In the past days, an update was pushed accidentally to a package (nitrux-repository-settings version 0.7.21 and 0.7.22) to our repository that, when applied, could end up causing severe problems. We have already removed the affected versions from our repository.

However, if you applied the update, you might have encountered the following problems.

  • The packages base-passwd and libpam-runtime cause APT to hang. We have documented this before; see base-passwd post-install script hangs #15.
  • New repositories were added unintentionally while also removing existing repositories and APT keys.
  • Because ‘libpam-runtime’ was updated, users aren’t able to log in to the graphic session.

Given the circumstances described above, resorting to a chroot is possibly the only solution to fix the broken system. Up next, we will see how to do this.

Difficulty: ★★☆☆☆

Create a BTRFS chroot

First, grab our ISO file and flash it to a USB. Then, boot the USB normally and open Station. Now, we’ll begin preparations to do the chroot.

By default, Nitrux is installed using Calamares to a btrfs partition, so we have to mount the btrfs sub-volume to a directory in our Live USB root directory. To do this, run the following command.

sudo mount -o subvol=@ /dev/sdaXY /hmnt

The command will mount the default sub-volume ‘@’ to the directory /mnt. By default, the sub-volume root will be named ‘@’; if it’s different, adjust the command accordingly. Also, adjust the path to the partition itself, i.e., /dev/sda2.

Now, we need to obtain the sub-volume ID. To do this, run the following command.

sudo btrfs subvolume show /mnt

We’re interested in the value labeled as Subvolume ID, a number, i.e., 257.

Now that we have the sub-volume ID, we tell btrfs to set it as the default. To do this, run the following command.

sudo btrfs subvolume set-default 257 /mnt

And now it’s time to mount-bind the directories to the chroot. To do this, run the following command.

for i in dev dev/pts sys proc run; do sudo mount --bind /$i /mnt/$i; done

Finally, we enter the chroot. To do this, run the following command.

sudo chroot /mnt

Please be aware that when entering the chroot, you use the root account.

Fixing the system

First, we need to remove the newly added repositories. To do this, run the following command.

rm -r /etc/apt/sources.list.d/debian-*

And also, delete the APT keys of that repositories. To dot his, run the following command.

apt-key del "1F89 983E 0081 FDE0 18F3 CC96 73A4 F27B 8DD4 7936"

Because the ‘bad’ package removes APT keys deemed necessary, we need to add them back to the keyring. To do this, run the following command.

apt-key adv --keyserver --recv-keys 541922FB 3B4FE6ACC0B21F32 871920D1991BC93C

Now, we reinstall the correct version of the package. To do this, run the following command.

apt install nitrux-repository-settings=0.7.3

Fix base-passwd and libpam-runtime postinst scripts if they hang in chroot

  1. Close the tab where the chroot is running.
  2. Open a new tab and enter chroot again.
  3. Edit scripts as described here:
  4. Kill apt and dpkg processes if needed, execute the following command.
    1. killall apt dpkg
  5. If dpkg or apt says “E: Could not get lock” of any file, run the following command to know what process is using it and kill it.
    1. lsof $PATH_TO_FILE
  6. Then run the following commands to complete the previously interrupted package configuration.
    1. dpkg --configure -a
      apt install -f
  7. Next, downgrade the following packages.
    1. apt install libpam-runtime/focal libpam-modules/focal libpam-modules-bin/focal libpam0g/focal

While in the chroot, upgrade the package base-files; to fix the duplicated distribution name in System Settings.

apt install base-files=11.2.4+nitrux-legacy

Now you can exit the chroot. To do this, type the following.


If all went well, reboot to the distribution normally.

That’s it; this concludes today’s tutorial.