Switching to rolling (testing) release

I am running Debian GNU/Linux 10 (buster) and FreedomBox version 19.2 but would like to switch to the rolling (testing) release and am hoping to get confirmation that I have done so correctly so as not to mess up my system.

My old /etc/apt/sources.list file is as follows:

deb tor+http://deb.debian.org/debian buster main
deb-src tor+http://deb.debian.org/debian buster main

deb tor+http://deb.debian.org/debian buster-updates main
deb-src tor+http://deb.debian.org/debian buster-updates main

deb tor+http://security.debian.org/debian-security/ buster/updates main
deb-src tor+http://security.debian.org/debian-security/ buster/updates main

Following the wiki for Debian Testing [1], for the rolling (testing) release I have changed the above to the following:

deb tor+http://deb.debian.org/debian testing main
deb-src tor+http://deb.debian.org/debian testing main

deb tor+http://deb.debian.org/debian testing-updates main
deb-src tor+http://deb.debian.org/debian testing-updates main

My two questions:

(1) Is it correct to have removed the stable security updates line(s) (anything with security.debian.org in it)?

(2) From the wiki for Debian Unstable [2], it says I may want to disable automatic upgrades, but I would prefer not to. What would you recommend?

Thank you!

[1] https://wiki.debian.org/DebianTesting
[2] https://wiki.debian.org/DebianUnstable#What_are_some_best_practices_for_testing.2Fsid_users.3F

Security lines for testing should be kept. Debian security team does provide security fixes for testing also but I am not sure if they are of the rigor and quailty as stable security updates.

While all the said risks are very real, the following points should be kept in mind:

  • FreedomBox takes automatic snapshots of root file system before and after each software transaction if you have btrfs filesystem and if enable snapshots. It is possible to revert to any of those snapshots in case of a problem.
  • When there are configuration file conflicts (that need user intervention) unattended-upgrades will not touch the package. FreedomBox then provides special code for performing that kind of upgrade.
  • We are trying to ensure quality and block bad upgrades using functional tests of these packages. We certainly did not reach an ideal state here but are doing better as time progresses.
  • Historically, on any of the hardware platforms, we didn’t face boot issue after an upgrade. If a system becomes unbootable, one can remove SD card (on most single board computers) and restore snapshot or copy data for reviving the system. This is easier than having to work with rescue disks.
  • Be sure to take regular backups.

I recommend turning on automatic-upgrades.

@sunil thank you for the quick response!

Hello FreedomBox community!

I have three follow-up questions:

(1) When manually running updates (via ssh),

$ sudo apt update && sudo apt upgrade

I get the following message:

[…]
E: The repository ‘tor+http://security.debian.org/debian-security testing/updates Release’ no longer has a Release file.
N: Updating from such a repository can’t be done securely, and is therefore disabled by default.
[…]

Is not having a Release file for debian-security an issue? If yes, can you provide some instructions for how to fix it? If not, can I safely ignore the message?

(2) I noticed that buster-backports was enabled in /etc/apt/sources.list.d/freedombox2.list, and since I want to have a rolling release I have commented it out.

$ sudo nano /etc/apt/sources.list.d/freedombox2.list

# This file is managed by FreedomBox, do not edit.
# Allow carefully selected updates to ‘freedombox’ from backports.

#deb tor+http://deb.debian.org/debian buster-backports main
#deb-src tor+http://deb.debian.org/debian buster-backports main

Is this correct?

(3) Now that Buster has moved to stable, when can users expect that Plinth will update beyond v. 19.2?

Thank you!
DJ

Update: Regarding (1), i changed testing/updates to testing-security in my sources.list to match http://security-cdn.debian.org/debian-security/dists/testing-security/. Now updating and upgrading no longer gives me the message about not having a Release file.

Information from: https://unix.stackexchange.com/questions/528751/cannot-update-apt-list-repository-no-longer-has-a-release-file

I wonder if this a change we should do for all our users or a work around needed only temporarily.

I have three follow-up questions:

(1) When manually running updates (via ssh),

$ sudo apt update && sudo apt upgrade

I get the following message:

[…]
E: The repository ‘tor+http://security.debian.org/debian-security
testing/updates Release’ no longer has a Release file.
N: Updating from such a repository can’t be done securely, and is
therefore disabled by default.
[…]

Is not having a Release file for debian-security an issue? If yes, can
you provide some instructions for how to fix it? If not, can I safely
ignore the message?

I believe this security release file will become available eventually
(in perhaps a few days). For now, it is best to keep the line and
continue with upgrade (if the upgrade itself does not fail). This way
you won’t forget to add it back when it does become available.

BTW, you may have to run (instead of regular apt update):

apt --allow-releaseinfo-change update

(2) I noticed that buster-backports was enabled in
/etc/apt/sources.list.d/freedombox2.list, and since I want to have a
rolling release I have commented it out.

$ sudo nano /etc/apt/sources.list.d/freedombox2.list

# This file is managed by FreedomBox, do not edit.
# Allow carefully selected updates to ‘freedombox’ from backports.

#deb tor+http://deb.debian.org/debian buster-backports main
#deb-src tor+http://deb.debian.org/debian buster-backports main

Is this correct?

Yes. If you are going to be using ‘testing’ you won’t need the backports
repositories. Testing will always contain same or later versions of
FreedomBox and other software it depends on. Keeping those should be
entirely harmless too.

(3) Now that Buster has moved to stable, when can users expect that
Plinth will update beyond v. 19.2?

Sometime soon, automatic transition of packages will allowed from
unstable to testing. When that happens, freedombox (and transitional
plinth package) 19.2 will become available in testing (or perhaps it
might take 2 days).

For beyond, here is the plan:

  • freedombox 19.11 will be uploaded tomorrow to experimental only (for now).
  • freedombox 19.2 to become available in testing (very soon).
  • freedombox 19.2 will be uploaded to backports.
  • freedombox 19.11 will be uploaded to unstable.
  • freedombox 19.11 to become available in testing 2 days after that.
  • freedombox 19.11 may be uploaded to backports based on confidence.

Last two steps will repeat every 3 weeks for each release.

1 Like