Hello RPi Group--I have Raspbian installed on my RPi. I have been using sudo apt-get update and sudo apt-get upgrade monthly with the understanding that this will keep the operating system up to date. To make sure the operating system actually runs the changes that were downloaded, is it necessary to reboot after running those commands?
The "unless..." part of your reply raises additional questions: wouldn't the kernel or bootloader be included with the downloads after running update/upgrade? If not, how do I get them updated?
It is included. He meant that was the case in which it *would* be wise to then reboot. After a kernel update, both the old and new kernel will be installed. Only after rebooting will the new kernel start running.
If you've got three or more kernels installed, run sudo apt-get autoremove which should remove all but two.
That is not so easy to answer. As others have noted, when the kernel has been updated it would be advisable to reboot. However, there are also updates to shared libraries that are in use by programs.
Unlike Windows, Linux can update those files while the system is running, but the updates will only be used by programs started after the update. The programs already running when you update will continue to use the old unpatched version of the library, and will potentially be vulnerable to the problem the update is fixing.
Libraries like OpenSSL, for which security updates are regularly released, are used by many network-facing programs. You would need to restart at least those programs to be really secure.
What is best to do depends on your expertise, what you are running on the Pi, and what difficulty it would cause to reboot it.
When a reboot doesn't matter, just do it whenever you see an update that somehow is about network security. When you want to avoid reboots, just restart the services that are network-facing. Except when the kernel was updated, then it is advisable to reboot anyway. (it is not always really required because the update may be in a module that you have not loaded, or affects something that is not relevant to your usage)
Some of the updates of system services (as opposed to shared libraries) solve the problem themselves by restarting the service after it has been updated. You see this happening during the upgrade phase. (watch for the green "ok" text printed by a service restart)
I've got a problem and the finger of suspicion points to the latest kernel (3.18.7-v7+). Two DVB-T USB tuners no longer work although they were fine until recently. The kernel fails to recognise them properly. The also work on Linux Mint 17.0 on my desktop.
How do I revert to a previous version on the PI (I know how to do it on Grub but there is no Grub on Pi)?
I take it you are aware of the need to "blacklist" certain drivers with recent versions of the kernel? I have a DVB-T USB stick working perfectly under 3.18.7+ #755.
I'm currently using this script for raspbian updates:
============================================================ #!/bin/bash if [ "$1" == '-?' ] then echo "Syntax: rpi_update" echo "Function: Runs apt_get update and apt_get upgrade" echo "Options: none" exit 1 fi apt-get autoclean if [ $? -ne 0 ] then echo "apt-get autoclean failed: rpi_update abandoned" exit 1 fi apt-get dist-upgrade if [ $? -ne 0 ] then echo "apt-get dist-upgrade failed: rpi_update abandoned" exit 1 fi apt-get update if [ $? -ne 0 ] then echo "apt-get update failed: apt-get upgrade not run" else apt-get upgrade fi ============================================================
and have been using it for quite some time, though I hadn't included 'apt-get autoclean' until just before today's update run. Today's interesting discovery was that the inclusion of autoclean reduced the space used on my SD card from 3.5GB to 2.1GB, so evidently it does a bit more than was suggested earlier in this thread.
'apt-get dist-upgrade' does a similar job by removing references to obsolete top-level packages but its not clear that it removes the packages themselves, since although I run 'df -h' after each upgrade, I don't recall seeing it have any notable effect on the space used.
If you want to use this script, I recommend putting it in /usr/local/bin, making it world executable and making sure that /usr/local/bin is in $PATH.
--
martin@ | Martin Gregorie
gregorie. | Essex, UK
...its somewhat confusing compared with RedHat's yum, particularly with what it doesn't say about the preferred sequence of running the apt-get tasks. Actually, provided that update precedes upgrade/dist-upgrade I don't think it matters much provided they are all used regularly.
--
martin@ | Martin Gregorie
gregorie. | Essex, UK
Its just a shell script, similar to Windows .BAT files though quite a bit more powerful. The differences are:
- shell scripts are found using the same search mechanism as any other executable file
- scripts are text files that have 'execute' permissions.
- by default scripts are assumed to be shell scripts (under Raspbian this means they are interpreted by bash, the command line interpreter. This can be overridden. If the first line of a script starts with '#!' the text immediately following it is the absolute name of the program that interprets it. Its also a convention to make this explicit, hence my use of
#!/bin/bash
as the first line, so if this was a Perl script, the first line would read "#!/bin/perl".
Its a good idea to get up to speed ASAP for writing scripts, using man and apropos to find commands and how to use them and understanding how file access permissions work, because if you only ever just use the graphical desktop then you're really crippling your use of Linux or any other UNIX-like OS for that matter, i.e. FreeBSD, OSX, iOS, ...
--
martin@ | Martin Gregorie
gregorie. | Essex, UK
ElectronDepot website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.