Wie Du einen Ubuntu 7.10 Server ("Das Perfekte Setup" + ISPConfig) auf Ubuntu 8.04 LTS aktualisierst

Version 1.0
Author: Falko Timme


Diese Anleitung veranschaulicht, wie Du einen Ubuntu 7.10 (Gutsy Gibbon) Server auf Ubuntu 8.04 LTS (Hardy Heron) aktualisieren kannst. Ich verwende einen Ubuntu 7.10 Server, der gemäß The Perfect Server - Ubuntu Gutsy Gibbon (Ubuntu 7.10) aufgesetzt ist, auf dem ISPConfig installiert ist, mit Webseiten, E-Mail und ftp Konten, Datenbanken, DNS Einträge, etc. und aktualisiere ihn auf Ubuntu 8.04 LTS.

Ich übernehme keine Garantie, dass dies auch bei Dir funktioniert!

1 Vorbemerkung

Wie bereits in der Einleitung erwähnt, ist mein Ubuntu 7.10 Server gemäß The Perfect Server - Ubuntu Gutsy Gibbon (Ubuntu 7.10) konfiguriert und hat ISPConfig installiert. Ich habe ISPConfig dazu verwendet um Webseiten, E-Mail und ftp Konten, Datenbanken, DNS Einträge etc. einzurichten. Ich habe ihn auf Ubuntu 8.04 LTS aktualisiert und habe die vorhandenen Webseiten, E-Mail und ftp Konten, Datenbanken, DNS Einträge etc. sowie ISPConfig danach getestet. Dann habe ich neue Webseiten, Benutzer, Datenbanken, DNS Einträge etc. eingerichtet um die Funktionsweise des Servers nach dem Distributions-Upgrade zu testen. Ich habe keine Fehler gefunden. Alles funktioniert wie erwartet.

Bitte beachte, dass ich hier alle Befehle als Root-Benutzer ausführe. Du wirst Root indem Du dies eingibst:

sudo su


2 Distributions-Upgrade auf Ubuntu 8.04 LTS Server

Zuerst führen wir dies aus

apt-get update

um die Paketdatenbank des Systems zu aktualisieren.

Dann installieren wir das Paket update-manager-core:

apt-get install update-manager-core

Um das Distributions- Upgrade zu starten, geben wir dies ein:

do-release-upgrade

Während des Upgrade-Prozesses wird Dir das System einige Fragen stellen, die wir wie folgt beantworten:

root@server1:~# do-release-upgrade
Checking for a new ubuntu release
Done Upgrade tool signature
Done Upgrade tool
Done downloading
extracting '/tmp/tmpZ7bZPg/hardy.tar.gz'
authenticate '/tmp/tmpZ7bZPg/hardy.tar.gz' against '/tmp/tmpZ7bZPg/hardy.tar.gz.gpg'

Reading cache

Checking package manager

Continue running under SSH?


This session appears to be running under ssh. It is not recommended
to perform a upgrade over ssh currently because in case of failure it
is harder to recover.

If you continue, a additional ssh daemon will be started at port
'9004'.
Do you want to continue?

Continue [yN] <-- y
[...]

(Ich habe tatsächlich SSH verwendet um das System zu aktualisieren; obwohl uns im Upgrade-Prozess mitgeteilt wird, dass ein Upgrade über SSH nicht empfohlen wird, hatte ich keine Probleme; die Verbindung war stabil und ich musste mich nicht zur Konsole begeben oder meinen SSH Client mit Port 9004 verbinden. Falls Du Probleme mit der Verbindung haben solltest, dann richte Deinen SSH Client auf Port 9004, oder verwende die Konsole, wenn Du physischen Zugriff auf das System hast.)

[...]
Done http://de.archive.ubuntu.com hardy-updates/main Packages
Done http://de.archive.ubuntu.com hardy-updates/restricted Packages
Done http://de.archive.ubuntu.com hardy-updates/main Sources
Done http://de.archive.ubuntu.com hardy-updates/restricted Sources
Done http://de.archive.ubuntu.com hardy-updates/universe Packages
Done http://de.archive.ubuntu.com hardy-updates/universe Sources
Done http://de.archive.ubuntu.com hardy-updates/multiverse Packages
Done http://de.archive.ubuntu.com hardy-updates/multiverse Sources
Done downloading

Checking package manager
Reading package lists: Donehardy-security/multiverse Packages: 98
Reading state information: Done
Reading state information: Done
Reading state information: Done

Calculating the changes

Do you want to start the upgrade?


2 packages are going to be removed. 33 new packages are going to be
installed. 406 packages are going to be upgraded.

You have to download a total of 216M. This download will take about 2
minutes with your connection.

Fetching and installing the upgrade can take several hours. Once the
download has finished, the process cannot be cancelled.

Continue [yN] Details [d] <-- y

[...]


Configuration file `/etc/mysql/my.cnf'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the situation
The default action is to keep your current version.
*** my.cnf (Y/I/N/O/D/Z) [default=N] ? <-- ENTER oder N

[...]


Configuration file `/etc/mime.types'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the situation
The default action is to keep your current version.
*** mime.types (Y/I/N/O/D/Z) [default=N] ? <-- ENTER oder N

[...]


Configuration file `/etc/bind/named.conf'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the situation
The default action is to keep your current version.
*** named.conf (Y/I/N/O/D/Z) [default=N] ? <-- ENTER oder N

[...]

A new version of configuration file /etc/php5/cli/php.ini is available, but the version installed currently has been locally modified.

What would you like to do about php.ini? <-- lass die lokale Version momentan installiert

[...]


Configuration file `/etc/apache2/apache2.conf'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the situation
The default action is to keep your current version.
*** apache2.conf (Y/I/N/O/D/Z) [default=N] ? <-- ENTER oder N

[...]


Configuration file `/etc/apache2/mods-available/dir.conf'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the situation
The default action is to keep your current version.
*** dir.conf (Y/I/N/O/D/Z) [default=N] ? <-- ENTER oder N

[...]

A new version of configuration file /etc/php5/apache2/php.ini is available, but the version installed currently has been locally modified.

What would you like to do about php.ini? <-- lass die lokale Version momentan installiert

[...]


Configuration file `/etc/default/saslauthd'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the situation
The default action is to keep your current version.
*** saslauthd (Y/I/N/O/D/Z) [default=N] ? <-- ENTER oder N

[...]


Searching for obsolete software
Reading package lists: Done
Reading state information: Done
Reading state information: Done
Reading state information: Done

Remove obsolete packages?

18 packages are going to be removed.

Continue [yN] Details [d] <-- y

[...]

At the end of the upgrade, a system restart is required:

[...]

System upgrade is complete.

Restart required


To finish the upgrade, a restart is required.
If you select 'y' the system will be restarted.

Restart the system now [yN] <-- y


Broadcast message from root@server1.example.com
(/dev/pts/0) at 13:14 ...

The system is going down for reboot NOW!
root@server1:~#

Nach dem Neustart kannst Du Deinen neuen Ubuntu 8.04 LTS (Hardy Heron) Server verwenden.

uname -a

zeigt, dass Du einen neuen Kernel hast...

root@server1:~# uname -a
Linux server1.example.com 2.6.24-16-server #1 SMP Thu Apr 10 13:58:00 UTC 2008 i686 GNU/Linux
root@server1:~#

3 Zusätzliche Schritte

Das Distributions-Upgrade ist nun abgeschlossen. Es wird jedoch strengstens empfohlen, dass Du den nächsten Schritten folgst um Dein Setup mit ISPConfig kompatibel machst:

3.1 Ändere die Standard Kommandozeile

Vergewissere Dich, dass /bin/sh ein Symlink zu /bin/bash ist, nicht /bin/dash indem Du dies ausführst:

ln -sf /bin/bash /bin/sh


3.2 Deaktiviere AppArmor

AppArmor ist eine Sicherheitserweiterung (ähnlich wie SELinux), die zusätzliche Sicherheit gewährleisten soll. Meiner Meinung nach brauchst Du es nicht um ein System, welches bereits sicher ist, zu konfigurieren. Es verursacht für gewöhnlich mehr Probleme als dass es Vorteile schafft. Daher deaktiviere ich es.

So können wir es deaktivieren:

/etc/init.d/apparmor stop
update-rc.d -f apparmor remove

3.3 Saslauthd

Als Nächstes müssen wir die saslauthd Konfiguration ein wenig modifizieren, da Du sonst wahrscheinlich Fehlermeldungen wie diese erhältst, wenn Du versuchst E-Mails zu senden:

Apr 28 13:21:57 server1 postfix/smtpd[5668]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Apr 28 13:21:57 server1 postfix/smtpd[5668]: warning: unknown[192.168.0.210]: SASL LOGIN authentication failed: generic failure

Öffne /etc/default/saslauthd. So soll es aussehen:

vi /etc/default/saslauthd


#
# Settings for saslauthd daemon # Please read /usr/share/doc/sasl2-bin/README.Debian for details. # # Should saslauthd run automatically on startup? (default: no) START=yes # Description of this saslauthd instance. Recommended. # (suggestion: SASL Authentication Daemon) DESC="SASL Authentication Daemon" # Short name of this saslauthd instance. Strongly recommended. # (suggestion: saslauthd) NAME="saslauthd" # Which authentication mechanisms should saslauthd use? (default: pam) # # Available options in this Debian package: # getpwent -- use the getpwent() library function # kerberos5 -- use Kerberos 5 # pam -- use PAM # rimap -- use a remote IMAP server # shadow -- use the local shadow password file # sasldb -- use the local sasldb database file # ldap -- use LDAP (configuration is in /etc/saslauthd.conf) # # Only one option may be used at a time. See the saslauthd man page # for more information. # # Example: MECHANISMS="pam" MECHANISMS="pam" # Additional options for this mechanism. (default: none) # See the saslauthd man page for information about mech-specific options. MECH_OPTIONS="" # How many saslauthd processes should we run? (default: 5) # A value of 0 will fork a new process for each connection. THREADS=5 # Other options (default: -c -m /var/run/saslauthd) # Note: You MUST specify the -m option or saslauthd won't run! # # See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information. # See the saslauthd man page for general information about these options. # # Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd" #OPTIONS="-c -m /var/run/saslauthd" OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
Füge dann den postfix Benutzer der sasl Gruppe hinzu und starte Postfix und saslauthd neu:

adduser postfix sasl
/etc/init.d/postfix restart
/etc/init.d/saslauthd restart

4 Links

0 Kommentar(e)

Zum Posten von Kommentaren bitte