So the blog and my email address have been unavailable a few hours as I was thinking I could just run the upgrade in the background on a Sunday afternoon. My fault. 😉
See the Debian Jessie announcement and Debian Jessie release notes for general information.
On my system there’s only a web- and a mailserver with some antivirus and firewall stuff. So I had to adjust some Apache settings and fiddle with dovecot and some other start scripts. I was happy the
udev maintainer included some checks against the kernel version, as I run a xen-based virtual root server by Vollmar.net and thus don’t install the kernel by myself (and stick to udev 175 or it wouldn’t boot any more 😉 ).
Apache 2.4 httpd
For the Apache webserver there are upgrade notes available in the documentation, I had to get rid of the NameVirtualHosts directive (if untouched the
/etc/apache2/ports.conf file from Debian does the trick but I modified mine) and change
Allow from all
Require all granted
everywhere in order to allow access to the web-roots again. Also the sites-available files now require a
Take care, it’s confusing, there will be the daemons for 9.1 and 9.4 running in parallel, the client will be the one of 9.4 but uses the 9.1 cluster. So only remove 9.1 after you migrated successfully from 9.1 to 9.4 (most probably by removing the existing 9.4 cluster created during package installation and running
pg_upgradecluster 9.1 main).
If you get errors like
"PHP Fatal error: require_once(): Failed opening required '/usr/share/php/php-gettext/gettext.inc' (include_path='.') in /usr/share/phpmyadmin/libraries/select_lang.lib.php on line 463" you need to upgrade your
/etc/phpmyadmin/apache2.conf – most probably there’s a
/etc/phpmyadmin/apache2.conf.dpkg-dist already sitting next to it, also see #709302 (it’s not a bug 😉 ).
So it seems that I did nearly make no changes in
/etc/dovecot/conf but this lead to my IMAPs/POP3s daemons not starting any more. In the end I guess the ssl configuration was the culprit, I uncommented the lines pointing to my SSL-key files in
10-ssl.conf, no idea whether this was the 100% correct approach, it’s usually better to create local configuration.
For some reason I was hit by Debian #778507 – a letter was missing in
/var/lib/dpkg/info/clamav-daemon.postinst, so line 626 has to be
[ -n "$PidFile" ] && echo "PidFile $PidFile" >> $DEBCONFFILE
I use bley by Evgeni Golov for greylisting, here I modified the init script by myself before to include the postgresql dependency and now had to accept upstream changes. But they also include a dbconfig-based database configuration now.
The fail2ban package seems to be more verbose now, so I could fix some typos in the rule files (one time the name of a local file was misspelt, one file lacked the
Most important — never change a running system.
Amen to that 🙂