Linux
安全自動更新的 apt 選項
與我之前的問題相關,升級軟體包時應該使用哪些 apt 選項,以便:
- 如果升級導致其他軟體包被刪除,apt 將停止而不接觸任何內容
- 如果由於升級而安裝了新軟體包,並且它們不會導致任何衝突或刪除,則 apt 將安裝它們
- 如果要升級其他軟體包,我寧願停止
提前感謝您的幫助
我對手冊頁進行了一些研究,特別是在
man apt.conf
and中man apt-get
,並發現了以下內容。如果您認為我忘記了什麼,請發表評論。
- 使用 option
--only-upgrade
,或者將 apt 配置項設置APT::Get::Only-Upgrade
為 true- apt配置項
APT::Get::force-yes
設置為false- 使用 option
--no-remove
,或將 apt 配置項設置APT::Get::Remove
為 false不確定
--trivial-only
/APT::Get::Trivial-Only
這裡有幫助,需要更好地調查它。隨著
aptitude
,相關的部分似乎是:
- 使用
safe-upgrade
帶有--no-new-installs
選項的命令- 設置
Aptitude::Delete-Unused
為 false,以便不會自動刪除未使用的包(我可能不同意 aptitude 關於未使用的內容……)- 添加
-R
/--without-recommends
可能有幫助,需要更多調查更新 我在舊系統上做了一些測試:
# grep ^Ubuntu /etc/motd Ubuntu 10.04.4 LTS
apt-get``apt-get upgrade
看起來更加謹慎,結果在普通和之間沒有區別apt-get -o APT::Get::Only-Upgrade=true --no-remove -o APT::Get::force-yes=false upgrade
。
aptitude
似乎更具侵略性,並且“安全選項”似乎發揮了作用。標準升級(實際執行safe-upgrade
)# aptitude -s -y upgrade W: The "upgrade" command is deprecated; use "safe-upgrade" instead. Lettura elenco dei pacchetti... Fatto Generazione albero delle dipendenze Lettura informazioni sullo stato... Fatto Reading extended state information Initializing package states... Fatto Resolving dependencies... The following NEW packages will be installed: linux-image-2.6.32-55-generic-pae{a} The following packages will be upgraded: linux-generic-pae linux-image-generic-pae linux-image-server linux-libc-dev linux-server 5 packages upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 0B/32.8MB of archives. After unpacking 98.2MB will be used. Would download/install/remove packages.
現在有了“安全”選項:
# aptitude -s -y --no-new-installs -R -o Aptitude::Delete-Unused=false safe-upgrade Lettura elenco dei pacchetti... Fatto Generazione albero delle dipendenze Lettura informazioni sullo stato... Fatto Reading extended state information Initializing package states... Fatto Resolving dependencies... The following packages have been kept back: linux-generic-pae linux-image-generic-pae The following packages will be upgraded: linux-image-server linux-libc-dev linux-server 3 packages upgraded, 0 newly installed, 0 to remove and 2 not upgraded. Need to get 0B/878kB of archives. After unpacking 0B will be used. Would download/install/remove packages.
和我想要的更相似。
install
不幸的是,當與命令而不是upgrade
/一起使用時,這兩個集合似乎都不能阻止安裝新軟體包或升級其他軟體包safe-upgrade
,所以我有點回到第一方:我無法apt-get
/aptitude
停止它會做一個潛在的、偏執的、不安全的操作。從某種意義上說,我有一個更好的安全網,但我不會摔倒。