now wait for the buildd to quit
-turn off samhain
-
- cd /etc/rc2.d/
+upgrade stuff:
+
+* answer question to libc6 "Restart services automaticaly" with "yes"
+* answer "Yes" to changes of /etc/default/rcS, [BR#694928](http://bugs.debian.org/694928)
+* and change "FSCKFIX=yes" afterwards, at least on hardware without remote access (like arm*)
+* say no to other other questions.
+
+commands:
+
+ sed -i "s#squeeze#wheezy#g" /etc/apt/sources.list.d/debian.list /etc/apt/sources.list.d/security.list &&
+ dpkg --clear-avail &&
+ rm -f /etc/apt/preferences.d/dsa-bacula-client &&
+ if [ -e /etc/apt/sources.list.d/buildd.debian.org.list ]; then
+ rm -f /etc/apt/preferences.d/buildd &&
+ sed -i "s#squeeze#wheezy#g" /etc/apt/sources.list.d/buildd.debian.org.list
+ fi &&
+ apt-get update &&
+ apt-get install dpkg apt samhain &&
service samhain stop &&
- prio=$(ls -1 S*samhain | cut -b 2-3); mv S${prio}samhain K${prio}samhain # so it stays down
-
-
-maybe turn off exim
-
- cd /etc/rc2.d/
- service exim4 stop &&
- prio=$(ls -1 S*exim4* | cut -b 2-3); mv S${prio}exim4 K${prio}exim4 # so it stays down
-
-
-install deborphan, clean up
-
- apt-get autoremove
- apt-get install deborphan dialog
- orphaner
- orphaner -n
- orphaner -a
- orphaner -a -n
+ apt-get dist-upgrade &&
+ rm /var/state/samhain/samhain_file &&
+ samhain --foreground -t init -p none -s none -l none -m none &&
+ (puppet agent -t || true) &&
+ apt-get dist-upgrade &&
+ c_rehash /etc/ssl/debian/certs &&
+ c_rehash /etc/exim4/ssl &&
+ apt-get --purge autoremove &&
+ while [ "$(deborphan -n | wc -l)" -gt 0 ] ; do apt-get purge $(deborphan -n); done &&
+ apt-get purge liblzma2 lzma &&
+ dpkg --clear-avail &&
+ apt-get clean
+
+
+if /etc/apache2/apache2.conf was not changed, remove the include for httpd.conf.
purge removed packages
echo "really purge these [y/N]?" && read ans && [ "$ans" = "y" ] && dpkg --purge `dpkg --get-selections | awk '$2=="deinstall" {print $1}'` &&
echo "These are not at install:" && dpkg --get-selections | awk '$2!="install" {print $1}'
-change sources list entries to wheezy:
-
- cd /etc/apt/sources.list.d && sed -i "s#squeeze#wheezy#g" debian.list && sed -i "s#squeeze#wheezy#g" volatile.list && sed -i "s#squeeze#wheezy#g" security.list
-
-update apt list
-
- apt-get update
-
-upgrade
-
- apt-get install locales-all apt dpkg base-files
-
-answer question to libc6 "Restart services automaticaly" with "yes"
-
-answer "Yes" to changes of /etc/default/rcS, [BR#694928](http://bugs.debian.org/694928)
-and change "FSCKFIX=yes" afterwards, at least on hardware without remote access (like arm*)
-
-rest follows
-
- apt-get dist-upgrade
-
-use dash as system shell (/bin/sh).
-
-reject changes to /etc/pam.d/sudo (puppet will install a new file later anyway)
-
-reject changes to /etc/munin/plugin-conf.d/munin-node (puppet will install a new file later anyway)
-
- * keep local (i.e. reject (N)):
- * all changes relating to exim (in /etc/exim4 and in logrotate)
- * /etc/nagios/nrpe.cfg
- * /etc/ldap/ldap.conf
- * /etc/puppet/puppet.conf
+more clean ups:
- * /etc/samhain/samhainrc
- * /etc/munin/munin-node.conf
- * /etc/logrotate.d/apache2
- * /etc/apache2/apache2.conf
- * /etc/apache2/ports.conf
+ apt-get purge arrayprobe
+ /usr/lib/nagios/plugins/dsa-check-packages | tr -d ,
+ apt-get --purge autoremove
- * install new version:
- * /etc/init.d/stunnel4
+maybe
+ apt-get install firmware-linux
update dsa-nagios.git (add host to wheezy hostgroup)
-do a puppet run:
+reboot
- puppetd -t; puppetd -t
-
-upgrade once more (security etc)
-
- apt-get update && apt-get dist-upgrade
-
-clean up old libs
-
- orphaner
- orphaner -n
- orphaner -a
- orphaner -a -n
-
-check for unneeded/obsolete packages
-
- apt-get autoremove
-
- /usr/lib/nagios/plugins/dsa-check-packages
-
-purge removed packages
-
- dpkg --get-selections | awk '$2=="deinstall" {print $1}' &&
- echo "really purge these [y/N]?" && read ans && [ "$ans" = "y" ] && dpkg --purge `dpkg --get-selections | awk '$2=="deinstall" {print $1}'` &&
- echo "These are not at install:" && dpkg --get-selections | awk '$2!="install" {print $1}'
-
-purge cruft that upgrade doesn't remove
-
- apt-get remove --purge emacs22-common libxmlrpc-ruby libcap1 emacs22-nox emacs22-bin-common libvolume-id0 gcc-4.2-base ifenslave libopenssl-ruby1.8 mailx
+verify ipv6 routing still works.
re-init samhain
-possibly reboot
-
-re-enable exim, samhain
-
- mv /etc/rc2.d/K??exim4 /etc/rc2.d/S02exim4
- mv /etc/rc2.d/K??samhain /etc/rc2.d/S02samhain
- env -i /etc/init.d/exim4 start
- env -i /etc/init.d/samhain start
-
- insserv
-
-re-init samhain
+ samhain --foreground -t update -p none -s none -l none -m none