squeeze2wheezy.sh
· 6.0 KiB · Bash
Raw
Please also refer to http://www.debian.org/releases/wheezy/releasenotes and use your brain!
For Roundcube and Sqlite Backend see: http://wiki.debian.org/Roundcube/DeprecationOfSQLitev2
# upgrade to UTF-8 locales (http://www.debian.org/releases/testing/i386/release-notes/ap-old-stuff.en.html#switch-utf8)
dpkg-reconfigure locales
# remove unused config file
rm -rf /etc/network/options /etc/environment
# change distro (please move 3rd party sources to /etc/apt/sources.list.d/), maybe look into http://ftp.cyconet.org/debian/sources.list.d/
rm -f /etc/apt/apt.conf.d/10disable_date_check
rm -f /etc/apt/sources.list.d/*squeeze*
sed -i s/squeeze/wheezy/g /etc/apt/sources.list*
sed -i "s/ stable/ wheezy/g" /etc/apt/sources.list*
sed -i s/squeeze/wheezy/g /etc/apt/preferences*
sed -i /proposed-updates/d /etc/apt/sources.list*
sed -i /volatile/d /etc/apt/sources.list*
sed -i /etch/d /etc/apt/sources.list*
sed -i /lenny/d /etc/apt/sources.list*
sed -i s#/backports.org/debian#/ftp.de.debian.org/debian#g /etc/apt/sources.list*
sed -i s/debian-backports/debian/g /etc/apt/sources.list*
if [ "$( dpkg -l | grep "^ii.*php5-suhosin" | wc -l)" -ge "1" ]; then \
wget http://ftp.cyconet.org/debian/sources.list.d/wheezy-updates-cyconet.list \
-O /etc/apt/sources.list.d/wheezy-updates-cyconet.list
fi
cat >> /etc/apt/preferences <<EOF
Package: *
Pin: release a=squeeze-lts
Pin-Priority: 200
EOF
aptitude update
# check package status
dpkg --audit
aptitude search "~ahold" | grep "^.h"
dpkg --get-selections | grep hold
# unmark packages auto
aptitude unmarkauto vim shorewall
aptitude unmarkauto $(dpkg-query -W 'linux-image-2.6.*' | cut -f1)
# have a look into required and free disk space
apt-get -o APT::Get::Trivial-Only=true dist-upgrade || df -h
# check if we have PAE available (http://www.debian.org/releases/testing/i386/release-notes/ch-upgrading.en.html#idp573136)
grep -q '^flags.*\bpae\b' /proc/cpuinfo && echo "We support PAE: yes" \
|| echo "We support PAE: no (please install linux-image-486 and remove linux-image-.*-686)"
# record session
script -t 2>~/upgrade-wheezy.time -a ~/upgrade-wheezy.script
# install our preseed so libc doesn't whine
cat > /tmp/wheezy.preseed <<EOF
libc6 glibc/upgrade boolean true
libc6 glibc/restart-services string
libc6 libraries/restart-without-asking boolean true
EOF
/usr/bin/debconf-set-selections /tmp/wheezy.preseed
# minimal system upgrade
aptitude upgrade
# randomize crontab
if [ -f /etc/crontab.dpkg-new ]; then CFG=/etc/crontab.dpkg-new; else CFG=/etc/crontab; fi
sed -i 's#root cd#root perl -e "sleep int(rand(300))" \&\& cd#' $CFG
sed -i 's#root\ttest#root\tperl -e "sleep int(rand(3600))" \&\& test#' $CFG
# phpmyadmin
if [ -f /etc/phpmyadmin/config.inc.php.dpkg-new ]; then CFG=/etc/phpmyadmin/config.inc.php.dpkg-new; \
else CFG=/etc/phpmyadmin/config.inc.php; fi
sed -i "s/\['auth_type'\] = 'cookie'/\['auth_type'\] = 'http'/" $CFG
sed -i "s#//\$cfg\['Servers'\]\[\$i\]\['auth_type'\] = 'http';#\$cfg['Servers'][\$i]['auth_type'] = 'http';#" $CFG
# remove anonymous mysql access
mysql -u root -p -e "DELETE FROM mysql.user WHERE User=''; DELETE FROM mysql.db WHERE Db='test' AND Host='%' OR Db='test\\_%' AND Host='%'; FLUSH PRIVILEGES;"
if [ -f /etc/default/xendomains.dpkg-new ]; then CFG=/etc/default/xendomains.dpkg-new; \
else CFG=/etc/default/xendomains; fi
sed -i s/XENDOMAINS_RESTORE=true/XENDOMAINS_RESTORE=false/ $CFG
sed -i s#XENDOMAINS_SAVE=/var/lib/xen/save#XENDOMAINS_SAVE=\"\"# $CFG
# dont use iptables when creating xen vifs
if [ -f /etc/xen/xend-config.sxp.dpkg-new ]; then CFG=/etc/xen/xend-config.sxp.dpkg-new; \
else CFG=/etc/xen/xend-config.sxp; fi
sed -i "s/^(vif-script vif-bridge)/(vif-script vif-bridge-local)/" $CFG
/bin/sed -i -e 's/^[# ]*\((dom0-min-mem\).*\().*\)$/\1 512\2/' $CFG
cp /etc/xen/scripts/vif-bridge /etc/xen/scripts/vif-bridge-local
sed -i "s/^ handle_iptable/ true/g" /etc/xen/scripts/vif-bridge-local
# chrony update
if [ -f /etc/chrony/chrony.conf.new ]; then CFG=/etc/chrony/chrony.conf.new; else CFG=/etc/chrony/chrony.conf; fi
sed -i s/debian.pool/de.pool/g $CFG
rm -rf /etc/grub.d/09_linux_xen
dpkg-divert --divert /etc/grub.d/09_linux_xen --rename /etc/grub.d/20_linux_xen
#mv /etc/grub.d/20_linux_xen /etc/grub.d/09_linux_xen
echo 'GRUB_CMDLINE_XEN="dom0_mem=512M"' >> /etc/default/grub
# maybe we want to change some shorewall config stuff again
if [ -f /etc/default/shorewall.dpkg-new ]; then CFG=/etc/default/shorewall.dpkg-new; \
else CFG=/etc/default/shorewall; fi
sed -i s/^startup=0/startup=1/ $CFG
# dist-upgrade
aptitude dist-upgrade
# migrate expose.ini
[ -f /etc/php5/conf.d/expose.ini ] && mv /etc/php5/conf.d/expose.ini \
/etc/php5/mods-available/local-expose.ini && php5enmod local-expose/90
# migrate local suhosin config
find /etc/php5/conf.d/ -type f -name "*suhosin.ini" -exec mv '{}' \
/etc/php5/mods-available/local-suhosin.ini \; && php5enmod local-suhosin/90
# mysql
# vsftpd and chroot_local_user?
if [ "$(grep -i ^chroot_local_user=yes /etc/vsftpd.conf | wc -l)" -ge "1" ]; then \
aptitude update; aptitude install -t wheezy-updates vsftpd && \
echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf && /etc/init.d/vsftpd restart; \
fi
# install fixed quotatool
dpkg -l | grep quotatool && aptitude update; aptitude safe-upgrade -t wheezy-updates quotatool
# remove old squeeze packages left around (keep eyes open!)
apt-get autoremove
aptitude search ?obsolete
dpkg -l | grep etch | grep -v xen | grep -v unbound | grep -v finch | grep -v fetch | awk '{print $2}' | xargs aptitude -y purge
dpkg -l | grep lenny | grep -v xen | awk '{print $2}' | xargs aptitude -y purge
dpkg -l | grep -E 'deb6|squeeze' | grep -v xen | grep -v -E 'linux-image|smarty' | awk '{print $2}' | xargs aptitude -y purge
aptitude -y install deborphan && deborphan | grep -v xen | grep -v -E 'libpam-cracklib' | xargs aptitude -y purge
dpkg -l | grep ^r | awk '{print $2}' | xargs aptitude -y purge
# for the brave YoloOps crowd
reboot && sleep 180; echo u > /proc/sysrq-trigger ; sleep 2 ; echo s > /proc/sysrq-trigger ; sleep 2 ; echo b > /proc/sysrq-trigger
| 1 | Please also refer to http://www.debian.org/releases/wheezy/releasenotes and use your brain! |
| 2 | For Roundcube and Sqlite Backend see: http://wiki.debian.org/Roundcube/DeprecationOfSQLitev2 |
| 3 | |
| 4 | |
| 5 | # upgrade to UTF-8 locales (http://www.debian.org/releases/testing/i386/release-notes/ap-old-stuff.en.html#switch-utf8) |
| 6 | dpkg-reconfigure locales |
| 7 | |
| 8 | # remove unused config file |
| 9 | rm -rf /etc/network/options /etc/environment |
| 10 | |
| 11 | # change distro (please move 3rd party sources to /etc/apt/sources.list.d/), maybe look into http://ftp.cyconet.org/debian/sources.list.d/ |
| 12 | rm -f /etc/apt/apt.conf.d/10disable_date_check |
| 13 | rm -f /etc/apt/sources.list.d/*squeeze* |
| 14 | sed -i s/squeeze/wheezy/g /etc/apt/sources.list* |
| 15 | sed -i "s/ stable/ wheezy/g" /etc/apt/sources.list* |
| 16 | sed -i s/squeeze/wheezy/g /etc/apt/preferences* |
| 17 | sed -i /proposed-updates/d /etc/apt/sources.list* |
| 18 | sed -i /volatile/d /etc/apt/sources.list* |
| 19 | sed -i /etch/d /etc/apt/sources.list* |
| 20 | sed -i /lenny/d /etc/apt/sources.list* |
| 21 | sed -i s#/backports.org/debian#/ftp.de.debian.org/debian#g /etc/apt/sources.list* |
| 22 | sed -i s/debian-backports/debian/g /etc/apt/sources.list* |
| 23 | if [ "$( dpkg -l | grep "^ii.*php5-suhosin" | wc -l)" -ge "1" ]; then \ |
| 24 | wget http://ftp.cyconet.org/debian/sources.list.d/wheezy-updates-cyconet.list \ |
| 25 | -O /etc/apt/sources.list.d/wheezy-updates-cyconet.list |
| 26 | fi |
| 27 | cat >> /etc/apt/preferences <<EOF |
| 28 | Package: * |
| 29 | Pin: release a=squeeze-lts |
| 30 | Pin-Priority: 200 |
| 31 | |
| 32 | EOF |
| 33 | aptitude update |
| 34 | |
| 35 | # check package status |
| 36 | dpkg --audit |
| 37 | aptitude search "~ahold" | grep "^.h" |
| 38 | dpkg --get-selections | grep hold |
| 39 | |
| 40 | # unmark packages auto |
| 41 | aptitude unmarkauto vim shorewall |
| 42 | aptitude unmarkauto $(dpkg-query -W 'linux-image-2.6.*' | cut -f1) |
| 43 | |
| 44 | # have a look into required and free disk space |
| 45 | apt-get -o APT::Get::Trivial-Only=true dist-upgrade || df -h |
| 46 | |
| 47 | # check if we have PAE available (http://www.debian.org/releases/testing/i386/release-notes/ch-upgrading.en.html#idp573136) |
| 48 | grep -q '^flags.*\bpae\b' /proc/cpuinfo && echo "We support PAE: yes" \ |
| 49 | || echo "We support PAE: no (please install linux-image-486 and remove linux-image-.*-686)" |
| 50 | |
| 51 | # record session |
| 52 | script -t 2>~/upgrade-wheezy.time -a ~/upgrade-wheezy.script |
| 53 | |
| 54 | # install our preseed so libc doesn't whine |
| 55 | cat > /tmp/wheezy.preseed <<EOF |
| 56 | libc6 glibc/upgrade boolean true |
| 57 | libc6 glibc/restart-services string |
| 58 | libc6 libraries/restart-without-asking boolean true |
| 59 | EOF |
| 60 | /usr/bin/debconf-set-selections /tmp/wheezy.preseed |
| 61 | |
| 62 | # minimal system upgrade |
| 63 | aptitude upgrade |
| 64 | |
| 65 | # randomize crontab |
| 66 | if [ -f /etc/crontab.dpkg-new ]; then CFG=/etc/crontab.dpkg-new; else CFG=/etc/crontab; fi |
| 67 | sed -i 's#root cd#root perl -e "sleep int(rand(300))" \&\& cd#' $CFG |
| 68 | sed -i 's#root\ttest#root\tperl -e "sleep int(rand(3600))" \&\& test#' $CFG |
| 69 | |
| 70 | # phpmyadmin |
| 71 | if [ -f /etc/phpmyadmin/config.inc.php.dpkg-new ]; then CFG=/etc/phpmyadmin/config.inc.php.dpkg-new; \ |
| 72 | else CFG=/etc/phpmyadmin/config.inc.php; fi |
| 73 | sed -i "s/\['auth_type'\] = 'cookie'/\['auth_type'\] = 'http'/" $CFG |
| 74 | sed -i "s#//\$cfg\['Servers'\]\[\$i\]\['auth_type'\] = 'http';#\$cfg['Servers'][\$i]['auth_type'] = 'http';#" $CFG |
| 75 | |
| 76 | # remove anonymous mysql access |
| 77 | mysql -u root -p -e "DELETE FROM mysql.user WHERE User=''; DELETE FROM mysql.db WHERE Db='test' AND Host='%' OR Db='test\\_%' AND Host='%'; FLUSH PRIVILEGES;" |
| 78 | |
| 79 | if [ -f /etc/default/xendomains.dpkg-new ]; then CFG=/etc/default/xendomains.dpkg-new; \ |
| 80 | else CFG=/etc/default/xendomains; fi |
| 81 | sed -i s/XENDOMAINS_RESTORE=true/XENDOMAINS_RESTORE=false/ $CFG |
| 82 | sed -i s#XENDOMAINS_SAVE=/var/lib/xen/save#XENDOMAINS_SAVE=\"\"# $CFG |
| 83 | |
| 84 | # dont use iptables when creating xen vifs |
| 85 | if [ -f /etc/xen/xend-config.sxp.dpkg-new ]; then CFG=/etc/xen/xend-config.sxp.dpkg-new; \ |
| 86 | else CFG=/etc/xen/xend-config.sxp; fi |
| 87 | sed -i "s/^(vif-script vif-bridge)/(vif-script vif-bridge-local)/" $CFG |
| 88 | /bin/sed -i -e 's/^[# ]*\((dom0-min-mem\).*\().*\)$/\1 512\2/' $CFG |
| 89 | |
| 90 | cp /etc/xen/scripts/vif-bridge /etc/xen/scripts/vif-bridge-local |
| 91 | sed -i "s/^ handle_iptable/ true/g" /etc/xen/scripts/vif-bridge-local |
| 92 | |
| 93 | # chrony update |
| 94 | if [ -f /etc/chrony/chrony.conf.new ]; then CFG=/etc/chrony/chrony.conf.new; else CFG=/etc/chrony/chrony.conf; fi |
| 95 | sed -i s/debian.pool/de.pool/g $CFG |
| 96 | |
| 97 | rm -rf /etc/grub.d/09_linux_xen |
| 98 | dpkg-divert --divert /etc/grub.d/09_linux_xen --rename /etc/grub.d/20_linux_xen |
| 99 | #mv /etc/grub.d/20_linux_xen /etc/grub.d/09_linux_xen |
| 100 | echo 'GRUB_CMDLINE_XEN="dom0_mem=512M"' >> /etc/default/grub |
| 101 | |
| 102 | # maybe we want to change some shorewall config stuff again |
| 103 | if [ -f /etc/default/shorewall.dpkg-new ]; then CFG=/etc/default/shorewall.dpkg-new; \ |
| 104 | else CFG=/etc/default/shorewall; fi |
| 105 | sed -i s/^startup=0/startup=1/ $CFG |
| 106 | |
| 107 | # dist-upgrade |
| 108 | aptitude dist-upgrade |
| 109 | |
| 110 | # migrate expose.ini |
| 111 | [ -f /etc/php5/conf.d/expose.ini ] && mv /etc/php5/conf.d/expose.ini \ |
| 112 | /etc/php5/mods-available/local-expose.ini && php5enmod local-expose/90 |
| 113 | # migrate local suhosin config |
| 114 | find /etc/php5/conf.d/ -type f -name "*suhosin.ini" -exec mv '{}' \ |
| 115 | /etc/php5/mods-available/local-suhosin.ini \; && php5enmod local-suhosin/90 |
| 116 | |
| 117 | # mysql |
| 118 | |
| 119 | # vsftpd and chroot_local_user? |
| 120 | if [ "$(grep -i ^chroot_local_user=yes /etc/vsftpd.conf | wc -l)" -ge "1" ]; then \ |
| 121 | aptitude update; aptitude install -t wheezy-updates vsftpd && \ |
| 122 | echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf && /etc/init.d/vsftpd restart; \ |
| 123 | fi |
| 124 | |
| 125 | # install fixed quotatool |
| 126 | dpkg -l | grep quotatool && aptitude update; aptitude safe-upgrade -t wheezy-updates quotatool |
| 127 | |
| 128 | # remove old squeeze packages left around (keep eyes open!) |
| 129 | apt-get autoremove |
| 130 | aptitude search ?obsolete |
| 131 | dpkg -l | grep etch | grep -v xen | grep -v unbound | grep -v finch | grep -v fetch | awk '{print $2}' | xargs aptitude -y purge |
| 132 | dpkg -l | grep lenny | grep -v xen | awk '{print $2}' | xargs aptitude -y purge |
| 133 | dpkg -l | grep -E 'deb6|squeeze' | grep -v xen | grep -v -E 'linux-image|smarty' | awk '{print $2}' | xargs aptitude -y purge |
| 134 | aptitude -y install deborphan && deborphan | grep -v xen | grep -v -E 'libpam-cracklib' | xargs aptitude -y purge |
| 135 | dpkg -l | grep ^r | awk '{print $2}' | xargs aptitude -y purge |
| 136 | |
| 137 | # for the brave YoloOps crowd |
| 138 | reboot && sleep 180; echo u > /proc/sysrq-trigger ; sleep 2 ; echo s > /proc/sysrq-trigger ; sleep 2 ; echo b > /proc/sysrq-trigger |
| 139 |