Debian 10.3 Released

Debian Linux

Pretty cool! I almost missed that Debian 10.3 got released last week. This is a corrective release, meaning it’s about improving stability and security rather than about introducing major innovations.

Upgrade Debian 10.2 to 10.3

I only have one dedicated server running Debian 10, and will possibly reinstall even that – turns out I’m much more used to CentOS servers than anything else.

BUT this server is still there, so why not upgrade it?

Step 1: Update Debian repositories

First, we run apt-get update. I never noticed it before, but apparently this command is clever enough to recognize that InRelease changes version from 10.2 to 10.3 (see the last line of the output):

root@srv:~ # apt-get update
 Get:1 http://mirrors.online.net/debian buster InRelease [122 kB]
 Get:2 http://security.debian.org/debian-security buster/updates InRelease [65.4 kB]
 Get:3 https://download.docker.com/linux/ubuntu bionic InRelease [64.4 kB]
 Ign:4 http://mirrors.online.net/debian buster/non-free Sources
 Ign:5 http://mirrors.online.net/debian buster/main Sources
 Ign:6 http://mirrors.online.net/debian buster/main amd64 Packages
 Ign:7 http://mirrors.online.net/debian buster/main Translation-en
 Ign:8 http://mirrors.online.net/debian buster/non-free amd64 Packages
 Ign:9 http://mirrors.online.net/debian buster/non-free Translation-en
 Get:4 http://mirrors.online.net/debian buster/non-free Sources [86.3 kB]
 Get:5 http://mirrors.online.net/debian buster/main Sources [7,832 kB]
 Get:10 http://security.debian.org/debian-security buster/updates/main Sources [102 kB]
 Get:11 http://security.debian.org/debian-security buster/updates/main amd64 Packages [176 kB]
 Get:12 http://security.debian.org/debian-security buster/updates/main Translation-en [92.8 kB]
 Get:6 http://mirrors.online.net/debian buster/main amd64 Packages [7,907 kB]
 Get:7 http://mirrors.online.net/debian buster/main Translation-en [5,970 kB]
 Get:8 http://mirrors.online.net/debian buster/non-free amd64 Packages [88.0 kB]
 Get:9 http://mirrors.online.net/debian buster/non-free Translation-en [88.7 kB]
 Fetched 22.6 MB in 3s (6,828 kB/s)
 Reading package lists… Done
 N: Repository 'http://mirrors.online.net/debian buster InRelease' changed its 'Version' value from '10.2' to '10.3'

Step 2: Upgrade packages and Debian distro

apt-get dist-upgrade brings all the packages to the current release of your Debian/Ubuntu distro. In my case, 

root@srv:~ # apt-get dist-upgrade
 Reading package lists… Done
 Building dependency tree
 Reading state information… Done
 Calculating upgrade… Done
 The following NEW packages will be installed:
   linux-headers-4.19.0-8-amd64 linux-headers-4.19.0-8-common linux-image-4.19.0-8-amd64
 The following packages will be upgraded:
   base-files e2fsprogs git-man libboost-iostreams1.67.0 libboost-system1.67.0 libcom-err2 libcups2 libcupsimage2 libext2fs2 libgnutls30 libidn2-0
   libnss-systemd libopenjp2-7 libpam-systemd libpython3.7 libpython3.7-dev libpython3.7-minimal libpython3.7-stdlib libsasl2-2 libsasl2-modules
   libsasl2-modules-db libss2 libsystemd0 libtiff5 libtimedate-perl libudev1 linux-compiler-gcc-8-x86 linux-headers-amd64 linux-image-amd64 linux-kbuild-4.19
   linux-libc-dev openssh-client openssh-server openssh-sftp-server python-apt python-apt-common python3-apt python3.7 python3.7-dev python3.7-minimal sudo
   systemd systemd-sysv udev
 44 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
 Need to get 129 MB of archives.
 After this operation, 325 MB of additional disk space will be used.
 Do you want to continue? [Y/n] y
...

Step 3: Reboot (when convenient)

You don’t have to reboot immediately. The biggest reason to do it is to start using new version of Linux kernel, but there’s hardly a specific update in minor kernel upgrade that justifies immediate downtime.

Here’s the kernel version before reboot:

root@srv:~ # uname -a
Linux srv.ts.fm 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u2 (2019-11-11) x86_64 GNU/Linux

When possible, you should do a graceful reboot:

root@srv:~ # shutdown -r now

After system is back online, we can see that it’s running Debian Buster 10.3 now:

greys@srv:~ $ uname -a
Linux srv.ts.fm 4.19.0-8-amd64 #1 SMP Debian 4.19.98-1 (2020-01-26) x86_64 GNU/Linux

See Also



Debian 10 – Buster

debian-linux-logo

Debian 10 “Buster” got released ealier this week, culminating work of the past 2 years. It’s a massive upgrade to Debian 9 and a solid release available for 10 architectures (x86/x64/AMD64 and arm64/amrhf plus MIPS, PowerPC and IBM System Z.

I’m away from home for the past 2 weeks but will attempt distro upgrade in my Debian 9 VM, so stay tuned.

Notable Improvements in Debian 10 Buster

Secure Boot is finally here in Debian 10!

This means Debian 10 comes with signed and fully trusted version of GRUB boot loader that is activated by the Shim loader.

Secure Boot is a cool security feature found on most modern PCs and laptops, basically to ensure that trusted (secure) code is loaded by UEFI (Unified Extensible Firmware Interface) before Operating System.

AppArmor is Activated by Default

This means at least the core OS functionality will run with improved security. You’ll need to disable AppArmor using GRUB options if you want to continue running OS without AppArmor.

nftables is the Default Packet Filter

nftables tool will help with managing both IPv4 and IPv6 packets. I think iptables compatibility is there, meaning you can run iptables commands with common syntax – but implementation will actually be done using nftables.

Linux Kernel Updated to 4.19

Not quite the bleeding edge (I hear Linux Kernel 5.2 released recently), but that’s exactly the point: Debian always prides itself on being one of the most stable and reliable distros, meaning it won’t have latest features but will ensure that everything avaialbe will work as expected.

See Also