Discussion:
update system periodically
(too old to reply)
c***@free.fr
2024-07-21 21:50:01 UTC
Permalink
Hi list,

I have been running an old debian 11 for many days.
is it safe to run 'apt upgrade' and 'apt update' periodically?
for example put them into crontab.

I ask this question because I am worried that some software updates may
conflict with each other after running in this way, resulting in system
unavailability.

Thank you.
--
corey hickman
e***@gmx.us
2024-07-21 23:20:01 UTC
Permalink
Post by c***@free.fr
Hi list,
I have been running an old debian 11 for many days.
is it safe to run 'apt upgrade' and 'apt update' periodically?
for example put them into crontab.
I wouldn't have the upgrade run automatically, because maybe there's a
package you wouldn't want to install, and from cron it would happen without
your oversight.

Now, I see no problem with having it kick off a script that waits for your
approval to install anything. I have a script that does that, except it
installs a maximum of one package per day so things don't change too
rapidly. Over the long term, that's plenty fast enough.

--
LIBRA: A big promotion is just around the corner for someone
much more talented than you. Laughter is the very best medicine,
remember that when your appendix bursts next week. -- Weird Al
Bret Busby
2024-07-21 23:40:01 UTC
Permalink
Post by c***@free.fr
Hi list,
I have been running an old debian 11 for many days.
is it safe to run 'apt upgrade' and 'apt update' periodically?
for example put them into crontab.
I ask this question because I am worried that some software updates may
conflict with each other after running in this way, resulting in system
unavailability.
Thank you.
The perception of safety is subjective, and depends on different aspects
and perspectives of the circumstances applicable at any particular time.

One thing to remember, regarding automated upgrades, is that, if an
upgrade involves a kernel upgrade, then you can have a need for
immediate rebooting, which may be problematic.

The imposition of mandatory automated upgrades is one reason that Ubuntu
Linux became unstable.

..
Bret Busby
Armadale
West Australia
(UTC+0800)
..............
Bret Busby
2024-07-21 23:40:01 UTC
Permalink
Post by Bret Busby
Post by c***@free.fr
Hi list,
I have been running an old debian 11 for many days.
is it safe to run 'apt upgrade' and 'apt update' periodically?
for example put them into crontab.
I ask this question because I am worried that some software updates
may conflict with each other after running in this way, resulting in
system unavailability.
Thank you.
The perception of safety is subjective, and depends on different aspects
and perspectives of the circumstances applicable at any particular time.
One thing to remember, regarding automated upgrades, is that, if an
upgrade involves a kernel upgrade, then you can have a need for
immediate rebooting, which may be problematic.
The imposition of mandatory automated upgrades is one reason that Ubuntu
Linux became unstable.
..
Bret Busby
Armadale
West Australia
(UTC+0800)
..............
Another thing to remember, regarding the proposition
"is it safe to run 'apt upgrade' and 'apt update' periodically"
is that (I believe that) the sequence of commands should be
apt update
apt full-upgrade -y
apt autoremove -y
apt autoclean

..
Bret Busby
Armadale
West Australia
(UTC+0800)
..............
Greg Wooledge
2024-07-21 23:50:01 UTC
Permalink
One thing to remember, regarding automated upgrades, is that, if an upgrade
involves a kernel upgrade, then you can have a need for immediate rebooting,
which may be problematic.
It's also rare, but NOT unheard of, for a stable release to receive a
security update which breaks backward compatibility. In such cases,
there should be a NEWS file excerpt, which is shown to you by apt or
apt-get, which explains the changes. You'll want to be aware of any
such changes, which would not be the case with a fully unattended upgrade.

This has happened with samba and bind9, at the very least.
David Wright
2024-07-21 23:50:01 UTC
Permalink
Post by c***@free.fr
I have been running an old debian 11 for many days.
is it safe to run 'apt upgrade' and 'apt update' periodically?
for example put them into crontab.
I run the following from root's crontab:

apt-get -qq -o Acquire::http::Proxy="http://192.168.1.14:3142/"
update && apt-get -qq -d -o Acquire::http::Proxy="http://192.168.1.14:3142/"
dist-upgrade && find /var/cache/apt/archives/ -name '*deb'

(That's all on one line.)

If find lists any .deb files, it sends me an email. I use
apt-cacher-ng on one machine as a proxy, which you might not,
in which case omit both occurrences of:

-o Acquire::http::Proxy="http://192.168.1.14:3142/"
Post by c***@free.fr
I ask this question because I am worried that some software updates
may conflict with each other after running in this way, resulting in
system unavailability.
They shouldn't do if you're actually running Debian 11. But I prefer
to see the upgrades themselves performed, so I'm happy for just the
downloads and consequent notification to be automated.

Cheers,
David.
Charles Curley
2024-07-22 04:10:01 UTC
Permalink
On Sun, 21 Jul 2024 18:43:28 -0500
Post by David Wright
apt-get -qq -o Acquire::http::Proxy="http://192.168.1.14:3142/"
update && apt-get -qq -d -o
Acquire::http::Proxy="http://192.168.1.14:3142/" dist-upgrade && find
/var/cache/apt/archives/ -name '*deb'
(That's all on one line.)
Suggestion: rather than have the
"Acquire::http::Proxy="http://192.168.1.14:3142/" in the command, use
the package auto-apt-proxy to detect proxy servers for you.

Suggestion: rather than run it from cron (or a systemd timer), look
into unattended-upgrades.
--
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/
David Wright
2024-07-22 21:00:01 UTC
Permalink
Post by Charles Curley
On Sun, 21 Jul 2024 18:43:28 -0500
Post by David Wright
apt-get -qq -o Acquire::http::Proxy="http://192.168.1.14:3142/"
update && apt-get -qq -d -o
Acquire::http::Proxy="http://192.168.1.14:3142/" dist-upgrade && find
/var/cache/apt/archives/ -name '*deb'
(That's all on one line.)
Suggestion: rather than have the
"Acquire::http::Proxy="http://192.168.1.14:3142/" in the command, use
the package auto-apt-proxy to detect proxy servers for you.
I might have, had it existed at the time I wrote this. (My cron
line has been around for more than a couple of decades, as has
my use of proxies.)
Post by Charles Curley
Suggestion: rather than run it from cron (or a systemd timer), look
into unattended-upgrades.
For the OP, I would rather recommend cron-apt. I was a little guarded
in my previous advice as the OP has dabbled with ubuntu and might have
installed packages other than pure Debian 11, so automatic upgrades
themselves might be unwise. The OP is also learning to write scripts,
so a one-liner like mine might be attractive.

When an email has been generated, I use the following scripts to
perform the upgrades. (To complete the set of APT commands I run
as root, I include the fourth line. Each one is on a single line.)

# apt-get -o Acquire::http::Proxy="http://192.168.1.14:3142/"
update && apt-get -d -o Acquire::http::Proxy="http://192.168.1.14:3142/"
dist-upgrade; apt-get upgrade; read -p 'Ctrl-C to avoid clean' _;
apt-get clean

# apt-get -d -o Acquire::http::Proxy="http://192.168.1.14:3142/"
dist-upgrade && apt-get dist-upgrade ; read -p 'Ctrl-C to avoid
clean' _; apt-get clean

# apt-get --purge autoremove # take care as this can uninstall lots

# apt-get -s -o Acquire::http::Proxy="http://192.168.1.14:3142/"
install xxx

Call me old-school.

Cheers,
David.
Andy Smith
2024-07-22 00:10:02 UTC
Permalink
Hi,
Post by c***@free.fr
is it safe to run 'apt upgrade' and 'apt update' periodically?
for example put them into crontab.
I prefer to use apticron to download updates daily and tell me about
them, and then for me to install them manually. The reason why is as
others have said: sometimes there are changes to functionality or to
config files that I want to be fully aware of.

However if you are prepared to have updates automatically applied
then there is the unattended-upgrades package, and that is better
than never getting around to applying the updates yourself.

Either way these are solved problems and don't require making your
own custom cron scripts.

Thanks,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
Charles Curley
2024-07-22 04:10:01 UTC
Permalink
On Mon, 22 Jul 2024 05:47:58 +0800
Post by c***@free.fr
I have been running an old debian 11 for many days.
is it safe to run 'apt upgrade' and 'apt update' periodically?
for example put them into crontab.
I suggest you do the next update manually. Then you can automate the
process with the unattended-upgrades package. Much better than using a
cron job.
--
Does anybody read signatures any more?

https://charlescurley.com
https://charlescurley.com/blog/
Michael Kjörling
2024-07-22 14:10:01 UTC
Permalink
Post by c***@free.fr
I have been running an old debian 11 for many days.
is it safe to run 'apt upgrade' and 'apt update' periodically?
for example put them into crontab.
`apt update` (and `apt-get update`) will only update the package
database. That should be about as safe as you can get, because it will
have no impact on day-to-day use of the system.

`apt upgrade`, `apt full-upgrade`, `apt-get dist-upgrade` and other
commands like those _can_ be risky, depending on circumstances. There
might also be legitimate reasons why you don't _want_ to upgrade right
then.

Several possibilities for automating updates have already been
mentioned in this thread. Another that I haven't seen mentioned yet is
cron-apt; out of the box, it will download updates, send an email, but
_not_ install those updates. For me personally that's a good middle
ground.

I would encourage you to upgrade to Debian 12, though. 11 is about to
exit mainline support.
--
Michael Kjörling 🔗 https://michael.kjorling.se
“Remember when, on the Internet, nobody cared that you were a dog?”
Erwan David
2024-07-23 06:30:01 UTC
Permalink
Post by Michael Kjörling
Post by c***@free.fr
I have been running an old debian 11 for many days.
is it safe to run 'apt upgrade' and 'apt update' periodically?
for example put them into crontab.
`apt update` (and `apt-get update`) will only update the package
database. That should be about as safe as you can get, because it will
have no impact on day-to-day use of the system.
`apt upgrade`, `apt full-upgrade`, `apt-get dist-upgrade` and other
commands like those _can_ be risky, depending on circumstances. There
might also be legitimate reasons why you don't _want_ to upgrade right
then.
Several possibilities for automating updates have already been
mentioned in this thread. Another that I haven't seen mentioned yet is
cron-apt; out of the box, it will download updates, send an email, but
_not_ install those updates. For me personally that's a good middle
ground.
I would encourage you to upgrade to Debian 12, though. 11 is about to
exit mainline support.
I did not see either that there are predefined systemd timers, which
just wait for the right configuration to be put in /etc/apt/apt.conf.d
Just see /usr/lib/apt/apt.systemd.daily for the apt configurations to
use.
--
Erwan
Loading...