Bug#929248: changed its 'Suite' value from 'buster' to 'testing' ...

To: Adam Borowski <kilobyte@angband.pl>, 929248@bugs.debian.org, Osamu Aoki <osamu@debian.org>
Subject: Bug#929248: changed its 'Suite' value from 'buster' to 'testing' ...
From: Julian Andres Klode <jak@debian.org>
Date: Sun, 7 Jul 2019 18:27:02 +0200
Message-id: <[🔎] 20190707182325.GA21695@debian.org>
Reply-to: Julian Andres Klode <jak@debian.org>, 929248@bugs.debian.org
In-reply-to: <[🔎] 20190707152627.GB28565@angband.pl>
References: <155830187792.29069.7105802844048789084.reportbug@sschum-wirt.lan.tarent.de> <[🔎] 20190707133449.GA6789@goofy.osamu.debian.net> <155830187792.29069.7105802844048789084.reportbug@sschum-wirt.lan.tarent.de> <[🔎] 20190707152627.GB28565@angband.pl> <155830187792.29069.7105802844048789084.reportbug@sschum-wirt.lan.tarent.de>

On Sun, Jul 07, 2019 at 05:26:27PM +0200, Adam Borowski wrote:
> On Sun, Jul 07, 2019 at 10:34:49PM +0900, Osamu Aoki wrote:
> > But why we point people to apt-secure manpage?  It was cryptic for me.
> 
> I did not manage to find the information there either.  At this moment, I
> did intentionally stop -- while I might be not the brightest bulb in the
> knife drawer, I believe my ability to read man pages is a wee bit better
> than that of an average user.  And _those_ will not manage futher research.
> 
> My particular question was:
> Given a pipeline that's basically:
> for x in `lxc-ls --running`;do echo ...;lxc-attach -n "$x" -- apt-get update;done
> have apt do its job.
> 
> None of the containers in question refer to any codenames that have changed,
> thus apt's reluctance to continue is irrelevant or harmful.  All of these
> referred to either "unstable", "buster" or "stretch".  I would understand
> your reasoning if I had referred to "stable".

There are two reasons for these checks:

(1) Your pinning can break (or -t switches in your script)
(2) Your system can accidentally upgrade to a new stable release

In your case, (1) applies.

> 
> But, it's worse than merely annoying users of unstable and testing.  Two
> years from now, millions of boxes will have "buster" change to "oldstable",
> and, with cron mails currently being null-routed by default, no one will see
> that[1].  Thus, a significant part of users will have security updates
> suddenly stopped despite nothing relevant to them happening.
> 
> And this particular piece deserves a high severity.

Luckily we have about two years to deal with this (well, let's say 18
months or so, gotta give people time to update before the new stable).

> 
> > Why not simply say:
> > 
> > Probably, a new Debian Stable release has happened as you tried to
> > update your system.  If this is the case, please update "Release-Notes"
> > field by executing "sudo apt-get --allow-releaseinfo-change update".

You're not supposed to be using apt-get, use apt. We can't tell people to
use that flag or apt-get as they might be using a different frontend -
refering them to the manpage is the best we can do if they insist on
using the apt-get frontend.

-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer                              i speak de, en

Reply to:

References:
- Bug#929248: changed its 'Suite' value from 'buster' to 'testing' ...
  - From: Osamu Aoki <osamu@debian.org>
- Bug#929248: changed its 'Suite' value from 'buster' to 'testing' ...
  - From: Adam Borowski <kilobyte@angband.pl>

Prev by Date: Bug#913913: Bug#931524: security.debian.org: bullseye security updates may be silently skipped on systems using apt pinning
Next by Date: Bug#913913: Bug#931524: security.debian.org: bullseye security updates may be silently skipped on systems using apt pinning
Previous by thread: Bug#929248: changed its 'Suite' value from 'buster' to 'testing' ...
Next by thread: Bug#931566: Don't complain about suite changes (Acquire::AllowReleaseInfoChange::Suite should be "true")
Index(es):
- Date
- Thread