How can I install a specific older version of Firefox and keep it from automatically updating?

I wrote a bash script to configure a suite of tools for continuous integration on top of Ubuntu 10.04.2. The script recently stopped working and I tracked the problem down to the newer version of Firefox that was just released. The image of Ubuntu that I'm starting with already has Firefox installed, but I need a version in between what it comes with and the latest.

Here's the code I was using:

sudo add-apt-repository ppa:mozillateam/firefox-stable 
sudo apt-get update
echo "y" | sudo apt-get install firefox

How can I instead install Firefox 7.0.1 and keep it from automatically upgrading to the latest version?

If I can, I'd like to avoid installing Firefox manually, so I can more easily use apt-get later, once the issue I'm running into gets resolved.

You should not do this, because versions of Firefox past the 3.6-series do not remain supported, even with security updates, when new versions come out. (This is why Firefox 8 is in Lucid now.) Continuing to run Firefox 7.0.1 means you are running a version that has known security vulnerabilities that are not and never will be patched--it puts you (and your customers/clients, if applicable) at risk.

Install the upstream binaries manually

Unless you can get one of the above techniques to work, the easiest way would probably be to make your script download the upstream Firefox 7.0.1 binary distribution, unpack it, and install it as root:

[ -d /opt ] || sudo mkdir -m  755 /opt
cd /opt
if [ `uname -m` = x86_64 ]
then
    sudo wget http://mirror.dacentec.com/mozilla/firefox/releases/7.0.1/linux-x86_64/en-US/firefox-7.0.1.tar.bz2
else
    sudo wget http://mirror.dacentec.com/mozilla/firefox/releases/7.0.1/linux-i686/en-US/firefox-7.0.1.tar.bz2
fi
sudo tar xjf firefox-7.0.1.tar.bz2
sudo apt-get purge firefox # removes firefox; comment out if definitely uninstalled
ln -s /opt/firefox/firefox /usr/bin/firefox

A few considerations:

1. As explained above, you should not do this at all! (This technique is useful for other purposes, which is the main reason I'm posting about it.)

2. The script above doesn't check to see whether or not commands completed successfully before proceeding. It assumes that /opt exists with reasonable permissions or that it doesn't exist and can be created (which is pretty safe), that the download succeeds (which is not particularly safe), and that the archive successfully unpacks (which is somewhat safe, if the download succeeded). It also assumes that if you don't have a 64-bit PC (or Intel Mac), then you have a 32-bit PC (or Intel Mac), since the script would fail anyway for other architectures since binary builds are not provided upstream for them (you can still build from source for them though); while this is safe in the sense that it doesn't increase the risk of failure, it doesn't give any useful error message when the architecture is unsupported. It creates a symbolic link to the newly installed Firefox 7.0.1 binary in /usr/bin, which will fail if you still had another version of Firefox installed, but you would want it to fail in that situation.

3. There is no reason to think the download mirror I have used in the script is the best one for you. You might want to change it, or implement the script to figure out a reasonable mirror to download from. (If you apply this technique as I am recommending--that is, only to a similar but different problem where the software you're installing is still supported with security updates--then you'll be installing a different program and will thus have to change the argument to wget anyway.)

4. Using this method, you don't have to hold the firefox package, because the firefox package is not what is providing Firefox 7.0.1. (No package is providing it; it's installed manually without the package manager.)