Set higher preference/priority to an APT repository over another or completely ignore certain repos

Written by - 0 comments

Published on - last updated on September 24th 2020 - Listed in Linux


In some particular scenarios, it is necessary to add several repositories on a Debian system. In this example I'm talking about Proxmox, a virtualization solution based on Debian Wheezy, but this article applies to all additional apt repositories (and applies to Ubuntu and other Debian derivatives as well).

By default Proxmox installs its Enterprise repository in /etc/apt/sources.list.d/pve-enterprise.list:

$ cat /etc/apt/sources.list.d/pve-enterprise.list
deb https://enterprise.proxmox.com/debian wheezy pve-enterprise

However this repo is only accessible with a valid subscription. As an alternative, the community repository can be added and used:

$ cat /etc/apt/sources.list.d/pve--no-subscription.list
deb http://download.proxmox.com/debian wheezy pve-no-subscription

Some packages in the Proxmox repository are far newer than on the official Debian repository.
As an example, the glusterfs packages have a big version difference:

  • glusterfs-server (3.2.7-3+deb7u1) in the official Debian repository
  • glusterfs-server (3.4.1-1) in the Proxmox repository

This causes apt-get install to fail because it doesn't know which version to install.
In such a situation it makes sense to set a preference on a repository over the others.

Define repositories with a higher priority

Such a preference can be set by setting different higher pin-priorities on the repositories in a preferences config file:

$ cat /etc/apt/preferences.d/proxmox
Package: *
Pin: origin enterprise.proxmox.com
Pin-Priority: 900

Package: *
Pin: origin download.proxmox.com
Pin-Priority: 850

Package: *
Pin: origin security.debian.org
Pin-Priority: 800

Package: *
Pin: origin ftp.ch.debian.org
Pin-Priority: 700

The content of the file is pretty much self-explaining. Each repository URL has its own Pin-Priority.
The higher the number, the higher is the priority.

It would also be possible to set the higher priority only for certain packages. In my example I have set the priorities for all packages (*).

What if packages should be ignored from a certain repository?

Updated September 24, 2020

Using multiple repositories can create conflicts, too. A typical example is that the same package exists in both official Debian and another additional repository but the package dependencies of the additional repository don't match. Seen with kafkacat and a hiccup of the dependent package librdkafka1 and Confluent repositories:

# apt-get install librdkafka1
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:
The following packages have unmet dependencies:
 librdkafka1 : Depends: libssl1.0.0 (>= 1.0.0) but it is not installable
E: Unable to correct problems, you have held broken packages.

Apt tried to install the librdkafka1 package from the Confluent repos - but the package was built against libssl1.0.0. Yet in the Debian repos, libssl1.1 is used.

In such a case it makes sense to prevent a certain package (librdkafka1 in this case) from a specific repository:

# cat /etc/apt/preferences.d/kafkacat
# do not install librdkafka1 (kafkacat needs it) from confluent repository
Package: librdkafka1
Pin: origin packages.confluent.io
Pin-Priority: -1

The negative pin-priority (-1 here) prevents the listed packages (librdkafka1 here) to be installed from the origin (packages.confluent.io here).


Add a comment

Show form to leave a comment

Comments (newest first)

No comments yet.

RSS feed

Blog Tags:

  AWS   Android   Ansible   Apache   Apple   Atlassian   BSD   Backup   Bash   Bluecoat   CMS   Chef   Cloud   Coding   Consul   Containers   CouchDB   DB   DNS   Database   Databases   Docker   ELK   Elasticsearch   Filebeat   FreeBSD   Galera   Git   GlusterFS   Grafana   Graphics   HAProxy   HTML   Hacks   Hardware   Icinga   Influx   Internet   Java   KVM   Kibana   Kodi   Kubernetes   LVM   LXC   Linux   Logstash   Mac   Macintosh   Mail   MariaDB   Minio   MongoDB   Monitoring   Multimedia   MySQL   NFS   Nagios   Network   Nginx   OSSEC   OTRS   Office   OpenSearch   PGSQL   PHP   Perl   Personal   PostgreSQL   Postgres   PowerDNS   Proxmox   Proxy   Python   Rancher   Rant   Redis   Roundcube   SSL   Samba   Seafile   Security   Shell   SmartOS   Solaris   Surveillance   Systemd   TLS   Tomcat   Ubuntu   Unix   VMWare   VMware   Varnish   Virtualization   Windows   Wireless   Wordpress   Wyse   ZFS   Zoneminder