Table of Contents

Upgrade Devuan ASCII to Beowulf

Script

# change sources.list
mv /etc/apt/sources.list /etc/apt/sources.list.old
echo 'deb http://deb.devuan.org/merged beowulf main contrib non-free' >> /etc/apt/sources.list
echo 'deb http://deb.devuan.org/merged beowulf-updates main contrib non-free' >> /etc/apt/sources.list
echo 'deb http://deb.devuan.org/merged beowulf-security main contrib non-free' >> /etc/apt/sources.list
echo '#deb http://deb.devuan.org/merged beowulf-backports main contrib non-free' >> /etc/apt/sources.list
 
# NOTE: you should check sources.list.d for any extra listings before you proceed.
 
apt update
apt -y upgrade
apt -y dist-upgrade
apt -y autoremove
reboot

amavisd

ISPConfig3 fixes amavis do it does not do “normal” stuff; it is enhanced. I'm assuming this is what causes this problem. Basically, when you're doing your update/upgrade, amavisd-new will fail to upgrade since it can not start/stop it. I found the easiest way to fix it is:

ps ax | grep amavis
# for each instance running, beginning with master
kill PID_FOUND_ABOVE
# that leaves the pid file with insecure permissions, so simply remove it
rm /var/run/amavis/amavisd.pid

Dovecot

There is a major configuration change on dovecot and, if you're using ISPConfig3, it will break. To fix it, you need comment the ssl_protocols line and add ssl_min_protocol and ssl_dh lines in /etc/dovecot/dovecot.conf

#ssl_protocols =  !SSLv3
ssl_min_protocol = TLSv1
ssl_dh=</etc/dovecot/dh.pem

Then, run the following. This probably only works on Debian derivative machines

dd if=/var/lib/dovecot/ssl-parameters.dat bs=1 skip=88 | openssl dhparam -inform der > /etc/dovecot/dh.pem

Note: with ISPConfig, postfix relies on dovecot for authentication, so after you fix dovecot, be sure and restart postfix.

service dovecot restart
service postfix restart
tail -f /var/log/mail.log

certbot

# remove certbot-auto and install via apt
mkdir ~/trash
mv /opt/eff.org /etc/cron.d/certbot /usr/local/bin/certbot-auto ~/trash
apt install certbot