To update or not to update? and how to?

1

Hi Guys,

Here I am again with another question.

MY ENVIRONMENT

[email protected]:~$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 22.04.1 LTS
Release:        22.04
Codename:       jammy

Hestia Control Panel: 1.6.14

ISSUE

  • When I remotely login to my server where HestiaCP is running I see the following:
189 updates can be applied immediately.
To see these additional updates run: apt list --upgradable
  • I issued the command below:
# apt update
# apt dist-upgrade
  • The update process took a long time and asked me to change four configuration files (I can’t remember which ones) but one of them was the Apache one:
/etc/apache2/apache2.conf
  • I authorized the changes and also let the process to upgrade the Kernel
  • After that the apache2 service didn’t start any longer and after checking the logs I have got these errors:
    • AH00072: make_sock: could not bind to address [::]:80
    • AH00072: make_sock: could not bind to address [::]:443
  • After configuring Apache to listen on port 8080 (for http) and on port 8443 (for https) for the public IP address of my machine eventually I was able to restart the apache2 service correctly but then I received HTTP 500 error while loading some of my web sites or the SUCCESS welcome message while loading some other web sites or webmail UI’s
  • I googled all the error messages from the apache error log files but after spending a couple of hours I gave up and restored from backup
  • I saw a couple of topics here in this forum where other users have been advised to use: apt update && apt upgrade

QUESTION

189 updates can be applied immediately.
To see these additional updates run: apt list --upgradable
  • My question is when I see a number of updates ready to be installed like above how would you suggest to proceed? I guess that my mistake was that I run “apt dist-upgrade” which ultimately upgraded the kernel and broke a lot of things. Sorry but I can’t provide any log as I restored from backup

P.s.: I keep the HestiaCP automatic updates from the GUI disabled in production as I prefer to do it manually in staging first.

Thanks.

2

When apt prompts about replacing a config file, the correct answer is almost always no. The diff function is pretty helpful sometimes, too.

I have had no issues with the automatic updates enabled in the Hestia GUI. I also have security updates through the unattended-upgrades package on a production system.

While dist-upgrade appears to still function, it is not documented in the apt man page. It’s a holdover from apt-get. The apt man page has a good explanation of the difference between the upgrade and full-upgrade options.

Your use of dist-upgrade was not what broke your web server. It broke when you told apt to clobber your configs.

I’m glad you had a backup that you were able to restore from.

4 Likes
3

@linkp - Appreciated your answer. Have a good day!

1 Like
4

man apt

full-upgrade (apt-get(8)) performs the function of upgrade but will remove currently installed packages if this is needed to upgrade the system as a whole.

man apt-get

dist-upgrade in addition to performing the function of upgrade, also intelligently handles changing dependencies with new versions of packages; apt-get has a “smart” conflict resolution system, and it will attempt to upgrade the most important packages at the expense of less important ones if necessary. The dist-upgrade command may therefore remove some packages. The /etc/apt/sources.list file contains a list of locations from which to retrieve desired package files. See also apt_preferences(5) for a mechanism for overriding the general settings for individual packages.

dist-upgrade can install new packages or remove them when needed

2 Likes