How do I pin a particular MySQL version to avoid unnecessary upgrades?
I'm running a MySQL server, and want to keep it up to date with regular apt-upgrades. I don't want this to cause MySQL to upgrade unless I'm doing it during scheduled downtime! How do I alter my apt-preferences so that this won't happen?
I've tried adding this to a file as /etc/apt/preferences.d/pin-mysql
Package: mysql-client-5.1
Pin: version 5.1.41-3ubuntu12.7
Pin-Priority: 1001
Package: mysql-client-core-5.1
Pin: version 5.1.41-3ubuntu12.7
Pin-Priority: 1001
Package: mysql-common
Pin: version 5.1.41-3ubuntu12.7
Pin-Priority: 1001
Package: mysql-server
Pin: version 5.1.41-3ubuntu12.7
Pin-Priority: 1001
Package: mysql-server-5.1
Pin: version 5.1.41-3ubuntu12.7
Pin-Priority: 1001
Package: mysql-server-core-5.1
Pin: version 5.1.41-3ubuntu12.7
Pin-Priority: 1001
That then states the packages are pinned with "apt-cache policy" outputting:
... all package sources here
500 http://security.ubuntu.com/ubuntu/ lucid-security/universe Packages
release v=10.04,o=Ubuntu,a=lucid-security,n=lucid,l=Ubuntu,c=universe
origin security.ubuntu.com
500 http://security.ubuntu.com/ubuntu/ lucid-security/restricted Packages
release v=10.04,o=Ubuntu,a=lucid-security,n=lucid,l=Ubuntu,c=restricted
origin security.ubuntu.com
... etc
Pinned packages:
mysql-server -> 5.1.41-3ubuntu12.7
mysql-server-core-5.1 -> 5.1.41-3ubuntu12.7
mysql-client-core-5.1 -> 5.1.41-3ubuntu12.7
mysql-common -> 5.1.41-3ubuntu12.7
mysql-server-5.1 -> 5.1.41-3ubuntu12.7
mysql-client-5.1 -> 5.1.41-3ubuntu12.7
However... running aptitude safe-upgrade just updated MySQL... what am I doing wrong?
If you want to prevent the upgrade of a package, then pinning is not the way to go. What you need is called holding, and you can find out how to do it on this page in the Ubuntu online help
Holding does appear to be the way to go, though I'm not quite sure on the difference between dpkg and aptitude holds.
At any rate - the following script is doing what I want and excluding a list of packages from an aptitude safe-upgrade.
#!/bin/bash
# Stop the mysql packages from upgrading!
# Must run as root! Check presence of the packages-hold.log file to avoid running repeatedly.
PACKAGES="mysql-client-5.1 mysql-client-core-5.1 mysql-common mysql-server mysql-server-5.1 mysql-server-core-5.1 linux-image-server linux-image-2.6.32-28-server"
for PACKAGE in $PACKAGES;
do
/bin/echo $PACKAGE hold | /usr/bin/dpkg --set-selections
done
/usr/bin/aptitude hold $PACKAGES
echo $PACKAGES > /var/log/packages-hold.log
Without doing the aptitude hold line, aptitude would still try to update packages marked with the dpkg --set-selections
command and I think the opposite also applies.
FYI - this also blocks the kernel image from updating all the time. I'm only interested in that update if it's for high priority security reasons as it always comes with a reboot attached.