5. Problemområden att känna till för trixie

Ibland innebär förändringar i en ny utgåva att sidoeffekter vi inte kunnat undvika uppstår, i vissa fall skapas nya fel någon annanstans. Här dokumenterar vi problem som vi känner till. Vänligen läs även erratan, dokumentationen för aktuella paket, felrapporter och annan information som nämns i Ytterligare läsning.

5.1. Specifik uppgraderingsinformation för trixie

Detta kapitel beskriver detaljer runt uppgradering från bookworm till trixie.

5.1.1. Icke-fri fastprogramvara flyttad till sin egen del av arkivet

I enlighet med vad som beskrivs i Arkivdelar så har paket med icke-fri fastprogramvara nu flyttat till sin egen del av arkivet kallad non-free-firmware. För att säkerställa att installerade paket med icke-fri fastprogramvara får en korrekt uppgraderingsväg behöver inställningarna i APT justeras. Om vi antar att non-free-komponenten enbart var tillagd i APTs sources-list för att installera fastprogramvara så skulle den uppdaterade APT sources-list se ut så här:

deb https://deb.debian.org/debian bookworm main non-free-firmware

Om du blev hänvisad till detta kapitel av apt så kan du förhindra framtida notiser om denna ändring genom att skapa en apt.conf(5)-fil med namnet /etc/apt/apt.conf.d/no-bookworm-firmware.conf med följande innehåll:

APT::Get::Update::SourceListWarnings::NonFreeFirmware "false";

5.1.2. Ändringar i paket som justerar systemklockan

Paketet ntp, som tidigare var standardsättet att ställa systemets klocka efter en Network Time Protocol (NTP) server, har ersatts med ntpsec.

De flesta användare behöver inte vidta några särskilda åtgärder för att byta från ntp till ntpsec.

In bookworm there are also several other packages that provide a similar service. The Debian default is now systemd-timesyncd, which may be adequate for users who only need an ntp client to set their clock. bookworm also includes chrony and openntpd which support more advanced features, such as operating your own NTP server.

5.1.3. Inställningshanteringssystemet Puppet uppgraderat till version 7

Puppet har uppgraderats från 5 till 7, version 6 hoppas över helt. I och med detta introduceras stora ändringar i systemmiljön runt Puppet.

Den klassiska Ruby-baserade Puppet Master applikationen i version 5.5.x har fasats ut och är inte längre tillgänglig i Debian. Den har ersatts av Puppet Server 7.x som tillhandahålls av puppetserver-paketet. Paketet installeras automatiskt som ett beroende till överflyttningspaketet puppet-master.

I vissa fall är Pueppet Server en rak ersättare för Puppet Master men du bör granska inställningsfilerna som finns i /etc/puppet/puppetserver för att säkerställa att de nya standardvärdena är korrekta för ditt system. Särskilt värt att notera är att det äldre formatet för filen auth.conf fases ut, läs mer om detta på den särskilda auth.conf dokumentationen.

Det rekommenderade sättet att hantera uppgraderingen är att först uppgradera servern och sedan klienterna. Puppet 7 servern är helt bakåtkompatibel med en äldre klienter. En Puppet 5 server kan hantera uppgraderade agenter men kan inte registrera nya Puppet 7 agenter. Om du aktiverar nya Puppet 7 agenter före uppgraderingen av servern så kan dessa inte läggas till i flottan.

Paketet puppet har ersatts av puppet-agent och är nu ett övergångspaket för att hantera en enkel uppgradering.

Slutligen är det värt att notera att puppetdb-paketet togs bort i bullseye men är nu tillbaka i bookworm.

5.1.4. youtube-dl ersatt av yt-dlp

The popular tool youtube-dl, which can download videos from a large variety of websites (including, but not limited to, YouTube) is no longer included in Debian. Instead, it has been replaced with an empty transitional package that pulls in the yt-dlp package instead. yt-dlp is a fork of youtube-dl where new development is currently happening.

There are no compatibility wrappers provided, so you'll need to modify your scripts and personal behavior to call yt-dlp instead of youtube-dl. The functionality should be mostly the same, although some options and behavioral details have changed. Be sure to check yt-dlp.1 for details, and in particular yt-dlp.1.html#Differences_in_default_behavior.

5.1.5. Olika versioner av Fcitx kan inte längre installeras sida-vid-sida

The packages fcitx and fcitx5 provide version 4 and version 5 of the popular Fcitx Input Method Framework. Following upstream's recommendation, they can no longer be co-installed on the same operating system. Users should determine which version of Fcitx is to be kept if they had co-installed fcitx and fcitx5 previously.

Before the upgrade, users are strongly encouraged to purge all related packages for the unwanted Fcitx version (fcitx-* for Fcitx 4, and fcitx5-* for Fcitx 5). When the upgrade is finished, consider executing the im-config again to select the desired input method framework to be used in the system.

You can read more background information in the announcement posted on the mailing list (text written in Simplified Chinese).

5.1.6. MariaDB package names no longer include version numbers

Unlike bullseye that had the MariaDB version in package names (e.g. mariadb-server-10.5 and mariadb-client-10.5), in bookworm the equivalent MariaDB 10.11 package names are fully versionless (e.g. mariadb-server or mariadb-client). The MariaDB version is still visible in the package version metadata.

There is at least one known upgrade scenario (Bug #1035949) where the transition to versionless package names fails: running

# apt-get install default-mysql-server

may fail when mariadb-client-10.5 and the file /usr/bin/mariadb-admin in it is removed before the MariaDB server SysV init service has issued a shutdown, which uses mariadb-admin. The workaround is to run

# apt upgrade

before running

# apt full-upgrade

.

For more information about the package name changes in MariaDB, see /usr/share/doc/mariadb-server/NEWS.Debian.gz.

5.1.7. Ändringar i systemets loggning

rsyslog behövs inte längre på de flesta system och du kan förmodligen ta bort det.

Många program skapar loggmeddelanden för att förmedla till användaren vad som händer och vad programmet gör. Dessa meddelanden kan hanteras av systemds "journal" eller av en syslog-tjänst som t.ex. rsyslog.

I bookworm installerades rsyslog som standard och systemds journal var inställd på att skicka vidare alla loggmeddelanden till rsyslog som sedan skrev dessa meddelanden till olika textfiler som t.ex. /var/log/syslog.

I och med trixie är inte rsyslog längre installerad som standard. Om du inte vill fortsätta använda rsyslog efter uppgraderingen så kan du markera den som automatiskt installerad med

# apt-mark auto rsyslog

och sedan köra

# apt autoremove

för att ta bort paketet. Om du har uppgraderat från en äldre Debian-utgåva och gjort justeringar jämfört med standardinställningarna så kan det betyda att journalen inte sparar meddelanden permanent. Instruktioner för att aktivera detta finns i journald.conf(5).

Om du väljer att byta från rsyslog så kan du använda kommandot journalctl för att läsa loggmeddelanden som sparas i binärformat i /var/log/journal. Exempelvis

# journalctl -e

visar de senaster loggmeddelandena i journalen och

# journalctl -ef

visar nya meddelanden när de skrivs (ungefär samma som att köra

# tail -f /var/log/syslog

).

5.1.8. rsyslog changes affecting log analyzers such as logcheck

rsyslog now defaults to "high precision timestamps" which may affect other programs that analyze the system logs. There is further information about how to customize this setting in rsyslog.conf(5).

The change in timestamps may require locally-created logcheck rules to be updated. logcheck checks messages in the system log (produced by systemd-journald or rsyslog) against a customizable database of regular expressions known as rules. Rules that match the time the message was produced will need to be updated to match the new rsyslog format. The default rules, which are provided by the logcheck-database package, have been updated, but other rules, including those created locally, may require updating to recognize the new format. See /usr/share/doc/logcheck-database/NEWS.Debian.gz for a script to help update local logcheck rules.

5.1.9. rsyslog creates fewer log files

rsyslog has changed which log files it creates, and some files in /var/log can be deleted.

If you are continuing to use rsyslog (see Changes to system logging), some log files in /var/log will no longer be created by default. The messages that were written to these files are also in /var/log/syslog but are no longer created by default. Everything that used to be written to these files will still be available in /var/log/syslog.

Filerna som inte längre skapas är:

  • /var/log/mail.{info,warn,err}

    Dessa filer innehöll meddelanden fråm lokal postleverantör (MTA, Mail Transport Agent) uppdelad på prioritet.

    As /var/log/mail.log contains all mail related messages, these files (and their rotated counterparts) can be deleted safely. If you were using those files to monitor anomalies, a suitable alternative might be something like logcheck.

  • /var/log/lpr.log

    This file contained log messages relating to printing. The default print system in debian is cups which does not use this file, so unless you installed a different printing system this file (and its rotated counterparts) can be deleted.

  • /var/log/{messages,debug,daemon.log}

    Dessa filer (och deras roterade kompisar) kan raderas. Allt som skrevs till dessa filer kommer forfarande finnas i /var/log/syslog.

5.1.10. Uppgradering av slapd kan behöva manuell hantering

OpenLDAP 2.5 is a major new release and includes several incompatible changes as described in the upstream release announcement. Depending on the configuration, the slapd service might remain stopped after the upgrade, until necessary configuration updates are completed.

The following are some of the known incompatible changes:

  • Databasstödet genom slapd-bdb(5) och slapd-hdb(5) har tagits bort. Om du använder någon av dessa i bookworm rekommenderas starkt att migrera till slapd-mdb(5) före uppgraderingen till trixie.

  • The slapd-shell(5) database backend has been removed.

  • The slapo-ppolicy(5) overlay now includes its schema compiled into the module. The old external schema, if present, conflicts with the new built-in one.

  • The contrib password module pw-argon2 (see slapd-pw-argon2.5) has been renamed to argon2.

Instructions for completing the upgrade and resuming the slapd service can be found in /usr/share/doc/slapd/README.Debian.gz. You should also consult the upstream upgrade notes.

5.1.11. GRUB no longer runs os-prober by default

For a long time, grub has used the os-prober package to detect other operating systems installed on a computer so that it can add them to the boot menu. Unfortunately, that can be problematic in certain cases (e.g. where guest virtual machines are running), so this has now been disabled by default in the latest upstream release.

If you are using GRUB to boot your system and want to continue to have other operating systems listed on the boot menu, you can change this. Either edit the file /etc/default/grub, ensure you have the setting GRUB_DISABLE_OS_PROBER=false and re-run update-grub, or run

# dpkg-reconfigure <GRUB_PACKAGE>

to change this and other GRUB settings in a more user-friendly way.

5.1.12. GNOME has reduced accessibility support for screen readers

Many GNOME apps have switched from the GTK3 graphics toolkit to GTK4. Sadly, this has made many apps much less usable with screen readers such as orca.

If you depend on a screen reader you should consider switching to a different desktop such as Mate, which has better accessibility support. You can do this by installing the mate-desktop-environment package. Information about how to use Orca under Mate is available here.

5.1.13. Baseline for 32-bit PC is now i686

Debian's support for 32-bit PC (known as the Debian architecture i386) now no longer covers any i586 processor. The new minimum requirement is i686. This means that the i386 architecture now requires the "long NOP" (NOPL) instruction, while bullseye still supported some i586 processors without that instruction (e.g. the "AMD Geode").

If your machine is not compatible with this requirement, it is recommended that you stay with bullseye for the remainder of its support cycle.

5.1.14. Changes to polkit configuration

For consistency with upstream and other distributions, the polkit (formerly PolicyKit) service, which allows unprivileged programs to access privileged system services, has changed the syntax and location for local policy rules. You should now write local rules for customizing the security policy in JavaScript, and place them at /etc/polkit-1/rules.d/*.rules. Example rules using the new format can be found in /usr/share/doc/polkitd/examples/, and polkit.8.html#AUTHORIZATION_RULES has further information.

Previously, rules could be written in pkla format, and placed in subdirectories of /etc/polkit-1/localauthority or /var/lib/polkit-1/localauthority. However, .pkla files should now be considered deprecated, and will only continue to work if the polkitd-pkla package is installed. This package will usually be installed automatically when you upgrade to bookworm, but it is likely not to be included in future Debian releases, so any local policy overrides will need to be migrated to the JavaScript format.

5.1.15. A "merged-/usr" is now required

Debian has adopted a filesystem layout, referred to as "merged-/usr", which no longer includes the legacy directories /bin, /sbin, /lib, or optional variants such as /lib64. In the new layout, the legacy directories are replaced with symlinks to the corresponding locations /usr/bin, /usr/sbin, /usr/lib, and /usr/lib64. This means that, for example, both /bin/bash and /usr/bin/bash will launch bash.

For systems installed as buster or bullseye there will be no change, as the new filesystem layout was already the default in these releases. However, the older layout is no longer supported, and systems using it will be converted to the new layout when they are upgraded to bookworm.

The conversion to the new layout should have no impact on most users. All files are automatically moved to their new locations even if they were installed locally or come from packages not provided by Debian, and hardcoded paths such as /bin/sh continue to work. There are, however, some potential issues:

  • # dpkg --search

    will give wrong answers for files moved to the new locations:

    # dpkg --search /usr/bin/bash

    will not identify that bash came from a package. (But

    # dpkg --search /bin/bash

    still works as expected.)

  • Local software not provided by Debian may not support the new layout and may, for example, rely on /usr/bin/name and /bin/name being two different files. This is not supported on merged systems (including new installations since buster), so any such software must be fixed or removed before the upgrade.

  • Systems that rely on a "base layer" that is not directly writable (such as WSL1 images or container systems using multi-layer overlayfs filesystems) cannot be safely converted and should either be replaced (e.g., by installing a new WSL1 image from the store) or have each individual layer upgraded (e.g., by upgrading the base Debian layer of the overlayfs independently) rather than dist-upgraded.

For further information, see The Case for the /usr merge and the Debian Technical Committee resolution.

5.1.16. Unsupported upgrades from buster fail on libcrypt1

Debian officially supports upgrades only from one stable release to the next, e.g. from bullseye to bookworm. Upgrades from buster to bookworm are not supported, and will fail due to Bug #993755 with the following error:

Setting up libc6:ARCH (2.36-9) ...
/usr/bin/perl: error while loading shared libraries: libcrypt.so.1: cannot open shared object file: No such file or directory
dpkg: error processing package libc6:ARCH (--configure):
installed libc6:ARCH package post-installation script subprocess returned error exit status 127

It is however possible to manually recover from this particular situation by forcibly installing the new libcrypt1:

# cd $(mktemp -d)
# apt download libcrypt1
# dpkg-deb -x libcrypt1_*.deb .
# cp -ra lib/* /lib/
# apt --fix-broken install

5.1.17. openssh-server no longer reads ~/.pam_environment

The Secure Shell (SSH) daemon provided in the openssh-server package, which allows logins from remote systems, no longer reads the user's ~/.pam_environment file by default; this feature has a history of security problems and has been deprecated in current versions of the Pluggable Authentication Modules (PAM) library. If you used this feature, you should switch from setting variables in ~/.pam_environment to setting them in your shell initialization files (e.g. ~/.bash_profile or ~/.bashrc) or some other similar mechanism instead.

Existing SSH connections will not be affected, but new connections may behave differently after the upgrade. If you are upgrading remotely, it is normally a good idea to ensure that you have some other way to log into the system before starting the upgrade; see Förbered för återställning.

5.1.18. OpenSSH no longer supports DSA keys

Digital Signature Algorithm (DSA) keys, as specified in the Secure Shell (SSH) protocol, are inherently weak: they are limited to 160-bit private keys and the SHA-1 digest. The SSH implementation provided by the openssh-client and openssh-server packages has disabled support for DSA keys by default since OpenSSH 7.0p1 in 2015, released with Debian 9 ("stretch"), although it could still be enabled using the HostKeyAlgorithms and PubkeyAcceptedAlgorithms configuration options for host and user keys respectively.

The only remaining uses of DSA at this point should be connecting to some very old devices. For all other purposes, the other key types supported by OpenSSH (RSA, ECDSA, and Ed25519) are superior.

As of OpenSSH 9.8p1 in trixie, DSA keys are no longer supported even with the above configuration options. If you have a device that you can only connect to using DSA, then you can use the ssh1 command provided by the openssh-client-ssh1 package to do so.

In the unlikely event that you are still using DSA keys to connect to a Debian server (if you are unsure, you can check by adding the -v option to the ssh command line you use to connect to that server and looking for the "Server accepts key:" line), then you must generate replacement keys before upgrading. For example, to generate a new Ed25519 key and enable logins to a server using it, run this on the client, replacing username@server with the appropriate user and host names:

$ ssh-keygen -t ed25519
$ ssh-copy-id username@server

5.2. Att göra efter uppgradering före omstart

När apt full-upgrade är klar innebär detta att den "formella" uppgraderingen är klar . För uppgraderingen till trixie finns inga speciella åtgärder som måste genomföras före nästa omstart.

5.2.1. Delar som inte är helt bundna till uppgraderingsprocessen

5.2.2. Begränsningar i säkerhetsstödet

Det finns ett antal paket där Debian inte kan lova minimala bakåtporteringar för säkerhetsproblem. Dessa beskrivs närmare i underavsnitten.

Observera

Paketet debian-security-support håller reda på säkerhetsstatus för installerade paket.

5.2.2.1. Säkerhetsläget för webbläsare och deras renderingsmotorer

Debian 13 innehåller flera webbläsarmotorer som påverkas av en strid ström av säkerhetshål. Den stora mängden fel och den partiella bristen på stöd från utgivare i form av långsiktiga utvecklingsgrenar gör det mycket svårt att ha stöd för dessa webbläsare och motorer med bakåtporterade säkerhetslagningar. Dessutom gör biblioteksberoenden det extremt svårt att uppdatera dessa till nyare versioner. Program som använder källkodspaketet webkit2gtk (t.ex. epiphany) inkluderas i säkerhetsstödet medan program som använder qtwebkit (källkodspaketet qtwebkit-opensource-src) inte inkluderas.

För vanlig webbsurf rekommenderar vi Firefox eller Chromium. De kommer att hållas uppdaterade och byggs från aktuell ESR-utgåva för Debian stable. Samma strategi gäller Thunderbird.

Once a release becomes oldstable, officially supported browsers may not continue to receive updates for the standard period of coverage. For example, Chromium will only receive 6 months of security support in oldstable rather than the typical 12 months.

5.2.2.2. Go- och Rust-baserade paket

Debians infrastruktur har besvär med att bygga om paket som använder statisk länkning. I och med den ökande populariteten för systemmiljöerna Go och Rust betyder detta att dessa paket enbart kan sägas ha begränsat säkerhetsstöd tills infrastrukturen har förbättrats för att paketen ska kunna hanteras smart.

I de flesta fall kan nödvändiga uppdateringar av utvecklingsbibliotek för Go eller Rust enbart levereras via punktutgåvor.

5.2.3. Python-tolkar markerade som externt omhändertagna

The Debian provided python3 interpreter packages (python3.11 and pypy3) are now marked as being externally-managed, following PEP-668. The version of python3-pip provided in Debian follows this, and will refuse to manually install packages on Debian's python interpreters, unless the --break-system-packages option is specified.

If you need to install a Python application (or version) that isn't packaged in Debian, we recommend that you install it with pipx (in the pipx Debian package). pipx will set up an environment isolated from other applications and system Python modules, and install the application and its dependencies into that.

If you need to install a Python library module (or version) that isn't packaged in Debian, we recommend installing it into a virtualenv, where possible. You can create virtualenvs with the venv Python stdlib module (in the python3-venv Debian package) or the virtualenv Python 3rd-party tool (in the virtualenv Debian package). For example, instead of running pip install --user foo, run: mkdir -p ~/.venvs && python3 -m venv ~/.venvs/foo && ~/.venvs/foo/bin/python -m pip install foo to install it in a dedicated virtualenv.

See /usr/share/doc/python3.11/README.venv for more details.

5.2.4. Limited hardware-accelerated video encoding/decoding support in VLC

The VLC video player supports hardware-accelerated video decoding and encoding via VA-API and VDPAU. However, VLC's support for VA-API is tightly related to the version of FFmpeg. Because FFmpeg was upgraded to the 5.x branch, VLC's VA-API support has been disabled. Users of GPUs with native VA-API support (e.g., Intel and AMD GPUs) may experience high CPU usage during video playback and encoding.

Users of GPUs offering native VDPAU support (e.g., NVIDIA with non-free drivers) are not affected by this issue.

Support for VA-API and VDPAU can be checked with vainfo and vdpauinfo (each provided in a Debian package of the same name).

5.2.5. systemd-resolved has been split into a separate package

The new systemd-resolved package will not be installed automatically on upgrades. If you were using the systemd-resolved system service, please install the new package manually after the upgrade, and note that until it has been installed, DNS resolution might no longer work since the service will not be present on the system. Installing this package will automatically give systemd-resolved control of /etc/resolv.conf. For more information about systemd-resolved, consult the official documentation. Note that systemd-resolved was not, and still is not, the default DNS resolver in Debian. If you have not configured your machine to use systemd-resolved as the DNS resolver, no action is required.

5.2.6. systemd-boot has been split into a separate package

The new systemd-boot package will not be installed automatically on upgrades. If you were using systemd-boot, please install this new package manually, and note that until you do so, the older version of systemd-boot will be used as the bootloader. Installing this package will automatically configure systemd-boot as the machine's bootloader. The default boot loader in Debian is still GRUB. If you have not configured the machine to use systemd-boot as the bootloader, no action is required.

5.2.7. systemd-journal-remote no longer uses GnuTLS

The optional systemd-journal-gatewayd and systemd-journal-remote services are now built without GnuTLS support, which means the --trust option is no longer provided by either program, and an error will be raised if it is specified.

5.2.8. Extensive changes in adduser for bookworm

There have been several changes in adduser. The most prominent change is that --disabled-password and --disabled-login are now functionally identical. For further details, please read the /usr/share/doc/adduser/NEWS.Debian.gz.

5.2.9. Predictable naming for Xen network interfaces

The predictable naming logic in systemd for network interfaces has been extended to generate stable names from Xen netfront device information. This means that instead of the former system of names assigned by the kernel, interfaces now have stable names of the form enX#. Please adapt your system before rebooting after the upgrade. Some more information can be found on the NetworkInterfaceNames wiki page.

5.2.10. Change in dash handling of circumflex

dash, which by default provides the system shell /bin/sh in Debian, has switched to treating the circumflex (^) as a literal character, as was always the intended POSIX-compliant behavior. This means that in bookworm [^0-9] no longer means "not 0 to 9" but "0 to 9 and ^".

5.2.11. netcat-openbsd supports abstract sockets

The netcat utility for reading and writing data across network connections supports abstract sockets (see unix.7.html#Abstract_sockets, and uses them by default in some circumstances.

By default, netcat is provided by netcat-traditional. However, if netcat is provided by the netcat-openbsd package and you are using an AF_UNIX socket, then this new default applies. In this case the -U option to nc will now interpret an argument starting with an @ as requesting an abstract socket rather than as a filename beginning with an @ in the current directory. This can have security implications because filesystem permissions can no longer be used to control access to an abstract socket. You can continue to use a filename starting with an @ by prefixing the name with ./ or by specifying an absolute path.

5.3. Föråldring och utfasning

5.3.1. Föråldrade paket

Detta är en lista med kända föråldrade paket (läs mer i Föråldrade paket för en beskrivning).

Listan med föråldrade paket inkluderar:

  • Paketet libnss-ldap har tagits bort från trixie. Funktionerna som tillhandahölls genom paketet täcks av libnss-ldapd och libnss-sss.

  • Paketet libpam-ldap har tagits bort från trixie. Det ersätts av libpam-ldapd.

  • Paketet fdflush har tagits bort från trixie. Istället kan kommandot blockdev --flushbufs i paketet util-linux användas.

  • The libgdal-perl package has been removed from trixie, because the Perl binding for GDAL is no longer supported upstream. If you need Perl support for GDAL, you can migrate to the FFI interface provided by the Geo::GDAL::FFI package, available on CPAN. You will have to build your own binaries as documented on the BookwormGdalPerl Wiki page.

5.3.2. Utfasning av komponenter för trixie

Med nästa utgåva av Debian 14 (kodnamn forky) kommer några funktioner fasas ut. Användare behöver byta till alternativ för att förhindra besvär vid uppgradering till 14.

Inklusive följande:

  • Development of the NSS service gw_name stopped in 2015. The associated package libnss-gw-name may be removed in future Debian releases. The upstream developer suggests using libnss-myhostname instead.

  • dmraid has not seen upstream activity since end 2010 and has been on life support in Debian. bookworm will be the last release to ship it, so please plan accordingly if you're using dmraid.

  • request-tracker4 has been superseded by request-tracker5 in this release, and will be removed in future releases. We recommend that you plan to migrate from request-tracker4 to request-tracker5 during the lifetime of this release.

  • The isc-dhcp suite has been deprecated by the ISC. The Debian Wiki has a list of alternative implementations, see the DHCP Client and DHCP Server pages for the latest. If you are using NetworkManager or systemd-networkd, you can safely remove the isc-dhcp-client package as they both ship their own implementation. If you are using the ifupdown package, you can experiment with udhcpc as a replacement. The ISC recommends the Kea package as a replacement for DHCP servers.

    The security team will support the isc-dhcp package during the bookworm lifetime, but the package will likely be unsupported in the next stable release, see bug #1035972 (isc-dhcp EOL'ed) for more details.

5.4. Kända allvarliga fel

Även om Debian görs tillgänglig när det är klart så betyder inte detta att det inte finns kända fel. En del av själva processen för att göra en ny utgåva tillgänglig innefattar att aktivt övervaka alla felrapporter som är satta på allvarlighetsgrad serious eller högre. På detta sätt skapas en översikt över de felrapporter som markerats som ignorerade i de avslutande delarna av processen för att göra trixie tillgänglig. Dessa felrapporrter finns i Debians felrapporteringssystem. Följande felrapporter påverkade trixie och är värda att nämna i detta dokument.

Felrapport

Paket (källkod eller binär)

Beskrivning

1032240

akonadi-backend-mysql

akonadi server fails to start since it cannot connect to mysql database

1032177

faketime

faketime doesn't fake time (on i386)

918984

src:fuse3

provide upgrade path fuse -> fuse3 for bookworm

1016903

g++-12

tree-vectorize: Wrong code at O2 level (-fno-tree-vectorize is working)

1020284

git-daemon-run

fails to purge: deluser -f: Unknown option: f

919296

git-daemon-run

fails with 'warning: git-daemon: unable to open supervise/ok: file does not exist'

1034752

src:gluegen2

embeds non-free headers