prioritize your repositories with apt-pinning

files that are used on this topic are

patrick@stretch:~$ ls /etc/apt/apt.conf.d/70debconf /etc/apt/sources.list /etc/apt/sources.list.d /etc/apt/preferences.d/
/etc/apt/apt.conf.d/70debconf  /etc/apt/sources.list

/etc/apt/preferences.d/:
external.pref  stretch_main.pref  stretch_security_updates.pref  unstable.pref

/etc/apt/sources.list.d:
external.list  stretch_main.list  stretch_security_updates.list  unstable.list

To understand the format better visit this site: Debian Repository Format

You can just have the repositories in the sources.list file but it is recommended to create them seperately in the sources.list.d directory.
Then create equally named .pref files in the preference.d directory.

It’s a good thing to understand the meaning of the priority numbers apt uses by default so you don’t get confused along the way when you see them popup:

in short
If the target release has been specified then APT uses the following algorithm to set the priorities of the versions of a package. Assign:

priority 100
to the version that is already installed (if any).
priority 500
to the versions that are not installed and do not belong to the target release.
priority 990
to the versions that are not installed and belong to the target release.

If the target release has not been specified then APT simply assigns priority 100 to all installed package versions and priority 500 to all uninstalled package versions.

Now you know what the default priority numbers are you can set your own in your example.pref file according to the apt algorithm:

How Apt Interprets Priorities

Priorities (P) assigned in the APT preferences file must be positive or negative integers. They are interpreted as follows (roughly speaking):

P > 1000
causes a version to be installed even if this constitutes a downgrade of the package.
990 < P <=1000
causes a version to be installed even if it does not come from the target release, unless the installed version is more recent.
500 < P <=990
causes a version to be installed unless there is a version available belonging to the target release or the installed version is more recent.
100 < P <=500
causes a version to be installed unless there is a version available belonging to some other distribution or the installed version is more recent.
0 < P <=100
causes a version to be installed only if there is no installed version of the package.
P < 0
prevents the version from being installed.

I am currently using stretch RC2 which is at the time of this writing still a testing distribution. It is highly recommended not to use unstable packages as they well aren’t tested. If you download a package from a testing repository then you’re downloading a package that has been bugfree for 10 consecutive days. However if it is a desktop and you are okay with destroying it to the point of no recovery then you can use it like I do.

I highly recommend you read through the manual on your distribution

man 5 apt_preferences

This is what I’ve got
in my sources file, note that everything is commented out here or I would have a conflict with my files in the sources.list.d directory

patrick@stretch:~$ cat /etc/apt/sources.list
# 

# deb cdrom:[Debian GNU/Linux stretch-DI-rc2 _Stretch_ - Official Snapshot amd64 DVD Binary-1 20170201-11:49]/ stretch contrib main

#deb cdrom:[Debian GNU/Linux stretch-DI-rc2 _Stretch_ - Official Snapshot amd64 DVD Binary-1 20170201-11:49]/ stretch contrib main

#deb http://ftp.belnet.be/debian/ stretch main
#deb-src http://ftp.belnet.be/debian/ stretch main

#deb http://security.debian.org/debian-security stretch/updates main contrib
#deb-src http://security.debian.org/debian-security stretch/updates main contrib

#deb http://ftp.belnet.be/debian/ sid main
#deb http://ftp.belnet.be/debian/ sid contrib non-free
patrick@stretch:~$ ls /etc/apt/sources.list.d/*
/etc/apt/sources.list.d/external.list
/etc/apt/sources.list.d/stretch_main.list
/etc/apt/sources.list.d/stretch_security_updates.list
/etc/apt/sources.list.d/unstable.list

patrick@stretch:~$ cat /etc/apt/sources.list.d/*
# Debian 3rd party repositories
deb http://apt.insynchq.com/debian stretch non-free contrib
deb [arch=amd64] http://dl.google.com/linux/chrome/deb/ stable main
# -----------------------------
# Stretch main package repos
deb http://ftp.belnet.be/debian/ stretch main
deb-src http://ftp.belnet.be/debian/ stretch main
# ----------------------------
# Stretch security packages repositories
deb http://security.debian.org/debian-security stretch/updates main contrib
deb-src http://security.debian.org/debian-security stretch/updates main contrib
# -----------------------------------
# Debian Unstable repos (sid)
deb http://ftp.belnet.be/debian/ sid main
deb http://ftp.belnet.be/debian/ sid contrib non-free
# ---------------------------
patrick@stretch:~$

Note that my stretch repository is atm a testing repository as stretch is being tested. As soon as Stretch is officially released it will become a stable repository.. That is why I don’t have a testing repository in this setup đŸ™‚

patrick@stretch:~$ ls /etc/apt/sources.list.d/*
/etc/apt/sources.list.d/external.list
/etc/apt/sources.list.d/stretch_main.list
/etc/apt/sources.list.d/stretch_security_updates.list
/etc/apt/sources.list.d/unstable.list

patrick@stretch:~$ cat /etc/apt/preferences.d/*Package: *
Pin: release a=external
Pin-Priority: 500
Package: *
Pin: release a=stretch_main
Pin-Priority: 900
Package: *
Pin: release l=Debian-Security
Pin-Priority: 1000
Package: *
Pin: release a=unstable
Pin-Priority: 50

When you’re done adjusting those list or pref files don’t forget to do sudo apt-get update to have your config recognized.

In this example you can see I set the unstable repository to a priority of 50

patrick@stretch:/etc/apt/sources.list.d$ sudo apt-cache policy adduser
[sudo] wachtwoord voor patrick:
adduser:
  GeĂ¯nstalleerd: 3.115
  Kandidaat:     3.115
  Versietabel:
 *** 3.115 990
        990 http://ftp.belnet.be/debian stretch/main amd64 Packages
         50 http://ftp.belnet.be/debian sid/main amd64 Packages
        100 /var/lib/dpkg/status
patrick@stretch:~$ sudo apt-cache policy
Pakketbestanden:
 100 /var/lib/dpkg/status
     release a=now
  50 http://ftp.belnet.be/debian sid/non-free amd64 Packages
     release o=Debian,a=unstable,n=sid,l=Debian,c=non-free,b=amd64
     origin ftp.belnet.be
  50 http://ftp.belnet.be/debian sid/contrib amd64 Packages
     release o=Debian,a=unstable,n=sid,l=Debian,c=contrib,b=amd64
     origin ftp.belnet.be
  50 http://ftp.belnet.be/debian sid/main amd64 Packages
     release o=Debian,a=unstable,n=sid,l=Debian,c=main,b=amd64
     origin ftp.belnet.be
 990 http://ftp.belnet.be/debian stretch/main amd64 Packages
     release o=Debian,a=testing,n=stretch,l=Debian,c=main,b=amd64
     origin ftp.belnet.be
 500 http://dl.google.com/linux/chrome/deb stable/main amd64 Packages
     release v=1.0,o=Google, Inc.,a=stable,n=stable,l=Google,c=main,b=amd64
     origin dl.google.com
 990 http://apt.insynchq.com/debian stretch/contrib amd64 Packages
     release o=Insynchq, Inc.,n=stretch,l=Insynchq, Inc.,c=contrib,b=amd64
     origin apt.insynchq.com
 990 http://apt.insynchq.com/debian stretch/non-free amd64 Packages
     release o=Insynchq, Inc.,n=stretch,l=Insynchq, Inc.,c=non-free,b=amd64
     origin apt.insynchq.com
Vastgepinde pakketten:

Note that the debian stretch repositories are set to 990 even though I set otherwise in my own pref files.. Now why is that?

Well it is because that is what is set as my default target release in the file
/etc/apt/apt.conf.d/70debconf

patrick@stretch:~$ cat /etc/apt/apt.conf.d/
00CDMountPoint         20auto-upgrades        50unattended-upgrades
00trustcdrom           20listchanges          60gnome-software
01autoremove           20packagekit           70debconf
01autoremove-kernels   50appstream
patrick@stretch:~$ cat /etc/apt/apt.conf.d/70debconf
// Pre-configure all packages with debconf before they are installed.
// If you don't like it, comment it out.
DPkg::Pre-Install-Pkgs {"/usr/sbin/dpkg-preconfigure --apt || true";};
APT::Default-Release "stretch";
APT::Cache-Limit 100000000;
Apt::Get::Purge;
//had problems with running MMap runs out of room, so add cache-limit//
//APT::Cache-Limit "25165824";
//Server down takes too long, add timout
Acquire::http::Timeout "3";
Acquire::ftp::Timeout "3";

If I didn’t have the distro code “stretch” configured in my sources I could have configured it this way if I wanted to continuesly use the testing repositories even when stretch was officially released as a stable distro:

deb http://security.debian.org testing/updates main contrib non-free
deb-src http://security.debian.org testing/updates main contrib non-free

Do sudo apt-get update && sudo apt-get dist-upgrade to update your system on a regular basis.

if in doubt once more read the fine manual
TLDR,RTFM:

man 5 apt_preferences

When you run “apt-get -t unstable install foo”, this sets APT::Default-Release for this invocation of apt-get, but it doesn’t affect future runs. This is useful in some circumstances, but problematic in others
You can also leave the -t flag and do it this way using a forward slash

apt-get install pkgname1/stable pkgname2/stable

PS: All your sources in /etc/apt/sources.list.d are compiled to a single list in the /var/lib/apt/ directory
If you ever have a problem with that file you can rename the lists file to lists.old or something and the regenerate the file with apt-get update

patrick@debian:/var/lib/apt$ ls -ahl
total 144K
drwxr-xr-x  6 root root 4.0K May 16 12:06 .
drwxr-xr-x 61 root root 4.0K May 15 18:10 ..
-rw-r--r--  1 root root  269 Apr 20  2016 cdroms.list
-rw-r--r--  1 root root  269 Apr 20  2016 cdroms.list~
-rw-r--r--  1 root root    0 May 16 10:25 daily_lock
-rw-r--r--  1 root root  76K May 16 00:47 extended_states
drwxr-xr-x  3 root root  20K May 16 12:06 lists
drwxr-xr-x  3 root root  20K May 15 17:33 lists.old
drwxr-xr-x  3 root root 4.0K Apr 20  2016 mirrors
drwxr-xr-x  2 root root 4.0K Sep 15  2015 periodic

Sources

Debian SourcesList
Debian Testing

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s