Package: harden-doc Version: 3.9 Severity: normal Hi!
Section 10.1.5 _Automatic updates in a Debian GNU/Linux system_[1] mentions dselect as a possible means to mark packages as /hold/. IIUC, dselect is deprecated (sort of): I think you should mention aptitude instead, which can also mark packages as hold... Correct me if I'm wrong. [1] which is in http://www.debian.org/doc/manuals/securing-debian-howto/ch10.en.html#s-keep-secure BTW, there's a FIXME in the same section regarding an example APT configuration: | To pin the packages under a given release, you must edit | /etc/apt/preferences (see apt_preferences(5)) and add: | | Package: * | Pin: release a=stable | Pin-Priority: 100 | | FIXME: verify if this configuration is OK. AFAIK, this configuration is correct and sets a priority equal to 100 for every package from any archive marked as "stable". Since the default priority is 500 and priority of installed packages is 100, this configuration seems to prevent upgrading to newer versions of already installed packages, as long as those newer versions appear in stables archives. Quoting from apt_preferences(5) manpage: ] 0 < P <=100 ] causes a version to be installed only if there is no ] installed version of the package If that is the intended effect, I would feel safer with | Package: * | Pin: release a=stable | Pin-Priority: 50 though... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
