Before we start upgrading the Debian system version, please make a snapshot or a possible backup of the system. Such a change entails significant changes that can damage the system. Of course, before you upgrade the system in production, it is best to upgrade to the testing environment first. The upgrade process affects the entire system. Services may not be available at this time. If the system is doing the hosting for your website then it may not be available!
Always bear in mind that the production environment is different from test environment, so I recommend that you do it carefully. A good practice is to keep a time interval between the upgrade of test and production environment, in my case it is a week. Remember not to make changes to production on Friday!
This is how we check the version of the system:
And now, we going to update OS, but before we do that – we will make copy of:
|
1 |
cp /etc/apt/sources.list /root/sources.list_buster |
There is sorces setup for buster:
|
1 2 3 4 5 6 |
# cat /etc/apt/sources.list deb http://ftp.debian.org/debian buster main contrib deb http://ftp.debian.org/debian buster-updates main contrib deb http://security.debian.org buster/updates main contrib deb http://nginx.org/packages/debian/ buster nginx deb-src http://nginx.org/packages/debian/ buster nginx |
Before we upgrade the debian system version to 11, we need to do a full upgrade:
|
1 |
# apt update && apt upgrade -q -y && apt dist-upgrade -q -y && apt autoremove -y -q |
Then we use sed to replace “buster” on “bullseye”:
|
1 |
# sed -i 's/buster/bullseye/g' /etc/apt/sources.list |
There here’s the effect:
|
1 |
# cat /etc/apt/sources.list |
To be sure, we will do a comparison of the backed up file:
And then we can do update:
|
1 |
# apt update && apt upgrade -q -y && apt dist-upgrade -q -y && apt autoremove -y -q |
So that it is not too easy, to start the task in the form of:
Specifically about this error:
|
1 2 3 4 5 6 |
Err:5 http://security.debian.org bullseye/updates Release 404 Not Found [IP: 199.232.150.132 80] Reading package lists... Done E: The repository 'http://security.debian.org bullseye/updates Release' does not have a Release file. N: Updating from such a repository can't be done securely, and is therefore disabled by default. N: See apt-secure(8) manpage for repository creation and user configuration details. |
To fix it, use any editor on the file (vi in my case):
|
1 |
# vi /etc/apt/sources.list |
We remove line 4 – “deb http://security.debian.org buster/updates main contrib” as you can see, we go out and save :
Of course, any other editor like nano is also good for this case.
The contents of the /etc/apt/sources.list file now looks like this:
|
1 2 3 4 5 |
# cat /etc/apt/sources.list deb http://ftp.debian.org/debian bullseye main contrib deb http://ftp.debian.org/debian bullseye-updates main contrib deb http://nginx.org/packages/debian/ bullseye nginx deb-src http://nginx.org/packages/debian/ bullseye nginx |
We can try to update the system again:
|
1 |
# apt update && apt upgrade -q -y && apt dist-upgrade -q -y && apt autoremove -y -q |
Now you need get some the system upgrade process has started. You can go for a coffee, or not 😉
There will be questions.
And more information, albout apt listchanges:
Just press ‘q’ and enter.
In this case we press enter.
Services to restart:
Enter agien.
This is question, about ssh deamon configuration:
In my case, I press enter because I don’t want to make changes to its configuration.
If all went well, we can reboot the system:
|
1 |
# reboot |
Now check the system:
Congratulations, we are on the new version of the system!
At this point, we can verify all services, for example whether the website is working properly. If it is OK, upgrade the production environment.
In my cases, I have problem PHP new version.
PHP have no persmision on nginx to user – when I try enter to page:
|
1 2 |
# tail -f /var/log/nginx/error-*.log unix:/var/run/php/php-fpm.sock failed (13: Permission denied) |
So we need to fix that in this way:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
# service php7.4-fpm status * php7.4-fpm.service - The PHP 7.4 FastCGI Process Manager Loaded: loaded (/lib/systemd/system/php7.4-fpm.service; enabled; vendor preset: enabled) Active: active (running) since Fri 2021-10-01 14:59:14 CEST; 3min 28s ago Docs: man:php-fpm7.4(8) Process: 289 ExecStartPost=/usr/lib/php/php-fpm-socket-helper install /run/php/php-fpm.sock /etc/php/7.4/fpm/pool.d/www.conf 74 (code=exited, status=0/S> Main PID: 116 (php-fpm7.4) Status: "Processes active: 0, idle: 2, Requests: 0, slow: 0, Traffic: 0req/sec" CPU: 364ms CGroup: /system.slice/php7.4-fpm.service |-116 php-fpm: master process (/etc/php/7.4/fpm/php-fpm.conf) |-287 php-fpm: pool www `-288 php-fpm: pool www Oct 01 14:59:11 soban-pl systemd[1]: Starting The PHP 7.4 FastCGI Process Manager... Oct 01 14:59:14 soban-pl systemd[1]: Started The PHP 7.4 FastCGI Process Manager. |
There is something wrong with the permissions:
|
1 2 3 4 5 |
# grep www-data /etc/php/7.4/fpm/pool.d/www.conf user = www-data group = www-data listen.owner = www-data listen.group = www-data |
Let’s make some backup:
|
1 |
# cp /etc/php/7.4/fpm/pool.d/www.conf /etc/php/7.4/fpm/pool.d/www.conf.backup.$(date +%F) |
I will replace www-data to nginx:
|
1 |
# sed -i 's/www-data/nginx/g' /etc/php/7.4/fpm/pool.d/www.conf |
Now it’s looks better:
|
1 2 3 4 5 |
# grep nginx /etc/php/7.4/fpm/pool.d/www.conf user = nginx group = nginx listen.owner = nginx listen.group = nginx |
And restart services:
|
1 |
# service php7.4-fpm restart |
Also checking status:
Another problem is that, mariadb was removed, so I install it agien:
|
1 |
# apt-get install mariadb-server mariadb-client -y |
and that resolved all my problems.
To be 100% sure, I reloaded the entire machine.