Debian 10 to 11 » History » Version 11
Jessica Oros, 04/12/2023 02:46 PM
1 | 2 | Jamila Khan | {{lastupdated_at}} by {{lastupdated_by}} |
---|---|---|---|
2 | |||
3 | {{>toc}} |
||
4 | |||
5 | 1 | Jamila Khan | h1. Debian 10 to 11 |
6 | |||
7 | 2 | Jamila Khan | h2. Pre update check |
8 | |||
9 | h3. Stretch check |
||
10 | |||
11 | Check if any sources still point to stretch |
||
12 | |||
13 | <pre> |
||
14 | cd /etc/apt |
||
15 | grep -nr stretch . |
||
16 | </pre> |
||
17 | |||
18 | If so, bring those up to buster and run updates first |
||
19 | https://redmine.palantetech.coop/projects/commons/wiki/Debian_9_to_10 |
||
20 | |||
21 | h3. Metapackage check |
||
22 | |||
23 | 1 | Jamila Khan | Check to make sure kernel metapackage is installed, not just specific kernel |
24 | |||
25 | 2 | Jamila Khan | @dpkg -l "linux-image*" | grep ^ii | grep -i meta@ should have results |
26 | If not, install metapackage |
||
27 | https://www.debian.org/releases/bullseye/amd64/release-notes/ch-upgrading.en.html#kernel-metapackage |
||
28 | 1 | Jamila Khan | |
29 | 2 | Jamila Khan | h3. Purged package check |
30 | |||
31 | List and purge removed packages with config files remaining |
||
32 | https://www.debian.org/releases/bullseye/amd64/release-notes/ch-upgrading.en.html#purge-removed-packages |
||
33 | |||
34 | <pre> |
||
35 | aptitude search '~c' |
||
36 | aptitude purge '~c' |
||
37 | </pre> |
||
38 | |||
39 | 3 | Jamila Khan | h3. Hold check |
40 | |||
41 | These commands should have no results |
||
42 | |||
43 | <pre> |
||
44 | aptitude search "~ahold" |
||
45 | dpkg --get-selections | grep 'hold$' |
||
46 | </pre> |
||
47 | |||
48 | 2 | Jamila Khan | h2. Update sources list |
49 | |||
50 | Check which sources exist that point to buster |
||
51 | <pre> |
||
52 | cd /etc/apt |
||
53 | grep -nr buster . |
||
54 | </pre> |
||
55 | |||
56 | Edit the main list, and any others that come up |
||
57 | |||
58 | <pre> |
||
59 | vim /etc/apt/sources.list |
||
60 | </pre> |
||
61 | 1 | Jamila Khan | |
62 | 4 | Jamila Khan | replace buster with bullseye |
63 | |||
64 | 2 | Jamila Khan | <pre> |
65 | :%s/buster/bullseye/g |
||
66 | 1 | Jamila Khan | </pre> |
67 | 4 | Jamila Khan | |
68 | replace bullseye/updates with bullseye-security |
||
69 | |||
70 | <pre> |
||
71 | :%s/bullseye\/updates/bullseye-security/g |
||
72 | </pre> |
||
73 | |||
74 | https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#security-archive |
||
75 | 2 | Jamila Khan | |
76 | h2. Upgrade the system |
||
77 | |||
78 | h3. Update the sources |
||
79 | 1 | Jamila Khan | |
80 | <pre> |
||
81 | apt-get update |
||
82 | </pre> |
||
83 | 6 | Jamila Khan | |
84 | 11 | Jessica Oros | If you get a NO_PUBKEY error, see https://redmine.palantetech.coop/projects/commons/wiki/Debian_10_to_11#Common-problems |
85 | 8 | Jessica Oros | |
86 | 6 | Jamila Khan | h3. Check for Necessary Disk Space |
87 | |||
88 | <pre>apt-get -o APT::Get::Trivial-Only=true dist-upgrade</pre> |
||
89 | 2 | Jamila Khan | |
90 | h3. Minimal Upgrade |
||
91 | |||
92 | <pre> apt-get upgrade</pre> |
||
93 | |||
94 | * if it asks whether to change /etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg, say yes |
||
95 | * other things it asks to change, say no, keep the existing file |
||
96 | |||
97 | h3. Full Upgrade |
||
98 | |||
99 | <pre> |
||
100 | apt-get dist-upgrade |
||
101 | </pre> |
||
102 | |||
103 | 7 | Jamila Khan | h4. Change configs during full upgrade? |
104 | |||
105 | |package | change configs| |
||
106 | | nrpe | no | |
||
107 | | sudoers | no | |
||
108 | | journald | no | |
||
109 | | backupninja | no | |
||
110 | | nginx | yes but recheck after | |
||
111 | | redis | yes but recheck after | |
||
112 | | sshd_config | yes | |
||
113 | | glibc | yes | |
||
114 | |||
115 | |||
116 | 2 | Jamila Khan | h3. Upgrade MySQL databases (if MySQL/MariaDB installed) |
117 | |||
118 | <pre> |
||
119 | mysql_upgrade |
||
120 | </pre> |
||
121 | |||
122 | h3. Check that things are up |
||
123 | |||
124 | * if a web server, make sure websites are up |
||
125 | * if an infrastructure server, test and make sure all parts of the infrastructure are working properly |
||
126 | * if a PTC server check the "recovery plan":https://redmine.palantetech.coop/projects/pt/wiki/Recovery_Plan entry for that server to make sure everything has recovered |
||
127 | |||
128 | h3. Check what packages were removed |
||
129 | |||
130 | * @cat /var/log/apt/history.log | grep Remove@ |
||
131 | 5 | Jamila Khan | * copy that into ongoing updates documentation for records |
132 | * Make sure there was nothing important in there |
||
133 | * If there were important packages in there |
||
134 | ** check aptitude to see if newer versions were already installed |
||
135 | ** check debian package search to search for what version is appropriate |
||
136 | ** https://packages.debian.org/ |
||
137 | 2 | Jamila Khan | |
138 | h2. Common problems |
||
139 | |||
140 | 10 | Jessica Oros | h3. NO_PUBKEY during update |
141 | <pre> |
||
142 | W: GPG error: https://apt.postgresql.org/pub/repos/apt bullseye-pgdg InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7FCC7D46ACCC4CF8 |
||
143 | </pre> |
||
144 | Add the key for the specified repository: |
||
145 | <pre> |
||
146 | 0 meat:/etc/apt# sudo gpg -a --export 7FCC7D46ACCC4CF8 | sudo apt-key add - |
||
147 | </pre> |