Download | Devuan.org | Git | Bugs | Packages

The officially official Devuan Forum!

You are not logged in.

Pages: 1

#1 2020-03-03 22:28:43

igs
Member
Registered: 2020-03-03
Posts: 4  

Security Updates for Beowulf not installed automatically

I've set default release to 'beowulf' in /etc/apt/apt.conf.d/Default-release

So Beowulf packages get apt priority 990. So far correct.

Also I like to get security updates. So I have the following line in my sources.list file:

deb http://auto.mirror.devuan.org/merged beowulf-security main

Unfortunately security updates become not installed automatically as these packages get priority 500. Sample: 

# apt policy php7.3
php7.3:
  Installed: 7.3.14-1~deb10u1
  Candidate: 7.3.14-1~deb10u1
  Version table:
 *** 7.3.14-1~deb10u1 500
        500 http://auto.mirror.devuan.org/merged beowulf-security/main amd64 Packages
        100 /var/lib/dpkg/status
     7.3.11-1~deb10u1 990
        990 http://auto.mirror.devuan.org/merged beowulf/main amd64 Packages

(The package was upgraded manually)

Due to I still have a Buster server running (sorry) I see that in Debian the security updates get priority 990 too when Default-release is set to 'buster'. So security updates become installed automatically.

# apt policy php7.3
php7.3:
  Installed: (none)
  Candidate: 7.3.14-1~deb10u1
  Version table:
     7.3.14-1~deb10u1 990
        990 http://security.debian.org/debian-security buster/updates/main amd64 Packages
        990 http://security.debian.org/debian-security buster/updates/main i386 Packages
     7.3.11-1~deb10u1 990
        990 http://ftp2.de.debian.org/debian buster/main amd64 Packages
        990 http://ftp2.de.debian.org/debian buster/main i386 Packages

Is this intended or a bug or do I something wrong?

Is there an easy workaround by pinning?

Thanks

Offline

#2 2020-03-03 22:48:40

golinux
Administrator
Registered: 2016-11-25
Posts: 3,317  

Re: Security Updates for Beowulf not installed automatically

auto.mirror has been deprecated for a long time.  Also Country Codes are not currently available for Devuan.  Please try deb.devuan.org to see if that fixes things.

Get answers - Help Devuan - Report a bug - Search packages

Offline

#3 2020-03-03 23:09:22

igs
Member
Registered: 2020-03-03
Posts: 4  

Re: Security Updates for Beowulf not installed automatically

thanks, but that does not help.

The 'apt policy' command helps a little bit forward:
Devuan:

# apt policy
Package files:
 100 /var/lib/dpkg/status
     release a=now
 500 http://deb.devuan.org/merged beowulf-security/main amd64 Packages
     release v=3.0.0,o=Devuan,a=testing-security,n=beowulf-security,l=Devuan-Security,c=main,b=amd64
     origin deb.devuan.org
 500 http://deb.devuan.org/merged beowulf-updates/main amd64 Packages
     release v=3.0.0,o=Devuan,a=testing-updates,n=beowulf-updates,l=Devuan,c=main,b=amd64
     origin deb.devuan.org
 990 http://deb.devuan.org/merged beowulf/main amd64 Packages
     release v=3.0,o=Devuan,a=testing,n=beowulf,l=Devuan,c=main,b=amd64
     origin deb.devuan.org
Pinned packages:
     systemd-sysv -> 44-11+deb7u4 with priority -1

Debian:

# apt policy
Package files:
 100 /var/lib/dpkg/status
     release a=now
 500 http://ftp2.de.debian.org/debian buster-updates/main i386 Packages
     release o=Debian,a=stable-updates,n=buster-updates,l=Debian,c=main,b=i386
     origin ftp2.de.debian.org
 500 http://ftp2.de.debian.org/debian buster-updates/main amd64 Packages
     release o=Debian,a=stable-updates,n=buster-updates,l=Debian,c=main,b=amd64
     origin ftp2.de.debian.org
 990 http://security.debian.org/debian-security buster/updates/main i386 Packages
     release v=10,o=Debian,a=stable,n=buster,l=Debian-Security,c=main,b=i386
     origin security.debian.org
 990 http://security.debian.org/debian-security buster/updates/main amd64 Packages
     release v=10,o=Debian,a=stable,n=buster,l=Debian-Security,c=main,b=amd64
     origin security.debian.org
 990 http://ftp2.de.debian.org/debian buster/main i386 Packages
     release v=10.3,o=Debian,a=stable,n=buster,l=Debian,c=main,b=i386
     origin ftp2.de.debian.org
 990 http://ftp2.de.debian.org/debian buster/main amd64 Packages
     release v=10.3,o=Debian,a=stable,n=buster,l=Debian,c=main,b=amd64
     origin ftp2.de.debian.org
Pinned packages:

As it can be seen, Debian sets the 'a=' and 'n=' to the same value for security and the main repo while Devuan sets different values.

So the question is: Is there a good reason to do that or it is a bug?

Offline

#4 2020-03-03 23:45:48

golinux
Administrator
Registered: 2016-11-25
Posts: 3,317  

Re: Security Updates for Beowulf not installed automatically

It seems to be there:
https://pkginfo.devuan.org/cgi-bin/d1pk … se=beowulf

Sorry, I haven't a clue.

Get answers - Help Devuan - Report a bug - Search packages

Offline

#5 2020-03-04 08:19:03

igs
Member
Registered: 2020-03-03
Posts: 4  

Re: Security Updates for Beowulf not installed automatically

So I've found a workaround by creating 

/etc/apt/preferences.d/security.pref

with the following content:

Package: *
Pin: release n=beowulf-security
Pin-Priority: 990

But from my point of view this is a workaround and not a fix. Adding the security repository in the 'sources.list' file should be enough and instantly enable installing security fixes.

I'm sure the problem is located in the 'Release' file of the repository.

Is there a place where I can open an issue for that? 'reportbug' seems not to work for that as the problem here is not package related but repository related.

Offline

#6 2020-03-04 11:38:16

LeePen
Member
Registered: 2020-03-04
Posts: 9  

Re: Security Updates for Beowulf not installed automatically

Hi,

Is the Default-release setting actually required? You only appear to have beowulf sources.

I have a beowulf VM that installs security updates fine without Default-release being set. Both beowulf and beowulf-security being priority 500.

If you want to report this as a bug, then amprolla is the correct package to report against using reportbug. It is a pseudo-package so you will need to put 'other' at the first package prompt to get to the list of available pseudopackages.

Mark

Offline

#7 2020-03-04 12:47:57

rolfie
Member
Registered: 2017-11-25
Posts: 1,172  

Re: Security Updates for Beowulf not installed automatically

This is from a native Beowulf installed from a netinstall image last spring/summer:

apt policy
Paketdateien:
 100 /var/lib/dpkg/status
     release a=now
 500 http://deb.devuan.org/merged beowulf-updates/main amd64 Packages
     release v=3.0.0,o=Devuan,a=testing-updates,n=beowulf-updates,l=Devuan,c=main,b=amd64
     origin deb.devuan.org
 500 http://deb.devuan.org/merged beowulf-security/non-free amd64 Packages
     release v=3.0.0,o=Devuan,a=testing-security,n=beowulf-security,l=Devuan-Security,c=non-free,b=amd64
     origin deb.devuan.org
 500 http://deb.devuan.org/merged beowulf-security/main amd64 Packages
     release v=3.0.0,o=Devuan,a=testing-security,n=beowulf-security,l=Devuan-Security,c=main,b=amd64
     origin deb.devuan.org
 500 http://deb.devuan.org/merged beowulf/contrib amd64 Packages
     release v=3.0,o=Devuan,a=testing,n=beowulf,l=Devuan,c=contrib,b=amd64
     origin deb.devuan.org
 500 http://deb.devuan.org/merged beowulf/non-free amd64 Packages
     release v=3.0,o=Devuan,a=testing,n=beowulf,l=Devuan,c=non-free,b=amd64
     origin deb.devuan.org
 500 http://deb.devuan.org/merged beowulf/main amd64 Packages
     release v=3.0,o=Devuan,a=testing,n=beowulf,l=Devuan,c=main,b=amd64
     origin deb.devuan.org

I am receiving security updates every now and then.

rolfie

Offline

#8 2020-03-04 17:26:53

igs
Member
Registered: 2020-03-03
Posts: 4  

Re: Security Updates for Beowulf not installed automatically

LeePen wrote:

Hi,
Is the Default-release setting actually required? You only appear to have beowulf sources.

Some of my running systems have a Debian/Devuan history back to Debian Potato. I'm using private repositories e.g. for self-built backports and over the time it is often necessary to include other repositories. E.g. my more than 10 year old Zope 2.13 installation still running under Beowulf requires the 'python-virtualenv' package from Debian Wheezy.

In the 'apt policy' output above I've cut out the unrelated repositories. Sorry.

So I always use 'Default-release' on all of my systems and up to now that never was a problem.

Offline

#9 2020-03-05 18:17:55

pcalvert
Member
Registered: 2017-05-15
Posts: 215  

Re: Security Updates for Beowulf not installed automatically

Devuan ASCII has the same problem. I encountered it last year.

See: https://dev1galaxy.org/viewtopic.php?pid=14632#p14632

Phil

Freespoke is a new search engine that respects user privacy and does not engage in censorship.
Another one is called Luxxle.

Offline

Pages: 1

Board footer

Forum Software