Terry Burton wrote: > I've compiled the mysql-4.1 packages from source to enable OpenSSL > support. I understand that I therefore take responsibility for > updating these packages with regard to security issues. > > Firstly, what is the official debian method for holding source > compiled packages back from apt-get upgrades? Is section 2.2.11 of > http://www.debian.org/doc/manuals/reference/ch-system.en.html the > relevant info. echo packagename hold | dpkg --set-selections But even better would be to use an NMU format version. This will make your version later than the one in Debian sarge and there is no need to hold the package. This is preferred because your modified version won't have the same version string while being different. http://www.debian.org/doc/developers-reference/ch-pkgs.en.html#s-nmu-version I advocate putting some identifying string for custom packages. In your case since mysql-client-4.1-4.1.11a-4 is in stable I would name yours mysql-client-4.1-4.1.11a-4.burton.1 or something similar. This is a common and well used scheme. > Secondly, is the package source code obtained from official Debian > security deb-src servers kept up to date in response to security > issues in the same way that binary packages obtained from the same > source? Presumably yes. Yes, if you get it from the security.debian.org site. deb http://security.debian.org/ stable/updates main deb-src http://security.debian.org/ stable/updates main > Finally, is there yet a method of automatically informing Debian to > rebuild packages from source (using a customised user-defined > debian/rules file) so that apt-get upgrade (or similar) will also keep > your source compiled packages up to date? You are probably thinking of something like an autobuilder. They exist but are rather complicated to configure and maintainer. But you can get almost the same effect for single packages. fakeroot apt-get source -b packname See also the apt-src package. It may be just what you are looking for. Bob
Attachment:
signature.asc
Description: Digital signature