Chapter 4.

Upgrades from Debian 10 (buster)

Chapter 4. Upgrades from Debian 10

(buster)
Table of Contents

4.1. Preparing for the upgrade

4.1.1. Back up any data or configuration information

4.1.2. Inform users in advance
4.1.3. Prepare for downtime on services
4.1.4. Prepare for recovery
4.1.5. Prepare a safe environment for the upgrade

4.2. Start from “pure” Debian

4.2.1. Upgrade to Debian 10 (buster)

4.2.2. Remove non-Debian packages
4.2.3. Upgrade to latest point release
4.2.4. Prepare the package database
4.2.5. Remove obsolete packages
4.2.6. Clean up leftover configuration files
4.2.7. The security section
4.2.8. The proposed-updates section
4.2.9. Unofficial sources
4.2.10. Disabling APT pinning
4.2.11. Check package status

4.3. Preparing APT source-list files

4.3.1. Adding APT Internet sources

4.3.2. Adding APT sources for a local mirror
4.3.3. Adding APT sources from optical media

4.4. Upgrading packages

4.4.1. Recording the session

4.4.2. Updating the package list
4.4.3. Make sure you have sufficient space for the upgrade
4.4.4. Minimal system upgrade
4.4.5. Upgrading the system
4.5. Possible issues during upgrade

4.5.1. Dist-upgrade fails with “Could not perform immediate configuration”

4.5.2. Expected removals
4.5.3. Conflicts or Pre-Depends loops
4.5.4. File conflicts
4.5.5. Configuration changes
4.5.6. Change of session to console

4.6. Upgrading your kernel and related packages

4.6.1. Installing a kernel metapackage

4.7. Preparing for the next release

4.7.1. Purging removed packages

4.8. Obsolete packages

4.8.1. Transitional dummy packages

4.1. Preparing for the upgrade

We suggest that before upgrading you also read the information in Chapter 5,
Issues to be aware of for bullseye. That chapter covers potential issues which
are not directly related to the upgrade process but could still be important to
know about before you begin.

4.1.1. Back up any data or configuration information

Before upgrading your system, it is strongly recommended that you make a full
backup, or at least back up any data or configuration information you can't afford
to lose. The upgrade tools and process are quite reliable, but a hardware failure
in the middle of an upgrade could result in a severely damaged system.

The main things you'll want to back up are the contents of /etc,
/var/lib/dpkg, /var/lib/apt/extended_states and the output of dpkg
--get-selections "*" (the quotes are important). If you use aptitude to
manage packages on your system, you will also want to back up
/var/lib/aptitude/pkgstates.

The upgrade process itself does not modify anything in the /home directory.
However, some applications (e.g. parts of the Mozilla suite, and the GNOME
and KDE desktop environments) are known to overwrite existing user settings
with new defaults when a new version of the application is first started by a user.
As a precaution, you may want to make a backup of the hidden files and
directories (“dotfiles”) in users' home directories. This backup may help to
restore or recreate the old settings. You may also want to inform users about
this.

Any package installation operation must be run with superuser privileges, so

either log in as root or use su or sudo to gain the necessary access rights.
The upgrade has a few preconditions; you should check them before actually
executing the upgrade.

4.1.2. Inform users in advance

It's wise to inform all users in advance of any upgrades you're planning,
although users accessing your system via an ssh connection should notice little
during the upgrade, and should be able to continue working.

If you wish to take extra precautions, back up or unmount the /home partition
before upgrading.

You will have to do a kernel upgrade when upgrading to bullseye, so a reboot

will be necessary. Typically, this will be done after the upgrade is finished.

4.1.3. Prepare for downtime on services

There might be services that are offered by the system which are associated
with packages that will be included in the upgrade. If this is the case, please
note that, during the upgrade, these services will be stopped while their
associated packages are being replaced and configured. During this time, these
services will not be available.

The precise downtime for these services will vary depending on the number of
packages being upgraded in the system, and it also includes the time the
system administrator spends answering any configuration questions from
package upgrades. Notice that if the upgrade process is left unattended and the
system requests input during the upgrade there is a high possibility of services
being unavailable[1] for a significant period of time.

If the system being upgraded provides critical services for your users or the
network[2], you can reduce the downtime if you do a minimal system upgrade,
as described in Section 4.4.4, “Minimal system upgrade”, followed by a kernel
upgrade and reboot, and then upgrade the packages associated with your
critical services. Upgrade these packages prior to doing the full upgrade
described in Section 4.4.5, “Upgrading the system”. This way you can ensure
that these critical services are running and available through the full upgrade
process, and their downtime is reduced.

4.1.4. Prepare for recovery

Although Debian tries to ensure that your system stays bootable at all times,
there is always a chance that you may experience problems rebooting your
system after the upgrade. Known potential issues are documented in this and
the next chapters of these Release Notes.

For this reason it makes sense to ensure that you will be able to recover if your
system should fail to reboot or, for remotely managed systems, fail to bring up
networking.
If you are upgrading remotely via an ssh link it is recommended that you take
the necessary precautions to be able to access the server through a remote
serial terminal. There is a chance that, after upgrading the kernel and rebooting,
you will have to fix the system configuration through a local console. Also, if the
system is rebooted accidentally in the middle of an upgrade there is a chance
you will need to recover using a local console.

For emergency recovery we generally recommend using the rescue mode of the
bullseye Debian Installer. The advantage of using the installer is that you can
choose between its many methods to find one that best suits your situation. For
more information, please consult the section “Recovering a Broken System” in
chapter 8 of the Installation Guide and the Debian Installer FAQ.

If that fails, you will need an alternative way to boot your system so you can
access and repair it. One option is to use a special rescue or live install image.
After booting from that, you should be able to mount your root file system and
chroot into it to investigate and fix the problem.

4.1.4.1. Debug shell during boot using initrd

The initramfs-tools package includes a debug shell[3] in the initrds it

generates. If for example the initrd is unable to mount your root file system, you
will be dropped into this debug shell which has basic commands available to
help trace the problem and possibly fix it.

Basic things to check are: presence of correct device files in /dev; what
modules are loaded (cat /proc/modules); output of dmesg for errors
loading drivers. The output of dmesg will also show what device files have been
assigned to which disks; you should check that against the output of echo
$ROOT to make sure that the root file system is on the expected device.

If you do manage to fix the problem, typing exit will quit the debug shell and
continue the boot process at the point it failed. Of course you will also need to fix
the underlying problem and regenerate the initrd so the next boot won't fail
again.

4.1.4.2. Debug shell during boot using systemd

If the boot fails under systemd, it is possible to obtain a debug root shell by
changing the kernel command line. If the basic boot succeeds, but some
services fail to start, it may be useful to add systemd.unit=rescue.target
to the kernel parameters.

Otherwise, the kernel parameter systemd.unit=emergency.target will

provide you with a root shell at the earliest possible point. However, this is done
before mounting the root file system with read-write permissions. You will have
to do that manually with:

# mount -o remount,rw /
More information on debugging a broken boot under systemd can be found in
the Diagnosing Boot Problems article.

4.1.5. Prepare a safe environment for the upgrade

Important

If you are using some VPN services (such as tinc) consider that
they might not be available throughout the upgrade process. Please
see Section 4.1.3, “Prepare for downtime on services”.

In order to gain extra safety margin when upgrading remotely, we suggest that
you run upgrade processes in the virtual console provided by the screen
program, which enables safe reconnection and ensures the upgrade process is
not interrupted even if the remote connection process temporarily fails.

4.2. Start from “pure” Debian

The upgrade process described in this chapter has been designed for “pure”
Debian stable systems. APT controls what is installed on your system. If your
APT configuration mentions additional sources besides buster, or if you have
installed packages from other releases or from third parties, then to ensure a
reliable upgrade process you may wish to begin by removing these complicating
factors.

The main configuration file that APT uses to decide what sources it should
download packages from is /etc/apt/sources.list, but it can also use
files in the /etc/apt/sources.list.d/ directory - for details see
sources.list(5). If your system is using multiple source-list files then you will need
to ensure they stay consistent.

4.2.1. Upgrade to Debian 10 (buster)

Direct upgrades from Debian releases older than 10 (buster) are not supported.
Display your Debian version with:

$ cat /etc/debian_version

Please follow the instructions in the Release Notes for Debian 10 to upgrade to
Debian 10 first.

4.2.2. Remove non-Debian packages

Below there are two methods for finding installed packages that did not come
from Debian, using either aptitude or apt-forktracer. Please note that neither of
them are 100% accurate (e.g. the aptitude example will list packages that were
once provided by Debian but no longer are, such as old kernel packages).
 $ aptitude search '?narrow(?installed, ?not(?origin(Debian)))'
$ apt-forktracer | sort

4.2.3. Upgrade to latest point release

This procedure assumes your system has been updated to the latest point
release of buster. If you have not done this or are unsure, follow the instructions
in Section A.1, “Upgrading your buster system”.

4.2.4. Prepare the package database

You should make sure the package database is ready before proceeding with
the upgrade. If you are a user of another package manager like aptitude or
synaptic, review any pending actions. A package scheduled for installation or
removal might interfere with the upgrade procedure. Note that correcting this is
only possible if your APT source-list files still point to buster and not to stable or
bullseye; see Section A.2, “Checking your APT source-list files”.

4.2.5. Remove obsolete packages

It is a good idea to remove obsolete packages from your system before
upgrading. They may introduce complications during the upgrade process, and
can present security risks as they are no longer maintained.

4.2.6. Clean up leftover configuration files

A previous upgrade may have left unused copies of configuration files; old
versions of configuration files, versions supplied by the package maintainers,
etc. Removing leftover files from previous upgrades can avoid confusion. Find
such leftover files with:

# find /etc -name '*.dpkg-*' -o -name '*.ucf-*' -o -name

'*.merge-error'

4.2.7. The security section

For APT source lines referencing the security archive, the format has changed
slightly along with the release name, going from buster/updates to
bullseye-security; see Section 5.1.3, “Changed security archive layout”.

4.2.8. The proposed-updates section

If you have listed the proposed-updates section in your APT source-list files,
you should remove it before attempting to upgrade your system. This is a
precaution to reduce the likelihood of conflicts.

4.2.9. Unofficial sources

If you have any non-Debian packages on your system, you should be aware that
these may be removed during the upgrade because of conflicting dependencies.
If these packages were installed by adding an extra package archive in your
APT source-list files, you should check if that archive also offers packages
compiled for bullseye and change the source item accordingly at the same time
as your source items for Debian packages.

Some users may have unofficial backported “newer” versions of packages that
are in Debian installed on their buster system. Such packages are most likely to
cause problems during an upgrade as they may result in file conflicts[4].
Section 4.5, “Possible issues during upgrade” has some information on how to
deal with file conflicts if they should occur.

4.2.10. Disabling APT pinning

If you have configured APT to install certain packages from a distribution other
than stable (e.g. from testing), you may have to change your APT pinning
configuration (stored in /etc/apt/preferences and
/etc/apt/preferences.d/) to allow the upgrade of packages to the
versions in the new stable release. Further information on APT pinning can be
found in apt_preferences(5).

4.2.11. Check package status

Regardless of the method used for upgrading, it is recommended that you check
the status of all packages first, and verify that all packages are in an upgradable
state. The following command will show any packages which have a status of
Half-Installed or Failed-Config, and those with any error status.

# dpkg --audit

You could also inspect the state of all packages on your system using aptitude
or with commands such as

# dpkg -l | pager

or

# dpkg --get-selections "*" > ~/curr-pkgs.txt

It is desirable to remove any holds before upgrading. If any package that is

essential for the upgrade is on hold, the upgrade will fail.

Note that aptitude uses a different method for registering packages that are on
hold than apt and dselect. You can identify packages on hold for aptitude with
 # aptitude search "~ahold"

If you want to check which packages you had on hold for apt, you should use

# dpkg --get-selections | grep 'hold$'

If you changed and recompiled a package locally, and didn't rename it or put an
epoch in the version, you must put it on hold to prevent it from being upgraded.

The “hold” package state for apt can be changed using:

# echo package_name hold | dpkg --set-selections

Replace hold with install to unset the “hold” state.

If there is anything you need to fix, it is best to make sure your APT source-list
files still refer to buster as explained in Section A.2, “Checking your APT source-
list files”.

4.3. Preparing APT source-list files

Before starting the upgrade you must reconfigure APT source-list files
(/etc/apt/sources.list and files under /etc/apt/sources.list.d/)
to add sources for bullseye and typically to remove sources for buster.

APT will consider all packages that can be found via any configured archive,
and install the package with the highest version number, giving priority to the
first entry in the files. Thus, if you have multiple mirror locations, list first the
ones on local hard disks, then CD-ROMs, and then remote mirrors.

A release can often be referred to both by its codename (e.g. buster,

bullseye) and by its status name (i.e. oldstable, stable, testing,
unstable). Referring to a release by its codename has the advantage that you
will never be surprised by a new release and for this reason is the approach
taken here. It does of course mean that you will have to watch out for release
announcements yourself. If you use the status name instead, you will just see
loads of updates for packages available as soon as a release has happened.

Debian provides two announcement mailing lists to help you stay up to date on
relevant information related to Debian releases:

By subscribing to the Debian announcement mailing list, you will receive a

notification every time Debian makes a new release. Such as when
bullseye changes from e.g. testing to stable.

By subscribing to the Debian security announcement mailing list, you will

receive a notification every time Debian publishes a security
announcement.
4.3.1. Adding APT Internet sources
On new installations the default is for APT to be set up to use the Debian APT
CDN service, which should ensure that packages are automatically downloaded
from a server near you in network terms. As this is a relatively new service, older
installations may have configuration that still points to one of the main Debian
Internet servers or one of the mirrors. If you haven't done so yet, it is
recommended to switch over to the use of the CDN service in your APT
configuration.

To make use of the CDN service, add a line like this to your APT source
configuration (assuming you are using main and contrib):

deb http://deb.debian.org/debian bullseye main contrib

After adding your new sources, disable the previously existing “deb” lines by
placing a hash sign (#) in front of them.

However, if you get better results using a specific mirror that is close to you in
network terms, this option is still available.

Debian mirror addresses can be found at https://www.debian.org/distrib/ftplist

(look at the “list of Debian mirrors” section).

For example, suppose your closest Debian mirror is

http://mirrors.kernel.org. If you inspect that mirror with a web browser,
you will notice that the main directories are organized like this:

http://mirrors.kernel.org/debian/dists/bullseye/main/binary-amd64/...
http://mirrors.kernel.org/debian/dists/bullseye/contrib/binary-amd64/...

To configure APT to use a given mirror, add a line like this (again, assuming you
are using main and contrib):

deb http://mirrors.kernel.org/debian bullseye main contrib

Note that the “dists” is added implicitly, and the arguments after the release
name are used to expand the path into multiple directories.

Again, after adding your new sources, disable the previously existing archive
entries.

4.3.2. Adding APT sources for a local mirror

Instead of using remote package mirrors, you may wish to modify the APT
source-list files to use a mirror on a local disk (possibly mounted over NFS).

For example, your package mirror may be under /var/local/debian/, and

have main directories like this:
/var/local/debian/dists/bullseye/main/binary-amd64/...
/var/local/debian/dists/bullseye/contrib/binary-amd64/...

To use this with apt, add this line to your sources.list file:

deb file:/var/local/debian bullseye main contrib

Note that the “dists” is added implicitly, and the arguments after the release
name are used to expand the path into multiple directories.

After adding your new sources, disable the previously existing archive entries in
the APT source-list files by placing a hash sign (#) in front of them.

4.3.3. Adding APT sources from optical media

If you want to use only DVDs (or CDs or Blu-ray Discs), comment out the
existing entries in all the APT source-list files by placing a hash sign (#) in front
of them.

Make sure there is a line in /etc/fstab that enables mounting your CD-ROM
drive at the /media/cdrom mount point. For example, if /dev/sr0 is your CD-
ROM drive, /etc/fstab should contain a line like:

/dev/sr0 /media/cdrom auto noauto,ro 0 0

Note that there must be no spaces between the words noauto,ro in the fourth
field.

To verify it works, insert a CD and try running

# mount /media/cdrom # this will mount the CD to the mount

point
# ls -alF /media/cdrom # this should show the CD's root
directory
# umount /media/cdrom # this will unmount the CD

Next, run:

# apt-cdrom add

for each Debian Binary CD-ROM you have, to add the data about each CD to
APT's database.

4.4. Upgrading packages

The recommended way to upgrade from previous Debian releases is to use the
package management tool apt.
 Note

apt is meant for interactive use, and should not be used in scripts. In
scripts one should use apt-get, which has a stable output better
suitable for parsing.

Don't forget to mount all needed partitions (notably the root and /usr partitions)
read-write, with a command like:

# mount -o remount,rw /mountpoint

Next you should double-check that the APT source entries (in
/etc/apt/sources.list and files under /etc/apt/sources.list.d/)
refer either to “bullseye” or to “stable”. There should not be any sources
entries pointing to buster.

Note

Source lines for a CD-ROM might sometimes refer to “unstable”;

although this may be confusing, you should not change it.

4.4.1. Recording the session

It is strongly recommended that you use the /usr/bin/script program to record a
transcript of the upgrade session. Then if a problem occurs, you will have a log
of what happened, and if needed, can provide exact information in a bug report.
To start the recording, type:

# script -t 2>~/upgrade-bullseyestep.time -a ~/upgrade-

bullseyestep.script

or similar. If you have to rerun the typescript (e.g. if you have to reboot the
system) use different step values to indicate which step of the upgrade you are
logging. Do not put the typescript file in a temporary directory such as /tmp or
/var/tmp (files in those directories may be deleted during the upgrade or
during any restart).

The typescript will also allow you to review information that has scrolled off-
screen. If you are at the system's console, just switch to VT2 (using Alt+F2)
and, after logging in, use less -R ~root/upgrade-bullseye.script to
view the file.

After you have completed the upgrade, you can stop script by typing exit at
the prompt.
apt will also log the changed package states in /var/log/apt/history.log
and the terminal output in /var/log/apt/term.log. dpkg will, in addition,
log all package state changes in /var/log/dpkg.log. If you use aptitude, it
will also log state changes in /var/log/aptitude.

If you have used the -t switch for script you can use the scriptreplay program
to replay the whole session:

# scriptreplay ~/upgrade-bullseyestep.time ~/upgrade-

bullseyestep.script

4.4.2. Updating the package list

First the list of available packages for the new release needs to be fetched. This
is done by executing:

# apt update

Note

Users of apt-secure may find issues when using aptitude or apt-get.

For apt-get, you can use apt-get update --allow-releaseinfo-
change.

4.4.3. Make sure you have sufficient space for the upgrade
You have to make sure before upgrading your system that you will have
sufficient hard disk space when you start the full system upgrade described in
Section 4.4.5, “Upgrading the system”. First, any package needed for installation
that is fetched from the network is stored in /var/cache/apt/archives (and
the partial/ subdirectory, during download), so you must make sure you have
enough space on the file system partition that holds /var/ to temporarily
download the packages that will be installed in your system. After the download,
you will probably need more space in other file system partitions in order to both
install upgraded packages (which might contain bigger binaries or more data)
and new packages that will be pulled in for the upgrade. If your system does not
have sufficient space you might end up with an incomplete upgrade that is
difficult to recover from.

apt can show you detailed information about the disk space needed for the
installation. Before executing the upgrade, you can see this estimate by running:
 # apt -o APT::Get::Trivial-Only=true full-upgrade
[ ... ]
XXX upgraded, XXX newly installed, XXX to remove and XXX not
upgraded.
Need to get xx.xMB of archives.
After this operation, AAAMB of additional disk space will be
used.

Note

Running this command at the beginning of the upgrade process may

give an error, for the reasons described in the next sections. In that
case you will need to wait until you've done the minimal system
upgrade as in Section 4.4.4, “Minimal system upgrade” before
running this command to estimate the disk space.

If you do not have enough space for the upgrade, apt will warn you with a
message like this:

E: You don't have enough free space in /var/cache/apt/archives/.

In this situation, make sure you free up space beforehand. You can:

Remove packages that have been previously downloaded for installation

(at /var/cache/apt/archives). Cleaning up the package cache by
running apt clean will remove all previously downloaded package files.

Remove forgotten packages. If you have used aptitude or apt to manually

install packages in buster it will have kept track of those packages you
manually installed, and will be able to mark as redundant those packages
pulled in by dependencies alone which are no longer needed due to a
package being removed. They will not mark for removal packages that you
manually installed. To remove automatically installed packages that are no
longer used, run:

# apt autoremove

You can also use deborphan, debfoster, or cruft to find redundant

packages. Do not blindly remove the packages these tools present,
especially if you are using aggressive non-default options that are prone to
false positives. It is highly recommended that you manually review the
packages suggested for removal (i.e. their contents, sizes, and
descriptions) before you remove them.

Remove packages that take up too much space and are not currently
needed (you can always reinstall them after the upgrade). If you have
popularity-contest installed, you can use popcon-largest-unused
to list the packages you do not use that occupy the most space. You can
find the packages that just take up the most disk space with dpigs
(available in the debian-goodies package) or with wajig (running
wajig size). They can also be found with aptitude. Start aptitude in
full-terminal mode, select Views → New Flat Package List, press l and
enter ~i, then press S and enter ~installsize. This will give you a
handy list to work with.

Remove translations and localization files from the system if they are not
needed. You can install the localepurge package and configure it so
that only a few selected locales are kept in the system. This will reduce the
disk space consumed at /usr/share/locale.

Temporarily move to another system, or permanently remove, system logs

residing under /var/log/.

Use a temporary /var/cache/apt/archives: You can use a temporary

cache directory from another filesystem (USB storage device, temporary
hard disk, filesystem already in use, ...).

Note

Do not use an NFS mount as the network connection could be

interrupted during the upgrade.

For example, if you have a USB drive mounted on /media/usbkey:

1. remove the packages that have been previously downloaded for

installation:

# apt clean

2. copy the directory /var/cache/apt/archives to the USB drive:

# cp -ax /var/cache/apt/archives /media/usbkey/

3. mount the temporary cache directory on the current one:

# mount --bind /media/usbkey/archives

/var/cache/apt/archives

4. after the upgrade, restore the original /var/cache/apt/archives

directory:

# umount /var/cache/apt/archives
 5. remove the remaining /media/usbkey/archives.

You can create the temporary cache directory on whatever filesystem is

mounted on your system.

Do a minimal upgrade of the system (see Section 4.4.4, “Minimal system

upgrade”) or partial upgrades of the system followed by a full upgrade.
This will make it possible to upgrade the system partially, and allow you to
clean the package cache before the full upgrade.

Note that in order to safely remove packages, it is advisable to switch your APT
source-list files back to buster as described in Section A.2, “Checking your APT
source-list files”.

4.4.4. Minimal system upgrade

Important

If you are upgrading remotely, be aware of Section 5.1.23, “No new

SSH connections possible during upgrade”.

In some cases, doing the full upgrade (as described below) directly might
remove large numbers of packages that you will want to keep. We therefore
recommend a two-part upgrade process: first a minimal upgrade to overcome
these conflicts, then a full upgrade as described in Section 4.4.5, “Upgrading the
system”.

To do this, first run:

# apt upgrade --without-new-pkgs

This has the effect of upgrading those packages which can be upgraded without
requiring any other packages to be removed or installed.

The minimal system upgrade can also be useful when the system is tight on
space and a full upgrade cannot be run due to space constraints.

If the apt-listchanges package is installed, it will (in its default configuration)

show important information about upgraded packages in a pager after
downloading the packages. Press q after reading to exit the pager and continue
the upgrade.

4.4.5. Upgrading the system

Once you have taken the previous steps, you are now ready to continue with the
main part of the upgrade. Execute:

# apt full-upgrade
This will perform a complete upgrade of the system, installing the newest
available versions of all packages, and resolving all possible dependency
changes between packages in different releases. If necessary, it will install some
new packages (usually new library versions, or renamed packages), and
remove any conflicting obsoleted packages.

When upgrading from a set of CDs/DVDs/BDs, you will probably be asked to

insert specific discs at several points during the upgrade. You might have to
insert the same disc multiple times; this is due to inter-related packages that
have been spread out over the discs.

New versions of currently installed packages that cannot be upgraded without

changing the install status of another package will be left at their current version
(displayed as “held back”). This can be resolved by either using aptitude to
choose these packages for installation or by trying apt install package.

4.5. Possible issues during upgrade

The following sections describe known issues that might appear during an
upgrade to bullseye.

4.5.1. Dist-upgrade fails with “Could not perform immediate

configuration”
In some cases the apt full-upgrade step can fail after downloading packages
with:

E: Could not perform immediate configuration on 'package'.

Please see man 5 apt.conf under APT::Immediate-Configure for
details.

If that happens, running apt full-upgrade -o APT::Immediate-Configure=0

instead should allow the upgrade to proceed.

Another possible workaround for this problem is to temporarily add both buster
and bullseye sources to your APT source-list files and run apt update.

4.5.2. Expected removals

The upgrade process to bullseye might ask for the removal of packages on the
system. The precise list of packages will vary depending on the set of packages
that you have installed. These release notes give general advice on these
removals, but if in doubt, it is recommended that you examine the package
removals proposed by each method before proceeding. For more information
about packages obsoleted in bullseye, see Section 4.8, “Obsolete packages”.

4.5.3. Conflicts or Pre-Depends loops

Sometimes it's necessary to enable the APT::Force-LoopBreak option in
APT to be able to temporarily remove an essential package due to a
Conflicts/Pre-Depends loop. apt will alert you of this and abort the upgrade. You
can work around this by specifying the option -o APT::Force-LoopBreak=1
on the apt command line.

It is possible that a system's dependency structure can be so corrupt as to

require manual intervention. Usually this means using apt or

# dpkg --remove package_name

to eliminate some of the offending packages, or

# apt -f install
# dpkg --configure --pending

In extreme cases you might have to force re-installation with a command like

# dpkg --install /path/to/package_name.deb

4.5.4. File conflicts

File conflicts should not occur if you upgrade from a “pure” buster system, but
can occur if you have unofficial backports installed. A file conflict will result in an
error like:

Unpacking <package-foo> (from <package-foo-file>) ...

dpkg: error processing <package-foo> (--install):
trying to overwrite `<some-file-name>',
which is also in package <package-bar>
dpkg-deb: subprocess paste killed by signal (Broken pipe)
Errors were encountered while processing:
<package-foo>

You can try to solve a file conflict by forcibly removing the package mentioned
on the last line of the error message:

# dpkg -r --force-depends package_name

After fixing things up, you should be able to resume the upgrade by repeating
the previously described apt commands.

4.5.5. Configuration changes

During the upgrade, you will be asked questions regarding the configuration or
re-configuration of several packages. When you are asked if any file in the
/etc/init.d directory, or the /etc/manpath.config file should be
replaced by the package maintainer's version, it's usually necessary to answer
“yes” to ensure system consistency. You can always revert to the old versions,
since they will be saved with a .dpkg-old extension.

If you're not sure what to do, write down the name of the package or file and sort
things out at a later time. You can search in the typescript file to review the
information that was on the screen during the upgrade.

4.5.6. Change of session to console

If you are running the upgrade using the system's local console you might find
that at some points during the upgrade the console is shifted over to a different
view and you lose visibility of the upgrade process. For example, this may
happen in systems with a graphical interface when the display manager is
restarted.

To recover the console where the upgrade was running you will have to use
Ctrl+Alt+F1 (if in the graphical startup screen) or Alt+F1 (if in the local text-
mode console) to switch back to the virtual terminal 1. Replace F1 with the
function key with the same number as the virtual terminal the upgrade was
running in. You can also use Alt+Left Arrow or Alt+Right Arrow to switch
between the different text-mode terminals.

4.6. Upgrading your kernel and related packages

This section explains how to upgrade your kernel and identifies potential issues
related to this upgrade. You can either install one of the linux-image-*
packages provided by Debian, or compile a customized kernel from source.

Note that a lot of information in this section is based on the assumption that you
will be using one of the modular Debian kernels, together with initramfs-
tools and udev. If you choose to use a custom kernel that does not require an
initrd or if you use a different initrd generator, some of the information may not
be relevant for you.

4.6.1. Installing a kernel metapackage

When you full-upgrade from buster to bullseye, it is strongly recommended that
you install a linux-image-* metapackage, if you have not done so before. These
metapackages will automatically pull in a newer version of the kernel during
upgrades. You can verify whether you have one installed by running:

# dpkg -l "linux-image*" | grep ^ii | grep -i meta

If you do not see any output, then you will either need to install a new linux-
image package by hand or install a linux-image metapackage. To see a list of
available linux-image metapackages, run:
 # apt-cache search linux-image- | grep -i meta | grep -v
transition

If you are unsure about which package to select, run uname -r and look for a
package with a similar name. For example, if you see “4.9.0-8-amd64”, it is
recommended that you install linux-image-amd64. You may also use apt to
see a long description of each package in order to help choose the best one
available. For example:

# apt show linux-image-amd64

You should then use apt install to install it. Once this new kernel is installed
you should reboot at the next available opportunity to get the benefits provided
by the new kernel version. However, please have a look at Section 5.1.24,
“Things to do post upgrade before rebooting” before performing the first reboot
after the upgrade.

For the more adventurous there is an easy way to compile your own custom
kernel on Debian. Install the kernel sources, provided in the linux-source
package. You can make use of the deb-pkg target available in the sources'
makefile for building a binary package. More information can be found in the
Debian Linux Kernel Handbook, which can also be found as the debian-
kernel-handbook package.

If possible, it is to your advantage to upgrade the kernel package separately

from the main full-upgrade to reduce the chances of a temporarily non-
bootable system. Note that this should only be done after the minimal upgrade
process described in Section 4.4.4, “Minimal system upgrade”.

4.7. Preparing for the next release

After the upgrade there are several things you can do to prepare for the next
release.

Remove newly redundant or obsolete packages as described in

Section 4.4.3, “Make sure you have sufficient space for the upgrade” and
Section 4.8, “Obsolete packages”. You should review which configuration
files they use and consider purging the packages to remove their
configuration files. See also Section 4.7.1, “Purging removed packages”.

4.7.1. Purging removed packages

It is generally advisable to purge removed packages. This is especially true if
these have been removed in an earlier release upgrade (e.g. from the upgrade
to buster) or they were provided by third-party vendors. In particular, old init.d
scripts have been known to cause issues.

Caution
 Purging a package will generally also purge its log files, so you might
want to back them up first.

The following command displays a list of all removed packages that may have
configuration files left on the system (if any):

# dpkg -l | awk '/^rc/ { print $2 }'

The packages can be removed by using apt purge. Assuming you want to
purge all of them in one go, you can use the following command:

# apt purge $(dpkg -l | awk '/^rc/ { print $2 }')

If you use aptitude, you can also use the following alternative to the
commands above:

# aptitude search '~c'

# aptitude purge '~c'

4.8. Obsolete packages

Introducing lots of new packages, bullseye also retires and omits quite a few old
packages that were in buster. It provides no upgrade path for these obsolete
packages. While nothing prevents you from continuing to use an obsolete
package where desired, the Debian project will usually discontinue security
support for it a year after bullseye's release[5], and will not normally provide
other support in the meantime. Replacing them with available alternatives, if any,
is recommended.

There are many reasons why packages might have been removed from the
distribution: they are no longer maintained upstream; there is no longer a
Debian Developer interested in maintaining the packages; the functionality they
provide has been superseded by different software (or a new version); or they
are no longer considered suitable for bullseye due to bugs in them. In the latter
case, packages might still be present in the “unstable” distribution.

Some package management front-ends provide easy ways of finding installed

packages that are no longer available from any known repository. The aptitude
textual user interface lists them in the category “Obsolete and Locally Created
Packages”, and they can be listed and purged from the commandline with:

# aptitude search '~o'

# aptitude purge '~o'
The Debian Bug Tracking System often provides additional information on why
the package was removed. You should review both the archived bug reports for
the package itself and the archived bug reports for the ftp.debian.org pseudo-
package.

For a list of obsolete packages for Bullseye, please refer to Section 5.3.1,
“Noteworthy obsolete packages”.

4.8.1. Transitional dummy packages

Some packages from buster may have been replaced in bullseye by transitional
dummy packages, which are empty placeholders designed to simplify upgrades.
If for instance an application that was formerly a single package has been split
into several, a transitional package may be provided with the same name as the
old package and with appropriate dependencies to cause the new ones to be
installed. After this has happened the redundant dummy package can be safely
removed.

The package descriptions for transitional dummy packages usually indicate their
purpose. However, they are not uniform; in particular, some “dummy” packages
are designed to be kept installed, in order to pull in a full software suite, or track
the current latest version of some program. You might also find deborphan with
the --guess-* options (e.g. --guess-dummy) useful to detect transitional
dummy packages on your system.

[1] If
the debconf priority is set to a very high level you might prevent
configuration prompts, but services that rely on default answers that are not
applicable to your system will fail to start.

[2] Forexample: DNS or DHCP services, especially when there is no

redundancy or failover. In the DHCP case end-users might be disconnected
from the network if the lease time is lower than the time it takes for the upgrade
process to complete.

[3] This
feature can be disabled by adding the parameter panic=0 to your boot
parameters.

[4] Debian's package management system normally does not allow a package to
remove or replace a file owned by another package unless it has been defined
to replace that package.

[5] Orfor as long as there is not another release in that time frame. Typically only
two stable releases are supported at any given time.
Chapter 3. Installation System Chapter 5. Issues to be aware of
for bullseye