On Tue, 2019-09-24 at 22:06 +0000, Matt Bearup wrote: [...] > 5. From looking at the official metadata for buster and buster- > updates, it seems like the convention is to *remove* the old package > versions. And indeed, doing this in our repo caused debootstrap to > fetch our new package versions and run successfully. The Packages file for a given Debian suite and architecture usually only has one entry for a given name. I believe this is always the case for stable suites. It is certainly *not* true for unstable or for security suites. As I understand it, the FTP team must invoke a "decruft" process to remove old versions periodically: https://nthykier.wordpress.com/2015/06/22/introducing-dak-auto-decruft/ > So my questions... > 1. Is it intended that debootstrap only grabs the first package > version it finds, then neglects to fetch the newer version if it's > needed for a pre-dependency? Is it worth scraping the rest of the > metadata for newer package versions? This was probably intentional, as it is simple to implement and normally works. Perhaps taking the last package version would be better, but I don't know if it is safe to assume that packages will be sorted in version order. > 2. I'm fairly certain I've installed "old" package versions before > (e.g. apt install foo=n-1). Are the conditions for old packages being > removed or retained described anywhere? Looking at the > PointReleaseChecklist ( > https://wiki.debian.org/Teams/ReleaseTeam/PointReleaseCheckList) and > bullet #5 above it looks like old packages do in fact get removed, > but are there situations where they are retained? If you're referring to "List of packages … that need to be removed", that actually means completely removing packages which are very buggy, not just removing old versions. Old versions may still be available in a different suite that you have as an APT source, or might not have been decrufted yet. Ben. -- Ben Hutchings Reality is just a crutch for people who can't handle science fiction.
Attachment:
signature.asc
Description: This is a digitally signed message part