Apt Pinning and You: Living on the Edge with #! (Page 1 of 7)

#! is based on Debian, a great GNU+Linux distribution. It has stable, secure, well tested, old packages. But sometimes you want or need something newer. That is where the testing, unstable, and experimental sources come in. Read on to learn how.

Warnings, etc.

Stop reading this now. You may break things. Seriously, stop reading. This could really mess up your system stability and security. Testing, unstable, and experimental don't get security updates. They also contain packages that have had far less testing and may break things horribly. Don't say I didn't warn you. Make sure to make a backup of any file you edit, so you can easily roll back any changes. I usually save all my backups with a common extension, my initials, like so:

cp fileiambacking.up fileiambacking.up.rcl

To find all of the files i have edited I can simply locate .rcl.

Setup

First you will need to edit /etc/apt/sources.list. Here is mine, use it as an example to add the testing, unstable, and experimental repositories to your own. You can find a list of Debian mirrors here.

## CRUNCHBANG
# Compatible with Debian Squeeze, but use at your own risk.
deb http://packages.crunchbanglinux.org/statler statler main

## DEBIAN
#STABLE
deb http://ftp.us.debian.org/debian/ squeeze main contrib non-free
deb http://ftp.us.debian.org/debian squeeze-updates main contrib non-free
#TESTING
deb http://ftp.us.debian.org/debian/ testing main contrib non-free
#UNSTABLE
deb http://ftp.us.debian.org/debian/ unstable main contrib non-free
#EXPERIMENTAL
deb http://ftp.us.debian.org/debian/ experimental main contrib non-free

## DEBIAN SECURITY
#STABLE
deb http://security.debian.org/ squeeze/updates main contrib non-free
#TESTING
deb http://security.debian.org/ wheezy/updates main contrib non-free

## DEBIAN BACKPORTS
deb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free

Now we need to make sure these new sources do not update every package on our system. Open /etc/apt/preferences and replace its contents with the following.

Package: *
Pin: release a=testing
Pin-Priority: 400

Package: *
Pin: release a=unstable
Pin-Priority: 300

Now you can sudo apt-get update. To check if things are working open a terminal and run the following:

apt-cache policy chromium-browser

It should return something like this:

brick@brack:~$ apt-cache policy chromium-browser
chromium-browser:
  Installed: (none)
  Candidate: 9.0.597.45~r70550-1
  Version table:
     10.0.648.205~r81283-1 0
        300 http://ftp.ca.debian.org/debian/ unstable/main i386 Packages
     9.0.597.45~r70550-1 0
        990 http://packages.crunchbanglinux.org/statler/ statler/main i386 Packages
     6.0.472.63~r59945-5+squeeze4 0
        500 http://ftp.ca.debian.org/debian/ squeeze/main i386 Packages
        400 http://ftp.ca.debian.org/debian/ testing/main i386 Packages
        500 http://security.debian.org/ squeeze/updates/main i386 Packages

The statler version of chromium-browser should have the highest priority, as it has in my example. If it looks good do a sudo apt-get update && sudo apt-get upgrade. If apt wants to replace half your system, don't do it. Leave a comment here, and roll back your changes for now. If not, you can start using the new sources.

Usage

To check what versions of a package are available:

apt-cache policy $package_name

This will give you a list of all versions of $package_name and what repositories they are in.

There are two ways to install from the testing, unstable, and experimental sources.

sudo apt-get install $package_name/unstable

This will install $package_name from unstable, but pull any dependencies from stable. If it is unable to meet any dependencies it will fail, and tell you why.

sudo apt-get -t experimental install $package_name

This will install $package_name and all of its dependencies from experimental. Take a close look at any dependencies that are being upgraded. This is where things could get dangerous.

Note by anonymous: I highly recommend using this second method as often times packages will have specific version dependencies in testing/unstable/experimental.

apt-show-versions is also a handy package to keep track of what you have installed from outside stable.
Install the apt-show-versions command:

apt-get install apt-show-versions

List the packages from various repos:

apt-show-versions | grep /testing
apt-show-versions | grep /unstable
apt-show-versions | grep /experimental

Errata

It should work this way. If a higher version of a package is available in a more "stable" repository it will be installed. I have observed this on a few packages on my system; for instance, I originally installed nvidia-kernel-dkms from the experimental repository, and then it moved from experimental --> unstable --> testing while updating. There is a newer version in experimental, but I have to install that manually.

UPDATE May 2 2011
My instructions will keep a stable base and let you install packages from other repositories. If you would rather have a rolling release #! based on testing/unstable check out the instructions jotapesse posted here. Thanks jotapesse, for the how to, and for helping me improve mine as well!

For more information:
This might help if things go horribly
AptPreferences - Debian Wiki
Apt Pinning for Beginners
Debian pinning errata
man apt_preferences
This was mostly stolen from these pages.

Last edited by hardran3 (2011-06-02 01:33:02)