Linode Forum
Linode Community Forums
 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic
Author Message
PostPosted: Sun Feb 02, 2014 3:52 pm 
Offline
Senior Newbie

Joined: Thu Nov 22, 2012 1:57 pm
Posts: 6
Hi,

Is there a post here or library topic on keeping Ubuntu server updated?

I am a newbie to server admin. Been working with my Linodes (Ubuntu 12.04 LTS) for a while now and feel pretty comfortable.

However:

1. Is this all you need to do to keep the server updated?

sudo apt-get update
sudo apt-get upgrade --show-upgraded

...if not what else?

2. What if something goes wrong with the above (such as: apt-get upgrade)?

I assume there is no "undo". The only super-safe thing I could think of is to do a Linode disk image backup before upgrade. Is that overkill? is there another way?

Thanks,

Rick


Top
   
PostPosted: Sun Feb 02, 2014 6:25 pm 
Offline
Senior Member

Joined: Mon Jan 02, 2012 12:45 pm
Posts: 365
There isn't really an 'undo'. The only reliable thing (as far as I know) is start again ... or backup your filesystem prior to updating (see below).

The following command will list the pending updates:
Code:
apt-get -u upgrade --assume-no

You can review the list and decide whether or not you want to update them (individually or all).

I've found that Ubuntu 12.04 (and probably other releases, though I have no experience with them) does a good job of not feeding you updates that will break things. That being said, if anything on your VPS relies on a specific version of something you'd better make sure you don't blindly update.


When I'm not sure about an update I make a copy of my filesystem (I try to keep my active filesystem small enough that I can create a copy before I do something that may cause issues). That way I have a system-wide restore point. I do have to shutdown for a short period of time to create the copy, so I have to make sure to time it well (5am seems to be a good time based on our clients and site visitors).


Top
   
PostPosted: Sun Feb 02, 2014 7:43 pm 
Offline
Senior Member

Joined: Sun May 23, 2010 1:57 pm
Posts: 315
Website: http://www.jebblue.net
I do this:

Code:
sudo apt-get update && sudo apt-get dist-upgrade


It seems to be more thorough. If something breaks, the something would need to be addressed.


Top
   
PostPosted: Tue Feb 04, 2014 1:21 am 
Offline
Senior Member
User avatar

Joined: Wed Jun 26, 2013 1:53 am
Posts: 118
That will work as long as you use packages for everything. You should do that for everything there is a package for, because it will make upgrading easier.

The main things that won't upgrade are web applications, any programs that you run for creating websites. Those will need to be upgraded manually. If they have web updaters and you use them, for security you should make the file permissions non upgradeable when you aren't upgrading. All it takes is someone to hack WordPress and use the file editor to add shell_exec() to start wrecking stuff.

_________________
Homepage www.sturmkrieg.com
Social network Gamernet
Development website Sashaweb Development
Imageboard img.sturmkrieg.com
WikiHub free wiki host Community Wiki


Top
   
PostPosted: Tue Feb 04, 2014 1:49 am 
Offline
Senior Member
User avatar

Joined: Sun Dec 27, 2009 11:12 pm
Posts: 1038
Location: Colorado, USA
Worry less (but not zero) about keeping things up to date and worry more (a lot lot lot more) about backing everything up.

Make a backup plan, test it both ways (backing up and restoring), have more then one copy in various storage locations, and automatic the notifications (both when the backup works and especially when it doesn't).

Being "Up to Date" doesn't mean you can't be hacked, having a Verified Backup off system does guarantee that you'll be back up and running will minimal fuss, crying and hair pulling.

_________________
Either provide enough details for people to help, or sit back and listen to the crickets chirp.
Security thru obscurity is a myth - and really really annoying.


Top
   
PostPosted: Tue Feb 04, 2014 6:00 pm 
Offline
Senior Newbie

Joined: Thu Nov 22, 2012 1:57 pm
Posts: 6
Thanks for the input. So for backups I do this:

1. I backup all my databases as SQL dumps downloaded to my local.
2. Ditto for all website files - download to local via rsync.
3. I use the Linode backup service which backs up the entire Linode.

Items #1 and #2 above are for recovering from problems specific to the websites (all Drupal by the way).

I assume #3 is the only real option for recovering from something really major or if
Code:
sudo apt-get update && sudo apt-get dist-upgrade

goes bad? Which I guess is almost never?

Thanks,

Rick


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic


Who is online

Users browsing this forum: No registered users and 5 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group