Package locked in AppCafe, still upgraded by Update Manager


This is kind of a strange one. As I said in a previous post I loathe the new Firefox, as most plugins (including noscript and lastpass and several others) are disabled or not available. So I chose to stay on 56.0.1 until the plugin writers can catch up.

This was all well and good for the last two updates ~10/16 or 10/17. However, with the update that just ran on my system, even though firefox is locked, it got upgraded to 57.0.

Firefox is locked, I tried locking it again, and it says “already locked.” So how is the update manager overriding the setting?

My laundry list of issues with UNSTABLE (October 19/2017- RELEASE) as follow:

Quick answer:
Pc-updatemanager simply made a list of all locked packages, unlocked them, did the updates, then re-locked the packages.

Long Answer:
Package locks work great for ensuring that some packages are never un-installed due to conflicts with a new app you are trying to install, or other safety measures like that.
When it comes to doing updates, package locks are the thing of nightmares. The reason for this is twofold:

  1. Desyncing the locked package from its unlocked dependencies. This results in a random/high chance that the locked package will no longer run. If the dependencies are also locked, you get a cascading lack of changes through your entire system dependency tree. In this case, it would probably be better to just not do any updates.
  2. System ABI version updates. When the system ABI changes (a regular occurance on UNSTABLE), every single package must be reinstalled/updated so that it is compatible with the new system version. In my experience, any unsynced binary instantly seg-faults if it does not match the system ABI version.


Okay, well, when you put it that way, I guess it is a good idea not to keep packages locked. My only experience is with Debian packages, where you can hold packages. For instance, I run Compiz on top of KDE, instead of kwin (more used to the interface after all of these years of running it). I have it held, and it hasn’t seemed to have a problem. But maybe those are leaf packages.

I guess at this point, I will install firefox-esr, and wait for the other shoe to fall. :slight_smile: