[SOLVED] In-place release upgrade not succeeding - too late?

Support
1

Hello,

I’m trying to do sudo release-upgrade in the Whonix-Workstation and getting this log output:

user@host:~$ sudo release-upgrade
[sudo] password for user:          
+ set -e
+ set -o pipefail
+ shopt -s nullglob
+ version=2.0
+ [[ -v source_codename ]]
+ source_codename=bullseye
+ [[ -v target_codename ]]
+ target_codename=bookworm
+ true 'INFO: (release-upgrade version: 2.0) Release upgrade from Debian bullseye to Debian bookworm in progress...'
+ trap error_handler ERR
++ id -u
+ '[' 0 '!=' 0 ']'
+ export DEBDEBUG=1
+ DEBDEBUG=1
+ true 'INFO: Checking if tor@default systemd unit is running...'
+ systemctl --no-pager status tor@default
● tor@default.service - anon-ws-disable-stacked-tor
     Loaded: loaded (/lib/systemd/system/tor@default.service; enabled-runtime; vendor preset: enabled)
    Drop-In: /lib/systemd/system/tor@default.service.d
             └─50_anon_ws_disable_stacked_tor.conf, 51_anon_ws_disable_stacked_tor.conf
     Active: active (running) since Mon 2024-06-24 18:15:53 UTC; 54min ago
       Docs: https://www.whonix.org/wiki/Dev/anon-ws-disable-stacked-tor
   Main PID: 826 (tor)
      Tasks: 2 (limit: 2729)
     Memory: 624.0K
        CPU: 27ms
     CGroup: /system.slice/system-tor.slice/tor@default.service
             ├─826 /bin/bash /usr/bin/tor --defaults-torrc /usr/share/tor/tor-s…
             └─829 sleep infinity

Jun 24 18:15:53 host systemd[1]: Started anon-ws-disable-stacked-tor.
+ test -f /etc/apt/sources.list.d/debian.list
+ test -f /etc/apt/sources.list.d/derivative.list
++ cat /etc/apt/sources.list.d/derivative.list
++ grep --invert-match '\#'
++ grep --invert-match '^$'
+ derivative_list_contents='deb [signed-by=/usr/share/keyrings/derivative.asc] tor+https://deb.kicksecure.com bullseye main contrib non-free
deb [signed-by=/usr/share/keyrings/derivative.asc] tor+https://deb.whonix.org bullseye main contrib non-free'
+ '[' 'deb [signed-by=/usr/share/keyrings/derivative.asc] tor+https://deb.kicksecure.com bullseye main contrib non-free
deb [signed-by=/usr/share/keyrings/derivative.asc] tor+https://deb.whonix.org bullseye main contrib non-free' = '' ']'
+ echo 'deb [signed-by=/usr/share/keyrings/derivative.asc] tor+https://deb.kicksecure.com bullseye main contrib non-free
deb [signed-by=/usr/share/keyrings/derivative.asc] tor+https://deb.whonix.org bullseye main contrib non-free'
+ grep --quiet kicksecure.com
+ echo 'deb [signed-by=/usr/share/keyrings/derivative.asc] tor+https://deb.kicksecure.com bullseye main contrib non-free
deb [signed-by=/usr/share/keyrings/derivative.asc] tor+https://deb.whonix.org bullseye main contrib non-free'
+ grep --quiet whonix.org
+ meta_package_detect
+ '[' '!' '' = '' ']'
+ test -e /usr/share/qubes/marker-vm
+ test -e /usr/share/whonix/marker
+ test -e /usr/share/anon-gw-base-files/gateway
+ test -e /usr/share/anon-ws-base-files/workstation
+ meta_package=non-qubes-whonix-workstation-xfce
+ meta_package_installed_check
+ dpkg --status non-qubes-whonix-workstation-xfce
+ return 0
+ return 0
+ '[' non-qubes-whonix-workstation-xfce = '' ']'
+ true 'INFO: meta_package detected: non-qubes-whonix-workstation-xfce'
+ trap pre_upgrade_error ERR
+ true 'INFO: Checking potential issues and attempt to fix if any (pre)...'
+ apt-get-noninteractive --yes --no-install-recommends --fix-broken install
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libopengl0 libwpe-1.0-1 libwpebackend-fdo-1.0-1
  linux-headers-5.10.0-20-common linux-headers-5.10.0-21-common
  linux-headers-5.10.0-22-common linux-headers-5.10.0-23-common
  linux-headers-5.10.0-24-common linux-headers-5.10.0-25-common
Use 'sudo apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
+ true 'INFO: Checking potential issues and attempt to fix if any (pre)...'
+ dpkg-noninteractive --configure -a
+ true 'INFO: Checking potential issues and attempt to fix if any (pre)...'
+ apt-get-noninteractive --yes --no-install-recommends --fix-broken install
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
  libopengl0 libwpe-1.0-1 libwpebackend-fdo-1.0-1
  linux-headers-5.10.0-20-common linux-headers-5.10.0-21-common
  linux-headers-5.10.0-22-common linux-headers-5.10.0-23-common
  linux-headers-5.10.0-24-common linux-headers-5.10.0-25-common
Use 'sudo apt autoremove' to remove them.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
+ true 'INFO: Running sanity test (pre)...'
+ dpkg-noninteractive --audit
+ true 'INFO: Running sanity test (pre)...'
+ dpkg-noninteractive --configure -a
+ true 'INFO: Showing unofficial packages packages (excluding Whonix and Qubes) (pre):'
+ apt-forktracer
+ grep --invert-match whonix:
+ grep --invert-match 'Qubes Debian:'
linux-headers-5.10.0-25-common (5.10.191-1)
linux-headers-5.10.0-22-common (5.10.178-3)
mongodb-compass (1.30.1)
linux-headers-5.10.0-23-common (5.10.179-3)
linux-headers-5.10.0-20-common (5.10.158-2)
mongodb-database-tools (100.5.2)
linux-headers-5.10.0-24-common (5.10.179-5)
code (1.90.2-1718751586) [code stable: 1.90.2-1718751586 1.90.1-1718141439 1.90.0-1717531825 1.89.1-1715060508 1.89.0-1714530869 1.88.1-1712771838 1.88.0-1712152114 1.87.2-1709912201 1.87.1-1709685762 1.87.0-1709078641 1.86.2-1707854558 1.86.1-1707298119 1.86.0-1706698139 1.85.2-1705561292 1.85.1-1702462158 1.85.0-1701902998 1.84.2-1699528352 1.84.1-1699275408 1.84.0-1698839401 1.83.1-1696982868 1.83.0-1696350811 1.82.3-1696245001 1.82.2-1694671812 1.82.1-1694163687 1.82.0-1694039253 1.81.1-1691620686 1.81.0-1690980880 1.80.2-1690491597 1.80.1-1689183569 1.80.0-1688479026 1.79.2-1686734195 1.79.1-1686587647 1.79.0-1686149120 1.78.2-1683731010 1.78.1-1683194560 1.78.0-1683145611 1.77.3-1681292746 1.77.2-1680777128 1.77.1-1680651665 1.77.0-1680085573 1.76.2-1678817801 1.76.1-1678294265 1.76.0-1677667493 1.75.1-1675893397 1.75.0-1675266613 1.74.3-1673284829 1.74.2-1671533413 1.74.1-1671015296 1.74.0-1670260027 1.73.1-1667967334 1.73.0-1667318785 1.72.2-1665614327 1.72.1-1665423861 1.72.0-1664926972 1.71.2-1663191218 1.71.1-1662667267 1.71.0-1662018389 1.70.2-1660629410 1.70.1-1660113095 1.70.0-1659589288 1.69.2-1658162013 1.69.1-1657615746 1.69.0-1657183742 1.68.1-1655263094 1.68.0-1654690107 1.67.2-1652812855 1.67.1-1651841865 1.67.0-1651667246 1.66.2-1649664567 1.66.1-1649257842 1.66.0-1648620611 1.65.2-1646927742 1.65.1-1646706496 1.65.0-1646220682 1.64.2-1644445741 1.64.1-1644255817 1.64.0-1643863948 1.63.2-1639562499 1.63.1-1639448820 1.63.0-1638855526 1.62.3-1637137107 1.62.2-1636665017 1.62.1-1636111026 1.62.0-1635954068 1.61.2-1634656828 1.61.1-1634175470 1.61.0-1633631387 1.60.2-1632313585 1.60.1-1631294805 1.60.0-1630494279 1.59.1-1629375198 1.59.0-1628120042 1.58.2-1626302803 1.58.1-1626158276 1.58.0-1625728071 1.57.1-1623937013 1.57.0-1623259737 1.56.2-1620838498 1.56.1-1620296372 1.56.0-1620166262 1.55.2-1618307277 1.55.1-1617808414 1.55.0-1617120720 1.54.3-1615806378 1.54.2-1615424848 1.54.1-1614898113 1.54.0-1614738538 1.53.2-1613044664 1.53.1-1612827767 1.53.0-1612368357 1.52.1-1608136922 1.52.0-1607640828 1.51.1-1605051630]
linux-headers-5.10.0-21-common (5.10.162-1)
atomic (2.69.2)
+ true 'INFO: Running deborphan (pre)...'
+ deborphan
libopengl0
libwpebackend-fdo-1.0-1
+ true 'INFO: Fetching package lists (1/2)...'
+ apt-get update
Get:1 tor+https://fasttrack.debian.net/debian bullseye-fasttrack InRelease [12.9 kB]
Get:2 tor+https://deb.whonix.org bullseye InRelease [38.9 kB]                  
Get:3 tor+https://deb.kicksecure.com bullseye InRelease [38.9 kB]              
Hit:4 tor+https://deb.debian.org/debian bullseye InRelease          
Hit:5 tor+https://deb.debian.org/debian bullseye-updates InRelease
Hit:7 tor+https://deb.debian.org/debian-security bullseye-security InRelease
Hit:8 tor+https://deb.debian.org/debian bullseye-backports InRelease
Hit:6 https://packages.microsoft.com/repos/code stable InRelease               
Reading package lists... Done                                                  
E: Release file for tor+https://deb.whonix.org/dists/bullseye/InRelease is expired (invalid since 76d 4h 53min 39s). Updates for this repository will not be applied.
E: Release file for tor+https://deb.kicksecure.com/dists/bullseye/InRelease is expired (invalid since 76d 4h 53min 44s). Updates for this repository will not be applied.
+ true 'ERROR:
Could not fetch package lists. Networking issues?
Therefore aborting upgrade.
Recommendation: perform a Standard '\''everyday'\'' upgrade beforehand as per:
/wiki/Operating_System_Software_and_Updates'
+ exit 1

A standard “everyday” upgrade (sudo apt update; sudo apt full-upgrade) also outputs the following errors as above:

E: Release file for tor+https://deb.kicksecure.com/dists/bullseye/InRelease is expired (invalid since 76d 4h 53min 44s). Updates for this repository will not be applied.
E: Release file for tor+https://deb.whonix.org/dists/bullseye/InRelease is expired (invalid since 76d 4h 53min 39s). Updates for this repository will not be applied.

Whonix build version: 16.0.3.7

My question is: Is in-place release upgrade not possible due to the aforementioned errors and just being too late, along with my only option being a full image re-installation (which will require backing up and restoring all personal files and additional software)?

If the answer is “yes”, then I propose considering adding an alert somewhere, that would inform the user how much time he has left for an in-place release upgrade if possible (perhaps already in place and I just don’t know where?).

Thank you in advance!

2

A tiny script modification would work around that.

Add || true after every apt-get update inside the script.

2 Likes
3

Or try change bullseye to bookworm in /etc/apt/sources.list.d/derivative.list.

4

Probably not too late. If you read the release-upgrade script, you’ll see there is no magic there.

Can be done using this command:

sudo str_replace "apt-get update" "apt-get update || true" /usr/sbin/release-upgrade
2 Likes
5

Well, you’re both right, it worked, though I had to add && false instead of || true after every apt-get update, so here’s the final command for anyone with the same issue:

sudo str_replace "apt-get update" "apt-get update && false" /usr/sbin/release-upgrade

Sorry for the late response, it just took a bit on a Tor connection, and I wanted to make sure there aren’t any additional errors, but unlikely, because as @Patrick mentioned, there is indeed no magic in the script.

I was sure, that it’s just too late, and was already preparing to back up and restore everything, so your answers probably saved me a lot of time. Thank you very much!

1 Like
6

I am wondering how to handle this more robustly in the future.

The rationale behind the first check of running sudo apt-get update is to see if it fails. It can fail for many reasons. One reason could be broken custom repositories added by the user. In this case, it’s best to fail early so the user can fix these issues to avoid later worse follow-up issues due to this.

However, if the oldstable repository is no longer available, then this test will fail as well.

A better manual workaround meanwhile would be:

sudo repository-dist --enable --codename bookworm

In the future, above command bookworm needs to be replaced with the name of the Debian stable bookworm at that time.

Why not automate this for the user? Because from the script it is hard to diagnose what exactly the reason for the failure is. Could be either a broken user custom repository or the derivative oldstable repository no longer being available.