My common steps to do a dist-upgrade to a new Debian stable release. Based on but optimised for direct copy and paste, i.e. no italic step pseudo-variables necessary. And it of courses uses aptitude interactively to upgrade machines while keeping services downtimes as short as possible.

Start the session


Jessie to Stretch

export new=stretch
export old=jessie

Stretch to Buster

export new=buster
export old=stretch

Buster to Bullseye

export new=bullseye
export old=buster


Ascii to Beowulf

export new=beowulf
export old=ascii


screen -U
script -t 2>~/upgrade-${new}.time -a ~/upgrade-${new}.script

Common Checks

dpkg --audit
dpkg --get-selections "*" > ~/curr-pkgs.${old}.txt
aptitude search "~ahold"
dpkg --get-selections | grep 'hold$'

Check if all packages are uptodate and if there are obsolete and local packages installed

aptitude -u

Make LVM snapshots if needed/wanted/possible

lvcreate -L 3G -n root-${old} -s /dev/*vg*/root
lvcreate -L 5G -n var-${old} -s /dev/*vg*/var
lvcreate -L 1G -n log-${old} -s /dev/*vg*/log

Disable config management, etc.

zile /etc/default/aptitude-robot

Do the upgrade step by step with aptitude

sed -e "s/${old}/${new}/gi" -i /etc/apt/sources.list /etc/apt/sources.list.d/*.list
sed -e 's:bullseye/updates:bullseye-security:g' -i /etc/apt/sources.list /etc/apt/sources.list.d/*.list
aptitude -u

Enable automatic package updates again

zile /etc/default/aptitude-robot

Running this will enable the remaining disabled stuff anyways.


shutdown -r now "New kernel after dist-upgrade to ${new}"