Bug#840064: apticron: apt-get stops when an update for a held back package is found
> If the use of "--allow-change-held-packages" seams dangerous to you (it > might not as we also set "-s" in the command line, it should be safer to > juste replace "-y" by "--trivial-only" which will answer yes for all non > dangerous questions and no on the orthers. Since -s is used it is not a matter of "safe" vs. "dangerous", nothing will be actually installed anyway. Otoh, with --trivial-only an available update that however requires "yes" being answered on a "dangerous" question might get lost in the process. > What about replacing the whole complicated line by something more simple > based on apt like this: > > apt list --upgradable 2>/dev/null | sed -ne 's#^\(.*\)/.*$#\1#p' Sounds reasonable, however I believe there are two problems with this: 1. if the maintainers wish to keep apticron's behavior intact, it is not possible this way, since NOTIFY_NEW="1" would no longer have any effect (although most likely the majority of users could live with that). 2. more seriously: the following part from man apt > The apt(8) commandline is designed as a end-user tool and it may change > the output between versions. While it tries to not break backward > compatibility there is no guarantee for it either. All features of apt > (8) are available in apt-cache(8) and apt-get(8) via APT options. > Please prefer using these commands in your scripts. does not sound like the apt command is the preferred tool for a script like apticron. Maybe if apticron's developers contacted the apt development team, they could reassure them that this part of the cli is no subject for changes, though.
Bug#840064: apticron: apt-get stops when an update for a held back package is found
If the use of "--allow-change-held-packages" seams dangerous to you (it might not as we also set "-s" in the command line, it should be safer to juste replace "-y" by "--trivial-only" which will answer yes for all non dangerous questions and no on the orthers. > --trivial-only > Only perform operations that are 'trivial'. Logically this can be considered related to --assume-yes; where --assume-yes will answer yes to any prompt, --trivial-only will answer no. Configuration Item: APT::Get::Trivial-Only. What about replacing the whole complicated line by something more simple based on apt like this: apt list --upgradable 2>/dev/null | sed -ne 's#^\(.*\)/.*$#\1#p' -- Landry MINOZA landry.min...@gmail.com
Bug#840064: apticron: apt-get stops when an update for a held back package is found
On Thu, 17 Nov 2016 23:20:57 +0100, Francesco Namuri wrote: > I looked to the code more carefully seeing that there is a part to > handle the report oh packages on held status, I suppose it's better > to improve this part despite of using the allow-change-held-packages > switch. I don't think that there is anything wrong with the command line I suggested in the first post; as far as I understand it does the exact same as the old command used to do with the old apt syntax. It has been working well here for several weeks now, and I don't see why it shouldn't do so. There are other (less important) issues though with the way apticron calculates the list of upgradable packages (but these have nothing to do with this apt-syntax issue). Regards Michael
Bug#840064: apticron: apt-get stops when an update for a held back package is found
On Thu, 17 Nov 2016 23:20:57 +0100, Francesco Namuri wrote: > I looked to the code more carefully seeing that there is a part to > handle the report oh packages on held status, I suppose it's better > to improve this part despite of using the allow-change-held-packages > switch. Thanks for looking into this issue again! > Nevertheless I continue thinking that this bug must not be a grave one, > but also not a normal one, so I'm raising it to important. I don't care so much about the severity, I just hope it's fixed sooon :) Cheers, gregor -- .''`. https://info.comodo.priv.at/ - Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- NP: Red Hot Chili Peppers: Savior signature.asc Description: Digital Signature
Bug#840064: apticron: apt-get stops when an update for a held back package is found
severity 840064 important merge 840064 816959 781639 tags 840064 - moreinfo thanks Hello, I'm sorry I wrote my last email thinking about an unattended upgrade done using the apticron output (or using apticron directly, but this isn't possible) I looked to the code more carefully seeing that there is a part to handle the report oh packages on held status, I suppose it's better to improve this part despite of using the allow-change-held-packages switch. Nevertheless I continue thinking that this bug must not be a grave one, but also not a normal one, so I'm raising it to important. On 17/11/2016 17:56, gregor herrmann wrote: On Thu, 17 Nov 2016 16:57:30 +0100, Francesco Namuri wrote: thanks for your bug report. I'm downgrading it to normal severity waiting for more information. IMHO this is not a bug but I'd like to see the error you're getting. Can you please attach it to this report? What I get is a mail from cron: From: Cron DaemonTo: root@$domain Subject: Cron if test -x /usr/sbin/apticron; then /usr/sbin/apticron --cron; else true; fi Date: Thu, 17 Nov 2016 16:39:45 +0100 E: Held packages were changed and -y was used without --allow-change-held-packages. And that's all. Trying to automatically update a package that has the "held" flag it's a dangerous/unwanted behavior, IMHO the warning/error should be raised and the executions must stop. It makes apticron pretty useless as I don't get any information about which (held or not held) packages are available for updating. The solution proposed "allow-change-held-packages" it's also very dangerous, as you can see in the man page: This is in a line with `apt-get -s' i.e. nothing is updated, it's just about getting the list of packages by simulating an update. Cheers, gregor
Bug#840064: apticron: apt-get stops when an update for a held back package is found
On Thu, 17 Nov 2016 16:57:30 +0100, Francesco Namuri wrote: > thanks for your bug report. I'm downgrading it to normal severity > waiting for more information. IMHO this is not a bug but I'd like > to see the error you're getting. Can you please attach it to > this report? What I get is a mail from cron: From: Cron DaemonTo: root@$domain Subject: Cron if test -x /usr/sbin/apticron; then /usr/sbin/apticron --cron; else true; fi Date: Thu, 17 Nov 2016 16:39:45 +0100 E: Held packages were changed and -y was used without --allow-change-held-packages. And that's all. > Trying to automatically update a package that has the "held" > flag it's a dangerous/unwanted behavior, IMHO the warning/error > should be raised and the executions must stop. It makes apticron pretty useless as I don't get any information about which (held or not held) packages are available for updating. > The solution proposed "allow-change-held-packages" it's also > very dangerous, as you can see in the man page: This is in a line with `apt-get -s' i.e. nothing is updated, it's just about getting the list of packages by simulating an update. Cheers, gregor -- .''`. https://info.comodo.priv.at/ - Debian Developer https://www.debian.org : :' : OpenPGP fingerprint D1E1 316E 93A7 60A8 104D 85FA BB3A 6801 8649 AA06 `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- NP: Rolling Stones: Lonely signature.asc Description: Digital Signature
Bug#840064: apticron: apt-get stops when an update for a held back package is found
severity 840064 normal tag 840064 moreinfo thanks Hello Michael, thanks for your bug report. I'm downgrading it to normal severity waiting for more information. IMHO this is not a bug but I'd like to see the error you're getting. Can you please attach it to this report? Trying to automatically update a package that has the "held" flag it's a dangerous/unwanted behavior, IMHO the warning/error should be raised and the executions must stop. The solution proposed "allow-change-held-packages" it's also very dangerous, as you can see in the man page: " --allow-change-held-packages Force yes; this is a dangerous option that will cause apt to continue without prompting if it is changing held packages. It should not be used except in very special situations. Using it can potentially destroy your system! Configuration Item: APT::Get::allow-change-held-packages. Introduced in APT 1.1. " Ciao, Francesco
Bug#840064: apticron: apt-get stops when an update for a held back package is found
Package: apticron Version: 1.1.59 Severity: grave Justification: renders package unusable Dear Maintainer, first I should mention that I never used apticron myself, but I borrowed the part of the apticron script that generates the list of upgradable packages for a custom script here. Since the affected command line is also still present in the latest apticron package, I assume this problem applies to apticron, too. If I am mistaken with that, I apologize in advance. Today I noticed that on debian testing my script did not work any longer, since the call of PKGNAMES=`/usr/bin/apt-get -q -y --ignore-hold --allow-unauthenticated -s dist-upgrade... stopped with an error message, because an update for a held package is available and --allow-change-held-packages was missing from the command line. I am not 100% sure, but I think a couple days ago this still used to work, so I guess that this is caused by a recent update to apt-1.3 which appears to break the usability of this use of command line options. The solution I found and which (at least in my script) appears to work well, is to change the command line into PKGNAMES=`/usr/bin/apt-get -q -y --ignore-hold --allow-unauthenticated --allow-downgrades --allow-remove-essential --allow-change-held-packages -s dist-upgrade... According to the apt-get manpage this should work with apt versions >= 1.1 . Best regards Michael Lange -- System Information: Debian Release: 8.6 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.3.0-0.bpo.1-amd64 (SMP w/2 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages apticron depends on: ii apt 1.0.9.8.3 ii bsd-mailx [mailx] 8.1.2-0.20141216cvs-2 ii bzip2 1.0.6-7+b3 ii cron [cron-daemon] 3.0pl1-127+deb8u1 ii debconf [debconf-2.0] 1.5.56 ii dpkg1.17.27 ii heirloom-mailx [mailx] 12.5-4 ii ucf 3.0030 Versions of packages apticron recommends: ii apt-listchanges 2.85.13+nmu1 ii iproute2 3.16.0-2 apticron suggests no packages.