Project

General

Profile

Debian 10 to 11 » History » Revision 8

Revision 7 (Jamila Khan, 12/29/2021 03:06 PM) → Revision 8/19 (Jessica Oros, 04/12/2023 02:43 PM)

{{lastupdated_at}} by {{lastupdated_by}} 

 {{>toc}} 

 h1. Debian 10 to 11 

 h2. Pre update check 

 h3. Stretch check 

 Check if any sources still point to stretch 

 <pre> 
 cd /etc/apt 
 grep -nr stretch . 
 </pre> 

 If so, bring those up to buster and run updates first 
 https://redmine.palantetech.coop/projects/commons/wiki/Debian_9_to_10 

 h3. Metapackage check 

 Check to make sure kernel metapackage is installed, not just specific kernel 

 @dpkg -l "linux-image*" | grep ^ii | grep -i meta@ should have results 
 If not, install metapackage 
 https://www.debian.org/releases/bullseye/amd64/release-notes/ch-upgrading.en.html#kernel-metapackage 

 h3. Purged package check 

 List and purge removed packages with config files remaining 
 https://www.debian.org/releases/bullseye/amd64/release-notes/ch-upgrading.en.html#purge-removed-packages 

 <pre> 
 aptitude search '~c' 
 aptitude purge '~c' 
 </pre> 

 h3. Hold check 

 These commands should have no results 

 <pre> 
 aptitude search "~ahold"  
 dpkg --get-selections | grep 'hold$' 
 </pre> 

 h2. Update sources list 

 Check which sources exist that point to buster 
 <pre> 
 cd /etc/apt 
 grep -nr buster . 
 </pre> 

 Edit the main list, and any others that come up 

 <pre> 
 vim /etc/apt/sources.list 
 </pre> 

 replace buster with bullseye 

 <pre> 
 :%s/buster/bullseye/g 
 </pre> 

 replace bullseye/updates with bullseye-security 

 <pre> 
 :%s/bullseye\/updates/bullseye-security/g 
 </pre> 

 https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#security-archive 

 h2. Upgrade the system 

 

 h3. Update the sources 

 <pre> 
 apt-get update 
 </pre> 

 If you get a NO_PUBKEY error like below 
 <pre> 
 W: GPG error: https://apt.postgresql.org/pub/repos/apt bullseye-pgdg InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 7FCC7D46ACCC4CF8 
 </pre> 
 add the key for the specified repository: 
 <pre> 
 0 meat:/etc/apt# sudo gpg -a --export 7FCC7D46ACCC4CF8 | sudo apt-key add - 
 </pre> 

 h3. Check for Necessary Disk Space 

 <pre>apt-get -o APT::Get::Trivial-Only=true dist-upgrade</pre> 

 h3. Minimal Upgrade 

 <pre> apt-get upgrade</pre> 

 * if it asks whether to change /etc/apt/trusted.gpg.d/debian-archive-jessie-security-automatic.gpg, say yes 
 * other things it asks to change, say no, keep the existing file 

 h3. Full Upgrade 

 <pre> 
 apt-get dist-upgrade 
 </pre> 

 h4. Change configs during full upgrade? 

 |package | change configs| 
 | nrpe | no | 
 | sudoers | no | 
 | journald | no | 
 | backupninja | no | 
 | nginx | yes but recheck after | 
 | redis | yes but recheck after | 
 | sshd_config | yes | 
 | glibc | yes | 


 h3. Upgrade MySQL databases (if MySQL/MariaDB installed) 

 <pre> 
 mysql_upgrade 
 </pre> 

 h3. Check that things are up 

 * if a web server, make sure websites are up 
 * if an infrastructure server, test and make sure all parts of the infrastructure are working properly 
 * if a PTC server check the "recovery plan":https://redmine.palantetech.coop/projects/pt/wiki/Recovery_Plan entry for that server to make sure everything has recovered 

 h3. Check what packages were removed 

 * @cat /var/log/apt/history.log | grep Remove@ 
 * copy that into ongoing updates documentation for records 
 * Make sure there was nothing important in there 
 * If there were important packages in there 
 ** check aptitude to see if newer versions were already installed  
 ** check debian package search to search for what version is appropriate 
 ** https://packages.debian.org/ 

 h2. Common problems 

 tbd
Go to top