Skip to main content
Welcome guest. | Register | Login | Post

The Problem with Apt, Universe, Multiverse, Backports, Etc.

3 replies [Last post]
supermike's picture
Offline
Joined: 2006-02-17

Take it easy on me here. I want to understand something better. I may have my facts wrong. If so, please be as convincing as possible.

Let's say I want to be super conservative and not do anything too risky with my Ubuntu that might make the system unstable. Been there, done that with RH8, RH9, and Fedora. Don't want to go there again. However, Breezy doesn't ship with PHP 4.x by default and only ships with PHP 5.x. (This is a change over Hoary.) However, my software project is designed in PHP 4.x because my customers may still be running that. Therefore, I have no choice but to turn on the Universe option in my /etc/apt/sources.list file, grab PHP 4.x with apt, and then comment out the Universe option again in /etc/apt/sources.list.

Note what I said -- I commented out the Universe option, instead of leaving it there and doing "apt-get update; apt-get upgrade". Why? Because to do that would introduce all kinds of unstable things to my OS.

But what's the problem here? Will my PHP 4.x be updated in the non-Universe libraries if there's a critical exploit patch or other security patch? More than likely, no it will not unless I enable the Universe option.

So let's say I do enable the Universe option -- I always have the option to only patch/update my PHP 4.x -- but for the rest of the other patches I am presented, I cannot always tell what patches are coming only from the Universe/Multiverse/Backports option and which patches are coming from the regular option.

So that's the problem. Here's the solution. I'd like a command like:

apt-get upgrade-existing

...to be an option. This would permit me to leave the Universe, Multiverse, and Backports option turned on but not get me to accidentally upgrade my workstation with patches that could take itself into a beta world too far outside what Canonical would have liked with my workstation. Therefore, in this scenario, I would only get the usual Canonical updates/patches, but also get notice about potential PHP 4.x security exploits and so on.

a thing's picture
Offline
Joined: 2005-12-20

Write a shell script for cron to execute daily. The script would use sed -ie s/line/newline/ on the apt config file to enable the Universe (that sounds odd), apt-get update, apt-get upgrade php, undo the sed, then apt-get update & upgrade again, but for everything in your regular repos and not just php.

EDIT: But then the second upgrade would upgrade to php5...

EDIT2: You could apply a little hack to make apt not upgrade php if the new version is >5.

tbuitenh's picture
Offline
Joined: 2005-12-21

I don't have ubuntu anymore for a long time already, but IIRC enabling universe won't mean things get upgraded to unstable versions. If you don't want unstable stuff from universe, just don't install it.

Or has universe been merged with the backports?

tbuitenh's picture
Offline
Joined: 2005-12-21

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.