[Talk] Home Edition security updates

Important informations about SolydXK including releases notes, forum rules and other anouncements
dave hartley
Posts: 28
Joined: 08 Aug 2013 21:16

Re: [Talk] Home Edition security updates

Postby dave hartley » 05 Jan 2015 11:02

kurotsugi wrote:the root of your problem is the epic battle libav vs ffmpeg on debian. debian is using libav but DMO is using ffmpeg. all DMO packages depends on ffmpeg to work (you'll need to install libavcodec-XX dmo version). libavcodec-extra-XX is part of debian, thus, it contain libav. if you're using DMO then you mustn't install libavcodec-extra-XX at all cost. however, for unknown reason UM issued a command to install libavcodec-extra-XX and broke your system.

the easiest solution would be avoid using UM until we solve the issue. else, you can try to use apt-pinning and give libavcodec-extra-XX (-1) priority so that it never installed into your system.
Thanks - I'll do that. I'm using this machine for a series of jobs which will take me a week or two and for which I need VLC. Then I think it might be an idea to try a fresh install using the most recent ISO.
anyway, vlc isn't the only thing broke on your system. you'll need to reinstall these packages to revert it to the previous states
Fortunately none of those is currently essential (I used this machine to test out customizations of Kate when an earlier upgrade removed some Gedit plugins).
Yes, I was wondering about that one as well.
if we look into the logs,

Code: Select all

Start-Date: 2015-01-04  21:36:02
Commandline: apt-get install --reinstall --assume-yes -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold --force-yes libavformat55

Start-Date: 2015-01-04  21:36:16
Commandline: apt-get install --assume-yes -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold --force-yes libavcodec-extra-56
the small gap between 1st and 2nd command means that it was done by a kind of script (probably solydfixes. it tried to remove DMO but failed. the probabilities are: dave might accidentally use maintainance tool on UM to remove DMO or the UM have a problem and executed solydxkfixes.

Code: Select all

Start-Date: 2015-01-04  21:37:13
Commandline: apt-get --assume-yes -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold --force-yes dist-upgrade
Upgrade: ddm:i386 (1.0.8, 1.9.0), lightdm-manager:i386 (0.6.7, 0.6.8), xscreensaver:i386 (5.26-1, 5.30-1+b1), usermanager:i386 (0.6.8, 0.6.9), sambashare:i386 (0.6.5, 0.6.6)
there's a big gap between 2nd and 3rd command so I think that the script accidentally executed by user, not UM.
I don't recall being invited to confirm anything (although I'm quite capable of contributing to problems when given the opportunity :) ). Wouldn't the gap before the 3rd command be how long it took to remove those packages ?

kurotsugi
Posts: 2240
Joined: 09 Jan 2014 00:17

Re: [Talk] Home Edition security updates

Postby kurotsugi » 05 Jan 2015 11:55

Wouldn't the gap before the 3rd command be how long it took to remove those packages ?
with limited information we tend to make mistakes. can you tell us step by step what you did until this problem happened?

User avatar
Zill
Posts: 1850
Joined: 13 Aug 2013 14:28
Location: Lincolnshire, UK

Re: [Talk] Home Edition security updates

Postby Zill » 05 Jan 2015 12:18

My SolydX 32-bit system uses the following sources.list:

Code: Select all

deb http://ftp.nluug.nl/os/Linux/distr/solydxk/packages/production/ solydxk main upstream import
deb http://ftp.nluug.nl/os/Linux/distr/solydxk/debian/production testing main contrib non-free
deb http://ftp.nluug.nl/os/Linux/distr/solydxk/debian/production/multimedia testing main non-free
deb http://debian.solydxk.com/security testing/updates main contrib non-free
deb http://community.solydxk.com/production/ solydxk main
Simulating the latest update shows the following four package upgrades are available:

Code: Select all

roger@dino:~$ sudo apt-get -s dist-upgrade
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages will be upgraded:
  ddm lightdm-manager sambashare usermanager
4 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Note that the latest update should not install libavcodec-extra-56:

Code: Select all

roger@dino:~$ apt policy libavcodec-extra-56
libavcodec-extra-56:
  Installed: (none)
  Candidate: 6:11-1
  Version table:
     6:11-1 0
        500 http://ftp.nluug.nl/os/Linux/distr/solydxk/debian/production/ testing/main i386 Packages
        100 /var/lib/dpkg/status
Other package versions currently installed here shown here for reference:

Code: Select all

roger@dino:~$ apt policy libavformat56 libchromaprint0 vlc vlc-nox vlc-plugin-notify ffmpeg
libavformat56:
  Installed: 10:2.4.1-dmo1
libchromaprint0:
  Installed: 1.2-dmo2
vlc:
  Installed: 1:2.2.0~pre3-dmo3
vlc-nox:
  Installed: 1:2.2.0~pre3-dmo3
vlc-plugin-notify:
  Installed: 1:2.2.0~pre3-dmo3
ffmpeg:
  Installed: 10:2.4.1-dmo1
Note that these six packages all have the "dmo" suffix.

Like the OP, my system predates the decision to remove debian.solydxk.nl/production/multimedia from future ISO's but has been fully updated with all the UPs. Similarly, I do not track Debian directly and only use the "official" SolydXK HE repos.

I must admit to being quite confused over the way SolydXK now handles multimedia. If anyone does understand this, could you please issue a definitive post clearly showing the recommended sources.list and detailing what changes, if any, are required to bring "legacy" systems to the current standard. Please also clarify if any packages with "dmox" suffixes should still be installed on HE systems.

I am now unsure about whether to apply the latest update as, although it appears to be nothing to do with DMO and multimedia applications, the dependencies seem to be quite confused at the moment and I don't want to risk system breakage. Any advice would be appreciated.

p.s. Should the official "Sources.list" post be updated?..
"You can still keep using the multimedia repository, although it is not included in the new ISOs."

User avatar
Arjen Balfoort
Site Admin
Posts: 9331
Joined: 26 Jan 2013 19:36
Location: Netherlands
Contact:

Re: [Talk] Home Edition security updates

Postby Arjen Balfoort » 05 Jan 2015 12:40

I'll update the official sources.list as soon as Jessie becomes stable.
I've updated the "Important SolydXK news" topic to include the multimedia repository:
  • What about the repositories?
    - I will continue maintaining the SolydXK repository. The Debian and Security repositories will point directly to Debian. The multimedia repository is part of our current Debian repository. If you still want to use that you'll need to point directly to deb-multimedia. The packages of the Community repository will be transferred to the SolydXK repository.


SolydXK needs you!
Development | Testing | Translations

User avatar
grizzler
Posts: 2180
Joined: 04 Mar 2013 15:45
Location: The Hague, NL

Re: [Talk] Home Edition security updates

Postby grizzler » 05 Jan 2015 13:02

I've been working on a new version of the solydfixes script that should be able to handle the transition of the HE and BE as announced for the end of January. The instructions in the 'HE to Jessie upgrade' and 'BE to Jessie upgrade' threads cover the 'ideal' situation. Tests on some older installs (not unlike the ones mentioned above...) revealed several issues. DMO related problems is only one. There's also the SolydK systems that still use KDM instead of LightDM, BE setups with hal packages installed and EFI issues. I've had upgrade crashes all over the place and more unbootable VMs than I care to mention.
If we can't figure out exactly what caused this libavcodec-extra mess, we're in for even more surprises... :(
Frank

SolydX EE 64 - tracking Debian Testing

kurotsugi
Posts: 2240
Joined: 09 Jan 2014 00:17

Re: [Talk] Home Edition security updates

Postby kurotsugi » 05 Jan 2015 13:05

the recommended list is

Code: Select all

deb http://ftp.nluug.nl/os/Linux/distr/solydxk/packages/production/ solydxk main upstream import
deb http://ftp.nluug.nl/os/Linux/distr/solydxk/debian/production testing main contrib non-free
deb http://debian.solydxk.com/security testing/updates main contrib non-free
deb http://community.solydxk.com/production/ solydxk main
DMO repo is still maintained, i.e: new snapshot will created when new UP got released. however,
1. it doesn't get security updates.
2. most user is using debian's codec and most likely it doesn't get enough test on before UP.
3. debian doesn't officially support ffmpeg. 1 or 2 things might broke if you use DMO.
Please also clarify if any packages with "dmox" suffixes should still be installed on HE systems.
they're not installed as default. user can add them later if they want.
I am now unsure about whether to apply the latest update as, although it appears to be nothing to do with DMO and multimedia applications, the dependencies seem to be quite confused at the moment and I don't want to risk system breakage. Any advice would be appreciated.
our updates can be divided into two parts. UP updates vs bugfix+security updates. DMO (and consequently, the multimedia stuff) only got updated on UP, once per 3 months, so it's quite normal if you haven't got any updates on them.

the dependencies is actually quite simple. the root is on libavcodec-XX dmo version. so whatever you do, you need to make sure this package not removed. :3

we're not on UP period so at least until next UP you'll mostly fine. we're still investigating the source of the problem so momentarily please use terminal to manually update your system.

Code: Select all

#download package list
sudo apt-get update
#simulate a system update
aptitude -s dist-upgrade
#if you feel everything is OK, then continue with the real update
sudo apt-get dist-upgrade

dave hartley
Posts: 28
Joined: 08 Aug 2013 21:16

Re: [Talk] Home Edition security updates

Postby dave hartley » 05 Jan 2015 13:30

kurotsugi wrote:
Wouldn't the gap before the 3rd command be how long it took to remove those packages ?
with limited information we tend to make mistakes. can you tell us step by step what you did until this problem happened?
To the best of my recollection :- I observed that Update Manager said there were some updates available. When the task I was engaged in had completed I loaded update manager which eventually presented me with a small list of packages to be updated. Nothing about them rang any alarm bells. I quickly checked the official Security Update forum thread and this thread. I then clicked the install button in UM. I turned away from the computer to make myself some coffee but kept a fairly casual eye on it. I don't recall anything occuring until the updates were completed. I then rebooted. As I indicated above I'm working with VLC among other things and so immediately tried loading it without success (the attempt threw up an error message). I checked the logs I quoted in my intial post, identified the upgrade which had caused the issue, looked at the dependencies for the other packages listed in the log to see if I could identify what had triggered the 'upgrade' but without success. Did some searches to see if there were any known issues with libavcodec-extra-56. Again without success apart from the package info in synaptic which suggested that it also broke mplayer. Not everything to do with VLC had gone so I ran 'sudo apt-get --purge remove vlc'. VLC still wouldn't install so i tried removing libavcodec-extra-56 and it then installed without problems. Then (assuming incorrectly that this was a consequence of the security updates) I posted in this thread. Not sure there is much else I can tell you. I'm afraid that probably doesn't tell you anything very useful.

My point regarding the gap between commands 2 and three was merely that command 2 was the one which led to a number of packages being uninstalled and - since I have no recollection of doing anything myself during the update - I was suggesting this might be why there was a period of time between those commands.

Anyhow, solving my own immediate issue - getting VLC working - was easily achieved and assuming nothing else breaks I propose to resolve any issue regarding any mismatch between my current installation and the optimum current Solydx install by reinstalling with the latest ISO when I've finished the tasks I'm engaged in. hopefully next week. I'm guessing it would be sensible to do this prior to the transition of HE to Jessie so that I'm working on the same page as everyone else as we step into an exciting new phase...

Very grateful for everyones help and suggestions.

User avatar
Arjen Balfoort
Site Admin
Posts: 9331
Joined: 26 Jan 2013 19:36
Location: Netherlands
Contact:

Re: [Talk] Home Edition security updates

Postby Arjen Balfoort » 05 Jan 2015 13:47

If you decide to reinstall, it's best to use the nightly builds: http://forums.solydxk.nl/viewtopic.php?f=2&t=5110


SolydXK needs you!
Development | Testing | Translations

dave hartley
Posts: 28
Joined: 08 Aug 2013 21:16

Re: [Talk] Home Edition security updates

Postby dave hartley » 05 Jan 2015 14:09

Schoelje wrote:If you decide to reinstall, it's best to use the nightly builds: http://forums.solydxk.nl/viewtopic.php?f=2&t=5110
Thanks - will do.

User avatar
Zill
Posts: 1850
Joined: 13 Aug 2013 14:28
Location: Lincolnshire, UK

Re: [Talk] Home Edition security updates

Postby Zill » 05 Jan 2015 15:34

Thanks for the advice, gents. I have now updated using the terminal, rather than the UM, with the following results:

Code: Select all

roger@dino:~$ sudo apt-get dist-upgrade
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following packages will be upgraded:
  ddm lightdm-manager sambashare usermanager
4 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 122 kB of archives.
After this operation, 220 kB disk space will be freed.
Do you want to continue? [Y/n] y
Get:1 http://ftp.nluug.nl/os/Linux/distr/solydxk/packages/production/ solydxk/main ddm all 1.9.0 [41.9 kB]
...
Setting up usermanager (0.6.9) ...
roger@dino:~$

roger@dino:~$ sudo apt-get dist-upgrade
Reading package lists... Done
Building dependency tree       
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
roger@dino:~$ 
libavcodec-extra-56 remains uninstalled while vlc (dmo version) remains installed:

Code: Select all

roger@dino:~$ apt policy libavcodec-extra-56
libavcodec-extra-56:
  Installed: (none)
  Candidate: 6:11-1
  Version table:
     6:11-1 0
        500 http://ftp.nluug.nl/os/Linux/distr/solydxk/debian/production/ testing/main i386 Packages
        100 /var/lib/dpkg/status
roger@dino:~$ 

roger@dino:~$ apt policy vlc
vlc:
  Installed: 1:2.2.0~pre3-dmo3
  Candidate: 1:2.2.0~pre3-dmo3
  Version table:
 *** 1:2.2.0~pre3-dmo3 0
        500 http://ftp.nluug.nl/os/Linux/distr/solydxk/debian/production/multimedia/ testing/main i386 Packages
        100 /var/lib/dpkg/status
     2.1.5-1 0
        500 http://ftp.nluug.nl/os/Linux/distr/solydxk/debian/production/ testing/main i386 Packages
roger@dino:~$ 
VLC appears to continue working correctly.

User avatar
grizzler
Posts: 2180
Joined: 04 Mar 2013 15:45
Location: The Hague, NL

Re: [Talk] Home Edition security updates

Postby grizzler » 15 Jan 2015 07:07

Security update for the kernel in the works...

https://lists.debian.org/debian-securit ... 00011.html
Frank

SolydX EE 64 - tracking Debian Testing

Rocky
Posts: 127
Joined: 15 Apr 2014 11:04
Location: Ireland

Re: [Talk] Home Edition security updates

Postby Rocky » 29 Jan 2015 21:37

May I ask whether security updates for Jessie will continue to be made available through this channel after the end of January transition.

I appreciate that anybody pointing to Wheezy will automatically get Debians security updates as it is still officially the stable branch. But what about anybody pointing to Jessie - as I undertstand it the position in Debian is that the Testing branch is last to obtain security updates and in the inter-regnum while Jessie is still not officially the stable branch this would mean delays in getting (direct from Debian) Jessie security updates ?
"All that glisters is not gold" - Shakespeare "The Merchant of Venice"

User avatar
grizzler
Posts: 2180
Joined: 04 Mar 2013 15:45
Location: The Hague, NL

Re: [Talk] Home Edition security updates

Postby grizzler » 29 Jan 2015 21:54

No, they will not be made available separately. There is no need.

Depending on their 'urgency', security updates appear in Testing (currently Jessie) at about the same time as in the Stable (Wheezy) Security Updates branch. If they are very urgent, they can pass from Unstable to Testing in a day or two. In the past couple of months, there have even been one or two that migrated the same day. The less urgent can take five to ten days.

The updates that were provided through SolydXK's own Security Repository, were hardly ever made available before they had officially migrated to Testing. Once they were there, they had to be tested (dependencies could cause problems) before they were released, which could take a bit of time as well. This extra step/delay will no longer be there. So after January, the speed with which these updates will become available can only increase.
Frank

SolydX EE 64 - tracking Debian Testing

john
Posts: 22
Joined: 29 May 2013 16:44
Location: Wales

Re: [Talk] Home Edition security updates

Postby john » 10 Jun 2015 08:57

Updated this morning. The update stopped with
E: Sub-process /usr/bin/dpkg returned an error code (1)
(see attachment)
I rebooted and the update completed, but the usual box confirming completion did not appear. After a further reboot, everything seems OK.
Attachments
error_2015-06-10.jpg

User avatar
Arjen Balfoort
Site Admin
Posts: 9331
Joined: 26 Jan 2013 19:36
Location: Netherlands
Contact:

Re: [Talk] Home Edition security updates

Postby Arjen Balfoort » 10 Jun 2015 09:17

You can always check if the upgrade went fine with these terminal commands:

Code: Select all

sudo apt-get update
sudo apt-get -f install
sudo apt-get upgrade


SolydXK needs you!
Development | Testing | Translations

john
Posts: 22
Joined: 29 May 2013 16:44
Location: Wales

Re: [Talk] Home Edition security updates

Postby john » 10 Jun 2015 10:44

Thanks - all seems fine now.

kurotsugi
Posts: 2240
Joined: 09 Jan 2014 00:17

Re: [Talk] Home Edition security updates

Postby kurotsugi » 10 Jun 2015 16:44

as additional check please also do

Code: Select all

sudo dpkg --configure -a
this command will check and finish unconfigured packages.

john
Posts: 22
Joined: 29 May 2013 16:44
Location: Wales

Re: [Talk] Home Edition security updates

Postby john » 10 Jun 2015 16:55

Thanks - no output from
sudo dpkg --configure -a
Presume that means all is well :)

User avatar
Arjen Balfoort
Site Admin
Posts: 9331
Joined: 26 Jan 2013 19:36
Location: Netherlands
Contact:

Re: [Talk] Home Edition security updates

Postby Arjen Balfoort » 10 Jun 2015 16:58

Indeed, it is.


SolydXK needs you!
Development | Testing | Translations


Return to “News & Anouncements”

Who is online

Users browsing this forum: No registered users and 5 guests