Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Howto: Set up and Maintain a Mixed Testing/Unstable System

Share your HowTo, Documentation, Tips and Tricks. Not for support questions!.
Post Reply
Message
Author
User avatar
Telemachus
Posts: 4574
Joined: 2006-12-25 15:53
Been thanked: 2 times

#16 Post by Telemachus »

Pobega wrote:Why is it that whenever I upgrade Apt begins downloading unstable packages?
Are the packages that aptitude is trying to install dependencies of packages that you have manually installed from unstable? Also, am I crazy or is the dpkg in unstable the same as the one you got from testing (both 1.14.4?)?

Edit: yup, check here: http://packages.debian.org/cgi-bin/sear ... words=dpkg
The versions seem to be the same. In such a case if you install the one called unstable, I have no idea how that affects future upgrades (assuming you have set up apt-preferences and pinning). Weird wrinkle.

User avatar
Pobega
Posts: 833
Joined: 2007-01-04 04:30
Location: New York

#17 Post by Pobega »

Telemachus wrote:
Pobega wrote:Why is it that whenever I upgrade Apt begins downloading unstable packages?
Are the packages that aptitude is trying to install dependencies of packages that you have manually installed from unstable? Also, am I crazy or is the dpkg in unstable the same as the one you got from testing (both 1.14.4?)?

Edit: yup, check here: http://packages.debian.org/cgi-bin/sear ... words=dpkg
The versions seem to be the same. In such a case if you install the one called unstable, I have no idea how that affects future upgrades (assuming you have set up apt-preferences and pinning). Weird wrinkle.
Yeah, they're upgrading to the same version, but it's downloading the deb from unstable which isn't what I want. And I'm not even sure how it handles something that is a higher version in unstable, I'd assume that it automatically downloads unstable's version.
Jabber: pobega@gmail.com
Pronunciation: Poh - Bay - Guh

User avatar
diego1116
Posts: 352
Joined: 2007-03-28 17:49
Location: Santa Maria, RS, Brazil

#18 Post by diego1116 »

Pobega wrote:Yeah, they're upgrading to the same version, but it's downloading the deb from unstable which isn't what I want. And I'm not even sure how it handles something that is a higher version in unstable, I'd assume that it automatically downloads unstable's version.
I think aptitude shows "unstable" only because the packages are exactly the same version. Try to "aptitude --simulate install packagename" for a package that has a higher version in unstable to see what will happen.

Edit: Oops... I didn't read right. You're talking about upgrade, not installation :oops:.

But now I tested to see if it would download from unstable or testing:

Code: Select all

enterprise:/home/diego1116# apt-cache policy login
login:
  Installed: 1:4.0.18.1-7
  Candidate: 1:4.0.18.1-9
  Version table:
     1:4.0.18.1-9 0
        990 http://ftp.debian.org testing/main Packages
        300 http://http.us.debian.org unstable/main Packages
 *** 1:4.0.18.1-7 0
        100 /var/lib/dpkg/status
enterprise:/home/diego1116# aptitude install login
Reading package lists... Done
Building dependency tree... Done
Reading extended state information
Initializing package states... Done
Reading task descriptions... Done
Building tag database... Done
The following packages have been kept back:
  libasyncns0 libbluetooth2 libgnomevfs2-0 libgnomevfs2-bin
  libgnomevfs2-common libgnomevfs2-dev libgnomevfs2-extra libselinux1
  libsemanage1 p7zip p7zip-full passwd policycoreutils python-selinux
  python-semanage selinux-policy-refpolicy-targeted
The following packages will be upgraded:
  login
1 packages upgraded, 0 newly installed, 0 to remove and 16 not upgraded.
Need to get 791kB of archives. After unpacking 0B will be used.
Do you want to continue? [Y/n/?] y
Writing extended state information... Done
Get:1 http://ftp.debian.org testing/main login 1:4.0.18.1-9 [791kB]
82% [1 login 650173/791kB 82%]                                       31.5kB/s 4s
It worked well and aptitude doesn't pulled the package from unstable.

My /etc/apt/apt.conf:

Code: Select all

Apt::Default-Release "testing";
My /etc/apt/preferences:

Code: Select all

Package: *
Pin: release o=Debian,a=testing
Pin-Priority: 900

Package: *
Pin: release o=Debian,a=unstable
Pin-Priority: 300

User avatar
rickh
Posts: 3434
Joined: 2006-06-29 02:13
Location: Albuquerque, NM USA

#19 Post by rickh »

This quote excerpted from: apt_preferences(5) - Linux man page with some of my own highlighting. I believe it must be pertinent to Pobega's issue.
TRACKING TESTING OR UNSTABLE

The following APT preferences file will cause APT to assign a high priority to package versions from the testing distribution, a lower priority to package versions from the unstable distribution, and a prohibitively low priority to package versions from other Debian distributions.

Package: *
Pin: release a=testing
Pin-Priority: 900

Package: *
Pin: release a=unstable
Pin-Priority: 800

With a suitable sources.list(5) file and the above preferences file, any of the following commands will cause APT to upgrade to the latest testing version(s).

apt-get install package-name
apt-get upgrade
apt-get dist-upgrade

******
The following command will cause APT to upgrade the specified package to the latest version from the unstable distribution. Thereafter, apt-get upgrade will upgrade the package to the most recent testing version if that is more recent than the installed version, otherwise, to the most recent unstable version if that is more recent than the installed version.

apt-get install package/unstable
That kind of repeats previous conversation that once a package is installed by name from Unstable, it will continue to update from Unstable unless Testing has a version newer than the one already installed. Thus, Pobega's packages upgrading from Unstable must have been originally installed from there.

More from the man page:
HOW APT INTERPRETS PRIORITIES

Priorities (P) assigned in the APT preferences file must be positive or negative integers. They are interpreted as follows (roughly speaking):

P > 1000
causes a version to be installed even if this constitutes a downgrade of the package
990 < P <=1000
causes a version to be installed even if it does not come from the target release, unless the installed version is more recent
500 < P <=990
causes a version to be installed unless there is a version available belonging to the target release or the installed version is more recent
100 < P <=500
causes a version to be installed unless there is a version available belonging to some other distribution or the installed version is more recent
0 < P <=100
causes a version to be installed only if there is no installed version of the package
P < 0
prevents the version from being installed
This suggests that Pobega can stop the updates from Unstable by lowering the priority section:
Package: *
Pin: release o=Debian,a=unstable
Pin-Priority: 300
to
Package: *
Pin: release o=Debian,a=unstable
Pin-Priority: 50
That, of course, triggers the potential problem discussed in the original thread regarding security issues. Presumably, though, a critical security update would make it into Testing in a timely manner ... if the package exists in Testing.

*********
*********

All of this is to suggest that I now believe I understand "pinning" well enough to recommend the following generic apt.preferences file in the original Howto:
Assuming that the Default release is Testing, and Unstable is included in the sources.list file, add this line to /etc/apt/apt.preferences:
Package: *
Pin: release o=Debian,a=unstable
Pin-Priority: 100
Does that seem reasonable to those of you having some experience with "pinning?"
Debian-Lenny/Sid 32/64
Desktop: Generic Core 2 Duo, EVGA 680i, Nvidia
Laptop: Generic Intel SIS/AC97

User avatar
Pobega
Posts: 833
Joined: 2007-01-04 04:30
Location: New York

#20 Post by Pobega »

dpkg wasn't originally installed from unstable, I know for a fact that I have it installed from testing.
apt-cache policy dpkg wrote:root:~# apt-cache policy dpkg
dpkg:
Installed: 1.14.4
Candidate: 1.14.4
Version table:
*** 1.14.4 0
300 http://ftp.debian.org unstable/main Packages
990 http://ftp.debian.org testing/main Packages
100 /var/lib/dpkg/status
Does this mean that 300 has a higher priority than 990, seeing as 300 is above it? Also, why is it showing testing as 990 when I have testing set to 900 in /etc/apt/preferences?

Note: The only thing I have pinned from unstable are meaningless packages, so I'm completely sure that dpkg is testing at the moment.
Jabber: pobega@gmail.com
Pronunciation: Poh - Bay - Guh

User avatar
diego1116
Posts: 352
Joined: 2007-03-28 17:49
Location: Santa Maria, RS, Brazil

#21 Post by diego1116 »

That's strange indeed, the order here is different:

Code: Select all

diego1116@enterprise:~$ apt-cache policy dpkg
dpkg:
  Installed: 1.14.4
  Candidate: 1.14.4
  Version table:
 *** 1.14.4 0
        990 http://ftp.debian.org testing/main Packages
        300 http://http.us.debian.org unstable/main Packages
        100 /var/lib/dpkg/status

User avatar
Pobega
Posts: 833
Joined: 2007-01-04 04:30
Location: New York

#22 Post by Pobega »

diego1116 wrote:That's strange indeed, the order here is different:

Code: Select all

diego1116@enterprise:~$ apt-cache policy dpkg
dpkg:
  Installed: 1.14.4
  Candidate: 1.14.4
  Version table:
 *** 1.14.4 0
        990 http://ftp.debian.org testing/main Packages
        300 http://http.us.debian.org unstable/main Packages
        100 /var/lib/dpkg/status
So I guess that means there's definitely something weird going on with my setup.

Edit: I fixed it. Having "unstable" first in my sources.list is what messed it up, I put it under testing and it works completely fine now. What a weird problem.
Jabber: pobega@gmail.com
Pronunciation: Poh - Bay - Guh

User avatar
rickh
Posts: 3434
Joined: 2006-06-29 02:13
Location: Albuquerque, NM USA

#23 Post by rickh »

I'm not entirely convinced that would have fixed it. Before that. did you not say that an upgrade command would actually try to upgrade dpkg from unstable? Has that stopped?
Debian-Lenny/Sid 32/64
Desktop: Generic Core 2 Duo, EVGA 680i, Nvidia
Laptop: Generic Intel SIS/AC97

User avatar
Pobega
Posts: 833
Joined: 2007-01-04 04:30
Location: New York

#24 Post by Pobega »

rickh wrote:I'm not entirely convinced that would have fixed it. Before that. did you not say that an upgrade command would actually try to upgrade dpkg from unstable? Has that stopped?
I removed unstable and upgraded it that way, so I wouldn't know. But switching my sources.list back to unstable on top doesn't change anything...It just looks like the problem fixed itself when I changed unstable from "300" to "800" in /etc/apt/preferences. So I guess that's what fixed it.
Jabber: pobega@gmail.com
Pronunciation: Poh - Bay - Guh

User avatar
rickh
Posts: 3434
Joined: 2006-06-29 02:13
Location: Albuquerque, NM USA

#25 Post by rickh »

I have been watching my Lenny/Sid (mostly Lenny) system very carefully to see how it handles packages I have installed from Sid; (apt.conf: default-release=testing, no apt-preferences file). I have become convinced that apt-preferences is not necessary unless you are really concerned that a package upgraded from Sid never receive a subsequent update from there. (And, as detailed in the OP, I think that is a bad policy.)

The key seems to be the fact that once a newer or equal version than the one you have installed gets to Testing (default-release) aptitude apparently recognizes that that package's source is now, once again, the default-release.

An example is the recent move to Testing of libc6. I already had the Unstable version, and it had been upgraded several times. When libc6 moved to Testing, apt-show-version changed thusly:
Before:
libc6/unstable uptodate 2.5-9
After:
libc6/testing uptodate 2.5-9
I believe, but have not yet been able to verify, that even if Unstable had contained a newer version at that point, it would not have upgraded from Unstable.
Debian-Lenny/Sid 32/64
Desktop: Generic Core 2 Duo, EVGA 680i, Nvidia
Laptop: Generic Intel SIS/AC97

User avatar
swirling_vortex
Posts: 631
Joined: 2007-02-16 20:30
Location: Pennsylvania

#26 Post by swirling_vortex »

I still find commenting and uncommenting out unstable for my Lenny system much easier and a 100% sure way that I don't get any rogue Sid upgrades.

reidar
Posts: 34
Joined: 2006-06-09 09:52
Location: Stavanger, Norway

#27 Post by reidar »

Excellent howto! I followed it after first having done an upgrade from etch/stable to lenny/testing, and everything appears to work fine. I would love to hear more tips from those who are more experienced in running a mixed testing/unstable system!

-r

User avatar
rickh
Posts: 3434
Joined: 2006-06-29 02:13
Location: Albuquerque, NM USA

#28 Post by rickh »

I have continued to watch the package handling from my mixed system with no /etc/apt/apt.preferences file installed, and have become convinced that the issues are being handled properly. As a result, I have again edited the OP with this insertion:
There is quite a bit of discussion in the comments below about the need for an /etc/apt/preferences file, and the "pinning" instructions it contains. I have been watching my own system very closely to see how a package upgrade is handled once you have chosen to upgrade it from Unstable. My considered opinion, at this point, is that /etc/apt/preferences is not necessary, unless you feel that you need absolute control over the source of future upgrades to the package in question.

My observation is that, without pinning, a package installed from Unstable will continue to get upgrades from unstable until it is migrated from Unstable to Testing. Once that happens, aptitude will change it's source for that package back to the default release (Testing). IMO, that's the way you should allow it to work.
I hope that someone does not immediately prove me wrong again.
Debian-Lenny/Sid 32/64
Desktop: Generic Core 2 Duo, EVGA 680i, Nvidia
Laptop: Generic Intel SIS/AC97

ea66
Posts: 7
Joined: 2007-06-13 15:21
Location: Poland

#29 Post by ea66 »

I have a question about mixing Testing and Unstable branches...

By default I use Testing and would like to have some packages updated from
Unstable each time I run dist-upgrade [or safe upgrade].
Now using this how-to I set the preferred branch to testing and pinned rtorrent to be updated from unstable, like so:

Code: Select all

Package: rtorrent
Pin: release a=unstable
Pin-Priority: 990
and rtorrent updates nicely...

The thing is this is only one package, that does not require any other packages to be updated along with it [at least not at the moment].
When I try to do the same with Wine, I get a dependency problem that other required packages like libwine, wine-alsa etc. can't be upgraded.

Now my question is how to force apt to update the pinned package and all the required packages along with it? Of course I could simply pin the needed packages in apt preferences but this is rather problematic, cause the names or number of packages required by wine changes sometimes and I would have to fix the pins... besides it's a lot of work ;)

Any ideas?

User avatar
rickh
Posts: 3434
Joined: 2006-06-29 02:13
Location: Albuquerque, NM USA

#30 Post by rickh »

As I state in the howto, I would not worry about "pinnning" for a specific program like wine. As long as you have your default release set to Testing in apt.conf, the only thing that will be updated from Unstable is applications that you have already updated from there with the -t option. Of course, that includes the application's dependencies. Wine's dependencies, though tend to be quite a closed environment. In other words, they are applications and libraries specifically related to Wine.

Once the version of Wine you are updating from Unstable moves to Testing, the default source for it will move back to Testing. Again, "apt-show-versions | grep unstable" is your friend here.

One thing I have noticed in this technique that may cause confusion: On an upgrade, applications which have the same version in Testing and Unstable will be reported (on the terminal output from "upgrade") as coming from Unstable. It is misleading, and those packages are not, in fact, being flagged for future updates from Unstable.
Debian-Lenny/Sid 32/64
Desktop: Generic Core 2 Duo, EVGA 680i, Nvidia
Laptop: Generic Intel SIS/AC97

reidar
Posts: 34
Joined: 2006-06-09 09:52
Location: Stavanger, Norway

#31 Post by reidar »

I am trying this again, after having gone back to etch again :-)

I now started with etch, upgraded to lenny, and then wanted to start doing as explained in this article. But on my system /etc/apt/apt.conf is a directory rather than a file. Is there a misprint, or should I create an apt.conf file in the /etc/apt/apt.conf/ directory?

-r

User avatar
rickh
Posts: 3434
Joined: 2006-06-29 02:13
Location: Albuquerque, NM USA

#32 Post by rickh »

/etc/apt/apt.conf should not be a directory. Assuming that directory is empty, I would remove it and create the file.
Debian-Lenny/Sid 32/64
Desktop: Generic Core 2 Duo, EVGA 680i, Nvidia
Laptop: Generic Intel SIS/AC97

reidar
Posts: 34
Joined: 2006-06-09 09:52
Location: Stavanger, Norway

#33 Post by reidar »

Hmmm, strange thing is, it is not empty.

Code: Select all

mosvold-laptop:~# ls /etc/apt/apt.conf.d/
00trustcdrom  01autoremove  10periodic  70debconf
-r

User avatar
rickh
Posts: 3434
Joined: 2006-06-29 02:13
Location: Albuquerque, NM USA

#34 Post by rickh »

apt.conf.d is a directory. You don't have to be concerned with that. The "file" you are interested in is apt.conf
Debian-Lenny/Sid 32/64
Desktop: Generic Core 2 Duo, EVGA 680i, Nvidia
Laptop: Generic Intel SIS/AC97

reidar
Posts: 34
Joined: 2006-06-09 09:52
Location: Stavanger, Norway

#35 Post by reidar »

Aaah, I actually didn't see the ".d" until now...
How dyslectic can a man be...

Thanks, and sorry for bothering you with such stupidities :-)

-r

Post Reply