I've never understood this problem, and it's time to rectify that situation. When I try apt-get upgrade, I am told that 3 packages are being kept back. One of them is autofs, so I try apt-get install autofs. I get a long message about how it is "extremely likely that the package is simply not installable" that concludes with:

The following packages have unmet dependencies:
autofs: Depends: libc6 (>= 2.3.5-1) but 2.3.2.ds1-21 is to be installed
E: Broken packages

Doesn't this message mean that I have a libc6 installed that is a newer version than the one required by the package? Isn't that good? Are packages typically built in such a way that they require exactly a certain version -- or a version that is neither too old nor too new? Is there a way to fix this impasse without removing libc6 (which removes half the OS)?

I have seen this before, and gotten around it, but I have no idea how I did it at the time.

One thing I did see in my quick little search just now was that it may be possible that you have a mixed system between Woody and Sid. Is this the case?

It is possible. I remember having a problem with something and thinking that I should try upgrading it from unstable. I'm sure that the upgrade did not result in widespread upgrades, but it certainly could have upgraded something that is sticking me now. But I'm still not clear on what I am supposed to do now about these "broken packages".

And here's another apt mystery. I get Debian Weekly News. It always contains a list of programs with security updates and the comment, "You know the drill." I apparently don't know the drill. I do apt-get upgrade, but get only the comment I quoted previously. I have

deb ftp://security.debian.org/debian-security sarge/updates main contrib non-free

in my apt/sources.list. If a program is installed, shouldn't it get upgraded when I do apt-get upgrade? For example, sudo is on the latest list. It is installed. I run apt-get upgrade and get the comment I quoted previously. I do apt-get install sudo and get "sudo is already the newest version." Does anyone know the drill (or the answer to my previous question)?

I actually read the message you got stating that your libc is too old (but checking which version you do have is a good way to solve that question).

Anyway, what version of the Kernel do you have? A lot of stuff, especially that pertaining to libc, relies on having a newer kernel.

Just wondering, are you doing an apt-get update before you do your apt-get upgrade? If you don't, you don't refresh your libraries with the catalog of the latest files, and nothing will happen.

2.6.11.

So, it seems that I am misreading the message in my first posting. My interpretation was that my libc is too new. The message seems to say that the libc that I have is 2.3.5-1, but it wants to install 2.3.2.ds1-21. No, you are saying that it says that it needs 2.3.5-1 but it's installing only 2.3.2.ds1-21. OK. So I run apt-show-versions, and I see (among other things)

libc6 2.3.2.ds1-21 install ok installed

so you are right (although I don't know why apt is trying to install what is already installed). I also see from apt-show-versions -a that 2.3.5-6 is available, but from testing. Does the fact that it's looking in testing indicate that I perverted my system with a previous install from testing? Consider this:

apt-show-versions -a -p autofs
autofs 4.1.4-7 install ok installed
autofs 4.1.3+4.1.4beta2-10 stable
autofs 4.1.4-8 testing
autofs/testing upgradeable from 4.1.4-7 to 4.1.4-8

So I guess I have 4.1.4-7 installed, but the last line seems to indicate that 4.1.4-7 is from testing.

Yes, I do run apt-get update first.

I read the last line as saying that you have the option of changing to 4.1.4-8 from 4.1.4-7 should you upgrade to testing, and the penultimate line as saying that there is a 4.1.4-8 available IN testing (since it doesn't have "ok installed" next to it). Not saying that I'm right, though, that's just how I'm reading it.

Is that deb line you showed us earlier in the post the only thing in your sources.list?


If I were you I'd try to install the newest version of libc available for Stable. If you don't have the right sources in apt, you could either edit the soruces or just go to the debian site, and browse into the stable packages section and find the newest stable libc, download the .deb and try installing from there.

I think the problem may be either that your apt sources don't have any program updates, just the security updates, and now the security updates aren't compatible with your current program versions, or your kernel needs upgrading (though if you have 2.6.11 I find that very unlikely). So you could always try apt-configuring and adding a bunch of sarge mirror sources to your already-existing security updates, updating apt, and trying a dist-upgrade.

I think Sarge does occasionally update its actual programs, but only for fixes and security, and maybe you need more than just the security updates to do that. I honestly don't know much about that process, though, since I use Testing, but it's a workable theory (and/or shot in the dark) .

Thanks for struggling through this with me. It's amazing how needlessly arcane the messages from this important command can be.

I think that line 2 says that stable contains versions 4.1.3 and 4.1.4beta2-10. Line 3 clearly says that 4.1.4-8 is in testing. Line 1 says that 4.1.4-7 is installed. I agree that line 4 says that I can upgrade 4.1.4-7 to 4.1.4-8. Because 4.1.4-8 is in testing, I assume that 4.1.4-7 must be as well. Thus, I guess that if my autofs were from stable, apt-install upgrade would offer me an opportunity to upgrade from 4.1.3 to 4.1.4beta2-10. I think that it somehow got upgraded with the version in testing at some point, so now my upgrade option is within testing.

The line from sources.list that I showed before is not the only line in sources.list. Here's the rest:

deb ftp://ftp.debian.org/debian sarge main contrib non-free
deb ftp://non-us.debian.org/debian-non-US sarge/non-US main contrib non-free
deb ftp://security.debian.org/debian-security sarge/updates main contrib non-free
deb http://archive.libranet.com/archive/libranet hemlock main
deb http://archive.libranet.com/archive/libranet hemlock-updates main
deb http://archive.libranet.com/archive/libranet hemlock-security main

This is how I got around this:

First of all, I had a similar problem under Mandrake. Not so easily solvable there as you start bumping up against "members only" downloads.

Put sources for unstable experimental and testing in your sources.list. Then upgrade everything upgradeable. Essentially you're moving from Sarge to Sid.

End of problem.

The question is whether you actually want to do this. All I can say is that my system is still as stable as a concrete platform. As far as I can tell there is not a sharp line between "stable" and "unstable" so that if you don't have all the sources available you bump into this problem.

I could afford the "risk" because it was a brand new installation, breaking it would not have been tragic. However nothing broke. I could not install OpenOffice 2 Beta until I did this and OOo2 is a must have in my case.

Your milage may vary.