Software package management and Debian: Difference between revisions

New World hosts always run a supported version of Debian and always with as few changes and tweaks as necessary to achieve the required functionality.

This implies that the set of software packages installed on any New World host is a selection from the standard, supported pool of packages maintained by Debian themselves. This would be correct.

Because there are two groups of people in CSE who take an interest in exactly which packages are installed on a host -- namely CSG and teaching staff -- separate lists of packages are maintained by the two groups. The configuration manager (cfengine) ensures that each host has the appropriate list(s) of packages to be installed on it. A separate action ensures that new packages are installed as the lists change.

Initial installation of a New World host

Generally speaking, the process looks like this:

1. Add a line for the host in hostlist.csv and run update_hosts,
2. Update the CSE DHCP server if you're planning on a dynamic, as opposed to static, network configuration,
3. Boot the host using the current Debian installation DVD and do a minimal install. Reboot when done,
4. Initial install and setup of cfengine on a New World host,
5. Go away and have a cake or some chocolate while cfengine does the rest,
6. Come back and it'll all be done. Rebooting generally not required.

How the correct package lists are distributed to hosts

After the initial installation of the operating system, additional Debian packages are installed by cfengine when it detects changes to the lists of required packages. These lists of required packages are maintained by two sources:

• CSG-managed lists,
• Teaching staff-managed lists — see extra packages (and extra files while you're at it).

CSG-maintained package lists

Each package list maintained by CSG generally has an idea of some particular functionality behind it. These packages are selected for a particular host by the contents of /var/lib/cfengine3/masterfiles/debianpackages.inc.

For example, hosts which are members of the class "vlabserver" will have the following package lists copied to them:

• 000vlabserver1.pkglist
• 000vlabserver2.pkglist

Which contain the necessary packages to support the multi-user VNC login functionality of VLAB servers.

Similarly, hosts in the class "userlogin" will have the following package list copied to them:

• 000userlogin.pkglist

The above contains packages which include Kerberos and LDAP support so users can log in, both via VNC/VLAB and SSH.

The above mentioned debianpackages.inc also contains the trigger mechanism to cause package lists to be read after changes. Namely, in cfengine, when a package list is copied or updated the class "pkglist_changed" is created and this causes the command /usr/local/infrastructure/bin/debpkgs_install to be executed.

Teaching staff-managed package lists

See:

• /var/lib/cfengine3/masterfiles/extrafiles.inc
• /var/lib/cfengine3/masterfiles/extraversions.inc
• /var/lib/cfengine3/masterfiles/extrapackages.inc

Similiar to CSG-managed lists, teaching package lists are copied due to promises in extrapackages.inc. List changes cause the class "extrapackages_changed" to be created by cfengine which, in turn, causes the scripts "/usr/local/infrastructure/bin/extrapkgs_install and /usr/local/infrastructure/bin/extrapkgs_purge to run.

How hosts update their installed packages when the list(s) change

Auto-updating of installed packages

The standard Debian unattended-upgrades package is installed on all New World hosts. It is run daily by cron via /etc/cron.daily/apt-compat which, in turn, runs /usr/lib/apt/apt.systemd.daily.

You can find traces of its actions in:

• /var/log/apt/history.log
• /var/log/unattended-upgrades/unattended-upgrades*.log

See also:

• /etc/apt/apt.conf.d/21auto-upgrades
• etc/apt/apt.conf.d/50unattended-upgrades

Purging (removal) of installed packages

See also

• Debian package management tools