So I log into my ISPConfig 3 control panel and the click on "Monitor" and am told "Warning: one or more components needs an update" so I click for more info and find... The following NEW packages will be installed: linux-headers-2.6.35-25 linux-headers-2.6.35-25-generic-pae linux-image-2.6.35-25-generic-pae The following packages will be upgraded: linux-generic-pae linux-headers-generic-pae linux-image-generic-pae linux-libc-dev 4 upgraded, 3 newly installed, 0 to remove and 0 not upgraded. ...and a series of lines that appear to be related. So I fire up Putty and log into my server and run the commands "apt-get update" and "apt-get upgrade" and everything is updated except the above. So I figure I must need to reboot the server so I do but when I log in to the server again it still shows "2.6.35-23-generic-pae #41-Ubuntu" so I'm figuring that it's not updating. What am I doing wrong? How do I update these components? Do I need to? Thanks in advance. Oops, I forgot to mention, I'm running Ubuntu 10.10 server edition Set up as per the Perfect Server Ubuntu 10.10 [ISPConfig 3] guide.
Regarding these kernel updates you mention, yes after each kernel update, a reboot is necessary. keep in mind that you should verify you rescue access possibilies before you reboot in case you may experience some problems with the new kernel preventing your server to come up again. Also don't panic too much if it takes a long time to boot in case of an automatic filesystem check during the boot phase, depending on the last time run of this check. As you mentioned after the reboot the kernel seems to stay the same, even though the kernel is updated, the version number often does not change at all. So the build timestamp when firing "uname -a" should be a good indicator to verify if the new kernel was loaded. Does the rest of the aptitude output indicate any possible error? E.g. that the new kernel was net set properly for grub / lilo?
apt-get upgrade Reading package lists... Done Building dependency tree Reading state information... Done The following packages have been kept back: linux-generic-pae linux-headers-generic-pae linux-image-generic-pae The following packages will be upgraded: linux-libc-dev 1 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
dist-upgrade Looks like dist-upgrade is the best choice as previously mentioned. I have successfully used that command before on Ubuntu 8.04 LTS. http://www.debian-administration.org/articles/69
Thanks for that but before I go ahead the question that hasn't been answered is do I need to? Are there any security issues with not running the latest kernel or would I be fine to leave things as they are and just keep updating and upgrading as I have been?
Kernel Changelog To update or not to update. That's a loaded question.. Do an update and stuff might break and people get upset. Don't do an update and you might get attacked, systems go down, and your users flee for the hills too. To answer your question easily and directly, go to the source. The linux kernel. A quick web search will pull up the current kernel info. Here's a link to the current changelog: http://changelogs.ubuntu.com/changelogs/pool/main/l/linux/linux_2.6.32-28.55/changelog Linked from this page: http://packages.ubuntu.com/lucid-updates/linux-headers-2.6.32-25-generic This file contains the release notes for these and newer kernel revisions. Skip down to your kernel version and read upward to the 2.6.32-25.45 section for that kernel and see for yourself what's been changed. Now for the more difficult, non-technical answer: There are varying opinions and reasons for keeping your system up to date or waiting to update. The kernel is the core of your system and it's usually a good idea to keep it up to date. I usually install updates except in specific circumstances such as a newer kernel might not be supported by vmware or or other specific software you're running - something like that. You don't want to bring down mission critical software that is specific to a particular kernel. Ask yourself how comfortable you are with linux? Is reverting to an older version/restoring from backup feasable? At the same time, are you willing to take the opposite risk of not upgrading and potentially get attacked from a security issue? For instance I've used web hosts that rarely update their systems and others that keep them pretty up to date. It all depends. It's a double edged sword that all IT administrators accept and choose their own path. Blue pill or red pill? You take a risk either way.
In the future you can use apt-listchanges to see changelog between versions and urgency. To use this tool you must download first the packages: sudo apt-get update sudo apt-get -d upgrade (this download the upgrades only, not install) sudo apt-listchanges /var/cache/apt/archives/filename.deb It's really useful.
