Seeking Adventurous Debian Testers

Hello everyone!

I’m looking for Debian users running Debian testing (buster) that are experienced administrators and are willing to help me test the new 0.20 release of Debian that’s currently sitting in unstable.

Because we are migrating from Python 2 to Python 3, I want to make extra sure that things are working for everyone, and the best way to do that is to get more people than me to test things!

NOTE: Installing packages from unstable may break your system in new, interesting, and irreversible ways! Though I’m looking for help testing, and I’m quite willing to help debug any certbot problems that result, this decision shouldn’t be made lightly.

If you’re willing to help, first, freshly update your system: apt update && apt upgrade. This will help us keep foot-gun interactions to a minimum.

Then you will need to add the unstable repo in to /etc/apt/sources.list.d. Something on the lines of:

deb http://deb.debian.org/debian/ unstable main
deb-src http://deb.debian.org/debian/ unstable main

Then add the following pin preference in /etc/apt/preferences.d/unstable.pref:

Package: *
Pin: release a=testing
Pin-Priority: 900

Package: *
Pin: release o=Debian
Pin-Priority: -10

If you do not add this preferences file, you will upgrade your system to sid. This would be bad.

Run another apt update, and then apt upgrade -s. You should see that apt is not attempting to upgrade anything. If you see it try to upgrade some large number of packages, remove the file you added to sources.list.d and re-run apt update.

If things look OK, then you can test the upgrade of certbot by running apt install -t unstable certbot.

I am interested in a couple of things.

  1. Does apt properly upgrade not just certbot but also the plugin that you have installed?
  2. Do you get any apt conflicts?
  3. When you have installed certbot, does certbot --version show the correct version without errors?
  4. Do you get error messages when attempting to get a new certificate or renew a current one?
  5. Do you see anything else weird that I should know about?

If you run into trouble, please ping me here. If it’s urgent, you can reach me in #letsencrypt-dev on irc.freenode.net. Thanks for your help!

2 Likes

hi @hlieberman

below is a screenshot of a server I need to rebuild and reinstall certbot for

usually, i use PIP to install certbot so if it will add value for you for me to do testing as per your instruction let me know

Apologies my linux is getting bad hence the quiestion

Andrei

i have installed buster inside Virtual machine.

upgrade works fine .
i didnt get any conflicts.
certbot --version : certbot 0.20.0

Since i tried it with virtualbox certificates not possible. May be tomorrow i will get time to test it in server.

will it be fine with it ?

Package: *
Pin: release n=buster
Pin-Priority: 900

it is not attempting any upgrades.Everything seems OK.

Debian testing release (currently buster)
Debian unstable release (also known as sid)

why we are using unstable main instead of buster main .

if i use testing (buster) repo deb http://deb.debian.org/debian/ buster main, everything seems fine .But it uses python2.7 version with certbot 0.19.0 .

if i use the unstable(sid) repo as you said , it uses python3 and installs certbot 0.20.0.

Hi there! If you’ve installed with pip, you should keep doing that; it’s probably not safe to co-install certbot via apt and by pip. Thanks for being willing to help though!

Your pin looks fine. n=buster and a=testing are “the same” – at least until buster becomes stable!

Thanks for testing. It’s good to know the upgrade path works; that’s one of the things I’m most worried about. If you do more testing, please let me know – also, don’t forget you can use --staging to hit the staging server instead of the prod server (so as not to use up your cert limit).

It’s still in unstable; I’ve blocked it from migrating to testing until I’m a little bit more confident that it won’t break anything.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.