Afternoon.
I'm trying to manage a set of servers that have no net connection.
I've been using Apt-offline to do so, and it's generally been good, but it appears that I've been hitting a problem since the release of 20.04.05 LTS.
I'm trying to create a document so that I can formalise the process for another volunteer to manage and this is blocking that without adding a bodge.
The apt-offline get/install update/apt update works well, but when it comes to apt-offline upgrade, as the last "apt upgrade" fails.
(I manage sigs with -update.sig, -upgrade.sig to avoid getting them confused.
These fail as the apt upgrade messages reports:
the following packages will be installed
fwupd libfwupd2 linux-generic-hwe-20.04 linux-headers-generic-hwe-20.04 linux-images-generic-20.04
6 to upgdate, 6 to newly install, 0 to remove and 0 not to upgrade
3 standard LTS security updates
Need to get 107MB of archives.
(edit) My current bodges are:
get the other pkgs installed and only end up with these, i did a
apt clean,
apt-offline install <sig>.bundle,
dpkg -i /var/cache/apt/archives/*.deb
and then manually create a seperate signature file using apt-offline:
sudo apt-offline set <sig>-NEW.sig --install-packages <list of missing packages>
and then doing the get/install/apt upgrade loop again.
This pushes another data transfer between online and offline systems, which is really undesirable, but currently essential.
Is there a better way to get these as well in the initial sudo apt-offline get -UPGRADE.sig?
(edit) I'm currently using apt-offline 1.8.4-1 from the 22.04 stream, because of this error - apt-offline "path for keyring is invalid" error using trusted.gpg not trusted.gpg.d (/edit)
Thanks in advance!
WB
(apols for the edits, didn't feel as though it explained the bodges & issues correctly)
Edited 2022-11-30 to add:
Found a way to avoid the dpkg -i *.deb option in case the bundles had something that was incorrectly included or share a cached folder:
apt upgrade -m --no-download will only install the "correct" packages in the cache. -m means "ignore missing" and --no-download means it doesn't try and download things.
There definately appears to be an issue with apt-offline not grabbing the full upgrade list at least the first time around; applying the first upgrade bundle then generating a new SIG file (apt-offline set <sig>) lists files that weren't in the first pack.
The ones that are getting me now are:
linux-image-generic
linux-generic
linux-headers-generic
Forcing a with
sudo apt-offline set <sig> --install-packages linux-image-generic linux-generic linux-headers-generic gives me a sig file listing the below packages.
linux-generic_5.4.0.132.132_amd64.deb
linux-image-generic_5.4.0.132.132_amd64.deb
linux-headers-generic_5.4.0.132.132_amd64.deb
Edit 2022-12-02
Pretty much given up with Apt-offline for the packages themselves.
Built a seperate VM using the build documentation i've got on an internet facing machine, ran apt clean, used apt-offline to grab the --update cache, then sudo apt upgrade --download-only to get all the packages i've got.
tarball'd up the contents of the archive folder and copied that to the offline machines; applied the "apt-offline update bundle", and dumped the tarball into the apt cache.
After a single apt upgrade got everything in one go, with 0 packages left to update.
Not neat as it required a seperate VM host, or streamlined but so much easier to manage.
