docs:tips_n_tricks:ubuntu:pinning.html
APT Pinning
UbuntuDebianaptapt-preferencesapt-pinning
This is more a generic debian topic, but as the examples don't include any debian repository, I put it below Ubuntu.
This will disable any automatic package installations from origins other then Ubuntu or Canonical.
As soon as you have authenticated another repository, nothing prevents it to announce Ubuntu or Canoncial as origin. So this is a mere conveniance feature rather than a security measure.
- /etc/apt/preferences.d/ZZZ_paranoia.pref
Package: * Pin: release o=Ubuntu Pin-Priority: 500 Package: * Pin: release o=Canonical Pin-Priority: 500 Package: * Pin: origin * Pin-Priority: -10
To find out the origins of your repositorys, run
fgrep -ih origin: /var/lib/apt/lists/* | sort -u
A similar approach might work with the Label: setting of the repositories, which you find by
fgrep -ih label: /var/lib/apt/lists/* | sort -u
(Probably there is a more sophisticated way to list the values of Origin: and Label:, but those two work while I don't need to spend time to find out more.)
docs/tips_n_tricks/ubuntu/pinning.html.txt · Last modified: 12.02.2022 19:04 CET by peter