[NCLUG] Debian Question

Bob Proulx bob at proulx.com
Thu Jan 3 10:35:43 MST 2008 

Paul Hummer wrote:
> You shouldn't need to apt-get dist-upgrade very often, if at all.

The 'upgrade' target upgrades packages of the same names.  After the
'upgrade' the package list of names is the same as it was before the
upgrade.  No new names are allowed installed if they weren't installed
before.  No old names are allowed to be removed.  This blocks (by
design) any package that adds new dependencies.

The 'dist-upgrade' target allows new dependencies such as new
dependencies upon additional libraries or packages that are split into
separate pieces to be installed.  The package list after a
'dist-upgrade' may be different than it was before.

As such 'upgrade' is most useful for security upgrades on Stable
systems where _nothing_is_supposed_to_change_.  It is an additional
check that enforces the "no package changes" rule.  On a critical
production system tracking stable and intended to be stable using the
'upgrade' process provides an additional bit of safety check.

But Testing and Unstable are the proving grounds and often change
package topography there.  I find that package renames, package splits
and additional dependencies occur frequently.  Therefore when tracking
Testing or Unstable the 'dist-upgrade' target is usually the required
operation.

> The cron-apt package might help, but I didn't like it because it
> would upgrade and break at a critical time, so I stopped it and just
> do the upgrades manually, making note to only upgrade when I could
> afford to have something not work.

The default behavior of cron-apt is to download but not install all
pending packages.  Especially when there are a lot of updates
regularly such as Testing and Unstable it prepares for the upgrade by
downloading all to the local machine.  Then later when 'upgrade' or
'dist-upgrade' is called no time is spent waiting for the download and
everything is already on the machine and ready to go.  By default
cron-apt is configured to be a safe helper for your system.

However cron-apt can be modified to automatically install new
packages.  This should only be done cautiously.  I would never do this
for Testing or Unstable.  Things break there too often and need manual
attention during the upgrade process.  But I do personally routinely
do this for non-critical Stable machines for security upgrades only.
It takes the tedium out of keeping the miscellaneous boring machines
on my network up to date.

Bob

More information about the NCLUG mailing list