Cybersecurity Triage
Risk: safePreview Security Impact of dist-upgrade
A regular upgrade leaves packages behind and you need to preview the broader resolver plan without installing it.
Command
apt-get -s dist-upgrade | awk '/^Inst/ {print}'Before you run this
Risk: safe. Do not run the real dist-upgrade casually; review removals, new packages, and service impact first.
Expected output
Inst rows showing the broader package resolver plan, including security-origin kernel or library updates.
System impact
Nothing changes. apt-get simulates dist-upgrade and awk lists proposed package installations or upgrades.
Recovery / rollback: no state is changed.
When to use it
Use when kernel, libc, or dependency-chain security fixes are kept back by the normal upgrade path.
When not to use it
Do not run the real dist-upgrade casually; review removals, new packages, and service impact first.
Watch this command run
Example output from a temporary Linux lab
This example uses disposable sample files and sanitized output so you can inspect the shape of the result before touching a real system.
$ apt-get -s dist-upgrade
Reading package lists... Done
Building dependency tree... Done
Calculating upgrade... Done
The following NEW packages will be installed:
linux-image-6.8.0-63-generic
The following packages will be upgraded:
libc6 linux-image-generic openssl
3 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Inst libc6 [2.39-0ubuntu8.4] (2.39-0ubuntu8.5 Ubuntu:24.04/noble-security [amd64])
Inst linux-image-6.8.0-63-generic (6.8.0-63.66 Ubuntu:24.04/noble-security [amd64])
Inst linux-image-generic [6.8.0-60.63] (6.8.0-63.66 Ubuntu:24.04/noble-security [amd64])
Inst openssl [3.0.13-0ubuntu3.5] (3.0.13-0ubuntu3.6 Ubuntu:24.04/noble-security [amd64])$ apt-get -s dist-upgrade | awk '/^Inst/ {print}'
Inst libc6 [2.39-0ubuntu8.4] (2.39-0ubuntu8.5 Ubuntu:24.04/noble-security [amd64])
Inst linux-image-6.8.0-63-generic (6.8.0-63.66 Ubuntu:24.04/noble-security [amd64])
Inst linux-image-generic [6.8.0-60.63] (6.8.0-63.66 Ubuntu:24.04/noble-security [amd64])
Inst openssl [3.0.13-0ubuntu3.5] (3.0.13-0ubuntu3.6 Ubuntu:24.04/noble-security [amd64])View reproducible demo details
This page shows the sanitized shell transcript and the setup steps needed to reproduce the example.
Lab setup steps
apt-get -s dist-upgradeapt-get -s dist-upgrade | awk '/^Inst/ {print}'
next steps
Related commands
Simulate Security Package Upgrades
Security patch triage starts by seeing what apt would change, without changing it.
apt-get -s upgrade | awk '/^Inst/ && /security/ {print}'
Review Kept-Back Packages Before Patching
Kept-back packages are where simple upgrade plans stop being simple.
apt-get -s upgrade | sed -n '/kept back:/,/^Inst/p'
Build a Recent Apt Patch Timeline
Apt history turns patch claims into timestamps and package names.
awk '/^(Start-Date|Commandline|Upgrade|End-Date)/ {print}' /var/log/apt/history.log
Check Whether Databases Listen Publicly
The fastest database security check is the listening address.
ss -ltnp | awk '$4 ~ /:(5432|3306)$/ {print}'
Find SSH Key Users with sudo
The highest-priority access review starts where SSH keys and sudo overlap.
comm -12 <(find fixtures/user-access-audit/home -path '*/.ssh/authorized_keys' -printf '%h\n' | awk -F/ '{print $(NF-1)}' | sort) <(awk -F: '$1=="sudo" {gsub(",","\n",$4); print $4}' fixtures/user-access-audit/etc/group | sort)
Study mapping
Use this as independent command practice: read the notes, predict the output, then compare it with the example before using a real shell.
Useful for
- LPIC-1 style command-line practice
- LFCS style performance tasks
- Linux+ style troubleshooting review
Independent study support only. No affiliation, endorsement, exam dumps, or real exam questions.