You are not logged in.
I've set default release to 'beowulf' in /etc/apt/apt.conf.d/Default-release
So Beowulf packages get apt priority 990. So far correct.
Also I like to get security updates. So I have the following line in my sources.list file:
deb http://auto.mirror.devuan.org/merged beowulf-security main
Unfortunately security updates become not installed automatically as these packages get priority 500. Sample:
# apt policy php7.3
php7.3:
Installed: 7.3.14-1~deb10u1
Candidate: 7.3.14-1~deb10u1
Version table:
*** 7.3.14-1~deb10u1 500
500 http://auto.mirror.devuan.org/merged beowulf-security/main amd64 Packages
100 /var/lib/dpkg/status
7.3.11-1~deb10u1 990
990 http://auto.mirror.devuan.org/merged beowulf/main amd64 Packages
(The package was upgraded manually)
Due to I still have a Buster server running (sorry) I see that in Debian the security updates get priority 990 too when Default-release is set to 'buster'. So security updates become installed automatically.
# apt policy php7.3
php7.3:
Installed: (none)
Candidate: 7.3.14-1~deb10u1
Version table:
7.3.14-1~deb10u1 990
990 http://security.debian.org/debian-security buster/updates/main amd64 Packages
990 http://security.debian.org/debian-security buster/updates/main i386 Packages
7.3.11-1~deb10u1 990
990 http://ftp2.de.debian.org/debian buster/main amd64 Packages
990 http://ftp2.de.debian.org/debian buster/main i386 Packages
Is this intended or a bug or do I something wrong?
Is there an easy workaround by pinning?
Thanks
Offline
auto.mirror has been deprecated for a long time. Also Country Codes are not currently available for Devuan. Please try deb.devuan.org to see if that fixes things.
Online
thanks, but that does not help.
The 'apt policy' command helps a little bit forward:
Devuan:
# apt policy
Package files:
100 /var/lib/dpkg/status
release a=now
500 http://deb.devuan.org/merged beowulf-security/main amd64 Packages
release v=3.0.0,o=Devuan,a=testing-security,n=beowulf-security,l=Devuan-Security,c=main,b=amd64
origin deb.devuan.org
500 http://deb.devuan.org/merged beowulf-updates/main amd64 Packages
release v=3.0.0,o=Devuan,a=testing-updates,n=beowulf-updates,l=Devuan,c=main,b=amd64
origin deb.devuan.org
990 http://deb.devuan.org/merged beowulf/main amd64 Packages
release v=3.0,o=Devuan,a=testing,n=beowulf,l=Devuan,c=main,b=amd64
origin deb.devuan.org
Pinned packages:
systemd-sysv -> 44-11+deb7u4 with priority -1
Debian:
# apt policy
Package files:
100 /var/lib/dpkg/status
release a=now
500 http://ftp2.de.debian.org/debian buster-updates/main i386 Packages
release o=Debian,a=stable-updates,n=buster-updates,l=Debian,c=main,b=i386
origin ftp2.de.debian.org
500 http://ftp2.de.debian.org/debian buster-updates/main amd64 Packages
release o=Debian,a=stable-updates,n=buster-updates,l=Debian,c=main,b=amd64
origin ftp2.de.debian.org
990 http://security.debian.org/debian-security buster/updates/main i386 Packages
release v=10,o=Debian,a=stable,n=buster,l=Debian-Security,c=main,b=i386
origin security.debian.org
990 http://security.debian.org/debian-security buster/updates/main amd64 Packages
release v=10,o=Debian,a=stable,n=buster,l=Debian-Security,c=main,b=amd64
origin security.debian.org
990 http://ftp2.de.debian.org/debian buster/main i386 Packages
release v=10.3,o=Debian,a=stable,n=buster,l=Debian,c=main,b=i386
origin ftp2.de.debian.org
990 http://ftp2.de.debian.org/debian buster/main amd64 Packages
release v=10.3,o=Debian,a=stable,n=buster,l=Debian,c=main,b=amd64
origin ftp2.de.debian.org
Pinned packages:
As it can be seen, Debian sets the 'a=' and 'n=' to the same value for security and the main repo while Devuan sets different values.
So the question is: Is there a good reason to do that or it is a bug?
Offline
It seems to be there:
https://pkginfo.devuan.org/cgi-bin/d1pk … se=beowulf
Sorry, I haven't a clue.
Online
So I've found a workaround by creating
/etc/apt/preferences.d/security.pref
with the following content:
Package: *
Pin: release n=beowulf-security
Pin-Priority: 990
But from my point of view this is a workaround and not a fix. Adding the security repository in the 'sources.list' file should be enough and instantly enable installing security fixes.
I'm sure the problem is located in the 'Release' file of the repository.
Is there a place where I can open an issue for that? 'reportbug' seems not to work for that as the problem here is not package related but repository related.
Offline
Hi,
Is the Default-release setting actually required? You only appear to have beowulf sources.
I have a beowulf VM that installs security updates fine without Default-release being set. Both beowulf and beowulf-security being priority 500.
If you want to report this as a bug, then amprolla is the correct package to report against using reportbug. It is a pseudo-package so you will need to put 'other' at the first package prompt to get to the list of available pseudopackages.
Mark
Offline
This is from a native Beowulf installed from a netinstall image last spring/summer:
apt policy
Paketdateien:
100 /var/lib/dpkg/status
release a=now
500 http://deb.devuan.org/merged beowulf-updates/main amd64 Packages
release v=3.0.0,o=Devuan,a=testing-updates,n=beowulf-updates,l=Devuan,c=main,b=amd64
origin deb.devuan.org
500 http://deb.devuan.org/merged beowulf-security/non-free amd64 Packages
release v=3.0.0,o=Devuan,a=testing-security,n=beowulf-security,l=Devuan-Security,c=non-free,b=amd64
origin deb.devuan.org
500 http://deb.devuan.org/merged beowulf-security/main amd64 Packages
release v=3.0.0,o=Devuan,a=testing-security,n=beowulf-security,l=Devuan-Security,c=main,b=amd64
origin deb.devuan.org
500 http://deb.devuan.org/merged beowulf/contrib amd64 Packages
release v=3.0,o=Devuan,a=testing,n=beowulf,l=Devuan,c=contrib,b=amd64
origin deb.devuan.org
500 http://deb.devuan.org/merged beowulf/non-free amd64 Packages
release v=3.0,o=Devuan,a=testing,n=beowulf,l=Devuan,c=non-free,b=amd64
origin deb.devuan.org
500 http://deb.devuan.org/merged beowulf/main amd64 Packages
release v=3.0,o=Devuan,a=testing,n=beowulf,l=Devuan,c=main,b=amd64
origin deb.devuan.org
I am receiving security updates every now and then.
rolfie
Offline
Hi,
Is the Default-release setting actually required? You only appear to have beowulf sources.
Some of my running systems have a Debian/Devuan history back to Debian Potato. I'm using private repositories e.g. for self-built backports and over the time it is often necessary to include other repositories. E.g. my more than 10 year old Zope 2.13 installation still running under Beowulf requires the 'python-virtualenv' package from Debian Wheezy.
In the 'apt policy' output above I've cut out the unrelated repositories. Sorry.
So I always use 'Default-release' on all of my systems and up to now that never was a problem.
Offline
Devuan ASCII has the same problem. I encountered it last year.
See: https://dev1galaxy.org/viewtopic.php?pid=14632#p14632
Phil
Offline