I thought I’d do the same, but ended up with a server failing to serve any web pages (including the Plinth webUI) despite the apache2
service running. I had to restore from an evening snapshot of the server (an AWS Lightsail snapshot, not the FreedomBox backup).
During the manual upgrade ($ sudo apt update && sudo apt upgrade
) I had to answer several prompts involving LDAP-related prompts (nslcd
, libnss-ldapd
) for which I just hit ‘Enter’, accepting the defaults, and hoped for the best. Some of these changes involved:
Configuring nslcd
LDAP sever URI
: I accepted the defaultldapi:///
.
Configuring nslcd
LDAP server search base
: I accepted the defaultdc=thisbox
.
Configuring popularity-contest
Participate in the package usage survey?
: I accepted the default<No>
.
Configuring libnss-ldapd
Name services to configure:
: I kept the default choices selected:[*] passwd
[*] group
[*] shadow
- Note: Various error messages following the failed upgrade appear in
journalctl
logs mentionnslcd
andpasswd
which weren’t present in such logs prior to the upgrade attempt. I don’t know what to make of them.
I did get prompts for accepting or rejecting changes to configuration files I’d modified:
/etc/ssh/sshd_config
. I accepted the package maintainer version. Some changes I noticed were:PasswordAuthentication no
: to disable password authentication, a change I remember making.StreamLocalBindUnlink yes
: to enable GnuPG Agent Forwarding; not essential to login via SSH; the change was one I made for the convenience of signing git commits with my local OpenPGP smartcard.TrustedUserCAKeys /etc/ssh/lightsail_instance_ca.pub
: Not my modification; a change I believe was already present in the Debian image I booted the AWS Lightsail instance from before installing thefreedombox
package back in 2022-05.
/etc/firewalld/firewalld.conf
: I don’t believe I had ever touched this, so I just accepted the package maintainer version which contained, among other changes, a removal ofAllowZoneDrifting=no
and change ofDefaultZone=external
toDefaultZone=public
.
At some point, failing to see the package freedombox
get upgraded due to a hold, I decided to risk running $ sudo apt-mark unhold freedombox && sudo apt upgrade -y
; I only did this because I had a recent backup of the entire server; the result was the Plinth webUI failing to start, and no apache2
pages being served (despite the # systemctl status apache2.service
showing the service was running) despite being able to login via SSH.
After about half an hour of not seeing any significant CPU work, I decided to restore from an evening snapshot taken by Lightsail prior to the update; after starting the snapshot in a new machine instance, I unchecked the “Enable auto-update to next stable release” option in the System > Software Update section; now I’m waiting to see dust settle here on this forum before I make another upgrade attempt.