SKYCUBE.net

Solutions for Go, MySQL, PHP, Linux and more

Debian wheezy 7 auto-update problem after release of jessie (8)

Posted — May 16, 2015

First of all Debian jessi (Debian 8.0) is out (released April 25th).

But as we know it will take a bit until all software especially non-free will be ready anf who would do an upgrade of all their servers within the first weeks? As a good admin of your servers you may update your servers regularly. In my case most my server install their updates nightly automatically via the unattended-upgrades. Config file most commonly found at /etc/apt/apt.conf.d/50unattended-upgrades .

After a weekend not receiving any notifications about about updates, I had a look around.

Digging through logs, spam filters, and mail queues I could not find a reason. Usually I am not updating the servers manually via apt-get upgrade or dist-upgrade as this may bring more updates as I need and/or instability or worst a reboot. Furthermore would no one configure their automatic updates to do more the necessary updates like security. By executing the commands manually I came closer to the problem, the keys are not valid any more.

apt-get clean && apt-get update;
Hit http://ftp.nz.debian.org wheezy-updates Release.gpg
Hit http://ftp.nz.debian.org wheezy Release.gpg
Hit http://ftp.nz.debian.org wheezy-updates Release
Hit http://ftp.nz.debian.org wheezy Release
...
Reading package lists... Done
W: There is no public key available for the following key IDs:
7638D0442B90D010
W: There is no public key available for the following key IDs:
7638D0442B90D010
W: There is no public key available for the following key IDs:
9D6D8F6BC857C906

A look where we are on the server:

xyz-web4:~# lsb_release -a
Distributor ID:	Debian
Description:	Debian GNU/Linux 7.7 (wheezy)
Release:	7.7
Codename:	wheezy

As mentioned before, you would never do a dist-upgrade automatic at night. To solve the problem we can ether upgrade manually the one trouble package or the entire system to the latest wheezy packages via apt-get dist-upgrade.

If you do not want to upgrade the whole system, you can upgrade the trouble package via aptitude upgrade debian-archive-keyring

Full upgrade of all packages to latest wheezy version:

xyz-web4:~# apt-get dist-upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages will be upgraded:
  apache2 apache2-mpm-prefork apache2-utils apache2.2-bin apache2.2-common apt apt-utils base-files debian-archive-keyring libapt-inst1.5 libapt-pkg4.12 libruby1.8
  libruby1.9.1 linux-image-3.2.0-4-amd64 linux-libc-dev mercurial mercurial-common ruby1.8 ruby1.9.1 tzdata
20 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 38.3 MB of archives.
After this operation, 2,500 kB of additional disk space will be used.
Do you want to continue [Y/n]?

A look where we are now:

xyz-web4:~# lsb_release -a
Distributor ID:	Debian
Description:	Debian GNU/Linux 7.8 (wheezy)
Release:	7.8
Codename:	wheezy

And guess what, if you execute now apt-get update everything is fine.