System upgrade

LPIC-1LINUX

TL;DR

Debian/Ubuntu -> sudo apt update; sudo apt upgrade (conservative/PRODUCTION) or sudo apt full-upgrade (complete/riskier)

RHEL/CentOS/Fedora -> sudo yum update(updates packages, keeps obsoletes)/upgrade(updates packages, removes obsoletes) or sudo dnf update/upgrade (both update packages, remove obsoletes); sudo dnf upgrade, is preferred

openSUSE -> sudo zypper up

Checklist before updating a system:

  1. Reboot after a kernel update

  2. Create a snapshot

  3. Data backups

  4. df -h (2-5 GB free space)

  5. Backup /etc

  6. Use terminal multiplexers

  7. Check log files

---------------------------------------

1. Debian / Ubuntu (apt)*

This is a two-step process: first synchronizing the package index, then performing the upgrade.

  • Update the package list: sudo apt update

  • Upgrade packages: sudo apt upgrade

  • Full system upgrade (handles dependency changes): sudo apt full-upgrade

When to use apt upgrade

Use it when you want a conservative, safe update — nothing will be added or removed, only updated. Good for:

  • Servers in production where you want to avoid unexpected dependency changes

  • Situations where you want to review what would be removed before committing

  • Quick security patches where you don't want side effects

If apt upgrade can't upgrade a package without removing/adding something, it simply holds it back rather than touching it.

When to use apt full-upgrade

Use it when you want a complete, clean upgrade with no held-back packages. Good for:

  • Desktop systems / development machines

  • After adding new repos or PPAs

  • When apt upgrade reports held-back packages and you want to resolve them

  • Keeping a system fully in sync with its repos

2. RHEL / CentOS / Fedora (dnf or yum)**

dnf (Dandified YUM) is the successor to yum. On newer versions of Fedora or RHEL, yum is often just a symbolic link to dnf.

  • Check for and apply updates: sudo dnf upgrade

  • Or using the older syntax: sudo yum update/upgrade

  • sudo yum update(updates packages, keeps obsoletes)/upgrade(updates packages, removes obsoletes) or

  • sudo dnf update/upgrade (both update packages, remove obsoletes); sudo dnf upgrade is preferred

3. openSUSE (zypper)

  • Update installed packages with newer versions: sudo zypper up

Checklist on Best Practices
1 Reboot after a kernel update

Regardless of the manager, it is a good habit to reboot your system after a kernel update to ensure the new kernel is initialized. You can check if a reboot is required on many systems by looking for the existence of the file /var/run/reboot-required .

2 Create a snapshot (VM)

Before upgrading the system, create a snapshot, if your OS is running as a VM.

3 Data Backups

Snapshots are great for the OS, but Backups are for the data. A snapshot usually lives on the same disk; if the hardware fails, the snapshot dies too.

  • Use rsync*** for file transfers, or maybe take a look at utilities like BorgBackup / Timeshift for incremental, compressed backups.

  • Always back up to an external drive or a remote server.

4 Verify Disk Space before Upgrade

One of the most common causes of "broken" updates is running out of disk space halfway through. The package manager downloads the .deb or .rpm files to a cache (usually /var/cache/) before installing them.

  • Run df -h to ensure you have at least 2GB–5GB of free space.

  • Run sudo apt clean or sudo dnf clean all to remove old cached packages and free up room for the new ones.

5 Configuration Backups (/etc)

Almost all system configuration lives in /etc.

  • If an update changes a service's configuration format, your custom settings might be overwritten.

  • tar -cvzf etc_backup_$(date +%F).tar.gz /etc

6 Power & Connectivity Stability

If the system loses power during the "unpacking" phase, your package database can become corrupted.

  • Laptops: Always plug into AC power.

  • Remote Servers: Use a terminal multiplexer**** like tmux or screen. If your SSH connection drops, the upgrade process will keep running on the server instead of being killed by the hangup signal (SIGHUP).

7 Check Log Files and Known Issues

For "mission-critical" updates (like moving from one major version to another), check the distribution's mailing list or forums.

Notes:

* Explore apt-get, apt-cache and apt commands.

** Explore the old "yum" and the new "dnf" commands.

*** Warning on using rsync: if rsync is not configured properly, it may delete your data instead of making a copy of it! My recommendation is to practice first with different options until you feel confident. Be extra careful if you use rsync inside a script, and that you are using the right variables in place!

**** If you need to know more about terminal multiplexers, click here.

Contact

Email

hello@unixtips.eu

© 2025. All rights reserved.