From d642eb3c153b8cfdadac303465638f21abd530e7 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Wed, 12 Mar 2008 15:49:23 +0100 Subject: [PATCH 01/16] Updated list of packages to remove. --- doc/carnet-upgrade.sgml | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/doc/carnet-upgrade.sgml b/doc/carnet-upgrade.sgml index 0ad238b..49ad168 100644 --- a/doc/carnet-upgrade.sgml +++ b/doc/carnet-upgrade.sgml @@ -271,13 +271,11 @@ deb http://ftp.carnet.hr/carnet-debian sarge main non-free | neku od navedenih aplikacija, iskljucite oznaku | | pored njenog imena. Sljedece aplikacije bit ce UKLONJENE: | | +-------------------------------------------------------------+ | -| | [X] Autoconf | | -| | [X] Automake | | -| | [X] Expect | | -| | [X] GCC | | -| | [X] GDB | | -| | [X] Gettext | | -| | [X] Make-cn | | +| | [X] gobjc gpc gcj gij chill g77 | | +| | [X] nessus | | +| | [X] prelude piwi | | +| | [X] snort | | +| | [X] stari CN paketi | | | +-------------------------------------------------------------+ | +-----------------------------------------------------------------+ | < OK > | -- 1.7.10.4 From 5aae55b00e9d4d3ee608df184b4253dab7a52783 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Wed, 12 Mar 2008 15:50:05 +0100 Subject: [PATCH 02/16] Added vsftpd upgrade function. --- src/actions/main.queue | 1 + src/functions.sh | 11 +++++++++++ 2 files changed, 12 insertions(+) diff --git a/src/actions/main.queue b/src/actions/main.queue index e2fe134..434219e 100644 --- a/src/actions/main.queue +++ b/src/actions/main.queue @@ -29,6 +29,7 @@ pkg dovecot-cn upgrade_dovecot pkg postfix-cn pkgadd postfix-cn pkg postgrey pkgrm postgrey # problematican pkg openldap-aai upgrade_openldap +true upgrade_vsftpd true upgrade first # neki paketi moraju rucno true upgrade second # neke pakete zelimo ranije true dist_upgrade # instaliraj ostatak diff --git a/src/functions.sh b/src/functions.sh index 27c6133..9d35ceb 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -539,6 +539,7 @@ restore_configs () { do config_backup=$config.$backup_ext if [ -e $config -a ! -e $config_backup ]; then + log "Saving config file $config" cp -av $config $config_backup ucf $config_backup $config fi @@ -706,6 +707,16 @@ upgrade_dovecot () { fi } +# vsftpd.postinst tries to start vsftpd so make sure it is not running +upgrade_vsftpd () { + if [ -x /etc/init.d/vsftpd ]; then + /etc/init.d/vsftpd stop || true + fi + + pkg vsftpd && pkgadd vsftpd + pkg vsftpd-cn && pkgadd vsftpd-cn +} + # fix /etc/dpkg/dpkg.cfg comment_force_overwrite () { if [ -f /etc/dpkg/dpkg.cfg ]; then -- 1.7.10.4 From 5061fd97fb4bdf21457a223150f737848a7d0a18 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Wed, 12 Mar 2008 15:50:41 +0100 Subject: [PATCH 03/16] Updated service check list. Reduced required /var space to 50 MB. --- src/data.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/src/data.sh b/src/data.sh index 8846b26..667d983 100644 --- a/src/data.sh +++ b/src/data.sh @@ -1,5 +1,5 @@ # Minimum free space on /var after the download, in MB -min_var_space=250 +min_var_space=50 # Backup extension backup_ext=cn4-upgrade @@ -92,11 +92,12 @@ apache-cn www-data /usr/sbin/apache Apache bind9-cn bind /usr/sbin/named Bind clamav-cn clamav /usr/bin/freshclam ClamAV update clamav-cn clamav /usr/sbin/clamd ClamAV -dcc-client root /usr/sbin/dccifd DCC client +dcc-client dcc /usr/sbin/dccifd DCC client dovecot-cn root /usr/sbin/dovecot Dovecot freeradius-aai freerad /usr/sbin/freeradius FreeRADIUS mailman-cn list /usr/lib/mailman/bin/mailmanctl Mailman monit-cn root /usr/sbin/monit Monit +munin-cn root /usr/sbin/munin-node Munin mysql-cn mysql /usr/sbin/mysqld MySQL ntop-cn ntop /usr/sbin/ntop Ntop ntp-cn ntp /usr/sbin/ntpd NTP -- 1.7.10.4 From 01a53f5ca6a78f1513e508235884b635f3816122 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Wed, 12 Mar 2008 16:02:28 +0100 Subject: [PATCH 04/16] Added apache2 notice to documentation. --- doc/carnet-upgrade.sgml | 27 +++++++++++++++++++++++++++ src/functions.sh | 2 +- 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/doc/carnet-upgrade.sgml b/doc/carnet-upgrade.sgml index 49ad168..48b487a 100644 --- a/doc/carnet-upgrade.sgml +++ b/doc/carnet-upgrade.sgml @@ -216,6 +216,33 @@ deb http://ftp.carnet.hr/carnet-debian sarge main non-free

+ Prije nadogradnje na etch, potrebno je izvršiti + prijelaz sa Apache inačice 1.3 na Apache 2.0. Ukoliko je na + sustavu još uvijek instaliran Apache 1.3 pojavit će se + poruka: + + ++-----------------------------------------------------------------+ +| Nadogradnja CARNet Debian Sarge->Etch | ++-----------------------------------------------------------------+ +| | +| Prije prelaska na Debian Etch potrebno je napraviti nadogradnju | +| sa Apache 1.3 na Apache 2.0. | +| | +| Pokrenite: | +| 'apt-get install apache2-cn' | +| | +| Nakon toga ponovno pozovite ovu skriptu. | +| | +| | +| | ++-----------------------------------------------------------------+ +| < OK > | ++-----------------------------------------------------------------+ + +

+ +

U sljedećem koraku biti će izvršena provjera dali su najvažniji servisi nadograđeni na najnovije inačice u sarge distribuciji. Ako neki od instaliranih servisa nije najnovija diff --git a/src/functions.sh b/src/functions.sh index 9d35ceb..7c6aab7 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -286,7 +286,7 @@ check_apache_version () { if pkg apache-cn && ! pkg apache2-cn; then notice " -Prije prelaska na Debian Etch potrebno je napraviti nadogradnju sa apache 1.3 na apache 2.0. +Prije prelaska na Debian Etch potrebno je napraviti nadogradnju sa Apache 1.3 na Apache 2.0. Pokrenite: 'apt-get install apache2-cn' -- 1.7.10.4 From 5d44c693b1e82ce1b28b615a48931c4b6e59452b Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Mon, 17 Mar 2008 10:55:12 +0100 Subject: [PATCH 05/16] Removed proftpd from service check list. Updated squid info in service check list. --- src/data.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/data.sh b/src/data.sh index 667d983..0fce492 100644 --- a/src/data.sh +++ b/src/data.sh @@ -108,11 +108,10 @@ ossec-hids-cn ossecm /var/ossec/bin/ossec OSSec postfix-cn root /usr/lib/postfix/master Postfix postfix-cn root /usr/sbin/saslauthd SASL authentication postgresql-cn postgres /usr/lib/postgresql/bin/postmaster PostgreSQL -proftpd-cn nobody proftpd: [(]accepting connections[)] ProFTPD (mozda se pokrece iz (x)inetd-a) samba-cn root /usr/sbin/smbd Samba snort-cn snort /usr/sbin/snort Snort spamassassin-cn dcc /usr/sbin/dccifd DCC client -squid-cn proxy /usr/sbin/squid Squid +squid-cn root /usr/sbin/squid Squid vsftpd-cn root /usr/sbin/vsftpd VSFTPD xinetd-cn root /usr/sbin/xinetd xinetd ' -- 1.7.10.4 From 42e59f2c1715cc357d7f6fd0dfcae7e295e07a02 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Mon, 17 Mar 2008 10:55:52 +0100 Subject: [PATCH 06/16] Updated apache2 upgrade function. --- src/actions/main.queue | 2 +- src/functions.sh | 46 +++++++++++++++------------------------------- 2 files changed, 16 insertions(+), 32 deletions(-) diff --git a/src/actions/main.queue b/src/actions/main.queue index 434219e..5e6aa78 100644 --- a/src/actions/main.queue +++ b/src/actions/main.queue @@ -24,7 +24,7 @@ pkg mrtg-cn pkgrm mrtg mrtg-cn # zamjenjeno sa munin true restore_configs # konacno, instalacija novih paketa pkg amavisd-cn upgrade_amavis -pkg apache-cn upgrade_apache +pkg apache2-cn upgrade_apache2 pkg dovecot-cn upgrade_dovecot pkg postfix-cn pkgadd postfix-cn pkg postgrey pkgrm postgrey # problematican diff --git a/src/functions.sh b/src/functions.sh index 7c6aab7..d832d8f 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -594,38 +594,22 @@ upgrade_libc () { DEBIAN_FRONTEND=noninteractive pkgadd libc6 } -# upgrade apache -> apache2 -upgrade_apache () { - local delpkg p - - # bugfix for apache2-cn postinst - mkdir -p /etc/apache2 - touch /etc/apache2/httpd.conf - - # temporary remove packages conflicting with apache2 - delpkg="" - for p in aosi-aai aosi-www-aai \ - php4-cn php4-odbc php4-xslt \ - squirrelmail-cn; do - - # remember installed packages - if pkg $p; then - delpkg="$delpkg $p" - fi +# upgrade apache2 to etch +upgrade_apache2 () { + local package + + for package in \ + libapache-mod-php4 \ + libapache2-mod-php4 \ + php4-cli \ + php4-cgi \ + php4-cn \ + apache2-cn + do + if pkg $package; then + pkgadd $package + fi done - - # remove (but not purge) problematic packages - if [ "$delpkg" ]; then - eval apt-get --yes remove $delpkg - fi - - # remove old apache - pkgrm apache apache-common - - # install new packages - eval pkgadd apache2-cn apache2-mpm-prefork \ - php4-cn libapache2-mod-php4 \ - $delpkg } upgrade_amavis () { -- 1.7.10.4 From 4b55deacabb8e748e003fef00627408c5f5b25f1 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Thu, 20 Mar 2008 17:33:56 +0100 Subject: [PATCH 07/16] Fixed postgresql upgrade problems (removed due to dependencies). Fixed php-suhosin-cn problems (application removal by dist-upgrade). Disabled monit during upgrade (causing problems in postinst scripts). --- src/actions/main.queue | 9 +++++++-- src/data.sh | 8 ++++---- src/functions.sh | 13 ++----------- 3 files changed, 13 insertions(+), 17 deletions(-) diff --git a/src/actions/main.queue b/src/actions/main.queue index 5e6aa78..d8c280e 100644 --- a/src/actions/main.queue +++ b/src/actions/main.queue @@ -15,13 +15,19 @@ true create_sources_list true update # apt-get update & download true check_disk_space ! debconf_priority check debconf_priority set # utisaj debconf +# postgresql-common/etch zahtjeva da postgresql nije instaliran +pkg postgresql post_upgrade pkgadd postgresql +pkg postgresql pkgrm postgresql true upgrade_libc true install_keyrings pkg skey-cn remove_skey +# mrtg je zamjenjen sa munin pkg mrtg-cn post_upgrade pkgadd munin-cn -pkg mrtg-cn pkgrm mrtg mrtg-cn # zamjenjeno sa munin +pkg mrtg-cn pkgrm mrtg mrtg-cn # popravi konfiguracije koje stvaraju probleme true restore_configs +# monit stvara probleme postinst skriptama +pkg monit-cn pkgrm monit-cn # konacno, instalacija novih paketa pkg amavisd-cn upgrade_amavis pkg apache2-cn upgrade_apache2 @@ -29,7 +35,6 @@ pkg dovecot-cn upgrade_dovecot pkg postfix-cn pkgadd postfix-cn pkg postgrey pkgrm postgrey # problematican pkg openldap-aai upgrade_openldap -true upgrade_vsftpd true upgrade first # neki paketi moraju rucno true upgrade second # neke pakete zelimo ranije true dist_upgrade # instaliraj ostatak diff --git a/src/data.sh b/src/data.sh index 0fce492..8041512 100644 --- a/src/data.sh +++ b/src/data.sh @@ -37,8 +37,9 @@ xinetd-cn 2:2.3.13-1 ' # Packages to forcibly install before installing the rest with dist-upgrade, -# because dist-upgrade would rather remove them. +# because dist-upgrade would rather remove or keep them back them. packages_first=' +libkrb5-17-heimdal postgresql-client unixodbc ' # Packages that provide crucial services, upgrade them before the rest @@ -59,15 +60,14 @@ mysql-cn ntp-cn oidentd openldap-aai -openssh-cn openssh-server +openssh-cn openssh-server openssh-client ssh ossec-hids-cn php4-odbc php4-xslt -php5-cn postfix-cn spamassassin-cn spamassassin razor dcc-client squirrelmail-cn squirrelmail -vsftpd-cn vsftpd +vsftpd-cn webalizer-cn xinetd-cn xinetd ' diff --git a/src/functions.sh b/src/functions.sh index d832d8f..d25ca65 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -599,7 +599,6 @@ upgrade_apache2 () { local package for package in \ - libapache-mod-php4 \ libapache2-mod-php4 \ php4-cli \ php4-cgi \ @@ -610,6 +609,8 @@ upgrade_apache2 () { pkgadd $package fi done + + pkgrm php-suhosin-cn # causes removal of applications on dist-upgrade } upgrade_amavis () { @@ -691,16 +692,6 @@ upgrade_dovecot () { fi } -# vsftpd.postinst tries to start vsftpd so make sure it is not running -upgrade_vsftpd () { - if [ -x /etc/init.d/vsftpd ]; then - /etc/init.d/vsftpd stop || true - fi - - pkg vsftpd && pkgadd vsftpd - pkg vsftpd-cn && pkgadd vsftpd-cn -} - # fix /etc/dpkg/dpkg.cfg comment_force_overwrite () { if [ -f /etc/dpkg/dpkg.cfg ]; then -- 1.7.10.4 From 76df4be0475a22d848755eda27ce23845df70279 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Tue, 25 Mar 2008 15:21:49 +0100 Subject: [PATCH 08/16] Fix suhosin upgrade problems. Fix postgresql upgrade problems. --- src/actions/main.queue | 8 +++----- src/data.sh | 2 +- src/functions.sh | 32 ++++++++++++++++++++++++++++---- src/scripts/check_services | 10 +++++++++- 4 files changed, 41 insertions(+), 11 deletions(-) diff --git a/src/actions/main.queue b/src/actions/main.queue index d8c280e..4fb017d 100644 --- a/src/actions/main.queue +++ b/src/actions/main.queue @@ -16,14 +16,12 @@ true update # apt-get update & download true check_disk_space ! debconf_priority check debconf_priority set # utisaj debconf # postgresql-common/etch zahtjeva da postgresql nije instaliran -pkg postgresql post_upgrade pkgadd postgresql -pkg postgresql pkgrm postgresql true upgrade_libc true install_keyrings pkg skey-cn remove_skey # mrtg je zamjenjen sa munin pkg mrtg-cn post_upgrade pkgadd munin-cn -pkg mrtg-cn pkgrm mrtg mrtg-cn +pkg mrtg-cn pkgrm mrtg-cn # popravi konfiguracije koje stvaraju probleme true restore_configs # monit stvara probleme postinst skriptama @@ -32,9 +30,9 @@ pkg monit-cn pkgrm monit-cn pkg amavisd-cn upgrade_amavis pkg apache2-cn upgrade_apache2 pkg dovecot-cn upgrade_dovecot -pkg postfix-cn pkgadd postfix-cn -pkg postgrey pkgrm postgrey # problematican +pkg postfix-cn upgrade_postfix pkg openldap-aai upgrade_openldap +true upgrade_postgresql true upgrade first # neki paketi moraju rucno true upgrade second # neke pakete zelimo ranije true dist_upgrade # instaliraj ostatak diff --git a/src/data.sh b/src/data.sh index 8041512..d4ccb20 100644 --- a/src/data.sh +++ b/src/data.sh @@ -107,7 +107,7 @@ openssh-cn root /usr/sbin/sshd OpenSSH ossec-hids-cn ossecm /var/ossec/bin/ossec OSSec postfix-cn root /usr/lib/postfix/master Postfix postfix-cn root /usr/sbin/saslauthd SASL authentication -postgresql-cn postgres /usr/lib/postgresql/bin/postmaster PostgreSQL +postgresql postgres /usr/lib/postgresql/bin/postmaster PostgreSQL samba-cn root /usr/sbin/smbd Samba snort-cn snort /usr/sbin/snort Snort spamassassin-cn dcc /usr/sbin/dccifd DCC client diff --git a/src/functions.sh b/src/functions.sh index d25ca65..ddcb7e0 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -596,21 +596,29 @@ upgrade_libc () { # upgrade apache2 to etch upgrade_apache2 () { - local package + local package packages + + # php-suhosin-cn causes removal of applications on dist-upgrade + # because of php5 only dependencies + pkgrm php-suhosin-cn for package in \ libapache2-mod-php4 \ php4-cli \ php4-cgi \ php4-cn \ - apache2-cn + apache2-cn \ + php4-odbc \ + php4-suhosin do if pkg $package; then - pkgadd $package + packages="$packages $package" fi done - pkgrm php-suhosin-cn # causes removal of applications on dist-upgrade + for package in $packages; do + pkgadd $package + done } upgrade_amavis () { @@ -649,6 +657,22 @@ upgrade_openldap () { dpkg --configure -a # try postinst again } +# fix postgresql deinstallation during upgrade +upgrade_postgresql () { + if check_services show 2>&1 | grep -qw postgresql; then + pkgadd postgresql || apt-get -f install + fi +} + +# upgrade the MTA +upgrade_postfix () { + pkgadd postfix-cn + + if pkg postgrey; then + pkgrm postgrey # not used by postfix-cn anymore + fi +} + get_variable () { local name=$1 file=$2 val diff --git a/src/scripts/check_services b/src/scripts/check_services index c097493..3c33c6b 100755 --- a/src/scripts/check_services +++ b/src/scripts/check_services @@ -87,6 +87,12 @@ cs_check () { fi } +# prikazi sto je zapisano u debconf +cs_show () { + db_get carnet-upgrade/check-services || true + echo "$RET" +} + case "$1" in preupgrade) cs_preupgrade ;; @@ -94,7 +100,9 @@ postupgrade) cs_postupgrade ;; check) cs_check ;; -*) echo "Usage: $0 (preupgrade|postupgrade|check)" +show) cs_show + ;; +*) echo "Usage: $0 (preupgrade|postupgrade|check|show)" exit 1 ;; esac -- 1.7.10.4 From 8df3f4691e6afecdb181c0a0734d95305926a8a9 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Tue, 25 Mar 2008 15:33:10 +0100 Subject: [PATCH 09/16] Fixed postgresql daemon location. --- src/data.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/data.sh b/src/data.sh index d4ccb20..b771acb 100644 --- a/src/data.sh +++ b/src/data.sh @@ -107,7 +107,7 @@ openssh-cn root /usr/sbin/sshd OpenSSH ossec-hids-cn ossecm /var/ossec/bin/ossec OSSec postfix-cn root /usr/lib/postfix/master Postfix postfix-cn root /usr/sbin/saslauthd SASL authentication -postgresql postgres /usr/lib/postgresql/bin/postmaster PostgreSQL +postgresql postgres /usr/lib/postgresql/7.4/bin/postmaster PostgreSQL samba-cn root /usr/sbin/smbd Samba snort-cn snort /usr/sbin/snort Snort spamassassin-cn dcc /usr/sbin/dccifd DCC client -- 1.7.10.4 From 9cca6edc89d02bb8820c4cb1b65707c38dab8758 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Tue, 25 Mar 2008 17:20:21 +0100 Subject: [PATCH 10/16] Fix for slapd postinst failure. --- src/functions.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/functions.sh b/src/functions.sh index ddcb7e0..46bb6f6 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -650,7 +650,10 @@ upgrade_amavis () { # fix openldap-aai postinst user handling upgrade_openldap () { - #pkgrm openldap-cn # deprecated + # slapd postinst fails if this is false + echo 'slapd slapd/move_old_database boolean true' | debconf-set-selections + + # workaround for race condition in openldap-aai postinst apt-get -y$s install openldap-aai || true # postinst fails chown -R openldap:openldap /var/lib/ldap # fix slapd /etc/init.d/slapd restart -- 1.7.10.4 From 6e411345cb8c762cc69ce4ad202344ece984c9d4 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Wed, 26 Mar 2008 16:31:36 +0100 Subject: [PATCH 11/16] Fixes for openldap and postgresql upgrade problems. --- src/functions.sh | 20 +++++++++++++------- 1 file changed, 13 insertions(+), 7 deletions(-) diff --git a/src/functions.sh b/src/functions.sh index 46bb6f6..2b6d3a0 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -650,20 +650,26 @@ upgrade_amavis () { # fix openldap-aai postinst user handling upgrade_openldap () { - # slapd postinst fails if this is false + pkg openldap-aai lt 2.3 || return 0 + + # slapd postinst fails if move_old_database is false echo 'slapd slapd/move_old_database boolean true' | debconf-set-selections + pkgadd slapd + + # openldap-aai postinst fails here because of database permissions + if ! apt-get -y install openldap-aai; then + chown -R openldap:openldap /var/lib/ldap # fix slapd + /etc/init.d/slapd restart - # workaround for race condition in openldap-aai postinst - apt-get -y$s install openldap-aai || true # postinst fails - chown -R openldap:openldap /var/lib/ldap # fix slapd - /etc/init.d/slapd restart - dpkg --configure -a # try postinst again + # try openldap-aai postinst again (also re-enables slurpd) + dpkg --configure -a + fi } # fix postgresql deinstallation during upgrade upgrade_postgresql () { if check_services show 2>&1 | grep -qw postgresql; then - pkgadd postgresql || apt-get -f install + pkgadd postgresql fi } -- 1.7.10.4 From 644358dc5f855d3829ba97d23a3c4d556f0b304d Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Thu, 27 Mar 2008 17:12:36 +0100 Subject: [PATCH 12/16] Reverted postgresql upgrade function. Fixed parameter word splitting. Fixed removal of apt-listchanges. Minor documentation update. --- doc/carnet-upgrade.sgml | 13 ++++++------- src/cn-upgrade | 2 +- src/data.sh | 4 ++-- src/functions.sh | 17 ++++++++++------- 4 files changed, 19 insertions(+), 17 deletions(-) diff --git a/doc/carnet-upgrade.sgml b/doc/carnet-upgrade.sgml index 48b487a..082e37d 100644 --- a/doc/carnet-upgrade.sgml +++ b/doc/carnet-upgrade.sgml @@ -230,12 +230,11 @@ deb http://ftp.carnet.hr/carnet-debian sarge main non-free | sa Apache 1.3 na Apache 2.0. | | | | Pokrenite: | -| 'apt-get install apache2-cn' | +| # apt-get update | +| # apt-get install apache2-cn | | | | Nakon toga ponovno pozovite ovu skriptu. | | | -| | -| | +-----------------------------------------------------------------+ | < OK > | +-----------------------------------------------------------------+ @@ -258,14 +257,14 @@ deb http://ftp.carnet.hr/carnet-debian sarge main non-free | amavisd-cn | | | | Pokrenite: | -| 'apt-get dist-upgrade' | +| # apt-get update | +| # apt-get dist-upgrade | | ili: | -| 'apt-get install amavisd-cn' | +| # apt-get update | +| # apt-get install amavisd-cn | | | | Nakon toga ponovno pozovite ovu skriptu. | | | -| | -| | +-----------------------------------------------------------------+ | < OK > | +-----------------------------------------------------------------+ diff --git a/src/cn-upgrade b/src/cn-upgrade index b880f8b..eb473dc 100755 --- a/src/cn-upgrade +++ b/src/cn-upgrade @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash # last update: 2005-01-07 # Zoran 'jelly' Dzelajlija # Ivan 'ico' Rako diff --git a/src/data.sh b/src/data.sh index b771acb..916c9bc 100644 --- a/src/data.sh +++ b/src/data.sh @@ -39,7 +39,7 @@ xinetd-cn 2:2.3.13-1 # Packages to forcibly install before installing the rest with dist-upgrade, # because dist-upgrade would rather remove or keep them back them. packages_first=' -libkrb5-17-heimdal postgresql-client unixodbc +libkrb5-17-heimdal postgresql-client unixodbc iptables ' # Packages that provide crucial services, upgrade them before the rest @@ -79,7 +79,7 @@ gobjc gpc gcj gij chill g77 gcc-2.95-cn gcc-cn gcc-misc-cn gobjc gpc gcj gij ch nessus libnessus2 nessus-cn prelude piwi piwi piwi-cn libprelude0 prelude-sensors-cn prelude-manager-cn snort snort snort-cn snort-central-cn -stari CN paketi autoconf-cn automake-cn bison-cn bitchx-cn chkrootkit-cn cvs-cn diff-cn elinks-cn expect-cn file-cn flex-cn gawk-cn gdb-cn gettext-cn gnupg-cn grep-cn iptraf-cn jed-cn joe-cn jre-cn less-cn lftp-cn logcheck-cn logrotate-cn lsof-cn ltrace-cn lynx-cn make-cn mutt-cn netcat-cn nmap-cn ntop-cn openssl-cn perl-cn postgresql-cn procmail-cn python-cn screen-cn slrn-cn strace-cn stunnel-cn sudo-cn tcpdump-cn unace-cn vim-cn wget-cn wv-cn ytalk-cn zsh-cn +stari CN paketi autoconf-cn automake-cn bison-cn bitchx-cn chkrootkit-cn cvs-cn diff-cn elinks-cn expect-cn file-cn flex-cn gawk-cn gdb-cn gettext-cn gnupg-cn grep-cn iptraf-cn jed-cn joe-cn jre-cn less-cn lftp-cn logcheck-cn logrotate-cn lsof-cn ltrace-cn lynx-cn make-cn mutt-cn netcat-cn nmap-cn ntop-cn openssl-cn perl-cn procmail-cn python-cn screen-cn slrn-cn strace-cn stunnel-cn sudo-cn tcpdump-cn unace-cn vim-cn wget-cn wv-cn ytalk-cn zsh-cn ' # Check if these services are running after upgrade diff --git a/src/functions.sh b/src/functions.sh index 2b6d3a0..9c81fc8 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -271,9 +271,11 @@ Prije prelaska na Debian Etch potrebno je napraviti nadogradnju ovih paketa: $upgrade Pokrenite: - 'apt-get dist-upgrade' + # apt-get update + # apt-get dist-upgrade ili: - 'apt-get install${upgrade}' + # apt-get update + # apt-get install${upgrade} Nakon toga ponovno pozovite ovu skriptu." log "carnet-upgrade aborted, upgrade of$upgrade needed." @@ -289,7 +291,8 @@ check_apache_version () { Prije prelaska na Debian Etch potrebno je napraviti nadogradnju sa Apache 1.3 na Apache 2.0. Pokrenite: - 'apt-get install apache2-cn' + # apt-get update + # apt-get install apache2-cn Nakon toga ponovno pozovite ovu skriptu." log "carnet-upgrade aborted, upgrade to apache2-cn needed." @@ -310,7 +313,7 @@ upgrade () { return 1 esac - for i in $packages + for i in $(echo $packages) do pkg $i && to_install="$to_install $i" done @@ -573,7 +576,7 @@ apt_listchanges () { # make a silent installation of carnet and srce keyrings install_keyrings () { pkgadd carnet-keyring srce-keyring - pkgadd dpkg apt debconf + pkgadd dpkg apt debconf python-apt dpkg-reconfigure carnet-keyring srce-keyring update @@ -616,7 +619,7 @@ upgrade_apache2 () { fi done - for package in $packages; do + for package in $(echo $packages); do pkgadd $package done } @@ -669,7 +672,7 @@ upgrade_openldap () { # fix postgresql deinstallation during upgrade upgrade_postgresql () { if check_services show 2>&1 | grep -qw postgresql; then - pkgadd postgresql + apt-get install -y postgresql || apt-get -yf install fi } -- 1.7.10.4 From b31f79b9c72b7e548ed2a1b8e1fc7308fdad19a0 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Fri, 28 Mar 2008 16:23:04 +0100 Subject: [PATCH 13/16] Fixes for ldap -> openldap user switch. --- src/functions.sh | 31 ++++++++++++++++++++++++------- 1 file changed, 24 insertions(+), 7 deletions(-) diff --git a/src/functions.sh b/src/functions.sh index 9c81fc8..33ac260 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -1,4 +1,3 @@ -# last update: 2005-07-03 # Ivan 'ico' Rako # Zoran 'jelly' Dzelajlija @@ -655,17 +654,35 @@ upgrade_amavis () { upgrade_openldap () { pkg openldap-aai lt 2.3 || return 0 + # openldap-aai expects org.ldif to exists + local ldif=/var/lib/ldap/org.ldif + local ldif_backup=/var/lib/carnet-upgrade/org.ldif + if [ -f $ldif ]; then + cp -v $ldif $ldif_backup + fi + # slapd postinst fails if move_old_database is false echo 'slapd slapd/move_old_database boolean true' | debconf-set-selections pkgadd slapd - # openldap-aai postinst fails here because of database permissions - if ! apt-get -y install openldap-aai; then - chown -R openldap:openldap /var/lib/ldap # fix slapd - /etc/init.d/slapd restart + # slapd removes org.ldif during switch from ldap -> openldap user + if [ -f $ldif_backup -a ! -f $ldif ]; then + cp -v $ldif_backup $ldif + fi - # try openldap-aai postinst again (also re-enables slurpd) - dpkg --configure -a + # openldap-aai postinst fails here because of database permissions + apt-get -y install openldap-aai || true + chown -R openldap:openldap /var/lib/ldap + /etc/init.d/slapd restart + dpkg --configure -a + + # remove ldap user if openldap works + if getent passwd ldap > /dev/null && \ + getent passwd openldap > /dev/null && \ + pgrep -U openldap slapd > /dev/null + then + log "userdel ldap (replaced by openldap)" + userdel ldap || true fi } -- 1.7.10.4 From 2eebaf5e6b78a8b4fce045ca325ab5544fcd32c4 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Sat, 29 Mar 2008 21:16:06 +0100 Subject: [PATCH 14/16] Compress ldap backup. --- src/functions.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/functions.sh b/src/functions.sh index 33ac260..62dbbe7 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -373,7 +373,7 @@ add_group_proc () { # backup ldap database backup_slapd_db () { - local ldap_backup=/var/backups/slapcat.$backup_ext + local ldap_backup=/var/backups/slapcat.$backup_ext.gz local old_umask result if [ ! -f $ldap_backup ]; then @@ -383,7 +383,7 @@ backup_slapd_db () { /etc/init.d/slapd stop || true old_umask=`umask` umask 0077 # protect the backup file - slapcat -l $ldap_backup + slapcat | gzip --best > $ldap_backup result=$? umask $old_umask /etc/init.d/slapd start || true -- 1.7.10.4 From 7f0bd6edb0cf18c7afe77710e19d70097f169b3b Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Mon, 31 Mar 2008 09:55:01 +0200 Subject: [PATCH 15/16] Try harder to disable monit. --- src/actions/main.queue | 4 +--- src/functions.sh | 16 ++++++++++++++++ 2 files changed, 17 insertions(+), 3 deletions(-) diff --git a/src/actions/main.queue b/src/actions/main.queue index 4fb017d..716eb44 100644 --- a/src/actions/main.queue +++ b/src/actions/main.queue @@ -15,7 +15,7 @@ true create_sources_list true update # apt-get update & download true check_disk_space ! debconf_priority check debconf_priority set # utisaj debconf -# postgresql-common/etch zahtjeva da postgresql nije instaliran +pkg monit disable_monit true upgrade_libc true install_keyrings pkg skey-cn remove_skey @@ -24,8 +24,6 @@ pkg mrtg-cn post_upgrade pkgadd munin-cn pkg mrtg-cn pkgrm mrtg-cn # popravi konfiguracije koje stvaraju probleme true restore_configs -# monit stvara probleme postinst skriptama -pkg monit-cn pkgrm monit-cn # konacno, instalacija novih paketa pkg amavisd-cn upgrade_amavis pkg apache2-cn upgrade_apache2 diff --git a/src/functions.sh b/src/functions.sh index 62dbbe7..b595580 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -591,6 +591,22 @@ remove_skey () { fi } +# monit it causing problems for postinst scripts +# restarting daemons so try to disable it +disable_monit () { + if pkg monit-cn; then + pkgrm monit-cn # disables monit in prerm + fi + + # if configured manually + if pkg monit; then + # remove the binary but leave the config + apt-get remove --yes monit + # stop the binary + pkill -9 monit || true + fi +} + # make a silent upgrade to new libc6 upgrade_libc () { DEBIAN_FRONTEND=noninteractive pkgadd libc6 -- 1.7.10.4 From ef77c3319e1d5234b7e0a4974c8401bbf8039ec9 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Mon, 31 Mar 2008 10:40:55 +0200 Subject: [PATCH 16/16] Let dpkg/admin decide on bind and php.ini config changes. --- src/functions.sh | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) diff --git a/src/functions.sh b/src/functions.sh index b595580..1d83c80 100644 --- a/src/functions.sh +++ b/src/functions.sh @@ -493,7 +493,6 @@ restore_configs () { local config_backup pkg base-files lt 4 && restore_config /etc/issue /etc/issue.net - pkg bind9 lt 1:9.3.4 && restore_config /etc/bind/named.conf.options pkg libpam-modules lt 0.79 && restore_config /etc/security/limits.conf pkg login lt 1:4.0.18.1 && restore_config /etc/pam.d/login pkg mysql-server lt 5.0.3 && restore_config /etc/init.d/mysql \ @@ -533,11 +532,7 @@ restore_configs () { # register cn changes in ucf managed files for config in /etc/apache/modules.conf \ /etc/clamav/clamd.conf \ - /etc/clamav/freshclam.conf \ - /etc/php4/apache2/php.ini \ - /etc/php4/apache/php.ini \ - /etc/php4/cgi/php.ini \ - /etc/php4/cli/php.ini + /etc/clamav/freshclam.conf do config_backup=$config.$backup_ext if [ -e $config -a ! -e $config_backup ]; then -- 1.7.10.4