gist:9e8d82d3639b4d1b942593b70b37b328

Revisión 30cd042643826744fbdd8a6c331dae32be6cbf0a

wheezy2jessie.sh · 5.7 KiB · Bash Sin formato

Please also refer to http://www.debian.org/releases/jessie/releasenotes and use your brain! # upgrade to UTF-8 locales (http://www.debian.org/releases/jessie/amd64/release-notes/ap-old-stuff.en.html#switch-utf8) dpkg-reconfigure locales # remove unused config file rm -rf /etc/network/options /etc/environment # Transition and remove entries from older releases sed -i s#/backports.org/debian#/ftp.de.debian.org/debian#g /etc/apt/sources.list* sed -i s/debian-backports/debian/g /etc/apt/sources.list* sed -i /etch/d /etc/apt/sources.list* sed -i /lenny/d /etc/apt/sources.list* sed -i /sarge/d /etc/apt/sources.list* sed -i /squeeze/d /etc/apt/sources.list* sed -i /volatile/d /etc/apt/sources.list* sed -i /proposed-updates/d /etc/apt/sources.list* # change distro (please move 3rd party sources to /etc/apt/sources.list.d/), maybe look into http://ftp.cyconet.org/debian/sources.list.d/ sed -i s/wheezy/jessie/g /etc/apt/sources.list* sed -i "s/ stable/ jessie/g" /etc/apt/sources.list* sed -i s/wheezy/jessie/g /etc/apt/preferences* sed -i s/wheezy/jessie/g /etc/apt/sources.list.d/*wheezy* rename s/wheezy/jessie/g /etc/apt/sources.list.d/*wheezy* aptitude update # check package status dpkg --audit aptitude search "~ahold" | grep "^.h" dpkg --get-selections | grep hold # unmark packages auto aptitude unmarkauto vim aptitude unmarkauto $(dpkg-query -W 'linux-image-3.2.*' | cut -f1) # have a look into required and free disk space apt-get -o APT::Get::Trivial-Only=true dist-upgrade || df -h # check if we have PAE available (http://www.debian.org/releases/testing/i386/release-notes/ch-upgrading.en.html#idp573136) #grep -q '^flags.*\bpae\b' /proc/cpuinfo && echo "We support PAE: yes" \ #|| echo "We support PAE: no (please install linux-image-486 and remove linux-image-.*-686)" # record session script -t 2>~/upgrade-jessie.time -a ~/upgrade-jessie.script # install our preseed so libc doesn't whine cat > /tmp/jessie.preseed <<EOF libc6 glibc/upgrade boolean true libc6 glibc/restart-services string libc6 libraries/restart-without-asking boolean true EOF /usr/bin/debconf-set-selections /tmp/jessie.preseed # update aptitude first [ "$(which aptitude)" = "/usr/bin/aptitude" ] && aptitude install aptitude # minimal system upgrade (keep sysvinit / see http://noone.org/talks/debian-ohne-systemd/debian-ohne-systemd-clt.html#%2811%29) aptitude upgrade '~U' 'sysvinit-core+' # (re)enable wheel sed -i "s/# auth required pam_wheel.so/auth required pam_wheel.so/" /etc/pam.d/su # (re)configure snmpd sed -i "s^#rocommunity secret 10.0.0.0/16^rocommunity mycommunity^g" /etc/snmp/snmpd.conf sed -i s/#agentAddress/agentAddress/ /etc/snmp/snmpd.conf sed -i "s/^ rocommunity public/# rocommunity public/" /etc/snmp/snmpd.conf sed -i "s/^ rocommunity6 public/# rocommunity6 public/" /etc/snmp/snmpd.conf sed -i "s/agentAddress udp:127/#agentAddress udp:127/" /etc/snmp/snmpd.conf # randomize crontab sed -i 's#root cd#root perl -e "sleep int(rand(300))" \&\& cd#' /etc/crontab sed -i 's#root\ttest#root\tperl -e "sleep int(rand(3600))" \&\& test#' /etc/crontab # phpmyadmin sed -i "s/\['auth_type'\] = 'cookie'/\['auth_type'\] = 'http'/" /etc/phpmyadmin/config.inc.php sed -i "s#//\$cfg\['Servers'\]\[\$i\]\['auth_type'\] = 'http';#\$cfg['Servers'][\$i]['auth_type'] = 'http';#" /etc/phpmyadmin/config.inc.php # remove anonymous mysql access #mysql -u root -p -e "DELETE FROM mysql.user WHERE User=''; DELETE FROM mysql.db WHERE Db='test' AND Host='%' OR Db='test\\_%' AND Host='%'; FLUSH PRIVILEGES;" # dont use iptables when creating xen vifs #cp /etc/xen/scripts/vif-bridge /etc/xen/scripts/vif-bridge-local #sed -i "s/^ handle_iptable/ true/g" /etc/xen/scripts/vif-bridge-local #sed -i "s/^(vif-script vif-bridge)/(vif-script vif-bridge-local)/" /etc/xen/xend-config.sxp # xen #/bin/sed -i -e 's/^[# ]*$(dom0-min-mem$.*$).*$$/\1 512\2/' /etc/xen/xend-config.sxp #sed -i s/XENDOMAINS_RESTORE=true/XENDOMAINS_RESTORE=false/ /etc/default/xendomains #sed -i s#XENDOMAINS_SAVE=/var/lib/xen/save#XENDOMAINS_SAVE=\"\"# /etc/default/xendomains #dpkg-divert --divert /etc/grub.d/09_linux_xen --rename /etc/grub.d/20_linux_xen #echo 'GRUB_CMDLINE_XEN="dom0_mem=512M"' >> /etc/default/grub # maybe we want to change some shorewall config stuff again sed -i s/^startup=0/startup=1/ /etc/default/shorewall # full-upgrade aptitude full-upgrade # migrate expose.ini #[ -f /etc/php5/conf.d/expose.ini ] && mv /etc/php5/conf.d/expose.ini \ # /etc/php5/mods-available/local-expose.ini && php5enmod local-expose/90 # migrate local suhosin config #find /etc/php5/conf.d/ -type f -name "*suhosin.ini" -exec mv '{}' \ # /etc/php5/mods-available/local-suhosin.ini \; && php5enmod local-suhosin/90 # mysql # vsftpd and chroot_local_user? #if [ "$(grep -i ^chroot_local_user=yes /etc/vsftpd.conf | wc -l)" -ge "1" ]; then \ # echo "deb http://ftp.cyconet.org/debian wheezy-updates main non-free contrib" >> \ # /etc/apt/sources.list.d/wheezy-updates-cyconet.list; \ # aptitude update; aptitude install -t wheezy-updates vsftpd && \ # echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf && /etc/init.d/vsftpd restart; \ #fi # remove old squeeze packages left around (keep eyes open!) apt-get autoremove aptitude search ?obsolete dpkg -l | grep etch | grep -v xen | grep -v unbound | grep -v finch | awk '{print $2}' | xargs aptitude -y purge dpkg -l | grep lenny | grep -v xen | awk '{print $2}' | xargs aptitude -y purge dpkg -l | grep squeeze | grep -v xen | awk '{print $2}' | xargs aptitude -y purge dpkg -l | grep wheezy | grep -v xen | grep -v linux-image | awk '{print $2}' | xargs aptitude -y purge aptitude -y install deborphan && deborphan | grep -v xen | grep -v libpam-cracklib | xargs aptitude -y purge dpkg -l | grep ^r | awk '{print $2}' | xargs aptitude -y purge

1	Please also refer to http://www.debian.org/releases/jessie/releasenotes and use your brain!
2
3
4	# upgrade to UTF-8 locales (http://www.debian.org/releases/jessie/amd64/release-notes/ap-old-stuff.en.html#switch-utf8)
5	dpkg-reconfigure locales
6
7	# remove unused config file
8	rm -rf /etc/network/options /etc/environment
9
10	# Transition and remove entries from older releases
11	sed -i s#/backports.org/debian#/ftp.de.debian.org/debian#g /etc/apt/sources.list*
12	sed -i s/debian-backports/debian/g /etc/apt/sources.list*
13	sed -i /etch/d /etc/apt/sources.list*
14	sed -i /lenny/d /etc/apt/sources.list*
15	sed -i /sarge/d /etc/apt/sources.list*
16	sed -i /squeeze/d /etc/apt/sources.list*
17	sed -i /volatile/d /etc/apt/sources.list*
18	sed -i /proposed-updates/d /etc/apt/sources.list*
19	# change distro (please move 3rd party sources to /etc/apt/sources.list.d/), maybe look into http://ftp.cyconet.org/debian/sources.list.d/
20	sed -i s/wheezy/jessie/g /etc/apt/sources.list*
21	sed -i "s/ stable/ jessie/g" /etc/apt/sources.list*
22	sed -i s/wheezy/jessie/g /etc/apt/preferences*
23	sed -i s/wheezy/jessie/g /etc/apt/sources.list.d/wheezy
24	rename s/wheezy/jessie/g /etc/apt/sources.list.d/wheezy
25	aptitude update
26
27	# check package status
28	dpkg --audit
29	aptitude search "~ahold" \| grep "^.h"
30	dpkg --get-selections \| grep hold
31
32	# unmark packages auto
33	aptitude unmarkauto vim
34	aptitude unmarkauto $(dpkg-query -W 'linux-image-3.2.*' \| cut -f1)
35
36	# have a look into required and free disk space
37	apt-get -o APT::Get::Trivial-Only=true dist-upgrade \|\| df -h
38
39	# check if we have PAE available (http://www.debian.org/releases/testing/i386/release-notes/ch-upgrading.en.html#idp573136)
40	#grep -q '^flags.*\bpae\b' /proc/cpuinfo && echo "We support PAE: yes" \
41	#\|\| echo "We support PAE: no (please install linux-image-486 and remove linux-image-.*-686)"
42
43	# record session
44	script -t 2>~/upgrade-jessie.time -a ~/upgrade-jessie.script
45
46	# install our preseed so libc doesn't whine
47	cat > /tmp/jessie.preseed <<EOF
48	libc6 glibc/upgrade boolean true
49	libc6 glibc/restart-services string
50	libc6 libraries/restart-without-asking boolean true
51	EOF
52	/usr/bin/debconf-set-selections /tmp/jessie.preseed
53
54	# update aptitude first
55	[ "$(which aptitude)" = "/usr/bin/aptitude" ] && aptitude install aptitude
56
57	# minimal system upgrade (keep sysvinit / see http://noone.org/talks/debian-ohne-systemd/debian-ohne-systemd-clt.html#%2811%29)
58	aptitude upgrade '~U' 'sysvinit-core+'
59
60	# (re)enable wheel
61	sed -i "s/# auth required pam_wheel.so/auth required pam_wheel.so/" /etc/pam.d/su
62
63	# (re)configure snmpd
64	sed -i "s^#rocommunity secret 10.0.0.0/16^rocommunity mycommunity^g" /etc/snmp/snmpd.conf
65	sed -i s/#agentAddress/agentAddress/ /etc/snmp/snmpd.conf
66	sed -i "s/^ rocommunity public/# rocommunity public/" /etc/snmp/snmpd.conf
67	sed -i "s/^ rocommunity6 public/# rocommunity6 public/" /etc/snmp/snmpd.conf
68	sed -i "s/agentAddress udp:127/#agentAddress udp:127/" /etc/snmp/snmpd.conf
69
70	# randomize crontab
71	sed -i 's#root cd#root perl -e "sleep int(rand(300))" \&\& cd#' /etc/crontab
72	sed -i 's#root\ttest#root\tperl -e "sleep int(rand(3600))" \&\& test#' /etc/crontab
73
74	# phpmyadmin
75	sed -i "s/\['auth_type'\] = 'cookie'/\['auth_type'\] = 'http'/" /etc/phpmyadmin/config.inc.php
76	sed -i "s#//\$cfg\['Servers'\]\[\$i\]\['auth_type'\] = 'http';#\$cfg['Servers'][\$i]['auth_type'] = 'http';#" /etc/phpmyadmin/config.inc.php
77
78	# remove anonymous mysql access
79	#mysql -u root -p -e "DELETE FROM mysql.user WHERE User=''; DELETE FROM mysql.db WHERE Db='test' AND Host='%' OR Db='test\\_%' AND Host='%'; FLUSH PRIVILEGES;"
80
81	# dont use iptables when creating xen vifs
82	#cp /etc/xen/scripts/vif-bridge /etc/xen/scripts/vif-bridge-local
83	#sed -i "s/^ handle_iptable/ true/g" /etc/xen/scripts/vif-bridge-local
84	#sed -i "s/^(vif-script vif-bridge)/(vif-script vif-bridge-local)/" /etc/xen/xend-config.sxp
85
86	# xen
87	#/bin/sed -i -e 's/^[# ]$(dom0-min-mem$.$).*$$/\1 512\2/' /etc/xen/xend-config.sxp
88	#sed -i s/XENDOMAINS_RESTORE=true/XENDOMAINS_RESTORE=false/ /etc/default/xendomains
89	#sed -i s#XENDOMAINS_SAVE=/var/lib/xen/save#XENDOMAINS_SAVE=\"\"# /etc/default/xendomains
90	#dpkg-divert --divert /etc/grub.d/09_linux_xen --rename /etc/grub.d/20_linux_xen
91	#echo 'GRUB_CMDLINE_XEN="dom0_mem=512M"' >> /etc/default/grub
92
93	# maybe we want to change some shorewall config stuff again
94	sed -i s/^startup=0/startup=1/ /etc/default/shorewall
95
96	# full-upgrade
97	aptitude full-upgrade
98
99	# migrate expose.ini
100	#[ -f /etc/php5/conf.d/expose.ini ] && mv /etc/php5/conf.d/expose.ini \
101	# /etc/php5/mods-available/local-expose.ini && php5enmod local-expose/90
102	# migrate local suhosin config
103	#find /etc/php5/conf.d/ -type f -name "*suhosin.ini" -exec mv '{}' \
104	# /etc/php5/mods-available/local-suhosin.ini \; && php5enmod local-suhosin/90
105
106	# mysql
107
108	# vsftpd and chroot_local_user?
109	#if [ "$(grep -i ^chroot_local_user=yes /etc/vsftpd.conf \| wc -l)" -ge "1" ]; then \
110	# echo "deb http://ftp.cyconet.org/debian wheezy-updates main non-free contrib" >> \
111	# /etc/apt/sources.list.d/wheezy-updates-cyconet.list; \
112	# aptitude update; aptitude install -t wheezy-updates vsftpd && \
113	# echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf && /etc/init.d/vsftpd restart; \
114	#fi
115
116	# remove old squeeze packages left around (keep eyes open!)
117	apt-get autoremove
118	aptitude search ?obsolete
119	dpkg -l \| grep etch \| grep -v xen \| grep -v unbound \| grep -v finch \| awk '{print $2}' \| xargs aptitude -y purge
120	dpkg -l \| grep lenny \| grep -v xen \| awk '{print $2}' \| xargs aptitude -y purge
121	dpkg -l \| grep squeeze \| grep -v xen \| awk '{print $2}' \| xargs aptitude -y purge
122	dpkg -l \| grep wheezy \| grep -v xen \| grep -v linux-image \| awk '{print $2}' \| xargs aptitude -y purge
123	aptitude -y install deborphan && deborphan \| grep -v xen \| grep -v libpam-cracklib \| xargs aptitude -y purge
124	dpkg -l \| grep ^r \| awk '{print $2}' \| xargs aptitude -y purge
125