In the standard case, the appliance retrieves its updates from a download server of the maintainers. An update key is used to authenticate the appliance when requesting an update. This case is described here. If the appliance was installed with the Offline Installer, this is also the case. But it is possible to install additional software or updates with an offline installer CD.
For this update procedure the appliance needs to access the internet.
If you are running a virtual appliance, the updates are based on the serial number, you entered during installation.
14.1. Automatic Scheduled Updates¶
In the appliance dashboard (https:<LINOTP>:8443) on the tab
Updates you can specify when the system should look for updates automatically
and if it should reboot when the kernel was updated. As kernel updates can
happen every time, you can also configure to boot the machine automatically on
certain days of the week.
14.2. Manual Updates¶
Alternatively the update can be performed manually e.g. during a maintenance window.
Connect to the SVA via SSH/putty
Perform update via the command
Please empty the browser cache after the update (e.g. via CTRL+F5). Otherwise strange effects can occur (like missing options) due to the aggressive caching mechanism of recent browser.
We recommend to perform updates on a regular base in order to keep the operating system secure and to benefit from newer versions of LinOTP and the appliance itself.
14.3. Update the Appliance from offline installer¶
You have a newer offline installer to update, then use it. You can request the download link to the latest offline installer from your support if the old link no longer works. If there is no internet access, even through a proxy, this method can be used.
If the Offline Installer is the only usable installation source, all existing online installation sources are commented out first.
Adjusting the installation sources
Log in to the SVA via ssh/putty and use the ‘unsupported’ mode
Use the command ‘apt edit-sources’ to comment out the online sources
#deb http://linotp-appliance.lsexperts.de/f1c0f...722e6/debian jessie main #deb http://linotp-appliance.lsexperts.de/f1c0f...722e6/linotp jessie linotp appliance #deb http://linotp-appliance.lsexperts.de/f1c0f...722e6/debian-security jessie/updates main #deb http://linotp-appliance.lsexperts.de/f1c0f...722e6/debian jessie-updates main
Adding the offline repository
Insert the image of the just downloaded offline installer into the virtual drive of the VM.
If not already done. Log in to the SVA via ssh/putty and use the ‘unsupported’ mode
Use the command ‘apt-cdrom -a add’ to add the offline installer as a repository
apt-cdrom -a add Using CD-ROM mount point /media/cdrom/ Unmounting CD-ROM... Waiting for disc... Please insert a Disc in the drive and press enter Mounting CD-ROM... Identifying... [feeabbafc734cb7fed8431e778706801-2] Scanning disc for index files... Found 1 package indexes, 0 source indexes, 0 translation indexes and 0 signatures This disc is called: 'Debian GNU/Linux 10.Y _Buster_ - amd64 CD Binary-1 20170307-16:48' Reading Package Indexes... Done Writing new source list Source list entries for this disc are: deb cdrom:[Debian GNU/Linux 8.5 _Jessie_ - amd64 CD Binary-1 20170307-16:48]/ jessie main Unmounting CD-ROM... Repeat this process for the rest of the CDs in your set.
Performing the update
Use the command ‘apt-get update && apt-get -y dist-upgrade’ to update from offline installer
In special cases, you do not want to update certain packages first. You can user ‘apt-mark hold packetname’. Do not forget afterwards ‘apt-mark unhold packetname’