1. LinuxCNC
  3. Installing LinuxCNC
  5. Update LinuxCNC 2.9.5 on debian 13

Update LinuxCNC 2.9.5 on debian 13

  • anli
  • anli's Avatar Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
20 Sep 2025 17:27 #335212 by anli
Update LinuxCNC 2.9.5 on debian 13 was created by anli
Hi,
I used Debian 12 LinuxCNC image to install LinuxCNC. Afterwards I updated to Debian 13 as shown here in the forum because I needed the newer drivers for display and network because I use an Asus NUC 15 pro. However, I can't upgrade to the new 2.9.5 release using apt:
root@linuxcnc:/home/anli# apt update
OK:1 http://security.debian.org/debian-security trixie-security InRelease
OK:2 http://deb.debian.org/debian trixie InRelease                                                                                                          
OK:3 http://deb.debian.org/debian trixie-updates InRelease                                                                                                  
OK:4 http://download.opensuse.org/repositories/science:/EtherLab/Debian_12 ./ InRelease                                                                     
OK:5 https://repository.qtpyvcp.com/apt develop InRelease                                                                                                   
OK:6 https://dl.google.com/linux/chrome/deb stable InRelease                                         
Holen:7 https://www.linuxcnc.org bookworm InRelease [31,1 kB]                
Fehl:7 https://www.linuxcnc.org bookworm InRelease
  Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on EEDD0D29F81DCAA0D258661F3CB9FD148F374FEF is not bound:            Policy rejected asymmetric algorithm   because: DSA1024 is not considered secure since 2014-02-01T00:00:00Z
Warnung: http://download.opensuse.org/repositories/science:/EtherLab/Debian_12/./InRelease: Policy will reject signature within a year, see --audit for details
Warnung: OpenPGP-Signaturüberprüfung fehlgeschlagen: https://www.linuxcnc.org bookworm InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on EEDD0D29F81DCAA0D258661F3CB9FD148F374FEF is not bound:            Policy rejected asymmetric algorithm   because: DSA1024 is not considered secure since 2014-02-01T00:00:00Z
Fehler: Das Depot »https://www.linuxcnc.org bookworm InRelease« ist nicht signiert.
Hinweis: Eine Aktualisierung von solch einem Depot kann nicht auf eine sichere Art durchgeführt werden, daher ist es standardmäßig deaktiviert.
Hinweis: Weitere Details zur Erzeugung von Paketdepots sowie zu deren Benutzerkonfiguration finden Sie in der Handbuchseite apt-secure(8).

I ran linuxcnc-install.sh as described in linuxcnc.org/docs/stable/html/getting-st...th_preempt_rt_kernel

How can I update to the latest release? Thanks for your help in advance!

Please Log in or Create an account to join the conversation.

More
20 Sep 2025 18:38 #335215 by michaeln
Replied by michaeln on topic Update LinuxCNC 2.9.5 on debian 13
Hello,

please use this way:
forum.linuxcnc.org/9-installing-linuxcnc...ade-install-to-2-9-4
 

Please Log in or Create an account to join the conversation.

  • anli
  • anli's Avatar Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
20 Sep 2025 20:47 #335221 by anli
Replied by anli on topic Update LinuxCNC 2.9.5 on debian 13
Yes, I used that thread to do the upgrade. I reinstalled linuxcnc once again, which seems to have fixed the first issue, but now I run into the next one, please see the attachment.
Attachments:

Please Log in or Create an account to join the conversation.

More
20 Sep 2025 21:29 #335224 by PCW
Replied by PCW on topic Update LinuxCNC 2.9.5 on debian 13
Looks like the latency is worse than Debian 12 (if Debian 12 was working)

What does:

sudo chrt 99 ping -i .001 -c 60000 -q [card_ip_address]

report ?

Where [card_ip_address] is the ip address of the 7I76E

(the command will run for 1 minute and then print statistics)

Please Log in or Create an account to join the conversation.

More
20 Sep 2025 22:15 #335225 by unknown
Replied by unknown on topic Update LinuxCNC 2.9.5 on debian 13
One thing I would check is the kernel command line options, did your previous install have any isolated cores ?
Unless the grub config files have not been modified manual editing is required for any extra options.
If the above is not the issue the Debian supplied kernel may require an in depth look at the config.

Or I maybe just barking up the wrong tree and be completely wrong, my apologies if that is the case.

Please Log in or Create an account to join the conversation.

  • anli
  • anli's Avatar Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
21 Sep 2025 11:06 #335240 by anli
Replied by anli on topic Update LinuxCNC 2.9.5 on debian 13

sudo chrt 99 ping -i .001 -c 60000 -q [card_ip_address]

 

reports
anli@linuxcnc:~$ sudo chrt 99 ping -i .001 -c 60000 -q 192.168.1.121
[sudo] Passwort für anli: 
PING 192.168.1.121 (192.168.1.121) 56(84) bytes of data.

--- 192.168.1.121 ping statistics ---
60000 packets transmitted, 60000 received, 0% packet loss, time 59999ms
rtt min/avg/max/mdev = 0.045/0.054/0.750/0.013 ms
I managed to get it up and running. First I disabled
  • Secure boot
  • Intel SpeedStep
  • PCIe ASPM
  • TurboBoost 
in the bios. Than I could establish a connection and steer the axles. Afterwards I enabled one by one except PCIe ASPM again and I could steer the axles. I ran the above test in this state.
However, some errors remain:
2:52:38.591 WARNING Config: mousetweaks GSettings schema not found, mousetweaks integration disabled.
[GladeVCP.QTVCP.QT_ISTAT][WARNING]  INI Parsing Error, No DEFAULT_SPINDLE_0_SPEED Entry in DISPLAY, Using: 200 (qt_istat.py:532)
[GladeVCP.QTVCP.QT_ISTAT][WARNING]  INI Parsing Error, No MIN_SPINDLE_0_SPEED Entry in DISPLAY, Using: 100 (qt_istat.py:532)
[GladeVCP.QTVCP.QT_ISTAT][WARNING]  INI Parsing Error, No MAX_SPINDLE_0_SPEED Entry in DISPLAY, Using: 2500 (qt_istat.py:532)
[GladeVCP.QTVCP.QT_ISTAT][WARNING]  INI Parsing Error, No MAX_SPINDLE_0_OVERRIDE Entry in DISPLAY, Using: 1 (qt_istat.py:532)
[GladeVCP.QTVCP.QT_ISTAT][WARNING]  INI Parsing Error, No MIN_SPINDLE_0_OVERRIDE Entry in DISPLAY, Using: 0.5 (qt_istat.py:532)
[Gmoccapy.GMOCCAPY.GETINIINFO][WARNING]  Wrong entry [DISPLAY] CYCLE_TIME in INI File! Will use gmoccapy default 150 (getiniinfo.py:56)
58720259
hm2/hm2_7i76e.0: Smart Serial port 0: DoIt not cleared from previous servo thread. Servo thread rate probably too fast. This message will not be repeated, but the hm2_7i76e.0.sserial.0.fault-count pin will indicate if this is happening frequently.

hm2/hm2_7i76e.0: Smart Serial port 0: DoIt not cleared from previous servo thread. Servo thread rate probably too fast. This message will not be repeated, but the hm2_7i76e.0.sserial.0.fault-count pin will indicate if this is happening frequently.
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/gladevcp/hal_widgets.py", line 361, in <lambda>
    lambda p: self.set_text(self.text_template % p.value))
                            ~~~~~~~~~~~~~~~~~~~^~~~~~~~~
I'll try to fix these - however if anybody has a quick idea what needs to be done to fix them your help is always appreciated :-)
Thank you so far for your quick help to get the machine up and running again!

Please Log in or Create an account to join the conversation.

More
21 Sep 2025 16:19 #335243 by PCW
Replied by PCW on topic Update LinuxCNC 2.9.5 on debian 13
The SmartSerial is also a latency related issue

Pinning the Ethernet IRQ to the top processor in conjunction with isolcpus=LastCPU
can also help a lot (LastCPU =3 for a 4 core processor)

This script can do this temporarily:

 

File Attachment:

File Name: pinirq_2025-09-21.txt
File Size:1 KB
Attachments:

Please Log in or Create an account to join the conversation.

  • anli
  • anli's Avatar Topic Author
  • Offline
  • Junior Member
  • Junior Member
More
27 Sep 2025 09:51 #335483 by anli
Replied by anli on topic Update LinuxCNC 2.9.5 on debian 13
Thank you, I managed to get the machine up and running now.
I fixed the errors in the ini and the glade file (wrong labels).

However, if I try to update to LinuxCNC via
apt update
, I receive the following error:
root@linuxcnc:/etc/apt/sources.list.d# apt update
OK:1 http://security.debian.org/debian-security trixie-security InRelease
OK:2 http://deb.debian.org/debian trixie InRelease                                                                                                                                 
OK:3 http://download.opensuse.org/repositories/science:/EtherLab/Debian_12 ./ InRelease                                                                                            
OK:4 http://deb.debian.org/debian trixie-updates InRelease                                                                                                                         
OK:5 https://tvd-packages.tradingview.com/ubuntu/stable jammy InRelease                                                                                                            
OK:6 https://repository.qtpyvcp.com/apt develop InRelease                                                                                                                          
OK:7 https://dl.google.com/linux/chrome/deb stable InRelease                                                                                                                       
OK:8 https://packages.microsoft.com/repos/code stable InRelease                                      
Holen:9 https://www.linuxcnc.org trixie InRelease [31,1 kB]                 
Fehl:9 https://www.linuxcnc.org trixie InRelease
  Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on EEDD0D29F81DCAA0D258661F3CB9FD148F374FEF is not bound:            Policy rejected asymmetric algorithm   because: DSA1024 is not considered secure since 2014-02-01T00:00:00Z
Warnung: http://download.opensuse.org/repositories/science:/EtherLab/Debian_12/./InRelease: Policy will reject signature within a year, see --audit for details
Warnung: OpenPGP-Signaturüberprüfung fehlgeschlagen: https://www.linuxcnc.org trixie InRelease: Sub-process /usr/bin/sqv returned an error code (1), error message is: Signing key on EEDD0D29F81DCAA0D258661F3CB9FD148F374FEF is not bound:            Policy rejected asymmetric algorithm   because: DSA1024 is not considered secure since 2014-02-01T00:00:00Z
Fehler: Das Depot »https://www.linuxcnc.org trixie InRelease« ist nicht signiert.
Hinweis: Eine Aktualisierung von solch einem Depot kann nicht auf eine sichere Art durchgeführt werden, daher ist es standardmäßig deaktiviert.
Hinweis: Weitere Details zur Erzeugung von Paketdepots sowie zu deren Benutzerkonfiguration finden Sie in der Handbuchseite apt-secure(8).
Stating that the repo is not signed.
This is my linuxcnc.list:
deb [arch=amd64,arm64 signed-by=/usr/share/keyrings/linuxcnc.gpg] https://www.linuxcnc.org/ trixie base 2.9-uspace 2.9-rt
deb-src [arch=amd64,arm64 signed-by=/usr/share/keyrings/linuxcnc.gpg] https://www.linuxcnc.org/ trixie base 2.9-uspace 2.9-rt
The key lives in /usr/share/keyrings/linuxcnc.gpg
What am I doing wrong here?

Please Log in or Create an account to join the conversation.

More
28 Sep 2025 18:10 #335515 by andypugh
Replied by andypugh on topic Update LinuxCNC 2.9.5 on debian 13
You can try downloading the .deb file directly and manually installing.
(sudo apt-get install ./deb-filename )
The ./ is a clue to apt-get to look at a local file rather than on the repository.

It looks like Trixie has a more restrictive archive key policy than Bookworm, and it's going to take me some time to work that out as it's a subject I know next-to-nothing about.

www.linuxcnc.org/dists/trixie/

Please Log in or Create an account to join the conversation.

More
03 Oct 2025 11:18 #335774 by rodw
Replied by rodw on topic Update LinuxCNC 2.9.5 on debian 13
It looks like we are using a 1024 bit long key (DSA1024) which is considered insecure by Trixie.
Ref: Google AI
Debian prefers a key length of 4096 bits for RSA OpenPGP keys used for signing, although Ed25519 is now the default for new keys generated with current tools, offering even stronger security.
While 2048-bit RSA keys are still considered secure for some applications, Debian's preference for 4096-bit keys is influenced by both security considerations and the desire to reduce future migration efforts for volunteers maintaining keyrings. This aims to combine potential future migrations from 2048 to 4096 bits into a single, proactive move.
When creating a new GPG key pair for signing Debian packages, you can specify the key type and length, with 4096-bit RSA or Ed25519 being the recommended choices.

and:
A dsa1024 key refers to a Digital Signature Algorithm (DSA) key with a length of 1024 bits, 
 
The following user(s) said Thank You: tommylight

Please Log in or Create an account to join the conversation.

  1. LinuxCNC
  3. Installing LinuxCNC
  5. Update LinuxCNC 2.9.5 on debian 13
Time to create page: 0.153 seconds
Powered by Kunena Forum