You can setup your system to allow hand-picked packages from ceres, by a) pinning ceres packages to something less than 100 and then merely include ceres in your sources.

The pinning would be a file named, say, reluctant-ceres in /etc/apt/preferences.d/ with perhaps the foolwing content:

Package: *
Pin: release n=ceres
Pin-Priority: 90

Adding to sources could be, say, two lines in the file /etc/apt/sources.list with something like the following in it:

deb http://deb.devuan.org/merged ceres main
deb-src http://deb.devuan.org/merged ceres main

Following that preparation, you would first apt-get update and then selectively install by including the desired ceres version code, for example, for that openvpn, you may have:

apt-get install openvpn=2.7.1-1devuan1

The pinning will make it remain so that nothing gets installed from ceres "automatically", ever; including even updates of installed ceres packages. It must all be by hand. If the desired package requires a ceres version of something else, then apt will tell that and refuse installation.

Further, if you want to roll back a ceres package, you again install the package with the desired version code. Doing so will downgrade that package to the indicated version code. Always use apt-cache policy openvpn (or whichever package is concerned) to see which versions you, with your sources, have available for installation (or upgrade or downgrade).

hth, Ralph.

Yes, the convenince!

Don't have to think at all!

Like a commodity, yay!

Who cares what it is? As long as I can just click a button and it just works!

What, Me Worry?

You may need to use setupcon and friends. I guess most convenience support has been done with GUI in mind. Unless you already done it, I suggest you explore man -k keyboard.

afaik dpkg-reconfigure locales changes the locale setup so that programs that started after that will experience a new language environment. It doesn't change anything else. See e.g. man locale

How did you determine that changeing locale doesn't work?
Which writing tool or tools are you using; do you know whether they adapt to system locale?

Your keyboard configuration is separate. Most keyboards are physically built for a single language, so for them the story is to use mapping tables for keys so that the keys generate character codes in perhaps different ways than the key tops indicate. See eg man keyboard about that. I tend to use setxkbmap to switch the keyboard mapping (between us and se)

A web search on linux-u-boot-orangepi3b didn't give me any exact match, so I can't verify that it makes the same assumptions about partitioning as you are. If u-boot doesn't find boot.scr it won't boot.

Perhaps it assumes an initial type FAT boot partition, which wouldn't be unusual. That would at least have boot.scr for booting, and usually that will also contain kernel and initrd. Or for example, if your u-boot supports the sysboot command you may use that for an extlinux boot from a differt, type ext partition, which then would contain the extlinux.conf configuration file as well as kernel, FDT and initrd.

(EDIT: added mentioning of FDT = Flat Device Tree, aka DTB = Device Tree Blob)

Ideally you get a serial cable for the box so you can see u-boot logging.

But my suggestion is that you first set up your box with an initial FAT partition for boot.scr, The command to use in boot.cmd would be like this

sysboot mmc 0:2 ext4 0x7ffff000 /boot/extlinux.conf

where mmc is the drive type (for sdcard), 0:2 identifies the boot sdcard, partition 2, ext4 indicates the partition type, and it's then followed by the pathname of the configuration file.
You'll then need to mkimage that into boot.scr.

EDIT: The argument 0x7ffff000 is the load address for the extlinux.conf file, and you must choose a RAM address within your actual RAM. High up in your RAM is good.

The second partition can be a single partition for everything, i.e. boot and root filesystem. Note that I've used ext4 rather than ext3, but that's only because I'm incredibly modern Though you might have better luck telling sysboot it's an ext2 even if it's an ext4, or perhaps use ext3... whichever.

EDIT: actually, you want rootfs to be encrypted, so then you'll need 3 partitions...

don't use github = microsoft !!

My quick package search suggests version 10 is too old to be found, but there is the package libsnmp40 that contains a similarily named dynamic library. So perhaps it works by installing version 40 and implementing a lie by setting a link... thusly:

# apt-get install libsnmp40
# ln -s libnetsnmp.so.40  /usr/lib/x86_64-linux-gnu/libnetsnmp.so.10

hth
Ralph.

Good advice @steve_v. I hope the OP finds it useful/.

Usually only the last 16 hex digits are used.

Actually the man page advice is to use two iface snippets in /etc/network/interfaces

iface wlan0 inet manual
    wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf

iface default inet dhcp

The first snippet is for declaring the conf file to be used, and the second is the one wpa_action will use when setting up an access point link. (using ifup wlan0=default)

In that way you can also define additional, different handlings of different setups with different identities.

A note for anyone holding their breath:
turnstile is now available on ceres
(debian package version 0.1.11-2)

You must OK the "load components" dialog (with or without selecting any non-default components) in order to get all filesystem type choices in the partitioner. Or, don't choose "expert install".