Is it safe to update system packages using an operating system package manager?

Created:

2016-11-16 12:48:50 UTC

Modified:

2017-08-16 16:49:07 UTC

3

Was this article helpful?


Have more questions?

Submit a request

Is it safe to update system packages using an operating system package manager?

Applicable to:

  • Plesk 12.5 for Linux
  • Plesk Onyx for Linux
  • Plesk 11.x for Linux
  • Plesk 12.0 for Linux
  • Plesk 12.5 for Windows

Resolution

Yes, it is safe, and moreover, we recommend using package managers (for example, "yum" on RedHat-based systems, or "apt-get" on Debian-based systems) to keep the system up-to-date.

However, some packages may conflict with Plesk or another software. These packages can be added to a skip list. The recommended settings are:

  • for up2date , add to /etc/sysconfig/rhn/up2date :

     pkgSkipList=kernel*;sendmail;bind-chroot;caching-nameserver;
  • for yum , add to /etc/yum.conf :

     exclude=kernel* sendmail bind-chroot caching-nameserver
  • for apt-get , execute with:

    sudo apt-mark hold <package>

    or, using dpkg

    echo <package> hold | sudo dpkg --set-selections

To find out which actions should be taken after an Apache upgrade on a Plesk system, see the following KB article:

#213411089 Is it possible to upgrade Apache to the latest version from an OS update?

If Plesk is installed inside a container, the kernel updates are not necessary - the kernel should be upgraded from the Hardware Node.
If Plesk is installed on a hardware server, the kernel updates are recommended if there are only vendor's repositories configured. Otherwise, if the custom repositories provide new kernels, it is better to have the kernel manually updated from the vendor's repository. The reason is simple: major troubles are caused by kernels with GRSecurity patches applied. Plesk is not designed for working with such configurations.

Have more questions? Submit a request
Please sign in to leave a comment.