Re: Disappearing shim-signed after failed dist-upgrade

To: debian-user@lists.debian.org
Subject: Re: Disappearing shim-signed after failed dist-upgrade
From: Andrei POPESCU <andreimpopescu@gmail.com>
Date: Wed, 30 Jun 2021 11:14:21 +0300
Message-id: <[🔎] 20210630081421.syroe4o4diq2ieml@acr13.nuvreauspam>
In-reply-to: <[🔎] abe1f663-65a6-4089-a752-6ac8abb3c969@www.fastmail.com>
References: <[🔎] ce26f573-ace0-4639-97a6-0556fd29be4c@www.fastmail.com> <[🔎] 20210622181355.GE10985@axis.corp> <[🔎] 014e2628-6975-4e08-94c2-1835458bb047@www.fastmail.com> <[🔎] 20210628144617.GA6234@axis.corp> <[🔎] 20210629052922.7xiyadpkp4reokik@acr13.nuvreauspam> <[🔎] 20210629161122.GA3074@axis.corp> <[🔎] abe1f663-65a6-4089-a752-6ac8abb3c969@www.fastmail.com>

On Ma, 29 iun 21, 22:41:10, Gareth Evans wrote:
> 
> Even if I had made use of upgrade rather than dist-upgrade, presumably 
> a dist-upgrade would have been indicated here (by the existence of 
> packages kept back) and the same position would have resulted - ie. 
> having to wait for a potentially essential package to be made 
> available in upgraded form so it could be reinstalled so that it could 
> be further upgraded in future... no?

Maybe. This is exactly the reason why `dist-upgrade` should be ran 
manually. Always.

> Shouldn't essential packages involved in dependencies only ever be 
> available for upgrade together, unless perhaps the dependency 
> >=version remains satisfied?

Debian has mechanisms to keep packages installed, unless the system 
administrator forces it, so obviously 'shim-signed' is less important. 

> Before succeeding in installing the newer version of shim-signed, I 
> did try installing the version originally installed with Buster, but 
> apt said it wasn't available.  In the end I didn't need to attempt 
> installing from eg. DVD, but couldn't this be impossible too due to 
> other conflicts?

Difficult to tell without looking at the exact situation.

> In short, should a boot-related package ever be removed and not 
> replaced in the same upgrade operation?

There are many installations that don't need 'shim' at all, e.g. 
chroots, systems still using MBR, etc. Most of these packages don't even 
need to be present on the system, as their payload isn't removed when 
removing the package.

> Is it to be expected to have to keep an eye on this sort of thing?

In general you shouldn't run `dist-upgrade` unattended, ever, otherwise 
you will eventually end up with removal of packages that you actually 
need.

This is even more important on everything that is not pure Debian 
'stable'. For keeping 'stable' updated `dist-upgrade` is overdoing it 
anyway, `apt upgrade` (or `apt-get upgrade --with-new-pkgs` if you 
really must have `apt-get`) is sufficient and safer.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser

Attachment: signature.asc
Description: PGP signature

Reply to:

References:
- Disappearning shim-signed after failed dist-upgrade
  - From: "Gareth Evans" <donotspam@fastmail.fm>
- Re: Disappearing shim-signed after failed dist-upgrade
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: Disappearing shim-signed after failed dist-upgrade
  - From: "Gareth Evans" <donotspam@fastmail.fm>
- Re: Disappearing shim-signed after failed dist-upgrade
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: Disappearing shim-signed after failed dist-upgrade
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: Disappearing shim-signed after failed dist-upgrade
  - From: David Wright <deblis@lionunicorn.co.uk>
- Re: Disappearing shim-signed after failed dist-upgrade
  - From: "Gareth Evans" <donotspam@fastmail.fm>

Prev by Date: Re: Bullseye (mostly) not booting on Proliant DL380 G7
Next by Date: Re: X server running on a different machine [Re: Wanted: a special purpose Debian installer]
Previous by thread: Re: Disappearing shim-signed after failed dist-upgrade
Next by thread: Auto install security updates only?
Index(es):
- Date
- Thread