From d642eb3c153b8cfdadac303465638f21abd530e7 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Wed, 12 Mar 2008 15:49:23 +0100
Subject: [PATCH 01/16] Updated list of packages to remove.
---
doc/carnet-upgrade.sgml | 12 +++++-------
1 file changed, 5 insertions(+), 7 deletions(-)
diff --git a/doc/carnet-upgrade.sgml b/doc/carnet-upgrade.sgml
index 0ad238b..49ad168 100644
--- a/doc/carnet-upgrade.sgml
+++ b/doc/carnet-upgrade.sgml
@@ -271,13 +271,11 @@ deb http://ftp.carnet.hr/carnet-debian sarge main non-free
| neku od navedenih aplikacija, iskljucite oznaku |
| pored njenog imena. Sljedece aplikacije bit ce UKLONJENE: |
| +-------------------------------------------------------------+ |
-| | [X] Autoconf | |
-| | [X] Automake | |
-| | [X] Expect | |
-| | [X] GCC | |
-| | [X] GDB | |
-| | [X] Gettext | |
-| | [X] Make-cn | |
+| | [X] gobjc gpc gcj gij chill g77 | |
+| | [X] nessus | |
+| | [X] prelude piwi | |
+| | [X] snort | |
+| | [X] stari CN paketi | |
| +-------------------------------------------------------------+ |
+-----------------------------------------------------------------+
| < OK > |
--
1.7.10.4
From 5aae55b00e9d4d3ee608df184b4253dab7a52783 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Wed, 12 Mar 2008 15:50:05 +0100
Subject: [PATCH 02/16] Added vsftpd upgrade function.
---
src/actions/main.queue | 1 +
src/functions.sh | 11 +++++++++++
2 files changed, 12 insertions(+)
diff --git a/src/actions/main.queue b/src/actions/main.queue
index e2fe134..434219e 100644
--- a/src/actions/main.queue
+++ b/src/actions/main.queue
@@ -29,6 +29,7 @@ pkg dovecot-cn upgrade_dovecot
pkg postfix-cn pkgadd postfix-cn
pkg postgrey pkgrm postgrey # problematican
pkg openldap-aai upgrade_openldap
+true upgrade_vsftpd
true upgrade first # neki paketi moraju rucno
true upgrade second # neke pakete zelimo ranije
true dist_upgrade # instaliraj ostatak
diff --git a/src/functions.sh b/src/functions.sh
index 27c6133..9d35ceb 100644
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -539,6 +539,7 @@ restore_configs () {
do
config_backup=$config.$backup_ext
if [ -e $config -a ! -e $config_backup ]; then
+ log "Saving config file $config"
cp -av $config $config_backup
ucf $config_backup $config
fi
@@ -706,6 +707,16 @@ upgrade_dovecot () {
fi
}
+# vsftpd.postinst tries to start vsftpd so make sure it is not running
+upgrade_vsftpd () {
+ if [ -x /etc/init.d/vsftpd ]; then
+ /etc/init.d/vsftpd stop || true
+ fi
+
+ pkg vsftpd && pkgadd vsftpd
+ pkg vsftpd-cn && pkgadd vsftpd-cn
+}
+
# fix /etc/dpkg/dpkg.cfg
comment_force_overwrite () {
if [ -f /etc/dpkg/dpkg.cfg ]; then
--
1.7.10.4
From 5061fd97fb4bdf21457a223150f737848a7d0a18 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Wed, 12 Mar 2008 15:50:41 +0100
Subject: [PATCH 03/16] Updated service check list. Reduced required /var
space to 50 MB.
---
src/data.sh | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/data.sh b/src/data.sh
index 8846b26..667d983 100644
--- a/src/data.sh
+++ b/src/data.sh
@@ -1,5 +1,5 @@
# Minimum free space on /var after the download, in MB
-min_var_space=250
+min_var_space=50
# Backup extension
backup_ext=cn4-upgrade
@@ -92,11 +92,12 @@ apache-cn www-data /usr/sbin/apache Apache
bind9-cn bind /usr/sbin/named Bind
clamav-cn clamav /usr/bin/freshclam ClamAV update
clamav-cn clamav /usr/sbin/clamd ClamAV
-dcc-client root /usr/sbin/dccifd DCC client
+dcc-client dcc /usr/sbin/dccifd DCC client
dovecot-cn root /usr/sbin/dovecot Dovecot
freeradius-aai freerad /usr/sbin/freeradius FreeRADIUS
mailman-cn list /usr/lib/mailman/bin/mailmanctl Mailman
monit-cn root /usr/sbin/monit Monit
+munin-cn root /usr/sbin/munin-node Munin
mysql-cn mysql /usr/sbin/mysqld MySQL
ntop-cn ntop /usr/sbin/ntop Ntop
ntp-cn ntp /usr/sbin/ntpd NTP
--
1.7.10.4
From 01a53f5ca6a78f1513e508235884b635f3816122 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Wed, 12 Mar 2008 16:02:28 +0100
Subject: [PATCH 04/16] Added apache2 notice to documentation.
---
doc/carnet-upgrade.sgml | 27 +++++++++++++++++++++++++++
src/functions.sh | 2 +-
2 files changed, 28 insertions(+), 1 deletion(-)
diff --git a/doc/carnet-upgrade.sgml b/doc/carnet-upgrade.sgml
index 49ad168..48b487a 100644
--- a/doc/carnet-upgrade.sgml
+++ b/doc/carnet-upgrade.sgml
@@ -216,6 +216,33 @@ deb http://ftp.carnet.hr/carnet-debian sarge main non-free
+ Prije nadogradnje na etch, potrebno je izvršiti
+ prijelaz sa Apache inaÄice 1.3 na Apache 2.0. Ukoliko je na
+ sustavu joÅ¡ uvijek instaliran Apache 1.3 pojavit Äe se
+ poruka:
+
+
++-----------------------------------------------------------------+
+| Nadogradnja CARNet Debian Sarge->Etch |
++-----------------------------------------------------------------+
+| |
+| Prije prelaska na Debian Etch potrebno je napraviti nadogradnju |
+| sa Apache 1.3 na Apache 2.0. |
+| |
+| Pokrenite: |
+| 'apt-get install apache2-cn' |
+| |
+| Nakon toga ponovno pozovite ovu skriptu. |
+| |
+| |
+| |
++-----------------------------------------------------------------+
+| < OK > |
++-----------------------------------------------------------------+
+
+
+
+
U sljedeÄem koraku biti Äe izvrÅ¡ena provjera dali su najvažniji
servisi nadograÄeni na najnovije inaÄice u sarge
distribuciji. Ako neki od instaliranih servisa nije najnovija
diff --git a/src/functions.sh b/src/functions.sh
index 9d35ceb..7c6aab7 100644
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -286,7 +286,7 @@ check_apache_version () {
if pkg apache-cn && ! pkg apache2-cn; then
notice "
-Prije prelaska na Debian Etch potrebno je napraviti nadogradnju sa apache 1.3 na apache 2.0.
+Prije prelaska na Debian Etch potrebno je napraviti nadogradnju sa Apache 1.3 na Apache 2.0.
Pokrenite:
'apt-get install apache2-cn'
--
1.7.10.4
From 5d44c693b1e82ce1b28b615a48931c4b6e59452b Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Mon, 17 Mar 2008 10:55:12 +0100
Subject: [PATCH 05/16] Removed proftpd from service check list. Updated squid
info in service check list.
---
src/data.sh | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/src/data.sh b/src/data.sh
index 667d983..0fce492 100644
--- a/src/data.sh
+++ b/src/data.sh
@@ -108,11 +108,10 @@ ossec-hids-cn ossecm /var/ossec/bin/ossec OSSec
postfix-cn root /usr/lib/postfix/master Postfix
postfix-cn root /usr/sbin/saslauthd SASL authentication
postgresql-cn postgres /usr/lib/postgresql/bin/postmaster PostgreSQL
-proftpd-cn nobody proftpd: [(]accepting connections[)] ProFTPD (mozda se pokrece iz (x)inetd-a)
samba-cn root /usr/sbin/smbd Samba
snort-cn snort /usr/sbin/snort Snort
spamassassin-cn dcc /usr/sbin/dccifd DCC client
-squid-cn proxy /usr/sbin/squid Squid
+squid-cn root /usr/sbin/squid Squid
vsftpd-cn root /usr/sbin/vsftpd VSFTPD
xinetd-cn root /usr/sbin/xinetd xinetd
'
--
1.7.10.4
From 42e59f2c1715cc357d7f6fd0dfcae7e295e07a02 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Mon, 17 Mar 2008 10:55:52 +0100
Subject: [PATCH 06/16] Updated apache2 upgrade function.
---
src/actions/main.queue | 2 +-
src/functions.sh | 46 +++++++++++++++-------------------------------
2 files changed, 16 insertions(+), 32 deletions(-)
diff --git a/src/actions/main.queue b/src/actions/main.queue
index 434219e..5e6aa78 100644
--- a/src/actions/main.queue
+++ b/src/actions/main.queue
@@ -24,7 +24,7 @@ pkg mrtg-cn pkgrm mrtg mrtg-cn # zamjenjeno sa munin
true restore_configs
# konacno, instalacija novih paketa
pkg amavisd-cn upgrade_amavis
-pkg apache-cn upgrade_apache
+pkg apache2-cn upgrade_apache2
pkg dovecot-cn upgrade_dovecot
pkg postfix-cn pkgadd postfix-cn
pkg postgrey pkgrm postgrey # problematican
diff --git a/src/functions.sh b/src/functions.sh
index 7c6aab7..d832d8f 100644
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -594,38 +594,22 @@ upgrade_libc () {
DEBIAN_FRONTEND=noninteractive pkgadd libc6
}
-# upgrade apache -> apache2
-upgrade_apache () {
- local delpkg p
-
- # bugfix for apache2-cn postinst
- mkdir -p /etc/apache2
- touch /etc/apache2/httpd.conf
-
- # temporary remove packages conflicting with apache2
- delpkg=""
- for p in aosi-aai aosi-www-aai \
- php4-cn php4-odbc php4-xslt \
- squirrelmail-cn; do
-
- # remember installed packages
- if pkg $p; then
- delpkg="$delpkg $p"
- fi
+# upgrade apache2 to etch
+upgrade_apache2 () {
+ local package
+
+ for package in \
+ libapache-mod-php4 \
+ libapache2-mod-php4 \
+ php4-cli \
+ php4-cgi \
+ php4-cn \
+ apache2-cn
+ do
+ if pkg $package; then
+ pkgadd $package
+ fi
done
-
- # remove (but not purge) problematic packages
- if [ "$delpkg" ]; then
- eval apt-get --yes remove $delpkg
- fi
-
- # remove old apache
- pkgrm apache apache-common
-
- # install new packages
- eval pkgadd apache2-cn apache2-mpm-prefork \
- php4-cn libapache2-mod-php4 \
- $delpkg
}
upgrade_amavis () {
--
1.7.10.4
From 4b55deacabb8e748e003fef00627408c5f5b25f1 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Thu, 20 Mar 2008 17:33:56 +0100
Subject: [PATCH 07/16] Fixed postgresql upgrade problems (removed due to
dependencies). Fixed php-suhosin-cn problems
(application removal by dist-upgrade). Disabled monit
during upgrade (causing problems in postinst
scripts).
---
src/actions/main.queue | 9 +++++++--
src/data.sh | 8 ++++----
src/functions.sh | 13 ++-----------
3 files changed, 13 insertions(+), 17 deletions(-)
diff --git a/src/actions/main.queue b/src/actions/main.queue
index 5e6aa78..d8c280e 100644
--- a/src/actions/main.queue
+++ b/src/actions/main.queue
@@ -15,13 +15,19 @@ true create_sources_list
true update # apt-get update & download
true check_disk_space
! debconf_priority check debconf_priority set # utisaj debconf
+# postgresql-common/etch zahtjeva da postgresql nije instaliran
+pkg postgresql post_upgrade pkgadd postgresql
+pkg postgresql pkgrm postgresql
true upgrade_libc
true install_keyrings
pkg skey-cn remove_skey
+# mrtg je zamjenjen sa munin
pkg mrtg-cn post_upgrade pkgadd munin-cn
-pkg mrtg-cn pkgrm mrtg mrtg-cn # zamjenjeno sa munin
+pkg mrtg-cn pkgrm mrtg mrtg-cn
# popravi konfiguracije koje stvaraju probleme
true restore_configs
+# monit stvara probleme postinst skriptama
+pkg monit-cn pkgrm monit-cn
# konacno, instalacija novih paketa
pkg amavisd-cn upgrade_amavis
pkg apache2-cn upgrade_apache2
@@ -29,7 +35,6 @@ pkg dovecot-cn upgrade_dovecot
pkg postfix-cn pkgadd postfix-cn
pkg postgrey pkgrm postgrey # problematican
pkg openldap-aai upgrade_openldap
-true upgrade_vsftpd
true upgrade first # neki paketi moraju rucno
true upgrade second # neke pakete zelimo ranije
true dist_upgrade # instaliraj ostatak
diff --git a/src/data.sh b/src/data.sh
index 0fce492..8041512 100644
--- a/src/data.sh
+++ b/src/data.sh
@@ -37,8 +37,9 @@ xinetd-cn 2:2.3.13-1
'
# Packages to forcibly install before installing the rest with dist-upgrade,
-# because dist-upgrade would rather remove them.
+# because dist-upgrade would rather remove or keep them back them.
packages_first='
+libkrb5-17-heimdal postgresql-client unixodbc
'
# Packages that provide crucial services, upgrade them before the rest
@@ -59,15 +60,14 @@ mysql-cn
ntp-cn
oidentd
openldap-aai
-openssh-cn openssh-server
+openssh-cn openssh-server openssh-client ssh
ossec-hids-cn
php4-odbc
php4-xslt
-php5-cn
postfix-cn
spamassassin-cn spamassassin razor dcc-client
squirrelmail-cn squirrelmail
-vsftpd-cn vsftpd
+vsftpd-cn
webalizer-cn
xinetd-cn xinetd
'
diff --git a/src/functions.sh b/src/functions.sh
index d832d8f..d25ca65 100644
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -599,7 +599,6 @@ upgrade_apache2 () {
local package
for package in \
- libapache-mod-php4 \
libapache2-mod-php4 \
php4-cli \
php4-cgi \
@@ -610,6 +609,8 @@ upgrade_apache2 () {
pkgadd $package
fi
done
+
+ pkgrm php-suhosin-cn # causes removal of applications on dist-upgrade
}
upgrade_amavis () {
@@ -691,16 +692,6 @@ upgrade_dovecot () {
fi
}
-# vsftpd.postinst tries to start vsftpd so make sure it is not running
-upgrade_vsftpd () {
- if [ -x /etc/init.d/vsftpd ]; then
- /etc/init.d/vsftpd stop || true
- fi
-
- pkg vsftpd && pkgadd vsftpd
- pkg vsftpd-cn && pkgadd vsftpd-cn
-}
-
# fix /etc/dpkg/dpkg.cfg
comment_force_overwrite () {
if [ -f /etc/dpkg/dpkg.cfg ]; then
--
1.7.10.4
From 76df4be0475a22d848755eda27ce23845df70279 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Tue, 25 Mar 2008 15:21:49 +0100
Subject: [PATCH 08/16] Fix suhosin upgrade problems. Fix postgresql upgrade
problems.
---
src/actions/main.queue | 8 +++-----
src/data.sh | 2 +-
src/functions.sh | 32 ++++++++++++++++++++++++++++----
src/scripts/check_services | 10 +++++++++-
4 files changed, 41 insertions(+), 11 deletions(-)
diff --git a/src/actions/main.queue b/src/actions/main.queue
index d8c280e..4fb017d 100644
--- a/src/actions/main.queue
+++ b/src/actions/main.queue
@@ -16,14 +16,12 @@ true update # apt-get update & download
true check_disk_space
! debconf_priority check debconf_priority set # utisaj debconf
# postgresql-common/etch zahtjeva da postgresql nije instaliran
-pkg postgresql post_upgrade pkgadd postgresql
-pkg postgresql pkgrm postgresql
true upgrade_libc
true install_keyrings
pkg skey-cn remove_skey
# mrtg je zamjenjen sa munin
pkg mrtg-cn post_upgrade pkgadd munin-cn
-pkg mrtg-cn pkgrm mrtg mrtg-cn
+pkg mrtg-cn pkgrm mrtg-cn
# popravi konfiguracije koje stvaraju probleme
true restore_configs
# monit stvara probleme postinst skriptama
@@ -32,9 +30,9 @@ pkg monit-cn pkgrm monit-cn
pkg amavisd-cn upgrade_amavis
pkg apache2-cn upgrade_apache2
pkg dovecot-cn upgrade_dovecot
-pkg postfix-cn pkgadd postfix-cn
-pkg postgrey pkgrm postgrey # problematican
+pkg postfix-cn upgrade_postfix
pkg openldap-aai upgrade_openldap
+true upgrade_postgresql
true upgrade first # neki paketi moraju rucno
true upgrade second # neke pakete zelimo ranije
true dist_upgrade # instaliraj ostatak
diff --git a/src/data.sh b/src/data.sh
index 8041512..d4ccb20 100644
--- a/src/data.sh
+++ b/src/data.sh
@@ -107,7 +107,7 @@ openssh-cn root /usr/sbin/sshd OpenSSH
ossec-hids-cn ossecm /var/ossec/bin/ossec OSSec
postfix-cn root /usr/lib/postfix/master Postfix
postfix-cn root /usr/sbin/saslauthd SASL authentication
-postgresql-cn postgres /usr/lib/postgresql/bin/postmaster PostgreSQL
+postgresql postgres /usr/lib/postgresql/bin/postmaster PostgreSQL
samba-cn root /usr/sbin/smbd Samba
snort-cn snort /usr/sbin/snort Snort
spamassassin-cn dcc /usr/sbin/dccifd DCC client
diff --git a/src/functions.sh b/src/functions.sh
index d25ca65..ddcb7e0 100644
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -596,21 +596,29 @@ upgrade_libc () {
# upgrade apache2 to etch
upgrade_apache2 () {
- local package
+ local package packages
+
+ # php-suhosin-cn causes removal of applications on dist-upgrade
+ # because of php5 only dependencies
+ pkgrm php-suhosin-cn
for package in \
libapache2-mod-php4 \
php4-cli \
php4-cgi \
php4-cn \
- apache2-cn
+ apache2-cn \
+ php4-odbc \
+ php4-suhosin
do
if pkg $package; then
- pkgadd $package
+ packages="$packages $package"
fi
done
- pkgrm php-suhosin-cn # causes removal of applications on dist-upgrade
+ for package in $packages; do
+ pkgadd $package
+ done
}
upgrade_amavis () {
@@ -649,6 +657,22 @@ upgrade_openldap () {
dpkg --configure -a # try postinst again
}
+# fix postgresql deinstallation during upgrade
+upgrade_postgresql () {
+ if check_services show 2>&1 | grep -qw postgresql; then
+ pkgadd postgresql || apt-get -f install
+ fi
+}
+
+# upgrade the MTA
+upgrade_postfix () {
+ pkgadd postfix-cn
+
+ if pkg postgrey; then
+ pkgrm postgrey # not used by postfix-cn anymore
+ fi
+}
+
get_variable () {
local name=$1 file=$2 val
diff --git a/src/scripts/check_services b/src/scripts/check_services
index c097493..3c33c6b 100755
--- a/src/scripts/check_services
+++ b/src/scripts/check_services
@@ -87,6 +87,12 @@ cs_check () {
fi
}
+# prikazi sto je zapisano u debconf
+cs_show () {
+ db_get carnet-upgrade/check-services || true
+ echo "$RET"
+}
+
case "$1" in
preupgrade) cs_preupgrade
;;
@@ -94,7 +100,9 @@ postupgrade) cs_postupgrade
;;
check) cs_check
;;
-*) echo "Usage: $0 (preupgrade|postupgrade|check)"
+show) cs_show
+ ;;
+*) echo "Usage: $0 (preupgrade|postupgrade|check|show)"
exit 1
;;
esac
--
1.7.10.4
From 8df3f4691e6afecdb181c0a0734d95305926a8a9 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Tue, 25 Mar 2008 15:33:10 +0100
Subject: [PATCH 09/16] Fixed postgresql daemon location.
---
src/data.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/data.sh b/src/data.sh
index d4ccb20..b771acb 100644
--- a/src/data.sh
+++ b/src/data.sh
@@ -107,7 +107,7 @@ openssh-cn root /usr/sbin/sshd OpenSSH
ossec-hids-cn ossecm /var/ossec/bin/ossec OSSec
postfix-cn root /usr/lib/postfix/master Postfix
postfix-cn root /usr/sbin/saslauthd SASL authentication
-postgresql postgres /usr/lib/postgresql/bin/postmaster PostgreSQL
+postgresql postgres /usr/lib/postgresql/7.4/bin/postmaster PostgreSQL
samba-cn root /usr/sbin/smbd Samba
snort-cn snort /usr/sbin/snort Snort
spamassassin-cn dcc /usr/sbin/dccifd DCC client
--
1.7.10.4
From 9cca6edc89d02bb8820c4cb1b65707c38dab8758 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Tue, 25 Mar 2008 17:20:21 +0100
Subject: [PATCH 10/16] Fix for slapd postinst failure.
---
src/functions.sh | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/src/functions.sh b/src/functions.sh
index ddcb7e0..46bb6f6 100644
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -650,7 +650,10 @@ upgrade_amavis () {
# fix openldap-aai postinst user handling
upgrade_openldap () {
- #pkgrm openldap-cn # deprecated
+ # slapd postinst fails if this is false
+ echo 'slapd slapd/move_old_database boolean true' | debconf-set-selections
+
+ # workaround for race condition in openldap-aai postinst
apt-get -y$s install openldap-aai || true # postinst fails
chown -R openldap:openldap /var/lib/ldap # fix slapd
/etc/init.d/slapd restart
--
1.7.10.4
From 6e411345cb8c762cc69ce4ad202344ece984c9d4 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Wed, 26 Mar 2008 16:31:36 +0100
Subject: [PATCH 11/16] Fixes for openldap and postgresql upgrade problems.
---
src/functions.sh | 20 +++++++++++++-------
1 file changed, 13 insertions(+), 7 deletions(-)
diff --git a/src/functions.sh b/src/functions.sh
index 46bb6f6..2b6d3a0 100644
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -650,20 +650,26 @@ upgrade_amavis () {
# fix openldap-aai postinst user handling
upgrade_openldap () {
- # slapd postinst fails if this is false
+ pkg openldap-aai lt 2.3 || return 0
+
+ # slapd postinst fails if move_old_database is false
echo 'slapd slapd/move_old_database boolean true' | debconf-set-selections
+ pkgadd slapd
+
+ # openldap-aai postinst fails here because of database permissions
+ if ! apt-get -y install openldap-aai; then
+ chown -R openldap:openldap /var/lib/ldap # fix slapd
+ /etc/init.d/slapd restart
- # workaround for race condition in openldap-aai postinst
- apt-get -y$s install openldap-aai || true # postinst fails
- chown -R openldap:openldap /var/lib/ldap # fix slapd
- /etc/init.d/slapd restart
- dpkg --configure -a # try postinst again
+ # try openldap-aai postinst again (also re-enables slurpd)
+ dpkg --configure -a
+ fi
}
# fix postgresql deinstallation during upgrade
upgrade_postgresql () {
if check_services show 2>&1 | grep -qw postgresql; then
- pkgadd postgresql || apt-get -f install
+ pkgadd postgresql
fi
}
--
1.7.10.4
From 644358dc5f855d3829ba97d23a3c4d556f0b304d Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Thu, 27 Mar 2008 17:12:36 +0100
Subject: [PATCH 12/16] Reverted postgresql upgrade function. Fixed parameter
word splitting. Fixed removal of apt-listchanges.
Minor documentation update.
---
doc/carnet-upgrade.sgml | 13 ++++++-------
src/cn-upgrade | 2 +-
src/data.sh | 4 ++--
src/functions.sh | 17 ++++++++++-------
4 files changed, 19 insertions(+), 17 deletions(-)
diff --git a/doc/carnet-upgrade.sgml b/doc/carnet-upgrade.sgml
index 48b487a..082e37d 100644
--- a/doc/carnet-upgrade.sgml
+++ b/doc/carnet-upgrade.sgml
@@ -230,12 +230,11 @@ deb http://ftp.carnet.hr/carnet-debian sarge main non-free
| sa Apache 1.3 na Apache 2.0. |
| |
| Pokrenite: |
-| 'apt-get install apache2-cn' |
+| # apt-get update |
+| # apt-get install apache2-cn |
| |
| Nakon toga ponovno pozovite ovu skriptu. |
| |
-| |
-| |
+-----------------------------------------------------------------+
| < OK > |
+-----------------------------------------------------------------+
@@ -258,14 +257,14 @@ deb http://ftp.carnet.hr/carnet-debian sarge main non-free
| amavisd-cn |
| |
| Pokrenite: |
-| 'apt-get dist-upgrade' |
+| # apt-get update |
+| # apt-get dist-upgrade |
| ili: |
-| 'apt-get install amavisd-cn' |
+| # apt-get update |
+| # apt-get install amavisd-cn |
| |
| Nakon toga ponovno pozovite ovu skriptu. |
| |
-| |
-| |
+-----------------------------------------------------------------+
| < OK > |
+-----------------------------------------------------------------+
diff --git a/src/cn-upgrade b/src/cn-upgrade
index b880f8b..eb473dc 100755
--- a/src/cn-upgrade
+++ b/src/cn-upgrade
@@ -1,4 +1,4 @@
-#!/bin/sh
+#!/bin/bash
# last update: 2005-01-07
# Zoran 'jelly' Dzelajlija
# Ivan 'ico' Rako
diff --git a/src/data.sh b/src/data.sh
index b771acb..916c9bc 100644
--- a/src/data.sh
+++ b/src/data.sh
@@ -39,7 +39,7 @@ xinetd-cn 2:2.3.13-1
# Packages to forcibly install before installing the rest with dist-upgrade,
# because dist-upgrade would rather remove or keep them back them.
packages_first='
-libkrb5-17-heimdal postgresql-client unixodbc
+libkrb5-17-heimdal postgresql-client unixodbc iptables
'
# Packages that provide crucial services, upgrade them before the rest
@@ -79,7 +79,7 @@ gobjc gpc gcj gij chill g77 gcc-2.95-cn gcc-cn gcc-misc-cn gobjc gpc gcj gij ch
nessus libnessus2 nessus-cn
prelude piwi piwi piwi-cn libprelude0 prelude-sensors-cn prelude-manager-cn
snort snort snort-cn snort-central-cn
-stari CN paketi autoconf-cn automake-cn bison-cn bitchx-cn chkrootkit-cn cvs-cn diff-cn elinks-cn expect-cn file-cn flex-cn gawk-cn gdb-cn gettext-cn gnupg-cn grep-cn iptraf-cn jed-cn joe-cn jre-cn less-cn lftp-cn logcheck-cn logrotate-cn lsof-cn ltrace-cn lynx-cn make-cn mutt-cn netcat-cn nmap-cn ntop-cn openssl-cn perl-cn postgresql-cn procmail-cn python-cn screen-cn slrn-cn strace-cn stunnel-cn sudo-cn tcpdump-cn unace-cn vim-cn wget-cn wv-cn ytalk-cn zsh-cn
+stari CN paketi autoconf-cn automake-cn bison-cn bitchx-cn chkrootkit-cn cvs-cn diff-cn elinks-cn expect-cn file-cn flex-cn gawk-cn gdb-cn gettext-cn gnupg-cn grep-cn iptraf-cn jed-cn joe-cn jre-cn less-cn lftp-cn logcheck-cn logrotate-cn lsof-cn ltrace-cn lynx-cn make-cn mutt-cn netcat-cn nmap-cn ntop-cn openssl-cn perl-cn procmail-cn python-cn screen-cn slrn-cn strace-cn stunnel-cn sudo-cn tcpdump-cn unace-cn vim-cn wget-cn wv-cn ytalk-cn zsh-cn
'
# Check if these services are running after upgrade
diff --git a/src/functions.sh b/src/functions.sh
index 2b6d3a0..9c81fc8 100644
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -271,9 +271,11 @@ Prije prelaska na Debian Etch potrebno je napraviti nadogradnju ovih paketa:
$upgrade
Pokrenite:
- 'apt-get dist-upgrade'
+ # apt-get update
+ # apt-get dist-upgrade
ili:
- 'apt-get install${upgrade}'
+ # apt-get update
+ # apt-get install${upgrade}
Nakon toga ponovno pozovite ovu skriptu."
log "carnet-upgrade aborted, upgrade of$upgrade needed."
@@ -289,7 +291,8 @@ check_apache_version () {
Prije prelaska na Debian Etch potrebno je napraviti nadogradnju sa Apache 1.3 na Apache 2.0.
Pokrenite:
- 'apt-get install apache2-cn'
+ # apt-get update
+ # apt-get install apache2-cn
Nakon toga ponovno pozovite ovu skriptu."
log "carnet-upgrade aborted, upgrade to apache2-cn needed."
@@ -310,7 +313,7 @@ upgrade () {
return 1
esac
- for i in $packages
+ for i in $(echo $packages)
do
pkg $i && to_install="$to_install $i"
done
@@ -573,7 +576,7 @@ apt_listchanges () {
# make a silent installation of carnet and srce keyrings
install_keyrings () {
pkgadd carnet-keyring srce-keyring
- pkgadd dpkg apt debconf
+ pkgadd dpkg apt debconf python-apt
dpkg-reconfigure carnet-keyring srce-keyring
update
@@ -616,7 +619,7 @@ upgrade_apache2 () {
fi
done
- for package in $packages; do
+ for package in $(echo $packages); do
pkgadd $package
done
}
@@ -669,7 +672,7 @@ upgrade_openldap () {
# fix postgresql deinstallation during upgrade
upgrade_postgresql () {
if check_services show 2>&1 | grep -qw postgresql; then
- pkgadd postgresql
+ apt-get install -y postgresql || apt-get -yf install
fi
}
--
1.7.10.4
From b31f79b9c72b7e548ed2a1b8e1fc7308fdad19a0 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Fri, 28 Mar 2008 16:23:04 +0100
Subject: [PATCH 13/16] Fixes for ldap -> openldap user switch.
---
src/functions.sh | 31 ++++++++++++++++++++++++-------
1 file changed, 24 insertions(+), 7 deletions(-)
diff --git a/src/functions.sh b/src/functions.sh
index 9c81fc8..33ac260 100644
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -1,4 +1,3 @@
-# last update: 2005-07-03
# Ivan 'ico' Rako
# Zoran 'jelly' Dzelajlija
@@ -655,17 +654,35 @@ upgrade_amavis () {
upgrade_openldap () {
pkg openldap-aai lt 2.3 || return 0
+ # openldap-aai expects org.ldif to exists
+ local ldif=/var/lib/ldap/org.ldif
+ local ldif_backup=/var/lib/carnet-upgrade/org.ldif
+ if [ -f $ldif ]; then
+ cp -v $ldif $ldif_backup
+ fi
+
# slapd postinst fails if move_old_database is false
echo 'slapd slapd/move_old_database boolean true' | debconf-set-selections
pkgadd slapd
- # openldap-aai postinst fails here because of database permissions
- if ! apt-get -y install openldap-aai; then
- chown -R openldap:openldap /var/lib/ldap # fix slapd
- /etc/init.d/slapd restart
+ # slapd removes org.ldif during switch from ldap -> openldap user
+ if [ -f $ldif_backup -a ! -f $ldif ]; then
+ cp -v $ldif_backup $ldif
+ fi
- # try openldap-aai postinst again (also re-enables slurpd)
- dpkg --configure -a
+ # openldap-aai postinst fails here because of database permissions
+ apt-get -y install openldap-aai || true
+ chown -R openldap:openldap /var/lib/ldap
+ /etc/init.d/slapd restart
+ dpkg --configure -a
+
+ # remove ldap user if openldap works
+ if getent passwd ldap > /dev/null && \
+ getent passwd openldap > /dev/null && \
+ pgrep -U openldap slapd > /dev/null
+ then
+ log "userdel ldap (replaced by openldap)"
+ userdel ldap || true
fi
}
--
1.7.10.4
From 2eebaf5e6b78a8b4fce045ca325ab5544fcd32c4 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Sat, 29 Mar 2008 21:16:06 +0100
Subject: [PATCH 14/16] Compress ldap backup.
---
src/functions.sh | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/functions.sh b/src/functions.sh
index 33ac260..62dbbe7 100644
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -373,7 +373,7 @@ add_group_proc () {
# backup ldap database
backup_slapd_db () {
- local ldap_backup=/var/backups/slapcat.$backup_ext
+ local ldap_backup=/var/backups/slapcat.$backup_ext.gz
local old_umask result
if [ ! -f $ldap_backup ]; then
@@ -383,7 +383,7 @@ backup_slapd_db () {
/etc/init.d/slapd stop || true
old_umask=`umask`
umask 0077 # protect the backup file
- slapcat -l $ldap_backup
+ slapcat | gzip --best > $ldap_backup
result=$?
umask $old_umask
/etc/init.d/slapd start || true
--
1.7.10.4
From 7f0bd6edb0cf18c7afe77710e19d70097f169b3b Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Mon, 31 Mar 2008 09:55:01 +0200
Subject: [PATCH 15/16] Try harder to disable monit.
---
src/actions/main.queue | 4 +---
src/functions.sh | 16 ++++++++++++++++
2 files changed, 17 insertions(+), 3 deletions(-)
diff --git a/src/actions/main.queue b/src/actions/main.queue
index 4fb017d..716eb44 100644
--- a/src/actions/main.queue
+++ b/src/actions/main.queue
@@ -15,7 +15,7 @@ true create_sources_list
true update # apt-get update & download
true check_disk_space
! debconf_priority check debconf_priority set # utisaj debconf
-# postgresql-common/etch zahtjeva da postgresql nije instaliran
+pkg monit disable_monit
true upgrade_libc
true install_keyrings
pkg skey-cn remove_skey
@@ -24,8 +24,6 @@ pkg mrtg-cn post_upgrade pkgadd munin-cn
pkg mrtg-cn pkgrm mrtg-cn
# popravi konfiguracije koje stvaraju probleme
true restore_configs
-# monit stvara probleme postinst skriptama
-pkg monit-cn pkgrm monit-cn
# konacno, instalacija novih paketa
pkg amavisd-cn upgrade_amavis
pkg apache2-cn upgrade_apache2
diff --git a/src/functions.sh b/src/functions.sh
index 62dbbe7..b595580 100644
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -591,6 +591,22 @@ remove_skey () {
fi
}
+# monit it causing problems for postinst scripts
+# restarting daemons so try to disable it
+disable_monit () {
+ if pkg monit-cn; then
+ pkgrm monit-cn # disables monit in prerm
+ fi
+
+ # if configured manually
+ if pkg monit; then
+ # remove the binary but leave the config
+ apt-get remove --yes monit
+ # stop the binary
+ pkill -9 monit || true
+ fi
+}
+
# make a silent upgrade to new libc6
upgrade_libc () {
DEBIAN_FRONTEND=noninteractive pkgadd libc6
--
1.7.10.4
From ef77c3319e1d5234b7e0a4974c8401bbf8039ec9 Mon Sep 17 00:00:00 2001
From: Valentin Vidic
Date: Mon, 31 Mar 2008 10:40:55 +0200
Subject: [PATCH 16/16] Let dpkg/admin decide on bind and php.ini config
changes.
---
src/functions.sh | 7 +------
1 file changed, 1 insertion(+), 6 deletions(-)
diff --git a/src/functions.sh b/src/functions.sh
index b595580..1d83c80 100644
--- a/src/functions.sh
+++ b/src/functions.sh
@@ -493,7 +493,6 @@ restore_configs () {
local config_backup
pkg base-files lt 4 && restore_config /etc/issue /etc/issue.net
- pkg bind9 lt 1:9.3.4 && restore_config /etc/bind/named.conf.options
pkg libpam-modules lt 0.79 && restore_config /etc/security/limits.conf
pkg login lt 1:4.0.18.1 && restore_config /etc/pam.d/login
pkg mysql-server lt 5.0.3 && restore_config /etc/init.d/mysql \
@@ -533,11 +532,7 @@ restore_configs () {
# register cn changes in ucf managed files
for config in /etc/apache/modules.conf \
/etc/clamav/clamd.conf \
- /etc/clamav/freshclam.conf \
- /etc/php4/apache2/php.ini \
- /etc/php4/apache/php.ini \
- /etc/php4/cgi/php.ini \
- /etc/php4/cli/php.ini
+ /etc/clamav/freshclam.conf
do
config_backup=$config.$backup_ext
if [ -e $config -a ! -e $config_backup ]; then
--
1.7.10.4