[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [apt] Disabling upgrade to insecure packages

On Sun, 12 Jan 2003 11:12:40 +0100, Vincent Lefevre <vincent@vinc17.org> wrote:
> On Sun, Jan 12, 2003 at 06:05:47 +0000, Faheem Mitha wrote:
>> On Fri, 10 Jan 2003 19:04:37 +0100, Vincent Lefevre <vincent@vinc17.org> wrote:
>> > Well, if one could put on hold a particular version of a package
>> > (given by the user), it would be better than nothing. Is there a
>> > way to do this?
>> 
>> Of course. Just put in an entry in /etc/apt/preferences with
>> sufficiently high pin number. Eg. I've put all my X packages on hold
>> because I am running testing but have problems with 4.2. So I have
>> 
>> Package: xfree86-common
>> Pin: version 4.1.0-16
>> Pin-Priority: 1001
>> 
>> etc. etc. See also apt_preferences. HTH.          Faheem.
> 
> No, this won't work. This would put on hold *any* version after
> 4.1.0-16. This is not a particular version.

Really? This is not what the apt_preferences man page says. In
particular

"Each package may be pinned to a specific version and each Packages
file has a priority for every package inside. The highest priority
assigned to a package is the one that is used."
 
I admit I haven't looked at the source code, so I don't know how this
is implemented, but it seems clear to me. Also, this is not just
theoretical. I have a bunch of X 4.1 packages installed, and the lines
in the apt preferences file prevent them from being upgraded to the
more recent 4.2 version. I thought this is what you were
after. Correct me if I was mistaken. 

See also that I can't upgrade to 4.2 (which is in testing) or any more
recent version even if I try.

Chrestomanci:/home/faheem# dpkg -l xfree86-common
[...]
||/ Name                       Version                    Description
+++-==========================-==========================-===========
pi  xfree86-common             4.1.0-16                   X Window
System (XFree86) infrastructure

Chrestomanci:/home/faheem# apt-get install xfree86-common
Reading Package Lists... Done
Building Dependency Tree... Done
Sorry, xfree86-common is already the newest version.
0 packages upgraded, 0 newly installed, 0 to remove and 0  not
upgraded.

Chrestomanci:/home/faheem# apt-get install -t unstable xfree86-common
Reading Package Lists... Done
Building Dependency Tree... Done
Sorry, xfree86-common is already the newest version.
0 packages upgraded, 0 newly installed, 0 to remove and 357  not upgraded.

> I would like something like the opposite: give a low score to some
> version, but I don't know how to do this, because the generic rules
> seem to take the precedence in this case.

But the other versions would by default have lower scores, so would
not be installed in favour of your pinned version. The version
installed is always the version with the highest pin number. Note that
1000 is the downgrade prevention barrier, so with the above Pin even
more recent versions should be removed in favour of the pinned
version.

If I am missing something, let me know what it is. In any case,
perhaps you could just try it and see if it works.

                                               Faheem.
Reply to: