0

I have a very old legacy server running Debian 6.0.10, from which I'm gradually moving things to Debian 10 on a fresh server. There haven't been any real issues, although I'm well aware there may be vulnerabilities.

So as a temporary security measure I thought I'd install ufw while the work proceeds (slowly). However, it seems aptitude install ufw wants to remove a pile of packages which might be needed by existing websites on the server.

All the websites are accessible by me and I maintain some, but I'm not sure if any actually use these packages, and I don't know how to find out easily. There are many cpan-installed packages on one site. Here's the readout:

aptitude install ufw
The following NEW packages will be installed:
  ufw 
The following packages will be REMOVED:
  db4.6-util{u} gnuit{u} libbind9-50{u} libcompress-raw-zlib-perl{u} libdb4.5{u} libdns58{u} libfftw3-3{u} libfile-remove-perl{u} libfreetype6{u} libio-compress-base-perl{u} 
  libio-compress-zlib-perl{u} libisc50{u} libisccc50{u} libisccfg50{u} libjpeg62{u} libltdl3{u} libltdl3-dev{u} liblwres50{u} libmail-box-perl{u} libmime-types-perl{u} libmpfr1ldbl{u} 
  libnet-daemon-perl{u} libnet-xwhois-perl{u} libobject-realize-later-perl{u} libplrpc-perl{u} libsuitesparse-3.1.0{u} libuser-identity-perl{u} libyaml-0-1{u} menu{u} 
  openssl-blacklist{u} python-beaker{u} python-imaging{u} rcs{u} x11-common{u}

Two of the sites on the server use Perl for non-trivial functionality, so I was cautious about going ahead with the install, as several packages appear perl-ish.

Can anyone explain this removal of packages?

Update:

apt-get did a good job without issues, although it's an old version and I installed without verification. Will set up ufw for a little more peace of mind during the long move job to Debian 10.

# apt-get install ufw
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed:
  ufw
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 116 kB of archives.
After this operation, 672 kB of additional disk space will be used.
WARNING: The following packages cannot be authenticated!
  ufw
Install these packages without verification [y/N]? y
Get:1 http://archive.debian.org/debian/ squeeze/main ufw all 0.29.3-1 [116 kB]
Fetched 116 kB in 0s (639 kB/s)
Preconfiguring packages ...
Selecting previously deselected package ufw.
(Reading database ... 78434 files and directories currently installed.)
Unpacking ufw (from .../archives/ufw_0.29.3-1_all.deb) ...
Processing triggers for man-db ...
Setting up ufw (0.29.3-1) ...

Creating config file /etc/ufw/before.rules with new version

Creating config file /etc/ufw/before6.rules with new version

Creating config file /etc/ufw/after.rules with new version

Creating config file /etc/ufw/after6.rules with new version
Processing triggers for python-central ...

# ufw status
Status: inactive
Dave Everitt
  • 201
  • 1
  • 4
  • 11
  • 4
    That's a bit bizarre, but honestly I wouldn't put any thought into it, but get off that ancient distro ASAP. – Michael Hampton Mar 09 '21 at 21:55
  • 1
    https://unix.stackexchange.com/a/121156/79839 says all of those u's are for unused, but those may have been hand-installed. Can you try installing things with `apt` or `apt-get` to avoid this magic that might be unhelpful? – chicks Mar 10 '21 at 02:49
  • `apt-get` did the job, seems Python is involved too, see readout in edited post. @Michael - that's the aim, but as a legacy server where the admin was my late friend (a Perl monk and more knowledgeable than me) it's a slow process moving his codebase and understanding it well enough to fix things/dependencies etc. – Dave Everitt Mar 10 '21 at 19:20

0 Answers0