Re: Holding packages compiled from source back from updates
Thanks Bob.
apt-src with the patch option appears to completely satisfy my requirements
Tez
.
On 28/06/05, Bob Proulx <bob@proulx.com> wrote:
> Terry Burton wrote:
> > I've compiled the mysql-4.1 packages from source to enable OpenSSL
> > support. I understand that I therefore take responsibility for
> > updating these packages with regard to security issues.
> >
> > Firstly, what is the official debian method for holding source
> > compiled packages back from apt-get upgrades? Is section 2.2.11 of
> > http://www.debian.org/doc/manuals/reference/ch-system.en.html the
> > relevant info.
>
> echo packagename hold | dpkg --set-selections
>
> But even better would be to use an NMU format version. This will make
> your version later than the one in Debian sarge and there is no need
> to hold the package. This is preferred because your modified version
> won't have the same version string while being different.
>
> http://www.debian.org/doc/developers-reference/ch-pkgs.en.html#s-nmu-version
>
> I advocate putting some identifying string for custom packages. In
> your case since mysql-client-4.1-4.1.11a-4 is in stable I would name
> yours mysql-client-4.1-4.1.11a-4.burton.1 or something similar. This
> is a common and well used scheme.
>
> > Secondly, is the package source code obtained from official Debian
> > security deb-src servers kept up to date in response to security
> > issues in the same way that binary packages obtained from the same
> > source? Presumably yes.
>
> Yes, if you get it from the security.debian.org site.
>
> deb http://security.debian.org/ stable/updates main
> deb-src http://security.debian.org/ stable/updates main
>
> > Finally, is there yet a method of automatically informing Debian to
> > rebuild packages from source (using a customised user-defined
> > debian/rules file) so that apt-get upgrade (or similar) will also keep
> > your source compiled packages up to date?
>
> You are probably thinking of something like an autobuilder. They
> exist but are rather complicated to configure and maintainer. But you
> can get almost the same effect for single packages.
>
> fakeroot apt-get source -b packname
>
> See also the apt-src package. It may be just what you are looking
> for.
>
> Bob
>
>
> BodyID:4345708694.2.n.logpart (stored separately)
>
>
Reply to: