Free Hosting Online for WorkStations

< Previous | Contents | Next >

8.3.2. Managing Package Priorities‌


One of the most important aspects in the configuration of APT is the management of the priori- ties associated with each package source. For instance, you might want to extend your Kali Rolling system with one or two newer packages from Debian Unstable or Debian Experimental. It is pos- sible to assign a priority to each available package (the same package can have several priorities depending on its version or the distribution providing it). These priorities will influence APT’s behavior: for each package, it will always select the version with the highest priority (except if this version is older than the installed one and its priority is less than 1000).

APT defines several default priorities. Each installed package version has a priority of 100. A non- installed version has a priority of 500 by default but it can jump to 990 if it is part of the target release (defined with the -t command-line option or the APT::Default-Release configuration direc- tive).

You can modify the priorities by adding entries in the /etc/apt/preferences file with the names of the affected packages, their version, their origin and their new priority.

APT will never install an older version of a package (that is, a package whose version number is lower than the one of the currently installed package) except when its priority is higher than 1000. APT will always install the highest priority package that follows this constraint. If two packages have the same priority, APT installs the newest one (whose version number is the highest). If two packages of same version have the same priority but differ in their content, APT installs the version that is not installed (this rule has been created to cover the case of a package update without the increment of the revision number, which is usually required).

In more concrete terms, a package whose priority is less than 0 will never be installed. A package with a priority ranging between 0 and 100 will only be installed if no other version of the package is already installed. With a priority between 100 and 500, the package will only be installed if there

is no other newer version installed or available in another distribution. A package of priority between 501 and 990 will only be installed if there is no newer version installed or available in the target distribution. With a priority between 990 and 1000, the package will be installed except if the installed version is newer. A priority greater than 1000 will always lead to the installation of the package even if it forces APT to downgrade to an older version.

When APT checks /etc/apt/preferences, it first takes into account the most specific entries (often those specifying the concerned package), then the more generic ones (including for exam- ple all the packages of a distribution). If several generic entries exist, the first match is used. The available selection criteria include the package’s name and the source providing it. Every package source is identified by the information contained in a Release file that APT downloads together with the Packages files. These files specify the origin, usually “Kali” for the packages from Kali’s official mirrors and “Debian” for the packages from Debian’s official mirrors, but the origin can also be a person’s or an organization’s name for third-party repositories. The Release file also provides the name of the distribution together with its version. Let’s have a look at its syntax through some realistic case studies of this mechanism.



Priority of If you listed kali-bleeding-edge or Debian experimental in your sources.list file, Kali-Bleeding-Edge and the corresponding packages will almost never be installed because their default APT Debian Experimental priority is 1. This is of course a specific case, designed to keep users from installing bleeding edge packages by mistake. The packages can only be installed by typing apt

install package/kali-bleeding-edge, assuming of course that you are aware of the risks and potential headaches of life on the edge. It is still possible (though not rec- ommended) to treat packages of kali-bleeding-edge/experimental like those of other distributions by giving them a priority of 500. This is done with a specific entry in

/etc/apt/preferences:

Package: *

Pin: release a=kali-bleeding-edge Pin-Priority: 500


Let’s suppose that you only want to use packages from Kali and that you only want Debian pack- ages installed when explicitly requested. You could write the following entries in the /etc/apt/ preferences file (or in any file in /etc/apt/preferences.d/):


Package: *

Pin: release o=Kali Pin-Priority: 900


Package: *

Pin: release o=Debian Pin-Priority: -10

Package: *

Pin: release o=Kali Pin-Priority: 900


Package: *

Pin: release o=Debian Pin-Priority: -10

In the last two examples, you have seen a=kali-bleeding-edge, which defines the name of the se- lected distribution and o=Kali and o=Debian, which limit the scope to packages whose origin are Kali and Debian, respectively.

Let’s now assume that you have a server with several local programs depending on the version 5.22 of Perl and that you want to ensure that upgrades will not install another version of it. You could use this entry:


Package: perl

Pin: version 5.22* Pin-Priority: 1001

Package: perl

Pin: version 5.22* Pin-Priority: 1001


The reference documentation for this configuration file is available in the manual page apt_pref erences(5), which you can display with man apt_preferences.


Adding Comments in There is no official syntax for comments in /etc/apt/preferences, but some textual

/etc/apt/preferences descriptions can be provided by prepending one or more Explanation fields into each entry:

Explanation: The package xserver-xorg-video-intel provided Explanation: in experimental can be used safely

Package: xserver-xorg-video-intel Pin: release a=experimental

Pin-Priority: 500


Top OS Cloud Computing at OnWorks: