Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<p>This is a general documentation of how to attempt an upgrade from OMV 2 to OMV 3 including an upgrade of the underlying operating system to Debian Jessie (8). This document does not claim to be complete. It is provided to the public "as is" and any express or implied warranties, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose are disclaimed. It is assumed that the operating system has not been heavily altered. So if you have installed a desktop environment, if you are using disk encryption, if you have self-written Init scripts, if you are running the system in a container, etc. make sure you read the <a href="https://www.debian.org/releases/jessie/amd64/release-notes/">release notes of Debian Jessie</a> in full and prepare yourself for the changes affecting your system. This document will cover just the basics and common configurations. It is assumed that there is either local or remote (SSH) access to the machine in question. For the latter it is best to have at least a rescue console available. Many steps will require to work as root (we will use [tt]sudo[/tt] for this purpose) on the console (CLI)!</p>
<p><br></p>
<p>The document will <strong>not</strong> make use of the [tt]omv-release-upgrade[/tt] script but instead use parts of it when appropriate.</p>
<p><br></p>
<h2>
Prerequisites
</h2>
<ul>
<li>I strongly suggest to install the screen utility from <a href="http://snapshot.debian.org/package/screen/4.1.0~20120320gitdb59704-7%2Bdeb7u1/%E2%80%8B">here</a> and familiarize yourself with the tool before you use it</li>
</ul><pre># assuming an amd64 architecture:
wget http://snapshot.debian.org/archive/debian-security/20150904T083849Z/pool/updates/main/s/screen/screen_4.1.0~20120320gitdb59704-7%2Bdeb7u1_amd64.deb
sudo dpkg -i screen_4.1.0~20120320gitdb59704-7%2Bdeb7u1_amd64.deb
screen</pre>
<ul>
<li>record everything you do:</li>
</ul><pre>script -t 2&gt;~/upgrade-jessie.time -a ~/upgrade-jessie.script</pre>
<ul>
<li>attempt a complete backup of your system with whatever backup tool you use</li>
<li>backup at least your configuration:</li>
</ul><pre># create a backup directory
sudo mkdir -p /var/backups/system/wheezy/
# backup most important data
sudo cp -ar --parents /etc /var/lib/dpkg /var/lib/apt/extended_states /var/cache/openmediavault/ /var/backups/system/wheezy/
dpkg --get-selections &gt; package.list
sudo mv package.list /var/backups/system/wheezy/</pre>
<ul>
<li>disable all services running in OMV via GUI except for SSH</li>
<li>write down or make screenshots of your plugin configurations if you use one</li>
<li>remove all openmediavault plugins either via GUI or CLI ([tt]dpkg -l | grep -i openmedia[/tt] should only show the [tt]openmediavault-keyring[/tt] and the base [tt]openmediavault[/tt] package - the GUI should not list any plugin to be installed</li>
<li>there is a potential issue with [tt]apt-listchanges[/tt] during the upgrade, so this package should be temporarily removed:</li>
</ul><pre>sudo apt-get remove apt-listchanges</pre>
<ul>
<li>for those plugins <strong>not used at all</strong> remove their dependencies as well, e.g.: [tt]nut nut-client nut-server[/tt]</li>
</ul><pre>sudo apt-get remove nut nut-client nut-server</pre>
<ul>
<li>check in /etc/passwd which shell the user nobody is using and write it down (the upgrade will <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#base-passwd-hardening">change it to the nologin shell</a>)</li>
</ul><pre>cat /etc/passwd | grep nobody</pre>
<ul>
<li>check for <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#systemd-cryptsetup-unsupported-features">unsupported crypttab features</a> and act accordingly to the release notes if you use them</li>
</ul><pre># check for unsupported features
sudo grep -e precheck -e check -e checkargs -e noearly -e loud -e keyscript /etc/crypttab</pre>
<ul>
<li>if there is any device in /etc/fstab with the 'auto' mount option set, <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#systemd-auto-mounts-incompat">add the 'nofail' mount option</a> to it too!</li>
</ul><pre>sudo grep auto /etc/fstab</pre>
<ul>
<li>make sure your <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ap-old-stuff.en.html#switch-utf8">system uses an UTF-8 locale</a>, if not configure your system to use one:</li>
</ul><pre>dpkg-reconfigure -plow locales</pre>
<ul>
<li>before you continue familiarize yourself with the sections 4, 5 and appendix A of the <a href="https://www.debian.org/releases/jessie/amd64/release-notes/">Jessie release notes</a> and follow the steps if you are affected by any of the changes not mentioned here (e.g. 5.6, 5.21)</li>
<li>make sure you don't have any <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-upgrading.en.html#package-status">packages pending</a></li>
</ul><pre>sudo dpkg --audit</pre>
<ul>
<li>remount your data device(s) as read-only to prevent any data loss on them during upgrade - the partition/device hosting the operating system must stay read-write of course. If the data devices/partitions are "busy" check which programs are still using them with [tt]lsof[/tt] (OMV 2 used [tt]/media/&lt;uuid&gt;/[/tt] by default to mount devices)</li>
</ul><pre>df -h # will list all devices mounted,
# or check the OMV GUI
sudo mount -o remount,ro /media/&lt;uuid&gt; # choose mount point or device name accordingly
sudo lsof /media/&lt;uuid&gt; # check for processes accessing the mount point</pre>
<ul>
<li>run the <a href="https://raw.githubusercontent.com/openmediavault/openmediavault/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/pre.d/10-apt-purge-local-archive">pre.d/10-apt-purge-local-archive</a> script</li>
</ul><pre>wget https://raw.githubusercontent.com/openmediavault/openmediavault/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/pre.d/10-apt-purge-local-archive
sudo /bin/sh 10-apt-purge-local-archive</pre>
<ul>
<li>adjust the APT sources for the upgrade and set the new default distribution target. The following shows the minimal content of the files mentioned (that is what <a href="https://github.com/openmediavault/openmediavault/blob/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/pre.d/20-apt-update-source-list">pre.d/20-apt-update-source-list</a> is supposed to do, but as Wheezy is EOL all entries in [tt]/etc/apt/sources.list[/tt] might be commented out)</li>
</ul><pre data-file="/etc/apt/sources.list.d/openmediavault.list" data-highlighter="" data-line="1">deb http://packages.openmediavault.org/public erasmus main</pre>
<pre data-file="/etc/apt/sources.list" data-highlighter="" data-line="1">deb http://deb.debian.org/debian jessie main contrib non-free
deb http://deb.debian.org/debian-security jessie/updates main contrib non-free
deb http://deb.debian.org/debian jessie-updates main contrib non-free</pre>
<pre data-file="/etc/apt/apt.conf" data-highlighter="" data-line="1">APT::Default-Release "jessie";</pre>
<ul>
<li>run <a href="https://github.com/openmediavault/openmediavault/blob/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/pre.d/90-backup-config-db">pre.d/90-backup-config-db</a> to backup the OMV config</li>
</ul><pre>wget https://raw.githubusercontent.com/openmediavault/openmediavault/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/pre.d/90-backup-config-db
sudo /bin/sh 90-backup-config-db</pre>
<p></p>
<h2>
Upgrade
</h2>
<p><br></p>
<p>Ok. Now the preparations are completed. Let's do the upgrade. I personally prefer <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-upgrading.en.html#minimal-upgrade">incremental upgrades</a>. If one package fails to install it doesn't affect the installation of several hundred other packages:</p>
<ul>
<li>update the APT package database, the openmediavault keyring, and update again:</li>
</ul>
<p></p><pre>sudo apt-get update
sudo apt-get install --allow-unauthenticated openmediavault-keyring
sudo apt-get update</pre>
<ul>
<li>run a minimal upgrade without installing additional packages or removing installed packages. This will require around 100MB of free disk space for a basic OMV system. Note that the following command will not ask back, assume [tt]yes[/tt] to every question asked, not update any configuration files, and instead keep the existing ones. If you are experienced don't use these options and adjust them accordingly</li>
</ul><pre>sudo apt-get upgrade --show-upgraded --yes --force-yes --option Dpkg::Options::="--force-confdef" --option DPkg::Options::="--force-confold" --no-install-recommends --no-install-suggests</pre>
<ul>
<li>In my case this created the following error messages:</li>
</ul>
<woltlab-quote>
<p>[..]</p>
<p>Running lilo...</p>
<p>Fatal: raid_setup: stat("/dev/...")</p>
<p>dpkg: error processing lilo (--configure):</p>
<p>subprocess installed post-installation script returned error exit status 1</p>
<p>[..]</p>
<p>Processing triggers for initramfs-tools ...</p>
<p>update-initramfs: Generating /boot/initrd.img-3.2.0-4-amd64</p>
<p>W: mdadm: /etc/mdadm/mdadm.conf defines no arrays.</p>
<p>W: mdadm: no arrays defined in configuration file.</p>
<p>Fatal: raid_setup: stat("/dev/...")</p>
<p>run-parts: /etc/initramfs/post-update.d//runlilo exited with return code 1</p>
<p>dpkg: error processing initramfs-tools (--configure):</p>
<p>subprocess installed post-installation script returned error exit status 1</p>
<p>Processing triggers for ca-certificates ...</p>
<p>Updating certificates in /etc/ssl/certs... 0 added, 0 removed; done.</p>
<p>Running hooks in /etc/ca-certificates/update.d....done.</p>
<p>Errors were encountered while processing:</p>
<p>lilo</p>
<p>initramfs-tools</p>
<p>Creating index of upgradeable packages ...</p>
<p>Creating index of openmediavault plugins ...</p>
<p>E: Sub-process /usr/bin/dpkg returned an error code (1)</p>
</woltlab-quote>
<ul>
<li>I'm not sure what's causing the error. There was no software RAID. In my case the installation completed without any further adjustments by just attempting:</li>
</ul><pre>sudo apt-get install -f</pre>
<ul>
<li>now all other packages have dependencies which either require the installation of a new package or the removal of an existing one. Still we can pull in packages piece by piece without too much changes. The following is a list of packages which can be pulled in separately. Pull them each by one (or line by line) via:</li>
</ul><pre>sudo apt-get upgrade --show-upgraded --yes --force-yes --option Dpkg::Options::="--force-confdef" --option DPkg::Options::="--force-confold" --no-install-recommends --no-install-suggests &lt;PACKAGE&gt;</pre>
<pre data-file="List of packages" data-highlighter="" data-line="1">amd64-microcode
base-passwd passwd
bind9-host
bsdutils
fontconfig
ifenslave-2.6 iputils-ping iproute iptables isc-dhcp-client isc-dhcp-common
libcairo2
libsasl2-2
parted
procps
proftpd-basic proftpd-mod-vroot
python3 python3-apt
rrdcached
samba
wget</pre>
<ul>
<li>start the full upgrade:</li>
</ul><pre>sudo apt-get dist-upgrade --show-upgraded --yes --force-yes --option Dpkg::Options::="--force-confdef" --option DPkg::Options::="--force-confold" --no-install-recommends --no-install-suggests</pre>
<ul>
<li>I didn't know about the following issue at this point and got this error right from the start:</li>
</ul>
<woltlab-quote>
<p>[..]</p>
<p>dpkg-deb: error: arcive '/var/cache/apt/archives/openmediavault_3.0.100_all.deb' contains not understood data member control.tar.xz, giving up</p>
<p>Traceback (most recent call last):</p>
<p>File "/usr/bin/apt-listchanges", line 250, in &lt;module&gt;</p>
<p>main()</p>
<p>File "/usr/bin/apt-listchanges", line 108, in main</p>
<p>pkg = DebianFiles.Package(deb)</p>
<p>File "/usr/share/apt-listchanges/DebianFiles.py", line 134, in __init__</p>
<p>self.binary = pkgdata.Package</p>
<p>AttributeError: ControlStanza instance has no attribute 'Package'</p>
<p>[..]</p>
<p>Updating configuration database ...</p>
<p>chown: invalid group: ':openmediavault-config'</p>
<p>ERROR: Failed to create the default configuration: Command '['/usr/share/openmediavault/confdb/create.d/conf.sh']' returned non-zero exit status 1</p>
<p>dpkg: error processing package openmediavault (--configure):</p>
<p>subprocess installed post-installation script returned error exit status 1</p>
<p>[..]</p>
<p>Errors were encountered while processing:</p>
<p>openmediavault</p>
<p>Creating index of upgradeable packages ...</p>
<p>Creating index of openmediavault plugins ...</p>
<p>E: Sub-process /usr/bin/dpkg returned an error code (1)</p>
</woltlab-quote>
<ul>
<li>during to the package management tools not understanding the XZ archive the control scripts were not extracted nor run and a group did not get created; so this is how I fixed it:</li>
</ul><pre>sudo groupadd --system openmediavault-config
sudo apt-get install -f
sudo apt-get install --reinstall openmediavault</pre>
<p>There will be a lot of errors regarding [tt]dbus[/tt] which can be ignored before we restart the system</p>
<p><br></p>
<h2>
Aftermath
</h2>
<ul>
<li>start to clean the system as <a href="https://github.com/openmediavault/openmediavault/blob/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/post.d/80-apt-autoremove">post.d/80-apt-autoremove</a> would do; the packages [tt]deborphan[/tt] and [tt]apt-forktracer[/tt] might prove to be useful too:</li>
</ul><pre>sudo apt-get autoremove --purge
dpkg -l | grep ^rc # remove the packages listed in rc state
apt-forktracer # remove those without any sources listed
deborphan --guess-dummy # remove empty dummy/transition packages
deborphan | xargs sudo apt-get autoremove --purge -y</pre>
<ul>
<li>install packages which you might need after the upgrade</li>
</ul><pre>sudo apt-get install plymouth console-setup</pre>
<ul>
<li>the shell for user [tt]nobody[/tt] <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#base-passwd-hardening">needs to be restored</a> (in my case [tt]/bin/sh[/tt])</li>
</ul><pre>sudo chsh -s /bin/sh nobody</pre>
<ul>
<li>the update might have <a href="https://www.debian.org/releases/jessie/amd64/release-notes/ch-information.en.html#openssh">disabled the root login for SSH</a>; if for whatever reason you need it, you'll have to restore it:</li>
</ul><pre data-file="/etc/ssh/sshd_config" data-highlighter="" data-line="1">[..]
PermitRootLogin yes
[..]</pre>
<ul>
<li>[tt]/etc/resolv.conf[/tt] should actually be a symlink</li>
</ul><pre>sudo dpkg-reconfigure -plow resolvconf</pre>
<ul>
<li>update the [tt]/etc/issue[/tt] notice and some other stuff (I'm honestly not sure if they are all safe to run)</li>
</ul><pre>sudo omv-mkconf apt
sudo omv-mkconf issue
sudo omv-mkconf ssh
sudo omv-mkconf timezone</pre>
<ul>
<li>if the SSH server doesn't come up because a key is missing, this will fix it:</li>
</ul><pre>sudo ssh-keygen -A</pre>
<ul>
<li>the nginx logs at [tt]/var/log/nginx/openmediavault-webgui_access.log[/tt] showed the following error and were fixed by restarting the [tt]php5-fpm[/tt] service</li>
</ul>
<woltlab-quote>
<p><br>[..] [error] 27074#0: *1 FastCGI sent in stderr: "PHP message: PHP Fatal error: Call to undefined function json_decode() in /usr/share/php/openmediavault/functions.inc on line 575" while reading response header from upstream, client: ::ffff:127.0.0.1, server: openmediavault-webgui, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm-openmediavault-webgui.sock:", host: "127.0.0.1"</p>
</woltlab-quote><pre>sudo service php5-fpm restart</pre>
<ul>
<li>I made double sure that every removable device in [tt]/etc/fstab[/tt] which had the [tt]auto[/tt] mount option set also had the [tt]nofail[/tt] option set, i.e.</li>
</ul><pre> /dev/sr0 /media/cdrom0 udf,iso9660 user,auto,nofail 0 0</pre>
<ul>
<li>then I restarted the system</li>
</ul><pre>sudo reboot</pre>
<p><br></p>
<p><br></p>
<h2>
After the restart
</h2>
<p>I checked all logs after the restart to check for potential issues:</p>
<p><br></p><pre>/var/log/auth.log
/var/log/daemon.log
/var/log/messages
/var/log/syslog
/var/log/user.log
/var/log/samba/log.nmbd
/var/log/samba/log.smbd
/var/log/mail.log
/var/log/mail.err
sudo dmesg | less</pre>
<p><br></p>
<p>And also checked the OMV GUI in a browser.</p>
<p><br></p>
<p>I suggest to <strong>skip this if you are going to update to OMV4 right away</strong>: Then I re-enabled the services. Also the plugins can be re-installed.</p>
<p><br></p>
<p>Some other issues:</p>
<ul>
<li>due to assuming [tt]Yes[/tt] to all questions during the upgrade you probably want to check the settings for [tt]libc6[/tt] and go with the default settings instead:</li>
</ul><pre>sudo dpkg-reconfigure -plow libc6</pre>
<ul>
<li>if you want to use a tmpfs for [tt]tmp[/tt]</li>
</ul><pre>sudo systemctl enable tmp.mount</pre>
<ul>
<li>the upgrade has pulled in an updated linux kernel of the 3.x series; to install a kernel from 4.x series without using backports(!)</li>
</ul><pre>sudo apt-get install linux-image-4.9-amd64</pre>
<ul>
<li>I also used the chance to get rid of lilo (especially since both lilo and grub were installed); note that one can uninstall lilo from the MBR before removing the package (for a RAID1 one probably has to adjust the commands listed below):</li>
</ul><pre># assuming that /dev/foo is the device to boot from and grub is installed
sudo lilo -u /dev/foo
sudo apt-get autoremove --purge lilo
sudo grub-install /dev/foo
sudo update-grub
# and reboot if satisfied</pre>
<ul>
<li>clean the local package archive (as in <a href="https://github.com/openmediavault/openmediavault/blob/2.x/deb/openmediavault/usr/share/openmediavault/releaseupgrade/post.d/90-apt-clean">post.d/90-apt-clean</a>)</li>
</ul><pre>sudo apt-get autoclean</pre>
<ul>
<li>the upgrade pulled in HTTPS support for apt, so you might want to change all [tt]http://[/tt] resources in [tt]/etc/apt/sources.list[/tt] and [tt]/etc/apt/sources.list.d/*[/tt] to [tt]https://[/tt]</li>
</ul>
<p><br></p>
<p>If everything is running: make a backup. There will eventually another document of how to upgrade from OMV3 to OMV4.</p>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment