Discussion:
Apt configuration - As Stable As Possible
(too old to reply)
Cyprus Socialite
2024-04-07 01:50:01 UTC
Permalink
Hi all,


I am trying to configure Apt to follow a "stable where we can, unstable
where we must" logic.

On the "Stable+Backports - Testing - Unstable - Experimental" stencil, I
would like to

- install left-to-right (the stablest version available),

- upgrade right-to-left (the stablest newer version available, but never
less stable than the one currently installed).

I have already achieved the desired Install behaviour with Pin-Priorities,
but upgrade is more challenging.

For example, if I have foo=2 installed from testing, and the newer versions
available are foo=3 in stable and foo=4 in testing, apt seems to go for
testing, whereas I would prefer the stabler though not-so-much-newer
version by default.


Furthermore, I would like to keep the aforementioned stencil fixed on my
current release until and unless I'm ready for an upgrade.

I imagine this can be achieved by sticking explicit names (e.g.
bookworm/trixie in place of stable/testing) everywhere, but maybe there is
a nicer, DRY-compliant method? Perhaps, something involving
APT::Default-Release or similar, though I will admit I have no clue how
this setting actually works...


Hoping for advice/clarifications, thanks!
Sven Joachim
2024-04-07 07:00:01 UTC
Permalink
Post by Cyprus Socialite
I am trying to configure Apt to follow a "stable where we can, unstable
where we must" logic.
On the "Stable+Backports - Testing - Unstable - Experimental" stencil, I
would like to
- install left-to-right (the stablest version available),
- upgrade right-to-left (the stablest newer version available, but never
less stable than the one currently installed).
I have already achieved the desired Install behaviour with Pin-Priorities,
but upgrade is more challenging.
For example, if I have foo=2 installed from testing, and the newer versions
available are foo=3 in stable and foo=4 in testing, apt seems to go for
testing, whereas I would prefer the stabler though not-so-much-newer
version by default.
This would be rather strange and does not match my experience. Can you
please show the output of "apt policy"?
Post by Cyprus Socialite
Furthermore, I would like to keep the aforementioned stencil fixed on my
current release until and unless I'm ready for an upgrade.
I imagine this can be achieved by sticking explicit names (e.g.
bookworm/trixie in place of stable/testing) everywhere, but maybe there is
a nicer, DRY-compliant method? Perhaps, something involving
APT::Default-Release or similar, though I will admit I have no clue how
this setting actually works...
Using the codename (i.e. bookworm/trixie) is the way to go. When
upgrading to a newer release you need to adjust the pinning preferences
along with the apt sources, but this only needs to be done every two
years.

Cheers,
Sven
Dmitrii Odintcov
2024-07-04 01:00:02 UTC
Permalink
Hey,


Thank you for your reply Sven, and sorry for the belated response.

Here is my setup now:

sources.list
```
# stable
deb https://deb.debian.org/debian/ bookworm main contrib
non-free-firmware non-free
deb-src https://deb.debian.org/debian/ bookworm main contrib
non-free-firmware non-free

deb https://security.debian.org/debian-security/ bookworm-security
main contrib non-free-firmware non-free
deb-src https://security.debian.org/debian-security/
bookworm-security main contrib non-free-firmware non-free

deb https://deb.debian.org/debian/ bookworm-updates main contrib
non-free-firmware non-free
deb-src https://deb.debian.org/debian/ bookworm-updates main contrib
non-free-firmware non-free

deb http://deb.debian.org/debian/ bookworm-backports main contrib
non-free-firmware non-free
deb-src http://deb.debian.org/debian/ bookworm-backports main
contrib non-free-firmware non-free

# testing
deb https://deb.debian.org/debian/ trixie main contrib
non-free-firmware non-free
deb-src https://deb.debian.org/debian/ trixie main contrib
non-free-firmware non-free

deb https://security.debian.org/debian-security/ trixie-security
main contrib non-free-firmware non-free
deb-src https://security.debian.org/debian-security/ trixie-security
main contrib non-free-firmware non-free

deb https://deb.debian.org/debian/ trixie-updates main contrib
non-free-firmware non-free
deb-src https://deb.debian.org/debian/ trixie-updates main contrib
non-free-firmware non-free

deb http://deb.debian.org/debian/ trixie-backports main contrib
non-free-firmware non-free
deb-src http://deb.debian.org/debian/ trixie-backports main contrib
non-free-firmware non-free

# unstable
deb https://deb.debian.org/debian/ sid main contrib non-free-firmware non-free
deb-src https://deb.debian.org/debian/ sid main contrib
non-free-firmware non-free

# experimental
deb https://deb.debian.org/debian/ experimental main contrib
non-free-firmware non-free
deb-src https://deb.debian.org/debian/ experimental main contrib
non-free-firmware non-free
```

(let him who is without bluetooth be the first to judge me for non-free)


sources.pref
```
# stable
Package: *
Pin: release o=Debian Backports, n=bookworm-backports
Pin-Priority: 502

Package: *
Pin: release o=Debian, n=bookworm*
Pin-Priority: 501

# testing
Package: *
Pin: release o=Debian, n=trixie*
Pin-Priority: 102

# unstable
Package: *
Pin: release o=Debian, n=sid*
Pin-Priority: 1

Package: *
Pin: release o=Debian, a=experimental
Pin-Priority: -1
```


This seems to work exactly as I want, but I feel like my preferences
setup is not ideal. Repeating "Debian" every time, the wildcards, the
codenames (I already have them "locked in" via sources.list). Any
advice on how to clean it up nicely? Also, do I need to make special
pin-priority accommodations for the security releases?


Thanks

Loading...