Dev/APT Pinning
Why we should avoid Debian APT Pinning
Summary[edit]
Debian developers would literally hate this.
Okay for end users and sys admins, but not a solution for a Debian derivative.
More Details[edit]
Question: Can a package pull a another package from another repository to be added?
Answers:
- https://lists.debian.org/debian-derivatives/2013/08/msg00005.html
- https://lists.debian.org/debian-derivatives/2013/08/msg00006.html
Example where Kicksecure backports APT pinning instructions broke users systems:
https://forums.whonix.org/t/templates-incorrectly-think-theyre-not-connected-to-a-whonix-gateway/2258/25
Misc[edit]
user documentation template archived: https://www.kicksecure.com/w/index.php?title=Special:Undelete&target=Template%3AApt-Pinning×tamp=20170721231624
Major Issues[edit]
https://forums.whonix.org/t/templates-incorrectly-think-theyre-not-connected-to-a-whonix-gateway/2258/25
backports by default[edit]
- Had resulted to breakage in Qubes. See: https://github.com/QubesOS/qubes-issues/issues/4443
- Debian bug linux-image-amd64 vs linux-headers-amd64 Debian buster-backports version mismatch bpo.2 vs bpo.3 shows that just enabling backports repository might lead to issues. In this example, breaking all kernel modules due to kernel image vs kernel headers version mismatch from backports packages.debian.org.
History[edit]
This idea came up originally in context of: https://web.archive.org/web/20220322174537/https://github.com/Whonix/Whonix/issues/60
We believe security software like Kicksecure needs to remain Open Source and independent. Would you help sustain and grow the project? Learn more about our 12 year success story and maybe DONATE!