From owner-freebsd-questions@FreeBSD.ORG Thu Jul 18 12:56:31 2013 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 05225719 for ; Thu, 18 Jul 2013 12:56:31 +0000 (UTC) (envelope-from matthew@freebsd.org) Received: from smtp.infracaninophile.co.uk (smtp6.infracaninophile.co.uk [IPv6:2001:8b0:151:1:3cd3:cd67:fafa:3d78]) by mx1.freebsd.org (Postfix) with ESMTP id 7D57EC2B for ; Thu, 18 Jul 2013 12:56:30 +0000 (UTC) Received: from rufus.webfusion.com (mail.heartinternet.co.uk [79.170.40.31]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.7/8.14.7) with ESMTP id r6ICuPBU023868 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO) for ; Thu, 18 Jul 2013 13:56:26 +0100 (BST) (envelope-from matthew@freebsd.org) DKIM-Filter: OpenDKIM Filter v2.8.3 smtp.infracaninophile.co.uk r6ICuPBU023868 Authentication-Results: smtp.infracaninophile.co.uk/r6ICuPBU023868; dkim=none reason="no signature"; dkim-adsp=none (unprotected policy) X-Authentication-Warning: lucid-nonsense.infracaninophile.co.uk: Host mail.heartinternet.co.uk [79.170.40.31] claimed to be rufus.webfusion.com Message-ID: <51E7E5F9.50107@freebsd.org> Date: Thu, 18 Jul 2013 13:56:25 +0100 From: Matthew Seaman User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/20130715 Thunderbird/17.0.7 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: Is pkgng supposed to upgrade a dependency of a locked package? References: <6E003358-F64D-4AA7-9C5B-FAA2918389DC@gromit.dlib.vt.edu> In-Reply-To: <6E003358-F64D-4AA7-9C5B-FAA2918389DC@gromit.dlib.vt.edu> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.97.8 at lucid-nonsense.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-1.6 required=5.0 tests=AWL,BAYES_00, RCVD_IN_DNSWL_NONE,SPF_SOFTFAIL autolearn=no version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on lucid-nonsense.infracaninophile.co.uk X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Jul 2013 12:56:31 -0000 On 18/07/2013 13:42, Paul Mather wrote: > I am using pkgng 1.1.4_1 on RELENG_9 (r252725), operating on a local repo I maintain using poudriere 3.0.4. > > Recently, I wanted to upgrade all packages on a client except two whose update I want to defer for now as they potentially impact locally-developed applications. I figured I would use the pkgng "lock" functionality on those two packages (apache-solr and py27-Jinja2) to prevent them from being updated. I ran "pkg upgrade" on the client and, as expected, the locked packages weren't upgraded. However, I was surprised to see that packages upon which the locked packages depended were upgraded. Unless I'm misunderstanding something, the man page for pkg-lock states this should not happen: > > ===== > The impact of locking a package is wider than simply preventing modifica- > tions to the package itself. Any operation implying modification of the > locked package will be blocked. This includes: > [[...]] > o Deletion, up- or downgrade of any package the locked package depends > upon, either directly or as a consequence of installing or upgrading > some third package. > ===== > > In my case, the following dependencies of apache-solr were updated, even though apache-solr is locked: java-zoneinfo: 2013.c -> 2013.d; libXi: 1.7.1_1,1 -> 1.7.2,1; libXrender: 0.9.7_1 -> 0.9.8; and openjdk: 7.21.11 -> 7.25.15. In the case of the locked py27-Jinja2, these dependencies were updated: gettext: 0.18.1.1_1 -> 0.18.3; and py27-MarkupSafe: 0.15 -> 0.18. Dependency information in the two locked packages was updated to reflect these new, upgraded dependencies. > > Is this a bug, or am I misreading the man page? That's a bug, definitely. The way the man page describes the effect of locking is what should happen -- nothing a locked package depends on should be modified by pkg without some extra input from the administrator to allow the change to happen. Cheers, Matthew