- Обновление Debian 9 для устранения уязвимости Meltdown в процессорах Intel
- Fixing “The following packages have been kept back” Error While Updating Ubuntu and Debian-based Linux Distributions
- Fixing “The following packages have been kept back” Error
- Explained: Reason for the “The following packages have been kept back” error and how it was fixed
- «Следующие пакеты были сохранены:» Почему и как я могу это решить?
- The following packages have been kept back. #6037
- Comments
- fxceptioN commented Apr 18, 2017
- System information
- mschilli87 commented Apr 18, 2017
- dasjoe commented Apr 18, 2017
- fxceptioN commented Apr 18, 2017
- dasjoe commented Apr 18, 2017
- fxceptioN commented Apr 18, 2017
- jwittlincohen commented Apr 25, 2017 •
- Debian: apt-get upgrade says «The following packages have been kept back» for various mariadb packages
Обновление Debian 9 для устранения уязвимости Meltdown в процессорах Intel
Наверно уже весь Интернет знает о том, что в процессорах Intel найдена архитектурная проблема откуда и появилась серия уязвимостей Meltdown и Spectre. Об этом написано на OpenNET, об этом есть пара хороших статей на geektimes.ru (Meltdown и Spectre).
Буквально недавно разработчики Debian выпустили обновление ядра для устранения уязвимостей для Debian 9, отследить состояние обновлений для Debian можно на этой странице.
Как установить обновление ?
На самом деле все просто.
1. Проверим версию ядра:
Видим версию 4.9.65-3+deb9u1 — наша система уязвима.
2. Ставим обновления:
В результате должны обновиться пакеты linux-image-amd64 и linux-image-4.9.0-5-amd64
Если на команду apt-get upgrade будет выдано сообщение:
В результате должны установиться пакеты linux-image-amd64 версии 4.9+80+deb9u3 и linux-image-4.9.0-5-amd64 версии 4.9.65-3+deb9u2 как и было указано на странице Debian Security Tracker (CVE-2017-5754).
Далее обязательно перезагружаем сервер.
3. Проверяем версию ядра:
Видим 4.9.65-3+deb9u2 — значит, пока можно спать спокойно.
На этом все, до скорых встреч. Если у Вас возникли вопросы или Вы хотите чтобы я помог Вам, то Вы всегда можете связаться со мной разными доступными способами.
Источник
Fixing “The following packages have been kept back” Error While Updating Ubuntu and Debian-based Linux Distributions
Last updated August 31, 2021 By Abhishek Prakash 50 Comments
The other day I was updating my Ubuntu system. I prefer the command line way of updating the system by using the combination of apt update and apt upgrade.
I encountered a strange update error in Ubuntu this time. It showed me that there are packages that can be upgraded but it could not upgrade those packages because of an error that read:
The following packages have been kept back:
Here’s the screenshot of the error I encountered:
As you can see in the image above, the problem is arising because of fwupd which is the firmware update manager daemon in Ubuntu and other Linux.
Let me show you how to handle this error in Ubuntu and other Linux distributions like Linux Mint, Debian, Kali Linux etc.
Fixing “The following packages have been kept back” Error
The fix for this error is really simple. All you have to do is to use the apt install command with package or packages in the question:
If you use apt install on an already installed package, it gets updated. In my case, fwupd package was kept back. So, here’s what I tried:
As you can see in the below screenshot, it suggests two packages that will be installed and then those packages are installed as well.
Explained: Reason for the “The following packages have been kept back” error and how it was fixed
The above suggested fix should solve the problem for you. But are you curious what caused the error and how was it fixed? Let me explain that to you.
Normally, when you run the sudo apt update and sudo apt upgrade commands, it updates all the installed packages to their available newer versions.
However, if the dependencies of an installed package have been changed such that it requires installation of new packages, the installed package won’t be upgraded with the system update and you’ll see package kept back error.
In the example here, when fwupd was originally installed, tpm2-tools and tpm2-abrmd were not installed and fwupd did not depend on it. Later, a newer version of fwupd required the installation of these new packages.
This is a mechanism in Debian’s APT package manager that informs you that an already installed package now needs to install more new package as dependency. When you manually and individually update these packages, you see what new packages are going to be installed and the error is not shown anymore.
You may also use apt full-upgrade/apt-get dist-upgrade instead of apt install package_name in this case but I would not recommend that. The apt full-upgrade may automatically remove packages that it deems unnecessary while handling dependencies. This may lead to unwanted situations.
Did you fix this error?
Did this solution help you in getting rid of the “packages have been kept back” error? If yes, I welcome your quick ‘thank you’ message in the comment section. If not, let me know and I’ll try to help you out further.
Like what you read? Please share it with others.
Источник
«Следующие пакеты были сохранены:» Почему и как я могу это решить?
Я только что добавил PPA-репозиторий для версии разработки GIMP, но я получаю эту ошибку:
Почему и как я могу решить эту проблему, чтобы я мог использовать последнюю версию вместо той, которая у меня есть сейчас?
Если зависимости были изменены для одного из установленных пакетов, поэтому для обновления необходимо установить новый пакет, который будет указан как «сохраненный».
Осторожное решение 1:
Согласно ответу Пабло , вы можете запустить sudo apt-get —with-new-pkgs upgrade , и он установит скрытые пакеты.
Преимущество этого состоит в том, что вы не помечаете скрытые пакеты как «установленные вручную», что может вызвать дальнейшее вмешательство пользователя (см. Комментарии).
Если решение Пабло работает для вас, пожалуйста, подпишите его. Если нет, пожалуйста, прокомментируйте, что пошло не так.
Осторожное решение 2:
Осторожное решение — бежать sudo apt-get install
. В большинстве случаев это даст скрытым пакетам то, что им нужно для успешного обновления.
Агрессивное решение:
Более агрессивным решением является запуск sudo apt-get dist-upgrade , который заставит установить эти новые зависимости.
Но dist-upgrade может быть довольно опасно . В отличие от обновления, он может удалять пакеты для разрешения сложных ситуаций зависимости. В отличие от вас, APT не всегда достаточно умен, чтобы знать, могут ли эти добавления и удаления нанести ущерб.
Так что, если вы оказались в месте, где «осторожное решение» не работает, dist-upgrade может работать… но вам, вероятно, лучше узнать немного больше о APT и решить проблемы с зависимостями «вручную», установив и удалив пакеты на индивидуальной основе.
Подумайте об этом, как починить машину . если у вас есть время и вам пригодится гаечный ключ, вы немного успокоитесь, прочитав и выполнив ремонт самостоятельно. Если вам повезет, вы можете отвезти свою машину к двоюродной сестре dist-upgrade и надеяться, что она знает свои вещи.
Источник
The following packages have been kept back. #6037
Comments
fxceptioN commented Apr 18, 2017
System information
| Type | Version/Name |
|---|---|
| Distribution Name | Debian |
| Distribution Version | Debian GNU/Linux 8.7 (jessie) |
| Linux Kernel | 3.16.0-4-amd64 |
| Architecture | AMD64 |
| ZFS Version | version: 0.6.5.8-2 |
bpo8+1
I recently performed an apt-get update && apt-get upgrade and noticed this. What is shown below is what I’m seeing after the initial apt-get update && apt-get upgrade because I forgot to make a copy of it.
Basically what I’m trying to show you is this
The following packages have been kept back:
spl-dkms zfs-dkms
I’m not sure what to do, Is this normal?
The text was updated successfully, but these errors were encountered:
mschilli87 commented Apr 18, 2017
AFAIK this just means that you could upgrade the packages but the new versions have dependencies that the old ones didn’t have. So to upgrade these packages, you’d need to install additional packages.
If you are fine with that, just try to re-install install them explicitely: apt-get install spl-dkms zfs-dkms .
You should see some message telling you that this and that package will be installed as a dependency.
If the next upgrade doesn’t introduce new dependencies again, apt-get upgrade will upgrade them just fine again.
dasjoe commented Apr 18, 2017
This is not related to ZFS, but using apt-get dist-upgrade will help.
fxceptioN commented Apr 18, 2017
I’ved tried apt-get dist-upgrade and that didn’t do anything, Also when doing apt-get install spl-dkms zfs-dkms this is the output
dasjoe commented Apr 18, 2017
You need to install dkms from jessie-backports, the repository’s packages are pinned to 100 so they won’t get pulled in automatically.
fxceptioN commented Apr 18, 2017
was that all i needed to do?
jwittlincohen commented Apr 25, 2017 •
I think this can be closed. I don’t think there is a bug here, in ZFS or in Debian. Had the parent simply run, sudo apt-get dist-upgrade , it would have worked. The issue is that the regular upgrade won’t obtain new dependencies. He then ran sudo apt-get install zfs-dkms spl-dkms but these packages only reside in Jessie-Backports, which must be manually specified with sudo apt-get install -t jessie-backports packagename.
Источник
Debian: apt-get upgrade says «The following packages have been kept back» for various mariadb packages
I am running Debian 9 (stretch) and have just tried to run apt-get update and apt-get upgrade in order to update my (test) webserver as part of regular maintenance.
apt-get upgrade says:
The following packages have been kept back: linux-image-amd64 mariadb-client-10.1 mariadb-server mariadb-server-10.1 mariadb-server-core-10.1
I understand that apt-get upgrade is, sensibly, cautious about package updates, and will only update already installed packages, rather than bringing in any new additional dependencies already. (I have already seen this older related question.)
I know that I could instead run apt-get dist-upgrade in order to «force» the dependencies to be installed. I am just wondering if there is any particular reason why these MariaDB updates have been held back, and if there is any way to tell whether it might to risky to install them regardless?
(Yes, this is only a test server, so it would not be the worst thing if I tried the upgrade and it failed somehow (and I would then know that I should ignore those updates for the live server), but I am just wondering if there is any way to find out what the issue with these packages might be (such as finding out what version would be being expected to be installed, and whether there might be anything in the Debian package release notes that I could refer to)?)
Currently, I have the following versions installed:
- mysql Ver 15.1 Distrib 10.1.26-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
- Server version: 10.1.26-MariaDB-0+deb9u1 Debian 9.1
My main concern is to ensure that my server is up to date with security updates, as far as possible.
Источник
