But most people, upon trying to actually set up pinning, get lost in the elaborate documentation and end up deciding maybe they don't really need it after all.
For years, I've been avoiding needing to learn pinning because of a wonderful LinuxChix Techtalk posting from Hamster years ago on easier method of pinning releases Basically, you add a line like:
APT::Default-Release "hardy";to your /etc/apt/apt.conf (creating it if it doesn't already exist). Then when you need to pull something from the newer repository you pull with
apt-get install -t hardy-backports packagename.
That's generally worked for me, until yesterday when I tried to pull a -dev package and found out it was incompatible with the library package I already had installed. It turned out that the lib package came from hardy-security, which is considered a different archive from hardy, so my Default-Release didn't apply to security updates (or bugfixes, which come from hardy-updates).
You can apparently only have one Default-Release. Since Ubuntu uses three different archives for hardy the only way to handle it is pinning. Pinning is documented in the man page apt_preferences(5) -- which is a perfect example of a well intentioned geek-written Unix man page. There's tons of information there -- someone went to a lot of work, bless their heart, to document exactly what happens and why, down to the algorithms used to decide priorities -- but straightforward "type X to achieve effect Y" examples are lost in the noise. If you want to figure out how to actually set this up on your own system, expect to spend a long time going back and forward and back and forward in the man page correlating bits from different sections.
Ubuntu guru Mackenzie Morgan was nice enough to help me out, and with her help I got the problem fixed pretty quickly. Here's the quick recipe:
First, remove the Default-Release thing from apt.conf.
Next, create /etc/apt/preferences and put this in it:
Package: * Pin: release a=hardy-security Pin-Priority: 950 Package: * Pin: release a=hardy-updates Pin-Priority: 940 Package: * Pin: release a=hardy Pin-Priority: 900 # Pin backports negative so it'll never try to auto-upgrade Package: * Pin: release a=hardy-backports Pin-Priority: -1
Here's what it means:
a= means archive, though it's apparently not really needed.
The hardy-security archive has the highest priority, 950. hardy-updates is right behind it with 940 (actually, setting these equal might be smarter but I'm not sure it matters).
hardy, which apparently is just the software initially installed, is lower priority so it won't override the other two.
Finally, hardy-backports has a negative priority so that apt will never try to upgrade automatically from it; it'll only grab things from there if I specify apt-get install -t hardy-backports.
You can put comments (with #) in /etc/apt/preferences but not in apt.conf -- they're a syntax error there (so don't bother trying to comment out that Default-Release line).
And while you're editing apt.conf, a useful thing to put there is:
APT::Install-Recommends "false"; APT::Install-Suggests "false";which prevents apt from automatically installing recommended or suggested packages. Aptitude will still install the recommends and suggests; it's supposed to be configurable in aptitude as well, but turning it off never worked for me, so mostly I just stick to apt-get.
[ 20:19 Mar 01, 2009 More linux/install | permalink to this entry ]