How to Disable/Lock or Blacklist Package Updates using Apt Tool

APT means Advanced Packaging Tool is another package manager found on Linux based systems. Initially designed as a front-end for dpkg to work with .deb packages, apt has succeeded to show his visibility on...

Spread the love

APT means Advanced Packaging Tool is another package manager found on Linux based systems. Initially designed as a front-end for dpkg to work with .deb packages, apt has succeeded to show his visibility on Mac OS, Open Solaris etc.

Disable Package Updates in Debian and Ubuntu Using APT

Disable Package Updates in Debian and Ubuntu Using APT

Want to learn and master about APT and DPKG commands to manage Debian package management, then use our in-depth articles which will cover more than 30+ examples on both tools.

In this article we will see various techniques to disable/lock package from install, upgrade and remove in Debian Linux and its derivatives such as Ubuntu and Linux Mint.

1. Disable/Lock Package Using ‘apt-mark’ with hold/unhold Option

The command apt-mark will mark or unmark a software package as being automatically installed and it is used with option hold or unhold.

  1. hold – this option used to mark a package as held back, which will block the package from being installed, upgraded or removed.
  2. unhold – this option used to remove a previously set hold on a package and allow to install, upgrade and remove package.


For example, for making a package say apache2 unavailable for install, up-gradation or uninstall, you can use following command at the terminal with root privileges:

# apt-mark hold apache2

To make this package available for update, just replace ‘hold‘ with ‘unhold‘.

# apt-mark unhold apache2
Hold Package Update in Ubuntu

Hold Package Update in Ubuntu/Debian

Blocking Package Updates Using APT Preferences File

Another way to block updates of a specific package is to add its entry in /etc/apt/preferences or /etc/apt/preferences.d/official-package-repositories.pref file. This file holds responsibility of updating or blocking certain package updates according to priority specified by the user.

To block the package, you just need to enter its name, additional feature, and to what priority you want to take it to. Here, priority < 1 would block the package.

For blocking any package, just enter its details in file /etc/apt/preferences like this:

Package: <package-name> (Here, '*' means all packages)
Pin: release *
Pin-Priority: <less than 0>

For example to block updates for package apache2 add the entry as shown:

Package: apache2
Pin: release o=Ubuntu
Pin-Priority: 1
Block Package Update Using Preference File

Block Package Update Using Preference File

We can use other options with release keyword for further identifying the package on which we are applying the Pin Priority. Those keywords are:

  1. a -> Archive
  2. c -> Component
  3. o -> Origin
  4. l -> Label
  5. n -> Architecture

like:

Pin: release o=Debian,a=Experimental

Would mean to pull the stated package from Debian package experimental archive.

Blacklist a Package Update using APT Autoremove File

Another way to blacklist a package from installation is to update its entry in one of the files contained in /etc/apt/apt.conf.d/ directory which is 01autoremove.

Sample file is shown below:

APT
{
NeverAutoRemove
{ "^firmware-linux.*"; "^linux-firmware$";
};
VersionedKernelPackages
{
# linux kernels "linux-image"; "linux-headers"; "linux-image-extra"; "linux-signed-image";
# kfreebsd kernels "kfreebsd-image"; "kfreebsd-headers";
# hurd kernels "gnumach-image";
# (out-of-tree) modules ".*-modules"; ".*-kernel"; "linux-backports-modules-.*";
# tools "linux-tools";
};
Never-MarkAuto-Sections
{ "metapackages"; "restricted/metapackages"; "universe/metapackages"; "multiverse/metapackages"; "oldlibs"; "restricted/oldlibs"; "universe/oldlibs"; "multiverse/oldlibs";
};
};

Now, for blacklisting any package, just need to enter its name in Never-MarkAuto-Sections. Just enter the name of the package at the end in Never-MarkAuto-Section and Save and Close the file. This would block apt for searching for further updates of that package.

For example, to blacklist a package from being update add the entry as shown:

Never-MarkAuto-Sections
{ "metapackages"; "restricted/metapackages"; "universe/metapackages"; "multiverse/metapackages"; "oldlibs"; "restricted/oldlibs"; "universe/oldlibs"; "multiverse/oldlibs";
"apache2*";
};
};

Custom Package Selection for Update

Another alternative for this is to choose what you want to update. The apt tool gives you freedom to choose what you want to update, but for this you should have knowledge about what all packages are available for up-gradation.

For such a thing, following set of commands can prove to be helpful:

a. To List what packages have updates pending.

# apt-get -u -V upgrade

b. To install only selective packages.

# apt-get --only-upgrade install <package-name>
Update Selected Packages

Update Selected Packages

Conclusion

In this article, we’ve explained few ways to disable/block or blacklist package updates using APT way. If you know any other preferred way, do let us know via comments or if you were looking for yum command to disable/lock package update, then read this below article.

Facebook Comments
Spread the love

Posted by News Monkey