On Fri 10 May 2019 at 20:14:20 (+0200), Sven Joachim wrote: > On 2019-05-08 13:14 -0500, David Wright wrote: > > > I'm trying to ascertain what APT::Default-Release can do for me, > > and what it constrains. In the output that follows, why does > > APT::Default-Release prevent firefox from being upgraded? > > Because stretch-updates ≢ stretch, see bug #173215[1] (with > -proposed-updates rather than -updates).
Thanks for the reply. (I had just pointed out elsewhere that no answer had been forthcoming, so you've made a liar of me!) Perhaps a note to that effect might have been added to man apt.conf which was written (or revised) 14 years after the bug surfaced. Does this mean APT::Default-Release is a security risk, or is the behaviour of stretch/updates different from that of stretch-updates because of the slash? (I don't find the deb lines in sources.list easy to parse as a human.) > > I comment out the APT::Default-Release line and repeat after the > > ##########. The necessary packages are in apt-cacher-ng's cache > > all the time. > > > > # cat /etc/apt/apt.conf > > # Fetch updates through apt-cacher-ng. > > Acquire::http::Proxy "http://192.168.1.17:3142/";; > > APT::Default-Release "stretch"; > > # > > > > # apt-cache policy firefox-esr > > firefox-esr: > > Installed: 60.6.1esr-1~deb9u1 > > Candidate: 60.6.1esr-1~deb9u1 > > Version table: > > 60.6.2esr-1~deb9u1 500 > > 500 http://ftp.us.debian.org/debian stretch-updates/main amd64 > > Packages > > *** 60.6.1esr-1~deb9u1 990 > > 990 http://ftp.us.debian.org/debian stretch/main amd64 Packages > > 990 http://security.debian.org/debian-security stretch/updates/main > > amd64 Packages > > 100 /var/lib/dpkg/status > > > You can work around that via preferences, e.g. > > Package: * > Pin: release n=stretch-updates > Pin-Priority: 990 > > to give each package in stretch-updates the same priority as you get for > stretch via APT::Default-Release. See apt_preferences(5). I'll try that out; this new FF release is a useful test case. Thanks. Cheers, David.
