Jan Wagner ревизий этого фрагмента 10 years ago. К ревизии
1 file changed, 24 insertions, 24 deletions
wheezy2jessie.sh
| @@ -77,41 +77,17 @@ if [ -f /etc/phpmyadmin/config.inc.php.dpkg-new ]; then CFG=/etc/phpmyadmin/conf | |||
| 77 | 77 | sed -i "s/\['auth_type'\] = 'cookie'/\['auth_type'\] = 'http'/" $CFG | |
| 78 | 78 | sed -i "s#//\$cfg\['Servers'\]\[\$i\]\['auth_type'\] = 'http';#\$cfg['Servers'][\$i]['auth_type'] = 'http';#" $CFG | |
| 79 | 79 | ||
| 80 | - | # remove anonymous mysql access | |
| 81 | - | #mysql -u root -p -e "DELETE FROM mysql.user WHERE User=''; DELETE FROM mysql.db WHERE Db='test' AND Host='%' OR Db='test\\_%' AND Host='%'; FLUSH PRIVILEGES;" | |
| 82 | - | ||
| 83 | - | # dont use iptables when creating xen vifs | |
| 84 | - | #cp /etc/xen/scripts/vif-bridge /etc/xen/scripts/vif-bridge-local | |
| 85 | - | #sed -i "s/^ handle_iptable/ true/g" /etc/xen/scripts/vif-bridge-local | |
| 86 | - | #sed -i "s/^(vif-script vif-bridge)/(vif-script vif-bridge-local)/" /etc/xen/xend-config.sxp | |
| 87 | - | ||
| 88 | - | # xen | |
| 89 | - | #/bin/sed -i -e 's/^[# ]*\((dom0-min-mem\).*\().*\)$/\1 512\2/' /etc/xen/xend-config.sxp | |
| 90 | - | #sed -i s/XENDOMAINS_RESTORE=true/XENDOMAINS_RESTORE=false/ /etc/default/xendomains | |
| 91 | - | #sed -i s#XENDOMAINS_SAVE=/var/lib/xen/save#XENDOMAINS_SAVE=\"\"# /etc/default/xendomains | |
| 92 | - | #dpkg-divert --divert /etc/grub.d/09_linux_xen --rename /etc/grub.d/20_linux_xen | |
| 93 | - | #echo 'GRUB_CMDLINE_XEN="dom0_mem=512M"' >> /etc/default/grub | |
| 94 | - | ||
| 95 | 80 | # maybe we want to change some shorewall config stuff again | |
| 96 | 81 | sed -i s/^startup=0/startup=1/ /etc/default/shorewall | |
| 97 | 82 | ||
| 98 | 83 | # full-upgrade | |
| 99 | 84 | aptitude full-upgrade | |
| 100 | 85 | ||
| 101 | - | # migrate expose.ini | |
| 102 | - | #[ -f /etc/php5/conf.d/expose.ini ] && mv /etc/php5/conf.d/expose.ini \ | |
| 103 | - | # /etc/php5/mods-available/local-expose.ini && php5enmod local-expose/90 | |
| 104 | - | # migrate local suhosin config | |
| 105 | - | #find /etc/php5/conf.d/ -type f -name "*suhosin.ini" -exec mv '{}' \ | |
| 106 | - | # /etc/php5/mods-available/local-suhosin.ini \; && php5enmod local-suhosin/90 | |
| 107 | - | ||
| 108 | 86 | # Apache2 config migration | |
| 109 | 87 | # can be done via https://gist.github.com/waja/9c6ca010bf44b7a6f99c/raw/migrate_apache22to24.sh | |
| 110 | 88 | # or sites transition with /usr/share/doc/apache2/migrate-sites.pl | |
| 111 | 89 | # More info in /usr/share/doc/apache2/NEWS.Debian.gz | |
| 112 | 90 | ||
| 113 | - | # mysql | |
| 114 | - | ||
| 115 | 91 | # remove old squeeze packages left around (keep eyes open!) | |
| 116 | 92 | apt-get autoremove | |
| 117 | 93 | aptitude search ?obsolete | |
| @@ -121,3 +97,27 @@ dpkg -l | grep squeeze | grep -v xen | awk '{print $2}' | xargs aptitude -y purg | |||
| 121 | 97 | dpkg -l | grep wheezy | grep -v xen | grep -v linux-image | awk '{print $2}' | xargs aptitude -y purge | |
| 122 | 98 | aptitude -y install deborphan && deborphan | grep -v xen | grep -v libpam-cracklib | xargs aptitude -y purge | |
| 123 | 99 | dpkg -l | grep ^r | awk '{print $2}' | xargs aptitude -y purge | |
| 100 | + | ||
| 101 | + | ### not needed until now | |
| 102 | + | # mysql | |
| 103 | + | # remove anonymous mysql access | |
| 104 | + | #mysql -u root -p -e "DELETE FROM mysql.user WHERE User=''; DELETE FROM mysql.db WHERE Db='test' AND Host='%' OR Db='test\\_%' AND Host='%'; FLUSH PRIVILEGES;" | |
| 105 | + | ||
| 106 | + | # dont use iptables when creating xen vifs | |
| 107 | + | #cp /etc/xen/scripts/vif-bridge /etc/xen/scripts/vif-bridge-local | |
| 108 | + | #sed -i "s/^ handle_iptable/ true/g" /etc/xen/scripts/vif-bridge-local | |
| 109 | + | #sed -i "s/^(vif-script vif-bridge)/(vif-script vif-bridge-local)/" /etc/xen/xend-config.sxp | |
| 110 | + | ||
| 111 | + | # xen | |
| 112 | + | #/bin/sed -i -e 's/^[# ]*\((dom0-min-mem\).*\().*\)$/\1 512\2/' /etc/xen/xend-config.sxp | |
| 113 | + | #sed -i s/XENDOMAINS_RESTORE=true/XENDOMAINS_RESTORE=false/ /etc/default/xendomains | |
| 114 | + | #sed -i s#XENDOMAINS_SAVE=/var/lib/xen/save#XENDOMAINS_SAVE=\"\"# /etc/default/xendomains | |
| 115 | + | #dpkg-divert --divert /etc/grub.d/09_linux_xen --rename /etc/grub.d/20_linux_xen | |
| 116 | + | #echo 'GRUB_CMDLINE_XEN="dom0_mem=512M"' >> /etc/default/grub | |
| 117 | + | ||
| 118 | + | # migrate expose.ini | |
| 119 | + | #[ -f /etc/php5/conf.d/expose.ini ] && mv /etc/php5/conf.d/expose.ini \ | |
| 120 | + | # /etc/php5/mods-available/local-expose.ini && php5enmod local-expose/90 | |
| 121 | + | # migrate local suhosin config | |
| 122 | + | #find /etc/php5/conf.d/ -type f -name "*suhosin.ini" -exec mv '{}' \ | |
| 123 | + | # /etc/php5/mods-available/local-suhosin.ini \; && php5enmod local-suhosin/90 | |
Jan Wagner ревизий этого фрагмента 10 years ago. К ревизии
1 file changed, 12 deletions
wheezy2jessie.sh
| @@ -36,10 +36,6 @@ aptitude unmarkauto $(dpkg-query -W 'linux-image-3.2.*' | cut -f1) | |||
| 36 | 36 | # have a look into required and free disk space | |
| 37 | 37 | apt-get -o APT::Get::Trivial-Only=true dist-upgrade || df -h | |
| 38 | 38 | ||
| 39 | - | # check if we have PAE available (http://www.debian.org/releases/testing/i386/release-notes/ch-upgrading.en.html#idp573136) | |
| 40 | - | #grep -q '^flags.*\bpae\b' /proc/cpuinfo && echo "We support PAE: yes" \ | |
| 41 | - | #|| echo "We support PAE: no (please install linux-image-486 and remove linux-image-.*-686)" | |
| 42 | - | ||
| 43 | 39 | # record session | |
| 44 | 40 | script -t 2>~/upgrade-jessie.time -a ~/upgrade-jessie.script | |
| 45 | 41 | ||
| @@ -116,14 +112,6 @@ aptitude full-upgrade | |||
| 116 | 112 | ||
| 117 | 113 | # mysql | |
| 118 | 114 | ||
| 119 | - | # vsftpd and chroot_local_user? | |
| 120 | - | #if [ "$(grep -i ^chroot_local_user=yes /etc/vsftpd.conf | wc -l)" -ge "1" ]; then \ | |
| 121 | - | # echo "deb http://ftp.cyconet.org/debian wheezy-updates main non-free contrib" >> \ | |
| 122 | - | # /etc/apt/sources.list.d/wheezy-updates-cyconet.list; \ | |
| 123 | - | # aptitude update; aptitude install -t wheezy-updates vsftpd && \ | |
| 124 | - | # echo "allow_writeable_chroot=YES" >> /etc/vsftpd.conf && /etc/init.d/vsftpd restart; \ | |
| 125 | - | #fi | |
| 126 | - | ||
| 127 | 115 | # remove old squeeze packages left around (keep eyes open!) | |
| 128 | 116 | apt-get autoremove | |
| 129 | 117 | aptitude search ?obsolete | |
Jan Wagner ревизий этого фрагмента 10 years ago. К ревизии
1 file changed, 5 insertions
wheezy2jessie.sh
| @@ -109,6 +109,11 @@ aptitude full-upgrade | |||
| 109 | 109 | #find /etc/php5/conf.d/ -type f -name "*suhosin.ini" -exec mv '{}' \ | |
| 110 | 110 | # /etc/php5/mods-available/local-suhosin.ini \; && php5enmod local-suhosin/90 | |
| 111 | 111 | ||
| 112 | + | # Apache2 config migration | |
| 113 | + | # can be done via https://gist.github.com/waja/9c6ca010bf44b7a6f99c/raw/migrate_apache22to24.sh | |
| 114 | + | # or sites transition with /usr/share/doc/apache2/migrate-sites.pl | |
| 115 | + | # More info in /usr/share/doc/apache2/NEWS.Debian.gz | |
| 116 | + | ||
| 112 | 117 | # mysql | |
| 113 | 118 | ||
| 114 | 119 | # vsftpd and chroot_local_user? | |
Jan Wagner ревизий этого фрагмента 10 years ago. К ревизии
1 file changed, 16 insertions, 10 deletions
wheezy2jessie.sh
| @@ -58,22 +58,28 @@ EOF | |||
| 58 | 58 | aptitude upgrade '~U' 'sysvinit-core+' | |
| 59 | 59 | ||
| 60 | 60 | # (re)enable wheel | |
| 61 | - | sed -i "s/# auth required pam_wheel.so/auth required pam_wheel.so/" /etc/pam.d/su | |
| 61 | + | if [ -f /etc/pam.d/su.dpkg-new ]; then CFG=/etc/pam.d/su.dpkg-new; else CFG=/etc/pam.d/su; fi | |
| 62 | + | sed -i "s/# auth required pam_wheel.so/auth required pam_wheel.so/" $CFG | |
| 62 | 63 | ||
| 63 | 64 | # (re)configure snmpd | |
| 64 | - | sed -i "s^#rocommunity secret 10.0.0.0/16^rocommunity mycommunity^g" /etc/snmp/snmpd.conf | |
| 65 | - | sed -i s/#agentAddress/agentAddress/ /etc/snmp/snmpd.conf | |
| 66 | - | sed -i "s/^ rocommunity public/# rocommunity public/" /etc/snmp/snmpd.conf | |
| 67 | - | sed -i "s/^ rocommunity6 public/# rocommunity6 public/" /etc/snmp/snmpd.conf | |
| 68 | - | sed -i "s/agentAddress udp:127/#agentAddress udp:127/" /etc/snmp/snmpd.conf | |
| 65 | + | if [ -f /etc/snmp/snmpd.conf.dpkg-new ]; then CFG=/etc/snmp/snmpd.conf.dpkg-new; \ | |
| 66 | + | else CFG=/etc/snmp/snmpd.conf; fi | |
| 67 | + | sed -i "s^#rocommunity secret 10.0.0.0/16^rocommunity mycommunity^g" $CFG | |
| 68 | + | sed -i s/#agentAddress/agentAddress/ $CFG | |
| 69 | + | sed -i "s/^ rocommunity public/# rocommunity public/" $CFG | |
| 70 | + | sed -i "s/^ rocommunity6 public/# rocommunity6 public/" $CFG | |
| 71 | + | sed -i "s/agentAddress udp:127/#agentAddress udp:127/" $CFG | |
| 69 | 72 | ||
| 70 | 73 | # randomize crontab | |
| 71 | - | sed -i 's#root cd#root perl -e "sleep int(rand(300))" \&\& cd#' /etc/crontab | |
| 72 | - | sed -i 's#root\ttest#root\tperl -e "sleep int(rand(3600))" \&\& test#' /etc/crontab | |
| 74 | + | if [ -f /etc/crontab.dpkg-new ]; then CFG=/etc/crontab.dpkg-new; else CFG=/etc/crontab; fi | |
| 75 | + | sed -i 's#root cd#root perl -e "sleep int(rand(300))" \&\& cd#' $CFG | |
| 76 | + | sed -i 's#root\ttest#root\tperl -e "sleep int(rand(3600))" \&\& test#' $CFG | |
| 73 | 77 | ||
| 74 | 78 | # phpmyadmin | |
| 75 | - | sed -i "s/\['auth_type'\] = 'cookie'/\['auth_type'\] = 'http'/" /etc/phpmyadmin/config.inc.php | |
| 76 | - | sed -i "s#//\$cfg\['Servers'\]\[\$i\]\['auth_type'\] = 'http';#\$cfg['Servers'][\$i]['auth_type'] = 'http';#" /etc/phpmyadmin/config.inc.php | |
| 79 | + | if [ -f /etc/phpmyadmin/config.inc.php.dpkg-new ]; then CFG=/etc/phpmyadmin/config.inc.php.dpkg-new; \ | |
| 80 | + | else CFG=/etc/phpmyadmin/config.inc.php; fi | |
| 81 | + | sed -i "s/\['auth_type'\] = 'cookie'/\['auth_type'\] = 'http'/" $CFG | |
| 82 | + | sed -i "s#//\$cfg\['Servers'\]\[\$i\]\['auth_type'\] = 'http';#\$cfg['Servers'][\$i]['auth_type'] = 'http';#" $CFG | |
| 77 | 83 | ||
| 78 | 84 | # remove anonymous mysql access | |
| 79 | 85 | #mysql -u root -p -e "DELETE FROM mysql.user WHERE User=''; DELETE FROM mysql.db WHERE Db='test' AND Host='%' OR Db='test\\_%' AND Host='%'; FLUSH PRIVILEGES;" | |
Jan Wagner ревизий этого фрагмента 10 years ago. К ревизии
1 file changed, 3 insertions
wheezy2jessie.sh
| @@ -51,6 +51,9 @@ libc6 libraries/restart-without-asking boolean true | |||
| 51 | 51 | EOF | |
| 52 | 52 | /usr/bin/debconf-set-selections /tmp/jessie.preseed | |
| 53 | 53 | ||
| 54 | + | # update aptitude first | |
| 55 | + | [ "$(which aptitude)" = "/usr/bin/aptitude" ] && aptitude install aptitude | |
| 56 | + | ||
| 54 | 57 | # minimal system upgrade (keep sysvinit / see http://noone.org/talks/debian-ohne-systemd/debian-ohne-systemd-clt.html#%2811%29) | |
| 55 | 58 | aptitude upgrade '~U' 'sysvinit-core+' | |
| 56 | 59 | ||
Jan Wagner ревизий этого фрагмента 10 years ago. К ревизии
1 file changed, 7 insertions
wheezy2jessie.sh
| @@ -57,6 +57,13 @@ aptitude upgrade '~U' 'sysvinit-core+' | |||
| 57 | 57 | # (re)enable wheel | |
| 58 | 58 | sed -i "s/# auth required pam_wheel.so/auth required pam_wheel.so/" /etc/pam.d/su | |
| 59 | 59 | ||
| 60 | + | # (re)configure snmpd | |
| 61 | + | sed -i "s^#rocommunity secret 10.0.0.0/16^rocommunity mycommunity^g" /etc/snmp/snmpd.conf | |
| 62 | + | sed -i s/#agentAddress/agentAddress/ /etc/snmp/snmpd.conf | |
| 63 | + | sed -i "s/^ rocommunity public/# rocommunity public/" /etc/snmp/snmpd.conf | |
| 64 | + | sed -i "s/^ rocommunity6 public/# rocommunity6 public/" /etc/snmp/snmpd.conf | |
| 65 | + | sed -i "s/agentAddress udp:127/#agentAddress udp:127/" /etc/snmp/snmpd.conf | |
| 66 | + | ||
| 60 | 67 | # randomize crontab | |
| 61 | 68 | sed -i 's#root cd#root perl -e "sleep int(rand(300))" \&\& cd#' /etc/crontab | |
| 62 | 69 | sed -i 's#root\ttest#root\tperl -e "sleep int(rand(3600))" \&\& test#' /etc/crontab | |
Jan Wagner ревизий этого фрагмента 10 years ago. К ревизии
1 file changed, 3 insertions
wheezy2jessie.sh
| @@ -54,6 +54,9 @@ EOF | |||
| 54 | 54 | # minimal system upgrade (keep sysvinit / see http://noone.org/talks/debian-ohne-systemd/debian-ohne-systemd-clt.html#%2811%29) | |
| 55 | 55 | aptitude upgrade '~U' 'sysvinit-core+' | |
| 56 | 56 | ||
| 57 | + | # (re)enable wheel | |
| 58 | + | sed -i "s/# auth required pam_wheel.so/auth required pam_wheel.so/" /etc/pam.d/su | |
| 59 | + | ||
| 57 | 60 | # randomize crontab | |
| 58 | 61 | sed -i 's#root cd#root perl -e "sleep int(rand(300))" \&\& cd#' /etc/crontab | |
| 59 | 62 | sed -i 's#root\ttest#root\tperl -e "sleep int(rand(3600))" \&\& test#' /etc/crontab | |
Jan Wagner ревизий этого фрагмента 10 years ago. К ревизии
1 file changed, 1 insertion, 1 deletion
wheezy2jessie.sh
| @@ -52,7 +52,7 @@ EOF | |||
| 52 | 52 | /usr/bin/debconf-set-selections /tmp/jessie.preseed | |
| 53 | 53 | ||
| 54 | 54 | # minimal system upgrade (keep sysvinit / see http://noone.org/talks/debian-ohne-systemd/debian-ohne-systemd-clt.html#%2811%29) | |
| 55 | - | aptitude upgrade '~U sysvinit-core+' | |
| 55 | + | aptitude upgrade '~U' 'sysvinit-core+' | |
| 56 | 56 | ||
| 57 | 57 | # randomize crontab | |
| 58 | 58 | sed -i 's#root cd#root perl -e "sleep int(rand(300))" \&\& cd#' /etc/crontab | |
Jan Wagner ревизий этого фрагмента 10 years ago. К ревизии
1 file changed, 2 insertions
wheezy2jessie.sh
| @@ -20,6 +20,8 @@ sed -i /proposed-updates/d /etc/apt/sources.list* | |||
| 20 | 20 | sed -i s/wheezy/jessie/g /etc/apt/sources.list* | |
| 21 | 21 | sed -i "s/ stable/ jessie/g" /etc/apt/sources.list* | |
| 22 | 22 | sed -i s/wheezy/jessie/g /etc/apt/preferences* | |
| 23 | + | sed -i s/wheezy/jessie/g /etc/apt/sources.list.d/*wheezy* | |
| 24 | + | rename s/wheezy/jessie/g /etc/apt/sources.list.d/*wheezy* | |
| 23 | 25 | aptitude update | |
| 24 | 26 | ||
| 25 | 27 | # check package status | |
Jan Wagner ревизий этого фрагмента 10 years ago. К ревизии
1 file changed, 9 insertions, 11 deletions
wheezy2jessie.sh
| @@ -7,21 +7,19 @@ dpkg-reconfigure locales | |||
| 7 | 7 | # remove unused config file | |
| 8 | 8 | rm -rf /etc/network/options /etc/environment | |
| 9 | 9 | ||
| 10 | + | # Transition and remove entries from older releases | |
| 11 | + | sed -i s#/backports.org/debian#/ftp.de.debian.org/debian#g /etc/apt/sources.list* | |
| 12 | + | sed -i s/debian-backports/debian/g /etc/apt/sources.list* | |
| 13 | + | sed -i /etch/d /etc/apt/sources.list* | |
| 14 | + | sed -i /lenny/d /etc/apt/sources.list* | |
| 15 | + | sed -i /sarge/d /etc/apt/sources.list* | |
| 16 | + | sed -i /squeeze/d /etc/apt/sources.list* | |
| 17 | + | sed -i /volatile/d /etc/apt/sources.list* | |
| 18 | + | sed -i /proposed-updates/d /etc/apt/sources.list* | |
| 10 | 19 | # change distro (please move 3rd party sources to /etc/apt/sources.list.d/), maybe look into http://ftp.cyconet.org/debian/sources.list.d/ | |
| 11 | 20 | sed -i s/wheezy/jessie/g /etc/apt/sources.list* | |
| 12 | 21 | sed -i "s/ stable/ jessie/g" /etc/apt/sources.list* | |
| 13 | 22 | sed -i s/wheezy/jessie/g /etc/apt/preferences* | |
| 14 | - | sed -i /proposed-updates/d /etc/apt/sources.list* | |
| 15 | - | sed -i /volatile/d /etc/apt/sources.list* | |
| 16 | - | sed -i /etch/d /etc/apt/sources.list* | |
| 17 | - | sed -i /lenny/d /etc/apt/sources.list* | |
| 18 | - | sed -i /sarge/d /etc/apt/sources.list* | |
| 19 | - | sed -i s#/backports.org/debian#/ftp.de.debian.org/debian#g /etc/apt/sources.list* | |
| 20 | - | sed -i s/debian-backports/debian/g /etc/apt/sources.list* | |
| 21 | - | #if [ "$( dpkg -l | grep "^ii.*php5-suhosin" | wc -l)" -ge "1" ]; then \ | |
| 22 | - | # wget http://ftp.cyconet.org/debian/sources.list.d/wheezy-updates-cyconet.list \ | |
| 23 | - | # -O /etc/apt/sources.list.d/wheezy-updates-cyconet.list | |
| 24 | - | #fi | |
| 25 | 23 | aptitude update | |
| 26 | 24 | ||
| 27 | 25 | # check package status | |