Michel's picture

Hi,

How can I perform security updates to the system and patches to the turnkey linux appliance?    Including updates for mySQL and other recommended updates that exist with your turnkey appliances?

Please provide all of the relevant commands I would use to run and install the latest updates.  I do not see any clear documentation on your website for non-linux folks.

Thank you!

Michel

Forum: 
Michel's picture

can i get any help with this?

I don't know of any other support forum for turnkey linux but this one.

I need to know what command(s) I can issue that will allow me to install the latest updates (security, etc) on my turnkey appliance.

Thanks!

Michel

Jeremy Davis's picture

I have my head down trying to push the v14.1 release out the door so apologies on the radio silence...

By default all security updates from the Debian security repository auto install every night. Have a look at /var/log/cron-apt to see what has been happening in that regard.

Appliances that only use software installed from Debian (and TurnKey ourselves) such as Core, LAMP, LAPP etc should have all security updates auto installed. However generally the software installed on top (directly from the developers) does not auto update. The steps required will be different for each piece of software.

We need to do a better job of explaining which parts aren't covered by auto updates explicitly for each appliance!

Also this only applies to v13.0 and v14.x appliances. v12.x appliances are about to be EOL.

In the meantime if you have questions regarding specific appliances please let me know.

Michel's picture

Hi, Jeremy.  Thanks for responding!  I remember working with you in the past on one or two issues.

Just to confirm, so the "Turnkey Wordpress 14.0 appliance" edition should already be setup to do auto-install every night.  Is that correct?

And if I check out /var/log/cron-apt it would provide details on the auto-install that is completed each night?

I will check out those details and get back to you soon.

Thanks again!

Michel

Jeremy Davis's picture

All appliances are already configured to get TurnKey and Debian security updates every night.

In your WordPress appliance that applies to Apache, MySQL and all other OS components that are installed from either Debian directly (in the case of Apache, MySQL etc) or TurnKey (e.g. TKLBAM, conconsole, etc). However WordPress itself is not configured for any auto updates. You need to manually update the WordPress software itself.

FWIW in v14.1 it will be configured to receive minor updates; but major updates will still need to be installed manually. Hopefully we have finally resolved the ownership issues that previous TurnKey WordPress appliances have had.

Michel's picture

I checked out "/var/logs/cron-apt" and the most recent stuff I see is something like this:

CRON-APT RUN [/etc/cron-apt/config]: Wed Feb 10 17:24:01 UTC 2016
CRON-APT SLEEP: 2632, Wed Feb 10 18:07:53 UTC 2016
CRON-APT ACTION: 0-update
CRON-APT LINE: /usr/bin/apt-get -o quiet=1 update -o quiet=2
CRON-APT ACTION: 5-install
CRON-APT LINE: /usr/bin/apt-get -o quiet=1 autoclean -q -y
CRON-APT LINE: /usr/bin/apt-get -o quiet=1 dist-upgrade -q -y -o APT::Get::Show-Upgraded=true -o Dir::Etc::sourcelist=/etc/apt/sources.list.d/security.sources.list -o Dir::Etc::sourceparts=nonexistent -o DPkg::Options::=--force-confd

I'm assuming this reflects that the last auto update completed on Feb 10 and it was successful.  Is that correct?

Thanks!

Michel

Jeremy Davis's picture

Yes, that log output shows that it last ran 10th Feb and was successful. However if you want to dig deeper you can also inspect what was installed and when:
cat /var/log/apt/history.log
If you want to inspect the older logs you'll need to use zcat instead (they are compressed, but zcat allows you to cat inside gzip compressed archives).
zcat /var/log/apt/history.log.a.gz
Also if you want to force security updates to run right now then you can do that with:
turnkey-install-security-updates

Add new comment