Pinning Debian Unstable Packages

Serge Y. Stroobandt

Copyright 2013–2016, licensed under Creative Commons BY-NC-SA

Introduction

So it happened that Debian Testing fell behind in a handful of packages that are essential to my tool chain. However, Debian package search revealed that new versions of the out-of-date packages are available in the Debian Unstable repository, also known by the Toy Story character name “Sid”. Great, but proceed with care if you cherish a stable computing system!

Setting pin-priorities

First and foremost, you should prevent all installed packages from upgrading to Unstable versions before unsuspectingly adding the Debian Unstable repository. Ignoring this good advice would at the very least –and as the repository name indicates– render your system unstable or worse; unusable. If you follow below instructions, refreshing the Update Manager should indicate only a few recommended package updates, certainly not thousands. If this is not the case, do not proceed and check again!

To avoid an undesired massive upgrade to Unstable, you will need to tell apt your preferences. The process involves pinning packages with a certain pin-priority to specific version archives. Already installed packages with a pin-priority lower than 500 will not be upgraded.¹

$ sudo nano /etc/apt/preferences

The example that I have at hand is for a Linux Mint Debian Edition (LMDE) system. Apart from a couple of trivial adaptations, below code snippet serves well as a generic example for any Debian distribution. I added the last preference rule as well as the a=testing in the next-to-last rule. According to man apt_preferences, o= stands for “origin” and a= for “archive”.

Package: *
Pin: release o=linuxmint
Pin-Priority: 700

Package: *
Pin: origin packages.linuxmint.com
Pin-Priority: 700

Package: *
Pin: release o=Debian a=testing
Pin-Priority: 500

Package: *
Pin: release a=unstable
Pin-Priority: 490

By the way, LMDE also has a “romeo” unstable repository. This repository is of little use here, as most of the time it is just plain empty. Only right before a new LMDE Update Pack, will it contain packages for evaluation.

Adding Unstable repositories

Once /etc/apt/preferences is properly configured, it is safe to add the Debian Unstable repositories. This can either be done by directly editing the file /etc/apt/sources.list or, much more conveniently, by adding the repositories via Settings > Repositories > Other Software in the Synaptic Package Manager.

“Repositories” is written in plural, simply because the source repository also needs to be included. This is because a small minority of Debian packages are not pre-compiled and therefore require their source code in order to compile on your system.

To optimise download speed, choose a nearby Unstable repository with the help of the Debian Sources List Generator. In my case, being located in Belgium, I added:

deb http://ftp.be.debian.org/debian unstable main contrib non-free
deb-src http://ftp.be.debian.org/debian unstable main contrib non-free

Hand-picking Unstable packages

Here is how you can get the Unstable versions of only those packages that really require it. This is most easily done from the Synaptic Package Manager menu; first, click on Reload, then select Package > Force Version... or simply hit [Ctrl]+[E].

You will now be able to select the Unstable version of the package. If all dependencies are met, the package will be marked for upgrade. If not, it will be marked as broken; do not proceed without first resolving all missing dependencies. When done, click on Apply to upgrade.

Hit and run

Once you have installed the new package versions from Unstable, there is no need to keep on tracking this repository. As a matter of fact, tracking a multitude of repositories significantly slows down ordinary apt-get updates. Moreover, the LMDE Update Manager is neither to happy with pointing directly to Debian repositories; it complains with the following warning:

Your system is pointing to ftp.debian.org and debian.linuxmint.com.
These repositories conflict with each other.

Finally, Debian Unstable packages have not undergone any security nor quality audit. The only thing one can say with any certainty is that it was compiled on the developer’s system.

Therefore, it is recommended to deactivate the previously added Debian Unstable repositories as soon as you are done. Again, you can do so by commenting them out in /etc/apt/sources.list or, more easily, by deselecting them via Settings > Repositories > Other Software in the Synaptic Package Manager.

References

Raphaël Hertzog, Roland Mas. The Debian adminstrator’s handbook. In:; 2012:p.114. http://debian-handbook.info

This work is licensed under a Creative Commons Attribution‑NonCommercial‑ShareAlike 4.0 International License.
Other licensing available on request.

Unless otherwise stated, all originally authored software on this site is licensed under the terms of GNU GPL version 3.

This static web site has no backend database.
Hence, no personal data is collected and GDPR compliance is met.
Moreover, this domain does not set any first party cookies.

All Google ads shown on this web site are, irrespective of your location,
restricted in data processing to meet compliance with the CCPA and GDPR.
However, Google AdSense may set third party cookies for traffic analysis and
use JavaScript to obtain a unique set of browser data.
Your browser can be configured to block third party cookies.
Furthermore, installing an ad blocker like EFF's Privacy Badger
will block the JavaScript of ads.
Google's ad policies can be found here.

This page employs a