Paul Gevers wrote:
> Please find attached my proposal for the release notes to cover bug #990069.
>
> Disclaimer: I (or somebody else) still have (has) to verify that the
> procedure works as intended. One can clearly start a very limited
> upgrade with only openssh-server, but what needs checking is that:
> a) ssh login works after the partial upgrade
> b) with openssh-server upgraded, the downtime for accepting new
> connections is greatly reduced.
Unfortunately my own testing facilities are currently limited until
replacement parts arrive for my testbed machine...
> + <section id="ssh-not-available">
> + <title>No new ssh connections possible during upgrade</title>
^^^
I think the protocol (as opposed to the executable) should be "SSH";
if convenient we might even want to say "Secure Shell (SSH)" the first
time we refer to it in the body.
I was considering changing the title to
<title>No new connections possible during SSH upgrade</title>
since some parts of the dist-upgrade process are perfectly safe, but
apparently it's more complicated than that.
> + <para>
> + Due to unfortunate circumstances it's not possible to establish
> + new <command>ssh</command> connections for a bigger part of the
I'd like to avoid "big(ger) part" for a period of time.
> + upgrade than during previous release upgrades. As usual,
> + existing connections should continue to work, but if the upgrade
> + is done over <command>ssh</command> and the
> + <command>ssh</command> connection is not trusted to last for the
Express the "trust" part in terms of a risk of interruption rather
than a fear of betrayal.
> + full upgrade period, it's adviced to upgrade <systemitem
^
"Advised" (and not "-ized" even in en_US), except that "it's advised"
seems somehow more impersonal than "it's recommended/suggested" (other
approaches: "it's advisable", "you're advised").
> + role="package">openssh-server</systemitem> before upgrading the
> + full system.
> + </para>
> + </section>
Thinking about the overall structure, it might work better to move the
"good news" part to the start...
<section id="ssh-not-available">
<title>No new SSH connections possible during upgrade</title>
<para>
Although existing Secure Shell (SSH) connections should continue to
work through the upgrade as usual, due to unfortunate circumstances
the period when new SSH connections cannot be established is longer
than usual. If the upgrade is being carried out over an SSH
connection which might be interrupted, it's recommended to upgrade
<systemitem role="package">openssh-server</systemitem> before
upgrading the full system.
</para>
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
