The Debian security team provides regular security fixes in a dedicated software repository. It is enabled by default. This guide move the security repository configuration from APT main repository configuration to a satellite file.

This howto is tested on:

  • Debian 10.0 Buster


Detect if sudo is available (“command” is used if not):

command type -f 'sudo' &>'/dev/null' && cmdProxy='sudo'

Install the required software:

${cmdProxy} apt install 'lsb-release'

Detect the distribution version name:

debianVersion="$(command lsb_release -cs)"

Copy the security repository configuration to a satellite file:

if [ ! -e '/etc/apt/sources.list.d/security.list' ]; then
    ${cmdProxy} tee '/etc/apt/sources.list.d/security.list' \
        <<< "#  Security updates"
    command grep -e '^deb.*security\.debian' '/etc/apt/sources.list' \
        | ${cmdProxy} tee -a tee '/etc/apt/sources.list.d/security.list'

Disable the security repository configuration in the main sources.list file:

[ -e '/etc/apt/sources.list.d/security.list' ] \
  && ${cmdProxy} sed -i -e 's/^deb.*security\.debian/# &/' '/etc/apt/sources.list'

Update the list of available packages:

${cmdProxy} apt update


Categories: Software


Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.