Chapter 9. Keeping your Debian system up-to-date

Table of Contents

9.1. How can I keep my Debian system current?
9.1.1. aptitude
9.1.2. apt-get and apt-cdrom
9.2. Must I go into single user mode in order to upgrade a package?
9.3. Do I have to keep all those .deb archive files on my disk?
9.4. How can I keep a log of the packages I added to the system? I'd like to know when upgrades and removals have occurred and on which packages!
9.5. Can I automatically update the system?
9.6. I have several machines; how can I download the updates only one time?

One of Debian's goals is to provide a consistent upgrade path and a secure upgrade process. We always do our best to make upgrading to new releases a smooth procedure. In case there's some important note to add to the upgrade process, the packages will alert the user, and often provide a solution to a possible problem.

You should also read the Release Notes document that describes the details of specific upgrades. It is available on the Debian website at https://www.debian.org/releases/stable/releasenotes and is also shipped on the Debian CDs, DVDs and Blu-ray discs.

9.1. How can I keep my Debian system current?

One could simply visit a Debian archive site, then peruse the directories until one finds the desired file, and then fetch it, and finally install it using dpkg. Note that dpkg will install upgrade files in place, even on a running system. Sometimes, a revised package will require the installation of a newly revised version of another package, in which case the installation will fail until/unless the other package is installed.

Many people find this approach much too time-consuming, since Debian evolves so quickly -- typically, a dozen or more new packages are uploaded every week. This number is larger just before a new major release. To deal with this avalanche, many people prefer to use a more automated method. Several different packages are available for this purpose:

9.1.1. aptitude

aptitude is the recommended package manager for Debian GNU/Linux systems, and is described in Section 8.1.3, “aptitude”.

Before you can use aptitude to make an upgrade, you'll have to edit the /etc/apt/sources.list file to set it up. If you wish to upgrade to the latest stable version of Debian, you'll probably want to use a source like this one:

http://ftp.us.debian.org/debian stable main contrib

You can replace ftp.us.debian.org (the mirror in the United States) with the name of a faster Debian mirror near you. See the mirror list at https://www.debian.org/mirror/list for more information.

Or you can use the redirector service httpredir.debian.org which aims to solve the problem of choosing a Debian mirror. It uses the geographic location of the user and other information to choose the best mirror that can serve the files. To take advantage of it use a source like this one:

http://httpredir.debian.org/debian stable main contrib

More details on this can be found in the sources.list(5) manual page.

To update your system from the command line, run

aptitude update

followed by

aptitude full-upgrade

Answer any questions that might come up, and your system will be upgraded.

Note that aptitude is not the recommended tool for doing upgrades from one Debian GNU/Linux release to another. Use apt-get instead. For upgrades between releases you should read the Release Notes. This document describes in detail the recommended steps for upgrades from previous releases as well as known issues you should consider before upgrading.

For details, see the manual page aptitude(8), and the file /usr/share/aptitude/README.

9.1.2. apt-get and apt-cdrom

An alternative to aptitude is apt-get which is an APT-based command-line tool (described previously in Section 8.1.2, “APT”).

apt-get, the APT-based command-line tool for handling packages, provides a simple, safe way to install and upgrade packages.

To use apt-get, edit the /etc/apt/sources.list file to set it up, just as for Section 9.1.1, “aptitude”.

Then run

apt-get update

followed by

apt-get dist-upgrade

Answer any questions that might come up, and your system will be upgraded. See also the apt-get(8) manual page, as well as Section 8.1.2, “APT”.

If you want to use CDs/DVDs/BDs to install packages, you can use apt-cdrom. For details, please see the Release Notes, section "Adding APT sources from optical media".

Please note that when you get and install the packages, you'll still have them kept in your /var directory hierarchy. To keep your partition from overflowing, remember to delete extra files using apt-get clean and apt-get autoclean, or to move them someplace else (hint: use apt-move).

9.2. Must I go into single user mode in order to upgrade a package?

No. Packages can be upgraded in place, even in running systems. Debian has a start-stop-daemon program that is invoked to stop, then restart running process if necessary during a package upgrade.

9.3. Do I have to keep all those .deb archive files on my disk?

No. If you have downloaded the files to your disk then after you have installed the packages, you can remove them from your system, e.g. by running aptitude clean.

9.4. How can I keep a log of the packages I added to the system? I'd like to know when upgrades and removals have occurred and on which packages!

Passing the --log-option to dpkg makes dpkg log status change updates and actions. It logs both the dpkg-invokation (e.g.

2005-12-30 18:10:33 install hello 1.3.18 2.1.1-4

) and the results (e.g.

2005-12-30 18:10:35 status installed hello 2.1.1-4

) If you'd like to log all your dpkg invocations (even those done using frontends like aptitude), you could add

log /var/log/dpkg.log

to your /etc/dpkg/dpkg.cfg. Be sure the created logfile gets rotated periodically. If you're using logrotate, this can be achieved by creating a file /etc/logrotate.d/dpkg with the following lines

/var/log/dpkg {
  missingok
  notifempty
}

More details on dpkg logging can be found in the dpkg(1) manual page.

aptitude logs the package installations, removals, and upgrades that it intends to perform to /var/log/aptitude. Note that the results of those actions are not recorded in this file!

Another way to record your actions is to run your package management session within the script(1) program.

9.5. Can I automatically update the system?

Yes. You can use cron-apt; this tool updates the system at regular intervals using a cron job. By default it just updates the package list and downloads new packages, but without installing them.

Note: Automatic upgrade of packages is NOT recommended in testing or unstable systems as this might bring unexpected behaviour and remove packages without notice.

9.6. I have several machines; how can I download the updates only one time?

If you have more than one Debian machine on your network, it is useful to use apt-cacher to keep all of your Debian systems up-to-date.

apt-cacher reduces the bandwidth requirements of Debian mirrors by restricting the frequency of Packages, Releases and Sources file updates from the back end and only doing a single fetch for any file, independently of the actual request from the proxy. apt-cacher automatically builds a Debian HTTP mirror based on requests which pass through the proxy.

Of course, you can get the same benefit if you are already using a standard caching proxy and all your systems are configured to use it.