$ Linux One Liners
Back to commands

Cybersecurity Triage

Dry run / preview

Preview Security Impact of dist-upgrade

A regular upgrade leaves packages behind and you need to preview the broader resolver plan without installing it.

Command

apt-get -s dist-upgrade | awk '/^Inst/ {print}'

Before you run this

System impact: Preview only. Still verify source and destination paths before running the real command.

When not to use it: Do not run the real dist-upgrade casually; review removals, new packages, and service impact first.

Expected output

Inst rows showing the broader package resolver plan, including security-origin kernel or library updates.

System impact

Dry run / preview. Nothing changes. apt-get simulates dist-upgrade and awk lists proposed package installations or upgrades.

Recovery / rollback: no state is changed.

When to use it

Use when kernel, libc, or dependency-chain security fixes are kept back by the normal upgrade path.

When not to use it

Do not run the real dist-upgrade casually; review removals, new packages, and service impact first.

Watch this command run

Command transcript

This sanitized transcript shows the commands and output shape without exposing host details.

demo@lab:~$

$ apt-get -s dist-upgrade

Reading package lists... Done
Building dependency tree... Done
Calculating upgrade... Done
The following NEW packages will be installed:
  linux-image-6.8.0-63-generic
The following packages will be upgraded:
  libc6 linux-image-generic openssl
3 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Inst libc6 [2.39-0ubuntu8.4] (2.39-0ubuntu8.5 Ubuntu:24.04/noble-security [amd64])
Inst linux-image-6.8.0-63-generic (6.8.0-63.66 Ubuntu:24.04/noble-security [amd64])
Inst linux-image-generic [6.8.0-60.63] (6.8.0-63.66 Ubuntu:24.04/noble-security [amd64])
Inst openssl [3.0.13-0ubuntu3.5] (3.0.13-0ubuntu3.6 Ubuntu:24.04/noble-security [amd64])

$ apt-get -s dist-upgrade | awk '/^Inst/ {print}'

Inst libc6 [2.39-0ubuntu8.4] (2.39-0ubuntu8.5 Ubuntu:24.04/noble-security [amd64])
Inst linux-image-6.8.0-63-generic (6.8.0-63.66 Ubuntu:24.04/noble-security [amd64])
Inst linux-image-generic [6.8.0-60.63] (6.8.0-63.66 Ubuntu:24.04/noble-security [amd64])
Inst openssl [3.0.13-0ubuntu3.5] (3.0.13-0ubuntu3.6 Ubuntu:24.04/noble-security [amd64])
View commands shown

These are the commands shown in the sanitized transcript.

Commands shown

  1. apt-get -s dist-upgrade
  2. apt-get -s dist-upgrade | awk '/^Inst/ {print}'

next steps

Related commands

Cybersecurity Triage Dry run

Simulate Security Package Upgrades

Security patch triage starts by seeing what apt would change, without changing it.

apt-get -s upgrade | awk '/^Inst/ && /security/ {print}'
Cybersecurity Triage Read-only

Build a Recent Apt Patch Timeline

Apt history turns patch claims into timestamps and package names.

awk '/^(Start-Date|Commandline|Upgrade|End-Date)/ {print}' /var/log/apt/history.log
Cybersecurity Triage Sensitive output

Find SSH Key Users with sudo

The highest-priority access review starts where SSH keys and sudo overlap.

comm -12 <(find fixtures/user-access-audit/home -path '*/.ssh/authorized_keys' -printf '%h\n' | awk -F/ '{print $(NF-1)}' | sort) <(awk -F: '$1=="sudo" {gsub(",","\n",$4); print $4}' fixtures/user-access-audit/etc/group | sort)
Study mapping

Use this as independent command practice: read the notes, predict the output, then compare it with the example before using a real shell.

  • lpic1:102-package-management
  • lpic1:103-gnu-unix-commands
  • lpic1:110-security
  • lfcs:essential-commands
  • lfcs:operations-deployment
  • lfcs:security-hygiene
  • linuxplus:automation-scripting
  • linuxplus:provisional
  • linuxplus:system-management
  • risk:read-only

Useful for

  • LPIC-1 style command-line practice
  • LFCS style performance tasks
  • Linux+ style troubleshooting review

Independent study support only. No affiliation, endorsement, exam dumps, or real exam questions.