Før du læser denne opgraderingsvejledning, så bemærk at live opdateringer
til dine produktionsservere udføres på egen risiko. Debian Edu/Skolelinux har ABSOLUT INGEN GARANTI, inden for
lovens rammer.
Læs venligst dette kapitel og kapitlet Nye funktioner i Bullseye i denne manual fuldstændig før du forsøger at opgradere.
Upgrading Debian from one distribution to the next is generally rather easy. For Debian Edu this is unfortunately a bit more complicated as we modify configuration files in ways we shouldn't. However we have documented the needed steps below. (See Debian bug 311188 for more information how Debian Edu should modify configuration files.)
In general, upgrading the servers is more difficult than the workstations and the main-server is the most difficult to upgrade.
Hvis du ønsker at sikre dig at alt virker som før efter opgraderingen, så skal du teste opgraderingen på et testsystem eller systemer konfigureret på samme måde som dine produktionsmaskiner. Der kan du teste opgraderingen uden risiko og se om alt virker, som det skal.
Husk også at læse informationen om den aktuelle Debian Stable-udgivelse i dennes installationsmanual.
Det kan også være klogt at vente en smule og stadig køre Oldstable i et par uger længere, så at andre kan teste opgraderingen og dokumentere eventuelle problemer de oplever. Udgivelsen Oldstable for Debian Edu vil fortsat modtage understøttelse i en periode efter den næste Stable-udgivelse, men når Debian standser understøttelse for Oldstable, så vil Debian Edu ligeledes stoppe understøttelsen.
Vær forberedt: Vær sikker på at du har testet opgraderingen fra Buster i et
testmiljø eller har sikkerhedskopier klar til en gendannelse.
Bemærk venligst at den følgende opskrift gælder for standardinstallationen af Debian Edus hovedserver (desktop=xfce, profiler Main-Server, Workstation, LTSP-server). (For et generelt overblik over buster til bullseye-opgraderingen, se: https://www.debian.org/releases/bullseye/releasenotes)
Brug ikke X, brug en virtuel konsol, log ind som root.
Hvis apt
afslutter med en fejl, så prøv at
rette den og/eller køre apt -f install
og
så apt -y full-upgrade
igen.
Sikr dig at det nuværende system er opdateret:
apt update apt full-upgrade
Ryd op i pakkemellemlageret:
apt clean
Prepare and start the upgrade to Bullseye (new security entry):
sed -i 's/buster/bullseye/g' /etc/apt/sources.list sed -i 's#/debian-security bullseye/updates# bullseye-security#g' /etc/apt/sources.list export LC_ALL=C # optional (to get English output) apt update apt full-upgrade
apt-list-changes: vær forberedt på at skulle læse en masse NYHEDER; tryk <retur> for at rulle ned, <q> for at forlade tekstfremviseren. Al information vil blive sendt til root, så du kan læse det igen senere (brug mailx eller mutt).
Læs al debconf-information omhyggeligt, vælg »bevar den lokalt installeret version« med mindre andet er nævnt nedenfor; i de fleste tilfælde vil et tryk på retur være okay.
genstart tjenester: Vælg ja (yes).
openssh-server: Choose 'keep the local version currently installed'.
/etc/plymouth/plymouthd.conf: Choose Y.
Samba server and utilities: Choose 'keep the local version currently installed'.
Kerberos servers: Enter 'kerberos' and hit 'OK'.
/etc/default/slapd: Choose N.
/etc/cups/cups-files.conf: Choose N.
/etc/munin/munin.conf: Choose N.
Anvend og juster konfiguration:
cf-agent -v -D installation service squid restart
Setup and configure the Icinga2 web interface:
Run apt install icinga2-ido-mysql
, always
choose No if asked by debconf.
kør
/usr/share/debian-edu-config/tools/edu-icinga-setup
Hent den nye grafik Debian Edu Homeworld:
apt install debian-edu-artwork-homeworld apt purge debian-edu-artwork-buster # unless Buster artwork should be kept as an alternative
Adjust Xfce panel configuration:
rm -f /etc/xdg/xfce4/panel/default.xml.cfsaved mv /etc/xdg/xfce4/panel/default.xml.dpkg-new /etc/xdg/xfce4/panel/default.xml
Cope with new LTSP and related changes:
rm -f /etc/default/tftpd-hpa # to remove no longer needed modifications rm -rf /var/lib/tftpboot # to remove no longer used tftp base directory dpkg-reconfigure -p low tftpd-hpa # first prompt: keep ''tftp'' as system account, second: change TFTP root directory to ''/srv/tftp'' # third: keep address and port, last one: enter ''--secure'' as additional option service tftpd-hpa restart rm -rf /opt/ltsp # cleanup old LTSP base directory # The next steps will need quite some execution time. debian-edu-ltsp-install --arch amd64 --diskless_workstation no thin_type bare # if 64-Bit thin client support is wanted debian-edu-ltsp-install --arch i386 --diskless_workstation no thin_type bare # if 32-Bit thin client support is wanted debian-edu-ltsp-install --diskless_workstation yes # to create diskless workstation image from the server's file system debian-edu-pxeinstall # to add PXE installation files and related iPXE menu items
Cope with move to iPXE:
Create a file ipxe.ldif with the following content:
dn: cn=dhcp,cn=tjener,ou=servers,ou=systems,dc=skole,dc=skolelinux,dc=no changetype: modify add: dhcpOption dhcpOption: space ipxe dhcpOption: ipxe-encap-opts code 175 = encapsulate ipxe dhcpOption: ipxe.menu code 39 = unsigned integer 8 dhcpOption: ipxe.no-pxedhcp code 176 = unsigned integer 8 dhcpOption: arch code 93 = unsigned integer 16
Then run ldapadd -ZD
'cn=admin,ou=ldap-access,dc=skole,dc=skolelinux,dc=no' -W -f
ipxe.ldif
to apply the changes.
Modify some more DHCP settings in LDAP, e.g. using an editor like ldapvi. Make sure, DHCP related entries match those contained in the /etc/ldap/gosa-server.ldif file. Entries concerned are:
81 cn=intern,cn=dhcp,cn=tjener,ou=servers,ou=systems,dc=skole,dc=skolelinux,dc=no 83 cn=subnet00.intern,cn=dhcp,cn=tjener,ou=servers,ou=systems,dc=skole,dc=skolelinux,dc=no 85 cn=subnet01.intern,cn=dhcp,cn=tjener,ou=servers,ou=systems,dc=skole,dc=skolelinux,dc=no
Cope with GOsa changes - use new gosa.conf, fix LDAP access:
cp /etc/gosa/gosa.conf /etc/gosa/gosa.conf.buster # backup
cp /usr/share/debian-edu-config/gosa.conf.template /etc/gosa/gosa.conf # new gosa.conf file
Search for adminPassword and snapshotAdminPassword in /etc/gosa/gosa.conf and replace $GOSAPWD with the random password found in /etc/gosa/gosa.conf.orig for those entries.
rm /etc/gosa/gosa.secrets
kør gosa-encrypt-passwords
Kør service apache2 restart
Cope with Kerberos encryption type changes:
sed -i 's/supported_enctypes/#supported_enctypes/' /etc/krb5kdc/kdc.conf
Kør service krb5-kdc restart
Cope with Samba changes:
Add first user's Samba account: smbpasswd -a <first
username>
. Once users change their password, the related
Samba account will be created.
Kontroller om det opgraderede system fungerer:
Genstart; log ind som første bruger og test
om Gosa² gui fungerer,
om man kan forbinde til LTSP-klienter og arbejdsstationer
om man kan tilføje/fjerne et netgruppemedlemskab af et system,
om man kan sende og modtage intern e-post,
om man kan håndtere printere,
og om andre sidespecifikke ting fungerer.
Do all the basic things like on the main-server and without doing the things not needed. If not yet done, configure the machine to use Kerberos for mounting home directories, see the getting started chapter for details.
To upgrade from any older release, you will need to upgrade to the Buster based Debian Edu release first, before you can follow the instructions provided above. Instructions are given in the Manual for Debian Edu Buster about how to upgrade to Buster from the previous release, Stretch. Likewise the Stretch manual describes how to upgrade from Jessie.