[Solved] Different package versions from same repository

[krita]

Hi,
I noticed today when I was offered by synaptic to update some packages that there seemed to be two versions available from the same repository (stable). How could that happen?
For instance if I check package "xscreensaver" installed version is 5.30-1+b1 and versions available are;

• 5.34-1 (testing)
• 5.30-1+deb8u1(stable)
• 5.30-1+b1 (stable)

Below is my /etc/apt/sources.list. I'm not sure why, but rows 1 and 6 are identical except for stable beeing replaced by jessie. Row 3 and 7 are almost same too. Because jessie=stable (at the moment), is there any point with having duplicated rows in sources.list?

Code: Select all

deb http://ftp.se.debian.org/debian/ stable main non-free contrib
deb http://ftp.debian.org/debian/ stable-updates main non-free contrib
deb http://security.debian.org/ stable/updates main non-free contrib

deb http://ftp.se.debian.org/debian/ testing main non-free
deb http://ftp.se.debian.org/debian/ jessie contrib non-free main  <--- Same as first row?
deb http://security.debian.org/ jessie/updates contrib non-free main

[No_windows]

You really need to re-write/modify your sources.list. You are correct in thinking that you don't need both stable and jessie links, since they are the same. However, you also have testing, which means you're currently mixing repositories.

Here is my sources.list as an example:

Code: Select all

#Security
deb http://security.debian.org/ jessie/updates main contrib #non-free

#Jessie mirror
deb http://httpredir.debian.org/debian/ jessie main contrib #non-free

#Jessie-updates mirror
deb http://httpredir.debian.org/debian/ jessie-updates main contrib #non-free

#Jessie-backports mirror
deb http://httpredir.debian.org/debian/ jessie-backports main contrib #non-free

#Opera 
deb http://deb.opera.com/opera-stable/ stable non-free 

#Iceweasel
deb http://mozilla.debian.net/ jessie-backports iceweasel-release 

#deb-multimedia.org
# deb ftp://ftp.deb-multimedia.org/ jessie main non-free 

#HP repository
#deb http://downloads.linux.hpe.com/SDR/repo/mcp/ jessie/current non-free  

If you Google Debian source.list you should get specifics from the Debian website/wiki.

[Head_on_a_Stick]

rows 1 and 6 are identical except for stable beeing replaced by jessie. Row 3 and 7 are almost same too. Because jessie=stable (at the moment), is there any point with having duplicated rows in sources.list

No, you can remove the duplicated line.

And yes, at the moment jessie == stable.

Your main problem is the "testing" repository line, this has turned your system into what's known as a FrankenDebian

Have a read of the bottom link in my signature.

EDIT: Too slow...

[krita]

Hi,
Well, I do have testing repos in sources.list. However, I have Synaptic set to always install from stable so I don't actually update from testing apart from a very small number of packages.

But there's something weired about what Synaptic does with my sources.list. When I remove rows in sources.list with "jessie" they are throw back in by Synaptic. When I remove these rows

Code: Select all

deb http://ftp.se.debian.org/debian/ jessie contrib non-free main
deb http://security.debian.org/ jessie/updates contrib non-free main

...and go to Synaptic Preferences->Repositories and check tab "Debian Software", the checkboxes for main, contrib and non-free are all empty. Before they were all checked. And when I check them again, Synaptic adds the rows I just removed again. Why?

I also noticed that repositories for stable

Code: Select all

deb http://ftp.se.debian.org/debian/ stable main non-free contrib
deb http://ftp.debian.org/debian/ stable-updates main non-free contrib
deb http://security.debian.org/ stable/updates main non-free contrib

...are all listed under tab "Other software" which seems a bit strange to me.

Is there a setting somewhere to tell Synaptics that stable is in fact jessie?

[Head_on_a_Stick]

Stop using Synaptic for repository management, it is utterly useless for that purpose.

Please read this thread:
http://forums.debian.net/viewtopic.php? ... 0&start=60

Your entry is the new one at the end

Your system is already broken, your best bet may be to attempt to `dist-upgrade` cleanly to stretch but you probably don't want to run a development system.

EDIT: Maybe I'm wrong, can we see the output of:

Code: Select all

apt-cache policy

[krita]

Ouput from apt-cache policy is

Code: Select all

"Package"-filer:
 100 /var/lib/dpkg/status
     release a=now
 500 http://repository.spotify.com/ testing/non-free amd64 Packages
     release v=0.4,o=Spotify LTD,a=testing,n=testing,l=Spotify Public Repository,c=non-free
     origin repository.spotify.com
 500 http://linux.dropbox.com/debian/ jessie/main i386 Packages
     release o=Dropbox.com,a=jessie,n=jessie,l=Dropbox Debian Repository,c=main
     origin linux.dropbox.com
 500 http://linux.dropbox.com/debian/ jessie/main amd64 Packages
     release o=Dropbox.com,a=jessie,n=jessie,l=Dropbox Debian Repository,c=main
     origin linux.dropbox.com
 500 http://ftp.se.debian.org/debian/ testing/non-free Translation-en
 500 http://ftp.se.debian.org/debian/ testing/main Translation-sv
 500 http://ftp.se.debian.org/debian/ testing/main Translation-en
 500 http://ftp.se.debian.org/debian/ testing/non-free amd64 Packages
     release o=Debian,a=testing,n=stretch,l=Debian,c=non-free
     origin ftp.se.debian.org
 500 http://ftp.se.debian.org/debian/ testing/main amd64 Packages
     release o=Debian,a=testing,n=stretch,l=Debian,c=main
     origin ftp.se.debian.org
 500 http://security.debian.org/ stable/updates/non-free Translation-en
 500 http://security.debian.org/ stable/updates/main Translation-en
 500 http://security.debian.org/ stable/updates/contrib Translation-en
 500 http://security.debian.org/ stable/updates/contrib amd64 Packages
     release v=8,o=Debian,a=stable,n=jessie,l=Debian-Security,c=contrib
     origin security.debian.org
 500 http://security.debian.org/ stable/updates/non-free amd64 Packages
     release v=8,o=Debian,a=stable,n=jessie,l=Debian-Security,c=non-free
     origin security.debian.org
 500 http://security.debian.org/ stable/updates/main amd64 Packages
     release v=8,o=Debian,a=stable,n=jessie,l=Debian-Security,c=main
     origin security.debian.org
 500 http://ftp.debian.org/debian/ stable-updates/non-free Translation-en
 500 http://ftp.debian.org/debian/ stable-updates/main Translation-en
 500 http://ftp.debian.org/debian/ stable-updates/contrib Translation-en
 500 http://ftp.debian.org/debian/ stable-updates/contrib amd64 Packages
     release o=Debian,a=stable-updates,n=jessie-updates,l=Debian,c=contrib
     origin ftp.debian.org
 500 http://ftp.debian.org/debian/ stable-updates/non-free amd64 Packages
     release o=Debian,a=stable-updates,n=jessie-updates,l=Debian,c=non-free
     origin ftp.debian.org
 500 http://ftp.debian.org/debian/ stable-updates/main amd64 Packages
     release o=Debian,a=stable-updates,n=jessie-updates,l=Debian,c=main
     origin ftp.debian.org
 500 http://ftp.se.debian.org/debian/ stable/non-free Translation-en
 500 http://ftp.se.debian.org/debian/ stable/main Translation-sv
 500 http://ftp.se.debian.org/debian/ stable/main Translation-en
 500 http://ftp.se.debian.org/debian/ stable/contrib Translation-en
 500 http://ftp.se.debian.org/debian/ stable/contrib amd64 Packages
     release v=8.2,o=Debian,a=stable,n=jessie,l=Debian,c=contrib
     origin ftp.se.debian.org
 500 http://ftp.se.debian.org/debian/ stable/non-free amd64 Packages
     release v=8.2,o=Debian,a=stable,n=jessie,l=Debian,c=non-free
     origin ftp.se.debian.org
 500 http://ftp.se.debian.org/debian/ stable/main amd64 Packages
     release v=8.2,o=Debian,a=stable,n=jessie,l=Debian,c=main
     origin ftp.se.debian.org
Fastnålade paket:

sources.list now looked

Code: Select all

deb http://ftp.se.debian.org/debian/ stable main non-free contrib
deb http://ftp.debian.org/debian/ stable-updates main non-free contrib
deb http://security.debian.org/ stable/updates main non-free contrib

deb http://ftp.se.debian.org/debian/ testing main non-free

Edit:
If I type "apt-cache policy xscreensaver" I think that, answers my original question. The versions of xscreensaver are actually not from same repository. They are from different repositories but both repositories being of the same generation(?) i.e. "standard". That was what bugged me, I mixed up.

Code: Select all

xscreensaver:
  Installerad: 5.30-1+b1
  Kandidat:    5.30-1+deb8u1
  Versionstabell:
     5.30-1+deb8u1 0
        500 http://security.debian.org/ stable/updates/main amd64 Packages
 *** 5.30-1+b1 0
        500 http://ftp.se.debian.org/debian/ stable/main amd64 Packages
        100 /var/lib/dpkg/status

Thanks anyway.

[dasein]

...I don't actually update from testing apart from a very small number of packages.

Plus all their dependencies...

And their dependencies' dependencies...

...etc.

Don't mix repos. Really.

[stevepusser]

Unless you want a possibly unplanned-for upgrade to Stretch when it goes stable, it's a bad practice to use "stable" instead of the release's code name in your sources, too. There were several posts here wondering what the heck happened when Jessie became the new stable due to that factor.

[krita]

Hi,
@stevepusser

Unless you want a possibly unplanned-for upgrade to Stretch when it goes stable, it's a bad practice to use "stable" instead of the release's code name in your sources, too.

You got a point. However, I thought that it would be nice to actually do the upgrade when Stretch goes stable. I guess I would notice the day I get many many packages to update so won't come as a surprise. But if you think it's better practice to use jessie instead of standard, then maybe I should in fact use that and it will case me less trouble after all.

@dasein

Don't mix repos. Really.

Yes I am well aware of the risk. Have experienced the hard way once upon a time Now, I just added testing to get some lib or just search for something - don't remember - but I don't use any package (including dependencies) from it as far as I can tell. (Is there a handy way to list packages from testing easily b.t.w.? I compared output from apt list --installed to check).

@Head_on_a_Stick

Your system is already broken

How do you know that? As far as I can tell it runs perfectly well!

Stop using Synaptic for repository management, it is utterly useless for that purpose.

Any suggestion what is not an utterly useless repository management tool? B.t.w. I usually just edit sources.list when adding/removing repositories, which happens very seldom.


But just curios, anybody knowns why Synaptic keep adding the "jessie"-lines by itself and lists "standard"-lines in sources.list as Other software in the Synaptic GUI?

[Head_on_a_Stick]

@Head_on_a_Stick

Your system is already broken

How do you know that? As far as I can tell it runs perfectly well!

Perhaps I was too hasty in my judgement but your system reliability is compromised.

Read this:
https://wiki.debian.org/DontBreakDebian ... nkenDebian

If the machine is used for anything important, you should backup everything and be aware that the next update or package installation may cause your system to stop working.

Stop using Synaptic for repository management, it is utterly useless for that purpose.

Any suggestion what is not an utterly useless repository management tool?

Try apt(8). apt-get(8) and aptitude(8) -- the latter even has a curses interface if you really need visual aids.

For managing your sources.list, I recommend:

Code: Select all

# apt edit-sources

This will open the file up in $EDITOR (usually vim or nano) and check the syntax when saving the file to avoid errors, as visudo(8) does for the sudoers file.

[GarryRicketson]

This thread is getting long, if someone else all ready suggested this, forgive me,
I don't agree , on "synaptic" is utterly useless", it is a tool, I use it quite a bit, but like any "tool" or "tools", each one has it's purpose.

But H_0_A_S, says:

Head_on_a_Stick » 2016-01-10 15:16
Stop using Synaptic for repository management, it is utterly useless for that purpose.

He is clear, on "for that purpose". Synaptic, is not the tool to use , for example to modify or edit your sources.list, the sources.list is what "manages" or determines which repos will be used.

Understanding what tools are available, and what each one is intended for is the key to using any given tool succesfully.
The OP should read this, carefully:
https://www.debian.org/doc/manuals/debi ... ls.en.html

by krita »But just curios, anybody knowns why Synaptic keep adding the "jessie"-lines by itself and lists "standard"-lines in sources.list as Other software in the Synaptic GUI?

It shouldn't be doing anything ,"by itself", and not sure exactly what you mean here, but
One thing about synaptic, you need to run edit>Reload Package Information
After YOU, make any changes in your sources.list file, other wise :

the checkboxes for main, contrib and non-free are all empty. Before they were all checked. And when I check them again, Synaptic adds the rows I just removed again. Why?

Like wise, if you use

Code: Select all

apt-get

or

Code: Select all

aptitude

you still need to run:

Code: Select all

apt-get update

To update the package information, after you make any changes in your sources.list file, and before you try to install new updates.
More on sources.list:

Code: Select all

man sources.list

There is, manuals in your computer:

Code: Select all

man synaptic

If you look at the "apt-get" manual, in the link posted by H_O_A_S,
or

Code: Select all

man apt-get

Look for the -s option, this is safe way to check what will be updated,upgraded and installed or removed.

The links to online manuals on apt, and aptitude all ready were posted, but also they are available using the "man" command.

Postby krita »

@Head_on_a_Stick
Your system is already broken

How do you know that? As far as I can tell it runs perfectly well!

It may run perfectly well, for quite some time, but as all ready mentioned, you can not safely do any updates or upgrades, until if and when you get all of the mixed packages sorted out,etc.
Probably, as long as you don't do any upadates,or install any new packages, or upgrades , it will keep running just fine. Making a "backup" will give you a safe way to save important data, but a "back up" would not be of any use, to restore the system, you would be simply re-installing a back up of the same "broken" system.
The main cause of the problem, not reading very much documentation, as you can see, just trying to explain a little, about "package management" on Debian, makes a very long, to long of a post/thread. This just "scratches" the surface, read the documentation, to get the "Full Picture" or a more complete understanding.
Below , covers most everything, lots of good info, not just package management:
https://www.debian.org/doc/manuals/debian-handbook/
Well, this post is way to long, I know it is redundant, but the same questions all the time are redundant as well, many problems could be avoided if documentation is read ahead of time, and using the "man" command to check and see what exactly the commands issued will do, and how they work.

[krita]

Hi,
Firstly; I am aware of apt, apt-get, aptitude and that I can both Google them and type man apt-get or apt-get -h for instance. And that I need to reload after updating sources.list. Didn't know I could do man sources.list though.
Strangely enough, I had the feeling that you were going to suggest these tools as an alternative to Synaptic. However, please have mercy with me, these command line tools (well aptitude is graphical in some ancient kind of sense) were actually my motivation for using Synaptic At least in the past. Not for everything, sure, but for common tasks. Do I need "visual aids"? Well, perhaps not, but a functional graphical interface is quite nice don't you think. Many applications use it nowadays...

Secondly; No need to convince me that getting packages from testing is without a risk or can't badly break things. I have nowhere in this thread suggested something else. No point posting links about general package management, proposing upgrades to stretchy, or making backups, because that is not my issue, question or is relevant for my issues with Synaptic. If you have evidence against it, just let me know. Somebody draw a hasty conclusion I had a broken system which needed to be fixed. But, as far as I can tell, my system is not broken. Indeed, having testing repo may eventually turn it into a broke system but that is still waiting to happen! Too bad I didn't left out the testing repository in sources.list in my first post...

Thirdly; Speaking about reading... My main question was about how Synaptic insists on adding jessie to my sources.list instead of stable. Sorry if I was unclear about how, I'll try to explain. If I remove the jessie lines, for instance

Code: Select all

deb http://ftp.se.debian.org/debian/ jessie main non-free contrib

...from sources.list (using a command line tool), all boxes in the dialogue below become unmarked. If I mark them again in Synaptic, the lines with jessie are magically added to sources.list again by Synaptic.


I just don't really understand why Synaptic keeps adding...

Code: Select all

deb http://ftp.se.debian.org/debian/ jessie main non-free contrib

...instead of

Code: Select all

deb http://ftp.se.debian.org/debian/ stable main non-free contrib

...which are b.t.w. already in sources.list.

It's not that important, especially if it's recommended to actually have jessie instead of stable in sources.list. I was just wondering if there was a way to tune the behavior of Synaptic in such a way stable was used.


Thanks all for your advice. And I will remove the testing repo. Promise

[dasein]

I am well aware of the risk.

No you're not, and the way I know you're not is because you imagine, even for an instant, that p(breakage) is determined solely by the number of packages you're pulling from Testing. Depending on circumstances, one package is all it takes.

As far as I can tell it runs perfectly well!

Another sure sign that you don't actually understand the issue.

Here's someone else who fell prey to the "Everything worked fine--right up until it didn't" mindset: http://forums.debian.net/viewtopic.php? ... 15#p587113

Too bad I didn't left out the testing repository in sources.list in my first post...

Lying about your sources.list has been tried. It doesn't work.

"Maybe if I don't admit to mixing repos, no one will be able to figure it out": http://forums.debian.net/viewtopic.php?t=123923 and also http://forums.debian.net/viewtopic.php?f=30&t=125113 and ALSO http://forums.debian.net/viewtopic.php?f=10&t=125122 and ALSO http://forums.debian.net/viewtopic.php?f=10&t=125149 not to mention http://forums.debian.net/viewtopic.php?f=6&t=125856 plus http://forums.debian.net/viewtopic.php?f=30&t=126017 AND http://forums.debian.net/viewtopic.php?f=7&t=126352 (this last one even includes "what gave it away?" )

(Call it a hunch, but I don't think the "hope no one notices" strategy is working.)

More to the point: while I can't speak for anyone else, this attitude earns you a space on my ignore list. For the benefit of others who feel the same way, the handy time-saver link: http://forums.debian.net/ucp.php?i=zebr ... &add=krita

Edit: For the benefit of others who may stumble across their thread, added quoted list of others who think lying is an acceptable way to ask others to volunteer their time and expertise.

[steve_v]

Hi,
Indeed, having testing repo may eventually turn it into a broke system but that is still waiting to happen!

Not "may", will. It's only a matter of time and updates.

My main question was about how Synaptic insists on adding jessie to my sources.list instead of stable.

Because a "stable" line will point to the current stable release. When stretch goes stable it will suddenly point to stretch and you will get a mass of upgrades with no warning to go read the release/upgrade notes before proceeding. This may cause significant borkage, so Synaptic is playing it safe and using the release name.

I was just wondering if there was a way to tune the behavior of Synaptic in such a way stable was used.

Dunno, I don't use synaptic. I did just fire it up to check and I don't see that "software sources" window anywhere. I do have "repositories" where I can enter the release manually though. What version do you have?

[krita]

I am well aware of the risk.

No you're not, and the way I know you're not is because you imagine, even for an instant, that p(breakage) is determined solely by the number of packages you're pulling from Testing. Depending on circumstances, one package is all it takes.

As far as I can tell it runs perfectly well!

Another sure sign that you don't actually understand the issue.

Let's rephrase. I am aware about there are risks but not "well" aware. I checked, by looking at package versions and hoping thats the way to verify, and I have zero packages installed from testing. By that, I conclude I have not broken my system, at least not due to installing, intentionally or unintentionally, packages from testing. Is that a false conclusion?

More to the point: while I can't speak for anyone else, this attitude earns you a space on my ignore list. For the benefit of others who feel the same way, the handy time-saver link: ucp.php?i=zebra&mode=foes&add=krita

I am really apologize for that. It was really not my intention trying to offend . Merely to express a bit of human despair. Again, sorry if I offended.

Because a "stable" line will point to the current stable release. When stretch goes stable it will suddenly point to stretch and you will get a mass of upgrades with no warning to go read the release/upgrade notes before proceeding. This may cause significant borkage, so Synaptic is playing it safe and using the release name.

Yes seems like a valid reason according to what I've read in this thread yes. Didn't think of it that way initially though.

Dunno, I don't use synaptic. I did just fire it up to check and I don't see that "software sources" window anywhere. I do have "repositories" where I can enter the release manually though. What version do you have?

I use version 0.81.2. I tried attach a screenshot but the forum attachment qouta was full so I linked the image. It doesn't look exactly the same but to 95%. Freely translated, I reach the dialogue from Settings->Repositories (I have another language installed).

[spacex]

Your system is already broken, your best bet may be to attempt to `dist-upgrade` cleanly to stretch but you probably don't want to run a development system.

Why not? I'm on Sid myself, and I don't feel that I'm taking any risks at all by doing it. I'm also doing a new sid-build for TweakOs right now. Wish me luck,

Code: Select all

root@tweakos-sid:/home/tweakos-sid-2.0# dd if=tweakos-sid-2.0-amd64.hybrid.iso of=/dev/sdb bs=4M; sync

By the way, Stretch at it's current state would be considered as stable in any distro less conservative than Debian

[steve_v]

Why not? I'm on Sid myself, and I don't feel that I'm taking any risks at all by doing it.

Direct from the wiki:

Should I use sid on my server?

Are you insane? No!

Should I use sid on my desktop?

If you think you can handle a broken Debian system, sure. Do you know what to do if libpam0g breaks, preventing all logins? Do you know what to do if grub breaks, causing the boot process to hang forever? These things have happened. They will happen again.

You may be comfortable running sid, but sooner or later something will break. If you don't know how to fix it running testing or unstable is a bad idea.

If you want to contribute to development and hunt bugs, by all means use testing or unstable. If you don't like updates breaking your system, don't.
As the saying goes, "If it breaks, you get to keep both pieces."

[spacex]

steve_v

That's just BS. I have used Unstable for many years without any issues that I haven't been able to solve. Could there at some point be a breakage I'm not able to fix? Sure, it could happen, but my harddisk could also break down. That's why we have backups...

Qouting the Debian wiki? I couldn't care less what the Debian wiki says. Debian is extremely conservative, and the wiki is just as conservative.

[steve_v]

That's just BS. I have used Unstable for many years without any issues that I haven't been able to solve.

Cool, fine, whatever. You can fix it when it breaks, good for you. Suggesting running sid to beginners who don't know how to deal with breakage is just plain irresponsible, unless you are willing to fix it for them.

Believe it or not, some people need their computers to work properly all the time, and lack the skills, time or motivation to deal with broken updates. I run an unstable install myself - on my dev/testing box. Machines I rely on to always work run stable.

[dasein]

Suggesting running sid to beginners who don't know how to deal with breakage is just plain irresponsible, unless you are willing to fix it for them.

Yeah, what he said.

See also: http://forums.debian.net/viewtopic.php? ... 45#p597486

(Some peoples' kids. )