[Bug 1814727] Re: Backport never pinning and Packages-Require-Authorization

Launchpad Bug Tracker 1814727 at bugs.launchpad.net
Thu Mar 21 11:05:31 UTC 2019 

This bug was fixed in the package apt - 1.0.1ubuntu2.22

---------------
apt (1.0.1ubuntu2.22) trusty; urgency=medium

  * apt.dirs: Install auth.conf.d directory (LP: #1818996)
  * Merge translations from 1.2.31

apt (1.0.1ubuntu2.21) trusty; urgency=medium

  [ Julian Andres Klode ]
  * travis CI: Use docker container to get useful results
  * fix and non-silent fail dpkg-overwrite error test (LP: #1817088)
  * Introduce experimental 'never' pinning for sources (LP: #1814727)
  * Add support for /etc/apt/auth.conf.d/*.conf (netrcparts) (LP: #1811120)
  * Add a Packages-Require-Authorization Release file field (LP: #1814727)
  * NeverAutoRemove kernel meta packages (LP: #1787460)
  * Introduce APT::Install::Pre-Invoke / Post-Invoke-Success (LP: #1815761)

  [ David Kalnischkies ]
  * ftparchive/writer.cc: use a std::vector instead of hardcoded array
    (LP: #1817048)

 -- Julian Andres Klode <juliank at ubuntu.com>  Tue, 12 Mar 2019 15:15:54
+0100

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apt in Ubuntu.
https://bugs.launchpad.net/bugs/1814727

Title:
  Backport never pinning and Packages-Require-Authorization

Status in apt package in Ubuntu:
  Fix Released
Status in apt source package in Trusty:
  Fix Released
Status in apt source package in Xenial:
  Fix Released
Status in apt source package in Bionic:
  Fix Released
Status in apt source package in Cosmic:
  Fix Released
Status in apt source package in Disco:
  Fix Released

Bug description:
  [Impact]
  These are not driven from a direct user experience, but are related to other developments:

  (1) unattended-upgrades could use the never pinning to disable
  repositories rather than switching candidates. That would simplify
  code quite a bit.

  (2) Packages-Require-Authorization lets a repository declare that
  downloading packages from it requires authorization. This is useful
  both for private repositories, as it can prevent unattended-upgrades
  failures if you remove authorization info; and it also allows creating
  a new form of semi-private repository, where only pool/ requires
  authorization.

  [Test case]
  Tests are included in autopkgtests and cover the common scenarios
  https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-packages-require-authorization:
  (1) Add repository with Packages-Require-Authorization and no auth.conf entry: pin -32768
  (2) Add repository with Packages-Require-Authorization and a auth.conf entry: pin 500
  (3) As (2), but a custom pin still applies

  https://salsa.debian.org/apt-team/apt/blob/master/test/integration/test-policy-pinning#L365
  (1) Test that Pin-Priority: never overrides both per-package pins and per-repository pins
  (2) Test that Pin-Priority: never is only applied for per-repository (Package: *) pins

  [Regression potential]
  The changes might introduce regressions in pinning. The pinning implementation in trusty is substantially different from the other releases, and should thus require more testing.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1814727/+subscriptions

More information about the foundations-bugs mailing list