Re: aptitude safe-upgrade vs apt-get upgrade.

[Andrei POPESCU]

On Ma, 27 oct 20, 13:03:32, David Wright wrote:
> On Tue 27 Oct 2020 at 15:05:36 (+0200), Andrei POPESCU wrote:
> > On Lu, 26 oct 20, 09:55:00, John Hasler wrote:
> > 
> > I believe someone demonstrated quite recently on list that dpkg has some 
> > limits in the number and/or combination of packages it can deal with at 
> > once, so APT might have to pass them in smaller chunks and/or specific 
> > order (in case of Pre-Depends: maybe?).
> >  
> > > Dpkg is safe but can be rather frustrating.
> > 
> > As far as I'm concerned it does just fine what it was designed to do.
> 
> Years ago, I used to do mega installs with dpkg, copying the contents
> of /var/cache/apt/archives/ from one machine onto a caddy, and then
> installing them all on another.
> 
> I'm probably the person who recently demonstrated dpkg's (in)ability
> to cleanly install 1558 packages simultaneously without help:
> 
> https://lists.debian.org/debian-user/2020/07/msg00032.html
> (its References are all dead links because they fall in the previous month.)

Indeed, this is the experiment I was thinking of.
 
> This followed a demonstration of apt-get's reversibility:
> specifying 271 "top-level" packages that resulted in 1558 being
> installed altogether, and all 1558 being cleanly purged again.

Somehow I'm still under the impression that this is supposed to work 
with dpkg only.

You might want to post your findings to debian-dpkg for further 
investigation.

Kind regard,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: aptitude safe-upgrade vs apt-get upgrade.

[David Wright]

On Tue 27 Oct 2020 at 15:05:36 (+0200), Andrei POPESCU wrote:
> On Lu, 26 oct 20, 09:55:00, John Hasler wrote:
> > Andrei writes:
> > > dpkg does its own dependency checking, in addition to APT (the
> > > software, not the command), and will prevent any inconsistencies
> > > unless you use one of the --force switches.
> > 
> > What it does not do is resolve dependencies.  Apt recursively resolves
> > dependencies, installing them as required. It also detects conflicts
> > and offers to resolve them as well as breaking loops.
> 
> dpkg can only work with the set of .deb files that were passed on the 
> command line.
> 
> If all dependencies are included (or already installed), fine, otherwise 
> it will bail out as it doesn't (by design) have the capability to search 
> for them in repositories and download them (if this is what you mean by 
> resolving).
> 
> I believe someone demonstrated quite recently on list that dpkg has some 
> limits in the number and/or combination of packages it can deal with at 
> once, so APT might have to pass them in smaller chunks and/or specific 
> order (in case of Pre-Depends: maybe?).
>  
> > Dpkg is safe but can be rather frustrating.
> 
> As far as I'm concerned it does just fine what it was designed to do.

Years ago, I used to do mega installs with dpkg, copying the contents
of /var/cache/apt/archives/ from one machine onto a caddy, and then
installing them all on another.

I'm probably the person who recently demonstrated dpkg's (in)ability
to cleanly install 1558 packages simultaneously without help:

https://lists.debian.org/debian-user/2020/07/msg00032.html
(its References are all dead links because they fall in the previous month.)

This followed a demonstration of apt-get's reversibility:
specifying 271 "top-level" packages that resulted in 1558 being
installed altogether, and all 1558 being cleanly purged again.

Cheers,
David.

Re: aptitude safe-upgrade vs apt-get upgrade.

[Andrei POPESCU]

On Lu, 26 oct 20, 09:55:00, John Hasler wrote:
> Andrei writes:
> > dpkg does its own dependency checking, in addition to APT (the
> > software, not the command), and will prevent any inconsistencies
> > unless you use one of the --force switches.
> 
> What it does not do is resolve dependencies.  Apt recursively resolves
> dependencies, installing them as required. It also detects conflicts
> and offers to resolve them as well as breaking loops.

dpkg can only work with the set of .deb files that were passed on the 
command line.

If all dependencies are included (or already installed), fine, otherwise 
it will bail out as it doesn't (by design) have the capability to search 
for them in repositories and download them (if this is what you mean by 
resolving).

I believe someone demonstrated quite recently on list that dpkg has some 
limits in the number and/or combination of packages it can deal with at 
once, so APT might have to pass them in smaller chunks and/or specific 
order (in case of Pre-Depends: maybe?).
 
> Dpkg is safe but can be rather frustrating.

As far as I'm concerned it does just fine what it was designed to do.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: Re: aptitude safe-upgrade vs apt-get upgrade.

[R. Ramesh]

So, if you don't pin down the priority of deb-multimedia, virtually every
audio- and video-related package on your system will be replaced with the
deb-multimedia version, which for the sake of stability is very likely a
bad idea.
So it is safer to lower the priority of deb-multimedia and that of
deb-multimedia backports even a bit more, so that the official debian
packages remain the default, deb-multimedia packages the first
alternative if you actually want/need a newer version or a version with
some extra features and deb-multimedia backports the last choice if you
really, really need that version.



Thanks for the detailed explanation. I will pin down multi-media and 
then backports to ensure order among the repositories.


Regards
Ramesh

Re: aptitude safe-upgrade vs apt-get upgrade.

[Michael Lange]

Hi,

On Mon, 26 Oct 2020 11:58:18 -0500
"R. Ramesh"  wrote:

(...)

> I have these exact lines in my sources.list also. I thought we have 
> backports so that we can get the newer version of packages. For
> example, buster multimedia has mythtv 0.30 and backports has mythtv
> 0.31 (the last time I checked). I have installed 0.31 in my system
> (using -t stable-backports, I think) as my frontend need to be
> compatible with backend that runs mythtv 0.31 (on xubuntu 20.04). In
> that case, would the above pinning rule prevent proper upgrade as it
> puts backports at a lower priority? (I assume that is what your pinning
> rules imply unless priorities are increased with lower numerical value)
> 
> In other words, should I stick to aptitude's decision?
> 
> Why priority 331 and 332? Why not some other two with same
> relationship? Sorry, if I asked a simple question. I will be more than
> happy to read documentation, if I will find it there.


these values are somewhat arbitraryly chosen. The point is that they
have to be values smaller than 500 and greater than 100 and that the
value for the deb-multimedia backports needs to be smaller than that of
the regular deb-multimedia repo.

This is because 500 is the default priority of any repo defined in
sources.list; if two or more packages from different repos share this
same priority, the package with the newest version number will be
installed; usually when using stable with deb-multimedia this is the
deb-multimedia (backports) package. If priorities differ, the package with
the highest priority will be installed, unless the lower priority package
is explicitely requested by the user.

So, if you don't pin down the priority of deb-multimedia, virtually every
audio- and video-related package on your system will be replaced with the
deb-multimedia version, which for the sake of stability is very likely a
bad idea. 
So it is safer to lower the priority of deb-multimedia and that of
deb-multimedia backports even a bit more, so that the official debian
packages remain the default, deb-multimedia packages the first
alternative if you actually want/need a newer version or a version with
some extra features and deb-multimedia backports the last choice if you
really, really need that version.

But please beware: blindly installing too many of these can easily mess
with apt's dependencies and cause nasty situations ("dependency hell")

> In other words, should I stick to aptitude's decision?

I really recommend to do the pinning first, then re-run

$ apt update

and then look again what is suggested when you call apt-get upgrade or
aptitude safe-upgrade.
I have a hunch that probably there won't be much to upgrade anymore.

And as someone else pointed out, apt-get upgrade will not always install
the latest kernel and possibly other things you would want to keep up to
date, so you might wnat to consider to just use apt-get dist-upgrade
instead, which in my experience with a properly configured debian stable
system should not cause any problems.


Regards

Michael


.-.. .. ...- .   .-.. --- -. --.   .- -. -..   .--. .-. --- ... .--. . .-.

You're too beautiful to ignore.  Too much woman.
-- Kirk to Yeoman Rand, "The Enemy Within", stardate
unknown

Re: Re: aptitude safe-upgrade vs apt-get upgrade.

[R. Ramesh]

To resolve this, you might consider to create a file
like e.g. /etc/apt/preferences.d/multimedia .

Here the content of that file looks like:

Package: *
Pin: release o=Unofficial Multimedia Packages,n=buster
Pin-Priority: 332

Package: *
Pin: release o=Unofficial Multimedia Packages,n=buster-backports
Pin-Priority: 331


Michael,

  Thanks for explaining why the difference exists. However, I do not 
know what these two rules mean to upgrade decisions.  So, I ask the 
following based on sources.list lines.



with the respective entries in my sources.list:

debhttp://www.deb-multimedia.org    buster main 
non-free
debhttp://www.deb-multimedia.org    
buster-backports main non-free

I have these exact lines in my sources.list also. I thought we have 
backports so that we can get the newer version of packages. For example, 
buster multimedia has mythtv 0.30 and backports has mythtv 0.31 (the 
last time I checked). I have installed 0.31 in my system (using -t 
stable-backports, I think) as my frontend need to be compatible with 
backend that runs mythtv 0.31 (on xubuntu 20.04). In that case, would 
the above pinning rule prevent proper upgrade as it puts backports at a 
lower priority? (I assume that is what your pinning rules imply unless 
priorities are increased with lower numerical value)


In other words, should I stick to aptitude's decision?

Why priority 331 and 332? Why not some other two with same relationship? 
Sorry, if I asked a simple question. I will be more than happy to read 
documentation, if I will find it there.


Regards
Ramesh

Re: aptitude safe-upgrade vs apt-get upgrade.

[John Hasler]

Andrei writes:
> dpkg does its own dependency checking, in addition to APT (the
> software, not the command), and will prevent any inconsistencies
> unless you use one of the --force switches.

What it does not do is resolve dependencies.  Apt recursively resolves
dependencies, installing them as required. It also detects conflicts
and offers to resolve them as well as breaking loops.

Dpkg is safe but can be rather frustrating.
-- 
John Hasler 
jhas...@newsguy.com
Elmwood, WI USA

Re: aptitude safe-upgrade vs apt-get upgrade.

[Andrei POPESCU]

On Du, 25 oct 20, 21:00:03, Joe wrote:
> 
> Synaptic, the GUI tool, is a front end to apt-get. All the apt tools
> are a front end to dpkg, which does all the work but does no dependency
> checking and is therefore not safe to be used directly.

dpkg does its own dependency checking, in addition to APT (the software, 
not the command), and will prevent any inconsistencies unless you use 
one of the --force switches.

In my opinion this is pretty safe ;)

APT, aptitude and others are more than just front ends to dpkg as they 
are also the ones working with your configured repositories.

> All of the tools have a 'safe' mode which is guaranteed not to remove
> packages. However, many upgrades do require the removal of some
> packages, so the safe mode will only get you so far in these cases.
> 
> If you are using Stable, there should never be any real problem in
> upgrading. 

'apt-get upgrade' is insufficient even on a stable system, e.g. due to 
the kernel package changing names, it's better to just use 'apt upgrade' 
(or 'aptitude safe-upgrade') instead.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: aptitude safe-upgrade vs apt-get upgrade.

[Michael Lange]

Hi,

On Sun, 25 Oct 2020 17:53:16 -0500
"R. Ramesh"  wrote:

(...)

> Nothing fancy. Installed debian 10 from USB and added multi-media and 
> installed mythfrontend. That is all I have done.
> This is a NUC Pentium (N3700) box and not fancy at all.  Here is my
> kernel

(...)

> My apt-get/aptitude output showed clear differences between the two.
> So, I am not convinced about your claim that they should do the same
> thing on a stable release unless stable release itself was broken when 
> installing with debian-10.6.0-amd64-netinst.iso.

it looks like what happens here is that the upgrade would replace
installed versions of multimedia related packages from buster with those
from deb-multimedia. Obviously apt-get and aptitude do not agree how to
handle this situation. Installing those packages requires obviously to
replace for example libcdio18 with libcdio19, which apt-get won't do with
the "apt-get upgrade" command.
I believe that most likely the root of the problem is, that no
apt-pinning rule is defined for the deb-multimedia repo.

To resolve this, you might consider to create a file
like e.g. /etc/apt/preferences.d/multimedia .

Here the content of that file looks like:

Package: *
Pin: release o=Unofficial Multimedia Packages,n=buster
Pin-Priority: 332

Package: *
Pin: release o=Unofficial Multimedia Packages,n=buster-backports
Pin-Priority: 331

with the respective entries in my sources.list:

deb http://www.deb-multimedia.org buster main non-free
deb http://www.deb-multimedia.org buster-backports main non-free

This should ensure that no such "accidental" upgrades will occur.

Regards

Michael

.-.. .. ...- .   .-.. --- -. --.   .- -. -..   .--. .-. --- ... .--. . .-.

Lots of people drink from the wrong bottle sometimes.
-- Edith Keeler, "The City on the Edge of Forever",
   stardate unknown

Re: Re: aptitude safe-upgrade vs apt-get upgrade.

[R. Ramesh]

To begin with, which distribution is it? In general, with Stable, it
pretty much doesn't matter which tool is used. The kind of problems you
have indicate Unstable or Testing.

First, apt is pretty much apt-get, with different syntax and a few
extra features. Aptitude can generally do a better job of resolving
'difficult' dependencies, but if used with a great many packages (>100)
is likely to be very slow. With more than about 500 packages to deal
with, it may grind to a halt. Don't use it on an Unstable which hasn't
been upgraded for six months. Don't use it for a version upgrade of
Stable, unless the release notes for the upgrade explicitly recommend
it.

Synaptic, the GUI tool, is a front end to apt-get. All the apt tools
are a front end to dpkg, which does all the work but does no dependency
checking and is therefore not safe to be used directly.

All of the tools have a 'safe' mode which is guaranteed not to remove
packages. However, many upgrades do require the removal of some
packages, so the safe mode will only get you so far in these cases.

If you are using Stable, there should never be any real problem in
upgrading. With Testing or Unstable, problems do occur, and you need to
be willing to understand and solve them. Generally, if you keep the
system up to date regularly, aptitude will usually do a good job.

With Unstable or Testing, it is often the case that new versions of a
few packages from a large related set become available before the rest.
The new packages will be mostly incompatible with the existing set, so
upgrading them will cause the removal of some of the rest of the set,
along with other applications which depend on them. If you see that
half your applications are about to be removed, say 'no'. If you do
this with apt-get or apt in safe mode, then packages will be 'held
back'. Aptitude full-upgrade will usually give you a number of options,
with decreasing numbers of removals proposed. If you keep declining
options, it will eventually get to 'keep everything as it is', but you
may find one of the options worth doing.

Generally time will sort this problem out, as the rest of the set is
released. It is usually possible to upgrade some packages which do not
include the problem ones. This can be done with any of the tools, but
on a graphical system I prefer Synaptic. Other methods may involve a lot
of typing.
My bad, I did not think releases mattered to figure out the 
differentiation between the two. I am on current stable release

installed within the last month. Here is my /etc/os-release

myth2 [rramesh] 102 > cat /etc/os-release
PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/;
SUPPORT_URL="https://www.debian.org/support;
BUG_REPORT_URL="https://bugs.debian.org/;
Nothing fancy. Installed debian 10 from USB and added multi-media and 
installed mythfrontend. That is all I have done.

This is a NUC Pentium (N3700) box and not fancy at all.  Here is my kernel

myth2 [rramesh] 104 > uname -a
Linux myth2 4.19.0-11-amd64 #1 SMP Debian 4.19.146-1 (2020-09-17) 
x86_64 GNU/Linux
My apt-get/aptitude output showed clear differences between the two. So, 
I am not convinced about your claim that they should do the same thing 
on a stable release unless stable release itself was broken when 
installing with debian-10.6.0-amd64-netinst.iso.


Regards
Ramesh

Re: aptitude safe-upgrade vs apt-get upgrade.

[Joe]

On Sun, 25 Oct 2020 12:12:19 -0500
Ram Ramesh  wrote:

> Hi,
> 
>    I am trying to upgrade the current setup and I am unable to 
> understand the differences between aptitude vs. apt-get usage.
> When I do apt-get -s upgrade, I get
> > myth2 [rramesh] 100 > sudo apt-get -s upgrade
> > Reading package lists... Done
> > Building dependency tree
> > Reading state information... Done
> > Calculating upgrade... Done
> > The following packages have been kept back:
> >   gstreamer1.0-gl gstreamer1.0-plugins-bad gstreamer1.0-plugins-base
> >   gstreamer1.0-plugins-good gstreamer1.0-plugins-ugly
> > libasound2-plugins libavcodec58 libavformat58 libavresample4
> > libavutil56 libchromaprint1 libgstreamer-gl1.0-0
> > libgstreamer-plugins-bad1.0-0 libgstreamer-plugins-base1.0-0
> > libswresample3 libswscale5 linux-image-amd64
> >   mythtv-frontend
> > 0 upgraded, 0 newly installed, 0 to remove and 18 not upgraded.  
> Clearly nothing is  going to be done. However aptitude -s
> safe-upgrade shows that it will install these.
> > myth2 [rramesh] 101 > sudo aptitude -s safe-upgrade
> > Resolving dependencies...
> > The following NEW packages will be installed:
> >   libcdio19{a} libfaac0{a} libfdk-aac2{a} libilbc2{a} libkvazaar4{a}
> >   liblrdf0{a} libmfx1{a} libopenh264-5{a} libx264-157{a}
> > libx265-176{a} linux-image-4.19.0-12-amd64{a}
> > The following packages will be REMOVED:
> >   libcdio18{u} libcrystalhd3{u} libssh-gcrypt-4{u} libvpx5{u}
> >   libx264-155{u} libx265-165{u}
> > The following packages will be upgraded:
> >   gstreamer1.0-gl gstreamer1.0-plugins-bad gstreamer1.0-plugins-base
> >   gstreamer1.0-plugins-good gstreamer1.0-plugins-ugly
> > libasound2-plugins libavcodec58 libavformat58 libavresample4
> > libavutil56 libchromaprint1 libgstreamer-gl1.0-0
> > libgstreamer-plugins-bad1.0-0 libgstreamer-plugins-base1.0-0
> > libswresample3 libswscale5 linux-image-amd64
> > 17 packages upgraded, 11 newly installed, 6 to remove and 1 not
> > upgraded. Need to get 72.9 MB of archives. After unpacking 270 MB
> > will be used.
> >
> > Note: Using 'Simulate' mode.
> > Do you want to continue? [Y/n/?]
> > Would download/install/remove packages.  
> This makes me wonder if it is better to use aptitude over apt-get.
> Why these differences?  What is the correct way to maintain a working
> system and still keep the system up to date.

To begin with, which distribution is it? In general, with Stable, it
pretty much doesn't matter which tool is used. The kind of problems you
have indicate Unstable or Testing.

First, apt is pretty much apt-get, with different syntax and a few
extra features. Aptitude can generally do a better job of resolving
'difficult' dependencies, but if used with a great many packages (>100)
is likely to be very slow. With more than about 500 packages to deal
with, it may grind to a halt. Don't use it on an Unstable which hasn't
been upgraded for six months. Don't use it for a version upgrade of
Stable, unless the release notes for the upgrade explicitly recommend
it.

Synaptic, the GUI tool, is a front end to apt-get. All the apt tools
are a front end to dpkg, which does all the work but does no dependency
checking and is therefore not safe to be used directly.

All of the tools have a 'safe' mode which is guaranteed not to remove
packages. However, many upgrades do require the removal of some
packages, so the safe mode will only get you so far in these cases.

If you are using Stable, there should never be any real problem in
upgrading. With Testing or Unstable, problems do occur, and you need to
be willing to understand and solve them. Generally, if you keep the
system up to date regularly, aptitude will usually do a good job.

With Unstable or Testing, it is often the case that new versions of a
few packages from a large related set become available before the rest.
The new packages will be mostly incompatible with the existing set, so
upgrading them will cause the removal of some of the rest of the set,
along with other applications which depend on them. If you see that
half your applications are about to be removed, say 'no'. If you do
this with apt-get or apt in safe mode, then packages will be 'held
back'. Aptitude full-upgrade will usually give you a number of options,
with decreasing numbers of removals proposed. If you keep declining
options, it will eventually get to 'keep everything as it is', but you
may find one of the options worth doing. 

Generally time will sort this problem out, as the rest of the set is
released. It is usually possible to upgrade some packages which do not
include the problem ones. This can be done with any of the tools, but
on a graphical system I prefer Synaptic. Other methods may involve a lot
of typing.

-- 
Joe

aptitude safe-upgrade vs apt-get upgrade.

[Ram Ramesh]

Hi,

  I am trying to upgrade the current setup and I am unable to 
understand the differences between aptitude vs. apt-get usage.

When I do apt-get -s upgrade, I get

myth2 [rramesh] 100 > sudo apt-get -s upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
The following packages have been kept back:
  gstreamer1.0-gl gstreamer1.0-plugins-bad gstreamer1.0-plugins-base
  gstreamer1.0-plugins-good gstreamer1.0-plugins-ugly libasound2-plugins
  libavcodec58 libavformat58 libavresample4 libavutil56 libchromaprint1
  libgstreamer-gl1.0-0 libgstreamer-plugins-bad1.0-0
  libgstreamer-plugins-base1.0-0 libswresample3 libswscale5 
linux-image-amd64

  mythtv-frontend
0 upgraded, 0 newly installed, 0 to remove and 18 not upgraded.
Clearly nothing is  going to be done. However aptitude -s safe-upgrade 
shows that it will install these.

myth2 [rramesh] 101 > sudo aptitude -s safe-upgrade
Resolving dependencies...
The following NEW packages will be installed:
  libcdio19{a} libfaac0{a} libfdk-aac2{a} libilbc2{a} libkvazaar4{a}
  liblrdf0{a} libmfx1{a} libopenh264-5{a} libx264-157{a} libx265-176{a}
  linux-image-4.19.0-12-amd64{a}
The following packages will be REMOVED:
  libcdio18{u} libcrystalhd3{u} libssh-gcrypt-4{u} libvpx5{u}
  libx264-155{u} libx265-165{u}
The following packages will be upgraded:
  gstreamer1.0-gl gstreamer1.0-plugins-bad gstreamer1.0-plugins-base
  gstreamer1.0-plugins-good gstreamer1.0-plugins-ugly libasound2-plugins
  libavcodec58 libavformat58 libavresample4 libavutil56 libchromaprint1
  libgstreamer-gl1.0-0 libgstreamer-plugins-bad1.0-0
  libgstreamer-plugins-base1.0-0 libswresample3 libswscale5
  linux-image-amd64
17 packages upgraded, 11 newly installed, 6 to remove and 1 not upgraded.
Need to get 72.9 MB of archives. After unpacking 270 MB will be used.

Note: Using 'Simulate' mode.
Do you want to continue? [Y/n/?]
Would download/install/remove packages.
This makes me wonder if it is better to use aptitude over apt-get. Why 
these differences?  What is the correct way to maintain a working system 
and still keep the system up to date.


Regards
Ramesh