---------- Forwarded message ---------
From: Keith Williams <keithwilliamsnp@gmail.com>
Date: Sun, 7 Jul 2019 at 14:57
Subject: Re: [bitfolk] The forthcoming Debian 10.0 (buster) release
To: Hugo Mills <hugo-bf@carfax.org.uk>


I was reading in the pages and pages of guidance notes that there can be a problem with entropy starvation, even to the extent of SSH not working properly. Debian recommend doing a lot of pings as soon as you can to build up the entropy. Of course, how you do that during an install is another matter...
Keith


On Sun, 7 Jul 2019 at 14:06, Hugo Mills <hugo-bf@carfax.org.uk> wrote:
On Sun, Jul 07, 2019 at 01:55:46PM +0100, Keith Williams wrote:
> Well I have done the upgrade on one VPS. Preparation including backing up
> all db and /etc/ plus one or two other "just in case" files and
> uninstalling packages that were never installed from official archives 3 or
> 4 hours, upgrade itself few minutes, sorting out problems all the rest of
> the morning.
> Problems encountered:-
> Bind. Over several upgrades I have always kept the old config files. It
> seems that some ancient deprecated options now throw an error not a
> warning. systemctl start followed by journalctl -xe details all the
> problems, even the line numbers in the files so it was a matter of minutes
> to fix
> Wireguard still seems to need the unstable repository, so changing that
> back it all worked, the conf file was still there so OK, same could not be
> said of NFTables, had to reload conf file from back up.
> Then the 3 bigger ones:-
> Roundcube. During install it said it had to reconfigure the database. I
> will have to purge, drop that database and reinstall from scratch
> unfortunately
> Dovecot. My initial setting up, a few years back took ages (I was learning
> as I went) so I said no to replacing conf files. Had same problem as with
> Bind, setting which before led to a warning, now stop it from starting.
> Same trick as before and only one setting to change. The error message even
> tells you what to change it to. I should have heeded the warnings before.
> But it does mean that although Dovecot is delivering the mail to the boxes,
> I am unable to log onto Postfix as it uses Dovecot to verify credentials.
> But then my webmail uses Roundcube so I can't get at that mail at the
> moment anyway
> Webmin. I use this as a graphical interface when working with big databases
> or updating and cleaning up all my zonefiles. It's just easier. Handy for
> editing Apache virtual host files. I was able to install it and start it
> then the connection drops to the miniserv server. I think it is related to
> an upgrading of the perl libraries in the upgrade. Did not have the same
> with my home boxes a couple of weeks ago. That is non urgent though.
> Hopefully some lessons learnt so mistakes won't be repeated during upgrade
> of my other VPS tomorrow. Most of these irritations would probably not have
> arisen if I had cleaned up the conf files beforehand.
> Hope there is something useful there for anyone else upgrading

   I'm doing a reinstall from scratch on a new VPS. So far, I haven't
hit anything awkward (other than not knowing how to set up nginx -- I
decided to switch from Apache).

   My only real issue so far is that writing random data to the 250
GiB encrypted archive-storage volume took about 6 hours. I'm not sure
if that's entropy starvation on the randomness, very slow storage, or
slow CPU doing the encryption. I was doing it in the installer, so I
didn't have much leeway to investigate deeper.

   Hugo.

> Keith
>
> On Sat, 6 Jul 2019 at 00:16, Andy Smith <andy@bitfolk.com> wrote:
>
> > Hello,
> >
> > Debian 10 (buster) is supposed to be released later today. Those who
> > wish to upgrade to it in the usual Debian way should be able to do
> > so after reading the release notes for any gotchas:
> >
> >     https://www.debian.org/releases/testing/amd64/release-notes/
> >
> > I am not aware of any gotchas that are specific to the BitFolk
> > environment, but if you think you have found one please do let us
> > know.
> >
> > If planning a clean install, the "buster" release has been available
> > for some time in our Xen Shell, but under the code name
> > "debian_testing", because right now it still is technically the
> > testing release.
> >
> > If you issue the command:
> >
> >     xen shell> install debian_testing
> >
> > now or at any time after the release of Debian 10 then I believe
> > this should result in a working install of Debian 10. I just tested
> > it with a minimal install (base system + openssh) and it seems to
> > (still) work.
> >
> > It may be several days after the release before we can get around to
> > updating the labels in the Xen Shell so that "debian_buster" is there
> > and "debian_testing" gets you "bullseye". It does tell you what it's
> > going to install so there should be no confusion.
> >
> > Cheers,
> > Andy
> >

--
Hugo Mills             | One of these days, I'll catch that man without a
hugo@... carfax.org.uk | quotation, and he'll look undressed.
http://carfax.org.uk/  |
PGP: E2AB1DE4          |                                   Leto Atreides, Dune