Of course, just reloading from scratch and restoring a backup would be the best option. However, when you are remotely maintaining systems that are hundreds or thousands of kilometers (miles) away, let's just say this is "Not An Option".
Some of these systems have been in place for several years and the hardware is, shall we say, antique. Because of this, we are downloading backups of Core 120, installing 120 onto replacement hardware, restoring the 120 backup, updating to 122, making a backup of the 122 settings, reinstalling 122, and then finally restoring the 122 backup. When this is all done, we have our current hardware, running 122 with the new partition layouts and new keys which we then ship to the remote site. People there can swap the cables from the old to the new machines. It's a lot of steps, but it solves all the problems you have brought up. With the replacement Dell hardware, we can do "bare metal" installations remotely, which we can't do with the current Dell hardware, and hopefully not have to *EVER* do this again.
With systems that have large enough boot partitions, we are delaying replacement until the really old hardware is done. But we have seen enough unexplained "events" on these systems that we have resorted to updating from the command line rather than the GUI. There have been several which wound up with "blank" /boot folders. I have not been able to discern why this is happening. But if we check for the blank /boot folders, and don't reboot, we can recover from this. When it happens, we move the mine file from "122" back to "120" and rerun the 120 > 121/122 update. So far, it has always worked correctly the second time, and the system is left in a usable state. If we come up with any kind of idea as to what causes this, I will certainly report this back to this list.
Fred
-----Original Message----- From: Michael Tremer michael.tremer@ipfire.org Sent: 3 August, 2018 04:14 To: Tom Rymes trymes@rymes.com; Kienker, Fred fkienker@at4b.com Cc: development development@lists.ipfire.org Subject: Re: Core 122 updates
On Thu, 2018-08-02 at 23:41 -0400, Tom Rymes wrote:
On Aug 2, 2018, at 2:58 PM, Kienker, Fred fkienker@at4b.com wrote:
<snip>
Michaels posting on the website about maybe it is time for a
clean reinstall is very much to the point. But this is very hard to do with these older systems. Im not sure it is possible to install 122 then restore a backup from 120, but I may well be wrong.
Fred,
Id advise against installing an older backup to a newer system if
you can avoid it. Why not install 120 as a clean install, restore the backup, and then upgrade. Will the 120 clean install not have a larger /boot?
Actually, this is a good point.
Configuration wise it doesn't make a difference but certificates that have been generated with MD5 should be renewed and that is probably most easy to do with a new installation from scratch.
Best, -Michael
Tom