Cloudron Forum

we're getting closer, this is a part of the scheduled one this morning: 2026-02-06 06:09:31,611 WARNING Could not figure out development release: Distribution data outdated. Please check for an update for distro-info-data. See /usr/share/doc/distro-info-data/README.Debian for details. 2026-02-06 06:09:31,612 INFO Starting unattended upgrades script 2026-02-06 06:09:31,612 INFO Allowed origins are: o=Ubuntu,a=jammy, o=Ubuntu,a=jammy-security, o=UbuntuESMApps,a=jammy-apps-security, o=UbuntuESM,a=jammy-infra-security 2026-02-06 06:09:31,613 INFO Initial blacklist: 2026-02-06 06:09:31,613 INFO Initial whitelist (not strict): 2026-02-06 06:09:46,207 INFO Packages that will be upgraded: libc-bin libc-dev-bin libc6 libc6-dev libssl3 linux-generic linux-headers-generic linux-image-generic linux-libc-dev locales mysql-client-8.0 mysql-client-core-8.0 mysql-server-8.0 mysql-server-core-8.0 openssl screen 2026-02-06 06:09:46,208 INFO Writing dpkg log to /var/log/unattended-upgrades/unattended-upgrades-dpkg.log 2026-02-06 06:09:48,505 ERROR Installing the upgrades failed! 2026-02-06 06:09:48,505 ERROR error message: installArchives() failed 2026-02-06 06:09:48,506 ERROR dpkg returned a error! See /var/log/unattended-upgrades/unattended-upgrades-dpkg.log for details 2026-02-06 06:09:48,952 INFO Package libc-bin is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:48,954 INFO Package libc-dev-bin is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:48,956 INFO Package libc6 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:48,957 INFO Package libc6-dev is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,016 INFO Package libssl3 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,037 INFO Package linux-generic is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,044 INFO Package linux-headers-generic is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,051 INFO Package linux-image-generic is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,058 INFO Package linux-libc-dev is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,165 INFO Package locales is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,172 INFO Package mysql-client-8.0 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,174 INFO Package mysql-client-core-8.0 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,175 INFO Package mysql-server-8.0 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,177 INFO Package mysql-server-core-8.0 is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,189 INFO Package openssl is kept back because a related package is kept back or due to local apt_preferences(5). 2026-02-06 06:09:49,224 INFO Package screen is kept back because a related package is kept back or due to local apt_preferences(5). The mentioned /var/log/unattended-upgrades/unattended-upgrades-dpkg.log: Log started: 2026-02-06 06:09:46 Preconfiguring packages ... Preconfiguring packages ... dpkg: unrecoverable fatal error, aborting: unknown system group 'netdata' in statoverride file; the system group got removed before the override, which is most probably a packaging bug, to recover you can remove the override manually with dpkg-statoverride E:Sub-process /usr/bin/dpkg returned an error code (2) Log ended: 2026-02-06 06:09:47 This is a left over of a "total" removing (2 weeks ago) of netdata installation years ago (now we have graphs in Cloudron 9 we don't need it anymore), I did: sudo dpkg-statoverride --list | grep netdata root netdata 755 /usr/share/netdata/www root netdata 755 /var/lib/netdata/www ~# sudo dpkg-statoverride --remove /usr/share/netdata/www ~# sudo dpkg-statoverride --remove /var/lib/netdata/www ~# sudo dpkg-statoverride --list | grep netdata I'll check tomorrow if the nightly unattended upgrade did work. Thanks @James for pointing the right direction!

@dleidert thanks for reporting. I have added a check now to check for package name match instead of the previous docker version match. This way the docker package will update when (the next) cloudon update happens.

@james thanks!

@Beardmann coffee. Drink coffee. Helps me.

As long as the config is in a separate file at /etc/apt/apt.conf.d/ , it should be OK.

oh that is true, I forgot about Cloudron 7 not being supported/tested on Ubuntu 24. So then yes you have to first install Ubuntu 22, then restore Cloudron, then update Cloudron, then follow the guide at https://docs.cloudron.io/guides/upgrade-ubuntu-24/

As far as I understand those CVEs they are not relevant in that context. For the first, we don't use those affected configs and the second is for the ssh-agent. Given that the Ubuntu team usually knows what they do and are working closely together with upstream projects, there seems no need here to go beyond their recommendations of versions they push out via security updates.

Ah, thanks! I was already running 8.0.5, but the upgrade to 8.0.6 got stuck. /home/yellowtent/box/setup/start.sh came up with an unbound error. I was able to start box manually and start all apps, but the backup volume did not mount. After installing unbound-anchor, I was able to run /home/yellowtent/box/setup/start.sh without errors, and now the backup is working again.

This seems to be targeting the desktop flavor of Ubuntu 24.04. So this does not directly apply to Cloudron. For Cloudron, please follow https://docs.cloudron.io/guides/upgrade-ubuntu-24/

Many thanks, all. I missed that bit of the documentation. I'll definitely backup; I'm running on bare hardware, and didn't even do myself the courtesy of running Cloudron in a VM. I may... use this as an opportunity to change that. Either way, this is all I needed. Thank you!

We haven't added a way to add custom persistent iptables rules . For SSH though, just move it port 202 and disable root auth and password auth. This usually cuts down all bots to 0.

Ok that file is showing regular checks but no packages marked for upgrade. I will keep an eye on this. Thanks for the support.

@nebulon Thanks to you and @girish for explaining this.

@gerard said in Restore v7.7.2 (Ubuntu 22.04) backup to v8.0.0 (Ububtu 24.04) system: The release notes state an "initial support for 24.04" that doesn't sound like it's fully supported yet. It should mostly work but we are just being a bit cautious here There's a limit to how many VPSs we can test the installation on. We tested on the popular ones and seems to work, but one never knows. The upgrade path for you would be to upgade to v8. Then later in 2-3 weeks time when v8 is considered more stable, you can migrate to a fresh ubuntu 24 with cloudron backups.

@alwi said in Ubuntu-server 24.04: pardon. https://gnulinux.ch/windows-11-produktschluessel Um, that's irrelevant, the correct link was https://gnulinux.ch/cloudron-1-einfuehrung

Thanks, it's solved. No disk wasn't changed. It's running on AWS.

You can also check apt list --upgradable | grep security if those are actually security updates.

@girish Thanks for the quick reply, . In case anyone else needs this on 22.04, I followed these steps and was able to get the system to boot with full disk encrypted drive with the private key coming from the tpm and no password needing to be typed. I don't think this uses the same libraries as the new option in 23.10 so I expect that when 24.04 comes out I will do a fresh OS install to use the better supported FDE TPM integration from that version going forward but as a stop gap I am happy with this for now.

@scooke said in Can't start upgrade from Ubuntu 20.04 to Ubuntu 22.0x because of "no development version of an LTS available" error: This has an interesting bit about the -d. https://askubuntu.com/questions/1412543/how-does-exactly-do-release-upgrade-d-work#:~:text=The command do-release-upgrade,version of an LTS available. . wow, great link. @robw I have fixed the guide to remove the -d flag. Thanks for reporting.

This has not been tested by us at least and given that 23.04 is not an LTS there is probably no big rush if at all to support it.