Software – Page 4 – pbandjelly.org

Lenny apt configs

A friend of mine, Major, asked for a little advice on Debian apt configuration for a stable production server. Over the years, I have learned a few little things with regards to apt configuration with sane access to newer backports and/or testing/unstable/alpha apt repositories, and particularly one gotcha when a new stable release is completed.

One of my favorite apt preference resources is maintained by Roderick Schertler, and I always keep his apt pinning page listed in my /etc/apt/preferences file.

I track Debian stable (currently “Lenny”) on production servers and upgrade only software that is absolutely necessary from backports or testing – the gotcha I mention above is when Debian releases a new “stable” (“Squeeze” is next). Without “oldstable” listed in the preferences file at a higher priority than “stable”, you might be in for a surprise one day with a long list of packages set to be upgraded to the new “stable” 😉 This is not particularly desirable in a production environment that will require a good deal of work to make sure a dist-upgrade to the new stable release will function properly.

On my workstations and laptop, I typically roll along with the “testing” (currently “Squeeze) apt repositories and update/upgrade daily for that new software fresh feeling. I use the same apt configurations and simply bump the testing preference to 910. This allows me to do things like ‘apt-cache policy $FOO’ to see what versions of a package are in all the releases, without trolling around packages.d.o.

Here’s a tarball of my Lenny apt configs and the contents:

/etc/apt/apt.conf – set lenny as the default release and bump the cache limit a lot higher

APT::Default-Release "lenny";
APT::Cache-Limit 33554432;

/etc/apt/sources.list – Lenny/testing/sid along with security, backports, debian-multimedia, and alpha kernel builds

# Lenny
deb http://ftp.us.debian.org/debian/ lenny main contrib non-free
deb-src http://ftp.us.debian.org/debian/ lenny main contrib non-free
deb http://security.debian.org/ lenny/updates main contrib non-free
deb-src http://security.debian.org/ lenny/updates main contrib non-free

# Testing
deb http://ftp.us.debian.org/debian/ testing main contrib non-free
deb-src http://ftp.us.debian.org/debian/ testing main contrib non-free
deb http://security.debian.org/ testing/updates main contrib non-free
deb-src http://security.debian.org/ testing/updates main contrib non-free

# Sid
deb http://ftp.us.debian.org/debian/ unstable main contrib non-free
deb-src http://ftp.us.debian.org/debian/ unstable main contrib non-free

# Experimental
deb http://ftp.us.debian.org/debian/ experimental main contrib non-free
deb-src http://ftp.us.debian.org/debian/ experimental main contrib non-free

#####
# Lenny Backports
deb http://www.backports.org/debian lenny-backports main contrib non-free
deb-src http://www.backports.org/debian lenny-backports main contrib non-free

# Debian Multimedia
deb http://www.debian-multimedia.org/ lenny main
deb-src http://www.debian-multimedia.org/ lenny main

# buildserver.net kernel buildd repo
# http://wiki.debian.org/DebianKernel
deb http://kernel-archive.buildserver.net/debian-kernel/ trunk main
deb-src http://kernel-archive.buildserver.net/debian-kernel/ trunk main

/etc/apt/preferences – the magic to not dork up a stable box.. read Roderick’s pinning page for really great explanations on how this all works

Explanation: see http://www.argon.org/~roderick/apt-pinning.html
Package: *
Pin: release o=Debian,a=oldstable
Pin-Priority: 905

Package: *
Pin: release o=Debian,a=stable
Pin-Priority: 900

Package: *
Pin: release o=Debian,a=testing
Pin-Priority: 400

Package: *
Pin: release o=Debian,a=unstable
Pin-Priority: 300

Package: *
Pin: release o=Debian
Pin-Priority: -1

Package: *
Pin: origin www.backports.org
Pin-Priority: 600

Package: *
Pin: origin www.debian-multimedia.org
Pin-Priority: 600

Package: *
Pin: release o=Debian-Kernel,a=kernel-dists-trunk
Pin-Priority: 200

The Order of the Blue Polo

I just got my blue polo from the OpenNMS guys, and had to write a quick post on the certificate included in the package. It says:

Certificate of Merit
Let this Certify that
Michael Shuler
has demonstrated outstanding judgment in becoming a member of
The Order of the Blue Polo

What can we say? Although “bestest” isn’t a word, it should be, cause that’s what you are: The Bestest. You have all the intelligence of those people on Star Trek with the big foreheads, but you have really cool, normal foreheads. People Magazine won’t run your picture because they are afraid of making the models mad. Thank you so much for talking about OpenNMS until you are blue in the face. You are the reason we exist.

OpenNMS
Tarus Balog, Project Maintainer

The Way It Is

Brilliant!

s/testing/stable/

Debian GNU/Linux 5.0 “Lenny” has been released as “stable”. Congratulations and thank you for all the hard work, Debian release team, Debian CD team, Debian Developers, and all Debian contributors!

mshuler@kokopelli:~$ apt-cache policy 
Package files:
 100 /var/lib/dpkg/status
     release a=now
 700 http://security.debian.org lenny/updates/non-free Packages
     release v=None,o=Debian,a=testing,l=Debian-Security,c=non-free
     origin security.debian.org
 700 http://security.debian.org lenny/updates/contrib Packages
     release v=None,o=Debian,a=testing,l=Debian-Security,c=contrib
     origin security.debian.org
 700 http://security.debian.org lenny/updates/main Packages
     release v=None,o=Debian,a=testing,l=Debian-Security,c=main
     origin security.debian.org
 700 http://ftp.us.debian.org lenny/non-free Packages
     release o=Debian,a=testing,l=Debian,c=non-free
     origin ftp.us.debian.org
 700 http://ftp.us.debian.org lenny/contrib Packages
     release o=Debian,a=testing,l=Debian,c=contrib
     origin ftp.us.debian.org
 700 http://ftp.us.debian.org lenny/main Packages
     release o=Debian,a=testing,l=Debian,c=main
     origin ftp.us.debian.org
Pinned packages:
mshuler@kokopelli:~$ sudo apt-get update -q2
mshuler@kokopelli:~$ apt-cache policy 
Package files:
 100 /var/lib/dpkg/status
     release a=now
 900 http://security.debian.org lenny/updates/non-free Packages
     release v=5.0,o=Debian,a=stable,l=Debian-Security,c=non-free
     origin security.debian.org
 900 http://security.debian.org lenny/updates/contrib Packages
     release v=5.0,o=Debian,a=stable,l=Debian-Security,c=contrib
     origin security.debian.org
 900 http://security.debian.org lenny/updates/main Packages
     release v=5.0,o=Debian,a=stable,l=Debian-Security,c=main
     origin security.debian.org
 900 http://ftp.us.debian.org lenny/non-free Packages
     release v=5.0,o=Debian,a=stable,l=Debian,c=non-free
     origin ftp.us.debian.org
 900 http://ftp.us.debian.org lenny/contrib Packages
     release v=5.0,o=Debian,a=stable,l=Debian,c=contrib
     origin ftp.us.debian.org
 900 http://ftp.us.debian.org lenny/main Packages
     release v=5.0,o=Debian,a=stable,l=Debian,c=main
     origin ftp.us.debian.org
Pinned packages:
mshuler@kokopelli:~$

Clean Debian Lenny KDE Install (cont.)

Well, since I didn’t have a whole lot of time invested in my install as in the previous post, and since I did not quickly sort out why the heck I could not suspend/lock with the KDE power manager widget, I thought I would give the weekly build of the Lenny KDE install disk a try to see if I got any decent results. As it turns out, the install is a nice selection of default KDE software, and suspend with desktop locking works out of the box – this is definitely the way to go 🙂

As for any KDE issues I’ve found, the only one that I can think of is that KDE v3.5 does not support URL link opening in a browser from Konsole (this is new in KDE v4.1) – seems it can be done, but it might be rather messy, so copy/paste for now.

Amarok simply rocks for managing the data on my new iPod – music and cover art sync work perfectly (with the gtk-linked libgpod3 (not the -nogtk package)), .m4v MPEG4 video file uploads work well (transcoded from XviD .avi’s using mkipod from the mp4tools package, and id tags updated using mp4tags from the mpeg4ip-utils package). The new iPod Classic 120G Gen6 and amarok are the big reasons for giving KDE a try (yeah, I could have just installed amarok under Gnome, along with the necessary libs, but I needed an excuse to give KDE an evaluation)

Later!