Understanding apt-pinning in Linux



I recently moved to Debian after using other Linux distros (including Mint, Ubuntu, and Manjaro). The experience has been satisfying. However, I quickly realized the Debian packages were quite outdated, and as one who enjoys working with the latest features, I was somewhat annoyed. I needed a solution.

Don’t fret if you face a similar situation. In this article, we’ll explore the solution to outdated packages.

Excitingly, Debian has apt-pinning. Apt-pinning is a technique that allows you to selectively grab packages from another Debian release without having to switch completely to that release. So if you’re on a stable release, you are able to install packages from the testing release. Apt-pinning should be used with some level of caution (as it may leave your system broken if things go wrong). Alternatively, you can use Backports, which is considered relatively safer. Backports, as the Debian wiki puts it, are “recompiled packages from testing (mostly) and unstable (in a few cases only, e.g. security updates), so they will run without new libraries (wherever it is possible) on a stable Debian distribution.” Nonetheless, you may need apt-pinning to get some really up-to-date packages.

Getting up-to-date

Apt-pinning begins by choosing the desired release to pull from and adding the appropriate entries into the /etc/apt/sources.list file. For this example, we’re interested in packages from the Debian testing release. You can set the release in: /etc/apt/apt.conf.d/.

# Set Default Release
APT::Default-Release "stable";

# /etc/apt/sources.list
deb http://ftp.us.debian.org/debian testing main non-free contrib
deb-src http://deb.debian.org/debian/ testing main contrib non-free

The next step is to modify the /etc/apt/preferences file to set pinning rules. In this file, we will specify which versions will be installed by assigning priorities to packages. The file content will look similar to that shown below:

Package: *
Pin: release a=stable
Pin-Priority: 700

Package: *
Pin: release a=testing
Pin-Priority: 650
Package: cinnamon
Pin: release a=testing
Pin-Priority: 200

The Advanced Package Tool (APT) selects package versions based on priority value, with the highest-priority value first. In this example, stable has the highest priority. (In addition, notice that the package name, star (*) matches every package.) Likewise, a specific target package can be specified, just as in the third example. It’s important to note that the pin-priority numbers are not just arbitrary numbers. They are significant. Here’s how apt interprets priority (P) according to the main page:

P > 1000
causes a version to be installed even if this constitutes a downgrade of the package.

990 < P <=1000
causes a version to be installed even if it does not come from the target release, unless the installed version is more recent.

500 < P <=990
causes a version to be installed unless there is a version available belonging to the target release, or the installed version is more recent.

100 < P <=500
causes a version to be installed unless there is a version available belonging to some other distribution, or the installed version is more recent.

0 < P <=100
causes a version to be installed only if there is no installed version of the package.

P < 0
prevents the version from being installed.

Installing packages

Now installing the latest packages becomes easy. There are two ways to install packages:

1. No system packages will be upgraded. This will fail if dependencies are not met.

sudo apt install firefox/testing

2. System packages are upgraded, so watch out for the prompt to upgrade packages.

sudo apt install -t testing firefox

When adding more sources to pull from, you may need to increase your apt cache limit to accommodate this. This is done by editing /etc/apt/apt.conf. The number should be large enough. For example:

APT::Cache-Limit "1000000000000";

With apt-pinning, you can install the latest packages without making a complete switch to the latest release. However, as we’ve seen, apt-pinning may not always work because of dependency issues—and in that case, you should consider backports. There are situations in which you may find apt-pinning very helpful (for instance, if you want to install Kali tools or packages from another Debian-based distro). By pinning them, you can selectively install the packages without accidentally upgrading and breaking your system.

Apt-pinning also works for many Debian-based distros, including Mint and Ubuntu. For Ubuntu users, check out this community wiki to get started with pinning.

Bruno is a junior at Ashesi University College studying Computer Science. He is interested in leveraging the power of technology to increase productivity. As a big fan of open source technology, he is currently exploring the possibility of using the Bitcoin Blockchain to fight corruption in government. Bruno is a regular contributor at Fixate IO.


Click on a tab to select how you'd like to leave your comment

Leave a Comment

Your email address will not be published. Required fields are marked *

%d bloggers like this: