Bug#929248: changed its 'Suite' value from 'buster' to 'testing' ...

To: 929248@bugs.debian.org
Subject: Bug#929248: changed its 'Suite' value from 'buster' to 'testing' ...
From: Adam Borowski <kilobyte@angband.pl>
Date: Sun, 7 Jul 2019 17:26:27 +0200
Message-id: <[🔎] 20190707152627.GB28565@angband.pl>
Reply-to: Adam Borowski <kilobyte@angband.pl>, 929248@bugs.debian.org
In-reply-to: <[🔎] 20190707133449.GA6789@goofy.osamu.debian.net>
References: <155830187792.29069.7105802844048789084.reportbug@sschum-wirt.lan.tarent.de> <[🔎] 20190707133449.GA6789@goofy.osamu.debian.net> <155830187792.29069.7105802844048789084.reportbug@sschum-wirt.lan.tarent.de>

On Sun, Jul 07, 2019 at 10:34:49PM +0900, Osamu Aoki wrote:
> But why we point people to apt-secure manpage?  It was cryptic for me.

I did not manage to find the information there either.  At this moment, I
did intentionally stop -- while I might be not the brightest bulb in the
knife drawer, I believe my ability to read man pages is a wee bit better
than that of an average user.  And _those_ will not manage futher research.

My particular question was:
Given a pipeline that's basically:
for x in `lxc-ls --running`;do echo ...;lxc-attach -n "$x" -- apt-get update;done
have apt do its job.

None of the containers in question refer to any codenames that have changed,
thus apt's reluctance to continue is irrelevant or harmful.  All of these
referred to either "unstable", "buster" or "stretch".  I would understand
your reasoning if I had referred to "stable".

But, it's worse than merely annoying users of unstable and testing.  Two
years from now, millions of boxes will have "buster" change to "oldstable",
and, with cron mails currently being null-routed by default, no one will see
that[1].  Thus, a significant part of users will have security updates
suddenly stopped despite nothing relevant to them happening.

And this particular piece deserves a high severity.

> Why not simply say:
> 
> Probably, a new Debian Stable release has happened as you tried to
> update your system.  If this is the case, please update "Release-Notes"
> field by executing "sudo apt-get --allow-releaseinfo-change update".

Yes, thank you!  This particular bit is what I was looking for in this case.

But, I'm afraid that a documentation change is nowhere near enough.

Meow!

[1]. How many times have you been called to recover a server whose mail
spool has a couple of years of notifications about degraded RAID -- which
then worked until the second disk failed?  And so on...
-- 
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ According to recent spams, "all my email accounts are owned
⢿⡄⠘⠷⠚⠋  by a hacker".  So what's the problem?
⠈⠳⣄⠀⠀⠀⠀

Reply to:

Follow-Ups:
- Bug#929248: changed its 'Suite' value from 'buster' to 'testing' ...
  - From: Julian Andres Klode <jak@debian.org>

References:
- Bug#929248: changed its 'Suite' value from 'buster' to 'testing' ...
  - From: Osamu Aoki <osamu@debian.org>

Prev by Date: Bug#913913: Bug#931524: security.debian.org: bullseye security updates may be silently skipped on systems using apt pinning
Next by Date: Bug#913913: Bug#931524: security.debian.org: bullseye security updates may be silently skipped on systems using apt pinning
Previous by thread: Bug#929248: changed its 'Suite' value from 'buster' to 'testing' ...
Next by thread: Bug#929248: changed its 'Suite' value from 'buster' to 'testing' ...
Index(es):
- Date
- Thread