Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I had to manually mark intel-microcode as held back, as it caused so many headaches with my system when it upgraded and I had to downgrade and mark as hold.
Now, every time I do an apt-upgrade, it counts intel-microcode as an ungradable package.
I don't think this answers my question. I do not want to update the package. I want it to remain held back. Sorry, I should have explained better.
When I do an apt update, I see this
Code:
6 packages can be upgraded. Run 'apt list --upgradable' to see them.
but then when I do apt upgrade
Code:
The following packages have been kept back:
intel-microcode
The following packages will be upgraded:
krb5-locales libgssapi-krb5-2 libk5crypto3 libkrb5-3 libkrb5support0
5 upgraded, 0 newly installed, 0 to remove and 1 not upgraded.
I want it to stop telling me about the held-back intel package. I want update to say 5 not 6, and I don't want to see "The following packages have been kept back: intel-microcode" anymore.
Maybe that's not possible, and a design decision so people know what is being held back.
I've known people who say they run without antivirus, firewall and recommended security updates because they: "just don't need it?" If you're only doing wheezy things, maybe you don't? Another example: if you keep a computer locked in a room, do you really need a password login?
Well, the latter command is part of Ubuntu-specific Update Notifier and not available in Debian.
The point is, neither apt-get update nor aptitude update will display the line with the wrong package count: heck, they won't display any package count. You can simulate that line with something like
Code:
LC_ALL=C apt-get dist-upgrade -s|sed -En 's/(^[0-9]+)( upgraded).*/\1 packages can be\2/p'
Alternatively, you can try wajig update. Wajig keeps record of shown upgradable packages and will display only the new ones. Supply the option -t/--teach to see what actual commands are issued by wajig:
Code:
wajig update -t
aptitude update seems to be the most basic update command, even faster and simpler than apt-get update. dselect update will additionally update /var/lib/dpkg/available from /var/cache/apt/available which may or may not be what you want. Or, if you're adventurous, you can go a completely different route and try cupt update, or even pkcon refresh.
As to the second message, I wonder why does it bother you? I don't know of a way to get rid of this message in apt/apt-get. There is the option --no-show-upgraded and the corresponding apt.conf setting APT::Get::Show-Upgraded "false", but they will only suppress the message The following packages will be upgraded, while the kept-back packages will be displayed nevertheless.
OTOH, aptitude safe-upgrade won't display the packages to be upgraded/held-back by default, you have to add the option -v/--verbose for this. Of course, you can always
Code:
aptitude search '~U!~ahold'
to display only the packages to be upgraded.
Obviously, there are some trade-offs when using different front ends to manage packages. IMO, the most important one is that apt/apt-get/wajig vs. aptitude vs. cupt make use of different dependency resolvers. That means what exact packages will be automatically installed/removed to satisfy dependencies will sometimes depend on the front end used. I don't use aptitude much nowadays (other than aptitude search/versions/why), but I recall that back in the days of Debian Jessie aptitude's resolver was more aggressive than the others, and could suggest removing half the packages from the system to satisfy a particular dependency. I see that recent aptitude versions sport the option --safe-resolver though.
There's also a slight semantic difference between apt/apt-get/wajig upgrade and aptitude/cupt safe-upgrade commands: while the former will never remove installed packages, the latter sometimes will.
I've known people who say they run without antivirus, firewall and recommended security updates because they: "just don't need it?" If you're only doing wheezy things, maybe you don't? Another example: if you keep a computer locked in a room, do you really need a password login?
Beyond fixing your "problem" have you thought of benchmarking?
I run without anti-virus, but I do have a firewall and am usually very good at installing security updates quick.
It's just that my life has been very busy, that I do not want to spend the time troubleshooting the issues the update caused. In two months time life will free up a bit and then I plan to fix this.
Well, the latter command is part of Ubuntu-specific Update Notifier and not available in Debian.
The point is, neither apt-get update nor aptitude update will display the line with the wrong package count: heck, they won't display any package count. You can simulate that line with something like
Code:
LC_ALL=C apt-get dist-upgrade -s|sed -En 's/(^[0-9]+)( upgraded).*/\1 packages can be\2/p'
Alternatively, you can try wajig update. Wajig keeps record of shown upgradable packages and will display only the new ones. Supply the option -t/--teach to see what actual commands are issued by wajig:
Code:
wajig update -t
aptitude update seems to be the most basic update command, even faster and simpler than apt-get update. dselect update will additionally update /var/lib/dpkg/available from /var/cache/apt/available which may or may not be what you want. Or, if you're adventurous, you can go a completely different route and try cupt update, or even pkcon refresh.
As to the second message, I wonder why does it bother you? I don't know of a way to get rid of this message in apt/apt-get. There is the option --no-show-upgraded and the corresponding apt.conf setting APT::Get::Show-Upgraded "false", but they will only suppress the message The following packages will be upgraded, while the kept-back packages will be displayed nevertheless.
OTOH, aptitude safe-upgrade won't display the packages to be upgraded/held-back by default, you have to add the option -v/--verbose for this. Of course, you can always
Code:
aptitude search '~U!~ahold'
to display only the packages to be upgraded.
Obviously, there are some trade-offs when using different front ends to manage packages. IMO, the most important one is that apt/apt-get/wajig vs. aptitude vs. cupt make use of different dependency resolvers. That means what exact packages will be automatically installed/removed to satisfy dependencies will sometimes depend on the front end used. I don't use aptitude much nowadays (other than aptitude search/versions/why), but I recall that back in the days of Debian Jessie aptitude's resolver was more aggressive than the others, and could suggest removing half the packages from the system to satisfy a particular dependency. I see that recent aptitude versions sport the option --safe-resolver though.
There's also a slight semantic difference between apt/apt-get/wajig upgrade and aptitude/cupt safe-upgrade commands: while the former will never remove installed packages, the latter sometimes will.
Thank you for your detailed answer. I will look into wajig. I've heard about it before but never looked into it.
Not sure I've heard reports that the code has caused this, "it caused so many headaches with my system"
Back to the question of why?
I have a little script that runs the apt command, and if there are upgradeable packages, it uses KDE's notify-send to send me a pop up notif with the packages to be intalled. Putting intel on hold caused that to run every day.
I have not had time to troubleshoot. What I know is that after the update, most times KDE would have a completely black wallpaper, and no windows would show up in the task bar, and waking the computer from sleep would not reconnect to wifi, and opening the gui to reconnect manually would freeze the whole system. That last issue was resolved by having the computer switch to tty 1 right before sleeping, and switching back to tty 7 on wake up, but the other two are annoying and can only be resolved by multiple
Code:
sudo systemctl restart display-manager
Then the day after I reverted the update, these problems went away.
Well, it seems wajig counts upgrades the same way as apt (at least, the first time):
Code:
$ wajig update
[...]
Fetched 466 MB in 3min 22s (2.304 kB/s)
Reading package lists... Done
This is the same as the previous count with 0 new packages.
There are 1 new upgrades
$ wajig toupgrade
No upgradeable packages
$ aptitude search \~U
ihA ubuntu-advantage-tools - management tools for Ubuntu Advantage
$ wajig update
[...]
Reading package lists... Done
This is the same as the previous count with 0 new packages.
There are 0 new upgrades
I have a little script that runs the apt command, and if there are upgradeable packages, it uses KDE's notify-send to send me a pop up notif with the packages to be intalled. Putting intel on hold caused that to run every day.
FWIW, notify-send isn't specific to KDE.
Anyhoo, surely you can edit the script to ignore held packages?
If you need help, show us the script.
Quote:
I have not had time to troubleshoot. What I know is that after the update, most times KDE would have a completely black wallpaper, and no windows would show up in the task bar, and waking the computer from sleep would not reconnect to wifi, and opening the gui to reconnect manually would freeze the whole system. That last issue was resolved by having the computer switch to tty 1 right before sleeping, and switching back to tty 7 on wake up, but the other two are annoying and can only be resolved by multiple
Code:
sudo systemctl restart display-manager
Then the day after I reverted the update, these problems went away.
I cannot fathom how a microcode update can break the system so spectacularly, but if you say so.
I think this is a separate topic though.
If you decide to pursue this in a new topic, you obviously should provide some troubleshooting info, like the complete journal of a borked boot.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
