RE: XCP-ng 8.3 updates announcements and testing

@manilx Yes, as written

@bogikornel said:

@FritzGerald workaround

yum update --exclude=net-snmp*

This is dangerous.

Although disabling ssh-rsa is the right thing to do from a security perspective, we'll see what we can do to smoothen the transition.

Mentioning also @Team-Hypervisor-Kernel who now manages the drivers.

Maybe it's related to https://github.com/xcp-ng-rpms/microsemi-aacraid/issues/2#issuecomment-3837183087

It looks like the switch to the vendor driver instead of the kernel built-in for 8.3 (initiated by XenServer, and that we followed at the time as it was probably made in order to support newer cards) was not without drawbacks.

0nelight created this issue in xcp-ng-rpms/microsemi-aacraid

open Microsemi Adaptec Series-8 Card not working in XCP-NG 8.3 #2

To elaborate: it was already in progress, but delayed due to 1. the fact that I underestimated the impact (I thought we'd overwrite the file only when we'd modify it, not every update the package) and 2. lots of other priorities keeping the team busy.

But it's clearly the reminder, and the help in better diagnosing it, that allowed to have it re-prioritized and (partly, we've mostly bought time to fix it properly, by simply avoiding to touch the file at all at the moment) fixed so fast.

@olivierlambert No it wasn't

The fix was already high in the priority list anyway, but I'll try to make sure we don't postpone it more. Had I realized sooner, I would have made it so we'd release it earlier.

According to the package definitions, we even overwrite it each time we update the xcp-ng-release-config package. I'm surprised that we haven't had more support requests.

I'll see if we can release a quick fix that just leaves the file alone until we apply the change that will move the remote configuration to its own file.

@MajorP93 Thanks. That clarifies what happened. I wrongly thought that it was managed in /etc/rsyslog.conf (which never gets overwritten), but it's in /etc/rsyslog.d/xenserver.conf, which can get overwritten if modified by an update.

@MajorP93 Good to know that you have another pool to update. Then please also save the file prior to updating.

@MajorP93 If it happens again for you (or anyone else reading this thread), please save the contents of /etc/rsyslog.conf just after the lost remote syslog so that we may check whether it was overwritten or something else happened.

Also, could you upload somewhere the file that contains your yum logs? /var/log/yum.log or any rotated version of that file /var/log/yum.log.1, etc.

We paused that update because it was likely to cause new problems the way the transition is handled. We at least needed time to ponder it. @rzr is on it among other things, and it's less important than, say, upgrading to openssl 3.

There's no need for PM intervention here IMO.

Moreover, I just checked again, none of the 8.3 updates is supposed to be overwriting /etc/rsyslog.conf, where our XAPI currently writes the remote configuration. But we need to be ready the next time we want to make changes to that file.

So I don't understand what led @majorp93 to losing their configuration. Could you describe what you updated, from which version, and what you identify as the moment when the configuration was removed?

@gb.123 Please mention in your post that any issue caused by this script will not be covered by official support. The concerns I voiced then still hold.

So, I recently built a XOSTOR upgrade ISO for users what had had linstor packages from 8.2 linstor-testing repositories, version which was also 1.29.2.

It might work for you.

However, I offer no guarantees. Actually, I'm not even sure that using an upgrade is the right solution for your problem. A failed update (whatever that means here) is usually recoverable from command line.

Here's the temporary link to the ISO image: https://repo.vates.tech/tmp/xcp-ng-8.3.0-20250616-linstor-upgradeonly.linstor-1-29-2.iso

SHA256 Checksum: 8a488359f64e61310ee346d2bb635f69a8ea57c76c0ee5aa2df8c419a75c7f3a

@marcoi said in XCP-ng 8.3 updates announcements and testing:

also noticed a new issue- seems like changes i had in the /etc/xensource/usb-policy.conf file for usb was lost during the upgrade.

I have some usb comm devices i use with a home assistant VM and they were gone post the upgrade.

anyway to make those change last post upgrade? Maybe make then options in gui so a config file can always be reflective of gui settings?

This one is known. I had opened an issue about it, but it didn't get much traction yet. We also have a related item in our backlog, but it's a matter of finding resources to handle it.

https://github.com/xapi-project/xen-api/issues/4935

stormi created this issue in xapi-project/xen-api

open Packaging: xapi-core RPM updates overwrite custom user config in usb-policy.conf #4935

@marcoi Let's move the discussion back there then

@shorian I might have one for you. Can you open a new thread?

@shorian Do you mean that you have hosts with XOSTOR that can't boot the installer due to broadcom drivers crashing? That's the only issue the updated ISO addresses.

@marcoi I don't have enough context to reply. You should open a new thread to discuss it, with details about your needs (always better to explain the needs before the technical solution).

Thank you everyone for your tests and your feedback!

The updates are live now: https://xcp-ng.org/blog/2025/12/18/december-2025-security-and-maintenance-updates-for-xcp-ng-8-3-lts/