Apt pinning, How to install and upgrade debian packages selectively

Apt it could be used to manage packages effectively in any debian based distro. Install some package which not available with the current release from a upstream release or upgrade the system without upgrading certain components like the kernel, bootloader, graphics driver etc. etc.


So what is the problem ?

Debain satble is good for server environments for it’s stability, but somewhat obsolate for a regular use desktop system. The same way, debian testing and unstable packeges are too unstable, the are updated daily.

That’s when apt pinning is useful, with apt pinning you could mix up debian stable, testing, and unstable packages, and keep some old packages while upgrading the system. The same thing applies on Ubuntu, Linux Mint, Bodhi Linux etc. too.

Before going further, you should have a clear view of apt and dpkg, some basic idea about the /etc/apt/sources.list and /etc/apt/preferances file.


1. Adding package source repository

The first step is to add some package repository URLs to the /etc/apt/sources.list file. If you don’t know how to do this, have a look at this article about apt.

Here is an example of sources.list file for current debian stable (jessie, Debian 8).

deb http://ftp.us.debian.org/debian/ jessie main contrib non-free
deb-src http://ftp.us.debian.org/debian/ jessie main contrib non-free

Another example for current Debian testing, stretch

deb http://ftp.us.debian.org/debian/ stretch main contrib non-free
deb-src http://ftp.us.debian.org/debian/ stretch main contrib non-free

Debian unstable, Sid repository

deb http://ftp.us.debian.org/debian/ sid main contrib non-free
deb-src http://ftp.us.debian.org/debian/ sid main contrib non-free

The deb-src line is not absolutely necessary, but required if you want to install some application from source code.

NOTE: If you are using Debian testing, don’t add the stable repository URLs at the sources.list file.


2. Apt preferances

The /etc/apt/preferences file may or may not exeist on your system, but there may be /etc/apt/preferences.d/ directory from where it reads all preferances. It is recommanded to add personal apt preferences under this directory, just create put your personal preferences under this directory with any name you like.

APt preferances example:

Package: *
Pin: release a=stable
Pin-Priority: 700

Another apt preference example.

Package: linux-image-amd64
Pin: release *
Pin-Priority: -1

How to add your own apt preference pin:

Watch the two example above, a pin preference contains 3 main parameters, Package, Pin and Pin-Priority .

  1. The * is a wildcard, *  means every available package, add your specific package name here.
  2. Release Pin, replace a=stable with your preferred version, like release a=jessie-backports .
  3. Pin-Priority numbers, higher number means more preferance, -1 equals to ignore that package.

Apt pinning multiple packages in one line

This is very useful if you dont want to hold many package while upgrading the system. This is done by using the / , | and * wildcard symbols.

  1. Pinning all package that conatins linux
    Package: /linux/
    Pin: release a=stretch
    Pin-Priority: 1000
  2. Piniining all packages that contains linux and lib32
    Package: /(linux|lib32)/
    Pin: release a=stretch
    Pin-Priority: 1000
  3. Pinning all packages that starts with php
    Package: php*
    Pin: release a=stretch
    Pin-Priority: 1000


3. Update the system and install packages.

After setting up your preferences, now update the system and install required packages with sodo apt-get install package_name .
Install a package from testing repository.

sudo apt-get -t testing install package_name
sudo apt-get -t sid install package_name
sudo apt-get -t stretch install kwin-x11  #example


4. How not to upgrade a package while upgrading the whole system

This could be done by setting a apt pin priority less than zero (0). Lets think you dont want to upgrade the kernel and nvidia grephics driver while upgrading,

Package: /(linux|nvidia)/
Pin: release *
Pin-Priority: -5


Quirky nature of debian testing / debian unstable packages make some for a production system. Nobody want to update/upgrade the system every week, install a new kernel, build all associated modules with that kernel and so may of them. I hope this tutorial will help you to understand apt pinning more clearly. If you have any further question, please leave comments.

Leave a Reply

Your email address will not be published. Required fields are marked *