads.
- Dist-upgrade to Trixie. Database upgrade is performed by FreedomBox service
soon after the distribution upgrade. App still works. 'Special pages' page shows
'rename user' page. That page loads.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2498.
- Now, as soon as service starts, it will perform force upgrade operations and
post-installation app setup operations. So, it is no loner necessary to wait for
10 minutes and trigger the one of the operations with 'apt-get update'.
- In addition, the post-installation operations are triggered more explicitly
and sooner.
Tests:
- Install MediaWiki on Bookworm. Run distribution upgrade to Trixie and it
works. Log shows that post install operations were performed and mediawiki setup
was rerun.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
samba-ad-dc package depends on winbind, which breaks FreedomBox LDAP PAM
configuration. In Debian Trixie, AD server package is required by samba
package, but is not required to run Samba file server. See also Debian
bug report 1099755.
Relates to #2498.
Tests performed:
- In Debian Bookworm, install samba, do dist-upgrade, check that
samba-ad-dc and winbind packages are not insalled and adding new user
works.
- In Debian Trixie, uninstalling and installing samba app works and
after this, adding new user works.
Signed-off-by: Veiko Aasa <veiko17@disroot.org>
- Instead of an arbitrary time decided by when FreedomBox service as started.
Tests:
- Add a log message before return statement. Set the system clock to 02:00 and
start service in debug mode. Wait for 3 minutes. The timer is triggered but
nothings happens.
- Set the system clock to 06:10 and start service in debug mode. Wait for 3
minutes and a distribution upgrade check is performed and a message is printed.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Show a notification 60 days, 30 days, 1 week, and 1 day before distribution
upgrade. If a notification is dismissed for any of these periods don't show
again until new period starts. Override any previous notification.
- Show a notification just before the distribution upgrade showing that the
process has started. Override any previous notification.
- Show a notification after the distribution upgrade is completed that it is
done. Override any previous notification. Keep this until it is 60 days before
next distribution upgrade. If user dismisses the notification, don't show it
again.
Tests:
- Start a bookworm VM.
- Disable the auto updates. Set the date to 2025-08-01. Start the service.
Notification is not shown when distribution check is done. Enable auto updates.
- Set the date to 2025-07-01. Start the service. No notification is shown after
distribution upgrade check is run.
- Set the date to 2025-08-01. Start the service. Notification is shown when
distribution check is done. Clicking on the 'Go to Distribution Update' takes to
distribution update page.
- Set the date to 2025-08-02. Start the service. Notification is not updated
when distribution check is done. Dismiss the notification.
- Set the date to 2025-08-03. Start the service. Notification is not shown when
distribution check is done.
- Set the date to 2025-08-22. Start the service. Notification is shown when
distribution check is done. Dismiss the notification.
- Set the date to 2025-08-23. Start the service. Notification is not shown when
distribution check is done.
- Set the date to 2025-09-15. Start the service. Notification is shown when
distribution check is done.
- Set the date to 2025-09-18 18:00. Start the service. Notification is shown
when distribution check is done.
- Set the date to 2025-09-19 18:00. Start the service. Notification is shown
that distribution update has started. Distribution upgrade has started. Dismiss
this notification. Upgrade does not succeed to due timestamp miss matches with
release file.
- Once the distribution upgrade has started. Start the service. Notification is
not shown when distribution check is done.
- Rollback to a snapshot before distribution upgrade. Start the distribution
upgrade manually and notice that notification is not shown when distribution
check is done.
- Once the distribution upgrade has completed, start the service. Notification
is shown the distribution upgrade has completed when distribution check is done.
Dismiss this notification.
- Restart the service. Notification is not shown when distribution check is
done.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- This is important because only if all the command succeed, the changes to
/etc/apt/sources.list file are committed.
Tests:
- Set the time to 2025-09-20. Distribution updates are triggered. 'apt update'
fails due an mismatch with release file's timestamp. Instead of proceeding, the
distribution upgrade is halted.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- This will help identify these snapshots more easily in case a revert it
needed.
Tests:
- Start a distribution upgrade. Notice that the snapshot taken has special
description that it was taken before a distribution upgrade.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Refer to the manual and mention that users can keep their distribution for 5
years before upgrade.
Tests:
- Proofread, links work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2090
- Create a new page for distribution upgrade.
- If distribution upgrade is running show its status here without any other UI.
- Show various conditions for not allowing distribution upgrades.
- Automatic updates disabled
- Distribution updates disabled
- Not enough free space.
- Unknown or mixed distribution in sources.list.
- If distribution upgrade was interrupted, show that information here and allow
triggering distribution upgrade again. This is detected by noticing that
codename in base-files is higher than one detected in sources.list.
- If the user is not testing/unstable, show a message and don't allow
triggering.
- If next stable has not been released, don't auto-upgrade but allow manual
upgrade. Show special warnings.
- If next stable has been released but only recently, don't auto-upgrade but
allow manual upgrade.
- If next stable has been released and it has been 30 days, allow auto-upgrade
and manual upgrade.
- Seek confirmation before triggering manual upgrade. Provide appropriate
advice.
- Rely on hard-coded list of releases and their release dates instead of
querying the server.
Tests:
- When automatic updates or distribution updates are disabled, an alert message
is shown distribution upgrade page. If both are disabled, both messages show up
in the alert. The start distribution upgrade button is disabled. Clicking on the
button does not work.
- Reducing the available free disk space will cause alert message to show up and
start upgrade button to be disabled.
- When the distribution in /etc/apt/sources.list is mixed or unknown, an alert
message is shown. the start distribution upgrade button is disabled.
- When the distribution in /etc/apt/sources.list is testing or unstable, an
alert message is shown "You are on a rolling release distribution...". the start
distribution upgrade button is disabled. The current distribution is
'None (testing)' or 'None (unstable)'. Next stable distribution is Unknown.
- If get_current_release is hard-coded to return (None, 'trixie'). Then a
message is show in the distribution update page 'A previous run of distribution
update may have been interrupted. Please re-run the distribution update.' A
'Continue Distribution Update' button is shown in warning color. The button
takes to confirm page where the confirm button is shown in blue and is enabled.
- On a bookworm VM, visiting the page shows the message "You are on the latest
stable distribution...". Upgrade button shows in red. Clicking it takes to
confirmation page. The page shows a warning alert and red confirmation button.
- Setting the clock to '2025-08-21' shows the message "A new stable distribution
is available. Your FreedomBox will be update automatically in 4 weeks...".
Upgrade button shows in blue. Clicking it takes to confirmation page. The page
does show warning. The button is in blue.
- Setting the clock to '2025-09-30' shows the message "A new status distribution
is available. Your FreedomBox will be updated automatically soon...". Upgrade
button shows in blue. Clicking it takes to confirmation page. The page does show
warning. The button is in blue.
- Clicking the confirmation button starts the distribution upgrade process. This
distribution upgrade page is shown. The page shows spinner with a message and no
other UI. Page is refreshed every 3 seconds. When the distribution upgrade
process is completed, the page shows the current status.
- Killing the apt-get process during distribution upgrade stop the page refresh.
The page shows that process was interrupted and also continuation. Clicking on
the confirmation button resumes the distribution upgrade process.
- After distribution upgrade, the page shows the current distribution and next
distribution properly. There is not release date for the next distribution. A
message shows: "Next stable distribution is not available yet."
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- 12 hours might genuinely not enough with SD cards, slow download speeds, and
large number of packages (due to apps such as GNOME).
Tests:
- None
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2501
Tests:
- Install radicale app.
- Install a sample package using apt. Trigger will be run and but will
not result in radicale setup rerun.
- Make newer radicale available. This can be done by enabling testing
distribution but setting its priority low. radicale priority from testing will
be set to high. When unattened-upgrades is run, it will trigger the FreedomBox
mechanism and will result in database upgrade.
- After this install a sample package using apt. Trigger will be run but will
not result in radicale setup rerun.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Fixes: #2119
Tests:
- Install mediawiki app.
- Install a sample package using apt. Trigger will be run and but will
not result in Mediawiki setup rerun.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #1447
Find and rerun setup for apps after a dpkg operation is completed.
This is needed in a couple of situations:
1) Some Debian packages don't manage the database used by the package. When
these packages are updated, their database schema is left at an older version
and service might become unavailable. FreedomBox can perform the database schema
upgrade. However, FreedomBox needs to know when a package has been updated so
that database schema can be upgraded.
2) A package is installed but FreedomBox has not modified its configuration.
Newer version of package becomes available with a new configuration file. Since
the original configuration file has not changed at all, the new configuration
file overwrites the old one and unattended-upgrades deals with this case. Now,
say, the configuration file modifies some defaults that FreedomBox expects
things might break. In this case, FreedomBox can apply the require configuration
changes but it needs to notified as soon as the package has been updated.
When apt runs dpkg, after the operation is completed it triggers commands listed
under the configuration 'Dpkg::Post-Invoke'. This in turn calls this class via a
DBus notification. Here, we iterate through all the apps. If an app is currently
installed and interested in rerunning setup after dpkg operations, then its
setup is rerun. Interest is expressed using the 'rerun_setup_on_upgrade' flag on
the Package() component. If all packages of the app have not be upgraded since
the last check, we skip the operation.
Tests:
- When an app is installed from FreedomBox, the trigger is not run.
- When a package is installed from command line with apt, the trigger is run. It
does nothing.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- We have a hook that triggers when 'apt update' is successfully run. This hook
handles the force upgrading mechanism. It's intended purpose is to handle
packages with configuration file prompts that unattended-upgrades does not
touch. 'apt update' is run on behalf of unattended-upgrades every day on a
schedule. This is the primary time the hook is intended to run. However, the
hook also run every time FreedomBox runs 'apt update' before installing an app.
Also no operations are performed, there is a race to see of apt is available for
the operation.
- Avoid these unnecessary runs by setting an environmental variable and by
checking it before running the trigger.
- There is one place where we want to genuinely run the trigger. That is after a
distribution upgrade. Handle this case.
Tests:
- When apt update is run on the command line, the hook is triggered.
- When installing an app, however, the hook is not triggered.
- During a dist-upgrade, the hook is triggered at the end.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Although there are no issues with kiwix like for calibre, it is the right way to
do this.
Tests:
- Without patch, restore the app on testing from a backup on stable machine and
notice that the data folder is owned by nobody:nogroup but files inside are
owned by a kiwix-server-freedombox user and group. This is not ideal.
- With patch, restore again notice that the library is accessible and all the
files are owned by nobody:nogroup.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Fixes: #2500.
systemd 257 has introduced in which DynamicUser= services will use id-mapped
mounts[1] instead of performing chown on the entire data directory. On Debian
stable release, calibre service will contain data folders with a dynamic user
ownership while on testing release, calibre service will contain data folders
with nobody:nogroup ownership.
When a backup from stable release is restored on testing release, the two
directories are merged. The top level directory will be still owned by
nobody:nogroup while the files instead will be owned by dynamic user and group.
In this case, systemd will not recursively update the ownership. Calibre will
fail to access the library files.
The fix is to completely wipe the existing data folder before a restore. When
systemd notices that the directory ownership is not properly it will recursively
change the ownership before starting the service.
Links:
1) https://www.freedesktop.org/software/systemd/man/latest/systemd.exec.html#RuntimeDirectory=
Tests:
- Without patch, restore the app on testing from a backup on stable machine and
notice that the data folder is owned by nobody:nogroup but files inside are
owned by a calibre-server-freedombox user and group. This leads to failure when
accessing the library.
- With patch, restore again notice that the library is accessible and all the
files are owned by nobody:nogroup.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Many times, merging old and new data folders is not ideal and could lead to
unexpected outcomes. Perhaps removing all the backup folders and files before
restore is ideal. However, this patch tries to introduce that approach slowly on
an experimental basis.
Tests:
- Unit tests work.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2503
- FreedomBox is a server that is typically always running. If applications such
as GNOME desktop environment are installed, they could, by default, cause system
to sleep or hibernate after a period of idleness (based on peripheral activity).
To ensure that services are always available over the network, prevent all such
applications from sending the system to sleep/hibernate.
- Other types of sleep such as hybrid sleep and suspend and hibernate are also
automatically disabled by systemd if either suspend or hibernate are disabled.
Tests:
- Without the changes, install GNOME. In gdm login screen or in desktop
environment, after 20 minutes (default) the system goes to sleep.
- Create the file in the patch with the appropriate directory in a production
FreedomBox machine. Run 'systemctl daemon-reload'. After this, running
'systemctl suspend' or 'systemctl hibernate' will return an error that the
operation is not supported. In GDM, the suspend button does not appear. In GNOME
desktop environment after login, the suspend button does not appear. Even after
the 15-20 minute period, the system does not go to sleep.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Helps: #2501
Helps: Debian #1100995
- With radicale's Debian packaging for version 3.5 (trixie) the auth/type
configuration value is no longer set to remote_user by default[1]. FreedomBox's
setup depends on this. So, set this value explicitly including for bookworm.
Links:
1) https://tracker.debian.org/media/packages/r/radicale/changelog-3.5.0-1
Tests:
- Install on bookworm and testing VMs and run functional tests. Web UI works.
- On bookworm VM, install radicale and perform dist-upgrade. Upgrade succeeds.
Radicale is at version 3.5.0-1. The file /etc/radicale/config *does not*
contains auth/type as 'remote_user'. This is because unattended-upgrades has
unexpectedly upgraded radicale and overwrote the configuration file. This is
being investigated separately.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- We are using a private data structure that lead to failure. psutil 7.0 removed
two fields from the partition class. Just update the code to work with 7.0
instead of emulating psutil completely as that is a better test.
- The primary code is unaffected in is_partition_read_only() and
get_filesystem_type() due to not having any changes in the fields we use.
Tests:
- Run unit tests on testing and unstable VMs.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
There are configuration items that users of syncthing can accidentally
set, resulting in the UI becoming unavailable. Previously, if such a
thing happened, the FreedomBox admin would have to ssh into the server and
edit the xml manually or reinstall/restore the app. With this patch, it
is enough to re-run the setup to make the UI accesible again.
- Remove http basic authentication from the settings (gui/user and
gui/password. This is unnecessary as FreedomBox already provides
authentication.
- Make sure these options are properly set:
- 'Use HTTPS for GUI' is off
- 'GUI Listen Address' is 127.0.0.1:8384
- GUI is enabled
There is a forum discussion that inspired these changes:
https://discuss.freedombox.org/t/solved-cant-access-syncthing-administration-panel/2137
Tests done:
- Fresh install: after the setup, confirm the UI is working properly and
the xml is configured with the expected values.
- Make the changes to break the Syncthing UI, then re-run setup. Confirm
the UI is back online.
Signed-off-by: Benedek Nagy <contact@nbenedek.me>
[sunil: Initialize conf_changed variable to prevent failures accessing it]
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
Closes: #2499
[sunil]
- Add a comment about the dependency.
Signed-off-by: Benedek Nagy <contact@nbenedek.me>
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: Sunil Mohan Adapa <sunil@medhas.org>
As reported in discussion forum[1], when clients connected via 'shared' network
connection try to resolve the a static domain name configured in FreedomBox,
they resolve to 127.0.1.1. Since this refers to client's own IP address, they
fail to connect.
In the previous version, this was not a problem because the entry was stored as
<hostname>.<domainname>. To resolve this, store domain names in kvstore instead
of /etc/hosts.
Links:
1)
https://discuss.freedombox.org/t/freedombox-resolves-its-own-external-name-as-127-0-1-1/3660
Tests:
- Adding/removing static domains from Names app works. The order of added
domains is preserved in the stored configuration. When adding a existing domain,
a proper error message is shown.
- Without the patch, configure multiple domains. They show up in /etc/hosts.
Apply the patches and restart the service. Names app setup will run. Entries
from /etc/hosts are removed and will be added to kvstore. The list of domains
shows properly in Names app. After restarting the services, domains are show
properly.
- Without the patch on a version of FreedomBox without support for multiple
static domains, configure a static domain. Switch to latest version FreedomBox
with the patches. Restart the service. Names app setup will run. Entry from
/etc/hosts will be removed and will be added to kvstore. The list of domains
shows properly in Names app. After restarting the services, domains are show
properly.
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2490
Tests:
- Unit tests works.
- On a fresh stable container, enable auto updates. Run 'apt install
mumble-server' and kill the apt process when it is unpacking. After this any apt
install command will ask for running dpkg --configure -a. At this time, run the
Testing dist upgrade. Dist upgrade starts successfully and then shows the
message 'Fixing any broken apt/dpkg states...'. It also shows that packages that
were not setup have been setup. Dist upgrades proceeds after that.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- Save changes to /etc/apt/sources.list as a different file.
- When launching the dist upgrade process via systemd-run, use bind mounting to
ensure that the newly created sources file is treated as the original
/etc/apt/sources.list.
- If the process completes successfully, rename the new file to the original
sources.list. If the process terminates abruptly or machine reboots,
sources.list will remain unchanged. This will also the dist upgrade process to
be restarted (and hopefully continued).
Tests:
- On a fresh stable container, running dist-upgrade succeeds.
- While dist-upgrade is running, /etc/apt/sources.list is unmodified. After the
operation is successfully completed, /etc/apt/sources.list has been updates
successfully. If the operation fails, /etc/apt/sources.list remains unmodified.
- During the run the following are run:
- apt update
- package holds
- debconf selections
- full-upgrade
- autoremove
- unattended-upgrades
- restarting freedombox service
- waiting 10 minutes
- apt update
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- When an action is invoked, it configured to handle console and journal
handlers. Console logger (StreamHandler) flushes after each event. Journal event
is sent immediately after the event. So, we are not losing the immediate flush
advantage by switching to logging framework.
- Since console logging is present (and the output is not captured away), using
journal handler also will double log each event. Remove the journal handler.
Console is where the output of various commands is logged. So, keep that.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
- A service with the same name can't be started again.
- Transient service goes away as soon as the process ends. This is like
automatically removing the flag. This ensures that stale file does not cause an
issue.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
Closes: #2493.
Tests:
- For each of the packages in the list, download the Bookworm version and Trixie
version of the packages. See if the files in /etc/ that were modified were also
files we also modify. If so, keep it in the list. Otherwise, remove it from the
list.
Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org>
Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
