Tabla de contenido
Hello! Upgrading packages, sometimes you may have problems if some packages are upgraded. You may want to prevent a certain package from being upgraded, but how to hold packages on a Debian and Ubuntu Linux to prevent a specific package from being upgraded? We may want to block package updates so that packages are not updated via apt/apt-get.
In Debian or Ubuntu Linux we can withhold or block packages using the apt, apt-mark, aptitude, dpkg and dselect command options. We have multiple options, let’s see, in my opinion, the most useful ones.
Package retention when using apt-get/apt (method 1)
Normally we run the following two commands to update all packages:
root@host# sudo apt update && sudo apt upgrade
Or also:
root@host# sudo apt-get update && sudo apt-get upgrade
Step 1 – List of available updates
Run the apt command:
root@host# sudo apt list --upgradable
Step 2 – Force apt-get to retain the package named php7.4 using apt-mark
Pass the hold option to the apt-mark command as follows to mark a package as held, which will prevent the package from being installed, upgraded or removed automatically:
root@host# apt-mark hold PACKAGE
In this case:
root@host# apt-mark hold php7.4 php7.4 set on hold. root@host#
Step 3 – Display a list of waiting packages
Now to print the list of blocked packages:
apt-mark showhold
Step 4 – Cancel withholding
Do you want to cancel a hold you have previously placed on a package? You can do it this way:
root@host# apt-mark unhold PACKAGE
In our case:
root@host# apt-mark unhold php7.4
How to prevent the update of a package with the dpkg command (method 2)
The package must be installed to put it on standby when using the dpkg method. Otherwise, you will get an error like the following:
dpkg: warning: package not in status nor available database at line 1: PACKAGE
Or maybe:
dpkg: warning: found unknown packages; this might mean the available database is outdated, and needs to be updated through a frontend method;
We can put a package on hold as follows:
echo "PACKAGE_NAME hold" | dpkg --set-selections
Using the same php7.4 package for the example:
root@host# echo "php7.4 hold" | dpkg --set-selections
Obtain package status
dpkg --set-selections PACKAGE_NAME
Or also:
dpkg --set-selections | grep PACKAGE_NAME
Unblocking a package
To remove the lock on a package:
echo "PACKAGE_NAME install" | dpkg --set-selections
Using the same php7.4 package for the example:
root@host# echo "php7.4 install" | dpkg --set-selections
Blocking package updates with the aptitude command (method 3)
Unlike the previous one, this method works with both installed and uninstalled packages.
To blacklist a package we must execute the following command:
aptitude hold PACKAGE
Following the previous examples, with the php7.4 package it would be:
root@host# aptitude hold php7.4
We can also prevent a package from being upgraded to a particular version, while allowing automatic upgrades to future versions. This is useful, for example, to prevent an unwanted version of a package from being installed. Imagine we have php=7.4.2 and we don’t want to upgrade to php=7.4.4 because it has a security bug (it’s made up, I haven’t checked if it’s true). We can prevent it from upgrading like this:
aptitude forbid-version PACKAGE=VERSION
In other words (it is an invented version of the package:
aptitude forbid-version php7.4=7.4.4-0ubuntu2.10
After blocking a package in the above ways, if you run the aptitude upgrade command and detect updates for the retained package you will see something similar to this:
30 packages upgraded, 0 newly installed, 0 to remove and 1 not upgraded.