Web lists-archives.com

Re: Fwd: Security Installation Method

Am 10. Apr, 2019 schwätzte Cindy Sue Causey so:

moin moin,

On 4/10/19, Dan Ritter <dsr@xxxxxxxxxxxxxxxx> wrote:
Arun Vasudevan wrote:

Could you please help me to install the Security patches only to one of
Debian servers.

The usual method is:

sudo apt update
apt list --upgradable

# inspect the packages to make sure you want all of them. If
# not, don't proceed. You can install individual updates with
# sudo apt install PACKAGENAME

sudo apt upgrade

At the end of that, you will want to reboot if you installed a
new kernel.

This is a quick drive-by to wonder whether limiting the repositories
in /etc/apt/sources.list (before "apt upgrade") would additionally
help here, too?

This is essentially what I do.

I put security repos in /etc/apt/sources.list.d/security.list, then I use
only that for security updates.

sudo apt -o Dir::Etc::sourceparts=:: -o Dir::Etc::SourceList=/etc/apt/sources.list.d/security.list full-upgrade



Commenting the lines out instead of deleting is my chosen method of
operation just so I don't have to waste time tracking down how to put
what back in place *when* I change my mind. :)

Yes, I can't think of good examples, but I'm sure there are some to
show why everything should be updated instead of just security. :)

Cindy :)

#  https://www.LuftHans.com   https://www.PhxLinux.org
#  History is nothing but a collection of fables and useless trifles,
#  cluttered up with a mass of unnecessary figures and proper names.
#  -- Leo Tolstoy