Upgrading to Debian Stretch

I’ve done it. Our server and all but one of our clients have been dist-upgraded to Debian Stretch. The dist-upgrade went smoothly on all clients. The server was another matter. Oh, the dist-upgrade was smooth but web-applications were ripped by the migration from PHP 5 to PHP 7. It was trivial to convert my recipe application to PHP 7, just a handful of MySQL calls needed changing. phpBB, OTOH, does not support PHP 7 and since we rarely use it, I will just remove it. It was useful when I taught in schools but I don’t need it now in the era of smartphones in every pocket. People use FB or e-mail or “messaging” and carry on. Coppermine Photo Gallery has a double whammy. It’s no longer supported by anyone and so will not be upgraded by the FLOSS community, most likely. I have invested quite a bit of work annotating photos in the database so I don’t want to abandon CPG. I can put it in a virtual machine running Jessie forever. It’s on the LAN so security is not much of an issue. My local library of Gutenberg texts is another matter. The CGI script was written in PASCAL, so that’s not a problem but the SWISH-e PHP interface does not build against PHP 7. The SWISH-e plugin is ancient, about 2012, so it’s not clear whether it will ever work with PHP 7. I just don’t want to dig that deep. SWISH-e still works so I could rewrite everything in PASCAL and carry on, but I could also move this web-application to a virtual machine running PHP 5. This library also was very valuable when I taught in northern schools with shaky Internet connections but it’s less important now. I can also use SWISH-e from the commandline if necessary. phpMyAdmin worked smoothly. It’s from Debian’s repository, of course.

So, there were a few bumps in the road, mostly due to web-applications not from Debian’s repository, but all in all it was a very smooth transition to a long term supported release. I like it.

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.

This entry was posted in Linux in Education, Teaching, technology and tagged , , , , , , , , , . Bookmark the permalink.

31 Responses to Upgrading to Debian Stretch

  1. Grece says:

    Do tell me mindless wonder, how a standard user is able to change registry keys?

  2. oiaohm says:

    Grece the idea that non admin accounts of windows don’t pick up malware is incorrect.

    https://github.com/AlessandroZ/BeRoot

    HKEY_CURRENT_USER\SOFTWARE\Policies\Microsoft\Windows\Installer\AlwaysInstallElevated
    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\Installer\AlwaysInstallElevated

    Got to love that setting two registry keys results in when ever any user on a Windows system clicks on a MSI its installed with full administration privileges. So something gets in by privilege exploit you clean it out on windows and those settings can be left behind making system catch more infections.

    Linux when a person does not have admin privileges what they can do is restricted. Windows when a person is without admin privilleges is a serous maybe with some of the stuffed up registry settings possible. Its the one of the major things with windows is how hard it is to perform a full security audit against stupidity set somewhere.

  3. Grece says:

    XP was slowing down, picking up malware, BSODing frequently and refusing to boot. Re-installation was required about twice a year

    Let me guess, you allowed her Admin rights to the machine….didn’t you? Non-admin accounts just don’t pickup malware. Being an “alleged” IT guy, I find it rather cynical that you just allowed it to happen, so you can force your will on TLW.

  4. Ivan says:

    So you bought her cheap hardware and when the software told you what was wrong with it you installed linux and beat your chest because you’re a manly man doing man things and that stupid woman needed to get with it. Is that about it?

    Kinda sexist, Bob.

  5. Grece wrote, “Tell us about this AV help and re-installation needs Robert?”

    XP was slowing down, picking up malware, BSODing frequently and refusing to boot. Re-installation was required about twice a year, ISTR. That was a long time ago. She’s been happily using GNU/Linux ever since the men in the family refused to provide $free IT-support to M$.

  6. Grece says:

    The reason she went to GNU/Linux in the first place was because TOOS was too much trouble, constantly requiring AV help and re-installation. No thanks.

    I am willing to bet, that if Robert had not been there, she would have paid someone to fix her ‘puter, while still continuing to use Microsoft.

    Tell us about this AV help and re-installation needs Robert?

  7. Ivan says:

    constantly requiring AV help and re-installation

    Maybe you should have bothered learning the system instead of listening to crack-pots on how to administer your systems. I get that it would kill you to buy something not from China but, unlike Debian, Microsoft pays people to document its software and the documentation is well worth reading.

  8. DrLoser wrote, “Even if The Little Woman does not revert to Windows at some point in the future”.

    There’s little danger of that unless she goes off and buys a Wintel PC on her own. Then she’s unlikely to get any support from either of us. The reason she went to GNU/Linux in the first place was because TOOS was too much trouble, constantly requiring AV help and re-installation. No thanks.

  9. DrLoser says:

    LTS is important to me. My son can provide support to TLW but he’s into Ubuntu GNU/Linux, for unknown reasons.

    Without wishing to speculate upon those “unknown reasons,” I think it’s fair to see your Ubuntoid son as a support resource for The Little Woman who will last, say, 20 or more years longer than you will. Even if The Little Woman does not revert to Windows at some point in the future when you are too wheezy and incapacitated to be able to contradict her decision, it looks like the Debian days are limited.

    I think you should face up to reality, Robert. Debian can claim “X years of LTS support” for any value of X they like. Two, five, ten, fifty — there is no basis for any such claim. Nor is there any financial penalty if it turns out they are talking porkies.

    No, Robert. It is time. Go with the instincts of your son. Pave over your Debian drivel with the GNU/Linux voice of the Future — Ubuntu!

    Of course, you might have to take an intensive course from your son on how to manage the thing. Make sure you pay him well for his expertise, because nothing comes for free.

  10. Ivan wrote, “That is not deprecated for another two years and four months. Why is the Debian maintainer being a dipshit here? Surely you can answer that question…”

    Debian Stretch is a five-year release, not the usual two. What’s the point of releasing a version which will be unsupported in two years?

    As I age, support for the installed system is very important. Will I be interested in/able to support Debian on our systems in two years? Five years? Who knows? I don’t. LTS is important to me. My son can provide support to TLW but he’s into Ubuntu GNU/Linux, for unknown reasons.

  11. Ivan says:

    Time to get your eyes checked, Bob.

    active support will run for an additional four months, and the security fix period has been doubled from one to two years.

    That is not deprecated for another two years and four months. Why is the Debian maintainer being a dipshit here? Surely you can answer that question…

  12. DrLoser wrote, “I don’t see the word “deprecated” there, Robert, so I assume, as usual, that your well-fertilized mind is making this up.”

    I guess I was wrong to assume literacy, then.

    Wikipedia: “In several fields, deprecation is the discouragement of use of some terminology, feature, design, or practice; typically because it has been superseded or is no longer considered efficient or safe – but without completely removing it or prohibiting its use.”

  13. luvr says:

    I do wonder who keeps wasting more time: Robert on his computing devices, or Dr. Loser on his endless, pointless whining here.
    Pot, Kettle, Black, anyone?

  14. DrLoser says:

    No, wait, I’m wrong, I admit. Not PHP 5.7, but PHP 7. My apologies.

    You do have to wonder what sort of “insecurities” are at issue here, though. I mean, it’s not an OS. It’s not a hardware driver. It’s not even a comms protocol (or collection thereof) such as SSL.

    It’s just a (1) scripting language, for God’s sake. Plus, of course, an implementation standard, which is where that heap/refcount stuff comes in. Plus, of course, a set of libraries.

    But absolutely none of that should be open to security problems. For example: show me a potential problem in a PHP 5 library that does not, also, exist, in the equivalent PHP 7 library. I’m pretty sure there isn’t a single one. And if you fix it in PHP 7, then it should be almost trivial to back-fix it in PHP 5.

    This is yet another example of FLOSS not giving a toss about back-compat, isn’t it? It’s always up to the -sucker- “customer” to go through the unnecessary pain of updating everything from the old, boring, nobody wants to work on it version 5 to the new, shiny, looky here version 7! and somehow version 6 just sort of sagged in the middle there, but hey, it’s all fun and games until somebody pokes themselves in the eye with a sharp stick!

    So, I guess you made the right decision, Robert. You are an absolute stickler for wasting your time on unnecessary upgrades, because that’s what you have been educated (in a Pavlovian sense) to do by your lords and masters, the dingbats who play around with upstream FLOSS.

    Can’t really see this appealing to the Man in the Street, though.

    (1) And a crappy one, at that.

  15. DrLoser says:

    PHP 5.6 As it is the final PHP 5 release, support for PHP 5.6 has been extended: active support will run for an additional four months, and the security fix period has been doubled from one to two years.

    Fascinating.

    I don’t see the word “deprecated” there, Robert, so I assume, as usual, that your well-fertilized mind is making this up.

    Neither do I see any sort of argument advanced for the use of PHP 5.7. Which, by dint of the no doubt authoritative statement that “PHP 5.6 … is the final PHP 5 release” — naturally implies that the PHP version of Peano numbering presently aliases the successor to 5 as 5.7, rather than 6, as would normally be expected.

    This explains rather a lot about the hopelessness of PHP, It doesn’t really explain the benefits that you hope to enjoy by this ludicrous and unnecessary “upgrade,” though.

  16. See Support: http://php.net/supported-versions.php

    “PHP 5.6 As it is the final PHP 5 release, support for PHP 5.6 has been extended: active support will run for an additional four months, and the security fix period has been doubled from one to two years. Other releases are unaffected. “

    See eol: http://php.net/eol.php
    “This page lists the end of life date for each unsupported branch of PHP. If you are using these releases, you are strongly urged to upgrade to a current version, as using older versions may expose you to security vulnerabilities and bugs that have been fixed in more recent versions of PHP. “

    Now Debian stable doesn’t want to change PHP version in the midst of longterm support, so what choice did they have?

  17. DrLoser says:

    Surely, that was an option but PHP5 was deprecated,

    This is news to me, Robert. Would you care to supply a link that describes PHP5 as “deprecated?”

  18. DrLoser says:

    Then, I wonder, why wouldn’t Debian include PHP 5 in their new shiny distro, and let users choose?

    I have the basis for a possible answer to that, Deaf Spy.

    About ten years back, I bought a Linux notebook (HP, SuSE). You know, one of those FLOSS Cheap Things that were supposed to take over the world. Until M$ cheated and practically gave away the licence for XP. Which made notebooks verboten until the advent of Chromebooks, which are FLOSS, except that they aren’t, and so notebooks are golden again and …

    … Where was I? Oh yes. This HP/SuSE notebook. Turns out that a very, very, large amount of the user-mode parts of the SuSE version relied on a very specific installation of Python. And that this installation of Python was not isolated from actual Dr-Loser-As-User.

    So, I did a small-ish update via YaST of some bit of the Python libraries or other, and completely bricked the whole notebook.

    I imagine that Debian has done the same. Unless you are very careful, you are going to need to use the same version of PHP that random bits of the “Operating System” rely upon.

  19. Deaf Spy wrote, “why wouldn’t Debian include PHP 5 in their new shiny distro, and let users choose?”

    Surely, that was an option but PHP5 was deprecated, Jessie is still current and Stretch is LTS. I could have stayed with Jessie another year or so but wanted to give Stretch a try. I knew PHP5 might be a problem but a larger problem is that Gallery is orphaned. It had to be locked up or replaced anyway. PHP was not a deciding factor for me as I only had a few lines to edit and two scripts that weren’t in Stretch. I don’t use phpBB for anything these days. I freed resources by getting rid of it. While doing so, I dropped half a dozen useless databases.

  20. Deaf Spy says:

    It is still pretty unconvincing what use would you, Robert, have of PHP 7. I am very seriously in doubt that your PHP apps were putting notable CPU burden on your “beast”. Your “10% is a marginal improvement but it’s still an improvement allowing Beast to live another few months” sounds farfetched and pulled out of thin air.

    Then, I wonder, why wouldn’t Debian include PHP 5 in their new shiny distro, and let users choose? For instance, Windows 10 comes with .NET 4.5 installed. But, NET 3.5 is included as a standard OS feature you can install and have some old .NET apps work happily.

  21. The Wiz wrote, “Why did you not create a virtualized copy of your pre dist-upgrade system and then run the upgrade against that?”

    Storage. Beast has not enough. That’s one of the reasons for upgrading Beast. I used a 512MB VM for this exercise. It went rather smoothly except I was getting “encoding” error messages from browsers on clients. It turns out both the server in the VM and Beast’s proxy server were compressing stuff… I also had a couple of links to “localhost” instead of Beast, so I had to tweak a couple of strings in Gallery’s database and /etc/hosts on Beast to make everything consistent for all browsers. So, the exercise not only kept Gallery working but pointed out an error in the old installation.

    So, the Wiz makes a valid point but I operate under the premise that everything is fixable in Debian GNU/Linux and I’m pretty good at fixing things and went with the least consumption of resources. I’m retired and enjoy tweaking so I don’t count my time. BTW, TLW pointed out a problem with NFS between Stretch and Jessie (just like SMB between XP and Vista/7). I switched her to using SSHFS instead of NFS and her client is now solid. The big notebook has now died unable to deal with the physical abuse of TLW and grand kid… She has no problem using the little Odroid-C2 system for a fraction of the space, power and cost. I don’t know when or if I will upgrade that to Stretch.

  22. wizard emiritus says:

    “Nonsense. ”

    I am afraid that this is not nonsense. Whether you like it or not to anyone reading your description you broke your working system and then had to band aid your way around the mess that was created. All while declaring the process as just tome bumps in the road.

    I find it particularly humorous that you had to resort to moving one of your now broken apps to a virtual machine running the now back level version to get it running again.

    THe inquiring mind wants to know… Why did you not create a virtualized copy of your pre dist-upgrade system and then run the upgrade against that?

    Laziness perhaps?

  23. DrLoser wrote, “You are not getting anything useful by “ugrading,” Robert”.

    Nonsense. 7 is not a rewrite from scratch. They used what worked and improved the rest. 10% is a marginal improvement but it’s still an improvement allowing Beast to live another few months until I buy its replacement.

  24. DrLoser says:

    I still fail to see a good reason to have PHP7 forced upon me.

    The fact that simple values are not heap allocated in PHP 7 eliminates the need for refcounting, which in and of itself results in a significant performance boost. Storing refcount in the values themselves also allows them to be shared independently of the zval structure, which is another advantage over PHP 5.

    Sounds really impressive, huh? But gaze down at the graphs (which are based on a specific performance metric. Your Mileage May Vary.).

    You get roughly a 10% improvement in execution speed (or cpu utilisation, if you will), and a rather more impressive ~25% improvement in memory usage. But you, Robert, should not care about either..

    When is the last time you actually fell of either the CPU cliff, or the Memory cliff? I doubt it has happened at any time this century. And if it did, then the answer is obviously: fill your noddy database with simpler recipes. Not “ooh ooh new shiny thing number 7!”

    PHP5 has, at this point, been around for what amounts to forever. And more importantly, so have the libraries and the frameworks. You bang on about the importance of the “million eyes” in FLOSS — well, PHP5 is precisely that in current terms.

    (It’s still abject freetard shit, but it;s heavily patched abject freetard shit.) You are not getting anything useful by “ugrading,” Robert. All you are doing is to increase the potential attack surface for no good reason at all.

  25. DrLoser wrote, “upgrade to PHP7? In what possible way could that benefit the average bloke”.

    1. It’s not forced if you run from within Debian’s repository – it’s transparent
    2. php 7 is faster than php 5. I like that.
  26. DrLoser says:

    Well, this could be a circular argument but I no longer need to build my own kernel since Stretch uses Linux 4.9.

    I concur, Robert. That is a circular argument.

    Further, I will get security support for the next five years.

    A rather dubious proposition, I would suggest.

    One thing that pretty much slaps the casual observer in the face: what’s with this forced -death march- upgrade to PHP7? In what possible way could that benefit the average bloke (it’s pretty much always a bloke) running a bog-standard server with bog-standard thin clients?

    See, this is the thing about living on the “bleeding edge” of Linux. Any distro. The ridiculous number of packages, and dependencies between those packages, means that you end up being forced to buy into an attack surface that you really don’t need.

    But hey. It’s modular. Chuckle. All good. Compost. Tricycle.

  27. Grece says:

    : I just got Coppermine Photo Gallery 1.5 running in a Jessie virtual machine.

    So much work, for a picture book.

    I failed to mention that I also use Plex on my UNRAID box to show images during family events.

  28. DrLoser wrote, “tell us how you have benefited from this upgrade.”

    Well, this could be a circular argument but I no longer need to build my own kernel since Stretch uses Linux 4.9. Further, I will get security support for the next five years. That’s nearly an Eternity at my age…

    UPDATE: I just got Coppermine Photo Gallery 1.5 running in a Jessie virtual machine. I just changed the link in my browser and it’s a smooth transition to the user. I just SCPed the script’s directory and the mysqldump of the database over and everything worked once I remembered to tell MySQL to allow access to the user…

  29. DrLoser says:

    Incidentally, the traditional Loon response to “I have backward compatibility issues” — Project Gutenberg, Swishy, whatever — is to use chroot.

    I wouldn’t recommend such an approach to any sane human being, Robert, but in your case I will make an exception.

    I recommend chroot.

  30. DrLoser says:

    Fair enough, Robert.

    Now tell us how you have benefited from this upgrade.

    Go on.

    Do tell.

    Please.

Leave a Reply

Your email address will not be published. Required fields are marked *