Significant Caution: auto-installed tzdata today broke a lot!

I’ve been aware that ever since I updated a server to Debian 11, there have been quite a few packages supposedly removable via autoremove… yet I was pretty certain many were not. The removable count was over 1000 (!!) packages. Lots of libraries, mostly. But among the removables was things I am pretty sure I want, like: sudo, greylisting, smartmontools, awstats, spamassassin, clamav, and more.

Imagine my surprise today when I could not use sudo… because it had been uninstalled. Uh Oh.

I dug in on it, and here’s what happened:

  1. Earlier today, an update to Time Zone data was distributed. Apparently that gets auto-installed.
  2. I don’t know if there’s a setting to avoid this, but that auto-install triggered auto-remove
  3. And thus, everything supposedly removable was gone.

I am very very grateful that however that happened, apparently the config info for the packages was retained. By reinstalling them, I regained control over the system. What a headache.

OS type and version REQUIRED
Virtualmin version REQUIRED

Place I was at didn’t offer 11 so I went 10 and upgraded. But, did all updates before installing Virtualmin. I haven’t seen this.

Auto-remove is never automatic in a default installation of Debian or Ubuntu.

And right on cue.

root@main:/home/backup# apt upgrade tzdata Reading package lists... Done Building dependency tree... Done Reading state information... Done Calculating upgrade... Done The following packages will be upgraded: tzdata 1 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 286 kB of archives. After this operation, 20.5 kB of additional disk space will be used. Do you want to continue? [Y/n]

@Joe I agree. I am now CONFIDENT WEBMIN/VIRTUALMIN is NOT the cause.

I’ve discovered that in this case it’s another security tool I use, that has some auto-repair capabilities across our network. I don’t know what it does in detail, and it has never caused trouble before…

Am interacting w/ the vendor to ensure this kind of thing doesn’t happen in the future :wink:

if you’re using unattended-upgrades, check all options there…
tzdata upgrade went fine on all our debian systems and glad it did (security update) but no autoremoval problems like the ones you mention…

if it’s another tool, i’d be interested to know what, and why you’re using autoremoval there, cause package removal should only be done manually/carefully imho.


This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.