Skip to content

How to upgrade a server


Before an upgrade can be performed, the current OS needs to be brought up to date, and some dependencies need to be installed.

Bring all packages up to date

Upgrade all packages on the server:

sudo apt-get update
sudo apt-get dist-upgrade
sudo apt-get autoremove

Install dependencies

Next, ensure that the upgrade services themselves are installed, and screen:

sudo apt-get install update-manager-core screen

Configure apt and dpkg

In order to ensure that the the upgrade is non-interactive, we need to configure apt and dpkg to always keep the old configuration of any package it updates. Normally, every time that dpkg installs a new configuration file that has been modified, it will stop the upgrade and ask you whether you want to keep your modified configuration or replace it with one from the package maintainer. For upgrading a headless server, we want to ensure that the upgrade does not depend on any human interaction, in case the ssh connection with the server drops during the upgrade process. We need to make use of the following dpkg settings:

  • --force-confold which means do not modify the current configuration file, the new version of the file will be written to disk with a .dpkg-dist file extension. With this option alone, even configuration files that you have not modified are left untouched, but if you combine it with --force-confdef then dpkg will overwrite configuration files that have not been modified.
  • --force-confdef which means ask dpkg to decide alone when it can safely replace an unmodified configuration file, and prompt otherwise. This is default behaviour.

See the dpkg manpage for more details.

To make these settings permanent, open /etc/apt/apt.conf.d/local in a text editor, and add the following text (if it isn't already there):

Dpkg::Options {


Just in case the Linux kernel has been replaced since the last reboot, reboot now:

sudo reboot


Run the upgrade task itself:

sudo do-release-upgrade -f DistUpgradeViewNonInteractive

Once the upgrade has finished, check that you have a new Ubuntu version:

lsb_release -a

and ensure that the following packages are installed:

sudo apt-get install sssd-dbus libsss-simpleifp0


If you miss this step, the VM may not come back up after a reboot.


Once the upgrade has finished and you have run sudo apt-get install sssd-dbus libsss-simpleifp0 reboot with:

sudo reboot


Once you have completed the upgrade and checked that the machine is sending date to our Nagios server make sure you update the Server Map. You will need to check that all the columns for the server are up to date.


Since you are upgrading over ssh, do-release-upgrade will automatically start a screen session, in case your ssh connection drops. Because you are running the upgrade task non-interactively, you will not see the notice that is normally printed to the terminal, which is:

... an additional SSH daemon will be started at port

If your connection does drop out, try connecting again (using the alternative port, if necessary) and run screen -r to re-attached to the session.

Further reading