Search code examples
ubuntudebiandpkg

Are debian package update atomic?

I want to update a ubuntu box in an unsupervised way. If the update fails, I'll have to fly there to manually fix it :P so my question is:

If there is power outage in the middle of a kernel or user space package update, will the system stay consistent?

example scenarios:

  • update kernel with update-grub atomic or not?
  • package A1 and B1 depend on C1. New version A2 and B2 depend on C2 but not C1. The update got A2 and C2 then power outage. What happens? I guess it depends on how dpkg applies the updates after downloads.

Follow up: if dpkg can't achieve this, what are my options? Things like docker doesn't seem to solve this problem since the host OS still needs to be updated. Thanks!

Added: what is unsupervised way: I have thousands of these boxes running in various places. Someone can inadvertently unplug at anytime. For upgrade, my server sends them "upgrade to XXX version" command. they execute the command autonomously.

Solution

  • What do you mean "unsupervised way"? Usually one logs in over ssh, and runs apt-get or aptitude remotely on the command line. Usually apt-get/aptitude runs first, downloading necessary packages. After the download is complete, dpkg runs, installing those packages into the system. If there is a system failure while apt-get/aptitude are running there is no problem; you are just left with some partially downloaded packages and can resume where you left off. If there is a failure while dpkg is running, there can be (and probably will be) a problem, but the problem is also usually repairable with dpkg, using such options as dpkg --configure. dpkg is reasonably robust. Of course, there are never any guarantees. Bear in mind that the system normally remains up during upgrades, so unless there is some catastrophic problem, like the deletion of important system files, the system will normally remain functional and repairable. Even ssh connections normally persist during an upgrade.

    NOTE: Doing updates/upgrades in small increments may reduce the probability of problems. But your mileage may vary.

    UPDATE: The poster clarified the term "unsupervised". This probably doesn't make any difference to my answer, except that you would want to make sure you kept logs on all machines, so that in the event of a problem, you would have some idea of what had gone wrong. Debian keeps logs of dpkg and aptautomatically. These are /var/log/dpkg.log, /var/log/apt/history.log, and /var/log/apt/term.log. term.log is probably the most relevant in terms of checking whether an upgrade had completed successfully.