Andreas Vöst
8 months
Claus-Theodor Riegg
8 years
Claus-Theodor Riegg
7 years
Andreas Vöst
1 year

Find unmaintained packages with apt-forktracer

Updated . Posted . Visible to the public. Repeats.

If you use third party APT sources you might end up with unmaintained packages after removing the external source or performing a dist-upgrade. The reason for this is how external sources overwrite official package versions.

apt-forktracer Show archive.org snapshot helps you to identify such packages:

APT will not warn you when newer versions of official packages (point releases, security updates) will appear in the stable release. This means you may miss some important change.

Example output

This is the output of apt-forktracer | sort after upgrading to Ubuntu 20.04:

haproxy (2.4.19-1ppa1~focal) [LP-PPA-vbernat-haproxy-2.4: 2.4.19-1ppa1~focal] [Ubuntu: 2.0.29-0ubuntu1 2.0.13-2ubuntu0.5 2.0.13-2]
libreadline7 (7.0-3)
libsodium23 (1.0.18-1+ubuntu18.04.1+deb.sury.org+1) [Ubuntu: 1.0.18-1]
libssl1.1 (1.1.1j-1+ubuntu18.04.1+deb.sury.org+3) [Ubuntu: 1.1.1f-1ubuntu2.16 1.1.1f-1ubuntu2.16 1.1.1f-1ubuntu2]
openssl (1.1.1j-1+ubuntu18.04.1+deb.sury.org+3) [Ubuntu: 1.1.1f-1ubuntu2.16 1.1.1f-1ubuntu2.16 1.1.1f-1ubuntu2]
php7.4-cli (1:7.4.32-1+ubuntu20.04.1+deb.sury.org+2) [LP-PPA-ondrej-php: 1:7.4.32-1+ubuntu20.04.1+deb.sury.org+2] [Ubuntu: 7.4.3-4ubuntu2.13 7.4.3-4ubuntu2.12 7.4.3-4ubuntu1]
postgresql-client (15+244.pgdg20.04+1) [apt.postgresql.org: 15+244.pgdg20.04+1] [Ubuntu: 12+214ubuntu0.1 12+214ubuntu0.1 12+214]
postgresql-client-15 (15.0-1.pgdg20.04+1) [apt.postgresql.org: 15.0-1.pgdg20.04+1]
puppet-agent (7.20.0-1focal) [Puppetlabs: 7.20.0-1focal 7.19.0-1focal 7.18.0-1focal 7.17.0-1focal 7.16.0-1focal 7.15.0-1focal 7.14.0-1focal 7.13.1-1focal 7.12.1-1focal 7.12.0-1focal 7.11.0-1focal 7.10.0-1focal 7.9.0-1focal 7.8.0-1focal 7.7.0-1focal 7.6.1-1focal 7.5.0-1focal 7.4.1-1focal 7.4.0-1focal 7.3.0-1focal 7.1.0-1focal 7.0.0-1focal]

Lets see how to handle the results:

Package Installed version Desired version Reason
haproxy 2.4.19-1ppa1~focal 2.4.19-1ppa1~focal We want the newer version from the PPA.
libreadline7 7.0-3 n/a No sources for this package. We want to get rid of it.
libsodium23 1.0.18-1+ubuntu18.04.1+deb.sury.org+1 1.0.18-1 We want to switch to the official Ubuntu package. This package was intended for Ubuntu 18.04.
libssl1.1 1.1.1j-1+ubuntu18.04.1+deb.sury.org+3 1.1.1f-1ubuntu2.16 We want to switch to the official Ubuntu package. The newer version was only required on Ubuntu 18.04.
openssl 1.1.1j-1+ubuntu18.04.1+deb.sury.org+3 1.1.1f-1ubuntu2.16 We want to switch to the official Ubuntu package. The newer version was only required on Ubuntu 18.04.
php7.4-cli 7.4.32-1+ubuntu20.04.1+deb.sury.org+2 7.4.32-1+ubuntu20.04.1+deb.sury.org+2 We want the newer version from the PPA.
postgresql-client 15+244.pgdg20.04+1 15+244.pgdg20.04+1 We want the newer version from the PPA.
postgresql-client-15 15.0-1.pgdg20.04+1 15.0-1.pgdg20.04+1 We want the use this version because Ubuntu does not offer this package.
puppet-agent 7.20.0-1focal 7.20.0-1focal We're using the latest version of the PPA.

As you see we would end up with soon to be outdated openssl and libssl packages from an external PPA for an old Ubuntu release.

Why is a package picked?

Run apt policy $PACKAGE to find out why a package is picked. Maybe it is pinned on purpose.

Example fixes

To fix the packages from above we need to:

# Switch to the official Ubuntu sources
# APT will tell you that this is a downgrade
sudo apt install libsodium23=1.0.18-1 libssl1.1=1.1.1f-1ubuntu2.16 openssl=1.1.1f-1ubuntu2.16

# Remove the unavailable package
sudo apt purge libreadline7
Andreas Vöst
Last edit
Marc Dierig
License
Source code in this card is licensed under the MIT License.