Re: Usefulness of adding APT::Default-Release
On Fri 10 May 2019 at 20:14:20 (+0200), Sven Joachim wrote:
> On 2019-05-08 13:14 -0500, David Wright wrote:
>
> > I'm trying to ascertain what APT::Default-Release can do for me,
> > and what it constrains. In the output that follows, why does
> > APT::Default-Release prevent firefox from being upgraded?
>
> Because stretch-updates ≢ stretch, see bug #173215[1] (with
> -proposed-updates rather than -updates).
Thanks for the reply. (I had just pointed out elsewhere that no answer
had been forthcoming, so you've made a liar of me!)
Perhaps a note to that effect might have been added to man apt.conf
which was written (or revised) 14 years after the bug surfaced.
Does this mean APT::Default-Release is a security risk, or is
the behaviour of stretch/updates different from that of
stretch-updates because of the slash? (I don't find the deb lines
in sources.list easy to parse as a human.)
> > I comment out the APT::Default-Release line and repeat after the
> > ##########. The necessary packages are in apt-cacher-ng's cache
> > all the time.
> >
> > # cat /etc/apt/apt.conf
> > # Fetch updates through apt-cacher-ng.
> > Acquire::http::Proxy "http://192.168.1.17:3142/";
> > APT::Default-Release "stretch";
> > #
> >
> > # apt-cache policy firefox-esr
> > firefox-esr:
> > Installed: 60.6.1esr-1~deb9u1
> > Candidate: 60.6.1esr-1~deb9u1
> > Version table:
> > 60.6.2esr-1~deb9u1 500
> > 500 http://ftp.us.debian.org/debian stretch-updates/main amd64 Packages
> > *** 60.6.1esr-1~deb9u1 990
> > 990 http://ftp.us.debian.org/debian stretch/main amd64 Packages
> > 990 http://security.debian.org/debian-security stretch/updates/main amd64 Packages
> > 100 /var/lib/dpkg/status
>
>
> You can work around that via preferences, e.g.
>
> Package: *
> Pin: release n=stretch-updates
> Pin-Priority: 990
>
> to give each package in stretch-updates the same priority as you get for
> stretch via APT::Default-Release. See apt_preferences(5).
I'll try that out; this new FF release is a useful test case. Thanks.
Cheers,
David.
Reply to: