Software center configuration: locked-feature: flaky to say the least and be polite


(Michel-André) #1

Hi all,

System version // NethServer release 7.5.1804 (final)

  • Software center configuration > Locked > Download updates > Install updates automatically
  • On return, it shows only the SOGO module as available
  • Software Updates > DOWNLOAD AND INSTALL
  • “Resolving RPM dependencies The install/update may have failed due to metadata caching issues. Please clean the cache by clicking the button below and retry the install/update operation. CLEAR YUM CACHE”
  • CLEAR YUM CACHE
  • On return = Software updates are available
    Updates > DOWNLOAD AND INSTALL

  • again “Resolving RPM dependencies The install/update may have failed due to metadata caching issues. Please clean the cache by clicking the button below and retry the install/update operation. CLEAR YUM CACHE”

    yum clean all --enablerepo=*; yum update

    Complete!


config show sysconfig
sysconfig=configuration
NsReleaseLock=enabled
ProductName=NethServer
Release=final
Version=7.5.1804
ZeroConf=enabled


  • On return to GUI
  • Software center - system upgrade
  • “A system upgrade to NethServer 7.6.1810 is available. The system upgrade procedure switches the to “unlocked” software updates origin and updates all installed packages”
  • Ignore

AVAILABLE SOFTWARE

  • Software center > Available
  • Still, only SOGO is available
  • OS Version:
  • System version is still at 7.5.1804 (final)
  • /var/log/messages
  • pkgaction[7365]: [YumRPMCheckError] [u’ERROR with transaction check vs depsolve:’, ‘jq is needed by nethserver-subscription-3.3.2-1.ns7.noarch’, ‘perl(Proc::ProcessTable) is needed by nethserver-backup-config-2.2.1-1.ns7.noarch’, ‘perl-Proc-ProcessTable is needed by nethserver-backup-config-2.2.1-1.ns7.noarch’]

rpm -qa | grep jq
jq-1.5-1.el7.x86_64

rpm -qa | grep ProcessTable
perl-Proc-ProcessTable-0.48-1.el7.x86_64

  • December 2018

  • HowTo update Nethserver correctly via CLI?

  • fpauspNeth Server Ambassador // I ask myself if the locked-feature is technically mature…

  • Giacomo Sanchietti Dev Team // I’m not sure neither…
    ** Giacomo Sanchietti Dev Team // This requires a lot of work and a good infrastructure, this is why we create the subscription plan…
    ** Does that mean that your infrastructure is not good or that you do not want to do a lot of work?
    ** http://docs.nethserver.org/en/v7/subscription.html
    ** “…getting access to monitoring portal and stable update repositories.”
    ** Does that mean that other repositories are not stable?

  • December 2018

  • My Locked 7.5's have or are updating to 7.6

  • github.com/NethServer/dev

  • If a system has the Software origin policy set to Locked and it has automatic updates enabled, it should never update…

  • if not set to: “Install updates automatically”, the version will update automatically to NethServer 7.6.1810
  • On previous installations, I always disabled “automatic updates” then after an update, the system is at version 7.6.
  • I never saw automatic updates on production server except with Micro$oft and even then, I always suspected a newbie administrator.
  • December 2018
  • My Locked 7.5's have or are updating to 7.6
  • fasttech Quality Team
  • once 7.6 is out, 7.5 is dead: we are using the concept of “rolling release”, so old releases should be always updated to latest one. Also, old releases will not get any update (including security fixes from upstream)
  • “old releases should be always updated to latest one” I never heard of such a thing. It is always better to wait for a little while to see if the new release is safe to update to.
  • “Also, old releases will not get any update (including security fixes from upstream)”. What kind of quality is that? Some distributions include security fixes for up to 10 years after initial release.
  • December 2018
  • New Centos 7.6 update
  • Davide Principi NethServer Ambassador
  • Due to a bug in the yum-cron/NsReleaseLock feature those who enabled the automated updates found a bad surprise today: their systems were updated to CentOS 7.6 by the daily cron job.
  • “…so old releases should be always updated to latest one.” As I wrote before: “It is always better to wait for a little while to see if the new release is safe to update to.”

I always prefered security/stability to latest goodies.

INSTALLATION GLITCHES:

  • Language
    FROM: /root/anaconda-ks.cfg

System language

lang en_US.UTF-8 --addsupport=fr_CA.UTF-8

  • Login to the GUI, fr_CA: nowhere to be seen…
  • First NIC:
    FROM: /root/anaconda-ks.cfg
    network --bootproto=static --device=enp0s3 --gateway=192.168.1.1 --ip=192.168.1.11 --nameserver=192.168.1.1 --netmask=255.255.255.0 --ipv6=auto --activate
  • Login to the GUI > Network > First NIC doesn’t have gateway set…
  • Second NIC:
    In installation, put it OFF.
    FROM: /root/anaconda-ks.cfg
    network --bootproto=dhcp --device=enp0s8 --nameserver=8.8.8.8 --ipv6=auto
  • Login to the GUI > Network > Second NIC is given a DHCP address
  • kdump
    FROM: /root/anaconda-ks.cfg
    echo “Disable kdump…”
    systemctl disable kdump
  • In installation, I looked at it and it was CHECKED by default

It’s been a month that I am looking at NethServer, still I am not convinced that it is stable and ready for a production environment…

I would really like to be proved wrong,

Michel-André


(Davide Principi) #2

Hi Michael,

thank you for being polite and respecting the #community rules even if something is not working as you expect!

I understand you read a lot of posts and you have an opinion about the system update policy. I’d be happy if you join and contribute to this discussion

For other issues I suggest you open separate topics in the #bug category.


(Stéphane de Labrusse) #3

https://www.nethserver.org/phone-home/index.html

Nethserver is developed by a company Nethesis, with a long story with SME Server and they aim stability but also new features for their customers and the community too. One example my first official collaboration for NethServer, Rspamd…Funded by Nethesis, used by the community and their customers.
It is a two sides way game, Fail2ban which was developed by the community (I started it, but @dnutan and others made PR inside) is used now by the customers of Nethesis.

The company gets a culture of partners, to sell first a derivative of SME Server, now NethServer, they listen the feedback of their customers, of the community, so if you find a bug, it is fixed as soon as possible, but you can be sure the culture of stability is true in this community.

At the end, the customers, the community ask for new features, new software implementations, this lead sometime to issues, sometime to bugs.

No bugs, mean stability, mean no development…