Created
December 20, 2020 20:45
-
-
Save dleidert/ef99cf9a85093a4b1bb018163c251a21 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <p>This is a general documentation of how to attempt an upgrade from OMV 2 to OMV 3 including an upgrade of the underlying operating system to Debian Jessie (8). This document does not claim to be complete. It is provided to the public "as is" and any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. It is assumed that the operating system has not been heavily altered. So if you have installed a desktop environment, if you are using disk encryption, if you have self-written Init scripts, if you are running the system in a container, etc. make sure you read the <a href="https://www.debian.org/releases/jessie/amd64/release-notes/">release notes of Debian Jessie</a> in full and prepare yourself for the changes affecting your system. This document will cover just the basics and common configurations. It is assumed that there is either local or remote (SSH) access to the machine in question. For the latter it is best to have at least a rescue console available. Many steps will require to work as root (we will use [tt]sudo[/tt] for this purpose) on the console (CLI)!</p> | |
| <p><br></p> | |
| <p>The document will <strong>not</strong> make use of the [tt]omv-release-upgrade[/tt] script but instead use parts of it when appropriate.</p> | |
| <p><br></p> | |
| <h2> | |
| Prerequisites | |
| </h2> | |
| <ul> | |
| <li>I strongly suggest to install the screen utility from <a href="http://snapshot.debian.org/package/screen/4.1.0~20120320gitdb59704-7%2Bdeb7u1/%E2%80%8B">here</a> and familiarize yourself with the tool before you use it</li> | |
| </ul><pre># assuming an amd64 architecture: | |
| wget http://snapshot.debian.org/archive/debian-security/20150904T083849Z/pool/updates/main/s/screen/screen_4.1.0~20120320gitdb59704-7%2Bdeb7u1_amd64.deb | |
| sudo dpkg -i screen_4.1.0~20120320gitdb59704-7%2Bdeb7u1_amd64.deb | |
| screen</pre> | |
| <ul> | |
| <li>record everything you do:</li> | |
| </ul><pre>script -t 2>~/upgrade-jessie.time -a ~/upgrade-jessie.script</pre> | |
| <ul> | |
| <li>attempt a complete backup of your system with whatever backup tool you use</li> | |
| <li>backup at least your configuration:</li> | |
| </ul><pre># create a backup directory | |
| sudo mkdir -p /var/backups/system/wheezy/ | |
| # backup most important data | |
| sudo cp -ar --parents /etc /var/lib/dpkg /var/lib/apt/extended_states /var/cache/openmediavault/ /var/backups/system/wheezy/ | |
| dpkg --get-selections > package.list | |
| sudo mv package.list /var/backups/system/wheezy/</pre> | |
| <ul> | |
| <li>disable all services running in OMV via GUI except for SSH</li> | |
| <li>write down or make screenshots of your plugin configurations if you use one</li> | |
| <li>remove all openmediavault plugins either via GUI or CLI ([tt]dpkg -l | grep -i openmedia[/tt] should only show the [tt]openmediavault-keyring[/tt] and the base [tt]openmediavault[/tt] package - the GUI should not list any plugin to be installed</li> | |
| <li>there is a potential issue with [tt]apt-listchanges[/tt] during the upgrade, so this package should be temporarily removed:</li> | |
| </ul><pre>sudo apt-get remove apt-listchanges</pre> | |
| <ul> | |
| <li>for those plugins <strong>not used at all</strong> remove their dependencies as well, e.g.: [tt]nut nut-client nut-server[/tt]</li> | |
| </ul><pre>sudo apt-get remove nut nut-client nut-server</pre> | |
| <ul> | |
| <li>check in /etc/passwd which shell the user nobody is using and write it down (the upgrade will <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#base-passwd-hardening">change it to the nologin shell</a>)</li> | |
| </ul><pre>cat /etc/passwd | grep nobody</pre> | |
| <ul> | |
| <li>check for <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#systemd-cryptsetup-unsupported-features">unsupported crypttab features</a> and act accordingly to the release notes if you use them</li> | |
| </ul><pre># check for unsupported features | |
| sudo grep -e precheck -e check -e checkargs -e noearly -e loud -e keyscript /etc/crypttab</pre> | |
| <ul> | |
| <li>if there is any device in /etc/fstab with the 'auto' mount option set, <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#systemd-auto-mounts-incompat">add the 'nofail' mount option</a> to it too!</li> | |
| </ul><pre>sudo grep auto /etc/fstab</pre> | |
| <ul> | |
| <li>make sure your <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ap-old-stuff.en.html#switch-utf8">system uses an UTF-8 locale</a>, if not configure your system to use one:</li> | |
| </ul><pre>dpkg-reconfigure -plow locales</pre> | |
| <ul> | |
| <li>before you continue familiarize yourself with the sections 4, 5 and appendix A of the <a href="https://www.debian.org/releases/jessie/amd64/release-notes/">Jessie release notes</a> and follow the steps if you are affected by any of the changes not mentioned here (e.g. 5.6, 5.21)</li> | |
| <li>make sure you don't have any <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-upgrading.en.html#package-status">packages pending</a></li> | |
| </ul><pre>sudo dpkg --audit</pre> | |
| <ul> | |
| <li>remount your data device(s) as read-only to prevent any data loss on them during upgrade - the partition/device hosting the operating system must stay read-write of course. If the data devices/partitions are "busy" check which programs are still using them with [tt]lsof[/tt] (OMV 2 used [tt]/media/<uuid>/[/tt] by default to mount devices)</li> | |
| </ul><pre>df -h # will list all devices mounted, | |
| # or check the OMV GUI | |
| sudo mount -o remount,ro /media/<uuid> # choose mount point or device name accordingly | |
| sudo lsof /media/<uuid> # check for processes accessing the mount point</pre> | |
| <ul> | |
| <li>run the <a href="https://raw.githubusercontent.com/openmediavault/openmediavault/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/pre.d/10-apt-purge-local-archive">pre.d/10-apt-purge-local-archive</a> script</li> | |
| </ul><pre>wget https://raw.githubusercontent.com/openmediavault/openmediavault/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/pre.d/10-apt-purge-local-archive | |
| sudo /bin/sh 10-apt-purge-local-archive</pre> | |
| <ul> | |
| <li>adjust the APT sources for the upgrade and set the new default distribution target. The following shows the minimal content of the files mentioned (that is what <a href="https://github.com/openmediavault/openmediavault/blob/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/pre.d/20-apt-update-source-list">pre.d/20-apt-update-source-list</a> is supposed to do, but as Wheezy is EOL all entries in [tt]/etc/apt/sources.list[/tt] might be commented out)</li> | |
| </ul><pre data-file="/etc/apt/sources.list.d/openmediavault.list" data-highlighter="" data-line="1">deb http://packages.openmediavault.org/public erasmus main</pre> | |
| <pre data-file="/etc/apt/sources.list" data-highlighter="" data-line="1">deb http://deb.debian.org/debian jessie main contrib non-free | |
| deb http://deb.debian.org/debian-security jessie/updates main contrib non-free | |
| deb http://deb.debian.org/debian jessie-updates main contrib non-free</pre> | |
| <pre data-file="/etc/apt/apt.conf" data-highlighter="" data-line="1">APT::Default-Release "jessie";</pre> | |
| <ul> | |
| <li>run <a href="https://github.com/openmediavault/openmediavault/blob/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/pre.d/90-backup-config-db">pre.d/90-backup-config-db</a> to backup the OMV config</li> | |
| </ul><pre>wget https://raw.githubusercontent.com/openmediavault/openmediavault/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/pre.d/90-backup-config-db | |
| sudo /bin/sh 90-backup-config-db</pre> | |
| <p></p> | |
| <h2> | |
| Upgrade | |
| </h2> | |
| <p><br></p> | |
| <p>Ok. Now the preparations are completed. Let's do the upgrade. I personally prefer <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-upgrading.en.html#minimal-upgrade">incremental upgrades</a>. If one package fails to install it doesn't affect the installation of several hundred other packages:</p> | |
| <ul> | |
| <li>update the APT package database, the openmediavault keyring, and update again:</li> | |
| </ul> | |
| <p></p><pre>sudo apt-get update | |
| sudo apt-get install --allow-unauthenticated openmediavault-keyring | |
| sudo apt-get update</pre> | |
| <ul> | |
| <li>run a minimal upgrade without installing additional packages or removing installed packages. This will require around 100MB of free disk space for a basic OMV system. Note that the following command will not ask back, assume [tt]yes[/tt] to every question asked, not update any configuration files, and instead keep the existing ones. If you are experienced don't use these options and adjust them accordingly</li> | |
| </ul><pre>sudo apt-get upgrade --show-upgraded --yes --force-yes --option Dpkg::Options::="--force-confdef" --option DPkg::Options::="--force-confold" --no-install-recommends --no-install-suggests</pre> | |
| <ul> | |
| <li>In my case this created the following error messages:</li> | |
| </ul> | |
| <woltlab-quote> | |
| <p>[..]</p> | |
| <p>Running lilo...</p> | |
| <p>Fatal: raid_setup: stat("/dev/...")</p> | |
| <p>dpkg: error processing lilo (--configure):</p> | |
| <p>subprocess installed post-installation script returned error exit status 1</p> | |
| <p>[..]</p> | |
| <p>Processing triggers for initramfs-tools ...</p> | |
| <p>update-initramfs: Generating /boot/initrd.img-3.2.0-4-amd64</p> | |
| <p>W: mdadm: /etc/mdadm/mdadm.conf defines no arrays.</p> | |
| <p>W: mdadm: no arrays defined in configuration file.</p> | |
| <p>Fatal: raid_setup: stat("/dev/...")</p> | |
| <p>run-parts: /etc/initramfs/post-update.d//runlilo exited with return code 1</p> | |
| <p>dpkg: error processing initramfs-tools (--configure):</p> | |
| <p>subprocess installed post-installation script returned error exit status 1</p> | |
| <p>Processing triggers for ca-certificates ...</p> | |
| <p>Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.</p> | |
| <p>Running hooks in /etc/ca-certificates/update.d....done.</p> | |
| <p>Errors were encountered while processing:</p> | |
| <p>lilo</p> | |
| <p>initramfs-tools</p> | |
| <p>Creating index of upgradeable packages ...</p> | |
| <p>Creating index of openmediavault plugins ...</p> | |
| <p>E: Sub-process /usr/bin/dpkg returned an error code (1)</p> | |
| </woltlab-quote> | |
| <ul> | |
| <li>I'm not sure what's causing the error. There was no software RAID. In my case the installation completed without any further adjustments by just attempting:</li> | |
| </ul><pre>sudo apt-get install -f</pre> | |
| <ul> | |
| <li>now all other packages have dependencies which either require the installation of a new package or the removal of an existing one. Still we can pull in packages piece by piece without too much changes. The following is a list of packages which can be pulled in separately. Pull them each by one (or line by line) via:</li> | |
| </ul><pre>sudo apt-get upgrade --show-upgraded --yes --force-yes --option Dpkg::Options::="--force-confdef" --option DPkg::Options::="--force-confold" --no-install-recommends --no-install-suggests <PACKAGE></pre> | |
| <pre data-file="List of packages" data-highlighter="" data-line="1">amd64-microcode | |
| base-passwd passwd | |
| bind9-host | |
| bsdutils | |
| fontconfig | |
| ifenslave-2.6 iputils-ping iproute iptables isc-dhcp-client isc-dhcp-common | |
| libcairo2 | |
| libsasl2-2 | |
| parted | |
| procps | |
| proftpd-basic proftpd-mod-vroot | |
| python3 python3-apt | |
| rrdcached | |
| samba | |
| wget</pre> | |
| <ul> | |
| <li>start the full upgrade:</li> | |
| </ul><pre>sudo apt-get dist-upgrade --show-upgraded --yes --force-yes --option Dpkg::Options::="--force-confdef" --option DPkg::Options::="--force-confold" --no-install-recommends --no-install-suggests</pre> | |
| <ul> | |
| <li>I didn't know about the following issue at this point and got this error right from the start:</li> | |
| </ul> | |
| <woltlab-quote> | |
| <p>[..]</p> | |
| <p>dpkg-deb: error: arcive '/var/cache/apt/archives/openmediavault_3.0.100_all.deb' contains not understood data member control.tar.xz, giving up</p> | |
| <p>Traceback (most recent call last):</p> | |
| <p>File "/usr/bin/apt-listchanges", line 250, in <module></p> | |
| <p>main()</p> | |
| <p>File "/usr/bin/apt-listchanges", line 108, in main</p> | |
| <p>pkg = DebianFiles.Package(deb)</p> | |
| <p>File "/usr/share/apt-listchanges/DebianFiles.py", line 134, in __init__</p> | |
| <p>self.binary = pkgdata.Package</p> | |
| <p>AttributeError: ControlStanza instance has no attribute 'Package'</p> | |
| <p>[..]</p> | |
| <p>Updating configuration database ...</p> | |
| <p>chown: invalid group: ':openmediavault-config'</p> | |
| <p>ERROR: Failed to create the default configuration: Command '['/usr/share/openmediavault/confdb/create.d/conf.sh']' returned non-zero exit status 1</p> | |
| <p>dpkg: error processing package openmediavault (--configure):</p> | |
| <p>subprocess installed post-installation script returned error exit status 1</p> | |
| <p>[..]</p> | |
| <p>Errors were encountered while processing:</p> | |
| <p>openmediavault</p> | |
| <p>Creating index of upgradeable packages ...</p> | |
| <p>Creating index of openmediavault plugins ...</p> | |
| <p>E: Sub-process /usr/bin/dpkg returned an error code (1)</p> | |
| </woltlab-quote> | |
| <ul> | |
| <li>during to the package management tools not understanding the XZ archive the control scripts were not extracted nor run and a group did not get created; so this is how I fixed it:</li> | |
| </ul><pre>sudo groupadd --system openmediavault-config | |
| sudo apt-get install -f | |
| sudo apt-get install --reinstall openmediavault</pre> | |
| <p>There will be a lot of errors regarding [tt]dbus[/tt] which can be ignored before we restart the system</p> | |
| <p><br></p> | |
| <h2> | |
| Aftermath | |
| </h2> | |
| <ul> | |
| <li>start to clean the system as <a href="https://github.com/openmediavault/openmediavault/blob/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/post.d/80-apt-autoremove">post.d/80-apt-autoremove</a> would do; the packages [tt]deborphan[/tt] and [tt]apt-forktracer[/tt] might prove to be useful too:</li> | |
| </ul><pre>sudo apt-get autoremove --purge | |
| dpkg -l | grep ^rc # remove the packages listed in rc state | |
| apt-forktracer # remove those without any sources listed | |
| deborphan --guess-dummy # remove empty dummy/transition packages | |
| deborphan | xargs sudo apt-get autoremove --purge -y</pre> | |
| <ul> | |
| <li>install packages which you might need after the upgrade</li> | |
| </ul><pre>sudo apt-get install plymouth console-setup</pre> | |
| <ul> | |
| <li>the shell for user [tt]nobody[/tt] <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#base-passwd-hardening">needs to be restored</a> (in my case [tt]/bin/sh[/tt])</li> | |
| </ul><pre>sudo chsh -s /bin/sh nobody</pre> | |
| <ul> | |
| <li>the update might have <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#openssh">disabled the root login for SSH</a>; if for whatever reason you need it, you'll have to restore it:</li> | |
| </ul><pre data-file="/etc/ssh/sshd_config" data-highlighter="" data-line="1">[..] | |
| PermitRootLogin yes | |
| [..]</pre> | |
| <ul> | |
| <li>[tt]/etc/resolv.conf[/tt] should actually be a symlink</li> | |
| </ul><pre>sudo dpkg-reconfigure -plow resolvconf</pre> | |
| <ul> | |
| <li>update the [tt]/etc/issue[/tt] notice and some other stuff (I'm honestly not sure if they are all safe to run)</li> | |
| </ul><pre>sudo omv-mkconf apt | |
| sudo omv-mkconf issue | |
| sudo omv-mkconf ssh | |
| sudo omv-mkconf timezone</pre> | |
| <ul> | |
| <li>if the SSH server doesn't come up because a key is missing, this will fix it:</li> | |
| </ul><pre>sudo ssh-keygen -A</pre> | |
| <ul> | |
| <li>the nginx logs at [tt]/var/log/nginx/openmediavault-webgui_access.log[/tt] showed the following error and were fixed by restarting the [tt]php5-fpm[/tt] service</li> | |
| </ul> | |
| <woltlab-quote> | |
| <p><br>[..] [error] 27074#0: *1 FastCGI sent in stderr: "PHP message: PHP Fatal error: Call to undefined function json_decode() in /usr/share/php/openmediavault/functions.inc on line 575" while reading response header from upstream, client: ::ffff:127.0.0.1, server: openmediavault-webgui, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm-openmediavault-webgui.sock:", host: "127.0.0.1"</p> | |
| </woltlab-quote><pre>sudo service php5-fpm restart</pre> | |
| <ul> | |
| <li>I made double sure that every removable device in [tt]/etc/fstab[/tt] which had the [tt]auto[/tt] mount option set also had the [tt]nofail[/tt] option set, i.e.</li> | |
| </ul><pre> /dev/sr0 /media/cdrom0 udf,iso9660 user,auto,nofail 0 0</pre> | |
| <ul> | |
| <li>then I restarted the system</li> | |
| </ul><pre>sudo reboot</pre> | |
| <p><br></p> | |
| <p><br></p> | |
| <h2> | |
| After the restart | |
| </h2> | |
| <p>I checked all logs after the restart to check for potential issues:</p> | |
| <p><br></p><pre>/var/log/auth.log | |
| /var/log/daemon.log | |
| /var/log/messages | |
| /var/log/syslog | |
| /var/log/user.log | |
| /var/log/samba/log.nmbd | |
| /var/log/samba/log.smbd | |
| /var/log/mail.log | |
| /var/log/mail.err | |
| sudo dmesg | less</pre> | |
| <p><br></p> | |
| <p>And also checked the OMV GUI in a browser.</p> | |
| <p><br></p> | |
| <p>I suggest to <strong>skip this if you are going to update to OMV4 right away</strong>: Then I re-enabled the services. Also the plugins can be re-installed.</p> | |
| <p><br></p> | |
| <p>Some other issues:</p> | |
| <ul> | |
| <li>due to assuming [tt]Yes[/tt] to all questions during the upgrade you probably want to check the settings for [tt]libc6[/tt] and go with the default settings instead:</li> | |
| </ul><pre>sudo dpkg-reconfigure -plow libc6</pre> | |
| <ul> | |
| <li>if you want to use a tmpfs for [tt]tmp[/tt]</li> | |
| </ul><pre>sudo systemctl enable tmp.mount</pre> | |
| <ul> | |
| <li>the upgrade has pulled in an updated linux kernel of the 3.x series; to install a kernel from 4.x series without using backports(!)</li> | |
| </ul><pre>sudo apt-get install linux-image-4.9-amd64</pre> | |
| <ul> | |
| <li>I also used the chance to get rid of lilo (especially since both lilo and grub were installed); note that one can uninstall lilo from the MBR before removing the package (for a RAID1 one probably has to adjust the commands listed below):</li> | |
| </ul><pre># assuming that /dev/foo is the device to boot from and grub is installed | |
| sudo lilo -u /dev/foo | |
| sudo apt-get autoremove --purge lilo | |
| sudo grub-install /dev/foo | |
| sudo update-grub | |
| # and reboot if satisfied</pre> | |
| <ul> | |
| <li>clean the local package archive (as in <a href="https://github.com/openmediavault/openmediavault/blob/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/post.d/90-apt-clean">post.d/90-apt-clean</a>)</li> | |
| </ul><pre>sudo apt-get autoclean</pre> | |
| <ul> | |
| <li>the upgrade pulled in HTTPS support for apt, so you might want to change all [tt]http://[/tt] resources in [tt]/etc/apt/sources.list[/tt] and [tt]/etc/apt/sources.list.d/*[/tt] to [tt]https://[/tt]</li> | |
| </ul> | |
| <p><br></p> | |
| <p>If everything is running: make a backup. There will eventually another document of how to upgrade from OMV3 to OMV4.</p> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment