Greg Milligan's picture

Greetins all, I have had my server running for the last several years, never had any issues, so I am at a loss as to the version. Should it be upgraded/updated if it is running flawlessly? How do I determine the version, I have forgotten how.

Forum: 
Jeremy Davis's picture

Apologies on the delayed response. I've been away.

If it's a release from within the last few years it should include a commandline tool that will give you the version. So just run:

turnkey-version

It's probably obvious what the output means, but I'll spell it out anyway. The format is:

turnkey-<APPLAINCE_NAME>-<VERSION_NUMBER>-<DEBIAN_CODENAME>-<ARCHETECHTURE>
E.g. on my 64 bit v14.1 TKLDev server (v14.x is based on Debian Jessie).
root@tkldev ~# turnkey-version 
turnkey-tkldev-14.1-jessie-amd64

Whether you should update it or not depends on a ton of factors. Things like:

  • What version it is.
    • If it's older than v13.0 then it's no longer getting auto security updates (and manual sec updates aren't available).
  • The sensitivity/importance of the data it contains.
    • The more sensitive/important the data, the more important it is to keep up to date, especially considering security updates point above.
  • Where it's running.
    • If it's running locally (within a LAN) and not accessible online then lack of security updates are much less of an issue.
    • If it's running online, how popular your site is is also a consideration. If it's in a quiet corner of the internet then it's going to be much less of a target for attackers than if it's quite a popular site.
    • Where it's running is also a factor. E.g. as a general rule, if it's running on a platform like Amazon it's probably more of a target than if it is hosted by a smaller, less popular company.
  • How many users you have and how much you trust them.
    • If you only have a small number of trusted users then the risk of privilege escalation vulnerabilities are not that significant.
    • OTOH if you have random users (e.g. a CMS like WordPress where unknown and untrusted users can signup and post comments etc) then patching potential exploits such as privilege escalation vulnerabilities in a timely fashion is pretty important.

Another factor to consider is that the older your server is, the more work will be involved to migrate to the current version.

So long story short, if it's v12.x (or earlier) then I would personally consider migrating your data to the current version regardless. If it's v13.x then it's your call. Unless you are running v14.x, personally I'd still consider at least evaluating how easy it will be to migrate/upgrade.

Another thing to keep in mind too, is that depending on the appliance, there may be software that you will still need to upgrade yourself (not covered by the auto updates). If you tell me what your appliance is then I can comment further.

Also there is a doc page that gives a suggested workflow for migrating your data (using TKLBAM) and some specific considerations for v14.x.

Hope that helps...

Add new comment