Hello,
I’m looking how to UPDATE only all packages but without UPGRADE any package. Explanations:
I’m for the Debian world, and as far as I remember, when you update your distro you only install security and bugfix patches but always keep the same software versions. I’m looking how to do the same thing with openSUSE…
Thanks for info
K.
This is normal for Leap systems. Updating only updates – it does not upgrade.
However, some versions will still change. For example, the Mozilla people stop supporting a particular version after a while, so we get a newer version. Whether a change is called an update or a new version is somewhat arbitrary.
For Tumbleweed – every update is an upgrade.
For Leap – updates are just updates, and an upgrade means a newer release.
The closest command I’ve found looks to be : ‘zypper patch --category security --with-interactive --with-optional’
You should stick to a simple zypper update
for Leap as this is the best way to go…
But you can also read a little bit in the official docs:
I’m currently looking into the extent to which SUSE could be implemented in the company I work for. One of the things I have to do is make sure that the update policy has as little impact as possible on the development environment. If a patch upgrades a library, it can cause an internal application to malfunction. That’s why I’m trying to understand how I can obtain a properly secure system with the minimum influence on the applications running on it. Knowing, of course, that it has to pass security audits.
At the moment, I’ m looking how to apply ALL but ONLY security patches. That’s why I think that ‘zypper patch -g security --with-interactive --with-optional’ seems to meet my needs…
Please be aware that not many will ever have used this combination of options. Thus any answer will be based on reading the man page or other documentation and not on experience.
Security patches are never optional. So --with-optional
directly contradicts your goal.
Thanks. Sounds logical indeed.
BUT, I saw a different result with or without this option… like “skipping patch” but not skipped with ‘–with-optional’, despite the fact of ‘-g security’. How can you explain that ?
for info, ‘–with-optional’ check the “Status” column of a patch (not the “Category” column) as well as ‘–with-interactive’ check the "Interactive"column.
‘zypper list-patches’ will show you what I mean. An example of ‘–with-optional’ is the openSUSE-SLE-15.5-2023-3413 patch → category = feature, status = optional. That’s why I include ‘–with-optional’ because it’s not category related…