LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian
User Name
Password
Debian This forum is for the discussion of Debian Linux.

Notices


Reply
  Search this Thread
Old 09-04-2004, 06:45 PM   #1
King4lex
Member
 
Registered: Aug 2004
Distribution: Fedora Core 4
Posts: 90

Rep: Reputation: 15
Updating security in Sarge


Hello,

I'm pretty new to Debian and I have a question. I see on the Debian website that "[Sarge] has no official support from Debian security team." From what I understand, if you have stable all you have to do to update is

apt-get update
apt-get upgrade

Will this also work if you have testing? How secure is testing? Anything else I need to know?

Sorry for my n00b-ness!



 
Old 09-04-2004, 07:04 PM   #2
zuralin
Member
 
Registered: Sep 2003
Distribution: Debian testing/unstable
Posts: 229

Rep: Reputation: 32
Unfortunately there are no security updates for sarge, only for stable and unstable. If you want to keep sarge and have the security of unstable, I suggest reading the Debian Weekly News every week and grabbing any packages from Unstable that they list in the Security Updates section.

Last edited by zuralin; 09-04-2004 at 07:05 PM.
 
Old 09-04-2004, 07:10 PM   #3
King4lex
Member
 
Registered: Aug 2004
Distribution: Fedora Core 4
Posts: 90

Original Poster
Rep: Reputation: 15
Is there any way to change from sarge to sid without a reinstall? Once you have sid, how do you get the security patches? Do you use apt-get like I thought?
 
Old 09-04-2004, 07:54 PM   #4
King4lex
Member
 
Registered: Aug 2004
Distribution: Fedora Core 4
Posts: 90

Original Poster
Rep: Reputation: 15
Quote:
Originally posted by zuralin
Unfortunately there are no security updates for sarge, only for stable and unstable. If you want to keep sarge and have the security of unstable, I suggest reading the Debian Weekly News every week and grabbing any packages from Unstable that they list in the Security Updates section.
So couldn't I add:

Code:
deb http://security.debian.org/ sid/updates main contrib non-free
to my /etc/apt/sources.list file? Would not that get the updates released for sid? Or would they not work with sarge?
 
Old 09-04-2004, 07:54 PM   #5
zuralin
Member
 
Registered: Sep 2003
Distribution: Debian testing/unstable
Posts: 229

Rep: Reputation: 32
Yes, however the point I was trying to make was that you can stick with Sarge and only grab the needed packages from Sid.. You just need to update your /etc/apt/sources.list and have it use sid or unstable, apt-get update, apt-get install <needed_package> and change it back to testing when your done. Or keep two lines, one with testing and one with unstable and comment out the one you dont want to use.
 
Old 09-04-2004, 07:58 PM   #6
King4lex
Member
 
Registered: Aug 2004
Distribution: Fedora Core 4
Posts: 90

Original Poster
Rep: Reputation: 15
Quote:
You just need to update your /etc/apt/sources.list and have it use sid or unstable, apt-get update, apt-get install <needed_package>
so apt-get upgrade does not work? is there any way to update all packages at once rather than install them one at a time?

Quote:


and change it back to testing when your done. Or keep two lines, one with testing and one with unstable and comment out the one you dont want to use.
I don't quite understand why I can't just leave them both there.

Last edited by King4lex; 09-04-2004 at 08:01 PM.
 
Old 09-04-2004, 08:08 PM   #7
zuralin
Member
 
Registered: Sep 2003
Distribution: Debian testing/unstable
Posts: 229

Rep: Reputation: 32
apt-get dist-upgrade is used to upgrade from testing to unstable.. Just change your sources.list to include unstable instead of testing. I was just telling you how to stick with testing while staying secure.
 
Old 09-04-2004, 08:16 PM   #8
r3dhatter
Member
 
Registered: Dec 2003
Distribution: Debian (testing)
Posts: 210

Rep: Reputation: 30
After installing debian, the sources list gets software from testing. But I thought it said stable instead of testing on the security line after you install. So, you are getting security updates from stable, right?
 
Old 09-04-2004, 08:20 PM   #9
zuralin
Member
 
Registered: Sep 2003
Distribution: Debian testing/unstable
Posts: 229

Rep: Reputation: 32
i dont think he is getting ANY security updates
 
Old 09-04-2004, 08:23 PM   #10
HappyTux
Senior Member
 
Registered: Mar 2003
Location: Nova Scotia, Canada
Distribution: Debian AMD64
Posts: 4,170

Rep: Reputation: 244Reputation: 244Reputation: 244
Quote:
Originally posted by King4lex
so apt-get upgrade does not work? is there any way to update all packages at once rather than install them one at a time?



I don't quite understand why I can't just leave them both there.
You can but then you need to use something called apt pinning you set it up like this.
Code:
[HappyTux:/home/stephen]# cat /etc/apt/apt.conf
APT::Default-Release "testing";
APT::Get::Show-Versions "true";  <--- not required for pinning
APT::Cache-Limit 10000000;
Apt::Get::Purge;                          <--- not required for pinning
APT::Clean-Installed;                   <--- not required for pinning

[HappyTux:/home/stephen]# cat /etc/apt/preferences
Package: *
Pin: release testing
Pin-Priority: 900

Package: *
Pin: release unstable
Pin-Priority: 600
Then you will have a large enough cache to hold the packages files and you would be telling the system that your default release is testing and have pinned it to a higher priority than unstable so apt will get the applications from there. Now when a package comes out with a security fix you would apt-get update then apt-get install -t unstable package_fixed. Sometimes you will need to add extra packages to the install line to satisfy the dependencies apt will tell you when it is missing. You may also want to subscribe to the debian-security-announce mailing list then you will get an email at the time new packages are announced it is a very low volume mailing so your inbox will not be filled up with the usual foolishness that goes on in most Debian lists these days. To do the actual subscribing send an email to debian-security-announce-REQUEST@lists.debian.org with subscribe as the subject.
 
Old 09-04-2004, 09:10 PM   #11
macondo
Senior Member
 
Registered: Jul 2003
Location: Central America
Distribution: Slackwre64-current Devuan
Posts: 1,034

Rep: Reputation: 62
hehe!

do yourself a favor and read the APT-HOWTO at debian.org's documentation, it will answer all your questions and the ones you haven't thought of yet.
 
Old 09-07-2004, 06:02 PM   #12
King4lex
Member
 
Registered: Aug 2004
Distribution: Fedora Core 4
Posts: 90

Original Poster
Rep: Reputation: 15
Quote:
Originally posted by r3dhatter
After installing debian, the sources list gets software from testing. But I thought it said stable instead of testing on the security line after you install. So, you are getting security updates from stable, right?
Well, it does not for me. Here is what it looks like:

Code:
deb http://security.debian.org/ testing/updates main
I'm kind of getting confused. Why should it connect to security.debian.org to get updates, if security updates are not being released for sarge?

Should I change the 'testing' part in the sources file to 'stable'?
 
Old 09-07-2004, 07:31 PM   #13
HappyTux
Senior Member
 
Registered: Mar 2003
Location: Nova Scotia, Canada
Distribution: Debian AMD64
Posts: 4,170

Rep: Reputation: 244Reputation: 244Reputation: 244
Quote:
Originally posted by King4lex
Well, it does not for me. Here is what it looks like:

Code:
deb http://security.debian.org/ testing/updates main
I'm kind of getting confused. Why should it connect to security.debian.org to get updates, if security updates are not being released for sarge?

Should I change the 'testing' part in the sources file to 'stable'?
Because the archive is setup and ready to go into use in anticipation of testing getting released as the new stable just about any time now hopefully. Putting stable in the line is of no use if you are not using it (which would be Woody at this time) after Sarge is released and you are using it for your distro then stable in there would make sense and you definitely would not want testing in the line then.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Debian Sarge, Installed mirror, I need scripts for updating..... tyranus Debian 1 09-02-2005 12:28 AM
Sarge Security - what's up? Moloko Debian 14 07-29-2005 10:33 AM
Security Updating Murdock1979 Slackware 6 07-27-2005 11:44 PM
Sarge Security updates? microsoft/linux Debian 4 04-30-2005 09:15 PM
updating sarge nvidia ruddigger Debian 5 03-28-2005 06:21 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Debian

All times are GMT -5. The time now is 01:04 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration