Debian backports and pinning

I’m running Debian Etch because I prefer the stable Debian package tree. This is all great but the software is a little outdated compared to other distributions like Ubuntu. That is where backports come in. Backports are recompiled packages from testing (mostly) and unstable (in a few cases only, e.g. security updates), so they will run without new libraries (wherever it is possible) on a stable Debian distribution. They recommend you to pick out single backports which fits your needs, and not to use all backports available here.

Using backports is simple

  1. Add this line to your /etc/apt/sources.list
  2. deb http://www.backports.org/debian etch-backports main contrib non-free
  3. Run
    apt-get update

    You might get a error message

    Reading package lists... Done
    W: GPG error: http://www.backports.org etch-backports Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY EA8E8B2116BA136C
    W: You may want to run apt-get update to correct these problems

    This message comes on Debian Etch because you haven’t imported the backports keyring. It’s easily fixed by running the command

    apt-get install debian-backports-keyring
  4. Since all backports are deactivated by default you got to tell the package manager to use the backports repository. To install a newer version of nmap
    apt-get -t etch-backports install nmap

It is important to remember that if you forget to tell apt-get that nmap is installed from backports and run another apt-get install nmap it will remove my backports package.

A simple solution to this is to use pinning
Edit /etc/apt/preferences, the file has to be created if you haven’t used pinning before

Package: nmap
Pin: release a=etch-backports
Pin-Priority: 999

Now the system “remembers” that nmap is installed from the backports repository and you don’t have to worry about it anymore, nice.

Source: http://www.backports.org/

Mounting remote filesystems using SSH and Debian

This post describes how to mount a remote filesystem through SSH using the shfs kernel module on a Debian Etch server. By doing this I can access the remote filesystem as if it was a local filesystem and also use my local tools and software.
This is a short description of how I made a remote filesystem accessible on my private server.

Download the needed software

# apt-get install shfs-source shfs-utils module-assistant

This step might not be needed on your system, but I didn’t have the needed software to build the kernel module

# module-assistant prepare

Use the module assistant to build the kernel module to match your local system (I use a 2.6 kernel but this whould work on a 2.4 kernel also)

module-assistant build shfs

Now you can install it

# module-assistant install shfs
Selecting previously deselected package shfs-module-2.6.18-5-686.
(Reading database ... 78212 files and directories currently installed.)
Unpacking shfs-module-2.6.18-5-686 (from .../shfs-module-2.6.18-5-686_0.35-6.2+2.6.18.dfsg.1-17_i386.deb) ...
Setting up shfs-module-2.6.18-5-686 (0.35-6.2+2.6.18.dfsg.1-17) ...

You might see some error messages but those are mostly harmless :) and can be ignored.
Now we can try to mount the remote filesystem

# mkdir /export/remotefs
# shfsmount user@remotesystem.com /export/remotefs
Password:

The remote filesystem should now be available after typing your password.

# cd /export/remotefs
# ls

You will now see all your files in the remote filesystem as if they were on your local machine.
To unmount your filesystem

# cd /
# umount /export/remotefs

This post could have been extended to use passwordless

apt-show-versions

apt-show-versions is a Debian tool that lists available package versions with distributions. This is really useful if you have a mixed stable/testing environment and want to list all packages which are from testing and can be upgraded in testing.

This package is not installed automatically so you have to install it your self

apt-get install apt-show-versions

An example output from this command

groff-base/etch uptodate 1.18.1.1-12
notification-daemon/etch uptodate 0.3.5-1+b1
libavahi-common3/etch uptodate 0.6.16-3etch1
esound-common/etch uptodate 0.2.36-3
libgnome2-0/etch uptodate 2.16.0-2
m4/etch uptodate 1.4.8-2
libkpathsea4/etch uptodate 3.0-30
...

The -u option displays a list of upgradeable packages

# apt-show-versions -u    
     # apt-show-versions -u
linux-image-2.6.18-6-686/etch upgradeable from 2.6.18.dfsg.1-17etch1 to 2.6.18.dfsg.1-18etch1

Upgrade from Debian Etch to Debian Lenny

To upgrade a Debian Etch (stable) installation to testing Debian Lenny (unstable), you can do the following steps

  1. Edit sources.list
    sudo vi /etc/apt/sources.list

    change all occurences of the word etch for lenny, or stable for testing

  2. Do the update and upgrade
    sudo apt-get update && apt-get dist-upgrade

That is all that is needed to upgrade Debian Etch to Debian Lenny which is expected to be released fall 2008. The process can be reversed if you would like to revert from Lenny to Etch, just change back your changes in sources.list
One note is that you will need to install a new kernel because the Etch kernel is not automatically updated when perform the upgrade to Lenny.