Debian Linux 12 Bookworm has been released. As of 23 July 2023, Debian 12.6 point was released on the 29 june 2024.
The new version offers updated packages and five years of support. This page provides a step-by-step guide to updating Debian 11 Bullseye to Debian 12 Bookworm using command-line options, including upgrading all installed packages.
The procedure is as follows:
/etc/apt/sources.list using a text editor and replace each instance of bullseye with bookworm. Next find the update line, replace keyword bullseye-updates with bookworm-updates. Finally, search the security line, replace keyword bullseye-security with bookworm-security.frater@host:~$ sudo apt update
frater@host:~$ sudo apt upgrade --without-new-pkgs
frater@host:~$ sudo apt full-upgrade
Let us see all commands step by step to upgrade Debian 11 Bullseye to Debian 12 Bookworm safely running in the cloud or bare metal environment.
It is essential to complete the backup process to avoid any data loss or installation failure. The responsibility for keeping verified backups lies with the user, as this is a fundamental lesson for sysadmins. The author and nixCraft cannot be held accountable for any issues that arise due to a lack of backup.
Backing up all data and system configurations is extremely important. To do this efficiently, cloud-based virtual machines can be quickly backed up and restored using snapshots. Check os version in Linux using the lsb_release command.
frater@host:~$ lsb_release -a No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 11 (bullseye) Release: 11 Codename: bullseye
Note down the Linux kernel version too. Try the uname command:
frater@host:~$ uname -mrs Linux 5.10.0-23-amd64 x86_64
Also note down the Debian version using the cat command:
frater@host:~$ cat /etc/debian_version 11.7
To make the upgrade safer, you must remove non-Debian packages.
For example, Google Chrome or VirtualBox is a non-Debian package installed using 3rd party repo. Those can create a problem. Here is how to find such pages:
frater@host:~$ sudo apt list '?narrow(?installed, ?not(?origin(Debian)))' frater@host:~$ sudo apt-forktracer | sort
Fortunately, I don’t rely on Google Chrome, VirtualBox, or any third-party applications on Debian.
However, if you use these apps, you should back up your data before upgrading. After upgrading, you can reinstall these packages if the Bookworm release supports them. Also, any package in hold status will create a problem with the upgrade procedure. Therefore, list all packages hold from upgrades using the apt-mark command as follows:
frater@host:~$ sudo apt-mark showhold | more
## OR ##
frater@host:~$ sudo dpkg --get-selections | grep 'hold$' | more
Then you must delete or remove the host status for all listed packages one by one with the help of the following command:
frater@host:~$ sudo apt-mark unhold package_name
## OR ##
frater@host:~$ echo 'package_name install' | sudo dpkg --set-selections
Before you upgrade your Debian version to 12, you must apply all security patches and pending upgrades to Debian 11 itself. Therefore, type the following apt command or apt-get command:
frater@host:~$ sudo apt update Hit:1 http://deb.debian.org/debian bullseye InRelease Get:2 http://deb.debian.org/debian bullseye-updates InRelease [44.1 kB] Hit:3 http://deb.debian.org/debian bullseye-security InRelease [48.4 kB] Fetched 92.4 kB in 2s (138 kB/s) Reading package lists... Done Building dependency tree... Done Reading state information... Done All packages are up to date. frater@host:~$ sudo apt upgrade frater@host:~$ sudo apt full-upgrade
frater@host:~$ sudo apt --purge autoremove
Reboot the Debian 11.x bullseye to apply the kernel and other updates using the “reboot” or “shutdown” command. For instance:
frater@host:~$ sudo systemctl reboot
To begin the upgrade process, it is necessary to reconfigure the source-list files of APT.
You can view the current settings by using the commands cat command or more command. This will display the list of Debian 11 repo URLs.
frater@host:~$ sudo cat /etc/apt/sources.list
deb http://deb.debian.org/debian bullseye main deb http://deb.debian.org/debian bullseye-updates main deb http://deb.debian.org/debian-security/ bullseye-security main
The keyword bullseye indicates we are using an older version, 11. Hence, we must change all the references in this file from bullseye to bookworm using a text editor such as Vim or Nano. For example:
frater@host:~$ sudo cp -v /etc/apt/sources.list /root/sources.list-bakup.11.bullseye frater@host:~$ sudo vim /etc/apt/sources.list
From:
deb http://deb.debian.org/debian bullseye main deb http://deb.debian.org/debian bullseye-updates main deb http://deb.debian.org/debian-security/ bullseye-security main
To:
deb http://deb.debian.org/debian bookworm main deb http://deb.debian.org/debian bookworm-updates main deb http://deb.debian.org/debian-security/ bookworm-security main
Save and close the file. You can also use the sed command to find and replace bullseye with bookworm as follows:
frater@host:~$ sudo sed -i'.bak' 's/bullseye/bookworm/g' /etc/apt/sources.list
If you intend to use Debian 12 on either a desktop or server that requires non-free firmware for hardware such as WiFi, GPU, Sound, Nvida/AMD GPU, NIC and more, it is recommended to include the non-free firmware repository. Below is the updated file /etc/apt/sources.list file.
If you’re unsure about your hardware, I suggest adding those repositories.
deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware deb http://deb.debian.org/debian-security/ bookworm-security main contrib non-free non-free-firmware
Finally, run the following command to get fresh apt repo data:
frater@host:~$ sudo apt update
The system provided the following message:
xxx packages can be upgraded. Run 'apt list --upgradable' to see them.
Therefore, a two-part process is necessary to avoid removing large numbers of packages you want to keep. Therefore, first, run the following command to apply:
frater@host:~$ sudo apt upgrade --without-new-pkgs
To complete the upgrade, please carefully follow the on-screen instructions. You may encounter questions such as “Would you like to restart the service?” or “Keep or erase configuration file options?” throughout the process.
Your system has some services that require a restart when specific libraries like libpam, libc, and libssl are updated.
These restarts might cause service disruptions, so you will usually be asked to choose which services to restart during each upgrade.
However, you can skip this prompt by selecting the “Yes” option. By doing so, all the necessary restarts will occur automatically, and you won’t be bothered with questions during each library upgrade.
Here is another example, about GRUB package. A new version (/tmp/grub.nSxPVErDRh) of the configuration file /etc/default/grub is available, but the version installed currently has been locally modified.
What do you want to do about the modified configuration file grub? Again review all options carefully. I typically chose the “keep the local version currently installed”.
To fully update from Debian 11 to Debian 12, it’s necessary to make complete upgrades, rather than just minimum ones. This step is crucial for the upgrade process. To do this, enter the following command to ensure that the latest versions of all packages are installed and any potential dependencies are resolved.
frater@host:~$ sudo apt full-upgrade
You might encounter more prompts that suggest restarting services or modifying existing configuration options. Make sure to review them carefully. For example, you may have the option to update or retain the OpenSSH configuration file, I've modified my setup (ssh port for example), so I decide to keep my local file.
And you are done with the whole updating procedure. It is time to reboot the Linux system to boot into Debian Linux 12 bookworm. Before we restart the system, ensure there are no errors in the SSHD config file for the remote server:
frater@host:~$ sudo sshd -t
If there are no errors, you can proceed with rebooting the system. However, if there are any errors, it is important to fix them before rebooting. To do so, run:
frater@host:~$ sudo vim /etc/ssh/sshd_config
Verify again:
frater@host:~$ sudo sshd -t
Now reboot it after fixing any errors:
frater@host:~$ sudo systemctl reboot Connection to www.xxx.yyy.zzz closed by remote host. Connection to www.xxx.yyy.zzz closed.
Try running the ping command to get notification when your server comes back online:
frater@local:~$ ping -a www.xxx.yyy.zzz
All done. It is time to confirm the upgrade. Type:
frater@host:~$ uname -mrs Linux 6.1.0-21-amd64 x86_64
frater@host:~$ lsb_release -a No LSB modules are available. Distributor ID: Debian Description: Debian GNU/Linux 12 (bookworm) Release: 12 Codename: bookworm
Check Debian major and minor version too:
frater@host:~$ cat /etc/debian_version 12.5
After the upgrade, look out for all your apps and services. Therefore, verify all TCP/UDP ports are opened and services are running using the tail command or ss command or grep command/egrep command:
frater@host:~$ sudo ss -tulpn frater@host:~$ sudo tail -f /var/log/mail.log # depends on your config frater@host:~$ sudo tail -f /var/log/apache2/access_log # depends on your config
Check for service status
frater@host:~$ sudo systemctl status nginx.service # depends on your config frater@host:~$ sudo systemctl status apache2.service # depends on your config frater@host:~$ sudo systemctl status mariadb.service # depends on your config
Use journalctl to query the contents of the systemd journal
frater@host:~$ sudo journalctl frater@host:~$ sudo journalctl -u sshd.service
Although optional, it is vital to review packages that are no longer needed on your system. Failure to do so may result in the system breaking if the following command is executed.
Finally, clean up outdated packages using the apt command/apt-get command as follows:
frater@local:~$ sudo apt --purge autoremove