APT means Advanced Packaging Tool is another package manager found on Linux based systems. Initially designed as a front-end for dpkg to work with .deb packages, apt has succeeded to show his visibility on Mac OS, Open Solaris etc.
Want to learn and master about APT and DPKG commands to manage Debian package management, then use our in-depth articles which will cover more than 30+ examples on both tools.
In this article we will see various techniques to disable/lock package from install, upgrade and remove in Debian Linux and its derivatives such as Ubuntu and Linux Mint.
1. Disable/Lock Package Using ‘apt-mark’ with hold/unhold Option
The command apt-mark will mark or unmark a software package as being automatically installed and it is used with option hold or unhold.
- hold – this option used to mark a package as held back, which will block the package from being installed, upgraded or removed.
- unhold – this option used to remove a previously set hold on a package and allow to install, upgrade and remove package.
For example, for making a package say apache2
unavailable for install, up-gradation or uninstall, you can use following command at the terminal with root privileges:
# apt-mark hold apache2
To make this package available for update, just replace ‘hold‘ with ‘unhold‘.
# apt-mark unhold apache2
Blocking Package Updates Using APT Preferences File
Another way to block updates of a specific package is to add its entry in /etc/apt/preferences
or /etc/apt/preferences.d/official-package-repositories.pref
file. This file holds responsibility of updating or blocking certain package updates according to priority specified by the user.
To block the package, you just need to enter its name, additional feature, and to what priority you want to take it to. Here, priority < 1
would block the package.
For blocking any package, just enter its details in file /etc/apt/preferences
like this:
Package: <package-name> (Here, '*' means all packages) Pin: release * Pin-Priority: <less than 0>
For example to block updates for package apache2 add the entry as shown:
Package: apache2 Pin: release o=Ubuntu Pin-Priority: 1
We can use other options with release keyword for further identifying the package on which we are applying the Pin Priority. Those keywords are:
- a -> Archive
- c -> Component
- o -> Origin
- l -> Label
- n -> Architecture
like:
Pin: release o=Debian,a=Experimental
Would mean to pull the stated package from Debian package experimental archive.
Blacklist a Package Update using APT Autoremove File
Another way to blacklist a package from installation is to update its entry in one of the files contained in /etc/apt/apt.conf.d/
directory which is 01autoremove.
Sample file is shown below:
APT { NeverAutoRemove { "^firmware-linux.*"; "^linux-firmware$"; }; VersionedKernelPackages { # linux kernels "linux-image"; "linux-headers"; "linux-image-extra"; "linux-signed-image"; # kfreebsd kernels "kfreebsd-image"; "kfreebsd-headers"; # hurd kernels "gnumach-image"; # (out-of-tree) modules ".*-modules"; ".*-kernel"; "linux-backports-modules-.*"; # tools "linux-tools"; }; Never-MarkAuto-Sections { "metapackages"; "restricted/metapackages"; "universe/metapackages"; "multiverse/metapackages"; "oldlibs"; "restricted/oldlibs"; "universe/oldlibs"; "multiverse/oldlibs"; }; };
Now, for blacklisting any package, just need to enter its name in Never-MarkAuto-Sections
. Just enter the name of the package at the end in Never-MarkAuto-Section
and Save and Close the file. This would block apt for searching for further updates of that package.
For example, to blacklist a package from being update add the entry as shown:
Never-MarkAuto-Sections { "metapackages"; "restricted/metapackages"; "universe/metapackages"; "multiverse/metapackages"; "oldlibs"; "restricted/oldlibs"; "universe/oldlibs"; "multiverse/oldlibs"; "apache2*"; }; };
Custom Package Selection for Update
Another alternative for this is to choose what you want to update. The apt tool gives you freedom to choose what you want to update, but for this you should have knowledge about what all packages are available for up-gradation.
For such a thing, following set of commands can prove to be helpful:
a. To List what packages have updates pending.
# apt-get -u -V upgrade
b. To install only selective packages.
# apt-get --only-upgrade install <package-name>
Conclusion
In this article, we’ve explained few ways to disable/block or blacklist package updates using APT way. If you know any other preferred way, do let us know via comments or if you were looking for yum command to disable/lock package update, then read this below article.
These tips do not work for me at all.
apt-mark hold has no effect at all. I can install the package afterward without any problems.
Using a preferences file makes it impossible to install any software via aptitude but not only the package intended. So I have to search at some other place for valuable tips to block apt package installations
“Blocking Package Updates” and “Blacklisting Package Updates” sections of the articles are confusing as written.
I am using MX Linux. There are no “/etc/apt/preferences” or “/etc/apt/preferences.d/official-package-repositories.pref” files on my system. Do I have to create one of them?
“Another way to blacklist a package from installation is to update its entry in one of the files contained in /etc/apt/apt.conf.d/ directory which is 01autoremove.”
Why not just give the full path of the file as “/etc/apt/apt.conf.d/01autoremove“? The way the sentence is written it is confusing.
Can You add EXAMPLE of “How to block multiple packages from update”, I mean, can I add them like this:
Is this ok?
And in “autoremove file“? Is this fine?
Or it should be one package-in-one-line (?):
THANK YOU
“Pin-Priority: 1” <- That's not less than zero.
Very nice tip. Thanks very much. I had this issue with Texlive on ubuntu 16.04. Each time I selected “sudo apt-get upgrade”, Texlive will also upgrade, which is huge and wastes my data volume.
Very nice tips, thank you!
Welcome.. :-)