Hi Justin, all, On 10-08-2021 14:29, Justin B Rye wrote: > (I'm assuming APT::Default-Release users will be aware they're doing > it, presumably because they've got sources defined for more than one > release and need to specify which one is "primary") I'm assuming the same. > Do we need to mention fnmatch patterns (AKA globs) when the example > doesn't use them? I guess not. We don't need to write APT's documentation here. Do you agree with the attached patch? Paul
From ff677aa0be71b9a27d4d6d343f9ed1b14bcc086f Mon Sep 17 00:00:00 2001
From: Paul Gevers <elbrus@debian.org>
Date: Tue, 10 Aug 2021 13:03:30 +0200
Subject: [PATCH] issues.dbk: security archive requires update to pinning and
Default-Release
Closes: #992051
---
en/issues.dbk | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/en/issues.dbk b/en/issues.dbk
index 1fbba7a3..d3321953 100644
--- a/en/issues.dbk
+++ b/en/issues.dbk
@@ -81,6 +81,17 @@
The security line in your APT configuration may look like:
<programlisting>deb https://deb.debian.org/debian-security bullseye-security main contrib</programlisting>
</para>
+ <para>
+ If your APT configuration also involves pinning or
+ <literal>APT::Default-Release</literal>, it is likely to
+ require adjustments as the codename of the security archive no
+ longer matches that of the regular archive. An example of a
+ working <literal>APT::Default-Release</literal> line for
+ bullseye looks like:
+ <programlisting>APT::Default-Release "/^bullseye(|-security|-upgrades)$/";</programlisting>
+ which takes advantage of the undocumented feature of APT that
+ it supports regular expressions (inside <literal>/</literal>).
+ </para>
</section>
<section id="pam-default-password">
--
2.30.2
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature