Ubuntu

Version of modified package

Asked by sander

Hi,

I've made a modified php5 package. I have removed some databases, such as mysql and mssql. And also removed some patches.

The main reason I did this, is to learn how to make (or modify) packages for my own needs.

But now I have an issue with the version numbers. When I go to the page of my PPA, next to my package is this line:

   5.3.2-1san1 (Newer version available)

The problem is, the 'newer version'. Could someone explain to me why it is detecting ubuntu's main php5 package as being newer? It is the same package, but modified.

My guess is that it is because Ubuntu's package uses '1ubuntu4.5' as version, and I am using a 1 (-1san1) as version. Are these the versions that are being compared? 4.5 versus 1? Is this right?

If it is, I suppose I should either add something to ubuntu's 4.5 (to 4.6 or 4.5.1 maybe?)

OR

I should append something after Ubuntu's version. Like this: php5-1ubuntu4.5-1san1

Which one is the right way? (If this is necessary of course)

If that's the case that i should modify the version, how do I make sure, that when ubuntu releases for example version 4.6, my personal package isn't being overwritten by ubuntu's php5? Because then I loose my modifications..

The manual says this:

If you're creating an alternative version of a package already available in Ubuntu's repositories, you should ensure that:

    * your package supersedes the official Ubuntu version
    * future Ubuntu versions will supersede your package.

As far as I know, my version is superseding the official Ubuntu version.

But i don't want future Ubuntu versions to supersede my package (because then, it would overwrite it, or wouldn't it?)

I hope someone can help me,

Thanks.

Sander.

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Solved by:
Mika Wahlroos
Solved:
Last query:
Last reply:
Revision history for this message
actionparsnip (andrew-woodhead666) said : 		#1

You can use apt to pin the package version.

Revision history for this message
Best Mika Wahlroos (mpw) said : 		#2

I believe the comparison is done alphabetically, so in case of 5.3.2-1san1 vs. 5.3.2-1ubuntu4.5 your version number is considered an earlier version than Ubuntu's because the first differing character is 's' vs. 'u' and s comes first.

Since you're basing your modified package on an Ubuntu package, I think appending your own -1sas1 version string after Ubuntu's -1ubuntu4.5 makes sense. This makes your package (5.3.2-1ubuntu4.5-1sas1 and any further modifications to it) also supersede Ubuntu's 5.3.2-1ubuntu4.5, but if Ubuntu later makes an updated package, say, 5.3.2-1ubuntu4.6, it's going to supersede your package.

The policy actually makes sense: your package based on Ubuntu's 4.5 won't have any future fixes (security patches in particular) that Ubuntu may make in further versions, so it's actually a good idea for Ubuntu's future packages to supersede yours. If you don't want Ubuntu's future versions to get automatically installed on top of yours, you should pin the php5 package on your particular system to your custom version to prevent APT and the update manager from installing new versions over it. See https://help.ubuntu.com/community/PinningHowto#Apt/Dpkg for details on how to do that. Since pinning to a version and omitting future security fixes should be a conscious decision by the system administrator, it's better to do it with pinning the package on the particular system than with a version string that would indefinitely supersede Ubuntu's future versions.

If you're going to use your modified php5 package on a real-world server, you will most probably also want to apply future security patches when Ubuntu releases them. To get *both* your modifications and future security fixes you'll then have to keep re-applying your modifications on top of new Ubuntu versions (e.g. build 5.3.2-1ubuntu4.6-1san1 based on 5.3.2-1ubuntu4.6) when they're released and then manually install that package on top of the old one.

There might be some decent tools for (semi-automatically) merging your changes on top of new Ubuntu-patched versions, thus allowing you to get both worlds with less manual work, but I don't know about those. At the very least you'll probably want to get your modifications into a patch file that you can then just re-apply on top of new versions released by Ubuntu. In any case getting both will require some extra work.

Revision history for this message
Sebastiaan Stok (s-stok) said : 		#3

Will pinning the package means it will not be upgraded?
But if you issue an manual 'install' will it be installed?

If there is an newer version of the package, I will modify my own to include the patches I want.
Installing them manually will not be a problem.

Revision history for this message
sander (sander3) said : 		#4

Thanks Mika Wahlroos, that solved my question.